|
飘泊而立狮
- 帖子:563
- 注册:
2009-05-15
- 来自:
|
发表于:
2009-08-10 12:22
|
短消息
资料
回复: 看看是不是病毒?
原帖由 帝国皇族 于 2009-8-10 11:09:00 发表
希望你们拿到多引擎扫描去看...连卡巴都报病毒
呵呵,两天前的在线扫描结果确实不是,今天就有报毒了 | 反病毒引擎 | 版本 | 最后更新 | 扫描结果 | | a-squared | 4.5.0.24 | 2009.08.09 | Trojan.Win32.DrvFormat!IK | | AhnLab-V3 | 5.0.0.2 | 2009.08.08 | - | | AntiVir | 7.9.0.248 | 2009.08.07 | - | | Antiy-AVL | 2.0.3.7 | 2009.08.07 | - | | Authentium | 5.1.2.4 | 2009.08.09 | - | | Avast | 4.8.1335.0 | 2009.08.08 | - | | AVG | 8.5.0.406 | 2009.08.09 | Generic14.TBD | | BitDefender | 7.2 | 2009.08.09 | - | | CAT-QuickHeal | 10.00 | 2009.08.08 | - | | ClamAV | 0.94.1 | 2009.08.07 | - | | Comodo | 1918 | 2009.08.09 | - | | DrWeb | 5.0.0.12182 | 2009.08.09 | - | | eSafe | 7.0.17.0 | 2009.08.06 | - | | eTrust-Vet | 31.6.6667 | 2009.08.08 | - | | F-Prot | 4.4.4.56 | 2009.08.09 | - | | F-Secure | 8.0.14470.0 | 2009.08.09 | Trojan.Win32.FormatAll.t | | Fortinet | 3.120.0.0 | 2009.08.09 | W32/FormatAll.T!tr | | GData | 19 | 2009.08.09 | - | | Ikarus | T3.1.1.64.0 | 2009.08.09 | Trojan.Win32.DrvFormat | | Jiangmin | 11.0.800 | 2009.08.09 | - | | K7AntiVirus | 7.10.814 | 2009.08.08 | - | | Kaspersky | 7.0.0.125 | 2009.08.09 | Trojan.Win32.FormatAll.t | | McAfee | 5703 | 2009.08.08 | - | | McAfee+Artemis | 5703 | 2009.08.08 | Artemis!7A947821ED51 | | McAfee-GW-Edition | 6.8.5 | 2009.08.09 | - | | Microsoft | 1.4903 | 2009.08.09 | - | | NOD32 | 4318 | 2009.08.08 | Win32/KillDisk.NAK | | Norman | 6.01.09 | 2009.08.07 | - | | nProtect | 2009.1.8.0 | 2009.08.09 | - | | Panda | 10.0.0.14 | 2009.08.08 | Suspicious file | | PCTools | 4.4.2.0 | 2009.08.08 | - | | Prevx | 3.0 | 2009.08.09 | - | | Rising | 21.41.62.00 | 2009.08.09 | - | | Sophos | 4.44.0 | 2009.08.09 | - | | Sunbelt | 3.2.1858.2 | 2009.08.08 | - | | Symantec | 1.4.4.12 | 2009.08.09 | - | | TheHacker | 6.3.4.3.378 | 2009.08.08 | - | | TrendMicro | 8.950.0.1094 | 2009.08.08 | - | | VBA32 | 3.12.10.9 | 2009.08.09 | - | | ViRobot | 2009.8.8.1875 | 2009.08.08 | - | | VirusBuster | 4.6.5.0 | 2009.08.08 | - |
| 附加信息 | | File size: 28672 bytes | | MD5 : 7a947821ed51462b8e59e7cbf04def17 | | SHA1 : 0d7d0becfd0a81e78c6ea826f20d95b9a199f4a0 | | SHA256: 247da800cdf90f02b30b20dcd34b873d1716d3cbe1c06489ad956023a668cafb | PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1248
timedatestamp.....: 0x4A7ADD7D (Thu Aug 6 15:41:17 2009)
machinetype.......: 0x14C (Intel I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3028 0x4000 4.05 fa64925961b3bb39987c8cd4e0e9f0fe
.data 0x5000 0xA04 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x6000 0x6D4 0x1000 1.06 d6ffa1c1b3b54cbd7fb8966f63737f62
( 1 imports )
>msvbvm60.dll: _CIcos, _adj_fptan, __vbaVarMove, __vbaFreeVar,__vbaFreeVarList, __vbaEnd, _adj_fdiv_m64, __vbaFreeObjList,_adj_fprem1, __vbaStrCat, __vbaHresultCheckObj, _adj_fdiv_m32,__vbaObjSet, -, _adj_fdiv_m16i, _adj_fdivr_m16i, _CIsin, __vbaChkstk,__vbaFileClose, EVENT_SINK_AddRef, __vbaStrCmp, _adj_fpatan,EVENT_SINK_Release, -, _CIsqrt, EVENT_SINK_QueryInterface,__vbaExceptHandler, __vbaPrintFile, _adj_fprem, _adj_fdivr_m64,__vbaFPException, __vbaStrVarVal, -, _CIlog, __vbaFileOpen, __vbaNew2,_adj_fdiv_m32i, _adj_fdivr_m32i, __vbaFreeStrList, -, _adj_fdivr_m32,_adj_fdiv_r, -, __vbaVarDup, __vbaVarCopy, _CIatan, __vbaStrMove,_allmul, _CItan, _CIexp, __vbaFreeStr, __vbaFreeObj
( 0 exports )
| TrID : File type identification
Win32 Executable Microsoft Visual Basic 6 (96.9%)
Generic Win/DOS Executable (1.5%)
DOS Executable Generic (1.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) | | ThreatExpert: http://www.threatexpert.com/report.aspx?md5=7a947821ed51462b8e59e7cbf04def17 | | ssdeep: 384:tSD+HSp2fRNajIR+Hs1CrwZQdojZXC2Nl:tg+maZS2v | | PEiD : - | | RDS : NSRL Reference Data Set |
|
