小马来也

显示全部楼层 · 发表于 2008-9-5 15:34:27

文件 mm.rar 接收于 2008.09.05 08:05:34 (CET)

ht　tp://www.threatexpert.com/report.aspx?md5=88d8bba2f762d7d536c60a1a340a590e

映像劫持多家安全软件。。。

结果: 25/36 (69.45%)

反病毒引擎版本最后更新扫描结果
AhnLab-V3 2008.9.5.1 2008.09.05 -
AntiVir 7.8.1.28 2008.09.04 TR/Crypt.FKM.Gen
Authentium 5.1.0.4 2008.09.05 W32/OnlineGames.A.gen!GSA
Avast 4.8.1195.0 2008.09.04 Win32:Trojan-gen {Other}
AVG 8.0.0.161 2008.09.04 Win32/Heur
BitDefender 7.2 2008.09.05 Win32.Worm.Autorun.LW
CAT-QuickHeal 9.50 2008.09.02 Win32.Packed.Klone.ap03
ClamAV 0.93.1 2008.09.04 -
DrWeb 4.44.0.09170 2008.09.04 -
eSafe 7.0.17.0 2008.09.03 Suspicious File
eTrust-Vet 31.6.6069 2008.09.04 -
Ewido 4.0 2008.09.04 -
F-Prot 4.4.4.56 2008.09.04 W32/OnlineGames.A.gen!GSA
F-Secure 8.0.14332.0 2008.09.05 Worm.Win32.AutoRun.mir
Fortinet 3.14.0.0 2008.09.03 -
GData 19 2008.09.05 Worm.Win32.AutoRun.mir
Ikarus T3.1.1.34.0 2008.09.05 Packed.Win32.Klone.af
K7AntiVirus 7.10.441 2008.09.04 -
Kaspersky 7.0.0.125 2008.09.05 Worm.Win32.AutoRun.mir
McAfee 5377 2008.09.04 New Malware.dw
Microsoft 1.3903 2008.09.05 -
NOD32v2 3417 2008.09.05 Win32/AutoRun.YC
Norman 5.80.02 2008.09.04 W32/Packed/NsPack_3.A
Panda 9.0.0.4 2008.09.04 Trj/Lineage.JQZ
PCTools 4.4.2.0 2008.09.04 Packed/NSPack
Prevx1 V2 2008.09.05 Cloaked Malware
Rising 20.60.40.00 2008.09.05 Worm.Win32.DownLoad.is
Sophos 4.33.0 2008.09.04 Mal/Behav-204
Sunbelt 3.1.1606.1 2008.09.04 VIPRE.Suspicious
Symantec 10 2008.09.05 W32.Rispif.A
TheHacker 6.3.0.8.072 2008.09.04 W32/Behav-Heuristic-067
TrendMicro 8.700.0.1004 2008.09.05 -
VBA32 3.12.8.5 2008.09.04 -
ViRobot 2008.9.4.1363 2008.09.04 -
VirusBuster 4.5.11.0 2008.09.04 Packed/NSPack
Webwasher-Gateway 6.6.2 2008.09.04 Trojan.Crypt.FKM.Gen
附加信息
File size: 12118 bytes
MD5...: a734648dbd0a8d333a34f566e58d843e
SHA1..: d879306f6a3be0f4f47412ab12b50930ec500118
SHA256: b032dd5e5ddc6cbca92c622712b997282c30fd801c73a932c09a269fa114f053
SHA512: 1ca6e775352e3743040e98eb1794df8f93e9f58d79a65e7273856140cc3ab5e4
3e8029a52f6757c7f25ce9bb1cba719a176cb537ebd779efccc689af3296ae0c
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
Prevx info: ht　tp://info.prevx.com/aboutprogramtext.asp?PX5=ABFC8F8B6E0EBE0438C7005E5FD51000210EAB8D
packers (F-Prot): NSPack, PE_Patch
packers (Authentium): NSPack, PE_Patch

VirSCAN.org Scanned Report :
Scanned time : 2008/09/05 14:05:41 (CST)
Scanner results: 58%的杀软(21/36)报告发现病毒
File Name    : mm.rar
File Size    : 12118 byte
File Type    : RAR archive data, v1d, os
MD5          : a734648dbd0a8d333a34f566e58d843e
SHA1          : d879306f6a3be0f4f47412ab12b50930ec500118
Online report  : ht　tp://virscan.org/report/90a549263be5d88e58a1fab32017864f.html

Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    3.5.0.22       2008.09.04       2008-09-04  2.51 -
安博士V3    2008.09.05.01 2008.09.05       2008-09-05  0.89 -
AntiVir       7.8.1.28       7.0.6.118       2008-09-04  2.26 TR/Crypt.FKM.Gen
Arcavir       1.0.5          200809031307    2008-09-03  1.20 -
AVAST!       3.0.1          080904-1       2008-09-04  0.70 Win32:Trojan-gen {Other}
AVG          7.5.52.442    270.6.16/1652    2008-09-04  2.06 -
BitDefender 7.60825.1727438 7.20812          2008-09-05  2.97 Win32.Worm.Autorun.LW
CA (VET)    9.0.0.143    31.6.6069       2008-09-04  5.11 -
ClamAV       0.93.3       8163             2008-09-05  0.01 -
Comodo       2.11          2.0.0.637       2008-09-04  0.49 Backdoor.Win32.Delf.avc
CP Secure    1.1.0.715    2008.09.05       2008-09-05  6.57 -
Dr.Web       4.44.0.9170    2008.09.04       2008-09-04  3.16 -
ewido       4.0.0.2       2008.09.04       2008-09-04  2.63 -
F-Prot       4.4.4.56       20080904       2008-09-04  1.30 W32/OnlineGames.A.gen!GSA (generic, not disinfectable)
F-Secure    5.51.6100    2008.09.05.02    2008-09-05  3.23 Worm.Win32.AutoRun.mir [AVP]
飞塔          2.81-3.112    9.513          2008-09-03  0.23 Suspicious
ViRobot       20080904       2008.09.04       2008-09-04  0.40 Worm.Win32.Autorun.14418
Ikarus       T3.1.01.34    2008.09.05.71399  2008-09-05  3.27 Packed.Win32.Klone.af
江民杀毒    11.0.706       2008.09.05       2008-09-05  1.20 -
卡巴斯基    5.5.10       2008.09.05       2008-09-05  0.03 Worm.Win32.AutoRun.mir
金山毒霸    2008.1.14.15 2008.9.5.10    2008-09-05  0.60 Win32.Troj.Downloader.if.58880
迈克菲       5.3.00       5377             2008-09-04  1.75 New Malware.dw
Microsoft    1.3903       2008.09.05       2008-09-05  4.01 -
mks_vir       2.01          2008.08.25       2008-08-25  2.57 -
Norman       5.93.01       5.93.00          2008-09-04  4.99 W32/Packed/NsPack_3.A
熊猫卫士    9.05.01       2008.09.04       2008-09-04  2.10 Trj/Lineage.JQZ
趋势科技    8.700-1004    5.525.00       2008-09-04  0.03 -
Quick Heal    9.50          2008.09.02       2008-09-02  1.70 Win32.Packed.Klone.ap03
瑞星          20.0          20.60.32.00    2008-09-04  0.85 Worm.Win32.DownLoad.is
Sophos       2.78.0       4.33             2008-09-05  1.87 Mal/Behav-204
Sunbelt       3.1.1606.1    2214             2008-09-03  0.67 VIPRE.Suspicious
赛门铁克    1.3.0.24       20080904.003    2008-09-04  0.10 W32.Rispif.A
nProtect    2008-09-04.00 2063438          2008-09-04  3.66 Win32.Worm.Autorun.LW
The Hacker    6.3.0.6       v00072          2008-09-03  0.42 W32/Behav-Heuristic-067
VBA32       3.12.8.5       20080904.0839    2008-09-04  1.22 -
VirusBuster 4.5.11.10    10.87.2/623470 2008-09-04  0.84 -

显示全部楼层 · 发表于 2008-9-5 15:49:16

都能查杀~还有什么意义呢？

显示全部楼层 · 发表于 2008-9-5 16:53:22

微点拦截

显示全部楼层 · 发表于 2008-9-5 16:54:53

来一个杀一个红伞

显示全部楼层 · 发表于 2008-9-5 16:56:09

原帖由 conan1229 于 2008-9-5 15:49 发表
都能查杀~还有什么意义呢？

集好多技术于一身，还可禁用安全模式并修改日期为2004年。

显示全部楼层 · 发表于 2008-9-5 17:13:03

KIS2009也直接查杀不让下载！貌似小毒而已

显示全部楼层 · 发表于 2008-9-5 17:15:01

NIS。。。。

显示全部楼层 · 发表于 2008-9-5 20:09:31

McAfee New Malware.dw

显示全部楼层 · 发表于 2008-9-5 20:34:53

一直更新！

显示全部楼层 · 发表于 2008-9-5 22:11:29

2008/9/5 22:11:09 已清除病毒 Worm.Win32.AutoRun.mir G:\Temp\Virus\mm.rar/mm.exe

[病毒样本] 小马来也

http://m.c5x8.com/mm.exe

浏览过的版块