Trojan.Win32.StartPage.cyk bbs.ikaka.com

hyperion - 2008-11-12 18:50:00

文件 taskmagr.exe 接收于 2008.11.12 11:42:31 (CET)
结果: 21/36 (58.34%)

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.11.11.2	2008.11.12	-
AntiVir	7.9.0.31	2008.11.12	TR/StartPage.cyk
Authentium	5.1.0.4	2008.11.12	-
Avast	4.8.1248.0	2008.11.11	Win32:Trojan-gen {Other}
AVG	8.0.0.161	2008.11.11	Startpage.DGL
BitDefender	7.2	2008.11.12	-
CAT-QuickHeal	9.50	2008.11.12	-
ClamAV	0.94.1	2008.11.12	-
DrWeb	4.44.0.09170	2008.11.12	-
eSafe	7.0.17.0	2008.11.11	-
eTrust-Vet	31.6.6203	2008.11.11	-
Ewido	4.0	2008.11.11	-
F-Prot	4.4.4.56	2008.11.11	-
F-Secure	8.0.14332.0	2008.11.12	Trojan.Win32.StartPage.cyk
Fortinet	3.117.0.0	2008.11.12	W32/StartPage.CYK!tr
GData	19	2008.11.12	Win32:Trojan-gen {Other}
Ikarus	T3.1.1.45.0	2008.11.12	Trojan.Win32.StartPage.cyk
K7AntiVirus	7.10.522	2008.11.11	Trojan.Win32.StartPage.cyk
Kaspersky	7.0.0.125	2008.11.12	Trojan.Win32.StartPage.cyk
McAfee	5431	2008.11.12	Generic StartPage
Microsoft	1.4104	2008.11.12	Trojan:Win32/Dreammon.C
NOD32	3605	2008.11.12	Win32/Agent.OKM
Norman	5.80.02	2008.11.11	W32/Startpage.KBG
Panda	9.0.0.4	2008.11.11	Suspicious file
PCTools	4.4.2.0	2008.11.11	-
Prevx1	V2	2008.11.12	Worm
Rising	21.03.22.00	2008.11.12	-
SecureWeb-Gateway	6.7.6	2008.11.12	Trojan.StartPage.cyk
Sophos	4.35.0	2008.11.12	Mal/Behav-204
Sunbelt	3.1.1785.2	2008.11.11	Backdoor.Win32.S (vf)
Symantec	10	2008.11.12	-
TheHacker	6.3.1.1.149	2008.11.12	-
TrendMicro	8.700.0.1004	2008.11.12	TROJ_STARTPA.JE
VBA32	3.12.8.9	2008.11.11	Trojan.Win32.StartPage.cyk
ViRobot	2008.11.12.1463	2008.11.12	Spyware.StartPage.91648
VirusBuster	4.5.11.0	2008.11.11	-

附加信息

File size: 91648 bytes

MD5...: 8e4dc48b5b3595378f5a157acd9137d0

SHA1..: 5254c1124e6378363bd5a632cc6643c137337c31

SHA256: 2f5b8cba8649a58313702ec93599f811b45b747862b90c447154a43b009d100b

SHA512: 54f68ef7a1228e4a367fd9c05f4c8d3722aa692f9cbc5d914d99c20c7cae7ac9
77952667979a55e9e3c4a8c9f7939cdf43e9de4e8d1bda5323bf46289317ce0d

PEiD..: Armadillo v1.71

TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4150ef
timedatestamp.....: 0x490f0548 (Mon Nov 03 14:06:00 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1461e 0x14800 6.92 2de2ed2ae7bb3a0d25a55adc8c25e3e0
.rdata 0x16000 0xde0 0xe00 4.98 2a41abb675b2a4d182a9ff70af3a1b49
.data 0x17000 0xd4c 0xc00 4.67 d55d9a520d1087dbda0f6bfedc59a600

( 7 imports )
> KERNEL32.dll: Sleep, SuspendThread, DeleteFileA, WinExec, ResumeThread, MoveFileExA, CreateThread, MultiByteToWideChar, lstrlenA, WideCharToMultiByte, lstrlenW, LeaveCriticalSection, EnterCriticalSection, WriteFile, DeleteCriticalSection, ReadFile, GetFileSize, CreateFileA, GetVolumeInformationA, GetProcAddress, FreeLibrary, LoadLibraryA, ReleaseMutex, WaitForSingleObject, WaitNamedPipeA, GetLastError, CreateMutexA, GetStartupInfoA, GetModuleHandleA, InitializeCriticalSection, GetTempPathA, GetSystemDirectoryA, CloseHandle, GetPrivateProfileStringA
> USER32.dll: CharLowerA, SystemParametersInfoA, CharUpperA, ShowWindow, SendMessageA, SetCursorPos, ClientToScreen, FindWindowExA, RegisterWindowMessageA, SendMessageTimeoutA, FindWindowA, GetWindowThreadProcessId, mouse_event, SetForegroundWindow
> ADVAPI32.dll: RegCloseKey, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA
> ole32.dll: CoCreateInstance, CoInitialize, CoUninitialize
> OLEAUT32.dll: -, -, -, -
> MSVCRT.dll: __CxxFrameHandler, _stricmp, _controlfp, _except_handler3, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _acmdln, exit, _XcptFilter, _exit, strncmp, strstr, srand, rand, sprintf, atoi, malloc, free, localtime, time, _strlwr, wcscmp, strncpy
> NETAPI32.dll: Netbios

( 0 exports )

Prevx info: http://info.prevx.com/aboutprogr ... 1D866228100984524B5

附件: taskmagr.zip

瑞星卡卡安全论坛