新帖!!!mm.exe(第80次更新)[附上生成]已开新帖

sam.to

因字数限制而开新帖!

第1至28次更新:
http://bbs.kafan.cn/thread-322929-1-1.html
第29至54次更新:
http://bbs.kafan.cn/thread-331871-1-1.html

10月6:
e23a44bb59a86adc184360aef29b52b5  9.exe3
ca678d956b5d505f3d1a83a1090a8c13  mm.exe3
1918679cf4e7114f917e3bc6f0ef7c5e  x.gif3
cb6ca615e05faa7a9039f26c68de6af9  1.exe3
9e3d35645486f802c8a934510ab42489  5.exe3
TO KL

Hello.
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.

Please quote all when answering. Do not forget to include you registration data.
-----------------
Regards, Tatarinov Ivan
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com   http://www.viruslist.com

生成:
ab652dab12afdad853fd59207dd2d68b   Packet.dll
d952a05dfc8720c45a5b0915d4478e89   npptools.dll
d21fee8db254ba762656878168ac1db6   npf.sys
ca678d956b5d505f3d1a83a1090a8c13   mm1.exe3
d41d8cd98f00b204e9800998ecf8427e   mfc71.dll
9cf28f34a25cfb787f20a58997b4042b   hccoins.dll
da1f27d85e0d1525f6621372e7b685e9   beep.sys
1918679cf4e7114f917e3bc6f0ef7c5e   x.gif3
ca678d956b5d505f3d1a83a1090a8c13   wuauclt.exe3
0a478ea707f567efa7f31847dd0e9928   wpcap.dll
12aa2da30d1d2889511b4c1d14fb99b9   WanPacket.dll

TO KL
======================================================
10月6第2次:
760154f82f3992c917ae3e5a3923d490  9.exe3
987ad30f4cbfe955b106a6e2751f85df  mm.exe3
c3f2647605724a27dcb8b7d577ae538a  x.gif3
cb6ca615e05faa7a9039f26c68de6af9  1.exe3
aba75e0df5d826c43c1496aab3e887b7  5.exe3

TO KL
生成:
d2a99369e7016b58fb89e933efb1fb10  COMMAND.COM3
1d1a2e1a87e220563a773bb7c821211b  DOSX.EXE3
2a3dcc96702e20a90ac10c55e8c892cf  HIMEM.SYS
1537d8c72b487ac102fcabc33ab6079b  KB16.COM3
ec63595d72a69fb5b4e481a7b90cb513  MSCDEXNT.EXE3
b15e0180c43d8b5219196d76878cc2dd  npf.sys
38e7f4e56118d91df929dba40035c017  npptools.dll
113976fd8fe7e395888aebafad83d8f7  NW16.EXE3
9062aeea8cbfc4f0780bbbefad7cebcb  Packet.dll
d6aea0e2d8c85086a9aa5be7e7cb167a  REDIR.EXE3
d316e28958873859b88d72cf47ad1ea5  te.tep
496ec9d90953aeb7f259d292e7d3eeae  VWIPXSPX.EXE3
fdd104a9fd3427a1df37041fa947a041  WanPacket.dll
ce842d25e5b7e6ff21a86cad9195fbe8  wpcap.dll
TO KL
Hello,

##.exe_ - Worm.Win32.AutoRun.qgp,
1.exe_ - Trojan-Spy.Win32.Delf.ekf,
5.exe_ - Trojan.Win32.Agent.agdg,
9.exe_ - Trojan-GameThief.Win32.OnLineGames.tmzu,
mm.exe_ - Trojan-Downloader.Win32.Small.aequ

These files are already detected. Please update your antivirus bases.

COMMAND.com_, KB16.com_, npf.sys, npptools.dll, NW16.exe_, Packet.dll, te.tep, VWIPXSPX.exe_, WanPacket.dll, wpcap.dll

No malicious code were found in these files.

DOSX.exe_, HIMEM.SYS, MSCDEXNT.exe_, REDIR.exe_

These files are corrupted.

Please quote all when answering.

--
Best regards, Andrey Ladikov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

======================================================
10月7:
aba75e0df5d826c43c1496aab3e887b7  5.ex3e
10b1636952dc669d3e28b55a0771b819  x.gif3
5ab5d5cf3d56ab33e9b519a662e016c5  1.exe3
TO KL

生成:
9cf28f34a25cfb787f20a58997b4042b  wmpeffectes.dll

wmpeffectes.dll - Trojan-Spy.Win32.Delf.ejj

TO KL
======================================================
10月7第2次:
32ca3df403df444f39c9e25bcbf452e4  9.exe3
7ea0547875b9fe9bb66e317eb482c279  mm.ex3e
4d490b8b4932f65560b40bc2075e8ed2  x.gif
0b309df15dc3a7193398f27f2ca10469  5.exe3
TO KL

生成:
ce842d25e5b7e6ff21a86cad9195fbe8  wpcap.dll
b15e0180c43d8b5219196d76878cc2dd  npf.sys
0a478ea707f567efa7f31847dd0e9928  wpcap.dll3
d952a05dfc8720c45a5b0915d4478e89  npptools.dll1
ab652dab12afdad853fd59207dd2d68b  Packet.dll1
12aa2da30d1d2889511b4c1d14fb99b9  WanPacket.dll1
2a3dcc96702e20a90ac10c55e8c892cf  HIMEM.SYS
38e7f4e56118d91df929dba40035c017  npptools.dll
9062aeea8cbfc4f0780bbbefad7cebcb  Packet.dll
fdd104a9fd3427a1df37041fa947a041  WanPacket.dll
TO KL

======================================================
10月8:
3e24e1c587616d1ef1863d0dcdb5464b   1.exe3
df726d2813104bd8e69a6224991faa36   x.g3if
0b309df15dc3a7193398f27f2ca10469   5.ex3e

生成:
e50510deded1ee2d3299e041cf2c6cf0  mlangs.dll3
4d24f7b358546dccc313175f53b5e7c1  obj2.sys
d43d42ae68a151dae3a3ff3f34ec8258  B.PIF
TO KL
Hello.
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.

======================================================
10月8第2次:
c7b896bc2597fc5ff1ec2bf8706773ae  1.exe
fabdc596b9853f230fba1beda0f05b80  9.exe
940d1b127292c2cbfe1c38eebbdea5f8  mm.exe
aebdd47db86d8920273f4647b359774e  x.gif
TO KL

生成:
f567ef972c302443e8f6da124df697e0  mlantgs.dll
d952a05dfc8720c45a5b0915d4478e89  npptools.dll
ab652dab12afdad853fd59207dd2d68b  Packet.dll
12aa2da30d1d2889511b4c1d14fb99b9  WanPacket.dll
0a478ea707f567efa7f31847dd0e9928  wpcap.dll

Hello.
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.
TO KL
======================================================
10月9:
d56353b603c384eb92b6392d991cffd7  mm.exe
01b27261246d10f5fca6164275326fd3  x.gif
fd2b0d5f54d164b7a6dad45ef9b1def6  1.exe
9e7741aaa5728c25f9358c8f7b084d2e  9.exe

生成:
e2fecae7f1acdb0016593628d347a784  activedes.dll
d952a05dfc8720c45a5b0915d4478e89  npptools.dll
ab652dab12afdad853fd59207dd2d68b  Packet.dll
12aa2da30d1d2889511b4c1d14fb99b9  WanPacket.dll
0a478ea707f567efa7f31847dd0e9928  wpcap.dll
TO KL

======================================================
10月10:
15ff3565303b3b2b15502596f08b0424  9.ex3e
5764b9a2e836c5f2a3f8828ffad69b96  mm.e3xe
c52803f4c1422f90e9fd2dc2a5d3d409  x.gif
d3057cd947f2ff63416da727bffcb107  1.e3xe

生成:
ce842d25e5b7e6ff21a86cad9195fbe8  wpcap.dll3
38e7f4e56118d91df929dba40035c017  npptools.dll3
fdd104a9fd3427a1df37041fa947a041  WanPacket.dll3

TO KL
======================================================
10月11:
89052535d653bea77022514a4337325f  9.exe
a67bf902f4b93179f2b100ceea9c912a  x.gif
8bb6e563719d77249c96cdc4355b17d4  1.exe
9eccd24846cee60561bb957984612a92  5.exe
TO KL

生成跟上一包一样
======================================================
10月11第2次:
b13d0d8a2abfe6e25a732412e2a82a29  9.exe
8f7f003385d858ba74d57bd14a832173  mm.exe
400d5cc89287d5db4af8e73bc4c51ec2  x.gif
6ef542a223e08591280613f7440bc623  1.exe
9eccd24846cee60561bb957984612a92  5.exe

生成:
5e07f6ec348e85c0d2e67769c8cb0e61  bpanuitbs.dll
d952a05dfc8720c45a5b0915d4478e89  npptools.dll
38e7f4e56118d91df929dba40035c017  npptools.dll3
ab652dab12afdad853fd59207dd2d68b  Packet.dll
9062aeea8cbfc4f0780bbbefad7cebcb  Packet.dll3
ca42539e85a7f9bb372da8124f7a3254  wacclt.ex3e
fdd104a9fd3427a1df37041fa947a041  WanPacket.3dll
12aa2da30d1d2889511b4c1d14fb99b9  WanPacket.dll
0a478ea707f567efa7f31847dd0e9928  wpcap.dll
ce842d25e5b7e6ff21a86cad9195fbe8  wpcap.dll3
TO KL
Hello,

##.exe_ - Worm.Win32.AutoRun.qnc,
1.ex3e - Trojan-Spy.Win32.Delf.elg,
5.e3xe - Trojan-Downloader.Win32.Agent.ajiu,
9.ex3e - Trojan-GameThief.Win32.OnLineGames.tnuj,
bpanuitbs.dll - Trojan.Win32.Delf.ffm,
mm.ex3e - Worm.Win32.AutoRun.qna

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

npptools.dll, npptools.dll3, Packet.dll, Packet.dll3, WanPacket.3dll, WanPacket.dll, wpcap.dll, wpcap.dll3

No malicious code were found in these files.

wacclt.ex3e - not-a-virus:NetTool.Win32.Agent.b

This file is already detected by our extended bases as a potentially risk program.

Please quote all when answering.

======================================================
10月11第3次:
f960ed546f6f1ad627fe1c3232a851a6  x.gif
0476f27a7a78e48b5b5ba98477a0eb25  mm.exe
4d007601626b9b3d5d34e73790822757  9.exe
TO KL

生成:
0a478ea707f567efa7f31847dd0e9928  wpcap.dll
d952a05dfc8720c45a5b0915d4478e89  npptools.dll
ab652dab12afdad853fd59207dd2d68b  Packet.dll
12aa2da30d1d2889511b4c1d14fb99b9  WanPacket.dll
TO KL
Hello,

##.exe_ - Worm.Win32.AutoRun.qnp,
9.ex3e - Trojan-GameThief.Win32.OnLineGames.tnvh,
mm.ex3e - Worm.Win32.AutoRun.qnq

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

npptools.dll, Packet.dll, WanPacket.dll, wpcap.dll

No malicious code were found in these files.

Please quote all when answering.

======================================================
10月12:
1d3fc9eee86315ea0ab7b556e4e5b29b  9.exe
0cf60f6b9a43cf621f540d26128cdfab  10.exe
85d7261abe81a306c834e86e5985c4b4  mm.exe
7bc5823f23d75720d904eed5258bb862  x.gif
b54d4627a24d813f93936ab732b75a38  1.exe
45babac5ce8123aa2ed2a0ca4f276de4  5.exe

生成:
506351d5f21399b5087b3feffa0ddf27  MSBINDES.DLL
0d07be5ba97cbaf6b3585c4eafc8088e  ToolBand.dll
ab7d8e91595a962e9f2d293370d7d596  Toolbar_bho.dll

TO KL
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.
======================================================
10月13:
2edd46a62356178aff070f70ded73c9f  9.ex3e
4b7a95ab31b7609e09a89d0bf4057f7d  mm.exe2
4091046205846185b2fa595f09f071a6  x.g3if
eeaa87658f41f3fd80107e5a9c4ddad1  1.ex3e

TO KL
生成:
b814b18028ce65bf79894954a7dc33e4  MSSBINDES.DLL
12aa2da30d1d2889511b4c1d14fb99b9  WanPacket.dll
0a478ea707f567efa7f31847dd0e9928  wpcap.dll
TO KL
Hello,

1.ex3e - Trojan-Spy.Win32.Delf.elq,
9.ex3e - Trojan-GameThief.Win32.OnLineGames.tobz,
mm.exe2 - Worm.Win32.AutoRun.qop,
MSSBINDES.DLL - Trojan.Win32.Delf.fge,
x.g3if - Worm.Win32.AutoRun.qoy

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

5.ex3e - Trojan.Win32.Agent.agqv

This file is already detected. Please update your antivirus bases.

WanPacket.dll, wpcap.dll

No malicious code were found in these files.

Please quote all when answering.

--
Best regards, Ostroverkhov Vladimir
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

======================================================
10月13第2次:
a6a20927c1fe67b5ff521e52fa5e9490  9.exe
8bebe971dc7baca6c39957ab9cb46c05  mm.exe
这包的生成不特別
TO KL

======================================================
10月14:
ea866046658b2beddf48aeb5705a66a2  x.gif
5921cd3b92ae7021ccc80d362bf5ee3e  1.exe
df2b2faa1ed731626af02abdd19a5d31  9.exe
0cf60f6b9a43cf621f540d26128cdfab  10.exe
3166743046c030b5e597e5fae755c33f  mm.exe
TO KL
这包的生成不特別
Hello,

##.exe_ - Worm.Win32.AutoRun.qpz,
1.ex3e - Trojan-Spy.Win32.Delf.emb,
9.ex3e - Trojan-GameThief.Win32.OnLineGames.togj,
mm.e3xe - Worm.Win32.AutoRun.qpv

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

10.ex3e

We are sorry, it is false alarm. It will be fixed as soon as possible. Thank you for your help.

Please quote all when answering.

======================================================
10月14第2次:
5cc6018c3dba63810c6da91142a5af78  mm.exe
6f1bf5e6705ac554f9c202d17a79c6ae  1.exe

生成:
fec8b7fa7a33b1c6450ffb495a88355b  xercesxmldoms.dll
TO KL
Hello,

1.ex3e - Trojan-Spy.Win32.Delf.emi,
mm.e3xe - Worm.Win32.AutoRun.qqj,
xercesxmldoms.dll - Trojan.Win32.Delf.fgy

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.


======================================================
10月15:
ecb16a77d468d42780e4e7e8066531c3  9.ex3e
1f45521ef05013eea9eca19e50af5ac2  mm.ex3e
37b890de4af364b4f9d17a39e5d14f53  x.g3if
5d0147a070869a90d6cc3218ec3e620e  1.e3xe
c67fe31fb7a8b4a3ab6c2f85e72eba05  5.e3xe
TO KL

生成:
ac949bed3c6a68dfc60843c0dbf4d716  xedrcesxmldoms.dll
TO KL
Hello,

xedrcesxmldoms.dll - Trojan.Win32.Delf.fhj

This file is already detected. Please update your antivirus bases.

1.e3xe - Trojan-Spy.Win32.Delf.emq,

5.e3xe - Trojan-Dropper.Win32.Mudrop.ra,

9.ex3e - Trojan-GameThief.Win32.OnLineGames.toki,

mm.ex3e - Worm.Win32.AutoRun.qrr,

x.g3if,
x.g3if.-_.exe_ - Worm.Win32.AutoRun.qrq

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

--
Best regards, Sergey Temnikov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

======================================================
10月16:
331a1a0bb90c7ef0881e2fe1575ab4c8  1.e3xe
87206d6c737e02a37584cc891196113a  2.ex3e
59d4a84398cbfa046295ff6a82b84d36  9.ex3e
5350ee1bb51291925095816755e52e62  mm.ex3e
248b8474d52fdc9b322130ceebc1e2f0  x.gi3f

生成:
9a5928e105d95ee416d00656f55bf22b  28.exe3
e1d59c8bdd8e7008148f16b35b954d3a  BASESMOD.dll
3900a4a4b2c1a0b8472bf4022bc38caf  pbhealth.dll
4eff5fafd746f5decb93a44e3a3d570c  System.dll
TO KL

======================================================
10月16第2次:
7d6848aea2d2962df90cf2eed4ba1043  9.ex3e
e70ec02bd20c23e05180e327d553b022  mm.ex3e
03c4a6ec74e9c7a04396f6cf7bfa401d  1.ex3e
602e3fbce0b4f62c430f0726ef37b642  5.ex3e
to kl

生成:
2d1f8662d1eed59a3fe5f8ca45961569  BASETSMOD.dll

5.ex3e - Trojan-Dropper.Win32.Mudrop.rc

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.
上报有5个,但列出的只有一个,真怪,不过算,因為都已入庫!
======================================================
10月17:
551ddf40835c3e0b8b5328d7d8b7bb7d  9.e3xe
29b9ff74027ad662cf2f24e31ec6eddc  1.exe3
2a02873be97795c2a7f68116aaee7e9b  5.e3xe
TO KL

生成:
f1086409bcf4a680f20d35a6cd5209a0  A.PIF
35d04689d5b10a61e0c079dfabec1c22  bootvids.dll
TO KL
Hello,

A.PIF - Trojan-Downloader.Win32.Agent.ajyd,
bootvids.dll - Trojan.Win32.Delf.fig,
9.e3xe - Trojan-GameThief.Win32.OnLineGames.totw

These files are already detected. Please update your antivirus bases.

1.exe3 - Trojan.Win32.Delf.fir,
5.e3xe - Trojan-Dropper.Win32.Agent.yak

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Kirill Erakhtin
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

======================================================
10月17第2次:
1d7f3ef66540be5244aadbdb1e2dfaf8  9.exe
528d1b12e4d32cc30e169b2905f935e4  mm.exe
1a6656d0eedb1c0888205bb8ad5a687d  x.gif
3b34199ef423e4e226f90acf1f4d47d7  1.exe

生成:
c10419b2381e8bcf05bd3bc64e2658d1  bootvvids.dll

TO KL
======================================================
10月18:
1dd45b7e1af7b2de8a943da8e63a6cc5  9.exe
7a0fb090ce66c39485a28d17a0223041  mm.exe
ba91071dacf09df817d77e81fe518e9e  x.gif
dc9315e345d81fcee6f4376b0a71d9b1  1.exe
29a8c9235bfbfeeda3d4cad0c7d6109a  5.exe

生成:
5083816cacddcce599c04ceaa31bb13e  bootesvvids.dll

TO KL
=======================================================
10月19:
0b0c889d54b3995696fa3ef67baa521c  x.gif
1652d564a8ab2000eb90080520ae07f4  mm.exe
3023cc085d89ee056782d24c99987c08  1.exe
29a8c9235bfbfeeda3d4cad0c7d6109a  5.exe
d1ec30512a4ca252eb5a677d7615a216  9.exe
TO KL

生成:
19c81c18eaca590771d2d8c692479e44  datimes.dll3
TO KL
Hello.
New malicious software was found in the attached file ().
It's detection will be included in the next update. Thank you for your help.

=======================================================
10月19下午:
1c16c63702731b027e5ef07950f671e3  1.exe
29a8c9235bfbfeeda3d4cad0c7d6109a  5.exe
f1184f709260b084074b6d1f0c76cfac  9.exe
84b11087828d0fce0408c76d9b706e3a  mm.exe
82fb28fbc140df6af086cdce26aa19fa  x.gif
TO KL

生成:
08eea27325400a377c1adafa2a2d0ad3  datttimes.dll
TO KL
Hello,

1.e3xe - Trojan-Spy.Win32.Delf.enz,

5.ex3e - Trojan-Dropper.Win32.Mudrop.re,

9.e2xe - Trojan-GameThief.Win32.OnLineGames.tpcu,

datttimes.dll - Trojan.Win32.Delf.fjp,

mm.ex3e,
x.gi3f - Worm.Win32.AutoRun.qwx

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

--
Best regards, Sergey Temnikov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.


=======================================================
10月20:
da94c1e73888e994a5f3614288c339f3  9.exe
762f0263aed4458edeedbef227bdac33  mm.exe
f1a19b0df07fa374b441a64beaa1339c  x.gif
800d7672d86a36574e1dfa7e8bb592c7  1.exe
fa0adb1e8de6d078aa339ed83b2de0d2  5.exe
TO KL

生成:
1fc54cc89f9cf7dc6c29ccb71c4ae0c5  datximes.dll3
e82c8fefd4307154d552ee89163b733d  A3.PIF
TO KL

Hello.
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.

=======================================================
10月20第2次:
8f8fa552159aeca0a073ce3b2973ee61  9.exe
5fbde0a3fb9f5bbe55d112762f84be8a  mm.exe
d5eadc9ade0a922d5f7e0883315e883f  x.gif
a49d8121c84267a2baf224c217af4895  1.exe
TO KL

生成:
88825895298abfd94bdffb14e569a5bd  datxvimes.dl3l
datxvimes.dl3l - Trojan.Win32.Delf.fkl,
1.e3xe - Trojan-Spy.Win32.Delf.eoi,
9.e3xe - Trojan-GameThief.Win32.OnLineGames.tpjv,
mm.ex3e,x.g3if,-_.exe_ - Worm.Win32.AutoRun.qys

=======================================================

[ 本帖最后由 kato9096 于 2008-10-21 15:55 编辑 ]

vmzy

红3
Begin scan in 'C:\Documents and Settings\Administrator\桌面\virus\1.exe3'
C:\Documents and Settings\Administrator\桌面\virus\1.exe3
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\virus\5.exe3'
C:\Documents and Settings\Administrator\桌面\virus\5.exe3
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\virus\9.exe3'
C:\Documents and Settings\Administrator\桌面\virus\9.exe3
    [DETECTION] Contains HEUR/Crypted suspicious code
    [NOTE]      The detection was classified as suspicious.
    [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\virus\mm.exe3'
C:\Documents and Settings\Administrator\桌面\virus\mm.exe3
    [DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\virus\x.gif3'

The scan has been done completely.

      0 Scanning directories
      5 Files were scanned
      3 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
      3 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      0 Archives were scanned
      1 Warnings
      4 Notes

14206937

[0] Archive type: RAR
    --> 9.exe3
      [DETECTION] Contains HEUR/Crypted suspicious code
    --> mm.exe3
      [DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
      --> x.gif3
        [1] Archive type: RAR
        --> ￕￕￆﾬ                                                                                                                                                                                                             .exe
            [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    --> 1.exe3
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
      --> 5.exe3
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      A backup was created as '4919b7f9.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!

1688388728

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDIBSTAZ\1006-1402mm[1].rar\9.exe3 - 已感染 Trojan.Packed.152
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDIBSTAZ\1006-1402mm[1].rar\mm.exe3 - 可能已感染 DLOADER.Trojan
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDIBSTAZ\1006-1402mm[1].rar\x.gif3\照片                                                                                                                                                                                                             .exe - 可能已感染 DLOADER.Trojan
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\SDIBSTAZ\1006-1402mm[1].rar\1.exe3 - 可能已感染 MULDROP.Trojan

压缩包含 4 个被感染的对象

wangfeng66

C:\1006-1402mm\9.exe3 - infected with Trojan.Packed.152
C:\1006-1402mm\mm.exe3 - probably infected with DLOADER.Trojan
C:\1006-1402mm\1.exe3 - probably infected with MULDROP.Trojan
C:\1006-1402mm\x.gif3- probably infected with DLOADER.Trojan

漏掉一个 5.exe3  

Dr.web 杀4

我爱舒畅

KIS7.0

扫描 : 已完成
-------------
已扫描：        23
检测到：        1
未处理：        0
开始时间：        2008-10-6 15:35:15
运行时间：        00:00:06
完成时间：        2008-10-6 15:35:21


检测到
------
状态        对象
----        ----
已删除：木马程序 Trojan.Win32.Agent.afxd        文件: C:\Downloads\1006-1402mm.rar/5.exe3//PE_Patch//UPack//PE-Crypt.Morf//#

Palkia

前排占位方便以后更新.

蜘蛛成绩可以

啊弥陀佛

微点拦截

wangfeng66

1006-1402mm-cre.rar

mm1.exe3     x.gif3     这两个Drweb启发报下载者 剩余的*.SYS *. DLL 没报。
10个文件杀两个主要文件。

wangfeng66

EAV 3495 (20081004)

附图如下