0 Replies Latest reply on Aug 23, 2010 1:14 PM by toninhonunes

    Artemis!D077FF2F5C45 False Positive?

      Hi,

       

      I'm Antonio from Brazil I'm system developer, my app are make with Borland Delphi 7 on Windows XP Professional SP3, the compiled app are detected like trojan, but I did test at http://www.virustotal.com/ and just only Mcafee detected like trojan, why?

       

      http://www.virustotal.com/file-scan/report.html?id=51f10c2e3b6153027dcb848119614 79d9061feb744ddb6dabbee1afc6a58c4e9-1282581445

       

      That problem happened in the my client and your antivirus delete my app and warning like trojan, my antivírus is norton 2010 and nothing is detected, help me please.

       

      0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
      File name:
      sindical.exe
      Submission date:
      2010-08-23 16:37:25 (UTC)
      Current status:

      VT Community

      not reviewed
      Safety score: -

      AntivirusVersionLast UpdateResult
      AhnLab-V32010.08.23.062010.08.23-
      AntiVir8.2.4.382010.08.23-
      Antiy-AVL2.0.3.72010.08.23-
      Authentium5.2.0.52010.08.23-
      Avast4.8.1351.02010.08.22-
      Avast55.0.332.02010.08.22-
      AVG9.0.0.8512010.08.23-
      BitDefender7.22010.08.23-
      CAT-QuickHeal11.002010.08.23-
      ClamAV0.96.2.0-git2010.08.23-
      Comodo58302010.08.23-
      DrWeb5.0.2.033002010.08.23-
      Emsisoft5.0.0.372010.08.23-
      eSafe7.0.17.02010.08.23-
      eTrust-Vet36.1.78082010.08.23-
      F-Prot4.6.1.1072010.08.22-
      F-Secure9.0.15370.02010.08.23-
      Fortinet4.1.143.02010.08.23-
      GData212010.08.23-
      IkarusT3.1.1.88.02010.08.23-
      Jiangmin13.0.9002010.08.23-
      Kaspersky7.0.0.1252010.08.23-
      McAfee5.400.0.11582010.08.23Artemis!D077FF2F5C45
      McAfee-GW-Edition2010.1B2010.08.23Artemis!D077FF2F5C45
      Microsoft1.61032010.08.23-
      NOD3253892010.08.23-
      Norman6.05.112010.08.23-
      nProtect2010-08-23.012010.08.23-
      Panda10.0.2.72010.08.23-
      PCTools7.0.3.52010.08.23-
      Prevx3.02010.08.23-
      Rising22.62.00.042010.08.23-
      Sophos4.56.02010.08.23-
      Sunbelt67792010.08.23-
      SUPERAntiSpyware4.40.0.10062010.08.23-
      Symantec20101.1.1.72010.08.23-
      TheHacker6.5.2.1.3552010.08.23-
      TrendMicro9.120.0.10042010.08.23-
      TrendMicro-HouseCall9.120.0.10042010.08.23-
      VBA323.12.14.02010.08.23-
      ViRobot2010.8.23.40032010.08.23-
      VirusBuster5.0.27.02010.08.23-
      Additional information
      MD5   : db95d5376ffdf507fb02b1aebc77bbd6
      SHA1  : 53da5976f5d91c3216664d07b453c9823962699a
      SHA256: 51f10c2e3b6153027dcb84811961479d9061feb744ddb6dabbee1afc6a58c4e9
      ssdeep: 393216:7RQziYaUUj7u5lh0/Lgc0kB9p1TaddBC9:lccXnj9
      File size : 12718080 bytes
      First seen: 2010-08-23 16:37:25
      Last seen : 2010-08-23 16:37:25
      TrID:
      InstallShield setup (25.1%)
      Win32 EXE PECompact compressed (generic) (24.2%)
      UPX compressed Win32 Executable (17.8%)
      Win32 EXE Yoda's Crypter (15.5%)
      Win32 Executable Delphi generic (8.5%)
      sigcheck:
      publisher....: n/a
      copyright....: n/a
      product......: n/a
      description..: n/a
      original name: n/a
      internal name: n/a
      file version.: n/a
      comments.....: n/a
      signers......: -
      signing date.: -
      verified.....: Unsigned
      PEiD: BobSoft Mini Delphi -> BoB / BobSoft
      packers (F-Prot): UPX
      PEInfo: PE structure information

      [[ basic data ]]
      entrypointaddress: 0x7BAA88
      timedatestamp....: 0x2A425E19 (Fri Jun 19 22:22:17 1992)
      machinetype......: 0x14c (I386)

      [[ 9 section(s) ]]
      name, viradd, virsiz, rawdsiz, ntropy, md5
      CODE, 0x1000, 0x7B9B8C, 0x7B9C00, 6.55, 91201588877a3f8e7b4fe81e86e883ea
      DATA, 0x7BB000, 0x1AA28, 0x1AC00, 5.75, f99c9e06de3771b518706761a03936f1
      BSS, 0x7D6000, 0x8EB1, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
      .idata, 0x7DF000, 0x4C1A, 0x4E00, 5.02, 5565a76c51a40464e20d3c1c83756f19
      .edata, 0x7E4000, 0x2C7, 0x400, 4.23, c4b6e5432d4b305da7844f1e8d110074
      .tls, 0x7E5000, 0x128, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
      .rdata, 0x7E6000, 0x18, 0x200, 0.21, ccde4d4b544528a99ae24bba255bf540
      .reloc, 0x7E7000, 0x7DF9C, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
      .rsrc, 0x865000, 0x447000, 0x447000, 6.70, 9ee6e779e970bde5f3a357844716f1ac

      [[ 41 import(s) ]]
      kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetTickCount, QueryPerformanceCounter, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, SetCurrentDirectoryA, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCurrentDirectoryA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
      user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
      advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
      oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen
      kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
      advapi32.dll: RegSetValueExA, RegQueryValueExA, RegQueryValueA, RegQueryInfoKeyA, RegOpenKeyExA, RegFlushKey, RegEnumValueA, RegEnumKeyExA, RegDeleteValueA, RegDeleteKeyA, RegCreateKeyExA, RegCloseKey, OpenProcessToken, LookupPrivilegeNameA, GetUserNameA, GetTokenInformation
      kernel32.dll: lstrlenW, lstrlenA, lstrcpynA, lstrcpyA, lstrcmpiA, lstrcmpA, lstrcatA, WriteProcessMemory, WritePrivateProfileStringA, WriteFile, WinExec, WideCharToMultiByte, WaitForSingleObject, WaitForMultipleObjects, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, UnmapViewOfFile, TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, TerminateThread, TerminateProcess, SuspendThread, Sleep, SizeofResource, SetThreadPriority, SetThreadLocale, SetLastError, SetFilePointer, SetFileAttributesA, SetEvent, SetErrorMode, SetEnvironmentVariableA, SetEndOfFile, SearchPathA, ResumeThread, ResetEvent, RemoveDirectoryA, ReleaseMutex, ReadProcessMemory, ReadFile, RaiseException, QueryPerformanceFrequency, QueryPerformanceCounter, OutputDebugStringA, OpenProcess, OpenFileMappingA, MultiByteToWideChar, MulDiv, MoveFileA, MapViewOfFile, LockResource, LocalFree, LoadResource, LoadLibraryExA, LoadLibraryA, LeaveCriticalSection, LCMapStringA, IsValidLocale, IsDBCSLeadByte, IsBadReadPtr, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalMemoryStatus, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVersionExA, GetVersion, GetUserDefaultLCID, GetTimeZoneInformation, GetTickCount, GetThreadPriority, GetThreadLocale, GetThreadContext, GetTempPathA, GetTempFileNameA, GetSystemTime, GetSystemInfo, GetSystemDirectoryA, GetSystemDefaultLangID, GetStringTypeA, GetStringTypeExA, GetStdHandle, GetStartupInfoA, GetProfileStringA, GetProfileIntA, GetProcAddress, GetPrivateProfileStringA, GetPriorityClass, GetOEMCP, GetModuleHandleA, GetModuleFileNameA, GetLogicalDrives, GetLocaleInfoW, GetLocaleInfoA, GetLocalTime, GetLastError, GetHandleInformation, GetFullPathNameA, GetFileSize, GetFileAttributesA, GetExitCodeThread, GetExitCodeProcess, GetEnvironmentVariableA, GetDriveTypeA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, GetCurrentDirectoryA, GetComputerNameA, GetCommandLineA, GetCPInfo, GetACP, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FlushInstructionCache, FindResourceA, FindNextFileA, FindNextChangeNotification, FindFirstFileA, FindCloseChangeNotification, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, FatalAppExitA, ExpandEnvironmentStringsA, ExitThread, EnumSystemLocalesA, EnumCalendarInfoA, EnterCriticalSection, DuplicateHandle, DeleteFileA, DeleteCriticalSection, CreateThread, CreateProcessA, CreateMutexA, CreateFileMappingA, CreateFileA, CreateEventA, CreateDirectoryA, CopyFileA, CompareStringA, CloseHandle
      version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
      gdi32.dll: WidenPath, UnrealizeObject, TextOutA, StrokePath, StrokeAndFillPath, StretchDIBits, StretchBlt, StartPage, StartDocA, SetWindowOrgEx, SetWindowExtEx, SetWinMetaFileBits, SetViewportOrgEx, SetViewportExtEx, SetTextCharacterExtra, SetTextColor, SetTextAlign, SetStretchBltMode, SetROP2, SetPixel, SetPaletteEntries, SetMetaRgn, SetMapMode, SetGraphicsMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SetArcDirection, SetAbortProc, SelectPalette, SelectObject, SelectClipRgn, SelectClipPath, SaveDC, RoundRect, RestoreDC, ResizePalette, ResetDCA, Rectangle, RectVisible, RealizePalette, PtVisible, PtInRegion, Polyline, Polygon, PolyPolyline, PolyBezierTo, PlayEnhMetaFile, Pie, PatBlt, OffsetRgn, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetViewportOrgEx, GetTextMetricsA, GetTextExtentPointW, GetTextExtentPointA, GetTextExtentPoint32W, GetTextExtentPoint32A, GetTextExtentExPointW, GetTextExtentExPointA, GetTextColor, GetTextCharacterExtra, GetTextAlign, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetOutlineTextMetricsA, GetObjectA, GetNearestPaletteIndex, GetNearestColor, GetMapMode, GetFontData, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionA, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetCurrentObject, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBkMode, GetBkColor, GetBitmapBits, GdiFlush, ExtTextOutW, ExtTextOutA, ExtSelectClipRgn, ExtCreatePen, ExcludeClipRect, Escape, EnumFontsA, EnumFontFamiliesExA, EnumFontFamiliesA, EnumEnhMetaFile, EndPath, EndPage, EndDoc, Ellipse, DeleteObject, DeleteMetaFile, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRoundRectRgn, CreateRectRgnIndirect, CreateRectRgn, CreatePolygonRgn, CreatePenIndirect, CreatePen, CreatePatternBrush, CreatePalette, CreateICA, CreateHatchBrush, CreateHalftonePalette, CreateFontIndirectA, CreateFontA, CreateEnhMetaFileA, CreateEllipticRgnIndirect, CreateDIBitmap, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, CloseEnhMetaFile, BitBlt, BeginPath, ArcTo, Arc, AbortDoc
      user32.dll: CreateWindowExW, CreateWindowExA, keybd_event, WindowFromPoint, WinHelpA, WaitMessage, WaitForInputIdle, VkKeyScanA, ValidateRect, UpdateWindow, UnregisterClassW, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, ToAscii, SystemParametersInfoA, SubtractRect, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, ShowCaret, SetWindowRgn, SetWindowsHookExA, SetWindowTextW, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetKeyboardState, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCaretPos, SetCapture, SetActiveWindow, SendMessageTimeoutA, SendMessageW, SendMessageA, SendDlgItemMessageA, ScrollWindowEx, ScrollWindow, ScrollDC, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassW, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharBuffA, OemToCharA, MsgWaitForMultipleObjects, MoveWindow, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LockWindowUpdate, LoadStringA, LoadKeyboardLayoutA, LoadImageA, LoadIconA, LoadCursorFromFileA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsClipboardFormatAvailable, IsChild, IsCharAlphaNumericA, IsCharAlphaA, InvalidateRgn, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, HideCaret, GetWindowThreadProcessId, GetWindowTextLengthW, GetWindowTextW, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetUpdateRect, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageTime, GetMessagePos, GetMessageA, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenuDefaultItem, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDoubleClickTime, GetDlgItem, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardFormatNameA, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoW, GetClassInfoA, GetCaretPos, GetCapture, GetAsyncKeyState, GetActiveWindow, FrameRect, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumClipboardFormats, EndPaint, EndDialog, EndDeferWindowPos, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextExA, DrawTextW, DrawTextA, DrawStateA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageA, DialogBoxParamA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DestroyCaret, DestroyAcceleratorTable, DeleteMenu, DeferWindowPos, DefWindowProcW, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CreateDialogParamA, CreateCaret, CreateAcceleratorTableA, CopyRect, CopyImage, CloseClipboard, ClientToScreen, ChildWindowFromPoint, CheckMenuItem, CallWindowProcW, CallWindowProcA, CallNextHookEx, BringWindowToTop, BeginPaint, BeginDeferWindowPos, AppendMenuA, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharUpperA, CharToOemBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout
      ole32.dll: IsEqualGUID, CoTaskMemFree, StringFromCLSID, CoCreateGuid
      kernel32.dll: Sleep
      oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayRedim, SafeArrayCreate, VariantChangeType, VariantCopyInd, VariantCopy, VariantClear, VariantInit
      ole32.dll: CreateStreamOnHGlobal, CreateILockBytesOnHGlobal, GetHGlobalFromILockBytes, OleGetIconOfClass, ReleaseStgMedium, OleRun, OleDraw, OleSetMenuDescriptor, OleGetClipboard, OleSetClipboard, DoDragDrop, RevokeDragDrop, RegisterDragDrop, OleSetContainedObject, OleSave, OleLoad, OleCreateFromFile, OleCreateLinkToFile, OleCreateLinkFromData, OleCreateFromData, OleCreate, OleUninitialize, OleInitialize, CreateBindCtx, StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateDataAdviseHolder, CoTaskMemFree, CoTaskMemAlloc, CoCreateGuid, StringFromGUID2, CLSIDFromProgID, CoCreateInstance, CoGetMalloc, CoUninitialize, CoInitialize, IsEqualGUID
      oleaut32.dll: CreateErrorInfo, GetErrorInfo, SetErrorInfo, UnRegisterTypeLib, RegisterTypeLib, LoadTypeLib, SafeArrayCopy, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayRedim, SafeArrayDestroy, SafeArrayDestroyDescriptor, SafeArrayCreate, SafeArrayAllocData, SafeArrayAllocDescriptor, SysStringLen, SysFreeString
      shell32.dll: Shell_NotifyIconA, ShellExecuteExA, ShellExecuteA, SHGetFileInfoA, DragQueryFileA, DragFinish, DragAcceptFiles
      wsock32.dll: WSACleanup, WSAStartup, WSAGetLastError, WSAAsyncSelect, gethostname, gethostbyname, socket, send, recv, ioctlsocket, htons, connect, closesocket
      gdi32.dll: TranslateCharsetInfo
      comctl32.dll: ImageList_Destroy, ImageList_Add, ImageList_Create
      winspool.drv: WritePrinter, StartPagePrinter, StartDocPrinterA, OpenPrinterA, GetPrinterDriverA, EnumPrintersA, EndPagePrinter, EndDocPrinter, DocumentPropertiesA, DeviceCapabilitiesA, ClosePrinter
      comctl32.dll: FlatSB_SetScrollPos, FlatSB_SetScrollInfo, FlatSB_GetScrollInfo, _TrackMouseEvent, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_GetIcon, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_SetOverlayImage, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
      wininet.dll: HttpSendRequestExA, InternetAttemptConnect, HttpEndRequestA, InternetWriteFile, InternetSetOptionA, InternetReadFile, InternetQueryOptionA, InternetQueryDataAvailable, InternetOpenA, InternetErrorDlg, InternetCrackUrlA, InternetConnectA, InternetCloseHandle, HttpSendRequestA, HttpQueryInfoA, HttpOpenRequestA, HttpAddRequestHeadersA, DeleteUrlCacheEntry
      URLMON.DLL: URLDownloadToFileA
      shell32.dll: SHGetSpecialFolderLocation, SHGetPathFromIDListA, SHGetMalloc, SHGetDesktopFolder, SHBrowseForFolderA
      comdlg32.dll: PageSetupDlgA, PrintDlgA, ChooseFontA, ReplaceTextA, FindTextA, ChooseColorA, GetSaveFileNameA, GetOpenFileNameA
      kernel32.dll: MulDiv
      winmm.dll: timeGetTime, timeEndPeriod, timeBeginPeriod, sndPlaySoundA
      kernel32.dll: GetVersionExA
      gdi32.dll: TranslateCharsetInfo
      usp10.dll: ScriptPlace, ScriptShape, ScriptLayout, ScriptItemize, ScriptFreeCache
      oledlg.dll: OleUIObjectPropertiesA, OleUIInsertObjectA
      user32.dll: NotifyWinEvent
      GDI32.DLL: GetRandomRgn
      Mp2032.dll: VerificaPapelPresenter, ConfiguraModeloImpressora, AutenticaDoc, FormataTX, FechaPorta, IniciaPorta
      ole32.dll: CoUninitialize, CoInitialize
      shell32.dll: SHGetMalloc, SHGetDesktopFolder
      ole32.dll: CoCreateInstance, CoTaskMemFree
      ole32.dll: DoDragDrop, RegisterDragDrop
      kernel32.dll: FindFirstChangeNotificationA
      shell32.dll: SHGetInstanceExplorer
      kernel32.dll: CreateMutexA

      [[ 16 export(s) ]]
      EurekaLog_AttachedFilesRequestEvent, EurekaLog_CallCreateThread, EurekaLog_CallExceptObject, EurekaLog_CallExitThread, EurekaLog_CallGeneralRaise, EurekaLog_CallResumeThread, EurekaLog_CustomButtonClickEvent, EurekaLog_CustomDataRequestEventEx, EurekaLog_CustomWebFieldsRequestEvent, EurekaLog_ExceptionActionNotifyEvent, EurekaLog_ExceptionErrorNotifyEvent, EurekaLog_ExceptionNotifyEvent, EurekaLog_HandledExceptionNotifyEvent, EurekaLog_PasswordRequestEvent, EurekaLog_PasswordRequestEventEx, ExceptionManager
      Symantec reputation:Suspicious.Insight

       

       

      Message was edited by: April Jacobs to remove attachment.  on 8/23/10 1:14:51 PM CDT