初生襁褓狮
|
发表于:
2008-11-12 18:50
|
显示全部
短消息
资料
Trojan.Win32.StartPage.cyk
文件 taskmagr.exe 接收于 2008.11.12 11:42:31 (CET) 结果: 21/36 (58.34%) 反病毒引擎 | 版本 | 最后更新 | 扫描结果 | AhnLab-V3 | 2008.11.11.2 | 2008.11.12 | - | AntiVir | 7.9.0.31 | 2008.11.12 | TR/StartPage.cyk | Authentium | 5.1.0.4 | 2008.11.12 | - | Avast | 4.8.1248.0 | 2008.11.11 | Win32:Trojan-gen {Other} | AVG | 8.0.0.161 | 2008.11.11 | Startpage.DGL | BitDefender | 7.2 | 2008.11.12 | - | CAT-QuickHeal | 9.50 | 2008.11.12 | - | ClamAV | 0.94.1 | 2008.11.12 | - | DrWeb | 4.44.0.09170 | 2008.11.12 | - | eSafe | 7.0.17.0 | 2008.11.11 | - | eTrust-Vet | 31.6.6203 | 2008.11.11 | - | Ewido | 4.0 | 2008.11.11 | - | F-Prot | 4.4.4.56 | 2008.11.11 | - | F-Secure | 8.0.14332.0 | 2008.11.12 | Trojan.Win32.StartPage.cyk | Fortinet | 3.117.0.0 | 2008.11.12 | W32/StartPage.CYK!tr | GData | 19 | 2008.11.12 | Win32:Trojan-gen {Other} | Ikarus | T3.1.1.45.0 | 2008.11.12 | Trojan.Win32.StartPage.cyk | K7AntiVirus | 7.10.522 | 2008.11.11 | Trojan.Win32.StartPage.cyk | Kaspersky | 7.0.0.125 | 2008.11.12 | Trojan.Win32.StartPage.cyk | McAfee | 5431 | 2008.11.12 | Generic StartPage | Microsoft | 1.4104 | 2008.11.12 | Trojan:Win32/Dreammon.C | NOD32 | 3605 | 2008.11.12 | Win32/Agent.OKM | Norman | 5.80.02 | 2008.11.11 | W32/Startpage.KBG | Panda | 9.0.0.4 | 2008.11.11 | Suspicious file | PCTools | 4.4.2.0 | 2008.11.11 | - | Prevx1 | V2 | 2008.11.12 | Worm | Rising | 21.03.22.00 | 2008.11.12 | - | SecureWeb-Gateway | 6.7.6 | 2008.11.12 | Trojan.StartPage.cyk | Sophos | 4.35.0 | 2008.11.12 | Mal/Behav-204 | Sunbelt | 3.1.1785.2 | 2008.11.11 | Backdoor.Win32.S (vf) | Symantec | 10 | 2008.11.12 | - | TheHacker | 6.3.1.1.149 | 2008.11.12 | - | TrendMicro | 8.700.0.1004 | 2008.11.12 | TROJ_STARTPA.JE | VBA32 | 3.12.8.9 | 2008.11.11 | Trojan.Win32.StartPage.cyk | ViRobot | 2008.11.12.1463 | 2008.11.12 | Spyware.StartPage.91648 | VirusBuster | 4.5.11.0 | 2008.11.11 | - |
附加信息 | File size: 91648 bytes | MD5...: 8e4dc48b5b3595378f5a157acd9137d0 | SHA1..: 5254c1124e6378363bd5a632cc6643c137337c31 | SHA256: 2f5b8cba8649a58313702ec93599f811b45b747862b90c447154a43b009d100b | SHA512: 54f68ef7a1228e4a367fd9c05f4c8d3722aa692f9cbc5d914d99c20c7cae7ac9 77952667979a55e9e3c4a8c9f7939cdf43e9de4e8d1bda5323bf46289317ce0d | PEiD..: Armadillo v1.71 | TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) | PEInfo: PE Structure information
( base data ) entrypointaddress.: 0x4150ef timedatestamp.....: 0x490f0548 (Mon Nov 03 14:06:00 2008) machinetype.......: 0x14c (I386)
( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x1461e 0x14800 6.92 2de2ed2ae7bb3a0d25a55adc8c25e3e0 .rdata 0x16000 0xde0 0xe00 4.98 2a41abb675b2a4d182a9ff70af3a1b49 .data 0x17000 0xd4c 0xc00 4.67 d55d9a520d1087dbda0f6bfedc59a600
( 7 imports ) > KERNEL32.dll: Sleep, SuspendThread, DeleteFileA, WinExec, ResumeThread, MoveFileExA, CreateThread, MultiByteToWideChar, lstrlenA, WideCharToMultiByte, lstrlenW, LeaveCriticalSection, EnterCriticalSection, WriteFile, DeleteCriticalSection, ReadFile, GetFileSize, CreateFileA, GetVolumeInformationA, GetProcAddress, FreeLibrary, LoadLibraryA, ReleaseMutex, WaitForSingleObject, WaitNamedPipeA, GetLastError, CreateMutexA, GetStartupInfoA, GetModuleHandleA, InitializeCriticalSection, GetTempPathA, GetSystemDirectoryA, CloseHandle, GetPrivateProfileStringA > USER32.dll: CharLowerA, SystemParametersInfoA, CharUpperA, ShowWindow, SendMessageA, SetCursorPos, ClientToScreen, FindWindowExA, RegisterWindowMessageA, SendMessageTimeoutA, FindWindowA, GetWindowThreadProcessId, mouse_event, SetForegroundWindow > ADVAPI32.dll: RegCloseKey, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA > ole32.dll: CoCreateInstance, CoInitialize, CoUninitialize > OLEAUT32.dll: -, -, -, - > MSVCRT.dll: __CxxFrameHandler, _stricmp, _controlfp, _except_handler3, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln, exit, _XcptFilter, _exit, strncmp, strstr, srand, rand, sprintf, atoi, malloc, free, localtime, time, _strlwr, wcscmp, strncpy > NETAPI32.dll: Netbios
( 0 exports )
| Prevx info: http://info.prevx.com/aboutprogr ... 1D866228100984524B5 |
附件:
您所在的用户组无法下载或查看附件
hyperion 最后编辑于 2008-11-12 18:58:39
|