1   1  /  1  页   跳转

到底有毒没毒???

到底有毒没毒???

大家自己看看,到底是不是病毒文件?

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )
分享到:
gototop
 

回复:到底有毒没毒???

附件太大,没发上来。怎么办?
gototop
 

回复: 到底有毒没毒???

我把下载地址引用了,大家看看 http://down.waiguaz.com/Game/rxcq.exe
gototop
 

回复: 到底有毒没毒???

这个是用压缩软件弄成的自解压格式,楼主右键用WINRAR解压出来就明白了,带毒的
gototop
 

回复: 到底有毒没毒???

我帮你上传文件,稍后是查毒情况

附件附件:

下载次数:229
文件类型:application/octet-stream
文件大小:
上传时间:2010-1-26 22:56:34
描述:rar

gototop
 

回复: 到底有毒没毒???

反病毒引擎版本最后更新扫描结果
a-squared4.5.0.502010.01.26Trojan-Downloader.Win32.FlyStudio!IK
AhnLab-V35.0.0.22010.01.26-
AntiVir7.9.1.1502010.01.26-
Antiy-AVL2.0.3.72010.01.26-
Authentium5.2.0.52010.01.26-
Avast4.8.1351.02010.01.26-
AVG9.0.0.7302010.01.26-
BitDefender7.22010.01.26-
CAT-QuickHeal10.002010.01.25-
ClamAV0.94.12010.01.26Trojan.Downloader-72711
Comodo37152010.01.26-
DrWeb5.0.1.122222010.01.26-
eSafe7.0.17.02010.01.25-
eTrust-Vet35.2.72602010.01.26-
F-Prot4.5.1.852010.01.25-
F-Secure9.0.15370.02010.01.26-
Fortinet4.0.14.02010.01.26-
GData192010.01.26-
IkarusT3.1.1.80.02010.01.26Trojan-Downloader.Win32.FlyStudio
Jiangmin13.0.9002010.01.26-
K7AntiVirus7.10.9522010.01.22Generic.Malware.4
Kaspersky7.0.0.1252010.01.26-
McAfee58722010.01.25-
McAfee+Artemis58722010.01.25Artemis!B6B68AAB45FF
McAfee-GW-Edition6.8.52010.01.26Heuristic.BehavesLike.Win32.Spyware.N
Microsoft1.54052010.01.26-
NOD3248062010.01.26a variant of Win32/Packed.FlyStudio
Norman6.04.032010.01.26-
nProtect2009.1.8.02010.01.26-
Panda10.0.2.22010.01.25-
PCTools7.0.3.52010.01.26-
Prevx3.02010.01.26Medium Risk Malware
Rising22.32.01.042010.01.26Trojan.Win32.Generic.51F6F7A0
Sophos4.50.02010.01.26-
Sunbelt3.2.1858.22010.01.26Trojan.Dropper (fs)
Symantec20091.2.0.412010.01.26-
TheHacker6.5.0.9.1632010.01.26-
TrendMicro9.120.0.10042010.01.26-
VBA323.12.12.12010.01.26Win32.FlyStudio.NKP
ViRobot2010.1.26.21562010.01.26-
VirusBuster5.0.21.02010.01.26Trojan.DL.Agent.LYIS
附加信息
File size: 666624 bytes
MD5...: b6b68aab45ffbfe22f37e1f284d3c273
SHA1..: 332359597d642c9079be3baea5a63ff9de504cbe
SHA256: a186c038f21e7af4d74bb5f1695c0838242ce3a1c9cd94bd7f52779bf9eec9f0
ssdeep: 12288:Vk3PtlO5ThaYMvce8mrWETgQNKhnDOd7CiLaL:VYO5XMEMNghCvLaL
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x3925136b (Fri May 19 10:11:55 2000)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x22c 0x400 3.56 0ebb8343585a72ffe6649584e8373340
.rdata 0x2000 0x194 0x200 3.64 684bd04c4e90ebb1ac24b9d56ab5240e
.ecode 0x3000 0xa1200 0xa1200 5.92 c34b8c5256caee5045515c8403ef9878
.rsrc 0xa5000 0xf60 0x1000 3.09 54da6e0fd183262aba7468c197c9633b

( 3 imports )
> USER32.dll: MessageBoxA
> KERNEL32.dll: FreeLibrary, lstrcatA, GetModuleFileNameA, ExitProcess, LoadLibraryA, GetProcAddress, lstrlenA
> ADVAPI32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA

( 0 exports )
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): FlySFX
pdfid.: -
trid..: Win32 Executable Generic (38.5%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=47EF7597004464062CAC0AFC40009C000305722F' target='_blank'>http://info.prevx.com/aboutprogr ... 40009C000305722F<;/a>
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT