[MD5: 4D1B42]

The EQs

现在国外很流行这个

FBAV

GOOD

风暴胜者V2 贺岁精简网络版本
_________您的安全是我们的责任_______________
作者：Sanhuan222@163.com   TM:469428271
个人Blog：http://hi.baidu.com/迅者/



===============================================
   ___________病毒查杀结果__________________


===============================================

2007年5月13日10时42分56秒 开始查杀C:\Documents and Settings\Administrator\桌面\virus\ecard
威胁性文件：C:\Documents and Settings\Administrator\桌面\virus\ecard\ecard.exe
****************************
您应该引起注意的文件:

-----------------------------------------


=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。


-----------------------------------------

2007年5月13日10时42分56秒收起线程…100% 查杀完毕！
扫描文件：1查杀病毒：1

[ 本帖最后由 FBAV 于 2007-7-13 10:43 编辑 ]

tracydk

Starting the file scan:

Begin scan in 'F:\病毒样本\ecard.rar'
F:\病毒样本\ecard.rar
  [0] Archive type: RAR
  --> ecard.exe
      [DETECTION] Is the Trojan horse TR/Small.DBY.DB
      [INFO]      The file was deleted!

风野胤

nod扫描不报
加了一个服务
那个服务的sys文件被砍了

tonylee

Rising：Worm.Mail.Win32.Zhelatin.fp

风雪

费尔过了。

The EQs

偶就是用nod32抓到的。。。。感觉很奇怪。。。。现在扫描又不报了。。。

promised

File information
File Name :   ecard.zip
File Size :   135038 byte
File Type :   Zip archive data, at least v2.0 to extract
MD5 :   5bb1b7fc0cf2ace9c67877b1c2d9741a
SHA1 :   da39a3ee5e6b4b0d3255bfef95601890afd80709
Scanner results
Scanner results :   27% Scanner(6/22)found malware!
Scan time :   2007/07/13 10:53:49
Scanner Engine Ver Sig Ver Sig Date Scan result Scan time
AntiVir 7.4.0.39 6.39.0.141 2007-07-12 TR/Small.DBY.DB 1.977
Arcavir AntiVirus 1.0.4 200707121715 2007-07-12 Found nothing 1.107
Avast AntiVirus 1.0.8 000756-0 2007-07-12 Found nothing 1.54
AVG AntiVirus 7.5.47.442 269.10.4/898 2007-07-12 Found nothing 1.176
BitDefender AntiVirus 7.60825.734337 7.13842 2007-07-13 Trojan.Peed.OQ 3.307
Clam AntiVirus N/A 3654 2007-07-13 Found nothing 0.056
Dr.Web AntiVirus 4.33 2007.07.12 2007-07-12 Trojan.Packed.142 5.294
F-prot AntiVirus 3.16.15 2007.07.11 2007-07-11 Found nothing 0.369
F-SECURE AntiVirus 5.51.6100 2007.07.13.01 2007-07-13 Packed.Win32.Tibs.ab 2.266
IKARUS AntiVirus N/A 17:07:30 2007-07-12 Found nothing 2.18
Kaspersky AntiVirus 5.5.10 2007.07.13 2007-07-13 Packed.Win32.Tibs.ab 0.026
KingSoft Anti-Virus 2006.11.1.240 2007.7.4 2007-07-04 Found nothing 2.932
Mcafee AntiVirus 5.1.00 5073 2007-07-12 Found nothing 0.612
MKS_VIR AntiVirus 2.01 2007.07.12 2007-07-12 Found nothing 0.451
NOD32 AntiVirus 2.70.7 2396 2007-07-12 Found nothing 1.293
NORMAN AntiVirus 5.90.37 5.90 2007-07-11 Found nothing 2.859
PANDA AntiVirus 9.00.00 2007.07.12 2007-07-12 Found nothing 0.726
SOPHOS AntiVirus 2.47 4.19 2007-07-13 Found nothing 5.988
Symantec AntiVirus N/A 20070712.017 2007-07-12 Found nothing 0.194
TrendMicro PC-cillin 8.310-1002 4.593.00 2007-07-11 Found nothing 0.046
VBA32 AntiVirus 3.12.0.2 20070712.2042 2007-07-12 Found nothing 1.027
VirusBuster AntiVirus 4.3.19:9 9.088.3/11.0 2007-07-12 Trojan.Tibs.Gen!Pac.126 1.067
NOTICE: It may be false positive by some scanner when it found a malware, you should judge it by yourself.

蓝色牛仔裤

[Scan path] C:\Documents and Settings\Administrator\桌面\ecard.rar
>C:\Documents and Settings\Administrator\桌面\ecard.rar\ecard.exe infected with Trojan.Packed.142
C:\Documents and Settings\Administrator\桌面\ecard.rar - archive contains infected objects

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 3
Infected objects found: 1
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 134 Kb/s
Scan time: 00:00:00

风野胤

原帖由 EQ2 于 2007-7-13 10:49 发表
偶就是用nod32抓到的。。。。感觉很奇怪。。。。现在扫描又不报了。。。

就是这个帖子里的
http://bbs.kafan.cn/viewthread.php?tid=107575&extra=page%3D1