马一只！

显示全部楼层 · 发表于 2008-11-21 00:02:28

马一只！

费尔说：eee.rar>>ad[1].htm JS.WindowObject.Exploit.c 可疑程序还未处理

文件 eee.rar 接收于 2008.11.20 16:54:58 (CET)

结果: 9/36 (25%)

反病毒引擎版本最后更新扫描结果
AhnLab-V3 2008.11.20.3 2008.11.20 -
AntiVir 7.9.0.34 2008.11.20 HEUR/HTML.Malware
Authentium 5.1.0.4 2008.11.20 -
Avast 4.8.1281.0 2008.11.19 VBS:Obfuscated-gen
AVG 8.0.0.199 2008.11.20 JS/Downloader.Agent
BitDefender 7.2 2008.11.20 Trojan.JS.Downloader.H
CAT-QuickHeal 10.00 2008.11.20 -
ClamAV 0.94.1 2008.11.20 -
DrWeb 4.44.0.09170 2008.11.20 -
eSafe 7.0.17.0 2008.11.19 -
eTrust-Vet 31.6.6219 2008.11.20 -
Ewido 4.0 2008.11.20 -
F-Prot 4.4.4.56 2008.11.20 -
F-Secure 8.0.14332.0 2008.11.20 -
Fortinet 3.117.0.0 2008.11.20 -
GData 19 2008.11.20 Trojan.JS.Downloader.H
Ikarus T3.1.1.45.0 2008.11.20 -
K7AntiVirus 7.10.528 2008.11.19 -
Kaspersky 7.0.0.125 2008.11.20 -
McAfee 5439 2008.11.19 -
Microsoft 1.4104 2008.11.20 TrojanDownloader:JS/Multibreach.B
NOD32 3627 2008.11.20 -
Norman 5.80.02 2008.11.20 -
Panda 9.0.0.4 2008.11.20 -
PCTools 4.4.2.0 2008.11.20 JS.ActiveXploit.Gen
Prevx1 V2 2008.11.20 -
Rising 21.04.32.00 2008.11.20 -
SecureWeb-Gateway 6.7.6 2008.11.20 Heuristic.HTML.Malware
Sophos 4.35.0 2008.11.20 -
Sunbelt 3.1.1801.2 2008.11.14 -
Symantec 10 2008.11.20 -
TheHacker 6.3.1.1.159 2008.11.19 -
TrendMicro 8.700.0.1004 2008.11.20 -
VBA32 3.12.8.9 2008.11.19 -
ViRobot 2008.11.18.1474 2008.11.18 -
VirusBuster 4.5.11.0 2008.11.19 JS.ActiveXploit.Gen
附加信息
File size: 1973 bytes
MD5...: d7989e6cac697fd01bc26e5952bfee3f
SHA1..: 9ca58870628590ad3b7d3c6be7f75fcc5b05b07f
SHA256: c8065f293292f7f2d6c2ed22e7cdaf4c072bbd49651f6cfcded0bafb4d5ef689
SHA512: b517182b80a220b8fa4d2240ff78bf149b5f7a8236b0d3f6b20dce31851c3113
5a51f25abe62368c43e40ddd95731336a0cb1a396e1acd98aad1818a6af36729
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -

VirSCAN.org Scanned Report :
Scanned time : 2008/11/20 23:55:01 (CST)
Scanner results: 23%的杀软(9/39)报告发现病毒
File Name    : eee.rar
File Size    : 1973 byte
File Type    : RAR archive data, v1d, os
MD5          : d7989e6cac697fd01bc26e5952bfee3f
SHA1          : 9ca58870628590ad3b7d3c6be7f75fcc5b05b07f
Online report  : ht tp://virscan.org/report/0d90cf25f9a60ea3782799fc92472334.html

Scanner       Engine Ver    Sig Ver          Sig Date Time Scan result
a-squared    4.0.0.26       20081120040128 2008-11-20  2.97 -
安博士V3    2008.11.20.04 2008.11.20       2008-11-20  2.24 -
AntiVir       7.9.0.34       7.1.0.115       2008-11-20  1.54 HEUR/HTML.Malware
安天          2.0.18       20081120.1720324  2008-11-20  0.12 -
Arcavir       1.0.5          200811161554    2008-11-16  1.19 -
Authentium    5.1.1          200811200124    2008-11-20  1.04 -
AVAST!       3.0.1          081120-0       2008-11-20  0.00 VBS:Obfuscated-gen [Trj]
AVG          7.5.52.442    270.9.8/1801    2008-11-20  1.73 -
BitDefender 7.81008.2230721 7.21966          2008-11-20  2.03 Trojan.JS.Downloader.H
CA (VET)    9.0.0.143    31.6.6219       2008-11-20  7.15 -
ClamAV       0.94.1       8653             2008-11-20  0.01 -
Comodo       2.11          2.0.0.712       2008-11-20  0.48 -
CP Secure    1.1.0.715    2008.11.20       2008-11-20  6.39 Troj.Downloader.JS.Agent.crq
Dr.Web       4.44.0.9170    2008.11.20       2008-11-20  3.54 -
ewido       4.0.0.2       2008.11.20       2008-11-20  3.45 -
F-Prot       4.4.4.56       20081120       2008-11-20  1.04 -
F-Secure    5.51.6100    2008.11.20.11    2008-11-20  3.73 -
飞塔          2.81-3.117    9.723          2008-11-19  0.32 -
GData       19.1594/19.114  20081120       2008-11-20  6.09 VBS:Obfuscated-gen [Trj] [Engine:B]
ViRobot       20081120       2008.11.20       2008-11-20  0.46 -
Ikarus       T3.1.01.45    2008.11.20.71887  2008-11-20  3.47 -
江民杀毒    11.0.706       2008.11.19       2008-11-19  1.38 -
卡巴斯基    5.5.10       2008.11.20       2008-11-20  0.03 -
金山毒霸    2008.9.8.18    2008.11.20.20    2008-11-20  0.73 JS.Agent.dg.2421
迈克菲       5.3.00       5439             2008-11-19  2.51 -
Microsoft    1.4104       2008.11.20       2008-11-20  4.43 TrojanDownloader:JS/Multibreach.B
mks_vir       2.01          2008.11.17       2008-11-17  2.61 -
Norman       5.93.01       5.93.00          2008-11-20  5.23 -
熊猫卫士    9.05.01       2008.11.19       2008-11-19  2.31 -
趋势科技    8.700-1004    5.664.06       2008-11-20  0.02 -
Quick Heal    10.00          2008.11.20       2008-11-20  0.82 -
瑞星          20.0          21.04.32.00    2008-11-20  0.39 -
Sophos       2.80.0       4.35             2008-11-20  2.03 -
Sunbelt       4474          4474             2008-11-04  0.48 -
赛门铁克    1.3.0.24       20081119.017    2008-11-19  0.04 -
nProtect    2008-11-20.00 2625078          2008-11-20  5.11 Trojan.JS.Downloader.H
The Hacker    6.3.1.1       v00159          2008-11-19  0.49 -
VBA32       3.12.8.9       20081119.0840    2008-11-19  1.33 -
VirusBuster 4.5.11.10    10.93.8/672009 2008-11-19  0.86 JS.ActiveXploit.Gen

显示全部楼层 · 发表于 2008-11-21 00:03:34

TO KL

显示全部楼层 · 发表于 2008-11-21 00:26:47

To Avira

显示全部楼层 · 发表于 2008-11-21 20:54:24

McAfee miss

显示全部楼层 · 发表于 2008-11-21 20:59:03

关于:解密的日志(全体输出-  13):

Level 1>http://www.hotadd.cn/show/ms06014.htm
Level 2>http://www.hotadd.cn/show/services.exe  ●
Level 1>http://www.hotadd.cn/show/access.htm
Level 2>http://www.hotadd.cn/show/services.exe  ●
Level 1>http://www.hotadd.cn/show/lz.htm
Level 2>http://www.hotadd.cn/show/services.exe  ●
Level 1>http://www.hotadd.cn/show/bfyy.htm
Level 2>http://www.hotadd.cn/show/services.exe  ●
Level 1>http://www.hotadd.cn/show/real.js
Level 1>http://www.hotadd.cn/show/real11.htm
Level 2>http://www.hotadd.cn/show/services.exe  ●
Level 1>http://www.hotadd.cn/show/cx.htm
Level 2> http://www.hotadd.cn/show/services.exe  ●

显示全部楼层 · 发表于 2008-11-21 23:11:09

卡巴超级巡警都无视啊，我靠了

显示全部楼层 · 发表于 2008-11-22 11:09:37

Hello,

ad[1].htm_

No malicious code was found in this file.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

[病毒样本] 马一只！

本帖子中包含更多资源