查看: 7311|回复: 6
收起左侧

[误报文件] 【误报?】QQ空间相册查看器.exe

[复制链接]
真.菲戈
发表于 2008-6-28 19:54:06 | 显示全部楼层 |阅读模式
红伞报了,丢多引擎里一查报的还不少

文件 QQ_____________________.exe 接收于 2008.06.28 13:48:48 (CET)
反病毒引擎版本最后更新扫描结果
AhnLab-V32008.6.27.12008.06.27-
AntiVir7.8.0.592008.06.27TR/Drop.VB.anl
Authentium5.1.0.42008.06.27-
Avast4.8.1195.02008.06.27-
AVG7.5.0.5162008.06.28Dropper.Generic.XTC
BitDefender7.22008.06.28-
CAT-QuickHeal9.502008.06.28TrojanDropper.VB.anl
ClamAV0.93.12008.06.28Trojan.Dropper-4953
DrWeb4.44.0.091702008.06.28-
eSafe7.0.17.02008.06.26-
eTrust-Vet31.6.59112008.06.27-
Ewido4.02008.06.27Dropper.Agent.xk
F-Prot4.4.4.562008.06.27-
F-Secure7.60.13501.02008.06.26Trojan-Dropper.Win32.VB.anl
Fortinet3.14.0.02008.06.28-
GData2.0.7306.10232008.06.28-
IkarusT3.1.1.26.02008.06.28Trojan-Dropper.Win32.VB.anl
Kaspersky7.0.0.1252008.06.28-
McAfee53272008.06.27-
Microsoft1.37042008.06.28-
NOD32v232242008.06.27-
Norman5.80.022008.06.27-
Panda9.0.0.42008.06.28Adware/AccesMembre
Prevx1V22008.06.28-
Rising20.50.52.002008.06.28-
Sophos4.30.02008.06.28Mal/Generic-A
Sunbelt3.0.1176.12008.06.26Trojan-Dropper.Win32.VB.anl
Symantec102008.06.28Trojan Horse
TheHacker6.2.96.3622008.06.27-
TrendMicro8.700.0.10042008.06.27-
VBA323.12.6.82008.06.28Trojan-Dropper.Win32.VB.anl
VirusBuster4.5.11.02008.06.23-
Webwasher-Gateway6.6.22008.06.28Trojan.Drop.VB.anl

附加信息
File size: 229376 bytes
MD5...: 659b73e4b976cfa9152ad620d3be118a
SHA1..: 700c42e2728a538eaf8da57c6e2afd45b12e72a4
SHA256: b264903776e0e8d1278c4a25a0cb47d2306ac940ef4202e2dcfabe962ff1ebd4
SHA512:aa1ffb670093b0e4bb358ccd5f0743f02524e43975f161d99a905525c0e7d5c7<br>a161535203ae9f6bcbda804cfa28f2f84a2190597ef5aecf8310d42986aff5a0
PEiD..: -
PEInfo:PE Structure information<br><br>( base data)<br>entrypointaddress.: 0x4020cc<br>timedatestamp.....:0x472eeb31 (Mon Nov 05 10:06:41 2007)<br>machinetype.......:0x14c (I386)<br><br>( 3 sections )<br>name viraddvirsiz rawdsiz ntrpy md5<br>.text 0x1000 0x34cb4 0x35000 5.923345b6b3286b404469d848c987641dce<br>.data 0x36000 0x1fc8 0x10000.00 620f0b67a91f7f74151bc5be745b7110<br>.rsrc 0x38000 0x8200x1000 2.41 6722014cd80cb699b779667b4a24d798<br><br>( 1imports ) <br>&gt; MSVBVM60.DLL: __vbaVarSub, __vbaVarTstGt,__vbaStrI2, _CIcos, _adj_fptan, __vbaStrI4, __vbaVarMove,__vbaVarVargNofree, __vbaFreeVar, __vbaLateIdCall, __vbaGosubReturn, -,__vbaStrVarMove, __vbaLenBstr, __vbaFreeVarList, __vbaEnd,_adj_fdiv_m64, __vbaRaiseEvent, __vbaFreeObjList, _adj_fprem1,__vbaRecAnsiToUni, __vbaI2Abs, __vbaCopyBytes, __vbaResume,__vbaStrCat, __vbaLsetFixstr, __vbaSetSystemError,__vbaHresultCheckObj, -, __vbaLenVar, _adj_fdiv_m32, __vbaAryDestruct,__vbaLateMemSt, __vbaForEachCollObj, __vbaVarForInit, __vbaExitProc, -,__vbaObjSet, __vbaOnError, _adj_fdiv_m16i, __vbaObjSetAddref,_adj_fdivr_m16i, -, __vbaBoolVar, -, __vbaStrTextCmp, __vbaFpR8,__vbaVargVar, _CIsin, -, -, __vbaErase, __vbaNextEachCollObj,__vbaVarZero, -, __vbaChkstk, __vbaGosubFree, __vbaCyVar,EVENT_SINK_AddRef, __vbaGenerateBoundsError, __vbaStrCmp, -,__vbaAryConstruct2, __vbaVarTstEq, __vbaI2I4, __vbaObjVar,DllFunctionCall, __vbaVarOr, __vbaVarLateMemSt, __vbaCastObjVar,_adj_fpatan, __vbaR4Var, __vbaLateIdCallLd, __vbaStrR8, __vbaRedim,__vbaR8Cy, __vbaRecUniToAnsi, EVENT_SINK_Release, -, __vbaUI1I2,_CIsqrt, __vbaObjIs, EVENT_SINK_QueryInterface, __vbaExceptHandler, -,__vbaStrToUnicode, _adj_fprem, _adj_fdivr_m64, __vbaFailedFriend,__vbaGosub, -, -, -, __vbaFPException, __vbaInStrVar, -, __vbaUbound,__vbaStrVarVal, __vbaVarCat, __vbaCheckType, __vbaI2Var, -, -, -,_CIlog, __vbaErrorOverflow, __vbaR8Str, __vbaInStr, __vbaNew2,__vbaVarLateMemCallLdRf, __vbaCyMulI2, _adj_fdiv_m32i, _adj_fdivr_m32i,__vbaStrCopy, __vbaI4Str, -, __vbaFreeStrList, _adj_fdivr_m32,__vbaPowerR8, _adj_fdiv_r, -, -, __vbaVarTstNe, __vbaVarSetVar,__vbaI4Var, -, __vbaAryLock, __vbaVarAdd, __vbaLateMemCall,__vbaStrToAnsi, __vbaVarDup, __vbaFpI2, __vbaFpI4,__vbaVarLateMemCallLd, __vbaLateMemCallLd, __vbaVarSetObjAddref,_CIatan, __vbaStrMove, __vbaCastObj, -, _allmul, __vbaLateIdSt,__vbaFpCSngR4, _CItan, __vbaAryUnlock, __vbaFPInt, __vbaVarForNext,_CIexp, __vbaFreeObj, __vbaFreeStr, -<br><br>( 0 exports )<br>
反病毒引擎        版本        最后更新        扫描结果AhnLab-V3        2008.6.27.1        2008.06.27        -AntiVir        7.8.0.59        2008.06.27        TR/Drop.VB.anlAuthentium        5.1.0.4        2008.06.27        -Avast        4.8.1195.0        2008.06.27        -AVG        7.5.0.516        2008.06.28        Dropper.Generic.XTCBitDefender        7.2        2008.06.28        -CAT-QuickHeal        9.50        2008.06.28        TrojanDropper.VB.anlClamAV        0.93.1        2008.06.28        Trojan.Dropper-4953DrWeb        4.44.0.09170        2008.06.28        -eSafe        7.0.17.0        2008.06.26        -eTrust-Vet        31.6.5911        2008.06.27        -Ewido        4.0        2008.06.27        Dropper.Agent.xkF-Prot        4.4.4.56        2008.06.27        -F-Secure        7.60.13501.0        2008.06.26        Trojan-Dropper.Win32.VB.anlFortinet        3.14.0.0        2008.06.28        -GData        2.0.7306.1023        2008.06.28        -Ikarus        T3.1.1.26.0        2008.06.28        Trojan-Dropper.Win32.VB.anlKaspersky        7.0.0.125        2008.06.28        -McAfee        5327        2008.06.27        -Microsoft        1.3704        2008.06.28        -NOD32v2        3224        2008.06.27        -Norman        5.80.02        2008.06.27        -Panda        9.0.0.4        2008.06.28        Adware/AccesMembrePrevx1        V2        2008.06.28        -Rising        20.50.52.00        2008.06.28        -Sophos        4.30.0        2008.06.28        Mal/Generic-ASunbelt        3.0.1176.1        2008.06.26        Trojan-Dropper.Win32.VB.anlSymantec        10        2008.06.28        Trojan HorseTheHacker        6.2.96.362        2008.06.27        -TrendMicro        8.700.0.1004        2008.06.27        -VBA32        3.12.6.8        2008.06.28        Trojan-Dropper.Win32.VB.anlVirusBuster        4.5.11.0        2008.06.23        -Webwasher-Gateway        6.6.2        2008.06.28        Trojan.Drop.VB.anl附加信息File size: 229376 bytesMD5...: 659b73e4b976cfa9152ad620d3be118aSHA1..: 700c42e2728a538eaf8da57c6e2afd45b12e72a4SHA256: b264903776e0e8d1278c4a25a0cb47d2306ac940ef4202e2dcfabe962ff1ebd4SHA512: aa1ffb670093b0e4bb358ccd5f0743f02524e43975f161d99a905525c0e7d5c7<br>a161535203ae9f6bcbda804cfa28f2f84a2190597ef5aecf8310d42986aff5a0PEiD..: -PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x4020cc<br>timedatestamp.....: 0x472eeb31 (Mon Nov 05 10:06:41 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name        viradd    virsiz   rawdsiz  ntrpy  md5<br>.text       0x1000   0x34cb4   0x35000   5.92  3345b6b3286b404469d848c987641dce<br>.data      0x36000    0x1fc8    0x1000   0.00  620f0b67a91f7f74151bc5be745b7110<br>.rsrc      0x38000     0x820    0x1000   2.41  6722014cd80cb699b779667b4a24d798<br><br>( 1 imports )  <br>&gt; MSVBVM60.DLL: __vbaVarSub, __vbaVarTstGt, __vbaStrI2, _CIcos, _adj_fptan, __vbaStrI4, __vbaVarMove, __vbaVarVargNofree, __vbaFreeVar, __vbaLateIdCall, __vbaGosubReturn, -, __vbaStrVarMove, __vbaLenBstr, __vbaFreeVarList, __vbaEnd, _adj_fdiv_m64, __vbaRaiseEvent, __vbaFreeObjList, _adj_fprem1, __vbaRecAnsiToUni, __vbaI2Abs, __vbaCopyBytes, __vbaResume, __vbaStrCat, __vbaLsetFixstr, __vbaSetSystemError, __vbaHresultCheckObj, -, __vbaLenVar, _adj_fdiv_m32, __vbaAryDestruct, __vbaLateMemSt, __vbaForEachCollObj, __vbaVarForInit, __vbaExitProc, -, __vbaObjSet, __vbaOnError, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, -, __vbaBoolVar, -, __vbaStrTextCmp, __vbaFpR8, __vbaVargVar, _CIsin, -, -, __vbaErase, __vbaNextEachCollObj, __vbaVarZero, -, __vbaChkstk, __vbaGosubFree, __vbaCyVar, EVENT_SINK_AddRef, __vbaGenerateBoundsError, __vbaStrCmp, -, __vbaAryConstruct2, __vbaVarTstEq, __vbaI2I4, __vbaObjVar, DllFunctionCall, __vbaVarOr, __vbaVarLateMemSt, __vbaCastObjVar, _adj_fpatan, __vbaR4Var, __vbaLateIdCallLd, __vbaStrR8, __vbaRedim, __vbaR8Cy, __vbaRecUniToAnsi, EVENT_SINK_Release, -, __vbaUI1I2, _CIsqrt, __vbaObjIs, EVENT_SINK_QueryInterface, __vbaExceptHandler, -, __vbaStrToUnicode, _adj_fprem, _adj_fdivr_m64, __vbaFailedFriend, __vbaGosub, -, -, -, __vbaFPException, __vbaInStrVar, -, __vbaUbound, __vbaStrVarVal, __vbaVarCat, __vbaCheckType, __vbaI2Var, -, -, -, _CIlog, __vbaErrorOverflow, __vbaR8Str, __vbaInStr, __vbaNew2, __vbaVarLateMemCallLdRf, __vbaCyMulI2, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, __vbaI4Str, -, __vbaFreeStrList, _adj_fdivr_m32, __vbaPowerR8, _adj_fdiv_r, -, -, __vbaVarTstNe, __vbaVarSetVar, __vbaI4Var, -, __vbaAryLock, __vbaVarAdd, __vbaLateMemCall, __vbaStrToAnsi, __vbaVarDup, __vbaFpI2, __vbaFpI4, __vbaVarLateMemCallLd, __vbaLateMemCallLd, __vbaVarSetObjAddref, _CIatan, __vbaStrMove, __vbaCastObj, -, _allmul, __vbaLateIdSt, __vbaFpCSngR4, _CItan, __vbaAryUnlock, __vbaFPInt, __vbaVarForNext, _CIexp, __vbaFreeObj, __vbaFreeStr, -<br><br>( 0 exports ) <br>




本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
qigang
发表于 2008-6-28 19:58:49 | 显示全部楼层
不是病毒。已讨论过。
sam.to
发表于 2008-6-28 20:03:13 | 显示全部楼层
已上报红傘
sam.to
发表于 2008-6-28 20:03:58 | 显示全部楼层
The file 'QQ##############.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Drop.VB.anl. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.24. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: TR/Drop.VB.anl.
wangjay1980
发表于 2008-6-28 20:17:24 | 显示全部楼层
卡巴一想很“注重”维护用户的隐私。故意误报的


LS很黑色幽默
ALEXBLAIR
发表于 2008-6-28 21:05:18 | 显示全部楼层
不是毒
而且~~~也不能看密码的相册
starv6
发表于 2008-7-6 03:16:04 | 显示全部楼层

回复 1楼 真.菲戈 的帖子

不解1楼意思
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2026-2-25 06:51 , Processed in 0.083678 second(s), 3 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表