endurer - 2009-10-16 22:23:00
附件: 您所在的用户组无法下载或查看附件解压密码:virus
文件说明符 : C:\windows\system32\fly2926.dll
属性 : A---
数字签名:否
PE文件:是
语言 : 中文(中国)
文件版本 : 1, 0, 0, 1
说明 : MyTest3
版权 : 版权所有 (C) 2008
产品版本 : 1, 0, 0, 1
产品名称 : MyTest3 Dynamic Link Library
内部名称 : MyTest3
源文件名 : MyTest3.DLL
创建时间 : 2009-10-16 21:14:8
修改时间 : 2009-10-12 8:2:42
大小 : 168960 字节 165.0 KB
MD5 : ece5cecf1bca898ae2f2fdd9a0ca19f4
SHA1: D295394F4C961B0CE8E97711859C7D94772E68A7
CRC32: f43ab893
文件 fly2926.dll 接收于 2009.10.16 14:16:09 (UTC)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 |
| a-squared | 4.5.0.41 | 2009.10.16 | Trojan-Downloader.Win32.Adload!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.10.16 | - |
| AntiVir | 7.9.1.35 | 2009.10.16 | TR/Dldr.Small.jrs |
| Antiy-AVL | 2.0.3.7 | 2009.10.16 | Trojan/Win32.Filka.gen |
| Authentium | 5.1.2.4 | 2009.10.16 | W32/Downloader.F.gen!Eldorado |
| Avast | 4.8.1351.0 | 2009.10.14 | Win32:Trojan-gen |
| AVG | 8.5.0.420 | 2009.10.16 | Agent2.USL |
| BitDefender | 7.2 | 2009.10.16 | Generic.Malware.FP!Pkg.D2BC4CFC |
| CAT-QuickHeal | 10.00 | 2009.10.16 | - |
| ClamAV | 0.94.1 | 2009.10.16 | Trojan.Clicker-3346 |
| Comodo | 2621 | 2009.10.16 | - |
| DrWeb | 5.0.0.12182 | 2009.10.16 | Trojan.DownLoader.origin |
| eSafe | 7.0.17.0 | 2009.10.15 | Win32.TRDldr.Small.J |
| eTrust-Vet | 35.1.7071 | 2009.10.16 | - |
| F-Prot | 4.5.1.85 | 2009.10.15 | W32/Downloader.F.gen!Eldorado |
| F-Secure | 8.0.14470.0 | 2009.10.16 | Trojan-Spy.Win32.Filka.am |
| Fortinet | 3.120.0.0 | 2009.10.16 | PossibleThreat |
| GData | 19 | 2009.10.16 | Generic.Malware.FP!Pkg.D2BC4CFC |
| Ikarus | T3.1.1.72.0 | 2009.10.16 | Trojan-Downloader.Win32.Adload |
| Jiangmin | 11.0.800 | 2009.10.16 | TrojanDownloader.Agent.btva |
| K7AntiVirus | 7.10.872 | 2009.10.16 | Trojan.Win32.Malware.1 |
| Kaspersky | 7.0.0.125 | 2009.10.16 | Trojan-Spy.Win32.Filka.am |
| McAfee | 5772 | 2009.10.15 | - |
| McAfee+Artemis | 5772 | 2009.10.15 | Artemis!ECE5CECF1BCA |
| McAfee-GW-Edition | 6.8.5 | 2009.10.16 | Trojan.Dldr.Small.jrs |
| Microsoft | 1.5101 | 2009.10.16 | - |
| NOD32 | 4514 | 2009.10.16 | a variant of Win32/Agent.PHX |
| Norman | 6.03.02 | 2009.10.16 | W32/Agent.RVOF |
| nProtect | 2009.1.8.0 | 2009.10.15 | - |
| Panda | 10.0.2.2 | 2009.10.15 | Trj/CI.A |
| PCTools | 4.4.2.0 | 2009.10.16 | - |
| Prevx | 3.0 | 2009.10.16 | High Risk Cloaked Malware |
| Rising | 21.51.44.00 | 2009.10.16 | - |
| Sophos | 4.46.0 | 2009.10.16 | Sus/VB-AM |
| Sunbelt | 3.2.1858.2 | 2009.10.15 | Trojan.Win32.Agent |
| Symantec | 1.4.4.12 | 2009.10.16 | Trojan.Cinmeng |
| TheHacker | 6.5.0.2.043 | 2009.10.15 | - |
| TrendMicro | 8.950.0.1094 | 2009.10.16 | TROJ_CINMENG.JC |
| VBA32 | 3.12.10.11 | 2009.10.15 | Trojan-Spy.Win32.Filka.am |
| ViRobot | 2009.10.16.1988 | 2009.10.16 | - |
| VirusBuster | 4.6.5.0 | 2009.10.15 | - |
| 附加信息 |
| File size: 168960 bytes |
| MD5...: ece5cecf1bca898ae2f2fdd9a0ca19f4 |
| SHA1..: d295394f4c961b0ce8e97711859c7d94772e68a7 |
| SHA256: 6acae186d5d67c6b5908b83a8fdf047958e9e03cc17e6623d4f211994edb6cef |
| ssdeep: 3072:LA3dC2xHJoQtuRcsAKNiJ+ytjC8yf+KS3oV6GoIMc4CPz1xMSfXjI0kN2K4 WX5VK:LD2FJo1NxNDFyb3on5RlPhxM6TI0k1 |
| PEiD..: - |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x95470 timedatestamp.....: 0x4ad1ea96 (Sun Oct 11 14:24:22 2009) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0x6c000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0x6d000 0x29000 0x28800 7.92 8fe59680bce4891a4c177623ee5a99a7 .rsrc 0x96000 0x1000 0x800 3.36 ee8b35b34cb598a6009b33a6d7d89cee ( 10 imports ) > KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect > ADVAPI32.dll: RegEnumKeyA > iphlpapi.dll: GetAdaptersInfo > MFC42.DLL: - > MSVCRT.dll: atol > ole32.dll: CoInitialize > OLEAUT32.dll: - > USER32.dll: SetTimer > WININET.dll: InternetOpenA > WINMM.dll: timeGetTime ( 3 exports ) InstallHook, InstallMyDll, UnInstallHook |
| RDS...: NSRL Reference Data Set - |
| pdfid.: - |
| trid..: Win64 Executable Generic (52.5%) UPX compressed Win32 Executable (18.7%) Win32 EXE Yoda's Crypter (16.3%) Win32 Executable Generic (5.2%) Win32 Dynamic Link Library (generic) (4.6%) |
| packers (Antiy-AVL): UPX 0.89.6 - 1.02 / 1.05 - 1.22 DLL |
| sigcheck: publisher....: copyright....: ____ (C) 2008 product......: MyTest3 Dynamic Link Library description..: MyTest3 original name: MyTest3.DLL internal name: MyTest3 file version.: 1, 0, 0, 1 comments.....: signers......: - signing date.: - verified.....: Unsigned |
| packers (Kaspersky): PE_Patch.UPX, UPX |
| packers (Avast): UPX |
| packers (F-Prot): UPX |
| <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=6BE719130098A8F2947A021A84BE5300793EBF78' target='_blank'>http://info.prevx.com/aboutprogr ... 84BE5300793EBF78<;/a> |