30

kingmuro

我用的是mcafee8.5，病毒库是昨天的，可能比不上你的正版收费软件更新快……

llydmissile

我用的企业版也不是收费的....至少不会向个人收费....
病毒库应该一样的说
8.7i比较适合样板区，有月神启发就是不一样

llydmissile

AVERT Labs - Beaverton
Current Scan Engine Version:5300.2777
Current DAT Version:5522.0000
Thank you for your submission.

Analysis ID: 5129341
Name Findings Detection Type Extra
newads01.exe## current detection pws-onlinegames.co Trojan no
newads02.exe## current detection pws-onlinegames.di Trojan no
newads03.exe## new detection pws-gamania.dll Trojan yes
newads04.exe## current detection pws-onlinegames.di Trojan no
newads05.exe## current detection pws-onlinegames.dp Trojan no
newads06.exe## current detection pws-mmorpg.gen Trojan no
newads07.exe## current detection pws-onlinegames.di Trojan no
newads08.exe## current detection pws-onlinegames.di Trojan no
newads09.exe## heuristic detection new malware.n Trojan no
newads10.exe## current detection pws-onlinegames.di.dll Trojan no
newads11.exe## current detection pws-onlinegames.e Trojan no
newads12.exe## current detection pws-onlinegames.di Trojan no
newads13.exe## new detection generic dropper Trojan yes
newads14.exe## current detection pws-onlinegames.di.dll Trojan no
newads15.exe## current detection pws-onlinegames.di.dll Trojan no
newads16.exe## current detection pws-onlinegames.di.dll Trojan no
newads17.exe## new detection pws-gamania.dll Trojan yes
newads18.exe## current detection pws-onlinegames.e Trojan no
newads19.exe## current detection pws-mmorpg.gen Trojan no
newads20.exe## current detection pws-onlinegames.e Trojan no
newads21.exe## current detection pws-onlinegames.e Trojan no
newads22.exe## current detection pws-qqgame Trojan no
newads23.exe## current detection generic dropper Trojan no
newads24.exe## current detection pws-onlinegames.co Trojan no
newads25.exe## current detection pws-onlinegames.co Trojan no
newads26.exe## current detection pws-onlinegames.di Trojan no
newads27.exe## heuristic detection new malware.n Trojan no
newads28.exe## inconclusive   no
newads29.exe## heuristic detection new malware.n Trojan no
newads30.exe## heuristic detection new malware.n Trojan no

Attached is a file for extra detection, which will be included in a future DAT set. We have detected a virus or trojan that can only be detected and removed with the attached EXTRA.DAT and current scan engine. The EXTRA.DAT must be used with the current scan engine, and we highly recommend you update to the most current DAT release. If you are not seeing this with the product you are using, please speak with technical support so they can help you determine the cause of this discrepancy.

inconclusive [ newads28.exe## ]
Upon analysis the file submitted does not appear to contain one of the 200,000 known threats in the AutoImmune database. The file may contain a new threat, or no code capable of being infected. Your submission is being forwarded to an Avert Labs Researcher for further analysis. You will be contacted by AVERT through e-mail with the results of that analysis.

heuristic detection [ newads09.exe## newads27.exe## newads29.exe## newads30.exe## ]
The file received may contain a potential virus or trojan threat identified heuristically. This potential threat was identified with our most powerful set of heuristic DAT drivers. Heuristic drivers can cause false-positive identifications, as such, this issue is being escalated to Avert Labs for a thorough review.
In the meantime, it is recommended that you update your DAT and engine files and scan your computer again. You will be contacted through e-mail with the results of our analysis.

new detection [ newads03.exe## newads13.exe## newads17.exe## ]
The file received contains a new virus or trojan. It is recommended that you update your DAT and engine files and scan your computer again.

current detection [ newads01.exe## newads02.exe## newads04.exe## newads05.exe## newads06.exe## newads07.exe## newads08.exe## newads10.exe## newads11.exe## newads12.exe## newads14.exe## newads15.exe## newads16.exe## newads18.exe## newads19.exe## newads20.exe## newads21.exe## newads22.exe## newads23.exe## newads24.exe## newads25.exe## newads26.exe## ]
The file received is infected and can be detected and removed with our current DAT files and engine. It is recommended that you update your DAT and engine files and scan your computer again.
If you are not seeing this with the product you are using, please speak with technical support so that they can help you determine the cause of this discrepancy.


Regards,



McAfee AVERT tm
A division of McAfee, Inc


Miss 1

kingmuro

月神启发？不知道这个东东哦

llydmissile

请向McAfee上报未查出的可疑样本，以提升软件应对威胁的能力…

方法：压缩打包，然后看我签名

电影结束了

"Scan ""Shell extension scan"" was finished."
"Infections";"29";"29";"0"
"Spyware";"2";"2";"0"
"Folders selected for scanning:";"E:\收集区\34851204502;"
"Scan started:";"2009年2月11日, 23:17:01"
"Scan finished:";"2009年2月11日, 23:17:21 (20 second(s))"
"Total object scanned:";"33"
"User who launched the scan:";"Administrator"

"Infections"
"File";"Infection";"Result"
"E:\收集区\34851204502\newads30.exe##";"Trojan horse Dropper.Agent.KVU";"Moved to Virus Vault"
"E:\收集区\34851204502\newads29.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads27.exe##";"Trojan horse PSW.Delf.CXQ";"Moved to Virus Vault"
"E:\收集区\34851204502\newads26.exe##";"Trojan horse PSW.Generic6.BCHR";"Moved to Virus Vault"
"E:\收集区\34851204502\newads25.exe##";"Trojan horse PSW.Generic6.AYQA.dropper";"Moved to Virus Vault"
"E:\收集区\34851204502\newads24.exe##";"Trojan horse PSW.Generic6.AYQA.dropper";"Moved to Virus Vault"
"E:\收集区\34851204502\newads23.exe##";"Trojan horse Generic12.BIIC";"Moved to Virus Vault"
"E:\收集区\34851204502\newads22.exe##";"Trojan horse PSW.Delf.CWT";"Moved to Virus Vault"
"E:\收集区\34851204502\newads21.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads20.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads19.exe##";"Trojan horse PSW.Legendmir.LMB.dropper";"Moved to Virus Vault"
"E:\收集区\34851204502\newads18.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads17.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads16.exe##";"Trojan horse PSW.Generic6.BBTJ";"Moved to Virus Vault"
"E:\收集区\34851204502\newads15.exe##";"Trojan horse PSW.Generic6.BBTJ";"Moved to Virus Vault"
"E:\收集区\34851204502\newads14.exe##";"Trojan horse PSW.Generic6.BCHR";"Moved to Virus Vault"
"E:\收集区\34851204502\newads13.exe##";"Trojan horse BackDoor.Generic10.AQVW.dropper";"Moved to Virus Vault"
"E:\收集区\34851204502\newads12.exe##";"Trojan horse PSW.Generic6.BBTJ";"Moved to Virus Vault"
"E:\收集区\34851204502\newads11.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads10.exe##";"Trojan horse PSW.Generic6.BBTJ";"Moved to Virus Vault"
"E:\收集区\34851204502\newads09.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads08.exe##";"Trojan horse PSW.Generic6.BBTJ";"Moved to Virus Vault"
"E:\收集区\34851204502\newads07.exe##";"Trojan horse PSW.Generic6.BCHR";"Moved to Virus Vault"
"E:\收集区\34851204502\newads06.exe##";"Trojan horse Generic12.BJNY";"Moved to Virus Vault"
"E:\收集区\34851204502\newads05.exe##";"Trojan horse Agent.AXVI";"Moved to Virus Vault"
"E:\收集区\34851204502\newads04.exe##";"Trojan horse PSW.OnlineGames.BNHN";"Moved to Virus Vault"
"E:\收集区\34851204502\newads03.exe##";"Virus found Win32/Heur";"Moved to Virus Vault"
"E:\收集区\34851204502\newads02.exe##";"Trojan horse PSW.OnlineGames.BNHN";"Moved to Virus Vault"
"E:\收集区\34851204502\newads01.exe##";"Trojan horse PSW.OnlineGames.BNRQ.dropper";"Moved to Virus Vault"

"Spyware"
"File";"Infection";"Result"
"E:\收集区\34851204502\newads28.exe##:\$KA\68.exe";"Adware Generic3.AJKM";"Moved to Virus Vault"
"E:\收集区\34851204502\newads28.exe##";"Adware Generic3.AJKM.dropper";"Moved to Virus Vault"


ALL

rok827

红伞清了33个 神奇！
Begin scan in 'C:\Users\Shane Roddick\Desktop\34851204502.rar'
C:\Users\Shane Roddick\Desktop\34851204502.rar
    [0] Archive type: RAR
    --> 34851204502\newads01.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 34851204502\newads02.exe##
          [DETECTION] Is the TR/PSW.Online.apyk Trojan
    [DETECTION] Is the TR/Drop.Agent.Zlo.2 Trojan
    --> 34851204502\newads03.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 34851204502\newads04.exe##
          [DETECTION] Is the TR/Onlinegames.ulur Trojan
    --> 34851204502\newads11.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 34851204502\newads17.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 34851204502\newads18.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 34851204502\newads19.exe##
          [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 34851204502\newads20.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 34851204502\newads21.exe##
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 34851204502\newads23.exe##
        --> Object
          [2] Archive type: RSRC
          --> Object
            [DETECTION] Is the TR/Dldr.Small.aizx Trojan
      --> 34851204502\newads27.exe##
          [DETECTION] Is the TR/ATRAPS.Gen Trojan
    --> 34851204502\newads28.exe##
      [DETECTION] Contains recognition pattern of the DR/BHO.fnf dropper
      --> 34851204502\newads28.exe##
        [1] Archive type: NSIS
        --> ProgramFilesDir/68.exe
          [DETECTION] Contains recognition pattern of the ADSPY/Cin.FBT.53248 adware or spyware
    --> 34851204502\newads30.exe##
      [DETECTION] Is the TR/Drop.Agent.Zlo.2 Trojan
    [NOTE]      The file was deleted!

rok827

是不是一个文件含多个恶意代码

sam.to

不清楚