nod不报的2个[MD5: 2F62E3 D37BEA]

风野胤

母体见http://bbs.kafan.cn/viewthread.php?tid=107289&;extra=page%3D1&page=1
  下了不少东西啊
  nod报的十几个就不发了 
  要的人可以运行一下 慢慢抓
  不过这两个都被风云防死了

[ 本帖最后由 风野胤 于 2007-7-12 19:20 编辑 ]

FBAV

hao

FBAV

风暴胜者V2 贺岁精简网络版本
_________您的安全是我们的责任_______________
作者：Sanhuan222@163.com   TM:469428271
个人Blog：http://hi.baidu.com/迅者/



===============================================
   ___________病毒查杀结果__________________


===============================================

2007年5月12日19时3分9秒 开始查杀C:\Documents and Settings\Administrator\桌面\virus\5555555555555
****************************
您应该引起注意的文件:

-----------------------------------------


=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。


-----------------------------------------

2007年5月12日19时3分9秒收起线程…100% 查杀完毕！
扫描文件：2查杀病毒：0
20多天 没更新病毒库……

kristen2

[0] Archive type: ZIP
  --> 111.exe
      [DETECTION] Is the Trojan horse TR/Drop.Age.32873.C
  --> 116.exe
      [DETECTION] Is the Trojan horse TR/Spy.SPfile
别的不报，红伞来报，哈哈。

风野胤

原帖由 FBAV 于 2007-7-12 19:03 发表
风暴胜者V2 贺岁精简网络版本
_________您的安全是我们的责任_______________
作者：Sanhuan222@163.com   TM:469428271
个人Blog：http://hi.baidu.com/迅者/



==================================== ...

小朋友换马甲了

蓝色牛仔裤

D:\Z.Virus\桌面.zip:\111.exe - Signature 'Trojan-Proxy.Win32.Delf.AN' found
D:\Z.Virus\桌面.zip:\116.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
D:\Z.Virus\桌面.zip

        3 Files scanned
          (1 Archiv with 2 files)
        2 Signatures found
        0 Suspect code-parts found
        Used time: 0:00.250

taihuxian

BitDefender

This web page has been blocked by BitDefender Antivirus Real-time Protection!

The blocked web page included objects that were either infected or likely to be infected with a virus. Your system has NOT been infected.
http://www.bitdefender.com/vfind/?q=Dropped:Generic.Onlinegames8.5EF008BE
http://www.bitdefender.com/vfind/?q=Generic.PWStealer.F5D35A1F

dericyeoh

KIS7 Found Nothing...

红心王子

C:\Documents and Settings\Administrator\桌面\桌面
.zip>>116.exe>>upack0.34       Trojan.PSW.Win32.OnlineGames.dfz

wangjay1980

File 12.zip received on 07.12.2007 13:29:22 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED


Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window untill scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Print results

Your file has expired or do not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:  
  

Antivirus Version Last Update Result
AhnLab-V3 2007.7.12.1 2007.07.12 no virus found
AntiVir 7.4.0.39 2007.07.12 TR/Drop.Age.32873.C
Authentium 4.93.8 2007.07.12 no virus found
Avast 4.7.997.0 2007.07.12 Win32:Qhost-FE
AVG 7.5.0.476 2007.07.12 Obfustat.ACG
BitDefender 7.2 2007.07.12 Generic.PWStealer.F5D35A1F
CAT-QuickHeal 9.00 2007.07.12 (Suspicious) - DNAScan
ClamAV devel-20070416 2007.07.12 no virus found
DrWeb 4.33 2007.07.12 no virus found
eSafe 7.0.15.0 2007.07.10 suspicious Trojan/Worm
eTrust-Vet 30.8.3781 2007.07.12 Win32/Dowque!generic
Ewido 4.0 2007.07.12 no virus found
FileAdvisor 1 2007.07.12 no virus found
Fortinet 2.91.0.0 2007.07.12 no virus found
F-Prot 4.3.2.48 2007.07.11 no virus found
Ikarus T3.1.1.8 2007.07.12 Trojan-Proxy.Win32.Delf.AN
Kaspersky 4.0.2.24 2007.07.12 no virus found
McAfee 5072 2007.07.11 New Malware.n
Microsoft 1.2704 2007.07.12 TrojanDropper:Win32/Dowque.A
NOD32v2 2394 2007.07.11 no virus found
Norman 5.80.02 2007.07.12 W32/Malware
Panda 9.0.0.4 2007.07.12 Suspicious file
Sophos 4.19.0 2007.07.06 Mal/Packer
Sunbelt 2.2.907.0 2007.07.12 VIPRE.Suspicious
Symantec 10 2007.07.12 Infostealer.Gampass
TheHacker 6.1.6.145 2007.07.12 no virus found
VBA32 3.12.0.2 2007.07.12 MalwareScope.Trojan-PSW.Game.7
VirusBuster 4.3.23:9 2007.07.11  
Webwasher-Gateway 6.0.1 2007.07.12 Trojan.Drop.Age.32873.C
Aditional information
File size: 58489 bytes
MD5: 249453925816bef7856af7703f529aa0
SHA1: d4c6854fe4748020ff2fa8efd117f4e6948ef902
packers: UPX
packers: Upack
packers: UPX, BINARYRES, UPACK
packers: UPX, UPack
norman sandbox: [ General information ]<br />    * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.<br />    * Decompressing UPX.<br />    * Accesses executable file from resource section.<br />    * **Locates window \"zyr08jjjk9bjko [class NULL]\" on desktop.<br />    * **Locates window \"zkxoxxjtrj8jok [class NULL]\" on desktop.<br />    * File length:        33389 bytes.<br /><br /> [ Changes to filesystem ]<br />    * Deletes file E:\AutoRun.exe.<br />    * Deletes file C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Jmp.<br />    * Creates file C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Jmp.<br />    * Deletes file C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys.<br />    * Creates file C:\Program Files\Internet Explorer\PLUGINS\SysWin64.Sys.<br /><br /> [ Network ]<br />    * Hooks into Shell explorer.<br /><br />
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.