呢種結果相信大家都未見過,我第一次見
檔案 ccproxysetup.exe 接收於 2010.07.22 21:48:12 (UTC)
| 反病毒引擎 |
版本 |
最後更新 |
掃瞄結果 |
| AhnLab-V3 |
2010.07.22.01 |
2010.07.22 |
- |
| AntiVir |
8.2.4.26 |
2010.07.22 |
- |
| Antiy-AVL |
2.0.3.7 |
2010.07.22 |
- |
| Authentium |
5.2.0.5 |
2010.07.21 |
- |
| Avast |
4.8.1351.0 |
2010.07.22 |
- |
| Avast5 |
5.0.332.0 |
2010.07.22 |
Win32:CCProxy-D |
| AVG |
9.0.0.851 |
2010.07.22 |
- |
| BitDefender |
7.2 |
2010.07.22 |
- |
| CAT-QuickHeal |
11.00 |
2010.07.22 |
- |
| ClamAV |
0.96.0.3-git |
2010.07.22 |
- |
| Comodo |
5509 |
2010.07.22 |
- |
| DrWeb |
5.0.2.03300 |
2010.07.22 |
- |
| Emsisoft |
5.0.0.34 |
2010.07.22 |
- |
| eSafe |
7.0.17.0 |
2010.07.22 |
Win32.CCProxy |
| eTrust-Vet |
36.1.7729 |
2010.07.22 |
- |
| F-Prot |
4.6.1.107 |
2010.07.22 |
- |
| F-Secure |
9.0.15370.0 |
2010.07.22 |
- |
| Fortinet |
4.1.143.0 |
2010.07.22 |
- |
| GData |
21 |
2010.07.22 |
- |
| Ikarus |
T3.1.1.84.0 |
2010.07.22 |
- |
| Jiangmin |
13.0.900 |
2010.07.22 |
- |
| Kaspersky |
7.0.0.125 |
2010.07.22 |
- |
| McAfee |
5.400.0.1158 |
2010.07.22 |
Artemis!EC301D424B3C |
| McAfee-GW-Edition |
2010.1 |
2010.07.22 |
Artemis!EC301D424B3C |
| Microsoft |
1.6004 |
2010.07.22 |
- |
| NOD32 |
5303 |
2010.07.22 |
a variant of Win32/CCProxy |
| Norman |
6.05.11 |
2010.07.22 |
- |
| nProtect |
2010-07-22.01 |
2010.07.22 |
- |
| Panda |
10.0.2.7 |
2010.07.22 |
- |
| PCTools |
7.0.3.5 |
2010.07.22 |
- |
| Prevx |
3.0 |
2010.07.22 |
- |
| Rising |
22.57.03.04 |
2010.07.22 |
- |
| Sophos |
4.55.0 |
2010.07.22 |
- |
| Sunbelt |
6622 |
2010.07.22 |
- |
| SUPERAntiSpyware |
4.40.0.1006 |
2010.07.22 |
- |
| Symantec |
20101.1.1.7 |
2010.07.22 |
- |
| TheHacker |
6.5.2.1.322 |
2010.07.20 |
- |
| TrendMicro |
9.120.0.1004 |
2010.07.22 |
- |
| TrendMicro-HouseCall |
9.120.0.1004 |
2010.07.22 |
- |
| VBA32 |
3.12.12.6 |
2010.07.22 |
- |
| ViRobot |
2010.6.21.3896 |
2010.07.22 |
- |
| VirusBuster |
5.0.27.0 |
2010.07.22 |
- |
|
|
| 附加訊息 |
| File size: 1413296 bytes |
| MD5 :
ec301d424b3cd6f69c37a901bf969227 |
| SHA1 :
fbe98bb4b877f31bedb5d03b88d2a6d33626b741 |
| SHA256:
2449cf004e218273e5051cd40de50cc72dbd2b5ca1eca474c3317cd2c01c9acd |
| PEInfo: PE Structure information<BR><BR>( base
data )<BR>entrypointaddress.: 0x9B24<BR>timedatestamp.....:
0x2A425E19 (Sat Jun 20 00:22:17 1992)<BR>machinetype.......: 0x14C
(Intel I386)<BR><BR>( 8 sections )<BR>name viradd virsiz
rawdsiz ntrpy md5<BR>CODE 0x1000 0x9244 0x9400 6.53
00d95da090f9b045cc52199c7b36d118<BR>DATA 0xB000 0x24C 0x400 2.73
05e73e67429288e06500812b62979d5f<BR>BSS 0xC000 0xE48 0x0 0.00
d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0xD000 0x950 0xA00 4.43
bb5485bf968b970e5ea81292af2acdba<BR>.tls 0xE000 0x8 0x0 0.00
d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xF000 0x18 0x200 0.20
9ba824905bf9c7922b6fc87a38b74366<BR>.reloc 0x10000 0x8B4 0x0 0.00
d41d8cd98f00b204e9800998ecf8427e<BR>.rsrc 0x11000 0x2C00 0x2C00 4.46
55657a88cf147a8e3b572c304eecf295<BR><BR>( 5 imports
)<BR><BR>> advapi32.dll: RegQueryValueExA,
RegOpenKeyExA, RegCloseKey, OpenProcessToken, LookupPrivilegeValueA,
AdjustTokenPrivileges<BR>> comctl32.dll:
InitCommonControls<BR>> kernel32.dll: DeleteCriticalSection,
LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection,
VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, WideCharToMultiByte,
TlsSetValue, TlsGetValue, MultiByteToWideChar, GetModuleHandleA,
GetLastError, GetCommandLineA, WriteFile, SetFilePointer, SetEndOfFile,
RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize,
GetSystemTime, GetFileType, ExitProcess, CreateFileA, CloseHandle,
WriteFile, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, Sleep,
SizeofResource, SetLastError, SetFilePointer, SetErrorMode, SetEndOfFile,
RemoveDirectoryA, ReadFile, LockResource, LoadResource, LoadLibraryA,
IsDBCSLeadByte, GetWindowsDirectoryA, GetVersionExA, GetUserDefaultLangID,
GetSystemInfo, GetSystemDefaultLCID, GetProcAddress, GetModuleHandleA,
GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetFullPathNameA,
GetFileSize, GetFileAttributesA, GetExitCodeProcess,
GetEnvironmentVariableA, GetCurrentProcess, GetCommandLineA, GetACP,
InterlockedExchange, FormatMessageA, FindResourceA, DeleteFileA,
CreateProcessA, CreateFileA, CreateDirectoryA,
CloseHandle<BR>> oleaut32.dll: VariantChangeTypeEx,
VariantCopyInd, VariantClear, SysStringLen,
SysAllocStringLen<BR>> user32.dll: MessageBoxA,
TranslateMessage, SetWindowLongA, PeekMessageA, MsgWaitForMultipleObjects,
MessageBoxA, LoadStringA, ExitWindowsEx, DispatchMessageA, DestroyWindow,
CreateWindowExA, CallWindowProcA, CharPrevA<BR><BR>( 0 exports
)<BR> |
| TrID : File type
identification<BR>Win32 Executable Generic (38.4%)<BR>Win32
Dynamic Link Library (generic) (34.1%)<BR>Win16/32 Executable Delphi
generic (9.3%)<BR>Generic Win/DOS Executable (9.0%)<BR>DOS
Executable Generic (9.0%) |
| Symantec reputation: Suspicious.Insight
http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99 |
| ssdeep:
24576:320AIB7hNzY5CEnpjWn2KkZE+KOYHwcwhOiPmd5wH09rsUz34vOYLL22r2YtGce7:322BgCEnpS2nYXwhcdSSzJExqYts |
| sigcheck: publisher....: Youngzsoft,
Inc.<BR>copyright....: <BR>product......:
CCProxy<BR>description..: CCProxy Setup<BR>original name:
n/a<BR>internal name: n/a<BR>file version.:
<BR>comments.....: This installation was built with Inno
Setup.<BR>signers......: -<BR>signing date.:
-<BR>verified.....: Unsigned<BR> |
| PEiD : - |
| RDS : NSRL Reference Data
Set<BR>- |
"魂" <ʨrz> 在郵件張貼內容主旨 4c48d613$1@news.3home.net
中撰寫...
> Fsecure也是說它有木馬.
> 難道是外國式綠壩?
>
>
> "108"
<108@man> 在郵件張貼內容主旨 4c482477$1@news.3home.net 中撰寫...
>> 我係offical
web download, 想問下,同埋點解決呢!thx
>>
>> __________ Information from
ESET NOD32 Antivirus, version of virus
>> signature database 5300
(20100722) __________
>>
>> The message was checked by ESET
NOD32 Antivirus.
>>
>>
http://www.eset.com
>>
>>
>>
>>
--
>> 《龍Online》氏族武傳伝 5月24日連斬競技場 公平決戰 開館戰?
>>
http://loong.gameone.com
>> 《勁舞團MOOV》最潮音樂任聽任玩,第二代虛擬社交平台正式推出!
>> http://aum.gameone.com
>
> --
> 《龍Online》氏族武傳伝
5月24日連斬競技場 公平決戰 開館戰? http://loong.gameone.com
>
《勁舞團MOOV》最潮音樂任聽任玩,第二代虛擬社交平台正式推出! http://aum.gameone.com
|
|