可疑文件

显示全部楼层 · 发表于 2009-5-28 10:21:14

在同学电脑C盘根目录下发现的EXE文件，有点可疑。
在线引擎扫描http://www.virustotal.com/zh-cn/ ... 30e162cb-1243476982

显示全部楼层 · 发表于 2009-5-28 11:58:48

似乎不可执行？
在线沙盘这样提示。

显示全部楼层 · 发表于 2009-5-28 12:04:04

to kl

显示全部楼层 · 发表于 2009-5-28 12:08:19

A2 小a dw arcabit 没有反应

显示全部楼层 · 发表于 2009-5-28 12:10:42

File myntusrs.exe received on 2009.05.28 04:08:24 (UTC)
Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.05.28 -
AhnLab-V3 5.0.0.2 2009.05.28 -
AntiVir 7.9.0.168 2009.05.27 -
Antiy-AVL 2.0.3.1 2009.05.27 -
Authentium 5.1.2.4 2009.05.28 W32/Damaged_File.gen!Eldorado
Avast 4.8.1335.0 2009.05.27 -
AVG 8.5.0.339 2009.05.27 -
BitDefender 7.2 2009.05.28 -
CAT-QuickHeal 10.00 2009.05.27 -
ClamAV 0.94.1 2009.05.28 -
Comodo 1207 2009.05.27 -
DrWeb 5.0.0.12182 2009.05.28 -
eSafe 7.0.17.0 2009.05.27 Suspicious File
eTrust-Vet 31.6.6525 2009.05.28 -
F-Prot 4.4.4.56 2009.05.28 W32/Damaged_File.gen!Eldorado
F-Secure 8.0.14470.0 2009.05.28 -
Fortinet 3.117.0.0 2009.05.28 -
GData 19 2009.05.28 -
Ikarus T3.1.1.57.0 2009.05.28 -
K7AntiVirus 7.10.746 2009.05.27 -
Kaspersky 7.0.0.125 2009.05.28 -
McAfee 5628 2009.05.27 -
McAfee+Artemis 5628 2009.05.27 Artemis!793071F0A8B3
McAfee-GW-Edition 6.7.6 2009.05.28 Win32.Malware.dam (suspicious)
Microsoft 1.4701 2009.05.27 -
NOD32 4110 2009.05.28 -
Norman 6.01.05 2009.05.27 W32/Accoona.R
nProtect 2009.1.8.0 2009.05.27 -
Panda 10.0.0.14 2009.05.28 -
PCTools 4.4.2.0 2009.05.21 -
Prevx 3.0 2009.05.28 -
Rising 21.31.21.00 2009.05.27 -
Sophos 4.42.0 2009.05.28 -
Sunbelt 3.2.1858.2 2009.05.28 VIPRE.Suspicious
Symantec 1.4.4.12 2009.05.28 -
TheHacker 6.3.4.3.333 2009.05.28 -
TrendMicro 8.950.0.1092 2009.05.27 -
VBA32 3.12.10.6 2009.05.27 -
ViRobot 2009.5.27.1757 2009.05.27 -
VirusBuster 4.6.5.0 2009.05.27 -
Additional information
File size: 6303 bytes
MD5...: 793071f0a8b3d3418f1478bf069e219f
SHA1..: 44f806a7c7ccd24de606c449704b21942d9806d0
SHA256: 93eacc70c3f54000abc1c67f8019d53e4496db84a49d13477e98afb3202a9f48
ssdeep: 96:0PztBFCryBmz2nw9Evw5Q0zKtFh/IGx5OGwz4K3AAToPJPSUja1mbQsDl:0hC U60JndIGmyA06Uja1sp 
PEiD..: -
TrID..: File type identification WinRAR Self Extracting archive (99.2%) Generic Win/DOS Executable (0.3%) DOS Executable Generic (0.3%) VXD Driver (0.0%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x20770 timedatestamp.....: 0x3ec35042 (Thu May 15 08:30:58 2003) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0x15000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0x16000 0xb000 0xaa00 7.85 570fe29a9b1a818cc0e832a7983a6ec8 .rsrc 0x21000 0x2000 0x1c00 0.00 d41d8cd98f00b204e9800998ecf8427e ( 0 imports ) ( 0 exports ) 
PDFiD.: -
RDS...: NSRL Reference Data Set -
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=793071f0a8b3d3418f1478bf069e219f' target='_blank'>http://www.threatexpert.com/repo ... 78bf069e219f</a>

Antivirus Version Last Update Result
Authentium 5.1.2.4 2009.05.28 W32/Damaged_File.gen!Eldorado
eSafe 7.0.17.0 2009.05.27 Suspicious File
F-Prot 4.4.4.56 2009.05.28 W32/Damaged_File.gen!Eldorado
McAfee+Artemis 5628 2009.05.27 Artemis!793071F0A8B3
McAfee-GW-Edition 6.7.6 2009.05.28 Win32.Malware.dam (suspicious)
Norman 6.01.05 2009.05.27 W32/Accoona.R
Sunbelt 3.2.1858.2 2009.05.28 VIPRE.Suspicious
可能是个损坏的文件

显示全部楼层 · 发表于 2009-5-28 12:28:20

Hello,

myntusrs.exe_

No malicious code was found in this file.

显示全部楼层 · 发表于 2009-5-28 12:46:55

卡巴没报估计不是病毒

显示全部楼层 · 发表于 2009-5-28 12:47:12

卡巴没报估计不是病毒

显示全部楼层 · 发表于 2009-5-28 16:06:57

卡巴不报

[可疑文件] 可疑文件

本帖子中包含更多资源

浏览过的版块