AutoRun病毒安天检测不到

登录 · 发表于 2009-6-17 10:06

本帖最后由 go80lz 于 2009-6-17 10:40 编辑

文件 cao.rar 接收于 2009.06.17 02:06:15 (UTC)反病毒引擎版本最后更新扫描结果
a-squared 4.5.0.18 2009.06.17 -
AhnLab-V3 5.0.0.2 2009.06.16 Packed/Upack
AntiVir 7.9.0.187 2009.06.16 WORM/Rbot.Gen
Antiy-AVL 2.0.3.1 2009.06.16 -
Authentium 5.1.2.4 2009.06.16 W32/Downloader.F.gen!Eldorado
Avast 4.8.1335.0 2009.06.16 Win32:Trojan-gen {Other}
AVG 8.5.0.339 2009.06.17 Worm/Generic.YEN
BitDefender 7.2 2009.06.17 Trojan.Crypt.Delf.C
CAT-QuickHeal 10.00 2009.06.16 Win32.VirTool.DelfInject.gen!X.2
ClamAV 0.94.1 2009.06.16 -
Comodo 1346 2009.06.16 Unclassified Malware
DrWeb 5.0.0.12182 2009.06.16 Trojan.MulDrop.30863
eSafe 7.0.17.0 2009.06.16 Win32.Looked.gen
eTrust-Vet 31.6.6564 2009.06.17 -
F-Prot 4.4.4.56 2009.06.16 W32/Downloader.F.gen!Eldorado
F-Secure 8.0.14470.0 2009.06.17 Worm.Win32.AutoRun.aedd
Fortinet 3.117.0.0 2009.06.17 PossibleThreat
GData 19 2009.06.17 Trojan.Crypt.Delf.C
Ikarus T3.1.1.59.0 2009.06.17 Trojan-Banker.Win32.Banker
Jiangmin 11.0.706 2009.06.16 Worm/AutoRun.hje
K7AntiVirus 7.10.765 2009.06.16 Generic.Packed.Upack
Kaspersky 7.0.0.125 2009.06.17 Worm.Win32.AutoRun.aedd
McAfee 5648 2009.06.16 New Malware.n
McAfee+Artemis 5648 2009.06.16 Artemis!C31588973163
McAfee-GW-Edition 6.7.6 2009.06.16 Worm.Rbot.Gen
Microsoft 1.4701 2009.06.17 Trojan:Win32/bosbot.A
NOD32 4160 2009.06.16 Win32/AutoRun.ADC
Norman 6.01.09 2009.06.16 -
nProtect 2009.1.8.0 2009.06.16 -
Panda 10.0.0.14 2009.06.16 W32/AutoRun.DJ.worm
PCTools 4.4.2.0 2009.06.12 Packed/Upack
Prevx 3.0 2009.06.17 -
Rising 21.34.13.00 2009.06.16 Worm.Win32.Baby2008.bg
Sophos 4.42.0 2009.06.17 Mal/EncPk-BW
Sunbelt 3.2.1858.2 2009.06.17 Worm.Win32.AutoRun
Symantec 1.4.4.12 2009.06.17 W32.SillyFDC
TheHacker 6.3.4.3.347 2009.06.17 W32/Behav-Heuristic-060
TrendMicro 8.950.0.1094 2009.06.16 WORM_AUTORUN.ECU
VBA32 3.12.10.7 2009.06.17 MalwareScope.Trojan-PSW.Game.7
ViRobot 2009.6.16.1789 2009.06.17 -
VirusBuster 4.6.5.0 2009.06.16 Packed/Upack

附加信息
File size: 54963 bytes
MD5...: bca294fd5e244306046cebb9f0d05281
SHA1..: 4b19d25ffade69a10119840f5274af2e58e5c0e0
SHA256: 5c9dc99f4a9492b9e95cdfc14a5ad9732f990d5a510d05aaabfbe8a5275ea9d0
ssdeep: - 
PEiD..: -
TrID..: File type identification RAR Archive (83.3%) REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set -
packers (Kaspersky): UPack
packers (Avast): Upack
packers (F-Prot): UPack
packers (Authentium): UPack

VirSCAN.org Scanned Report :
Scanned time : 2009/06/17 10:09:01 (CST)
Scanner results: 89%的杀软(34/38)报告发现病毒
File Name : cao.rar
File Size : 54963 byte
File Type : RAR archive data, v1d, os
MD5 : bca294fd5e244306046cebb9f0d05281
SHA1 : 4b19d25ffade69a10119840f5274af2e58e5c0e0
Online report : http://virscan.org/report/5c4b9b4e7d9544dacf140bae2512a56d.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.1 20090616223118 2009-06-16 2.33 Trojan-Banker.Win32.Banker!IK
安博士V3 2009.06.17.00 2009.06.17 2009-06-17 0.87 Packed/Upack
AntiVir 8.2.0.187 7.1.4.100 2009-06-16 0.21 WORM/Rbot.Gen
安天 2.0.18 20090616.2549523 2009-06-16 0.12 -
Arcavir 2009 200906161748 2009-06-16 0.09 Worm.Autorun.Aedd
Authentium 5.1.1 200906161813 2009-06-16 2.00 W32/Downloader.F.gen!Eldorado (Possible)
AVAST! 4.7.4 090616-0 2009-06-16 0.02 Win32:Trojan-gen {Other}
AVG 8.5.286 270.12.75/2182 2009-06-17 6.44 Worm/Generic.YEN
BitDefender 7.81008.3349148 7.26024 2009-06-17 3.42 Trojan.Crypt.Delf.C
CA (VET) 9.0.0.143 31.6.6563 2009-06-17 6.99 Win32/Bosbot!generic worm.
ClamAV 0.95.1 9470 2009-06-16 0.07 -
Comodo 3.9 1346 2009-06-16 0.80 Unclassified Malware
CP Secure 1.1.0.715 2009.06.16 2009-06-16 10.27 W32.W.AutoRun.aedd
Dr.Web 4.44.0.9170 2009.06.16 2009-06-16 5.00 Trojan.MulDrop.30863
F-Prot 4.4.4.56 20090616 2009-06-16 2.03 W32/Downloader.F.gen!Eldorado (generic, not disinfectable)
F-Secure 5.51.6100 2009.06.17.01 2009-06-17 0.16 Worm.Win32.AutoRun.aedd [AVP]
飞塔 2.81-3.117 10.503 2009-06-16 0.51 PossibleThreat
GData 19.5862/19.366 20090617 2009-06-17 5.28 Worm.Win32.AutoRun.aedd [Engine:A]
ViRobot 20090616 2009.06.16 2009-06-16 0.58 -
Ikarus T3.1.01.59 2009.06.16.72878 2009-06-16 3.23 Trojan-Banker.Win32.Banker
江民杀毒 11.0.706 2009.06.16 2009-06-16 3.00 Worm/AutoRun.hje
卡巴斯基 5.5.10 2009.06.17 2009-06-17 0.12 Worm.Win32.AutoRun.aedd
金山毒霸 2009.2.5.15 2009.6.16.18 2009-06-16 0.57 Win32.Troj.SiniuT.ex.224252
迈克菲 5.3.00 5648 2009-06-16 3.15 New Malware.n
Microsoft 1.4701 2009.06.17 2009-06-17 5.50 Trojan:Win32/bosbot.A
mks_vir 2.01 2009.06.15 2009-06-15 3.28 Trojan.Asylum.013
Norman 6.01.09 6.01.00 2009-06-16 4.01 W32/Packed_Upack.H
熊猫卫士 9.05.01 2009.06.16 2009-06-16 4.23 Adware/AccesMembre
趋势科技 8.700-1004 6.202.01 2009-06-16 0.02 WORM_AUTORUN.ECU
Quick Heal 10.00 2009.06.16 2009-06-16 1.37 Win32.VirTool.DelfInject.gen!X.2
瑞星 20.0 21.34.13.00 2009-06-16 3.28 Worm.Win32.Baby2008.bg
Sophos 2.87.1 4.42 2009-06-17 2.93 Mal/EncPk-BW
Sunbelt 5192 5192 2009-06-16 0.96 Worm.Win32.AutoRun
赛门铁克 1.3.0.24 20090616.004 2009-06-16 0.35 -
nProtect 20090616.03 4261430 2009-06-16 11.62 Trojan.Crypt.Delf.C
The Hacker 6.3.4.3 v00347 2009-06-16 0.73 W32/Behav-Heuristic-060
VBA32 3.12.10.7 20090616.1401 2009-06-16 2.82 MalwareScope.Trojan-PSW.Game.7
VirusBuster 4.5.11.10 10.107.15/1636796 2009-06-16 3.24 Packed/Upack

文件 RavMon.rar 接收于 2009.06.17 02:12:19 (UTC)反病毒引擎版本最后更新扫描结果
a-squared 4.5.0.18 2009.06.17 -
AhnLab-V3 5.0.0.2 2009.06.16 Win-Trojan/Agent.49242
AntiVir 7.9.0.187 2009.06.16 TR/Agent.Abt.3
Antiy-AVL 2.0.3.1 2009.06.16 Trojan/Win32.Agent
Authentium 5.1.2.4 2009.06.16 W32/Trojan.VYE
Avast 4.8.1335.0 2009.06.16 Win32:Agent-HHM
AVG 8.5.0.339 2009.06.17 Generic2.UTK
BitDefender 7.2 2009.06.17 Worm.Generic.54910
CAT-QuickHeal 10.00 2009.06.16 Trojan.Agent.ATV
ClamAV 0.94.1 2009.06.16 Trojan.Agent-1914
Comodo 1346 2009.06.16 Worm.Win32.Agent.NAV
DrWeb 5.0.0.12182 2009.06.16 Win32.HLLW.Cent
eSafe 7.0.17.0 2009.06.16 Win32.Banker
eTrust-Vet 31.6.6564 2009.06.17 -
F-Prot 4.4.4.56 2009.06.16 W32/Trojan.VYE
Fortinet 3.117.0.0 2009.06.17 W32/AutoRun.NPC!tr.pws
GData 19 2009.06.17 Worm.Generic.54910
Ikarus T3.1.1.59.0 2009.06.17 Trojan.Win32.Agent
Jiangmin 11.0.706 2009.06.16 Trojan/Agent.bwp
K7AntiVirus 7.10.765 2009.06.16 Trojan.Win32.Agent
Kaspersky 7.0.0.125 2009.06.17 Trojan.Win32.Agent.aeim
McAfee 5648 2009.06.16 W32/DKR.worm
McAfee+Artemis 5648 2009.06.16 W32/DKR.worm
McAfee-GW-Edition 6.7.6 2009.06.16 Trojan.Agent.Abt.3
Microsoft 1.4701 2009.06.17 Worm:Win32/RJump.F
NOD32 4160 2009.06.16 Win32/Agent.NAV
Norman 6.01.09 2009.06.16 W32/Agent.GBOX
nProtect 2009.1.8.0 2009.06.16 -
Panda 10.0.0.14 2009.06.16 W32/Autorun.APB
PCTools 4.4.2.0 2009.06.12 Trojan.Agent.VYJ
Prevx 3.0 2009.06.17 High Risk Cloaked Malware
Rising 21.34.13.00 2009.06.16 Trojan.Win32.Undef.tur
Sophos 4.42.0 2009.06.17 W32/LCJump-A
Sunbelt 3.2.1858.2 2009.06.17 Trojan.Win32.Agent.abt
Symantec 1.4.4.12 2009.06.17 W32.Rajump
TheHacker 6.3.4.3.347 2009.06.17 Trojan/Agent.abt
TrendMicro 8.950.0.1094 2009.06.16 WORM_RJUMP.AI
VBA32 3.12.10.7 2009.06.17 Trojan.Win32.Agent.abt
ViRobot 2009.6.16.1789 2009.06.17 -
VirusBuster 4.6.5.0 2009.06.16 Trojan.Agent.VYJ

附加信息
File size: 44677 bytes
MD5   : 9030e0e4718ad4463a58fc968a8fcbc2
SHA1  : 2b39e66e409296439cf37772d09d7adb972e529b
SHA256: 04437ef585c4e13b0c9c2f5d0ae20234255db5cab8eee47d9e82368fb5f071fe
TrID  : File type identification RAR Archive (83.3%) REALbasic Project (16.6%)
ssdeep: -
Prevx Info: <A href="http://info.prevx.com/aboutprogramtext.asp?PX5=07F7F9B95ACF6572C0D3000805C80C003D2C847C" target=_blank>http://info.prevx.com/aboutprogramtext.asp?PX5=07F7F9B95ACF6572C0D3000805C80C003D2C847C</A>
PEiD  : -
RDS   : NSRL Reference Data Set -
VirSCAN.org Scanned Report :
Scanned time : 2009/06/17 10:18:05 (CST)
Scanner results: 97%的杀软(37/38)报告发现病毒
File Name : RavMon.rar
File Size : 44677 byte
File Type : RAR archive data, v1d, os
MD5 : 9030e0e4718ad4463a58fc968a8fcbc2
SHA1 : 2b39e66e409296439cf37772d09d7adb972e529b
Online report : http://virscan.org/report/d28129ea2f770321338f1e80e8f147c9.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.1 20090616223118 2009-06-16 2.55 Trojan.Win32.Agent!IK
安博士V3 2009.06.17.00 2009.06.17 2009-06-17 0.95 Win-Trojan/Agent.49242
AntiVir 8.2.0.187 7.1.4.100 2009-06-16 0.46 TR/Agent.Abt.3
安天 2.0.18 20090616.2549523 2009-06-16 0.12 Trojan/Win32.Agent.abt
Arcavir 2009 200906161748 2009-06-16 0.04 Trojan.Agent.Abt
Authentium 5.1.1 200906161813 2009-06-16 1.16 W32/Trojan.VYE (Exact)
AVAST! 4.7.4 090616-0 2009-06-16 0.01 Win32:Agent-HHM [Trj]
AVG 8.5.286 270.12.75/2182 2009-06-17 3.41 Generic2.UTK
BitDefender 7.81008.3349148 7.26024 2009-06-17 3.03 Worm.Generic.54910
CA (VET) 9.0.0.143 31.6.6563 2009-06-17 8.93 Win32/Compfault.B worm.
ClamAV 0.95.1 9470 2009-06-16 0.01 Trojan.Agent-1914
Comodo 3.9 1346 2009-06-16 0.78 Worm.Win32.Agent.NAV
CP Secure 1.1.0.715 2009.06.16 2009-06-16 10.13 Troj.W32.Agent.abt
Dr.Web 4.44.0.9170 2009.06.16 2009-06-16 4.69 Win32.HLLW.Cent
F-Prot 4.4.4.56 20090616 2009-06-16 1.12 W32/Trojan.VYE (exact)
F-Secure 5.51.6100 2009.06.17.01 2009-06-17 5.85 Trojan.Win32.Agent.aeim [AVP]
飞塔 2.81-3.117 10.503 2009-06-16 0.19 W32/AutoRun.NPC!tr.pws
GData 19.5862/19.366 20090617 2009-06-17 4.41 Trojan.Win32.Agent.aeim [Engine:A]
ViRobot 20090616 2009.06.16 2009-06-16 0.42 -
Ikarus T3.1.01.59 2009.06.16.72878 2009-06-16 3.23 Trojan.Win32.Agent
江民杀毒 11.0.706 2009.06.16 2009-06-16 2.04 Trojan/Agent.bwp
卡巴斯基 5.5.10 2009.06.17 2009-06-17 0.04 Trojan.Win32.Agent.aeim
金山毒霸 2009.2.5.15 2009.6.16.18 2009-06-16 0.52 Win32.Troj.Agent.49242
迈克菲 5.3.00 5648 2009-06-16 3.06 W32/DKR.worm
Microsoft 1.4701 2009.06.17 2009-06-17 4.39 Worm:Win32/RJump.F
mks_vir 2.01 2009.06.15 2009-06-15 3.11 Trojan.Agent.abt
Norman 6.01.09 6.01.00 2009-06-16 4.00 W32/Agent.GBOX
熊猫卫士 9.05.01 2009.06.16 2009-06-16 1.56 W32/Autorun.APB
趋势科技 8.700-1004 6.202.01 2009-06-16 0.02 WORM_RJUMP.AI
Quick Heal 10.00 2009.06.16 2009-06-16 1.18 Trojan.Agent.ATV
瑞星 20.0 21.34.13.00 2009-06-16 0.86 Trojan.Win32.Undef.tur
Sophos 2.87.1 4.42 2009-06-17 2.52 W32/LCJump-A
Sunbelt 5192 5192 2009-06-16 0.90 Trojan.Win32.Agent.abt
赛门铁克 1.3.0.24 20090616.004 2009-06-16 0.07 W32.Rajump
nProtect 20090616.03 4261430 2009-06-16 5.85 Trojan/W32.Agent.49242
The Hacker 6.3.4.3 v00347 2009-06-16 0.67 Trojan/Agent.abt
VBA32 3.12.10.7 20090616.1401 2009-06-16 1.99 Trojan.Win32.Agent.abt
VirusBuster 4.5.11.10 10.107.15/1636796 2009-06-16 2.01 Trojan.Agent.VYJ

文件 CD-KEY.rar 接收于 2009.06.17 02:21:44 (UTC)反病毒引擎版本最后更新扫描结果
a-squared 4.5.0.18 2009.06.17 -
AhnLab-V3 5.0.0.2 2009.06.16 Win-Trojan/Xema.variant
AntiVir 7.9.0.187 2009.06.16 DR/FlyStudio.BG.6
Antiy-AVL 2.0.3.1 2009.06.16 Trojan/Win32.VB
Authentium 5.1.2.4 2009.06.16 W32/Nuj.A.gen!Eldorado
Avast 4.8.1335.0 2009.06.16 Win32:FlyStudio-AD
AVG 8.5.0.339 2009.06.17 SHeur.CIHT
BitDefender 7.2 2009.06.17 Trojan.Spy.Agent.NXS
CAT-QuickHeal 10.00 2009.06.16 Trojan.Agent.ATV
ClamAV 0.94.1 2009.06.16 Trojan.Downloader-56822
Comodo 1346 2009.06.16 -
DrWeb 5.0.0.12182 2009.06.16 Win32.HLLW.Autoruner.2888
eSafe 7.0.17.0 2009.06.16 -
eTrust-Vet 31.6.6564 2009.06.17 -
F-Prot 4.4.4.56 2009.06.16 W32/Nuj.A.gen!Eldorado
F-Secure 8.0.14470.0 2009.06.17 Trojan.Win32.Agent.aomy
Fortinet 3.117.0.0 2009.06.17 -
GData 19 2009.06.17 Trojan.Spy.Agent.NXS
Ikarus T3.1.1.59.0 2009.06.17 Trojan.Peed
Jiangmin 11.0.706 2009.06.16 TrojanDownloader.VB.ksb
K7AntiVirus 7.10.765 2009.06.16 Worm.Win32.AutoRun.scq
Kaspersky 7.0.0.125 2009.06.17 Worm.Win32.FlyStudio.bg
McAfee 5648 2009.06.16 W32/Autorun.worm.dq.gen
McAfee+Artemis 5648 2009.06.16 W32/Autorun.worm.dq.gen
McAfee-GW-Edition 6.7.6 2009.06.16 Trojan.Dropper.FlyStudio.BG.6
Microsoft 1.4701 2009.06.17 Worm:Win32/Regul.B
NOD32 4160 2009.06.16 Win32/AutoRun.FlyStudio.AK
Norman 6.01.09 2009.06.16 -
nProtect 2009.1.8.0 2009.06.16 -
Panda 10.0.0.14 2009.06.16 W32/FlySky.W
PCTools 4.4.2.0 2009.06.12 -
Prevx 3.0 2009.06.17 High Risk Cloaked Malware
Rising 21.34.13.00 2009.06.16 Worm.Win32.Autorun.eyr
Sophos 4.42.0 2009.06.17 -
Sunbelt 3.2.1858.2 2009.06.17 -
Symantec 1.4.4.12 2009.06.17 W32.SillyFDC
TheHacker 6.3.4.3.347 2009.06.17 -
TrendMicro 8.950.0.1094 2009.06.16 -
VBA32 3.12.10.7 2009.06.17 Worm.Win32.AutoRun.tbb
ViRobot 2009.6.16.1789 2009.06.17 -

附加信息
File size: 1395290 bytes
MD5...: 05bd8ff0c93f6ad9c2c0243c6ccbf046
SHA1..: 0bbacf7243b65d0bafb17472b02afb99b082c4db
SHA256: f542fa9ab852c8c416921f559951a4fc0c939cf690fedd87011d5817aa733fec
ssdeep: - 
PEiD..: -
TrID..: File type identification RAR Archive (83.3%) REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set -
packers (Kaspersky): PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF
packers (F-Prot): PE-Crypt.CF
packers (Authentium): PE-Crypt.CF
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=CF182E4330515A411C6317FA1554DB00712F340D' target='_blank'>http://info.prevx.com/aboutprogr ... DB00712F340D</a>

VirSCAN.org Scanned Report :
Scanned time : 2009/06/17 10:14:18 (CST)
Scanner results: 74%的杀软(28/38)报告发现病毒
File Name : CD-KEY.rar
File Size : 1395290 byte
File Type : RAR archive data, v1d, os
MD5 : 05bd8ff0c93f6ad9c2c0243c6ccbf046
SHA1 : 0bbacf7243b65d0bafb17472b02afb99b082c4db
Online report : http://virscan.org/report/48feb6b56d7e91e0a8dc537e5ce00928.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.1 20090616223118 2009-06-16 3.97 Trojan.Peed!IK
安博士V3 2009.06.17.00 2009.06.17 2009-06-17 0.88 Win-Trojan/Xema.variant
AntiVir 8.2.0.187 7.1.4.100 2009-06-16 0.42 DR/FlyStudio.BG.6
安天 2.0.18 20090616.2549523 2009-06-16 0.17 Trojan/Win32.VB.hpi[Downloader]
Arcavir 2009 200906161748 2009-06-16 0.17 Downloader.Vb.Iue
Authentium 5.1.1 200906161813 2009-06-16 1.38 W32/Nuj.A.gen!Eldorado (Possible)
AVAST! 4.7.4 090616-0 2009-06-16 0.07 Win32:FlyStudio-AD [Wrm]
AVG 8.5.286 270.12.75/2182 2009-06-17 4.60 SHeur.CIHT
BitDefender 7.81008.3349148 7.26024 2009-06-17 3.94 Trojan.Spy.Agent.NXS
CA (VET) 9.0.0.143 31.6.6563 2009-06-17 6.96 Win32/AMalum.BBKJT unknown type.
ClamAV 0.95.1 9470 2009-06-16 0.22 Trojan.Downloader-56822
Comodo 3.9 1346 2009-06-16 0.77 -
CP Secure 1.1.0.715 2009.06.16 2009-06-16 10.54 -
Dr.Web 4.44.0.9170 2009.06.16 2009-06-16 5.05 Win32.HLLW.Autoruner.2888
F-Prot 4.4.4.56 20090616 2009-06-16 1.14 W32/Nuj.A.gen!Eldorado (generic, not disinfectable)
F-Secure 5.51.6100 2009.06.17.01 2009-06-17 1.41 Worm.Win32.FlyStudio.bg [AVP]
飞塔 2.81-3.117 10.503 2009-06-16 0.30 -
GData 19.5862/19.366 20090617 2009-06-17 5.13 Trojan.Win32.Agent.aomy [Engine:A]
ViRobot 20090616 2009.06.16 2009-06-16 0.91 -
Ikarus T3.1.01.59 2009.06.16.72878 2009-06-16 3.95 Trojan.Peed
江民杀毒 11.0.706 2009.06.16 2009-06-16 2.09 TrojanDownloader.VB.ksb
卡巴斯基 5.5.10 2009.06.17 2009-06-17 1.08 Worm.Win32.FlyStudio.bg
金山毒霸 2009.2.5.15 2009.6.16.18 2009-06-16 0.60 Win32.TrojDownloader.VB.1514544
迈克菲 5.3.00 5648 2009-06-16 3.07 W32/Autorun.worm.dq.gen
Microsoft 1.4701 2009.06.17 2009-06-17 5.33 Worm:Win32/Regul.B
mks_vir 2.01 2009.06.15 2009-06-15 3.34 -
Norman 6.01.09 6.01.00 2009-06-16 4.01 -
熊猫卫士 9.05.01 2009.06.16 2009-06-16 2.27 W32/FlySky.W
趋势科技 8.700-1004 6.202.01 2009-06-16 0.12 -
Quick Heal 10.00 2009.06.16 2009-06-16 1.17 Trojan.Agent.ATV
瑞星 20.0 21.34.13.00 2009-06-16 0.90 Worm.Win32.Autorun.eyr
Sophos 2.87.1 4.42 2009-06-17 2.55 -
Sunbelt 5192 5192 2009-06-16 1.15 -
赛门铁克 1.3.0.24 20090616.004 2009-06-16 0.10 W32.SillyFDC
nProtect 20090616.03 4261430 2009-06-16 5.75 Trojan-Downloader/W32.Agent.1514544
The Hacker 6.3.4.3 v00347 2009-06-16 0.66 -
VBA32 3.12.10.7 20090616.1401 2009-06-16 2.03 Worm.Win32.AutoRun.tbb
VirusBuster 4.5.11.10 10.107.15/1636796 2009-06-16 1.99 Trojan.DL.VB.EUET

a-squared 4.5.0.18 2009.06.17 -
AhnLab-V3 5.0.0.2 2009.06.16 Win-Trojan/Xema.variant
AntiVir 7.9.0.187 2009.06.16 DR/FlyStudio.BG.6
Antiy-AVL 2.0.3.1 2009.06.16 Trojan/Win32.VB
Authentium 5.1.2.4 2009.06.16 W32/Nuj.A.gen!Eldorado
Avast 4.8.1335.0 2009.06.16 Win32:FlyStudio-AD
AVG 8.5.0.339 2009.06.17 SHeur.CIHT
CAT-QuickHeal 10.00 2009.06.16 Trojan.Agent.ATV
ClamAV 0.94.1 2009.06.16 Trojan.Downloader-56822
Comodo 1346 2009.06.16 -
DrWeb 5.0.0.12182 2009.06.16 Win32.HLLW.Autoruner.2888
eSafe 7.0.17.0 2009.06.16 -
eTrust-Vet 31.6.6564 2009.06.17 -
F-Prot 4.4.4.56 2009.06.16 W32/Nuj.A.gen!Eldorado
F-Secure 8.0.14470.0 2009.06.17 Trojan.Win32.Agent.aomy
Fortinet 3.117.0.0 2009.06.17 -
GData 19 2009.06.17 Trojan.Spy.Agent.NXS
Ikarus T3.1.1.59.0 2009.06.17 Trojan.Peed
Jiangmin 11.0.706 2009.06.16 TrojanDownloader.VB.ksb
K7AntiVirus 7.10.765 2009.06.16 Worm.Win32.AutoRun.scq
Kaspersky 7.0.0.125 2009.06.17 Worm.Win32.FlyStudio.bg
McAfee 5648 2009.06.16 W32/Autorun.worm.dq.gen
McAfee+Artemis 5648 2009.06.16 W32/Autorun.worm.dq.gen
McAfee-GW-Edition 6.7.6 2009.06.16 Trojan.Dropper.FlyStudio.BG.6
Microsoft 1.4701 2009.06.17 Worm:Win32/Regul.B
NOD32 4160 2009.06.16 Win32/AutoRun.FlyStudio.AK
Norman 6.01.09 2009.06.16 -
Panda 10.0.0.14 2009.06.16 W32/FlySky.W
PCTools 4.4.2.0 2009.06.12 -
Prevx 3.0 2009.06.17 High Risk Cloaked Malware
Rising 21.34.13.00 2009.06.16 Worm.Win32.Autorun.eyr
Sophos 4.42.0 2009.06.17 -
Sunbelt 3.2.1858.2 2009.06.17 -
TheHacker 6.3.4.3.347 2009.06.17 -
TrendMicro 8.950.0.1094 2009.06.16 -
VBA32 3.12.10.7 2009.06.17 Worm.Win32.AutoRun.tbb
ViRobot 2009.6.16.1789 2009.06.17 -
VirusBuster 4.6.5.0 2009.06.16 Trojan.DL.VB.EUET
附加信息
File size: 1395287 bytes
MD5 : bf80420933fcfb1c4de0a602b9913309
SHA1 : 615da493f7f787917dbd7bf149aa096114f3908e
SHA256: e9404546cf3c50473bc7108e132ca744ff1f8182e05e99a9696b5a683e4dbb37
TrID : File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
ssdeep: -
Prevx Info: http://info.prevx.com/aboutprogr ... 7FA1554DB00712F340D
PEiD : -
packers (Kaspersky): PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF, PE-Crypt.CF
packers (F-Prot): PE-Crypt.CF
packers (Authentium): PE-Crypt.CF
RDS : NSRL Reference Data Set

VirSCAN.org Scanned Report :
Scanned time : 2009/06/17 10:24:48 (CST)
Scanner results: 74%的杀软(28/38)报告发现病毒
File Name : CFS.rar
File Size : 1395287 byte
File Type : RAR archive data, v1d, os
MD5 : bf80420933fcfb1c4de0a602b9913309
SHA1 : 615da493f7f787917dbd7bf149aa096114f3908e
Online report : http://virscan.org/report/4e8bdc468a7d20a30e830eb80cca2fb9.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.1 20090616223118 2009-06-16 2.84 Trojan.Peed!IK
安博士V3 2009.06.17.00 2009.06.17 2009-06-17 1.20 Win-Trojan/Xema.variant
AntiVir 8.2.0.187 7.1.4.100 2009-06-16 0.20 DR/FlyStudio.BG.6
安天 2.0.18 20090616.2549523 2009-06-16 0.12 Trojan/Win32.VB.hpi[Downloader]
Arcavir 2009 200906161748 2009-06-16 0.11 Downloader.Vb.Iue
Authentium 5.1.1 200906161813 2009-06-16 1.16 W32/Nuj.A.gen!Eldorado (Possible)
AVAST! 4.7.4 090616-0 2009-06-16 0.05 Win32:FlyStudio-AD [Wrm]
AVG 8.5.286 270.12.75/2182 2009-06-17 3.38 SHeur.CIHT
BitDefender 7.81008.3349148 7.26024 2009-06-17 3.01 Trojan.Spy.Agent.NXS
CA (VET) 9.0.0.143 31.6.6563 2009-06-17 8.97 Win32/AMalum.BBKJT unknown type.
ClamAV 0.95.1 9470 2009-06-16 0.23 Trojan.Downloader-56822
Comodo 3.9 1346 2009-06-16 0.87 -
CP Secure 1.1.0.715 2009.06.16 2009-06-16 10.35 -
Dr.Web 4.44.0.9170 2009.06.16 2009-06-16 4.96 Win32.HLLW.Autoruner.2888
F-Prot 4.4.4.56 20090616 2009-06-16 1.14 W32/Nuj.A.gen!Eldorado (generic, not disinfectable)
F-Secure 5.51.6100 2009.06.17.01 2009-06-17 6.92 Worm.Win32.FlyStudio.bg [AVP]
飞塔 2.81-3.117 10.503 2009-06-16 0.24 -
GData 19.5862/19.366 20090617 2009-06-17 4.85 Trojan.Win32.Agent.aomy [Engine:A]
ViRobot 20090616 2009.06.16 2009-06-16 0.41 -
Ikarus T3.1.01.59 2009.06.16.72878 2009-06-16 3.94 Trojan.Peed
江民杀毒 11.0.706 2009.06.16 2009-06-16 2.07 TrojanDownloader.VB.ksb
卡巴斯基 5.5.10 2009.06.17 2009-06-17 1.06 Worm.Win32.FlyStudio.bg
金山毒霸 2009.2.5.15 2009.6.16.18 2009-06-16 0.49 Win32.TrojDownloader.VB.1514544
迈克菲 5.3.00 5648 2009-06-16 3.09 W32/Autorun.worm.dq.gen
Microsoft 1.4701 2009.06.17 2009-06-17 4.35 Worm:Win32/Regul.B
mks_vir 2.01 2009.06.15 2009-06-15 3.32 -
Norman 6.01.09 6.01.00 2009-06-16 4.01 -
熊猫卫士 9.05.01 2009.06.16 2009-06-16 2.48 W32/FlySky.W
趋势科技 8.700-1004 6.202.01 2009-06-16 0.12 -
Quick Heal 10.00 2009.06.16 2009-06-16 1.19 Trojan.Agent.ATV
瑞星 20.0 21.34.13.00 2009-06-16 0.94 Worm.Win32.Autorun.eyr
Sophos 2.87.1 4.42 2009-06-17 2.54 -
Sunbelt 5192 5192 2009-06-16 1.00 -
赛门铁克 1.3.0.24 20090616.004 2009-06-16 0.10 W32.SillyFDC
nProtect 20090616.03 4261430 2009-06-16 5.30 Trojan-Downloader/W32.Agent.1514544
The Hacker 6.3.4.3 v00347 2009-06-16 0.64 -
VBA32 3.12.10.7 20090616.1401 2009-06-16 1.99 Worm.Win32.AutoRun.tbb
VirusBuster 4.5.11.10 10.107.15/1636796 2009-06-16 1.97 Trojan.DL.VB.EUET

这几个文件在压缩状态下安天只检测不杀除 cao是AutoRun类病毒安天查杀不到
为了保险起见我用了2个网站来检测这些病毒这几个病毒是我在PE下抓到的
CAO病毒是系统文件属性隐藏

发表于 2009-6-17 11:28

感谢提交样本，我们会在今天的库升级后对这些样本进行查杀。
对于包裹文件中包含恶意代码安天的查杀规则是只报不杀。

再次感谢您的支持。

		自动登录	找回密码
密码			注册创意安天

AutoRun病毒安天检测不到

本帖子中包含更多资源

相关帖子