Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | Magyar | Deutsch | Česky | Polski | Español | English
|
VirusTotal 是一款可疑文件分析服务, 通过各种知名反病毒引擎, 对您所上传的文件进行检测, 以判断文件是否被病毒, 蠕虫, 木马, 以及各类恶意软件感染. 查看详细信息... |
文件 setup_1096_MTA2NHwzNXww_.exe 接收于 2008.08.25 00:02:24 (UTC)
当前状态: 完成
当前状态: 完成
结果: 16/36 (44.44%)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 |
|---|---|---|---|
| AhnLab-V3 | 2008.8.21.0 | 2008.08.22 | - |
| AntiVir | 7.8.1.23 | 2008.08.24 | SPR/Fake.pav.699904 |
| Authentium | 5.1.0.4 | 2008.08.24 | - |
| Avast | 4.8.1195.0 | 2008.08.24 | Win32:Trojan-gen {Other} |
| AVG | 8.0.0.161 | 2008.08.24 | FakeAlert.BE |
| BitDefender | 7.2 | 2008.08.25 | - |
| CAT-QuickHeal | 9.50 | 2008.08.22 | - |
| ClamAV | 0.93.1 | 2008.08.24 | - |
| DrWeb | 4.44.0.09170 | 2008.08.24 | Trojan.Fakealert.1227 |
| eSafe | 7.0.17.0 | 2008.08.24 | Suspicious File |
| eTrust-Vet | 31.6.6044 | 2008.08.23 | - |
| Ewido | 4.0 | 2008.08.24 | - |
| F-Prot | 4.4.4.56 | 2008.08.25 | - |
| F-Secure | 7.60.13501.0 | 2008.08.24 | FraudTool.Win32.PowerAntivirus2009.ai |
| Fortinet | 3.14.0.0 | 2008.08.24 | Misc/PowerAntivirus2009 |
| GData | 2.0.7306.1023 | 2008.08.20 | - |
| Ikarus | T3.1.1.34.0 | 2008.08.24 | Generic.Win32.Malware.Antivirus2009 |
| K7AntiVirus | 7.10.427 | 2008.08.23 | - |
| Kaspersky | 7.0.0.125 | 2008.08.25 | not-a-virus:FraudTool.Win32.PowerAntivirus2009.ai |
| McAfee | 5368 | 2008.08.22 | - |
| Microsoft | 1.3807 | 2008.08.25 | Program:Win32/Antivirus2009 |
| NOD32v2 | 3383 | 2008.08.24 | a variant of Win32/Adware.PowerAntivirus |
| Norman | 5.80.02 | 2008.08.22 | TXT/Antivirus2008.B.dropper |
| Panda | 9.0.0.4 | 2008.08.24 | - |
| PCTools | 4.4.2.0 | 2008.08.24 | - |
| Prevx1 | V2 | 2008.08.25 | Fraudulent Security Program |
| Rising | 20.58.62.00 | 2008.08.24 | - |
| Sophos | 4.32.0 | 2008.08.25 | - |
| Sunbelt | 3.1.1575.1 | 2008.08.23 | - |
| Symantec | 10 | 2008.08.24 | - |
| TheHacker | 6.3.0.6.060 | 2008.08.23 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.23 | TROJ_FAKEAV.FF |
| VBA32 | 3.12.8.4 | 2008.08.23 | - |
| ViRobot | 2008.8.22.1346 | 2008.08.22 | - |
| VirusBuster | 4.5.11.0 | 2008.08.24 | FraudTool.Antivir64.A |
| Webwasher-Gateway | 6.6.2 | 2008.08.24 | Riskware.Fake.pav.699904 |
| 附加信息 |
|---|
| File size: 706040 bytes |
| MD5...: 67bbcc9cf28a563b77c2b739439b7afb |
| SHA1..: 96605e478416a15d7598b3151270cb97123d1f08 |
| SHA256: c418a48872fbbdf8dbfbd8d0b2901937d05bb4fb5860d3283f11d8f0b1f86852 |
| SHA512: de5c748c06fe75368131e4dc273667666951fbd072466aa97b74691d1696a164 1a1526e14e4900b92dfe1f0c4d6f850960c68331738039d172f54c1a7c3e3ca4 |
| PEiD..: - |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x58d370 timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 UPX0 0x1000 0xe8000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e UPX1 0xe9000 0xa5000 0xa4600 7.92 7449e3aee797df38103154c7ec7143de .rsrc 0x18e000 0x8000 0x7400 5.18 e6be36de1eda04bd79a36f4dbc3f0246 ( 12 imports ) > KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess > advapi32.dll: RegFlushKey > comctl32.dll: ImageList_Add > gdi32.dll: SaveDC > ole32.dll: OleDraw > oleaut32.dll: VariantCopy > shell32.dll: SHGetMalloc > URLMON.DLL: CoInternetCreateZoneManager > user32.dll: GetDC > version.dll: VerQueryValueA > wininet.dll: InternetOpenA > winmm.dll: timeGetTime ( 0 exports ) |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * File length: 706040 bytes. [ Changes to filesystem ] * Creates directory C:\documen~1\sandbox\Programdata\. * Creates directory C:\documen~1\sandbox\Programdata\sample\. * Creates file C:\documen~1\sandbox\Programdata\sample\Desc.dat. * Creates file C:\documen~1\sandbox\Programdata\sample\base.dat. * Creates file C:\documen~1\sandbox\Programdata\sample\base2.dat. [ Changes to registry ] * Accesses Registry key \"HKCU\Software\Borland\Locales\". * Accesses Registry key \"HKLM\Software\Borland\Locales\". * Accesses Registry key \"HKCU\Software\Borland\Delphi\Locales\". * Accesses Registry key \"HKCU\Software\Antivir64\". [ Process/window information ] * Creates an event called . [ Signature Scanning ] * C:\documen~1\sandbox\Programdata\sample\Desc.dat (39610 bytes) : TXT/Antivirus2008.B. |
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=67bbcc9cf28a563b77c2b739439b7afb |
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=FFEA9A7EF813674AC53A0A1880B18D0099562CFC |
| packers (F-Prot): UPX |
| packers (Avast): UPX |
注意:
VirusTotal 是 Hispasec Sistemas 提供的免费服务. 我们不保证任何该服务的可用性和持续性. 尽管使用多种反病毒引擎所提供的检测率优于使用单一产品, 但这些结果并不保证文件无害. 目前来说, 没有任何一种解决方案可以提供 100% 的病毒和恶意软件检测率. 如果您购买了一款声称具有此能力的产品, 那么您可能已经成为受害者.
