纯真ip 是病毒？

显示全部楼层 · 发表于 2008-10-25 09:13:45

File ShowIP.rar received on 10.25.2008 03:05:28 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 10/34 (29.42%)

Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___
.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.

Compact
Print results

Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position:
) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.

Email:

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.10.24.3	2008.10.24	-
AntiVir	7.9.0.9	2008.10.24	-
Authentium	5.1.0.4	2008.10.24	-
Avast	4.8.1248.0	2008.10.24	Win32:Hupigon-MJG
AVG	8.0.0.161	2008.10.25	BackDoor.Hupigon4.AJFF
BitDefender	7.2	2008.10.25	-
CAT-QuickHeal	9.50	2008.10.24	-
ClamAV	0.93.1	2008.10.25	-
DrWeb	4.44.0.09170	2008.10.24	-
eSafe	7.0.17.0	2008.10.23	Suspicious File
eTrust-Vet	31.6.6168	2008.10.25	-
Ewido	4.0	2008.10.24	-
F-Prot	4.4.4.56	2008.10.24	-
Fortinet	3.113.0.0	2008.10.25	-
GData	19	2008.10.25	Win32:Hupigon-MJG
Ikarus	T3.1.1.44.0	2008.10.25	-
K7AntiVirus	7.10.506	2008.10.24	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2008.10.25	-
McAfee	5415	2008.10.25	BackDoor-AWQ.b
Microsoft	1.4005	2008.10.25	-
NOD32	3553	2008.10.24	-
Norman	5.80.02	2008.10.24	W32/Hupigon.ECHS
Panda	9.0.0.4	2008.10.25	Suspicious file
Prevx1	V2	2008.10.25	System Back Door
Rising	21.00.42.00	2008.10.24	-
SecureWeb-Gateway	6.7.6	2008.10.24	-
Sophos	4.35.0	2008.10.25	-
Sunbelt	3.1.1752.1	2008.10.24	-
Symantec	10	2008.10.25	-
TheHacker	6.3.1.0.126	2008.10.25	-
TrendMicro	8.700.0.1004	2008.10.24	BKDR_AJFF.A
VBA32	3.12.8.8	2008.10.25	-
ViRobot	2008.10.24.1436	2008.10.24	-
VirusBuster	4.5.11.0	2008.10.24	-

Additional information

File size: 341581 bytes

MD5...: d6c61fe8ada6509d20810bf952bf4bdd

SHA1..: 1289e482ef120cee3978735aec5e220c16536d79

SHA256: 6e2868688f0da804cf6624a57cc613d12747552df8388364af3ffeaa7f5895ad

SHA512: 3333ce935b394c926233eda78387575b18779d9914ccb58895fe05ba8b24a7ff
8eaece4140c32b763c7c5af414d22f0c293419d59f664222e98f959df099b7fe

PEiD..: -

TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)

PEInfo: -

Prevx info: http://info.prevx.com/aboutprogr ... 57CCB12B300B6E37C20

packers (Kaspersky): UPX

packers (F-Prot): UPX

显示全部楼层 · 发表于 2008-10-25 09:28:53

不测试了相信是误报~~

显示全部楼层 · 发表于 2008-10-25 09:36:25

咖啡报特洛伊

显示全部楼层 · 发表于 2008-10-25 09:49:08

2008/10/25 09:46:29 c:\windows\explorer.exe 创建文件 C:\Users\Administrator\Desktop\ShowIP.exe 允许
2008/10/25 09:46:36 c:\windows\explorer.exe 创建新进程 c:\users\administrator\desktop\showip.exe 允许

正常...没有其他动作...误报...

显示全部楼层 · 发表于 2008-10-25 09:50:07

不是吧

显示全部楼层 · 发表于 2008-10-25 14:41:59

伞过上报

显示全部楼层 · 发表于 2008-10-25 14:46:00

都说是误报了上报什么...

显示全部楼层 · 发表于 2008-10-25 15:02:08

管你是什么

管你说什么

先上报是样本区很多人的通性

显示全部楼层 · 发表于 2008-10-25 15:04:04

我只是想说多此一举...
毕竟红伞没有误报...

显示全部楼层 · 发表于 2008-10-25 15:14:38

我也同意误报

[病毒样本] 纯真ip 是病毒？

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

回复 6楼 08红伞威点的帖子

回复 8楼没注册的帖子

[病毒样本] 纯真ip 是病毒？

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

回复 6楼 08红伞威点 的帖子

回复 8楼 没注册 的帖子

回复 6楼 08红伞威点的帖子

回复 8楼没注册的帖子