29(52楼更新) 12月28日更新

jordanpchome

a-squared Anti-Malware -版本 4.0
上次更新: 2008/11/30 下午 06:35:45

扫瞄设置:

对像: C:\Documents and Settings\Administrator\桌面\51141
扫瞄文件: 开
启发式扫瞄: 开
ADS扫瞄: 开

扫瞄开始于:        2008/11/30 下午 06:48:02

C:\Documents and Settings\Administrator\桌面\51141\aa30.ex3e         已检测: Trojan.Flystudio.AI!IK

已扫瞄
文件:         1

已发现
文件:         1
---------------
a2+IKARUS和体妖刀,杀!

欠妳緈諨

查杀的是AVK2009

XMatence

avk09怎么两个引擎同时调用？

一个文件引擎a发现病毒后，引擎b也扫一遍，这个东西找了半天

xiaochi12

好像2009本來就可以
我掃11.29的KAFAN VIRLIST時第一個樣本是B引擎報的

欠妳緈諨

AVK任意版本都可以实现普通双重扫描 方法有两个，一种是用绅岚的3引擎双调用工具，另一种是偶自创的，就是先注册06，再注册08或者09，然后在06里设置为普通双重扫描，调用08或者09，也是普通双重扫描！

xiaochi12

NORMAN的CMD有問題，無法報毒，PANDA的CLS是6.30的病毒庫
-------------------------------------------------------------------------
f:\MCLS\virus\aa1.exe$
MD5 Hash: 62C0B4BBD0F74418BC3B98447DEDF1B2
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Spyware-gen [Trj]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.PWS.Wsgame.9018++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/EncPk-BW++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa10.exe$
MD5 Hash: E2E0FCE31C1ECE386FA7AB6FF5CFFD62
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Spyware-gen [Trj]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.PWS.Wsgame.9020++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/EncPk-BW++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa11.exe$
MD5 Hash: 8F7C5697E36C218BC25FCC0AACBEF6CA
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1166856++
+Dr.Web ----- Trojan.MulDrop.23709++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa12.exe$
MD5 Hash: 6AE166F231EBC7F859B59819D5C05067
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1165254++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa14.exe$
MD5 Hash: 5168F24EB4F7E7448D88ECDEAB674122
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa15.exe$
MD5 Hash: 631EF14A556FE9A7F6CD445A045E5B05
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1172705++
+Dr.Web ----- Trojan.MulDrop.23711++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa16.exe$
MD5 Hash: F062CDFEA5AE90CE1087B377D80BF606
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa17.exe$
MD5 Hash: 6257C1822909584475057E48F7039A17
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1166240++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa18.exe$
MD5 Hash: 0AC15E5E4170902777F9A92C55F8DAB5
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.PWS.Siggen.27++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dloadr-E++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa19.exe$
MD5 Hash: 826EC116BD7C483D7D7A91C6A8FC8F79
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1164967++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa2.exe$
MD5 Hash: 8E8CABD4442CDFBBDFF125E981AC07F3
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa20.exe$
MD5 Hash: BCC250ACC12A26A08B9F3F88BC910610
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1165738++
+Dr.Web ----- Trojan.MulDrop.23709++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa21.exe$
MD5 Hash: D7D96FD3EDE726E5CB393C2F83537317
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa22.exe$
MD5 Hash: 80F17A2705B477BFFC9B7A32331AF6F0
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.MulDrop.23709++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa23.exe$
MD5 Hash: 60F79948A6E35BB34EB5F6E78F875945
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.PWS.Wsgame.8235++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVI++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa24.exe$
MD5 Hash: 3055F32ED4295BD278D0C8599A13087F
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1164833++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa25.exe$
MD5 Hash: F9C5067F87D654EAC626384EAE1A6CF3
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.PWS.Siggen.27++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dloadr-E++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa26.exe$
MD5 Hash: 98BD11C47B26B726269E281E0863215B
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa27.exe$
MD5 Hash: 756E111E110F873B955A1449D4CC6AA9
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1166371++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa28.exe$
MD5 Hash: 583858B909279181B82E09C909D9B203
Type: UPX compressed Win32 Executable / Extension: .EXE
""
+A-squared ----- Trojan.Win32.Inject!IK++
+Avast ----- Win32:Spyware-gen [Trj]++
+BitDefender ----- Trojan.Generic.1134818++
+Dr.Web ----- Trojan.PWS.Gamania.16014++
?Norman ----- Nothing??
?Panda ----- Nothing??
?Sophos ----- Nothing??
""
*** 4/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa29.exe$
MD5 Hash: C72400EF13DF65EBA85735304FF9084A
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1165511++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa3.exe$
MD5 Hash: A00714B60AB82602F6513C56C25BCB6E
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa30.exe$
MD5 Hash: ED061EA7AE602CB3ABB10E11679898E7
Type: Win32 Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan.Flystudio!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Dropped:Trojan.PWS.OnlineGames.AAFY++
?Dr.Web ----- Nothing??
?Norman ----- Nothing??
?Panda ----- Nothing??
+Sophos ----- Mal/Packer++
""
*** 4/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa33.exe$
MD5 Hash: 773AEA3C1AE256C7AFCE44BBA4E32EBE
Type: UPX compressed Win32 Executable / Extension: .EXE
""
+A-squared ----- Trojan-Dropper.Delf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.Generic.1134752++
+Dr.Web ----- Trojan.PWS.Wow.1020++
?Norman ----- Nothing??
?Panda ----- Nothing??
+Sophos ----- Mal/GamePSW-C++
""
*** 5/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa34.exe$
MD5 Hash: A0E7312EA70ACD26BB716A2EAE616930
Type: Win32 Executable MS Visual C++ / Extension: .EXE
""
+A-squared ----- Trojan.Win32.Cinmus!IK++
+Avast ----- Win32:Cinmus-L [Trj]++
+BitDefender ----- Trojan.Generic.1166564++
+Dr.Web ----- Trojan.DownLoad.15187++
?Norman ----- Nothing??
?Panda ----- Nothing??
?Sophos ----- Nothing??
""
*** 4/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa5.exe$
MD5 Hash: D30F374CBFF6ADE1F29028481FC17B94
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.Generic.1169633++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa6.exe$
MD5 Hash: A05837617F5B77752904D0D839FCA61A
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa7.exe$
MD5 Hash: 6ADD5B34899892557E867728D3F4C3A7
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Trojan-PWS.Win32.Agent.hf!IK++
+Avast ----- Win32:Trojan-gen {Other}++
+BitDefender ----- Trojan.PWS.Agent.SGC++
+Dr.Web ----- Trojan.MulDrop.23001++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Troj/PWS-AVJ++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
f:\MCLS\virus\aa8.exe$
MD5 Hash: EC31FBE322CCF687FF7EFFC32EA9FF05
Type: DOS Executable Generic / Extension: .EXE
""
+A-squared ----- Win32.SuspectCrc!IK++
+Avast ----- Win32:Rootkit-gen [Rtk]++
+BitDefender ----- Trojan.PWS.OnlineGames.AAGG++
+Dr.Web ----- Trojan.MulDrop.23708++
?Norman ----- Nothing??
+Panda ----- Suspicious file++
+Sophos ----- Mal/Dropper-MAP++
""
*** 6/7 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
""
Task done @ 2008-12-02 星期二  1:13:24.68

欠妳緈諨

上个图，不过这个毒BD和avast！双双报壳，汗一个

sam.to

4604f559a2aabd13747c1c28561e2a4d  aa15.exe
0723b87eb275dae5721e13f1590db6cd  aa30.exe

to kl

This file is already detected. Please update your bases.

[ 本帖最后由 sam.to 于 2008-12-5 15:26 编辑 ]

su-tt

已解决的威胁数:
Suspicious.AH.13
类型: 异常
风险: 中 (中 隐蔽性，中 清除，中 性能，中 隐私)
类别: 启发式病毒
状态: 完全解决
-----------
1 文件
c:\documents and settings\administrator\桌面\5477\5477\aa30.exe3 - 已删除

aa15解压时就被NIS干掉了

leonfg

原帖由 sam.to 于 2008-12-2 23:15 发表
4604f559a2aabd13747c1c28561e2a4d  aa15.exe
0723b87eb275dae5721e13f1590db6cd  aa30.exe

to kl

C:\Documents and Settings\GUNDAM\桌面\5477.rar » RAR » 5477\aa15.ex3e - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\5477.rar » RAR » 5477\aa30.exe3 - a variant of Win32/PSW.Legendmir.NFY trojan