1   1  /  1  页   跳转

[求助] 请有能力的分析一定不是病毒

请有能力的分析一定不是病毒

我做的软件有一个模块需要挂钩怎是病毒哟 在2009版的怎没报告是病毒 我有N个用户
真是病毒他们还不打死我  有能力的下载分析给结果

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 590; TencentTraveler 4.0)

附件附件:

下载次数:131
文件类型:application/octet-stream
文件大小:
上传时间:2009-11-15 9:06:52
描述:rar

爱交朋友
有什么问题我能帮忙的我一定帮你解答,解决
-----------------------------------------------
天生我材必有用,DZ和PHP程序/ASP整站/图像制作/电脑技术与故障解决/专业技术交流/谈天说地
分享到:
gototop
 

回复:请有能力的分析一定不是病毒

建议把样本发给瑞星,按误报提交,地址为:http://mailcenter.rising.com.cn/FileCheck/
提交后,可自行查询处理进度。
一颗红心向党,一片真心为民
gototop
 

回复: 请分析我做的一定没病毒

Scanners
2009-11-14 Found nothing
2009-11-15 Found nothing
2009-11-15 Found nothing
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-15 Found nothing
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-13 TR/Crypt.XPACK.Gen

Operation timed out
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-13 Found nothing
2009-11-15 Found nothing
2009-11-15 Found nothing
2009-11-15 Found nothing
2009-11-13 Found nothing
2009-11-14 Found nothing
2009-11-13 Found nothing
2009-11-14 Found nothing
 
爱交朋友
有什么问题我能帮忙的我一定帮你解答,解决
-----------------------------------------------
天生我材必有用,DZ和PHP程序/ASP整站/图像制作/电脑技术与故障解决/专业技术交流/谈天说地
gototop
 

回复: 请有能力的分析一定不是病毒

Scanners
2009-11-14 Found nothing
2009-11-15 Found nothing
2009-11-15 Found nothing
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-15 Found nothing
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-13 TR/Crypt.XPACK.Gen

Operation timed out
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-14 Found nothing
2009-11-13 Found nothing
2009-11-15 Found nothing
2009-11-15 Found nothing
2009-11-15 Found nothing
2009-11-13 Found nothing
2009-11-14 Found nothing
2009-11-13 Found nothing
2009-11-14 Found nothing
 
爱交朋友
有什么问题我能帮忙的我一定帮你解答,解决
-----------------------------------------------
天生我材必有用,DZ和PHP程序/ASP整站/图像制作/电脑技术与故障解决/专业技术交流/谈天说地
gototop
 

回复:请有能力的分析一定不是病毒

请楼主看2楼
一颗红心向党,一片真心为民
gototop
 

回复: 瑞星2010误报,请分析一定没病毒

反病毒引擎版本最后更新扫描结果
a-squared4.5.0.412009.11.14-
AhnLab-V35.0.0.22009.11.13-
AntiVir7.9.1.652009.11.13TR/Crypt.XPACK.Gen
Antiy-AVL2.0.3.72009.11.13-
Authentium5.2.0.52009.11.14-
Avast4.8.1351.02009.11.14-
AVG8.5.0.4252009.11.14-
BitDefender7.22009.11.15-
CAT-QuickHeal10.002009.11.13-
ClamAV0.94.12009.11.14-
Comodo29572009.11.15-
DrWeb5.0.0.121822009.11.15-
eSafe7.0.17.02009.11.12-
eTrust-Vet35.1.71212009.11.14-
F-Prot4.5.1.852009.11.14-
F-Secure9.0.15370.02009.11.11-
Fortinet3.120.0.02009.11.15-
GData192009.11.15-
IkarusT3.1.1.74.02009.11.14-
Jiangmin11.0.8002009.11.12-
K7AntiVirus7.10.8962009.11.13-
Kaspersky7.0.0.1252009.11.15-
McAfee58022009.11.14-
McAfee+Artemis58022009.11.14-
McAfee-GW-Edition6.8.52009.11.14Trojan.Crypt.XPACK.Gen
Microsoft1.52022009.11.14-
NOD3246082009.11.14-
Norman6.03.022009.11.14-
nProtect2009.1.8.02009.11.14-
Panda10.0.2.22009.11.14-
PCTools7.0.3.52009.11.13-
Prevx3.02009.11.15-
Rising22.21.05.042009.11.14Trojan.Win32.Generic.51EEE221
Sophos4.47.02009.11.15-
Sunbelt3.2.1858.22009.11.12VirTool.Win32.Obfuscator.XZ (v)
Symantec1.4.4.122009.11.15-
TheHacker6.5.0.2.0702009.11.14-
TrendMicro9.0.0.10032009.11.14Cryp_Opet-3
VBA323.12.10.112009.11.13-
ViRobot2009.11.14.20372009.11.14-
VirusBuster4.6.5.02009.11.14-
附加信息
File size: 800256 bytes
MD5...: 3fe6bbbdd0ca979209d1cd505ad7642e
SHA1..: fde12263f71ef7fa59fa6571b7c1664b41abdc53
SHA256: 8c9dbfd7f6388236809fe7f2bf588ed96b1e71ad47a6b5a1f1896dd999f25426
ssdeep: 12288:566oH7s+IMHt2P4WxUMdjuc5Q4VYN72z3JKd8sJYnlPw3nzAVtwuDa4nIa
rqXPn1:3obs7M7WxUAj/vJvplmzAUuDa9dPn1
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1f4d8f
timedatestamp.....: 0x4a478717 (Sun Jun 28 15:07:03 2009)
machinetype.......: 0x14c (I386)

( 11 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x85644 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.itext 0x87000 0xbcc 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x88000 0x517c 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.bss 0x8e000 0x7240 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x96000 0x2e64 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.0 0x99000 0x984c 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0xa3000 0x50c00 0x2400 3.65 6628ba46159fc33fec39a0333d7ef426
.1 0xf4000 0x4814c 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.tls 0x13d000 0x18 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b
.2 0x13e000 0xc0942 0xc0a00 7.95 8a60ac5da32994aaaac26ded300ea3e5
.reloc 0x1ff000 0xbc 0x200 2.22 29c1098c204876e13901d145a6e6437d

( 14 imports )
> oleaut32.dll: SysFreeString
> advapi32.dll: RegQueryValueExW
> user32.dll: GetKeyboardType
> kernel32.dll: GetACP
> msimg32.dll: AlphaBlend
> gdi32.dll: UnrealizeObject
> version.dll: VerQueryValueW
> ole32.dll: OleUninitialize
> comctl32.dll: InitializeFlatSB
> imm32.dll: ImmGetCompositionStringA
> shell32.dll: ShellExecuteW
> wsock32.dll: ntohs
> kernel32.dll: LoadLibraryA, VirtualProtect, GetModuleFileNameA, ExitProcess
> user32.dll: MessageBoxA

( 1 exports )
._@vvt__.__f__z_o2RajKJ__J_E__uB_m_t_____$_c__C0bbN3Va2bPP______r_5_AvZz_os__TS_5_w6n_@091____J_q_9O_2___COcq_B_kW__D_.n_PC___A_rS__cQ0H_c7_xgKSCt_fPlbk1_9ZA7ui9_oDcyf___P_4Y_sx__wxI7XxR_IS_I___.___l____vJ_ viG_I$$_4mJh__89__lbzs__Ho__f0Our3VIBhp_sg__.XPYyWTiB__Z_G_nQBUBk__55ZbD_T3__O_3___M_N@so9_QrrytDKi_o___p_5pQW3__fSH_j_L_n_Gy__W_a_NB__m__m7_SR65u_3@8_KVW_Yh_ex_5L_j$_K0r__Q__ami_L_QkW_xF@__d_3i_a_R9GLFDU_L4__l_thJ__QgP_p__o_GuQin__b__3__ F1yh_NueIs9Y6u6_n.7_R9WLp_UQR9Ltwxov__o__XTD_z____06___c____HBtrEzbE8mqkY_I__0i__dodl_8___v_GM_QZBHr_9__hrb_ _6TuzOaO___N_6_2x__Qf_QpC_Z510___M_GgL4_@n__e__m_6__m$E_suq__B_K___w_jd____jQ___C5V67fp_taivwOm._$s_Y_Z_ldP_G5uOZwv___Jg__kgOwXxW_E_09@__FX1x_2_8G33_tzeH_ PQ_Uzwx4k_o_mY_I__j4@G___Eo3_ai__BcS$o___DKx_Os@D_XNDa__$yzRwKj3yoNtshYGt3_xzk_$u_Y_jy_7__ 5NW_pUIVLtd$4i_uNk__z0__DkyI_oCg_G_s1Fq_yx_y__9ZKU_42J_t8__a__XSE__.b_l__h_@___o_$_vA2_y fJOr_U_$6RM_xc$.xjB_i_pctNL__SsIfm5_7__8E____r__t_v__12C___9l6_8Qj.A__xFuS_l @9_V_e__ob_X_9_xye_qoga09Ti___.___a2E____$f_CS5g__5uz$i2$5rH_7L_dg__h1tjkgZ_5_j46__wA_F___XzNfbb e1A_27HxS7.Z__j___0sr6FuCPkY6pe Fg$LC_4f9Eu$__k__Z__tn_1S_Q_z___.84DZ____Tdb@_W@4G_ _dR_qo38D_d __A_RNx_n__r3hw_D_1___p_F__ibm_ __r_p4Hc_dn@_y1k_Z@j__o_IPtGw_prd
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: UcHelper GmbH
copyright....:
product......: UcHelper
description..: UcHelper Dynamic Link Library (DLL)
original name: uc2005pakdll.dll
internal name: UcHook.dll
file version.: 1.7.0.1
comments.....: Legend Of Uc By __
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
爱交朋友
有什么问题我能帮忙的我一定帮你解答,解决
-----------------------------------------------
天生我材必有用,DZ和PHP程序/ASP整站/图像制作/电脑技术与故障解决/专业技术交流/谈天说地
gototop
 

回复:请有能力的分析一定不是病毒

已联系工程师

看是否能取消那误报
百年以后,你的墓碑旁 刻着的名字不是我
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT