轻轻松松过卡巴。。。

372826096

当然，没过主动。。。



File 1.rar received on 07.17.2007 08:50:54 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED


Loading server information...
Your file is queued in position: 3.
Estimated start time is between 52 and 75 seconds.
Do not close the window untill scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Print results

Your file has expired or do not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:  
  

Antivirus Version Last Update Result
AhnLab-V3 2007.7.14.0 2007.07.17 no virus found
AntiVir 7.4.0.42 2007.07.16 BDS/Seed.11.A
Authentium 4.93.8 2007.07.17 Possibly a new variant of W32/CrazyCrunch-based!Maximus
Avast 4.7.997.0 2007.07.16 Win32:Small-FY
AVG 7.5.0.476 2007.07.16 no virus found
BitDefender 7.2 2007.07.17 Backdoor.Seed.11
CAT-QuickHeal 9.00 2007.07.16 (Suspicious) - DNAScan
ClamAV devel-20070416 2007.07.17 no virus found
DrWeb 4.33 2007.07.16 no virus found
eSafe 7.0.15.0 2007.07.16 suspicious Trojan/Worm
eTrust-Vet 30.8.3788 2007.07.16 no virus found
Ewido 4.0 2007.07.16 Backdoor.Seed.11
FileAdvisor 1 2007.07.17 no virus found
Fortinet 2.91.0.0 2007.07.17 no virus found
F-Prot 4.3.2.48 2007.07.17 W32/Downloader-Sml-based!Maximus
Ikarus T3.1.1.8 2007.07.17 Backdoor.Win32.Seed.11
Kaspersky 4.0.2.24 2007.07.17 no virus found
McAfee 5075 2007.07.16 New Malware.an
Microsoft 1.2704 2007.07.17 Backdoor:Win32/Seed.D
NOD32v2 2401 2007.07.17 a variant of Win32/Small.NAH
Norman 5.80.02 2007.07.16 no virus found
Panda 9.0.0.4 2007.07.16 Suspicious file
Sophos 4.19.0 2007.07.16 Mal/Behav-119
Sunbelt 2.2.907.0 2007.07.16 no virus found
Symantec 10 2007.07.17 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
VBA32 3.12.2 2007.07.16 no virus found
VirusBuster 4.3.23:9 2007.07.16 no virus found
Webwasher-Gateway 6.0.1 2007.07.17 Trojan.Seed.11.A
Aditional information
File size: 6129 bytes
MD5: 8719c1bb6e6f6e6a26f265d04c463d85
SHA1: d836d0d3fc4de21582aa20a95d4ebb54b4b6c3ea
packers: ASPack

caocao

扫面你也没有过啊
已经隔离: 病毒 Trojan.Generic (变种)        文件: D:\Downloads\1.rar/1.exe//ASPack

promised

不改代码用其他手段过卡巴是很方便的

风野胤

nod报变种
那八成是有加壳

The EQs

在特征码测试里面。。即使没有加壳的东东。。。nod32照样可以报变种

woai_jolin

===================================================================================================
NVCOD On Demand Scanner 5.80.02

NSE revision 5.91.02
nvcbin.def revision 5.90.00 of 2007/07/16 18:21:00 (810345 variants)
nvcmacro.def revision 5.90.00 of 2007/06/29 06:32:19 (20341 variants)
Total number of variants: 830686
Command line: "@C:\Users\Jason\AppData\Local\Temp\~OD7FAF.tmp"
===================================================================================================

       Time  Filename                                                     Virus name
---------------------------------------------------------------------------------------------------
- Scanning files matching: D:\v\1.exe
      633 ms D:\v\1.exe                                                   Virus W32/Malware ( [ General information ]
    * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
    * File length:         8704 bytes.

[ Changes to filesystem ]
    * Creates file C:\WINDOWS\SYSTEM32\C0NIME.EXE.
    * Creates file C:\teh.html.
    * Deletes file C:\teh.html.

[ Changes to registry ]
    * Creates value "conime"="C:\WINDOWS\SYSTEM32\C0NIME.EXE" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run".

[ Process/window information ]
    * Will automatically restart after boot (I'll be back...).
    * Modifies other process memory.
    * Creates a remote thread.

)
- File D:\v\1.exe quarantined.
- File D:\v\1.exe deleted.

===================================================================================================

The scanning started: 2007/07/17 15:09:48
               ended: 2007/07/17 15:09:49
Logged on as        : Jason
on hostname         : JASON-PC

Scanning results:
   Total number of files found..............................:       1
   Number of files scanned..................................:       1
   Number of files/directories skipped due to exclude list..:       0
   Number of files that could not be opened.................:       0
   Number of archive files unpacked.........................:       0
   Number of archive files not unpacked.....................:       0
   Number of infections.....................................:       1

Copyright (c) 1993-2005 Norman ASA.

The EQs

很多人都认为启发式只是查杀未知病毒这么简单。。其实是错误的。。静态启发可以提高特征码识别率

1688388728

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\9ZJO5KCR\1[1].rar\1.exe - infected with BackDoor.Seed.11

Archive contains an infected item

风雪

费尔过。

scottxzt

1.rar\1.exe;D:\Documents and Settings\dell\桌面\1.rar;BackDoor.Seed.11;;