14%的杀软(5/37)报告发现病毒

ybc13795

VirSCAN.org Scanned Report :
Scanned time   : 2008/10/07 20:12:42 (CST)
Scanner results: 14%的杀软(5/37)报告发现病毒
File Name      : bothba.rar
File Size      : 603829 byte
File Type      : RAR archive data, v1d, os
MD5            : 9a2c0e2fb2c17dfc3488233de2fbf48e
SHA1           : 1c8c69749942e62d0efe2f5579ece4622b6eb1dc
Online report  : http://virscan.org/report/a927f7f398fddd3fdb3004e928857c40.html

Scanner        Engine Ver      Sig Ver           Sig Date    Time   Scan result
a-squared      4.0.0.16        2008.10.06        2008-10-06  1.56   -
安博士V3       2008.10.08.00   2008.10.08        2008-10-08  1.33   -
AntiVir        7.8.1.34        7.0.7.4           2008-10-07  2.40   -
Arcavir        1.0.5           200810061612      2008-10-06  1.24   -
Authentium     5.1.1           200810012118      2008-10-01  1.10   W32/Heuristic-210!Eldorado (Heuristic)
AVAST!         3.0.1           081006-0          2008-10-06  0.09   -
AVG            7.5.52.442      270.7.6/1711      2008-10-06  1.64   -
BitDefender    7.60825.1840487 7.21187           2008-10-07  5.01   -
CA (VET)       9.0.0.143       31.6.6133         2008-10-07  3.76   -
ClamAV         0.94            8384              2008-10-07  0.12   -
Comodo         2.11            2.0.0.668         2008-10-06  1.28   -
CP Secure      1.1.0.715       2008.10.07        2008-10-07  6.09   -
Dr.Web         4.44.0.9170     2008.10.07        2008-10-07  3.44   -
ewido          4.0.0.2         2008.10.07        2008-10-07  3.40   -
F-Prot         4.4.4.56        20081006          2008-10-06  1.12   Possible W32/Heuristic-210!Eldorado (not disinfectable)
F-Secure       5.51.6100       2008.10.07.07     2008-10-07  3.58   -
飞塔           2.81-3.113      9.620             2008-10-06  1.83   Suspicious
ViRobot        20081007        2008.10.07        2008-10-07  0.43   -
Ikarus         T3.1.01.34      2008.10.07.71595  2008-10-07  4.10   -
江民杀毒       11.0.706        2008.10.07        2008-10-07  1.26   -
卡巴斯基       5.5.10          2008.10.07        2008-10-07  0.09   -
金山毒霸       2008.9.8.18     2008.10.7.17      2008-10-07  0.92   -
迈克菲         5.3.00          5399              2008-10-06  2.58   -
Microsoft      1.4005          2008.10.06        2008-10-06  9.92   -
mks_vir        2.01            2008.10.07        2008-10-07  2.71   Win32.4
Norman         5.93.01         5.93.00           2008-10-05  5.33   -
熊猫卫士       9.05.01         2008.10.06        2008-10-06  2.63   -
趋势科技       8.700-1004      5.582.08          2008-10-07  0.16   -
Quick Heal     9.50            2008.10.07        2008-10-07  2.02   -
瑞星           20.0            20.65.02.00       2008-10-06  2.95   -
Sophos         2.79.0          4.34              2008-10-07  1.85   -
Sunbelt        3.1.1707.1      2286              2008-10-06  0.64   VIPRE.Suspicious
赛门铁克       1.3.0.24        20081006.006      2008-10-06  0.46   -
nProtect       2008-10-07.00   2209315           2008-10-07  7.90   -
The Hacker     6.3.1.0         v00102            2008-10-06  0.44   -
VBA32          3.12.8.6        20081006.1506     2008-10-06  5.80   -
VirusBuster    4.5.11.10       10.89.9/633969    2008-10-06  1.03   -

[ 本帖最后由 ybc13795 于 2008-10-7 20:16 编辑 ]

伞兵づ泡泡

我咋只看见3家报毒呢……

kingmuro

驱逐舰，卡巴2009过

wangjay1980

俄

raulwang

过费尔

skoonya

报的少难道就是厉害么？
是游戏外挂

wangjay1980

http://www.threatexpert.com/repo ... 4d2f80d2a10bceb9b97

wangjay1980

Visit ThreatExpert web site

|

Close Report

Submission Summary:

• Submission details:
  • Submission received: 7 October 2008, 23:10:10
  • Processing time: 6 min 21 sec
  • Submitted sample:
    • File MD5: 0x746B601A7CE764D2F80D2A10BCEB9B97
    • Filesize: 610,304 bytes

• Summary of the findings:

What's been found	Severity Level
Capability to send out email message(s) with the built-in SMTP client engine.

Technical Details:

• The new window was created, as shown below:

NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.

File System Modifications

• The following files were created in the system:

#	Filename(s)	File Size	File MD5
1	%System%\rxcf-V8-9-18.ini	576 bytes	0x4A9B6EB9AFF7017D2C6468E6C7405FD8
2	[file and pathname of the sample #1]	610,304 bytes	0x746B601A7CE764D2F80D2A10BCEB9B97

• Note:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

Memory Modifications

• There was a new process created in the system:

Process Name	Process Filename	Main Module Size
[filename of the sample #1]	[file and pathname of the sample #1]	1,081,344 bytes

Other details

• Analysis of the file resources indicate the following possible country of origin:

China

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.
The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.
Copyright © 2008 ThreatExpert. All rights reserved.

BING126

误报。。

hzyw

G DATA过