endurer - 2009-2-24 20:43:00
附件: 您所在的用户组无法下载或查看附件解压密码: virus
文件 Lvgx.dll 接收于 2009.02.24 13:20:31 (CET)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 |
| a-squared | 4.0.0.93 | 2009.02.24 | Trojan-Downloader.Win32.Small!IK |
| AhnLab-V3 | 2009.2.24.0 | 2009.02.24 | - |
| AntiVir | 7.9.0.88 | 2009.02.24 | ADSPY/AdPlus.A.2 |
| Authentium | 5.1.0.4 | 2009.02.24 | - |
| Avast | 4.8.1335.0 | 2009.02.23 | Win32:QQPass-SE |
| AVG | 8.0.0.237 | 2009.02.24 | - |
| BitDefender | 7.2 | 2009.02.24 | Trojan.Generic.188614 |
| CAT-QuickHeal | 10.00 | 2009.02.22 | - |
| ClamAV | 0.94.1 | 2009.02.24 | - |
| Comodo | 983 | 2009.02.20 | - |
| DrWeb | 4.44.0.09170 | 2009.02.24 | DLOADER.Trojan |
| eSafe | 7.0.17.0 | 2009.02.19 | - |
| eTrust-Vet | 31.6.6369 | 2009.02.23 | - |
| F-Prot | 4.4.4.56 | 2009.02.24 | - |
| F-Secure | 8.0.14470.0 | 2009.02.24 | Trojan-PSW.Win32.QQPass.bmm |
| Fortinet | 3.117.0.0 | 2009.02.24 | - |
| GData | 19 | 2009.02.24 | Trojan.Generic.188614 |
| Ikarus | T3.1.1.45.0 | 2009.02.24 | Trojan-Downloader.Win32.Small |
| K7AntiVirus | 7.10.639 | 2009.02.21 | Trojan-PSW.Win32.QQPass.bmm |
| Kaspersky | 7.0.0.125 | 2009.02.24 | Trojan-PSW.Win32.QQPass.bmm |
| McAfee | 5534 | 2009.02.23 | - |
| McAfee+Artemis | 5534 | 2009.02.23 | - |
| Microsoft | 1.4306 | 2009.02.24 | - |
| NOD32 | 3885 | 2009.02.24 | a variant of Win32/Adware.TencentAd |
| Norman | 6.00.06 | 2009.02.23 | W32/QQPass.JVG |
| nProtect | 2009.1.8.0 | 2009.02.24 | - |
| Panda | 10.0.0.10 | 2009.02.23 | - |
| PCTools | 4.4.2.0 | 2009.02.24 | - |
| Rising | 21.18.12.00 | 2009.02.24 | - |
| SecureWeb-Gateway | 6.7.6 | 2009.02.24 | Ad-Spyware.AdPlus.A.2 |
| Sophos | 4.39.0 | 2009.02.24 | - |
| Sunbelt | 3.2.1856.2 | 2009.02.24 | - |
| Symantec | 10 | 2009.02.24 | - |
| TheHacker | 6.3.2.5.264 | 2009.02.24 | - |
| TrendMicro | 8.700.0.1004 | 2009.02.24 | - |
| VBA32 | 3.12.10.0 | 2009.02.24 | Trojan-PSW.Win32.QQPass.bmm |
| ViRobot | 2009.2.24.1621 | 2009.02.24 | - |
| VirusBuster | 4.5.11.0 | 2009.02.24 | - |
| 附加信息 |
| File size: 122978 bytes |
| MD5...: bc1f46d408a547c1b16296d207d1ec31 |
| SHA1..: 54abcadbae327cfe3fa5cf9fc191eb299d205fdd |
| SHA256: 5aacf2122d6c25c1d01e433d962847e1c4d184bdfd4fab74886e9865e4b5c6b4 |
| SHA512: 6e4e0fa7fa47e917cfea736d73955fb599b15cb3a3154ee192997d60add7c5a4 d6295f2e5601d4e63680892feffedb234c177b4aae9ae51ff8acf7ca03cc3207 |
| ssdeep: 3072:QDb3SSU83GMC9V3Jf4qDZXwqsUOz8mlanRz:Qv5WVV14qDZXwqsx4ml2z |
| PEiD..: Armadillo v1.xx - v2.xx |
| TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1001252a timedatestamp.....: 0x44c1d87e (Sat Jul 22 07:49:18 2006) machinetype.......: 0x14c (I386) ( 7 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x11915 0x11a00 6.15 da48f633d48d21eedf9b67c8375dca11 .rdata 0x13000 0x3408 0x3600 6.48 e78685f8fc286d61ba1d6f67182bc65c .data 0x17000 0x1e1c 0xc00 5.12 53a9dfcbd42d0caac4ae6f36f8ece735 Shared_T 0x19000 0x10 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b Shared_H 0x1a000 0x1c 0x200 0.02 56e42bf59b2d40734fbdf3318f29d7d4 .rsrc 0x1b000 0x3a8 0x400 3.22 9daeb311d88057d5d075f89c93ec0131 .reloc 0x1c000 0x1ef0 0x2000 5.82 e037bf33c1a533c309024f14cf65a308 ( 10 imports ) > KERNEL32.dll: GetExitCodeThread, CreateRemoteThread, VirtualAllocEx, lstrlenW, OpenProcess, MultiByteToWideChar, WideCharToMultiByte, SetLastError, TlsSetValue, TlsGetValue, SystemTimeToFileTime, GetSystemTime, lstrlenA, IsBadWritePtr, TlsAlloc, TlsFree, GetLastError, CreateMutexA, GetModuleFileNameW, lstrcpynA, GetVersionExA, VirtualFreeEx, MapViewOfFile, CreateFileMappingA, OpenFileMappingA, UnmapViewOfFile, LeaveCriticalSection, EnterCriticalSection, ReadFile, GetFileSize, CreateFileA, GetShortPathNameA, GetLongPathNameA, OpenMutexA, GetACP, IsDebuggerPresent, LoadLibraryW, GetProcessHeap, HeapAlloc, HeapFree, Process32First, DeleteCriticalSection, InitializeCriticalSection, FindCloseChangeNotification, GetSystemDirectoryA, GetWindowsDirectoryA, FindFirstChangeNotificationA, WaitForMultipleObjects, Sleep, CloseHandle, WaitForSingleObject, TerminateThread, CreateToolhelp32Snapshot, GetModuleFileNameA, CopyFileA, LoadLibraryExA, ReadProcessMemory, FreeLibrary, DeleteFileA, VirtualQuery, GetVersion, lstrcmpiA, VirtualProtect, WriteProcessMemory, GetCurrentProcessId, Module32First, Module32Next, GetModuleHandleA, GetCurrentProcess, FlushInstructionCache, GetSystemInfo, GetProcAddress, LoadLibraryA, lstrcmpA, lstrcpyA, FindFirstFileA, FindClose, IsBadStringPtrA, WritePrivateProfileSectionA, WriteFile, MoveFileExA, GetTickCount, DeviceIoControl, GetPrivateProfileStructA, Process32Next, GetTempPathA, GetPrivateProfileIntA, CreateProcessA, InterlockedDecrement, WritePrivateProfileStructA > USER32.dll: IsWindow, PostMessageA, DispatchMessageA, FindWindowExA, RegisterWindowMessageA, TranslateMessage, GetWindowThreadProcessId, GetMessageA, GetClassNameA, SetWindowsHookExA, EnumWindows, SendMessageA, GetParent, CallNextHookEx, UnhookWindowsHookEx, KillTimer, DestroyWindow, PostQuitMessage, SetTimer, GetClassInfoExA, RegisterClassExA, CreateWindowExA, SetWindowLongA, GetWindowLongA, DefWindowProcA, FindWindowA > GDI32.dll: GetStockObject > ADVAPI32.dll: RegQueryValueExA, RegOpenKeyExA, FreeSid, RegSetKeySecurity, SetSecurityDescriptorDacl, RegOpenKeyA, RegEnumKeyExA, RegCloseKey, RegEnumKeyA, RegEnumValueA, RegQueryValueExW, InitializeSecurityDescriptor, AddAccessAllowedAce, InitializeAcl, GetLengthSid, AllocateAndInitializeSid, RegCreateKeyA, RegSetValueExA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, DeleteService, OpenServiceA, ControlService, QueryServiceStatus, StartServiceA, RegSetValueExW, RegOpenKeyExW > ole32.dll: CoTaskMemFree, StringFromCLSID > OLEAUT32.dll: -, - > SHLWAPI.dll: PathFileExistsA, PathAppendA, PathFindExtensionA, PathRemoveBlanksA, PathRemoveBackslashA, PathRemoveFileSpecA, PathRemoveExtensionA, SHGetValueA, SHDeleteKeyA, SHDeleteValueA, SHSetValueA, PathFindFileNameA, StrStrIA, PathStripToRootA > imagehlp.dll: ImageDirectoryEntryToData > MSVCRT.dll: realloc, memmove, _CxxThrowException, _mbsicmp, wcscpy, sprintf, _mbsnbicmp, _mbschr, rand, srand, time, _mbscmp, _mbsnbcpy, _snprintf, fclose, fwrite, fopen, sscanf, wcslen, _wcsicmp, _tempnam, fread, malloc, fseek, ftell, fputs, strstr, fgets, rewind, wcsstr, strrchr, strchr, _vsnprintf, atoi, __dllonexit, _onexit, __1type_info@@UAE@XZ, _initterm, _adjust_fdiv, _purecall, __CxxFrameHandler, __2@YAPAXI@Z, __3@YAXPAX@Z, tmpnam, _strnicmp, _stricmp, _itoa, _strlwr, _wcsset, _strnset, free > VERSION.dll: GetFileVersionInfoA, VerQueryValueA, GetFileVersionInfoSizeA ( 6 exports ) DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, Rundll32, Rundll32_ |
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)