A0000721.EXE是否误报？

显示全部楼层 · 发表于 2008-11-2 12:51:29

小红伞扫描C:\System Volume Information\_restore{A1E3217D-1706-483D-8EA5-8FAD68B8E7D1}\RP1扫出来的文件A0000721.exe说有毒，病毒删除后，再次扫描还是有刚才的文件的，杀不死..........，请问是不是误报呢？

VirSCAN.org Scanned Report :
Scanned time : 2008/11/02 12:45:11 (CST)
Scanner results: 54%的杀软(21/39)报告发现病毒
File Name    : A0000721.EXE
File Size    : 91136 byte
File Type    : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5          : 2b122feab2f903921d0108e9dd8eeba1
SHA1          : 4a98d8e92b9da1b3c7576ca27dd47bd743925790
Online report  : http://virscan.org/report/5d04d94ee9156f233e91c6544b8fddbc.html
Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    4.0.0.23       2008.11.01       2008-11-01  1.47 -
安博士V3    2008.11.01.00 2008.11.01       2008-11-01  0.94 Win-Trojan/Xema.variant
AntiVir       7.9.0.10       7.1.0.26       2008-10-31  1.45 BDS/Gendal.91136
安天          2.0.18       20081031.1531246  2008-10-31  0.12 Backdoor/Win32.Hupigon.eg
Arcavir       1.0.5          200811010721    2008-11-01  1.22 -
Authentium    5.1.1          200810270445    2008-10-27  1.07 -
AVAST!       3.0.1          081101-0       2008-11-01  0.02 Win32:Trojan-gen {Other}
AVG          7.5.52.442    270.8.5/1761    2008-11-01  1.75 Agent.AFPJ
BitDefender 7.60825.2039083 7.21619          2008-11-02  3.34 Backdoor.Generic.46578
CA (VET)    9.0.0.143    31.6.6185       2008-10-31  3.75 -
ClamAV       0.94          8553             2008-11-02  0.03 -
Comodo       2.11          2.0.0.694       2008-11-01  0.72 -
CP Secure    1.1.0.715    2008.11.02       2008-11-02  6.41 Troj.W32.Delf.cpe
Dr.Web       4.44.0.9170    2008.11.01       2008-11-01  3.40 BackDoor.Pigeon.9079
ewido       4.0.0.2       2008.11.01       2008-11-01  2.94 -
F-Prot       4.4.4.56       20081101       2008-11-01  1.06 -
F-Secure    5.51.6100    2008.11.02.01    2008-11-02  0.05 -
飞塔          2.81-3.117    9.682          2008-10-31  0.24 -
GData       19.1256/19.84 20081029       2008-10-29  2.73 Win32:Trojan-gen {Other} [Engine:B]
ViRobot       20081030       2008.10.30       2008-10-30  0.40 -
Ikarus       T3.1.01.44    2008.11.02.71776  2008-11-02  3.07 Virus.Win32.Trojan
江民杀毒    11.0.706       2008.11.01       2008-11-01  1.29 Backdoor/Agent.bpee
卡巴斯基    5.5.10       2008.11.01       2008-11-01  0.04 -
金山毒霸    2008.9.8.18    2008.11.1.15    2008-11-01  0.71 Win32.Troj.Agent.ea.91136
迈克菲       5.3.00       5421             2008-11-01  2.27 BackDoor-AWQ.b
Microsoft    1.4005       2008.11.02       2008-11-02  4.04 -
mks_vir       2.01          2008.11.02       2008-11-02  2.69 -
Norman       5.93.01       5.93.00          2008-10-31  5.46 W32/GrayBird.PXF
熊猫卫士    9.05.01       2008.11.01       2008-11-01  2.86 Generic Backdoor
趋势科技    8.700-1004    5.632.40       2008-11-01  0.02 BKDR_GRAYBIRD.LE
Quick Heal    9.50          2008.11.01       2008-11-01  1.88 Win32.TrojanDownloader.Small.gen!AO.8
瑞星          20.0          21.01.60.00    2008-11-02  0.88 Trojan.Win32.Delf.fba
Sophos       2.80.0       4.35             2008-11-02  1.83 -
Sunbelt       3.1.1767.2    2360             2008-10-30  0.54 -
赛门铁克    1.3.0.24       20081101.003    2008-11-01  0.05 Backdoor.Graybird!Gen
nProtect    2008-10-31.01 2381400          2008-10-31  5.14 Trojan/W32.Agent.91136.P
The Hacker    6.3.1.1       v00135          2008-10-30  0.89 -
VBA32       3.12.8.9       20081101.1424    2008-11-01  1.25 BackDoor.Pigeon
VirusBuster 4.5.11.10    10.90.21/671032 2008-11-02  0.94 -

显示全部楼层 · 发表于 2008-11-2 12:59:14

实机稍微做了下分析
都是些危险行为

应该是毒 TO KL

显示全部楼层 · 发表于 2008-11-2 13:27:08

C:\Documents and Settings\GUNDAM\桌面\A0000721.rar » RAR » A0000721.EXE - probably a variant of Win32/Delf trojan

显示全部楼层 · 发表于 2008-11-2 15:17:22

Hello,

A0000721.exe_

No malicious code was found in this file.

Please quote all when answering.

--

天啊我以后不分析了....直接交给卡巴得了... 是误报

显示全部楼层 · 发表于 2008-11-2 15:48:59

呵呵

[误报文件] A0000721.EXE是否误报？

本帖子中包含更多资源

回复 4楼 lingbo110120 的帖子