附件: 您所在的用户组无法下载或查看附件

解压密码：virus



文件说明符 : C:\WINDOWS\system32\dlllhost.exe
属性 : A---
数字签名:否
PE文件:是
语言 : 中文(中国)
文件版本 : 1, 0, 0, 3
说明 : Microsoft 基础类应用程序
版权 : 版权所有 (C) 2006
产品版本 : 1, 0, 0, 3
产品名称 : dllhost
内部名称 : dllhost
源文件名 : dllhost.exe
创建时间 : 2009-10-16 21:14:8
修改时间 : 2009-10-11 11:12:0
大小 : 385024 字节 376.0 KB
MD5 : 5fc6c0348b8b91423dc8dd38843bc846
SHA1: 495B253FDBCC97F5D46A83712A563A4ACD9D96C4
CRC32: 49c0b324

文件 dlllhost.exe 接收于 2009.10.16 13:46:54 (UTC)

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.41	2009.10.16	-
AhnLab-V3	5.0.0.2	2009.10.16	-
AntiVir	7.9.1.35	2009.10.16	-
Antiy-AVL	2.0.3.7	2009.10.16	-
Authentium	5.1.2.4	2009.10.16	-
Avast	4.8.1351.0	2009.10.14	-
AVG	8.5.0.420	2009.10.16	-
BitDefender	7.2	2009.10.16	-
CAT-QuickHeal	10.00	2009.10.16	-
ClamAV	0.94.1	2009.10.16	-
Comodo	2621	2009.10.16	-
DrWeb	5.0.0.12182	2009.10.16	-
eSafe	7.0.17.0	2009.10.15	-
eTrust-Vet	35.1.7071	2009.10.16	Win32/Spykon.A
F-Prot	4.5.1.85	2009.10.15	-
F-Secure	8.0.14470.0	2009.10.16	-
Fortinet	3.120.0.0	2009.10.16	-
GData	19	2009.10.16	-
Ikarus	T3.1.1.72.0	2009.10.16	-
Jiangmin	11.0.800	2009.10.16	-
K7AntiVirus	7.10.872	2009.10.16	-
Kaspersky	7.0.0.125	2009.10.16	-
McAfee	5772	2009.10.15	-
McAfee+Artemis	5772	2009.10.15	Artemis!5FC6C0348B8B
McAfee-GW-Edition	6.8.5	2009.10.16	-
Microsoft	1.5101	2009.10.16	-
NOD32	4514	2009.10.16	-
Norman	6.03.02	2009.10.16	W32/Obfuscated.S!genr
nProtect	2009.1.8.0	2009.10.15	-
Panda	10.0.2.2	2009.10.15	-
PCTools	4.4.2.0	2009.10.16	-
Prevx	3.0	2009.10.16	-
Rising	21.51.44.00	2009.10.16	-
Sophos	4.46.0	2009.10.16	-
Sunbelt	3.2.1858.2	2009.10.15	-
Symantec	1.4.4.12	2009.10.16	-
TheHacker	6.5.0.2.043	2009.10.15	-
TrendMicro	8.950.0.1094	2009.10.16	-
VBA32	3.12.10.11	2009.10.15	-
ViRobot	2009.10.16.1988	2009.10.16	-
VirusBuster	4.6.5.0	2009.10.15	-

附加信息

File size: 385024 bytes

MD5...: 5fc6c0348b8b91423dc8dd38843bc846

SHA1..: 495b253fdbcc97f5d46a83712a563a4acd9d96c4

SHA256: fd424bb7e662583588a8f2ada4c080848ceaac9bf91f555778edc1e6d6a6e732

ssdeep: 6144:lt5TeFXjGdFVsH/YL0zDogX1FbFTFH/2db8CPuq5gTA:lTTeRjGdFyYL0fr 1FFTgR8b+

PEiD..: -

PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x186c5 timedatestamp.....: 0x48d15a7f (Wed Sep 17 19:29:03 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x43792 0x44000 6.52 a3f9e237178851d18473a408a4251397 .rdata 0x45000 0xf782 0x10000 4.63 2271ba1f5249331d014755d589f960a3 .data 0x55000 0x8f68 0x5000 2.92 48a11602a6d7497d519cbddd7c8b27de .rsrc 0x5e000 0x3cd8 0x4000 4.63 12d05f431a77d1d103453bcf8f9a1956 ( 14 imports ) > WININET.dll: DeleteUrlCacheEntry, FindNextUrlCacheEntryA, FindFirstUrlCacheEntryA, InternetSetFilePointer, InternetSetStatusCallback, InternetGetLastResponseInfoA, HttpQueryInfoA, HttpSendRequestA, HttpOpenRequestA, InternetConnectA, InternetSetOptionExA, InternetCloseHandle, InternetWriteFile, InternetOpenA, InternetCanonicalizeUrlA, InternetCrackUrlA, InternetReadFile, InternetQueryDataAvailable > KERNEL32.dll: GetOEMCP, LocalFileTimeToFileTime, SystemTimeToFileTime, SetErrorMode, SizeofResource, RtlUnwind, RaiseException, GetStartupInfoA, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, CreateThread, ExitThread, HeapAlloc, GetTimeZoneInformation, GetACP, HeapReAlloc, HeapSize, SetStdHandle, GetFileType, LCMapStringA, GetCPInfo, SetUnhandledExceptionFilter, SetHandleCount, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetProcessVersion, GetCurrentDirectoryA, GlobalFlags, TlsGetValue, LocalReAlloc, TlsSetValue, GlobalReAlloc, TlsFree, GlobalHandle, TlsAlloc, FileTimeToLocalFileTime, FileTimeToSystemTime, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, LocalAlloc, EnterCriticalSection, GetShortPathNameA, GetThreadLocale, GetStringTypeExA, GetVolumeInformationA, MoveFileA, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, ReadFile, GetCurrentProcess, DuplicateHandle, FormatMessageA, LocalFree, GlobalUnlock, MulDiv, lstrlenW, GetLastError, GetDiskFreeSpaceA, GetFileTime, SetFileTime, GetFullPathNameA, GetProfileStringA, GetProfileIntA, SearchPathA, lstrcpynA, GetTempPathA, GetTempFileNameA, SetLastError, GlobalFree, WritePrivateProfileStringA, GetPrivateProfileStringA, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, MultiByteToWideChar, lstrlenA, InterlockedDecrement, InterlockedIncrement, CreateEventA, SuspendThread, SetThreadPriority, ResumeThread, SetEvent, WaitForSingleObject, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FreeLibrary, LoadLibraryA, GetProcAddress, WideCharToMultiByte, FindFirstFileA, GetFileAttributesA, SetFileAttributesA, RemoveDirectoryA, DeleteFileA, FindNextFileA, FindClose, CreateFileA, GetFileSize, SetFilePointer, WriteFile, CloseHandle, GetTickCount, GetVersionExA, FindResourceA, LoadResource, LockResource, GetModuleHandleA, GetModuleFileNameA, Sleep, GetPrivateProfileIntA, LCMapStringW > USER32.dll: TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyIcon, CharNextA, CopyAcceleratorTableA, SetRect, GetNextDlgGroupItem, MessageBeep, CreateDialogIndirectParamA, EndDialog, WindowFromPoint, InflateRect, RegisterClipboardFormatA, GetDCEx, LockWindowUpdate, PostThreadMessageA, SetParent, PtInRect, GetClassNameA, LoadStringA, IsZoomed, CharUpperA, RedrawWindow, DefMDIChildProcA, DrawMenuBar, TranslateMDISysAccel, DefFrameProcA, BringWindowToTop, UnpackDDElParam, ReuseDDElParam, SetMenu, GetDesktopWindow, TranslateAcceleratorA, SetRectEmpty, FindWindowA, InvalidateRect, RemoveMenu, SetCapture, ReleaseCapture, SetTimer, KillTimer, MapDialogRect, SetWindowContextHelpId, DestroyMenu, LoadMenuA, LoadAcceleratorsA, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, EndPaint, LoadIconA, SendDlgItemMessageA, MapWindowPoints, GetSysColor, SetActiveWindow, IsWindow, SetFocus, AdjustWindowRectEx, ScreenToClient, EqualRect, GetClientRect, BeginDeferWindowPos, CopyRect, EndDeferWindowPos, InsertMenuA, GetScrollInfo, SetScrollInfo, ShowScrollBar, GetScrollRange, SetScrollRange, GetScrollPos, SetScrollPos, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, DefDlgProcA, IsWindowUnicode, DestroyWindow, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, BeginPaint, GetWindowDC, ReleaseDC, GetDC, GetMenuStringA, DeleteMenu, RegisterWindowMessageA, OffsetRect, IntersectRect, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, ShowOwnedPopups, PostQuitMessage, ScrollWindow, ClientToScreen, GetParent, SendMessageA, EnableWindow, UpdateWindow, PostMessageA, DeferWindowPos > GDI32.dll: GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, CreatePatternBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, GetTextColor, GetBkColor, GetMapMode, PatBlt, SetRectRgn, CombineRgn, CreateRectRgnIndirect, CreateFontIndirectA, BitBlt, CreateCompatibleDC, GetTextExtentPointA, CreateRectRgn, CreateDIBitmap, GetClipBox, Escape, CreateBitmap, IntersectClipRect, ExcludeClipRect, SelectClipRgn, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, RestoreDC, SaveDC, DeleteDC, DeleteObject, GetTextMetricsA, SelectObject, GetTextExtentPoint32A, DPtoLP, LPtoDP, GetObjectA, SetBkColor, SetTextColor > comdlg32.dll: GetFileTitleA, GetOpenFileNameA, GetSaveFileNameA > WINSPOOL.DRV: ClosePrinter, OpenPrinterA, DocumentPropertiesA > ADVAPI32.dll: RegQueryValueExA, RegSetValueA, RegCreateKeyA, GetFileSecurityA, SetFileSecurityA, RegDeleteValueA, RegSetValueExA, RegQueryValueA, RegOpenKeyExA, RegCreateKeyExA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey > SHELL32.dll: SHGetFileInfoA, DragQueryFileA, DragFinish, SHGetSpecialFolderPathA, ExtractIconA > COMCTL32.dll: - > oledlg.dll: - > ole32.dll: StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, CoTaskMemFree, CoTaskMemAlloc, OleInitialize, OleUninitialize, CoFreeUnusedLibraries, CoGetClassObject, CoRegisterMessageFilter, CoRevokeClassObject, CLSIDFromString, CLSIDFromProgID, OleFlushClipboard, OleIsCurrentClipboard > OLEPRO32.DLL: - > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > WSOCK32.dll: -, - ( 0 exports )

RDS...: NSRL Reference Data Set -

pdfid.: -

trid..: Win32 Executable MS Visual C++ (generic) (53.1%) Windows Screen Saver (18.4%) Win32 Executable Generic (12.0%) Win32 Dynamic Link Library (generic) (10.6%) Generic Win/DOS Executable (2.8%)

sigcheck: publisher....: copyright....: ____ (C) 2006 product......: dllhost description..: Microsoft _______ original name: dllhost.exe internal name: dllhost file version.: 1, 0, 0, 3 comments.....: signers......: - signing date.: - verified.....: Unsigned

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler 4.0; MAXTHON 2.0)

样本已经收集，感谢您对瑞星的支持！