Processo ophii.exe

**Dj Nico** · 10-12-2009, 19:57

Antivirus Versione Ultimo aggiornamento Risultato
a-squared 4.5.0.43 2009.12.10 Trojan-Downloader.Swizzor!IK
AhnLab-V3 5.0.0.2 2009.12.10 -
AntiVir 7.9.1.108 2009.12.10 -
Antiy-AVL 2.0.3.7 2009.12.10 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.10 -
AVG 8.5.0.426 2009.12.10 -
BitDefender 7.2 2009.12.10 Gen:Adware.Heur.smW@FgqSnxiid
CAT-QuickHeal 10.00 2009.12.10 -
ClamAV 0.94.1 2009.12.10 -
Comodo 3103 2009.12.01 -
DrWeb 5.0.0.12182 2009.12.10 -
eSafe 7.0.17.0 2009.12.10 -
eTrust-Vet 35.1.7168 2009.12.10 -
F-Prot 4.5.1.85 2009.12.10 -
F-Secure 9.0.15370.0 2009.12.10 -
Fortinet 4.0.14.0 2009.12.10 -
GData 19 2009.12.10 Gen:Adware.Heur.smW@FgqSnxiid
Ikarus T3.1.1.74.0 2009.12.10 Trojan-Downloader.Swizzor
Jiangmin 13.0.900 2009.12.10 -
K7AntiVirus 7.10.917 2009.12.10 -
Kaspersky 7.0.0.125 2009.12.10 -
McAfee 5828 2009.12.10 -
McAfee+Artemis 5828 2009.12.10 -
McAfee-GW-Edition 6.8.5 2009.12.10 -
Microsoft 1.5302 2009.12.10 -
NOD32 4676 2009.12.10 -
Norman 6.04.03 2009.12.10 -
nProtect 2009.1.8.0 2009.12.10 -
Panda 10.0.2.2 2009.12.10 -
PCTools 7.0.3.5 2009.12.10 -
Prevx 3.0 2009.12.10 -
Rising 22.25.03.09 2009.12.10 -
Sophos 4.48.0 2009.12.10 -
Sunbelt 3.2.1858.2 2009.12.10 -
Symantec 1.4.4.12 2009.12.10 -
TheHacker 6.5.0.2.089 2009.12.10 -
TrendMicro 9.100.0.1001 2009.12.10 -
VBA32 3.12.12.0 2009.12.10 -
ViRobot 2009.12.10.2081 2009.12.10 -
VirusBuster 5.0.21.0 2009.12.09 -
Informazioni addizionali
File size: 307200 bytes
MD5...: bcf60997188637b3a809473a0999eada
SHA1..: 6afc2a145454a94f20de5a876a14eb0a46c65f9e
SHA256: 6e11933d516b84a62e811fbaa2f84dbc71c8629201d3f3a2b1 9850507a176d10
ssdeep: 6144:7r4eXvCBwnQOOtxylFfxF+KyGHFX7iw93FX2SrXIpV8lV NUSZygGaS:/4Ym
wnLgyHpgGh7J3X2STIpVuvya
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x3320
timedatestamp.....: 0x424f72bf (Sun Apr 03 04:36:15 2005)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x252c 0x3000 5.27 e731313734a8042ad66770554e2b92b5
.data 0x4000 0x4527e 0x46000 7.02 df85b7f60aa0f3f6e78cff2d808e23db
.rsrc 0x4a000 0xa08 0x1000 2.34 8f330b99e379be8ccc1efee258d449d3

( 2 imports )
> KERNEL32.dll: LoadLibraryExA, WriteConsoleW, GetACP, VirtualAlloc, LeaveCriticalSection, GetModuleFileNameA, GetVersionExA, GetFileType, HeapDestroy, GetCurrentProcess, DeleteFileA, GetConsoleMode, GetModuleHandleA, GetCurrentProcessId, GetLocaleInfoA, InterlockedDecrement, GetConsoleOutputCP, GetStdHandle, HeapFree, lstrlenA, GetLastError, GetVersion, GetTickCount, GetCurrentThread, GetCurrentThreadId, GetCommandLineA, HeapAlloc, GetProcessHeap, GetStartupInfoA
> MSVCRT.dll: _XcptFilter, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, __dllonexit, _onexit, _exit, _strcmpi

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Eccolo qua...

Ho visto di quel file, il sito di hijackthis mi dava file sospetto

Discussione: Processo ophii.exe

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio