6%的杀软(2/36)报告发现病毒

显示全部楼层 · 发表于 2008-3-12 23:53:21

6%的杀软(2/36)报告发现病毒

VirSCAN.org Scanned Report :
Scanned time : 2008/03/12 23:31:36 (CST)
Scanner results: 6%的杀软(2/36)报告发现病毒
File Name    : 2329.rar
File Size    : 2520 byte
File Type    : RAR archive data, v1d, os
MD5          : cfed935a3ee58a1d624f3bd7a9dec0ce
SHA1          : 22c582ddbda651906f6ba0139bd035ca4deef62c
Online report  : ht tp://virscan.org/report/1faa4bbf33bb9b48de9c848265cba8ba.html

Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result

AVG          7.5.51.442    269.21.7/1327    2008-03-12  2.08 JS/Psyme.PZ

CP Secure    1.1.0.715    2008.03.12       2008-03-12  11.45  Troj.Exploit.JS.Agent.gen

--哇~过这么多~费尔也爆
C:\Documents and Settings\小飞侠.net\桌面\2329.rar>>2329\htm[1].htm JS.WindowObject.Exploit.a 可疑程序还未处理

文件 2329.rar 接收于 2008.03.12 16:31:08 (CET)
ht tp://www.virustotal.com/zh-cn/analisis/bb7c1b284ef3eed1db75ba90143773d0

结果: 1/32 (3.13%)

反病毒引擎版本最后更新扫描结果
AhnLab-V3 2008.3.12.0 2008.03.12 -
AntiVir 7.6.0.73 2008.03.12 -
Authentium 4.93.8 2008.03.11 -
Avast 4.7.1098.0 2008.03.11 -
AVG 7.5.0.516 2008.03.12 JS/Psyme.PZ
BitDefender 7.2 2008.03.12 -
CAT-QuickHeal 9.50 2008.03.10 -
ClamAV 0.92.1 2008.03.12 -
DrWeb 4.44.0.09170 2008.03.12 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5608 2008.03.12 -
Ewido 4.0 2008.03.12 -
FileAdvisor 1 2008.03.12 -
Fortinet 3.14.0.0 2008.03.12 -
F-Prot 4.4.2.54 2008.03.11 -
F-Secure 6.70.13260.0 2008.03.12 -
Ikarus T3.1.1.20 2008.03.12 -
Kaspersky 7.0.0.125 2008.03.12 -
McAfee 5249 2008.03.11 -
Microsoft 1.3301 2008.03.12 -
NOD32v2 2941 2008.03.12 -
Norman 5.80.02 2008.03.11 -
Panda 9.0.0.4 2008.03.12 -
Prevx1 V2 2008.03.12 -
Rising 20.35.22.00 2008.03.12 -
Sophos 4.27.0 2008.03.12 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.12 -
TheHacker 6.2.92.243 2008.03.12 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.12 -
Webwasher-Gateway 6.6.2 2008.03.12 -
附加信息
File size: 2520 bytes
MD5: cfed935a3ee58a1d624f3bd7a9dec0ce
SHA1: 22c582ddbda651906f6ba0139bd035ca4deef62c
PEiD: -

显示全部楼层 · 发表于 2008-3-13 00:00:48

上报卡巴看看

显示全部楼层 · 发表于 2008-3-13 00:35:14

Hello,

htm[1].htm3 - Trojan-Downloader.JS.Multi.aj

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

显示全部楼层 · 发表于 2008-3-13 08:17:49

html……痛……

显示全部楼层 · 发表于 2008-3-13 14:31:49

伞爷又没反应

哭...以前伞那么猛,现在大量的病毒不认识.

显示全部楼层 · 发表于 2008-3-13 18:36:35

以后直接给网页地址还有价值些！

显示全部楼层 · 发表于 2008-3-13 20:27:11

FP 6 miss. ArcaBit miss.

显示全部楼层 · 发表于 2008-3-13 20:59:09

不象是毒!

显示全部楼层 · 发表于 2008-3-13 23:13:40

http://vvv.mp11567.com/web/rl.htm

其实又是这个网页！

显示全部楼层 · 发表于 2008-3-14 00:24:44

解出来
http://exe.xinniankl.com/ad.cab
还是过不了antivir
Starting the file scan:

Begin scan in 'C:\TDDOWNLOAD\ad.cab'
C:\TDDOWNLOAD\
  ad.cab
[0] Archive type: CAB (Microsoft)
   --> bd.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/Dldr.Delf.epw.1
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!

[病毒样本] 6%的杀软(2/36)报告发现病毒

本帖子中包含更多资源

回复 2楼 kato9096 的帖子