endurer - 2009-10-16 23:44:00
附件: 您所在的用户组无法下载或查看附件解压密码:virus
O23 - 服务: ISBCCCS (IMAPI System By Catch CD-Burning COM Service) - C:\WINDOWS\system32\bfilo.exe (自动)
文件说明符 : C:\WINDOWS\bfilo.exe
属性 : A---
数字签名:否
PE文件:是
语言 : 英语(美国)
文件版本 : 1, 0, 0, 1
说明 : mssvr Module
版权 : Copyright 2009
产品版本 : 1, 0, 0, 1
产品名称 : mssvr Module
内部名称 : mssvr
源文件名 : mssvr.EXE
创建时间 : 2009-10-16 23:17:14
修改时间 : 2009-10-9 18:26:58
大小 : 45056 字节 44.0 KB
MD5 : 27739801917eb54129f7d2a666363fad
SHA1: ACE452E7EA6F1AC2A85FB2549AF7AF077038908F
CRC32: 6a23889f
文件 bfilo.exe 接收于 2009.10.16 15:34:47 (UTC)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 |
| a-squared | 4.5.0.41 | 2009.10.16 | Trojan-Downloader.Win32.Phinit!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.10.16 | - |
| AntiVir | 7.9.1.35 | 2009.10.16 | TR/Downloader.Gen |
| Antiy-AVL | 2.0.3.7 | 2009.10.16 | - |
| Authentium | 5.1.2.4 | 2009.10.16 | - |
| Avast | 4.8.1351.0 | 2009.10.14 | - |
| AVG | 8.5.0.420 | 2009.10.16 | Generic4.OPG |
| BitDefender | 7.2 | 2009.10.16 | Application.Generic.236077 |
| CAT-QuickHeal | 10.00 | 2009.10.16 | - |
| ClamAV | 0.94.1 | 2009.10.16 | - |
| Comodo | 2622 | 2009.10.16 | - |
| DrWeb | 5.0.0.12182 | 2009.10.16 | - |
| eSafe | 7.0.17.0 | 2009.10.15 | - |
| eTrust-Vet | 35.1.7071 | 2009.10.16 | - |
| F-Prot | 4.5.1.85 | 2009.10.15 | - |
| F-Secure | 8.0.14470.0 | 2009.10.16 | - |
| Fortinet | 3.120.0.0 | 2009.10.16 | - |
| GData | 19 | 2009.10.16 | Application.Generic.236077 |
| Ikarus | T3.1.1.72.0 | 2009.10.16 | Trojan-Downloader.Win32.Phinit |
| Jiangmin | 11.0.800 | 2009.10.16 | TrojanDownloader.Agent.bttt |
| K7AntiVirus | 7.10.872 | 2009.10.16 | - |
| Kaspersky | 7.0.0.125 | 2009.10.16 | - |
| McAfee | 5772 | 2009.10.15 | - |
| McAfee+Artemis | 5772 | 2009.10.15 | Artemis!27739801917E |
| McAfee-GW-Edition | 6.8.5 | 2009.10.16 | Heuristic.BehavesLike.Win32.Rootkit.L |
| Microsoft | 1.5101 | 2009.10.16 | TrojanDownloader:Win32/Phinit.B |
| NOD32 | 4515 | 2009.10.16 | probably a variant of Win32/Adware.NewWeb |
| Norman | 6.03.02 | 2009.10.16 | - |
| nProtect | 2009.1.8.0 | 2009.10.15 | - |
| Panda | 10.0.2.2 | 2009.10.15 | Trj/CI.A |
| PCTools | 4.4.2.0 | 2009.10.16 | - |
| Prevx | 3.0 | 2009.10.16 | - |
| Rising | 21.51.44.00 | 2009.10.16 | - |
| Sophos | 4.46.0 | 2009.10.16 | Mal/Generic-A |
| Sunbelt | 3.2.1858.2 | 2009.10.15 | - |
| Symantec | 1.4.4.12 | 2009.10.16 | - |
| TheHacker | 6.5.0.2.043 | 2009.10.15 | - |
| TrendMicro | 8.950.0.1094 | 2009.10.16 | - |
| VBA32 | 3.12.10.11 | 2009.10.15 | - |
| ViRobot | 2009.10.16.1988 | 2009.10.16 | - |
| VirusBuster | 4.6.5.0 | 2009.10.15 | - |
| 附加信息 |
| File size: 45056 bytes |
| MD5...: 27739801917eb54129f7d2a666363fad |
| SHA1..: ace452e7ea6f1ac2a85fb2549af7af077038908f |
| SHA256: fdb6fd1a972cdc7e8330b9c0bce54950ee6f334699d3e43449fee1492559ba57 |
| ssdeep: 768:lWYfyi0Kpi6fZ/MMDA6TNwqMwhpYMB2vK29aGv7rdsoex29ONft:UYf/0Kpi 6f5MINwqp4ooKzgshNft |
| PEiD..: - |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x5f5a timedatestamp.....: 0x4acf0ff2 (Fri Oct 09 10:26:58 2009) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5606 0x6000 5.97 b5929e53dac0c3f0a1d05a01e10eb7af .rdata 0x7000 0x1d96 0x2000 4.59 224d6575735b5412d442ecad59f1f567 .data 0x9000 0x9f0 0x1000 3.41 1e5cc91d3d2b81a4203d15383c21a3f4 .rsrc 0xa000 0x968 0x1000 2.40 417379093d7a6ba21678e79f9154001c ( 9 imports ) > WININET.dll: InternetCloseHandle, InternetOpenUrlA, InternetOpenA, InternetReadFile > MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > MSVCRT.dll: free, malloc, memcpy, sprintf, _splitpath, memset, strcpy, realloc, memcmp, __0exception@@QAE@ABV0@@Z, strlen, _CxxThrowException, strcmp, _strupr, atol, _mbslwr, __dllonexit, _onexit, __1type_info@@UAE@XZ, _except_handler3, _exit, _XcptFilter, exit, _acmdln, __getmainargs, _stricmp, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, __CxxFrameHandler, _controlfp > KERNEL32.dll: GetStartupInfoA, GetPrivateProfileSectionNamesA, GetPrivateProfileStringA, WritePrivateProfileStringA, MoveFileExA, GetTickCount, WinExec, DeleteFileA, CreateToolhelp32Snapshot, Process32First, Process32Next, GetWindowsDirectoryA, CreateDirectoryA, lstrcatA, lstrcpyA, LoadLibraryA, GetProcAddress, InitializeCriticalSection, IsDBCSLeadByte, lstrcpynA, LoadLibraryExA, GetLastError, CloseHandle, GetCurrentProcess, GetCurrentThread, GetModuleFileNameA, SetLastError, Sleep, GetCurrentThreadId, lstrcmpiA, GetCommandLineA, lstrlenA, lstrlenW, MultiByteToWideChar, GetShortPathNameA, GetModuleHandleA, WideCharToMultiByte, FreeLibrary, SizeofResource, LoadResource, FindResourceA, OpenProcess > USER32.dll: PostThreadMessageA, GetMessageA, CharNextA, LoadStringA, KillTimer, SetTimer, TranslateMessage, DispatchMessageA > ADVAPI32.dll: RegEnumKeyExA, RegCreateKeyExA, RegOpenKeyExA, StartServiceCtrlDispatcherA, RegDeleteValueA, RegSetValueExA, RegCloseKey, RegQueryValueExA, SetServiceStatus, RegisterServiceCtrlHandlerA, RegDeleteKeyA, OpenServiceA, ControlService, QueryServiceStatus, DeleteService, OpenSCManagerA, CreateServiceA, ChangeServiceConfig2A, CloseServiceHandle, GetAclInformation, AddAce, InitializeAcl, GetAce, AddAccessAllowedAce, LookupAccountNameA, GetTokenInformation, OpenThreadToken, OpenProcessToken, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, GetLengthSid, CopySid, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegQueryInfoKeyA, RegEnumValueA, CreateProcessAsUserA > ole32.dll: CoTaskMemAlloc, CoTaskMemFree, CoTaskMemRealloc, CoInitializeEx, CoUninitialize, CoInitializeSecurity, CoRegisterClassObject, CoRevokeClassObject, CoCreateInstance, CoInitialize > OLEAUT32.dll: -, -, -, -, - > MSVCP60.dll: __0out_of_range@std@@QAE@ABV01@@Z, __1out_of_range@std@@UAE@XZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, ___7out_of_range@std@@6B@, __0logic_error@std@@QAE@ABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@1@@Z, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBDI@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __0logic_error@std@@QAE@ABV01@@Z ( 0 exports ) |
| RDS...: NSRL Reference Data Set - |
| pdfid.: - |
| trid..: Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| sigcheck: publisher....: copyright....: Copyright 2009 product......: mssvr Module description..: mssvr Module original name: mssvr.EXE internal name: mssvr file version.: 1, 0, 0, 1 comments.....: n/a signers......: - signing date.: - verified.....: Unsigned |
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler 4.0; MAXTHON 2.0)