後經我們測試發現:原來是我們軟體的Uninstall.exe 含有相關提示,但在卡巴,瑞星,金山毒霸和江民中未發現。

檔案 Uninstall.exe 接收於 2009.03.23 12:29:53 (CET)
當前狀態: 完成

 

反病毒引擎 版本 最後更新 掃瞄結果
a-squared 4.0.0.101 2009.03.23 Trojan.Packed.64!IK
AhnLab-V3 5.0.0.2 2009.03.23 Win-Trojan/Packed.43834
AntiVir 7.9.0.120 2009.03.23 TR/Packed.64
Authentium 5.1.2.4 2009.03.23 W32/Heuristic-210!Eldorado
Avast 4.8.1335.0 2009.03.23 Win32:Bifrose-BNX
AVG 8.5.0.283 2009.03.23 BackDoor.Bifrose.ABJ
BitDefender 7.2 2009.03.23 Gen:Trojan.Heur.GM.0400466800
CAT-QuickHeal 10.00 2009.03.23 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.03.23 Trojan.Packed-127
Comodo 1080 2009.03.22 -
DrWeb 4.44.0.09170 2009.03.23 -
eSafe 7.0.17.0 2009.03.23 Suspicious File
eTrust-Vet 31.6.6412 2009.03.23 -
F-Prot 4.4.4.56 2009.03.23 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.03.23 -
Fortinet 3.117.0.0 2009.03.23 -
GData 19 2009.03.23 Gen:Trojan.Heur.GM.0400466800
Ikarus T3.1.1.48.0 2009.03.23 Trojan.Packed.64
K7AntiVirus 7.10.678 2009.03.21 Backdoor.Win32.Bifrose.LMK
Kaspersky 7.0.0.125 2009.03.23 -
McAfee 5561 2009.03.22 -
McAfee+Artemis 5561 2009.03.22 -
McAfee-GW-Edition 6.7.6 2009.03.23 Trojan.Packed.64
Microsoft 1.4502 2009.03.23 -
NOD32 3953 2009.03.21 -
Norman 6.00.06 2009.03.20 W32/Bifrose.LMK
nProtect 2009.1.8.0 2009.03.23 Trojan/W32.Agent.56530
Panda 10.0.0.10 2009.03.22 Generic Malware
PCTools 4.4.2.0 2009.03.22 -
Prevx1 V2 2009.03.23 -
Rising 21.22.02.00 2009.03.23 -
Sophos 4.39.0 2009.03.23 Mal/Packer
Sunbelt 3.2.1858.2 2009.03.22 Trojan.Win32.Packer.AHpack0.1 (v)
Symantec 1.4.4.12 2009.03.23 Backdoor.Bifrose
TheHacker 6.3.3.4.287 2009.03.23 -
TrendMicro 8.700.0.1004 2009.03.23 PAK_Generic.001
VBA32 3.12.10.1 2009.03.23 -
ViRobot 2009.3.23.1659 2009.03.23 -
VirusBuster 4.6.5.0 2009.03.22 -
附加訊息
File size: 66850 bytes
MD5...: 6cc1d2b080cf2e0da0c41f4b5e1d1a83
SHA1..: 1e60715c7fe40f47d5cabc86a30f6b2255e3ba8c
SHA256: e15b180d47b07480e7d99b416ec43cf202b9d985c85e9caf4c21c4a52a954395
SHA512: 37dd1b60dcbc825376a73ba4a24a5beac30ecdc4f50e6da66d4cbc602c7af1cc
468ee8284356dc33b48e51ef0f044216c5a058f622763cc0034b644b6afc2dbe
ssdeep: 768:OiZE1iYMSazm+uoFC0+0aZBO0QV8+VxjlKYqSrA0YWQj:OV1rMx8QIc8+VXq
mrg
 
PEiD..: AHPack 0.1 -> FEUERRADER
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x120ff
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x9d14 0x6400 7.89 420550b7e02633dfebfb657ae000e9d6
DATA 0xb000 0x448 0x600 2.23 843f49ecc386a112cc078545be2316c9
BSS 0xc000 0x6d1 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0xd000 0xd2e 0xe00 4.52 db2008e2e9f9080bb00a3c79f2680454
.tls 0xe000 0x4 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0xf000 0x18 0x200 0.20 5ae3736e2670a8cf4b6f8b969153449d
.reloc 0x10000 0x680 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x11000 0xe00 0xe00 5.82 b85168cdeb417302e8cea0eaf8ebeb81
.data 0x12000 0x400 0x400 3.93 3fd23e29b9cf393e41575b1995d479c5

( 2 imports )
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
> user32.dll: MessageBoxA

( 0 exports )
 
packers (Kaspersky): AHPack
packers (Authentium): AHPack
packers (F-Prot): AHPack