查看: 5580|回复: 10
收起左侧

DR.WEB报毒C:\WINDOWS\system32\msyutbh.dll

[复制链接]
pietrojiang
发表于 2006-11-29 07:14:53 | 显示全部楼层 |阅读模式
DR.WEB报毒C:\WINDOWS\system32\msyutbh.dll
应该是误报吧
请各位大侠多多指教
mofunzone
发表于 2006-11-29 07:22:01 | 显示全部楼层
google不到的进程,8成是病毒。。
看dr.web报的是probably infected 还是infected,如果是probably还有可能,直接infected就不可能了。。
pietrojiang
 楼主| 发表于 2006-11-29 08:24:29 | 显示全部楼层
dr.web报的是probably STPAGE.Trojan

[ 本帖最后由 pietrojiang 于 2006-11-29 08:27 编辑 ]
mofunzone
发表于 2006-11-29 13:51:40 | 显示全部楼层
就因为这个进程google不到,我认为是病毒的可能性很高,你可以把你这个dll发到www.virustotal.com做一下扫描,看如果只有dw一个报那就是误报了
pietrojiang
 楼主| 发表于 2006-11-29 19:55:10 | 显示全部楼层
扫描结果
AntiVir7.2.0.4611.29.2006HEUR/Crypted
Authentium4.93.811.29.2006Possibly a new variant of W32/Threat-SysVenFak-based!Maximus
Avast4.7.892.011.28.2006Win32:Delf-BOM
AVG38611.28.2006 [td]no virus found
BitDefender7.211.29.2006 [td]no virus found
CAT-QuickHeal8.0011.28.2006 [td]no virus found
ClamAVdevel-2006042611.29.2006 [td]no virus found
DrWeb4.3311.29.2006STPAGE.Trojan
eSafe7.0.14.011.28.2006 [td]no virus found
eTrust-InoculateIT23.73.7111.29.2006 [td]no virus found
eTrust-Vet30.3.322111.29.2006 [td]no virus found
Ewido4.011.29.2006 [td]no virus found
Fortinet2.82.0.011.29.2006 [td]no virus found
F-Prot3.16f11.28.2006Possibly a new variant of W32/Threat-SysVenFak-based!Maximus
F-Prot44.2.1.2911.28.2006W32/Threat-SysVenFak-based!Maximus
Ikarus0.2.65.011.29.2006 [td]no virus found
Kaspersky4.0.2.2411.29.2006 [td]no virus found
McAfee490611.28.2006 [td]no virus found
Microsoft1.180411.28.2006 [td]no virus found
NOD32v2188811.28.2006 [td]no virus found
Norman5.80.0211.29.2006 [td]no virus found
Panda9.0.0.411.28.2006Suspicious file
Prevx1V211.29.2006 [td]no virus found
Sophos4.11.011.16.2006 [td]no virus found
TheHacker6.0.3.12611.29.2006 [td]no virus found
UNA1.8311.28.2006 [td]no virus found
VBA323.11.111.28.2006 [td]no virus found
VirusBuster4.3.15:911.28.2006 [td]no virus found


[ 本帖最后由 pietrojiang 于 2006-11-29 20:07 编辑 ]
mofunzone
发表于 2006-11-30 11:02:15 | 显示全部楼层
这个dll八成有问题了看来,几个启发好的都报了,上报dw吧,我有80%可以肯定这个是病毒。。
pietrojiang
 楼主| 发表于 2006-12-1 02:27:10 | 显示全部楼层
已经上报
谢谢你的建议
pietrojiang
 楼主| 发表于 2006-12-1 03:05:16 | 显示全部楼层
上报给dr.web后的回复,看不懂

Dear pietrojiang@XXXXXXX
This message has been automatically generated in response to
the creation of your request regarding:
        "New suspicious file submitted",
a summary of which appears below.

There is no need to reply to this message right now.
Your request has been assigned an ID of [drweb.com #214017].

Please include the string:

        [drweb.com #214017].

in the subject line of all future correspondence about this issue.
To do so, you may reply to this message.

Thank you for the cooperation


-------------------Request-----------------------------------------------
Hello,

User sent us a suspicious file.
User ip: 83.103.90.59
User agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
2.0.50727)
User comment:
User language: en
User email: pietrojiang@msn.com
Original file name: C:\WINDOWS\system32\msyutbh.dll
File size: 547840
MD5: 5d22fbdc546cb642998c90ee747cd65c

--
WBR, send-suspic-file.pl

-------------------------------------------------------------------------


--
Yours sincerely,
Virus Monitoring Service Doctor Web Ltd.





|  |
mofunzone
发表于 2006-12-1 07:14:39 | 显示全部楼层
你这个只是一个自动回复而已,应该还会有一个回复的,是说你这个文件是不是病毒之类的。。
pietrojiang
 楼主| 发表于 2006-12-1 21:23:51 | 显示全部楼层
今天再发到www.virustotal.com做了一下扫描,DrWeb不报毒了,可我的电脑里的DrWeb还是报毒Adware.Faex                                               郁闷
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-22 18:25 , Processed in 0.128923 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表