AVG8.0报~
大家帮看看~!!!!
VirSCAN.org Scanned Report :
Scanned time : 2008/10/14 02:53:17 (CST)
Scanner results: 26%的杀软(10/38)报告发现病毒
File Name : kmsinput.rar
File Size : 5702 byte
File Type : RAR archive data, v1d, os
MD5 : 8e685bb3f0b45a7e041c460276e32d93
SHA1 : ff9d2c6e92984d308c2f6e747c3cd58e22f2bff6
Online report : http://virscan.org/report/cf57b6f698322c63836998e4a89e9eb5.html
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.0.0.16 2008.10.12 2008-10-12 1.45 Email-Worm.Win32.Brontok.q!A2
安博士V3 2008.10.14.00 2008.10.14 2008-10-14 0.91 -
AntiVir 7.8.1.34 7.0.7.35 2008-10-13 2.37 -
安天 2.0.18 20081013.1480811 2008-10-13 0.12 -
Arcavir 1.0.5 200810130125 2008-10-13 1.21 Worm.Brontok.Q
Authentium 5.1.1 200810100520 2008-10-10 1.04 -
AVAST! 3.0.1 081012-0 2008-10-12 0.70 -
AVG 7.5.52.442 270.8.0/1722 2008-10-13 1.65 Generic6.QQP
BitDefender 7.60825.1869761 7.21259 2008-10-14 3.15 -
CA (VET) 9.0.0.143 31.6.6146 2008-10-13 5.10 -
ClamAV 0.94 8417 2008-10-13 0.01 -
Comodo 2.11 2.0.0.675 2008-10-13 0.43 -
CP Secure 1.1.0.715 2008.10.14 2008-10-14 6.10 W32.Sality.y
Dr.Web 4.44.0.9170 2008.10.13 2008-10-13 3.32 -
ewido 4.0.0.2 2008.10.13 2008-10-13 2.88 -
F-Prot 4.4.4.56 20081012 2008-10-12 1.03 -
F-Secure 5.51.6100 2008.10.13.10 2008-10-13 3.53 -
飞塔 2.81-3.113 9.641 2008-10-13 0.15 [email=W32/Brontok.Q@mm]W32/Brontok.Q@mm[/email]
ViRobot 20081013 2008.10.13 2008-10-13 0.54 -
Ikarus T3.1.01.34 2008.10.13.71637 2008-10-13 3.79 Email-Worm.Win32.Brontok.q
江民杀毒 11.0.706 2008.10.13 2008-10-13 1.25 -
卡巴斯基 5.5.10 2008.10.13 2008-10-13 0.04 -
金山毒霸 2008.9.8.18 2008.10.13.20 2008-10-13 0.64 -
迈克菲 5.3.00 5403 2008-10-10 2.08 -
Microsoft 1.4005 2008.10.13 2008-10-13 4.11 -
mks_vir 2.01 2008.10.13 2008-10-13 2.64 -
Norman 5.93.01 5.93.00 2008-10-13 5.15 -
熊猫卫士 9.05.01 2008.10.12 2008-10-12 2.17 -
趋势科技 8.700-1004 5.596.11 2008-10-13 0.02 -
Quick Heal 9.50 2008.10.13 2008-10-13 2.01 I-Worm.Brontok.q
瑞星 20.0 20.66.00.00 2008-10-13 0.92 -
Sophos 2.79.0 4.34 2008-10-14 1.84 Mal/Generic-A
Sunbelt 3.1.1719.1 2304 2008-10-12 0.59 -
赛门铁克 1.3.0.24 20081013.003 2008-10-13 0.05 -
nProtect 2008-10-13.00 2242853 2008-10-13 4.22 Worm/W32.Brontok.15440
The Hacker 6.3.1.0 v00108 2008-10-11 0.43 -
VBA32 3.12.8.6 20081013.1238 2008-10-13 1.35 Email-Worm.Win32.Brontok.q
VirusBuster 4.5.11.10 10.90.1/634360 2008-10-13 0.82 -
File kmsinput.sys received on 10.13.2008 20:56:37 (CET)
| Antivirus | Version | Last Update | Result | | AhnLab-V3 | 2008.10.14.0 | 2008.10.13 | - | | AntiVir | 7.8.1.34 | 2008.10.13 | - | | Authentium | 5.1.0.4 | 2008.10.13 | - | | Avast | 4.8.1248.0 | 2008.10.12 | - | | AVG | 8.0.0.161 | 2008.10.13 | Generic6.QQP | | BitDefender | 7.2 | 2008.10.13 | - | | CAT-QuickHeal | 9.50 | 2008.10.13 | I-Worm.Brontok.q | | ClamAV | 0.93.1 | 2008.10.13 | - | | DrWeb | 4.44.0.09170 | 2008.10.13 | - | | eSafe | 7.0.17.0 | 2008.10.12 | Win32.Brontok.q | | eTrust-Vet | 31.6.6146 | 2008.10.13 | - | | Ewido | 4.0 | 2008.10.13 | - | | F-Prot | 4.4.4.56 | 2008.10.12 | - | | F-Secure | 8.0.14332.0 | 2008.10.13 | - | | Fortinet | 3.113.0.0 | 2008.10.13 | W32/Brontok.Q@mm | | GData | 19 | 2008.10.13 | - | | Ikarus | T3.1.1.34.0 | 2008.10.13 | Email-Worm.Win32.Brontok.q | | K7AntiVirus | 7.10.492 | 2008.10.13 | Trojan.Win32.Malware.1 | | Kaspersky | 7.0.0.125 | 2008.10.13 | - | | McAfee | 5403 | 2008.10.11 | - | | Microsoft | 1.4005 | 2008.10.13 | - | | NOD32 | 3518 | 2008.10.13 | - | | Norman | 5.80.02 | 2008.10.13 | - | | Panda | 9.0.0.4 | 2008.10.13 | - | | PCTools | 4.4.2.0 | 2008.10.13 | - | | Prevx1 | V2 | 2008.10.13 | Malicious Software | | Rising | 20.66.02.00 | 2008.10.13 | - | | SecureWeb-Gateway | 6.7.6 | 2008.10.13 | - | | Sophos | 4.34.0 | 2008.10.13 | Mal/Generic-A | | Sunbelt | 3.1.1719.1 | 2008.10.13 | - | | Symantec | 10 | 2008.10.13 | - | | TheHacker | 6.3.1.0.108 | 2008.10.11 | - | | TrendMicro | 8.700.0.1004 | 2008.10.13 | - | | VBA32 | 3.12.8.6 | 2008.10.13 | Email-Worm.Win32.Brontok.q | | ViRobot | 2008.10.13.1417 | 2008.10.13 | - | | VirusBuster | 4.5.11.0 | 2008.10.13 | - |
| | Additional information | | File size: 15440 bytes | | MD5...: f8d6ebcb50c02b42c5ffd5393229c6b6 | | SHA1..: 5f16b5c64a5dcb8a1d054de31c4473f67b45dcb4 | | SHA256: fd2c77fbdf1cccec3d713f85eafbb18c379036162da7d758cb2bc82f61966a34 | | SHA512: ffc5dc5751aa78cffff866c1006df79312755f178bce9f97d73ac1feed8d5d47<BR>19d85933cc3c93c234b3a92129b5d268d08d0a09a41fdbe503a65b872487c244 | | PEiD..: - | | TrID..: File type identification<BR>Generic Win/DOS Executable (49.9%)<BR>DOS Executable Generic (49.8%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) | | PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1076e<BR>timedatestamp.....: 0x42008b7c (Wed Feb 02 08:12:44 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x280 0xb88 0xc00 6.05 7a61ad170e7c68d4435fb0fdbb172380<BR>.data 0xe80 0x2b0 0x300 0.41 b825b46058279b164783c7b3030af19e<BR>INIT 0x1180 0x2cc 0x300 4.88 46dc15b436ee3a38d1e1dd86bd1724a6<BR>.reloc 0x1480 0x15c 0x180 5.04 727d221652796397d9abd7a1c33e665b<BR><BR>( 1 imports ) <BR>> ntoskrnl.exe: IoCreateSymbolicLink, IoAttachDevice, RtlFreeUnicodeString, IoCreateDevice, RtlAnsiStringToUnicodeString, RtlInitAnsiString, sprintf, KeSetEvent, IoDriverObjectType, InterlockedExchange, ObReferenceObjectByName, RtlInitUnicodeString, IoRegisterShutdownNotification, KeInitializeEvent, IoDeleteDevice, IofCompleteRequest, rand, srand, KeQuerySystemTime, KeClearEvent, IoDetachDevice, KeWaitForSingleObject, IofCallDriver, RtlAssert, _except_handler3, IoUnregisterShutdownNotification, IoDeleteSymbolicLink<BR><BR>( 0 exports ) <BR> | | Prevx info: http://info.prevx.com/aboutprogr ... 0F6E0BF3C0021B8F404 |
[ 本帖最后由 c5132902 于 2008-10-14 03:02 编辑 ] |
发表于 2008-10-14 02:52:24
发表于 2008-10-14 16:27:51
