下载的工作软件辅助，帮忙看下

显示全部楼层 · 发表于 2014-8-7 10:54:53

本帖最后由 sunnyjianna 于 2014-8-7 12:22 编辑

今天不明原因的mapgis画好的图坏掉了，下载了mapgis伴侣来修复，直接被eset拦截了，关闭后又被金山卫士杀了，请各位看下这个是不是安全的软件

显示全部楼层 · 发表于 2014-8-7 10:57:48

本帖最后由 Dust-;羅錠于 2014-8-7 11:00 编辑

VIPRE

https://www.virustotal.com/zh-cn ... nalysis/1407380373/

显示全部楼层 · 发表于 2014-8-7 11:04:50

bav云杀

显示全部楼层 · 发表于 2014-8-7 11:08:28

Target:

C:\Users\JordanBear\Desktop\Vir

Options:

File types to scan All files
Heuristic analysis Enabled
Sandbox Enabled
Scanning compressed files Enabled
Use excluded extensions Disabled
Excluded extensions Not defined
Use excluded objects Disabled
Excluded objects Not defined

Antivirus version:

TrustPort Antivirus 5.1.0.4225

Results:

Files:
File path Scanning result Virus name Cleaning action
C:\Users\JordanBear\Desktop\Vir\test.exe Infected! Gen:Variant.Strictor.57962 (BitDefender) Quarantined

显示全部楼层 · 发表于 2014-8-7 11:08:55

都报了

显示全部楼层 · 发表于 2014-8-7 11:11:44

显示全部楼层 · 发表于 2014-8-7 11:12:03

Filename: mapgis文件伴侣.exe
Threat name: SONAR.Heuristic.120
Full Path: Not Available
____________________________
____________________________
____________________________
mapgis文件伴侣.exe Threat name: SONAR.Heuristic.120
Locate

Few Users
Hundreds of users in the Norton Community have used this file.

Mature
This file was released 3 months ago.

High
This file risk is high.
____________________________

Source: External Media

Source File:
mapgis文件伴侣.exe
____________________________

File Actions

File: f:\norton样本\ mapgis文件伴侣.exe Threat Removed
File: c:\users\administrator\appdata\locallow\sogoupy\components\ componentconfig.ini Threat Removed
____________________________

Registry Actions

Registry change: HKEY_USERS\S-1-5-21-1071228153-3121885108-811120218-500\Software\ SogouInput.user->SogouComponentFirstLoad:1407381026 Repaired
Registry change: HKEY_USERS\S-1-5-21-1071228153-3121885108-811120218-500\Software\ SogouInput.user->Used:1407381026 Repaired
Registry change: HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32 Threat Removed
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32->EnableFileTracing No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32->EnableConsoleTracing No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32->FileTracingMask No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32->ConsoleTracingMask No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32->MaxFileSize No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASAPI32->FileDirectory No Action Required
Registry change: HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS Threat Removed
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS->EnableFileTracing No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS->EnableConsoleTracing No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS->FileTracingMask No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS->ConsoleTracingMask No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS->MaxFileSize No Action Required
Registry change: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ MapGIS文件伴侣_RASMANCS->FileDirectory No Action Required
Registry change: HKEY_USERS\S-1-5-21-1071228153-3121885108-811120218-500\Software\Microsoft\Windows\CurrentVersion\ Internet Settings->ProxyEnable:0 Repaired
Registry change: HKEY_USERS\S-1-5-21-1071228153-3121885108-811120218-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ Connections->SavedLegacySettings:... Repaired
____________________________

Network Actions

Event: Network activity (Performed by f:\norton样本\mapgis文件伴侣.exe, PID:948) No action taken
____________________________

System Settings Actions

Event: Process start (Performed by f:\norton样本\mapgis文件伴侣.exe, PID:948) No action taken
(Performed by f:\norton样本\mapgis文件伴侣.exe, PID:948) No action taken
Event: Process start: f:\norton样本\ mapgis文件伴侣.exe, PID:948 (Performed by f:\norton样本\mapgis文件伴侣.exe, PID:948) No action taken
____________________________

Suspicious Actions

(Performed by f:\norton样本\mapgis文件伴侣.exe, PID:948) No action taken
____________________________

File Thumbprint - SHA:
Not available
File Thumbprint - MD5:
Not available

显示全部楼层 · 发表于 2014-8-7 11:16:31

看来用不了了。。。。。。。。。。。。。。。。。

显示全部楼层 · 发表于 2014-8-7 11:17:50

G DATA 互联网安全套装已阻止访问此网站。
该站点包含被感染的代码：Gen:Variant.Strictor.57962 (引擎A)。

显示全部楼层 · 发表于 2014-8-7 11:26:07

[可疑文件] 下载的工作软件辅助，帮忙看下

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块