Malware/Win32.Heur.2014EBFBFB这是什么病毒
发布网友
发布时间:2024-10-16 03:34
共1个回答
热心网友
时间:2024-10-17 07:03
http://w9.fsdfe.com/09/z1.exe是一个使用了Upack加壳的病毒。
以后不要访问这个网站就没事了。
要是非想访问,可以安装瑞星2009后再访问。
是病毒:
反病毒引擎 版本 最后更新 扫描结果
a-squared 4.0.0.101 2009.03.14 Trojan-PWS.Win32.Agent.jp!IK
AhnLab-V3 5.0.0.2 2009.03.13 Win-Trojan/Hupigon.Gen
AntiVir 7.9.0.114 2009.03.13 HEUR/Malware
Authentium 5.1.0.4 2009.03.14 W32/Downloader.F.gen!Eldorado
Avast 4.8.1335.0 2009.03.13 Win32:Rootkit-gen
AVG 8.0.0.237 2009.03.13 Suspicion: unknown virus
BitDefender 7.2 2009.03.14 Trojan.Crypt.Delf.C
CAT-QuickHeal 10.00 2009.03.13 -
ClamAV 0.94.1 2009.03.14 -
Comodo 1053 2009.03.13 -
DrWeb 4.44.0.09170 2009.03.14 -
eSafe 7.0.17.0 2009.03.12 Win32.Looked.gen
eTrust-Vet 31.6.6388 2009.03.09 Win32/Bosbot!generic
F-Prot 4.4.4.56 2009.03.13 W32/Downloader.F.gen!Eldorado
F-Secure 8.0.14470.0 2009.03.14 W32/Packed_Upack.H
Fortinet 3.117.0.0 2009.03.14 -
GData 19 2009.03.14 Trojan.Crypt.Delf.C
Ikarus T3.1.1.45.0 2009.03.14 Trojan-PWS.Win32.Agent.jp
K7AntiVirus 7.10.668 2009.03.12 Generic.Packed.Upack
Kaspersky 7.0.0.125 2009.03.14 -
McAfee 5552 2009.03.13 New Malware.n
McAfee+Artemis 5552 2009.03.13 New Malware.n
McAfee-GW-Edition 6.7.6 2009.03.13 Heuristic.Malware
Microsoft 1.4405 2009.03.14 VirTool:Win32/Obfuscator.C
NOD32 3935 2009.03.13 a variant of Win32/AutoRun.ADC
Norman 6.00.06 2009.03.13 W32/Packed_Upack.H
nProtect 2009.1.8.0 2009.03.14 -
Panda 10.0.0.10 2009.03.14 Suspicious file
PCTools 4.4.2.0 2009.03.13 Packed/Upack
Prevx1 V2 2009.03.14 -
Rising 21.20.42.00 2009.03.13 -
Sophos 4.39.0 2009.03.14 Mal/EncPk-BW
Sunbelt 3.2.1858.2 2009.03.13 Trojan.Win32.Packed.gen (v)
Symantec 1.4.4.12 2009.03.14 W32.SillyFDC
TheHacker 6.3.3.0.281 2009.03.13 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2009.03.13 Cryp_Upack
VBA32 3.12.10.1 2009.03.14 MalwareScope.Trojan-PSW.Game.7
ViRobot 2009.3.13.1648 2009.03.13 -
VirusBuster 4.6.5.0 2009.03.13 Packed/Upack
附加信息
File size: 55008 bytes
MD5...: 4e4c2ee180c8aaebd6a9603e39e6e2bd
SHA1..: 2d801309d701c8156c5ccd82f2189c6b58db6dbe
SHA256: 7279afda7b69edc28d8f54d473b9cccc7fe1ed38b426594f82d15a25d3b9cdc3
SHA512: ac828ba1dea68d6c3044b8e9a316c2c8cd68acbad28bbb103836e7588a2ba27e<BR>b0ed83a357ab5d2d316b7d90ea85b002dde96e3b84602d85a853c3af7a21681c
ssdeep: 768:pXA+W4dOf6oPxTsI0kc9Zs3UQcAO1/vebGSZ/JI00zqOMHvceCDk2htULk:p<BR>XAj4dMDSqdOpvebGmK0IqDHvMrtUI<BR>
PEiD..: WinUpack v0.39 final (relocated image base) -> By Dwing (c)2005 (h2)
TrID..: File type identification<BR>DOS Executable Generic (100.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x304f4<BR>timedatestamp.....: 0x1000 (Thu Jan 01 01:08:16 1970)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 2 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.Upack 0x1000 0x23000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rsrc 0x24000 0x14000 0xc7e8 7.99 47a272581438c5d5dc29d297fa2bdfb4<BR><BR>( 1 imports ) <BR>> KERNEL32.DLL: LoadLibraryA, GetProcAddress<BR><BR>( 0 exports ) <BR>
