|
社区嘉宾
- 帖子:22020
- 注册:
2003-04-29
- 来自:pe_xscan Studio
|
发表于:
2009-10-16 22:05
|
显示全部
短消息
资料
e54.dll---adcf542a58f026d5819de1844946ba5e
 附件: 您所在的用户组无法下载或查看附件解压密码:virus O2 - BHO BHO Class - {AA3D3193-E700-4087-BD8B-CDC2CDC0820F} = C:\WINDOWS\system32\e54.dll文件说明符 : C:\WINDOWS\system32\e54.dll 属性 : A--- 数字签名:否 PE文件:是 语言 : 英语(美国) 文件版本 : 1, 0, 2, 8 说明 : Transaction Module 版权 : Copyright 2006 备注 : Microsoft Corporation 产品版本 : 1, 0, 2, 8 产品名称 : Flacdker Product 公司名称 : Microsoft Corporation 内部名称 : COM Services 源文件名 : COM Services 创建时间 : 2009-10-16 21:14:8 修改时间 : 2009-10-12 8:45:0 大小 : 36864 字节 36.0 KB MD5 : adcf542a58f026d5819de1844946ba5e SHA1: A9015DAE74731B92EC60C6F07E4A5942CFBA7604 CRC32: 569e90ba 文件 e54.dll 接收于 2009.10.16 13:55:18 (UTC) | 反病毒引擎 | 版本 | 最后更新 | 扫描结果 | | a-squared | 4.5.0.41 | 2009.10.16 | AdWare.Bdsearch!IK | | AhnLab-V3 | 5.0.0.2 | 2009.10.16 | - | | AntiVir | 7.9.1.35 | 2009.10.16 | - | | Antiy-AVL | 2.0.3.7 | 2009.10.16 | AdWare/Win32.BHO.gen | | Authentium | 5.1.2.4 | 2009.10.16 | - | | Avast | 4.8.1351.0 | 2009.10.14 | Win32:BHO-XK | | AVG | 8.5.0.420 | 2009.10.16 | Generic4.OHD | | BitDefender | 7.2 | 2009.10.16 | Gen:Adware.Heur.cu8@A8haDCab | | CAT-QuickHeal | 10.00 | 2009.10.16 | - | | ClamAV | 0.94.1 | 2009.10.16 | - | | Comodo | 2621 | 2009.10.16 | - | | DrWeb | 5.0.0.12182 | 2009.10.16 | - | | eSafe | 7.0.17.0 | 2009.10.15 | Win32.Adclicker | | eTrust-Vet | 35.1.7071 | 2009.10.16 | - | | F-Prot | 4.5.1.85 | 2009.10.15 | - | | F-Secure | 8.0.14470.0 | 2009.10.16 | AdWare.Win32.BHO.iwa | | Fortinet | 3.120.0.0 | 2009.10.16 | - | | GData | 19 | 2009.10.16 | Gen:Adware.Heur.cu8@A8haDCab | | Ikarus | T3.1.1.72.0 | 2009.10.16 | AdWare.Bdsearch | | Jiangmin | 11.0.800 | 2009.10.16 | Adware/BHO.qz | | K7AntiVirus | 7.10.872 | 2009.10.16 | - | | Kaspersky | 7.0.0.125 | 2009.10.16 | not-a-virus:AdWare.Win32.BHO.iwa | | McAfee | 5772 | 2009.10.15 | Generic PWS!hv.ah | | McAfee+Artemis | 5772 | 2009.10.15 | Artemis!ADCF542A58F0 | | McAfee-GW-Edition | 6.8.5 | 2009.10.16 | - | | Microsoft | 1.5101 | 2009.10.16 | - | | NOD32 | 4514 | 2009.10.16 | - | | Norman | 6.03.02 | 2009.10.16 | - | | nProtect | 2009.1.8.0 | 2009.10.15 | Trojan-Clicker/W32.BHO.36864.CR | | Panda | 10.0.2.2 | 2009.10.15 | Trj/CI.A | | PCTools | 4.4.2.0 | 2009.10.16 | - | | Prevx | 3.0 | 2009.10.16 | Medium Risk Malware | | Rising | 21.51.44.00 | 2009.10.16 | - | | Sophos | 4.46.0 | 2009.10.16 | - | | Sunbelt | 3.2.1858.2 | 2009.10.15 | - | | Symantec | 1.4.4.12 | 2009.10.16 | Trojan.Adclicker | | TheHacker | 6.5.0.2.043 | 2009.10.15 | - | | TrendMicro | 8.950.0.1094 | 2009.10.16 | - | | VBA32 | 3.12.10.11 | 2009.10.15 | AdWare.Win32.BHO.iwa | | ViRobot | 2009.10.16.1988 | 2009.10.16 | - | | VirusBuster | 4.6.5.0 | 2009.10.15 | - |
| 附加信息 | | File size: 36864 bytes | | MD5...: adcf542a58f026d5819de1844946ba5e | | SHA1..: a9015dae74731b92ec60c6f07e4a5942cfba7604 | | SHA256: 7847b3cbe5cd013554ee4a5cacc6b584f399cd04dc4e256a2531d236a2fa3a28 | ssdeep: 384:XAWGdzwoT77MeIcgTHRTHAnZbARpI5pAWS0Eo3gQ:tozwmdURTHAZbARpapt
hg
| | PEiD..: - | PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x38a3
timedatestamp.....: 0x4ac54a37 (Fri Oct 02 00:32:55 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2b56 0x3000 5.89 ef17b40a04182ac076d8ecbbc334d85a
.rdata 0x4000 0x111e 0x2000 3.13 303f5715b1bb0e440de516ee229506dd
.data 0x6000 0x1864 0x1000 1.80 ef3b419523d7ead49fbaaa19500e25d8
.rsrc 0x8000 0xe30 0x1000 3.95 5415be4baa86fc6de2277a09cbbf89ae
.reloc 0x9000 0x898 0x1000 3.37 78e8fab4b81c496c2dfbad5ccdc8a63e
( 8 imports )
> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> MSVCRT.dll: strcpy, wcslen, _CxxThrowException, sscanf, _strnicmp, sprintf, strstr, strlen, memcmp, __CxxFrameHandler, _purecall, _mbslwr, __1type_info@@UAE@XZ, _adjust_fdiv, malloc, _initterm, free, _strlwr, _except_handler3, _onexit, __dllonexit, _mbsstr, memcpy, _terminate@@YAXXZ
> KERNEL32.dll: CreateEventA, CreateThread, Sleep, SetEvent, lstrlenW, InterlockedDecrement, EnterCriticalSection, InterlockedIncrement, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetModuleFileNameA, WaitForSingleObject, CreateFileMappingA, MultiByteToWideChar, GetLastError, WideCharToMultiByte, LocalFree, LocalAlloc
> USER32.dll: SendMessageA, FindWindowExA, IsCharAlphaNumericA
> ADVAPI32.dll: RegNotifyChangeKeyValue
> OLEAUT32.dll: -, -, -, -, -, -, -, -
> ATL.DLL: -, -, -, -, -, -, -, -, -, -
> MSVCP60.dll: __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBDI@Z, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Hstd@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@ABV10@PBD@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, __Hstd@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@ABV10@0@Z
( 4 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
| RDS...: NSRL Reference Data Set
- | | pdfid.: - | | packers (Antiy-AVL): CrypToCrackPeProtector0.93 | sigcheck:
publisher....: Microsoft Corporation
copyright....: Copyright 2006
product......: Flacdker Product
description..: Transaction Module
original name: COM Services
internal name: COM Services
file version.: 1, 0, 2, 8
comments.....: Microsoft Corporation
signers......: -
signing date.: -
verified.....: Unsigned
| | <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=756B25D5005CD4E4909000E3E730F100EAFF256C' target='_blank'>http://info.prevx.com/aboutprogr ... E730F100EAFF256C<;/a> | trid..: DirectShow filter (43.0%)
Windows OCX File (26.3%)
Win64 Executable Generic (18.2%)
Win32 Executable MS Visual C++ (generic) (8.0%)
Win32 Executable Generic (1.8%) |
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler 4.0; MAXTHON 2.0)
|
