endurer - 2008-9-7 16:53:00
附件: 您所在的用户组无法下载或查看附件解压密码:virus
文件说明符 : C:\WINDOWS\system32\drivers\beep.sys
属性 : A---
数字签名:否
PE文件:是
获取文件版本信息大小失败!
创建时间 : 2002-10-7 12:0:0
修改时间 : 2008-9-5 16:9:0
大小 : 16256 字节 15.896 KB
MD5 : 17520c1ec38c2b92498be0ac75fa9729
SHA1: 7BCB155B57ADD016C1CEA91E0773BA92097F96D3
CRC32: 253b01e1
文件 beep.sys 接收于 2008.09.07 10:50:48 (CET) 结果: 12/36 (33.34%)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 |
| AhnLab-V3 | 2008.9.6.0 | 2008.09.06 | - |
| AntiVir | 7.8.1.28 | 2008.09.05 | TR/Onlinegames.tbnn |
| Authentium | 5.1.0.4 | 2008.09.06 | - |
| Avast | 4.8.1195.0 | 2008.09.06 | Win32:Agent-ZMQ |
| AVG | 8.0.0.161 | 2008.09.07 | PSW.OnlineGames.AZFZ |
| BitDefender | 7.2 | 2008.09.07 | - |
| CAT-QuickHeal | 9.50 | 2008.09.06 | - |
| ClamAV | 0.93.1 | 2008.09.07 | - |
| DrWeb | 4.44.0.09170 | 2008.09.06 | Trojan.NtRootKit.1469 |
| eSafe | 7.0.17.0 | 2008.09.03 | - |
| eTrust-Vet | 31.6.6072 | 2008.09.05 | - |
| Ewido | 4.0 | 2008.09.06 | - |
| F-Prot | 4.4.4.56 | 2008.09.06 | - |
| F-Secure | 8.0.14332.0 | 2008.09.07 | Trojan-GameThief.Win32.OnLineGames.tbnn |
| Fortinet | 3.112.0.0 | 2008.09.07 | Spy/OnLineGames |
| GData | 19 | 2008.09.07 | Trojan-GameThief.Win32.OnLineGames.tbnn |
| Ikarus | T3.1.1.34.0 | 2008.09.07 | - |
| K7AntiVirus | 7.10.443 | 2008.09.05 | - |
| Kaspersky | 7.0.0.125 | 2008.09.07 | Trojan-GameThief.Win32.OnLineGames.tbnn |
| McAfee | 5378 | 2008.09.05 | - |
| Microsoft | 1.3903 | 2008.09.07 | VirTool:WinNT/Idicaf.C |
| NOD32v2 | 3423 | 2008.09.06 | a variant of Win32/PSW.OnLineGames.NVH |
| Norman | 5.80.02 | 2008.09.05 | W32/OnLineGames.BRPA |
| Panda | 9.0.0.4 | 2008.09.06 | - |
| PCTools | 4.4.2.0 | 2008.09.06 | - |
| Prevx1 | V2 | 2008.09.07 | - |
| Rising | 20.60.61.00 | 2008.09.07 | - |
| Sophos | 4.33.0 | 2008.09.07 | - |
| Sunbelt | 3.1.1610.1 | 2008.09.05 | - |
| Symantec | 10 | 2008.09.07 | - |
| TheHacker | 6.3.0.8.075 | 2008.09.06 | - |
| TrendMicro | 8.700.0.1004 | 2008.09.05 | - |
| VBA32 | 3.12.8.5 | 2008.09.06 | - |
| ViRobot | 2008.9.5.1365 | 2008.09.06 | - |
| VirusBuster | 4.5.11.0 | 2008.09.06 | - |
| Webwasher-Gateway | 6.6.2 | 2008.09.05 | Trojan.Onlinegames.tbnn |
| 附加信息 |
| File size: 16256 bytes |
| MD5...: 17520c1ec38c2b92498be0ac75fa9729 |
| SHA1..: 7bcb155b57add016c1cea91e0773ba92097f96d3 |
| SHA256: 3b0d6e22916ecec365570ce821c3e7fefe2a3829dd6e7f31114778e2231e628c |
| SHA512: 3a6d17a3cadb9617cfd8f36f603c76ad663a01beccc2b3ebfdb76a89b17bfe76 a5707acc447b42b629fa89b4fcbe43b252138129530eb5f52017ebd5bd1bc533 |
| PEiD..: - |
| TrID..: File type identification Win32 Executable Generic (51.1%) Win16/32 Executable Delphi generic (12.4%) Clipper DOS Executable (12.1%) Generic Win/DOS Executable (12.0%) DOS Executable Generic (12.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1387e timedatestamp.....: 0x48b943bc (Sat Aug 30 12:57:32 2008) machinetype.......: 0x14c (I386) ( 6 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x480 0x1f34 0x1f80 6.33 94823421b916bc72963532c374c272d6 .rdata 0x2400 0x1e4 0x200 3.75 9ceeae6b76498caaccbab91af5b3f23f .data 0x2600 0x9c0 0xa00 1.58 3155297e4c773ae78ef7be7854535ef0 PAGE 0x3000 0x449 0x480 5.80 8ccfdcf5c068494410cc5f6fae9232ca INIT 0x3480 0xa3a 0xa80 5.92 7ac0edf3335e2a07a168098d454494a5 .reloc 0x3f00 0x294 0x300 5.34 12982e814cb19d3f2076abc45f399865 ( 2 imports ) > ntoskrnl.exe: IofCompleteRequest, ZwClose, RtlFreeAnsiString, RtlUnicodeStringToAnsiString, ZwQuerySymbolicLinkObject, wcscpy, ZwOpenSymbolicLinkObject, RtlInitUnicodeString, IoGetConfigurationInformation, IoGetDeviceObjectPointer, IoFreeIrp, IoFreeMdl, MmUnlockPages, DbgPrint, RtlImageDirectoryEntryToData, _except_handler3, ZwQuerySystemInformation, ExAllocatePoolWithTag, strstr, _strlwr, ObReferenceObjectByName, IoDriverObjectType, MmMapLockedPagesSpecifyCache, KeSetEvent, IoAllocateMdl, ZwTerminateProcess, KeServiceDescriptorTable, wcstombs, ProbeForRead, RtlRandom, KeTickCount, ExfInterlockedInsertTailList, IofCallDriver, KeGetCurrentThread, IoAllocateIrp, KeInitializeEvent, PsTerminateSystemThread, ExfInterlockedRemoveHeadList, KeSetPriorityThread, ObReferenceObjectByHandle, PsCreateSystemThread, KeInitializeSpinLock, IoCreateSymbolicLink, IoCreateDevice, swprintf, ZwMakeTemporaryObject, ZwCreateDirectoryObject, wcscat, KeBugCheckEx, KeWaitForSingleObject, ObfDereferenceObject, ExFreePoolWithTag, MmProbeAndLockPages, IoDeleteDevice > HAL.dll: KfRaiseIrql, KfLowerIrql, KeGetCurrentIrql, KeStallExecutionProcessor ( 0 exports ) |
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon)