发表于: 2008-11-15 15:08 | 显示全部 短消息 资料
字号: 1楼

瑞星不报1个

AhnLab-V32008.11.14.32008.11.14Win-Trojan/Downloader.17920.IM
AntiVir7.9.0.312008.11.14BDS/Backdoor.Gen
Authentium5.1.0.42008.11.14-
Avast4.8.1281.02008.11.14Win32:Trojan-gen {Other}
AVG8.0.0.1992008.11.14-
BitDefender7.22008.11.14Trojan.Agent.ALCG
CAT-QuickHeal10.002008.11.13-
ClamAV0.94.12008.11.14-
DrWeb4.44.0.091702008.11.14Trojan.DownLoad.12623
eSafe7.0.17.02008.11.13-
eTrust-Vet31.6.62082008.11.13-
Ewido4.02008.11.13-
F-Prot4.4.4.562008.11.13-
F-Secure8.0.14332.02008.11.14-
Fortinet3.117.0.02008.11.14-
GData192008.11.14Trojan.Agent.ALCG
IkarusT3.1.1.45.02008.11.14Virus.Win32.Trojan
K7AntiVirus7.10.5242008.11.13-
Kaspersky7.0.0.1252008.11.14-
McAfee54332008.11.13-
Microsoft1.41042008.11.14-
NOD3236132008.11.14Win32/Agent.OKM
Norman5.80.022008.11.14-
Panda9.0.0.42008.11.14Suspicious file
PCTools4.4.2.02008.11.13-
Prevx1V22008.11.14Worm
Rising21.03.42.002008.11.14-
SecureWeb-Gateway6.7.62008.11.14Trojan.Backdoor.Backdoor.Gen
Sophos4.35.02008.11.14-
Sunbelt3.1.1801.22008.11.14-
Symantec102008.11.14-
TheHacker6.3.1.1.1522008.11.13-
TrendMicro8.700.0.10042008.11.14-
VBA323.12.8.92008.11.13-
ViRobot2008.11.14.14682008.11.14-
VirusBuster4.5.11.02008.11.13-
附加信息
File size: 17920 bytes
MD5...: 13faa74106deb3655e5918f898951bdb
SHA1..: 1c61f2542428b7c9dc5a0fef63605e57a93305de
SHA256: 99fbadb11267a7e25d1f6add4b5f9ab00a331e815fd87e45bfb5e3af157f7ecf
SHA512: c5b5c4137d2bf84328bfea7a8d9acbd417a92dd2ae8221def5b071768e79333d
e773c920628d26a0ad227a7f3ac47fc50430c09f1537eb5c39cac77d4725b5cf
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x6470437a
timedatestamp.....: 0x490f2a28 (Mon Nov 03 16:43:20 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name        viradd    virsiz  rawdsiz  ntrpy  md5
.text      0x1000    0x3420    0x3600  7.48  93d55b2fc7637c942589d45a048faf84
.rdata      0x5000    0x6a0    0x800  4.30  87354e7b70c46c7f473a1a7b74717b32
.data      0x6000    0x2d0    0x200  4.30  9296cac617cd411d04c63a518f1847eb
.reloc      0x7000    0x21e    0x200  5.50  2db694e3494476a036af18c08beae8b4

( 5 imports ) 
>KERNEL32.dll: ConnectNamedPipe, CreateNamedPipeA, GetCurrentProcess,GetStartupInfoA, GetSystemDirectoryA, Process32Next, OpenProcess,Process32First, CreateToolhelp32Snapshot, Sleep, CreateThread,DisconnectNamedPipe, SetEvent, TerminateThread, WaitForSingleObject,CreateEventA, FreeConsole, DisableThreadLibraryCalls,GetModuleFileNameA, GetProcAddress, LoadLibraryA, FreeLibrary,ReadFile, GetTempPathA, CreateFileA, WriteFile, CloseHandle,CreateMutexA, DeleteFileA
> ADVAPI32.dll: SetServiceStatus,CreateProcessAsUserA, OpenProcessToken, LookupPrivilegeValueA,AdjustTokenPrivileges, RegisterServiceCtrlHandlerA
> urlmon.dll: URLDownloadToFileA
> WININET.dll: InternetOpenA, InternetConnectA, HttpOpenRequestA, HttpSendRequestA, HttpQueryInfoA, InternetReadFile
> MSVCRT.dll: wcstombs, _adjust_fdiv, malloc, _initterm, free, strrchr, sprintf, strncmp, _stricmp, strncpy

( 4 exports ) 
ServiceMain, SvchostPushServiceGlobals, TestCheckStatus, TestRunning


用户系统信息:Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4

附件附件:

您所在的用户组无法下载或查看附件