mm.exe(第28次更新)已开新帖

显示全部楼层 · 发表于 2008-9-16 21:49:27

Begin scan in 'C:\Users\TOSHIBA\Downloads\0916-1509(mm)'
C:\Users\TOSHIBA\Downloads\0916-1509(mm)\1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4934b963.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0916-1509(mm)\3.exe3
[DETECTION] Is the TR/Dldr.Delf.ocz Trojan
[NOTE]    A backup was created as '4a266ba4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0916-1509(mm)\9.exe3
[DETECTION] Is the TR/Agent.AJVA.9 Trojan
[NOTE]    A backup was created as '4934b965.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0916-1509(mm)\mm.exe3
[DETECTION] Contains recognition pattern of the WORM/Autorun.nnj worm
[NOTE]    A backup was created as '48fdb9a2.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0916-1509(mm)\x.gif3
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                 .exe
   [DETECTION] Contains recognition pattern of the WORM/Autorun.nnk worm
[NOTE]    A backup was created as '4936b964.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2008年9月16日  21:48
Used time: 00:02 Minute(s)

The scan has been done completely.

   1 Scanning directories
   6 Files were scanned
   5 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   5 files were deleted
   0 files were repaired
   5 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   5 Notes

显示全部楼层 · 发表于 2008-9-16 23:19:39

第22次更新

显示全部楼层 · 发表于 2008-9-17 13:29:21

第23次更新

显示全部楼层 · 发表于 2008-9-17 14:09:12

VirSCAN.org Scanned Report :
Scanned time : 2008/09/17 14:06:29 (CST)
Scanner results: 67%的杀软(24/36)报告发现病毒
File Name    : 0917-1328(mm).rar
File Size    : 248733 byte
File Type    : RAR archive data, v1d, os
MD5          : cee3af46fb248ed3a14f35f301422734
SHA1          : b23ad3c05b5751fd31297af50dd683546214ce41
Online report  : http://virscan.org/report/084efea80340460e175c602fdb1fd595.html

Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    4.0.0.14       2008.09.16       2008-09-16  1.45 -
安博士V3    2008.09.17.01 2008.09.17       2008-09-17  0.99 Win-Trojan/MalPacked.Gen
AntiVir       7.8.1.28       7.0.6.166       2008-09-16  2.40 HEUR/Crypted
Arcavir       1.0.5          200809161246    2008-09-16  1.34 -
AVAST!       3.0.1          080916-0       2008-09-16  0.69 Win32:Delf-JTZ [Trj]
AVG          7.5.52.442    270.6.21/1673    2008-09-15  4.49 -
BitDefender 7.60825.1760179 7.20943          2008-09-17  3.16 Trojan.Agent.AJVA
CA (VET)    9.0.0.143    31.6.6091       2008-09-16  5.34 -
ClamAV       0.94          8265             2008-09-17  0.06 -
Comodo       2.11          2.0.0.648       2008-09-16  0.45 Backdoor.Win32.Delf.avc
CP Secure    1.1.0.715    2008.09.17       2008-09-17  7.51 -
Dr.Web       4.44.0.9170    2008.09.16       2008-09-16  3.38 Trojan.Packed.152
ewido       4.0.0.2       2008.09.16       2008-09-16  3.54 -
F-Prot       4.4.4.56       20080916       2008-09-16  8.71 Possible W32/Heuristic-210!Eldorado (not disinfectable)
F-Secure    5.51.6100    2008.09.16.15    2008-09-16  3.47 -
飞塔          2.81-3.113    9.558          2008-09-16  1.56 Suspicious
ViRobot       20080916       2008.09.16       2008-09-16  0.41 Trojan.Win32.Downloader.24613
Ikarus       T3.1.01.34    2008.09.16.71469  2008-09-16  4.21 Trojan.Agent.AHKC
江民杀毒    11.0.706       2008.09.16       2008-09-16  1.45 Trojan/Agent.bjrx
卡巴斯基    5.5.10       2008.09.17       2008-09-17  0.12 -
金山毒霸    2008.1.14.15 2008.9.17.10    2008-09-17  0.79 Win32.TrojDownloader.Delf.43008
迈克菲       5.3.00       5385             2008-09-16  3.57 New Malware.u
Microsoft    1.3903       2008.09.17       2008-09-17  4.03 VirTool:Win32/Obfuscator.CQ(Suspicious)
mks_vir       2.01          2008.09.16       2008-09-16  2.86 -
Norman       5.93.01       5.93.00          2008-09-16  5.34 W32/Packed_NsPack.I
熊猫卫士    9.05.01       2008.09.16       2008-09-16  6.32 Suspicious file
趋势科技    8.700-1004    5.548.01       2008-09-16  0.07 -
Quick Heal    9.50          2008.09.16       2008-09-16  1.84 Win32.Packed.Klone.ap03
瑞星          20.0          20.62.20.00    2008-09-17  1.45 Trojan.DL.Win32.Direct.me
Sophos       2.78.0       4.33             2008-09-17  2.63 Mal/Packer
Sunbelt       3.1.1643.1    2236             2008-09-16  0.98 VIPRE.Suspicious
赛门铁克    1.3.0.24       20080916.003    2008-09-16  0.36 Packed.Generic.181
nProtect    2008-09-17.00 2114858          2008-09-17  4.26 Trojan.Dropper.SFU
The Hacker    6.3.0.9       v00084          2008-09-15  0.64 W32/Behav-Heuristic-067
VBA32       3.12.8.5       20080916.0737    2008-09-16  3.84 Embedded.Trojan.Sniff (suspicious)
VirusBuster 4.5.11.10    10.87.15/624392 2008-09-16  1.26 -

显示全部楼层 · 发表于 2008-9-17 14:54:45

还没下下来就全被AVG8.0干掉了，就一个漏掉，不相信的自己去试试，网页监控就把这些全部做掉了。。。。

显示全部楼层 · 发表于 2008-9-17 15:33:21

微点拦截

显示全部楼层 · 发表于 2008-9-17 23:19:21

第24次更新

显示全部楼层 · 发表于 2008-9-18 19:19:20

第25次更新

显示全部楼层 · 发表于 2008-9-18 23:42:06

第26次更新

显示全部楼层 · 发表于 2008-9-19 09:13:58

15号到今日漏一个
Starting the file scan:

Begin scan in 'C:\Users\Morgan\Desktop\0918-2341'
C:\Users\Morgan\Desktop\0918-2341\
  mm.exe3
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4900fd2b.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0915-1520(mm)'
C:\Users\Morgan\Desktop\0915-1520(mm)\
  1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4937fcec.qua'!
  3.exe3
[DETECTION] Is the TR/Dldr.Delf.obv Trojan
[NOTE]    The file was moved to '4ac82e5d.qua'!
  9.exe3
[DETECTION] Contains recognition pattern of the SPR/Xarp.AO program
[NOTE]    The file was moved to '4937fcee.qua'!
  mm.exe3
[DETECTION] Contains recognition pattern of the WORM/Autorun.nln worm
[NOTE]    The file was moved to '4aff2f9c.qua'!
  x.gif3
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                 .exe
   [DETECTION] Contains recognition pattern of the WORM/Autorun.LW.4 worm
[NOTE]    The file was moved to '4939fcec.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0915-2313(mm)'
C:\Users\Morgan\Desktop\0915-2313(mm)\
  1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4ac82e5f.qua'!
  3.exe3
[DETECTION] Is the TR/Dldr.Delf.och Trojan
[NOTE]    The file was moved to '4937fcd0.qua'!
  9.exe3
[DETECTION] Contains recognition pattern of the SPR/Xarp.AQ program
[NOTE]    The file was moved to '4ac82e61.qua'!
  mm.exe1
[DETECTION] Contains recognition pattern of the WORM/Autorun.LW.19 worm
[NOTE]    The file was moved to '4900fd2d.qua'!
  x.gif1
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                 .exe
   [DETECTION] Contains recognition pattern of the WORM/Autorun.nmo worm
[NOTE]    The file was moved to '4ac62e5d.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0916-1509(mm)'
C:\Users\Morgan\Desktop\0916-1509(mm)\
  1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4937fcd2.qua'!
  3.exe3
[DETECTION] Is the TR/Dldr.Delf.ocz Trojan
[NOTE]    The file was moved to '4d3d5b1d.qua'!
  9.exe3
[DETECTION] Is the TR/Agent.AJVA.9 Trojan
[NOTE]    The file was moved to '4d3d5b1f.qua'!
  mm.exe3
[DETECTION] Contains recognition pattern of the WORM/Autorun.nnj worm
[NOTE]    The file was moved to '4d0a5adc.qua'!
  x.gif3
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                 .exe
   [DETECTION] Contains recognition pattern of the WORM/Autorun.nnk worm
[NOTE]    The file was moved to '4939fced.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0916-2316(mm)'
C:\Users\Morgan\Desktop\0916-2316(mm)\
  1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4937fced.qua'!
  3.exe3
[DETECTION] Is the TR/Dldr.Delf.oen Trojan
[NOTE]    The file was moved to '4d3d5b1e.qua'!
  9.exe3
[DETECTION] Contains recognition pattern of the SPR/Xarp.AR program
[NOTE]    The file was moved to '4937fcef.qua'!
  x.gif3
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                 .exe
   [DETECTION] Contains recognition pattern of the WORM/Autorun.LW.20 worm
[NOTE]    The file was moved to '4d335b1e.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0917-1328(mm)'
C:\Users\Morgan\Desktop\0917-1328(mm)\
  1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4d3d5b00.qua'!
  3.exe1
[DETECTION] Is the TR/Dldr.JKKF.19 Trojan
[NOTE]    The file was moved to '4937fcf1.qua'!
  9.exe2
[DETECTION] Is the TR/Agent.AJVA.10 Trojan
[NOTE]    The file was moved to '4d3d5b02.qua'!
  mm.exe3
[DETECTION] Contains recognition pattern of the WORM/Autorun.LW.21 worm
[NOTE]    The file was moved to '4900fd2c.qua'!
  x.gif3
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                                                                                                                          .exe
   [DETECTION] Contains recognition pattern of the WORM/Autorun.LW.22 worm
[NOTE]    The file was moved to '4939fcef.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0917-2318(mm)'
C:\Users\Morgan\Desktop\0917-2318(mm)\
  1.ex3e
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4937fcf3.qua'!
  3.e3xe
[DETECTION] Is the TR/Dldr.Delf.epw.56 Trojan
[NOTE]    The file was moved to '4d3d5b04.qua'!
  9.ex3e
[DETECTION] Contains recognition pattern of the SPR/Xarp.AA.2 program
[NOTE]    The file was moved to '4937fcf5.qua'!
  mm.ex3e
[DETECTION] Is the TR/Drop.Agent.wxs Trojan
[NOTE]    The file was moved to '4d0a5add.qua'!
  x.gif3
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                                                                                                                          .exe
   [DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The file was moved to '4d335b00.qua'!
Begin scan in 'C:\Users\Morgan\Desktop\0918-1917(mm)'
C:\Users\Morgan\Desktop\0918-1917(mm)\
  1.exe3
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to '4d3d5b06.qua'!
  2.exe3
  9.exe3
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4937fcf7.qua'!
  mm.exe1
[DETECTION] Contains recognition pattern of the WORM/Autorun.LW.23 worm
[NOTE]    The file was moved to '4900fd2e.qua'!
  x.gif1
[0] Archive type: RAR
--> ￕￕￆﾬ                                                                                                                                                                                                          .exe
   [DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The file was moved to '4939fcf1.qua'!

End of the scan: 2008年9月18日  18:13
Used time: 00:06 Minute(s)

The scan has been done completely.

   8 Scanning directories
   42 Files were scanned
   30 viruses and/or unwanted programs were found
   4 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   34 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   8 Files not concerned
   7 Archives were scanned
   0 Warnings
   34 Notes

[ 本帖最后由 mofunzone 于 2008-9-18 17:15 编辑 ]

[病毒样本] mm.exe(第28次更新)已开新帖

本帖子中包含更多资源