这个就是互联钢钉了！

gtc

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.24	2009.08.11	Trojan-PWS.Win32.QQPass!IK
AhnLab-V3	5.0.0.2	2009.08.11	Win-Trojan/QQPass.65536.H
AntiVir	7.9.0.248	2009.08.11	TR/Dldr.Delf.ADM.1
Antiy-AVL	2.0.3.7	2009.08.11	-
Authentium	5.1.2.4	2009.08.11	-
Avast	4.8.1335.0	2009.08.10	Win32:Trojan-gen {Other}
AVG	8.5.0.406	2009.08.11	-
BitDefender	7.2	2009.08.11	Trojan.Generic.2048099
CAT-QuickHeal	10.00	2009.08.11	Trojan.Agent.ATV
ClamAV	0.94.1	2009.08.11	-
Comodo	1942	2009.08.11	UnclassifiedMalware
DrWeb	5.0.0.12182	2009.08.11	-
eSafe	7.0.17.0	2009.08.10	Win32.HEURMalware
eTrust-Vet	31.6.6672	2009.08.11	-
F-Prot	4.4.4.56	2009.08.10	-
F-Secure	8.0.14470.0	2009.08.11	-
Fortinet	3.120.0.0	2009.08.11	-
GData	19	2009.08.11	Trojan.Generic.2048099
Ikarus	T3.1.1.64.0	2009.08.11	Trojan-PWS.Win32.QQPass
Jiangmin	11.0.800	2009.08.11	-
K7AntiVirus	7.10.815	2009.08.10	Trojan.Win32.Malware.1
Kaspersky	7.0.0.125	2009.08.11	-
McAfee	5705	2009.08.10	Generic.dx!ye
McAfee+Artemis	5705	2009.08.10	Generic.dx!ye
McAfee-GW-Edition	6.8.5	2009.08.11	Trojan.Dldr.Delf.ADM.1
Microsoft	1.4903	2009.08.11	-
NOD32	4325	2009.08.11	-
Norman	6.01.09	2009.08.10	-
nProtect	2009.1.8.0	2009.08.11	-
Panda	10.0.0.14	2009.08.10	Suspicious file
PCTools	4.4.2.0	2009.08.11	-
Prevx	3.0	2009.08.11	Medium Risk Malware
Rising	21.42.14.00	2009.08.11	-
Sophos	4.44.0	2009.08.11	Mal/DownLdr-AC
Sunbelt	3.2.1858.2	2009.08.11	-
Symantec	1.4.4.12	2009.08.11	-
TheHacker	6.3.4.3.380	2009.08.11	-
TrendMicro	8.950.0.1094	2009.08.11	-
VBA32	3.12.10.9	2009.08.10	MalwareScope.Trojan-PSW.Game.16
ViRobot	2009.8.11.1879	2009.08.11	-
VirusBuster	4.6.5.0	2009.08.10	Trojan.DL.Delf.DGJG

附加信息

File size: 62320 bytes

MD5...: 70ce47830732b975c95e1df44a59db6a

SHA1..: a331ac124dca698297c577e59561cb3a563913bb

SHA256: a8ea2e7c5f4314b113ac221f9a75dce988448dd943641686a6e4445a06a6717e

ssdeep: 1536:2czoHkwvGI0MiTKzUVwBj5b2IjKBzCTq1gx9kkY9o:2cz4kwvGaR4V0j5b2 hBV1SPY9o

PEiD..: -

TrID..: File type identification RAR Archive (83.3%) REALbasic Project (16.6%)

PEInfo: -

PDFiD.: -

RDS...: NSRL Reference Data Set -

packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact

Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=3C9496580069EEDA00C2014D62465500827A8484' target='_blank'>http://info.prevx.com/aboutprogr ... 62465500827A8484<;/a>

packers (F-Prot): PecBundle, PECompact

[ 本帖最后由 gtc 于 2009-8-11 21:21 编辑 ]

sam.to

TO KL,LL

悠柚

不是还有exe文件的吗？
dll to IObit

gtc

原帖由 悠柚 于 2009-8-11 21:21 发表
不是还有exe文件的吗？
dll to IObit

exe文件升级后红伞不报了！

悠柚

发上来吧，我用fakeav的名义发给IObit

lingbo110120

gtc

这个是10日升级后的exe文件。

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.24	2009.07.31	Trojan-Spy.Win32.Banker!IK
AhnLab-V3	5.0.0.2	2009.07.31	-
AntiVir	7.9.0.238	2009.07.31	-
Antiy-AVL	2.0.3.7	2009.07.31	-
Authentium	5.1.2.4	2009.07.31	-
Avast	4.8.1335.0	2009.07.31	-
AVG	8.5.0.406	2009.07.31	-
BitDefender	7.2	2009.08.01	-
CAT-QuickHeal	10.00	2009.07.30	(Suspicious) - DNAScan
ClamAV	0.94.1	2009.07.31	-
Comodo	1829	2009.08.01	-
DrWeb	5.0.0.12182	2009.08.01	BACKDOOR.Trojan
eSafe	7.0.17.0	2009.07.30	Suspicious File
eTrust-Vet	31.6.6650	2009.08.01	-
F-Prot	4.4.4.56	2009.07.31	-
F-Secure	8.0.14470.0	2009.07.31	-
Fortinet	3.120.0.0	2009.07.31	PossibleThreat
GData	19	2009.08.01	-
Ikarus	T3.1.1.64.0	2009.07.31	Trojan-Spy.Win32.Banker
Jiangmin	11.0.800	2009.07.31	Trojan/Banker.Banker.dc
K7AntiVirus	7.10.807	2009.07.31	-
Kaspersky	7.0.0.125	2009.08.01	-
McAfee	5694	2009.07.31	-
McAfee+Artemis	5694	2009.07.31	Artemis!4154A1D4DCF0
McAfee-GW-Edition	6.8.5	2009.08.01	Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Backdoor.C
Microsoft	1.4903	2009.08.01	TrojanSpy:Win32/Banker.ME
NOD32	4295	2009.07.31	-
Norman	6.01.09	2009.07.31	-
nProtect	2009.1.8.0	2009.07.31	-
Panda	10.0.0.14	2009.07.31	Suspicious file
PCTools	4.4.2.0	2009.07.31	-
Rising	21.40.44.00	2009.07.31	-
Sophos	4.44.0	2009.08.01	Mal/PWS-AB
Sunbelt	3.2.1858.2	2009.07.31	-
Symantec	1.4.4.12	2009.08.01	Suspicious.MH690.A
TheHacker	6.3.4.3.375	2009.08.01	-
TrendMicro	8.950.0.1094	2009.07.31	-
VBA32	3.12.10.9	2009.07.31	-
ViRobot	2009.7.31.1863	2009.07.31	-
VirusBuster	4.6.5.0	2009.07.31	-

附加信息

File size: 326423 bytes

MD5   : 4154a1d4dcf030d5c77167abe7b46748

SHA1  : eed73de8e4f28d16623703b132c2eb91cf3e799e

SHA256: e4d3f75b5bc8f6b0b749f5b1c5096d4d0e2425e850004aae38283f58129c6448

PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992) machinetype.......: 0x14C (Intel I386) ( 2 sections ) name viradd virsiz rawdsiz ntrpy md5 CODE 0x1000 0xD2000 0x4C000 8.00 0d6577517ee773c247539706434ea0b3 .rsrc 0xD3000 0x3000 0x3000 5.07 121989a0943df444b7a2eed3b3ef5b8e ( 13 imports ) > advapi32.dll: RegQueryValueExA > comctl32.dll: ImageList_SetIconSize > gdi32.dll: UnrealizeObject > kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree > lz32.dll: LZClose > ole32.dll: CreateStreamOnHGlobal > oleaut32.dll: SysFreeString > shell32.dll: Shell_NotifyIconA > urlmon.dll: URLDownloadToFileA > user32.dll: GetKeyboardType > version.dll: VerQueryValueA > winmm.dll: sndPlaySoundA > wtsapi32.dll: WTSTerminateProcess ( 0 exports )

TrID  : File type identification Win32 EXE PECompact compressed (v2.x) (48.0%) Win32 EXE PECompact compressed (generic) (33.8%) Win32 Executable Generic (6.9%) Win32 Dynamic Link Library (generic) (6.1%) Win16/32 Executable Delphi generic (1.6%)

ssdeep: 6144:cNnDmgrpVh+pgMJyCcQP0YMhZjHPxcwNTsDZr0ewIq7HvCTvFptLK:cxTVSvPcQP0dr7sNJq7ivHo

PEiD  : PECompact 2.xx --> BitSum Technologies

packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact

packers (F-Prot): PecBundle, PECompact

RDS   : NSRL Reference Data Set

尤金卡巴斯基

原帖由 gtc 于 2009-8-11 21:29 发表
这个是10日升级后的exe文件。
反病毒引擎版本最后更新扫描结果a-squared4.5.0.242009.07.31Trojan-Spy.Win32.Banker!IKAhnLab-V35.0.0.22009.07.31-AntiVir7.9.0.2382009.07.31-Antiy-AVL2.0.3.72009.07.31-Authent ...

To KL

托尼托尼·乔巴

TO费尔

悠柚

to IObit