ESET 带毒？

显示全部楼层 · 发表于 2009-11-16 00:09:56

装了微点＋ESET（麦田汉化，升级至最新版），提示C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\EGUILANG.DLL为病毒文件。高人分析下，误报还是真毒？

vt的报告：
eguiLang.dll 接收于 2009.11.15 15:58:44 (UTC)

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.41	2009.11.15	Trojan-Dropper!IK
AhnLab-V3	5.0.0.2	2009.11.13	-
AntiVir	7.9.1.65	2009.11.13	-
Antiy-AVL	2.0.3.7	2009.11.13	-
Authentium	5.2.0.5	2009.11.15	-
Avast	4.8.1351.0	2009.11.15	-
AVG	8.5.0.425	2009.11.15	-
BitDefender	7.2	2009.11.15	-
CAT-QuickHeal	10.00	2009.11.13	Trojan.Agent.ATV
ClamAV	0.94.1	2009.11.15	-
Comodo	2957	2009.11.15	-
DrWeb	5.0.0.12182	2009.11.15	-
eSafe	7.0.17.0	2009.11.15	-
eTrust-Vet	35.1.7121	2009.11.14	-
F-Prot	4.5.1.85	2009.11.15	-
F-Secure	9.0.15370.0	2009.11.11	-
Fortinet	3.120.0.0	2009.11.15	-
GData	19	2009.11.15	-
Ikarus	T3.1.1.74.0	2009.11.15	Trojan-Dropper
Jiangmin	11.0.800	2009.11.12	-
K7AntiVirus	7.10.896	2009.11.13	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2009.11.15	-
McAfee	5803	2009.11.15	-
McAfee+Artemis	5803	2009.11.15	Artemis!B55B4AD3741E
McAfee-GW-Edition	6.8.5	2009.11.15	-
Microsoft	1.5202	2009.11.15	-
NOD32	4609	2009.11.15	-
Norman	6.03.02	2009.11.15	-
nProtect	2009.1.8.0	2009.11.15	-
Panda	10.0.2.2	2009.11.15	-
PCTools	7.0.3.5	2009.11.13	-
Prevx	3.0	2009.11.15	Medium Risk Malware
Rising	22.21.06.05	2009.11.15	-
Sophos	4.47.0	2009.11.15	Mal/Generic-A
Sunbelt	3.2.1858.2	2009.11.12	-
Symantec	1.4.4.12	2009.11.15	-
TheHacker	6.5.0.2.070	2009.11.14	-
TrendMicro	9.0.0.1003	2009.11.15	-
VBA32	3.12.10.11	2009.11.15	-
ViRobot	2009.11.14.2037	2009.11.14	-
VirusBuster	4.6.5.0	2009.11.15	-

附加信息
File size: 167936 bytes
MD5...: b55b4ad3741ea884270ee52247f12590
SHA1..: de06048508d1c4d2143ee66693c0364f15205eca
SHA256: b2bbf0480a20f3f4717a73bd6087021bce3cdf3192039561ccb220162ac4bd29
ssdeep: 768:7qP0d4zxAXKctFAOP87XVNnJZWEUiaY6dRiSRiFOR6+Z04ODgOEu24H:7qm4<BR>iXKc2fOEtFOR6+Z0jMOEuh<BR>
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1000<BR>timedatestamp.....: 0x4a1e5316 (Thu May 28 09:02:14 2009)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x8 0x1000 0.01 1b3c7decbe1f7e1d4c392b45012b0f5d<BR>.rdata 0x2000 0x84 0x1000 0.32 2808cf82282fd29cae1343f9db27672e<BR>.rsrc 0x3000 0x23d6c 0x24378 3.60 de447735f7d7778de8e77a932a79afcd<BR>.reloc 0x27000 0x8 0x1000 0.00 3808644f11ba1ee3cb2b6326fcd2e01a<BR><BR>( 0 imports ) <BR><BR>( 0 exports ) <BR>
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=B92A42AF0083E52B9089022DDDE82A004D4236D4' target='_blank'>http://info.prevx.com/aboutprogr ... A004D4236D4&lt;/a>
sigcheck:<BR>publisher....: ESET<BR>copyright....: Copyright (c) ESET 1992-2009. All rights reserved.<BR>product......: ESET Smart Security<BR>description..: ESET GUI<BR>original name: egui.exe<BR>internal name: egui.exe<BR>file version.: 4.0.442.0<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
packers (Kaspersky): PE_Patch

显示全部楼层 · 发表于 2009-11-16 00:14:08

上报费尔，主流基本没报，可能是误报

显示全部楼层 · 发表于 2009-11-16 00:15:49

是误报

显示全部楼层 · 发表于 2009-11-16 08:56:51

as a false alarm to Sophos~

ESET 带毒？

本帖子中包含更多资源