哪位大虾有最新的“证券大盗”？ 附4支卡巴未报的毒 4DD9D2

Nblock

变种也行

[ 本帖最后由 Nblock 于 2007-10-11 17:13 编辑 ]

绅博周幸

卡巴4个全挂

Nblock

原帖由 绅博周幸 于 2007-10-11 11:15 发表
卡巴4个全挂

卡巴卡巴  运行下看看！

mofunzone

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\TDDOWNLOAD.rar'
C:\Users\morgan\Documents\
  TDDOWNLOAD.rar
  TDDOWNLOAD.rar:Zone.Identifier
    [0] Archive type: RAR
    --> logo.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [1] Archive type: RAR SFX (self extracting)
        --> 2.bat
            [DETECTION] Contains detection pattern of the batch virus BAT/Zyfore.AB
            [WARNING]   Infected files in archives cannot be repaired!
        --> 2.exe
            [DETECTION] Contains suspicious code HEUR/Crypted
            [WARNING]   Infected files in archives cannot be repaired!
        --> 2.vbs
    --> no.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> e.exe
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> line.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [1] Archive type: RAR SFX (self extracting)
        --> 2.bat
            [DETECTION] Contains detection pattern of the batch virus BAT/Zyfore.AB
            [WARNING]   Infected files in archives cannot be repaired!
        --> 2.exe
            [DETECTION] Contains suspicious code HEUR/Crypted
            [WARNING]   Infected files in archives cannot be repaired!
        --> 2.vbs
        [WARNING]   The file was ignored!


End of the scan: 2007年10月10日  20:25
Used time: 00:06 min

The scan has been done completely.

      0 Scanning directories
     12 Files were scanned
      4 viruses and/or unwanted programs were found
      4 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      8 Files not concerned
      3 Archives were scanned
      9 Warnings
      0 Notes

goodchipmka

扫描开始时间: 2007-10-11 11:26:11
扫描日志
NOD32 版本 2585 (20071010) NT
命令行: C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar
C:\Program Files\Eset\nod32.exe<病毒 - 正常>
系统内存<病毒 - >
物理磁盘 1 的 MBR 扇区，<病毒 - 正常>
物理磁盘 1 的活动引导扇区，<病毒 - 正常>

日期: 2007年10月11日  时间: 11:26:22
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?logo.exe ?RAR ?2.bat<病毒 - BAT/KillAV.EC 木马>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?logo.exe ?RAR ?2.exe<病毒 - 可能是 Win32/TrojanDownloader.Delf.NSA 木马 变种>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?logo.exe ?RAR ?2.vbs<病毒 - 正常>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?no.exe<病毒 - Win32/PSW.OnLineGames.NFF 木马 变种>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?e.exe<病毒 - 可能是 Win32/TrojanDownloader.Delf.NSA 木马 变种>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?line.exe ?RAR ?2.bat<病毒 - BAT/KillAV.EC 木马>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?line.exe ?RAR ?2.exe<病毒 - 可能是 Win32/TrojanDownloader.Delf.NSA 木马 变种>
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD.rar ?RAR ?line.exe ?RAR ?2.vbs<病毒 - 正常>
已扫描文件数量: 9
已发现病毒数量: 6
活动的病毒数量: 1
完成时间: 11:26:29 总共扫描时间: 7 秒 (00:00:07)

The EQs

C:\Documents and Settings\Don johnson\桌面\TDDOWNLOAD.rar &raquo; RAR &raquo; logo.exe &raquo; RAR &raquo; 2.bat - BAT/KillAV.EC trojan
C:\Documents and Settings\Don johnson\桌面\TDDOWNLOAD.rar &raquo; RAR &raquo; logo.exe &raquo; RAR &raquo; 2.exe - probably a variant of Win32/TrojanDownloader.Delf.NSA trojan
C:\Documents and Settings\Don johnson\桌面\TDDOWNLOAD.rar &raquo; RAR &raquo; no.exe - a variant of Win32/PSW.OnLineGames.NFF trojan
C:\Documents and Settings\Don johnson\桌面\TDDOWNLOAD.rar &raquo; RAR &raquo; e.exe - probably a variant of Win32/TrojanDownloader.Delf.NSA trojan
C:\Documents and Settings\Don johnson\桌面\TDDOWNLOAD.rar &raquo; RAR &raquo; line.exe &raquo; RAR &raquo; 2.bat - BAT/KillAV.EC trojan
C:\Documents and Settings\Don johnson\桌面\TDDOWNLOAD.rar &raquo; RAR &raquo; line.exe &raquo; RAR &raquo; 2.exe - probably a variant of Win32/TrojanDownloader.Delf.NSA trojan

欠妳緈諨

6

欠妳緈諨

用AntiVirusKit扫描病毒
版本 16.0.7
病毒库签名 2007-10-9
开始时间: 2007-10-11 12:17
引擎: KAV 引擎 (AVK 17.8716), BD  引擎 (BD 17.5530)
启发式: 打开
压缩文件: 打开
系统区域: 打开

扫描系统区域...
扫描所选择的目录和文件...
对象: logo.exe=>(RAR Sfx o) 2.bat
        在压缩档案里: D:\病毒测试\样本存放\有价值样本\TDDOWNLOAD.rar
        Status: 可疑病毒
        病毒: Trojan.BAT.Starter.M (BD  引擎)
对象: logo.exe=>(RAR Sfx o) 2.exe
        在压缩档案里: D:\病毒测试\样本存放\有价值样本\TDDOWNLOAD.rar
        Status: 已发现病毒
        病毒: GenPack:Trojan.Agent.AFJY (BD  引擎)
对象: e.exe
        在压缩档案里: D:\病毒测试\样本存放\有价值样本\TDDOWNLOAD.rar
        Status: 已发现病毒
        病毒: GenPack:Trojan.Agent.AFJY (BD  引擎)
对象: line.exe=>(RAR Sfx o) 2.bat
        在压缩档案里: D:\病毒测试\样本存放\有价值样本\TDDOWNLOAD.rar
        Status: 可疑病毒
        病毒: Trojan.BAT.Starter.M (BD  引擎)
对象: line.exe=>(RAR Sfx o) 2.exe
        在压缩档案里: D:\病毒测试\样本存放\有价值样本\TDDOWNLOAD.rar
        Status: 已发现病毒
        病毒: GenPack:Trojan.Agent.AFJY (BD  引擎)

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 443
Paranoia Database - 7092
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\logo.exe - Infected MalwareDetector:Win32.Generic.Malware.7b2
C:\Documents and Settings\uhthn\Desktop\New Folder\no.exe - Infected Generic.Malware.981
C:\Documents and Settings\uhthn\Desktop\New Folder\e.exe - Infected Generic.Malware.646
C:\Documents and Settings\uhthn\Desktop\New Folder\line.exe - Infected MalwareDetector:Win32.Generic.Malware.7b2

4 Files scanned
4 Infected files found
0 Suspected files found
0 Files cured
4 Files deleted

wangjay1980

deleted: Trojan program Trojan-Downloader.Win32.Baser.ab        File: C:\Documents and Settings\Owner\×&Agrave;&Atilde;&aelig;\TDDOWNLOAD.rar/logo.exe/2.bat
deleted: Trojan program Trojan-Downloader.Win32.Baser.ab        File: C:\Documents and Settings\Owner\×&Agrave;&Atilde;&aelig;\TDDOWNLOAD.rar/logo.exe/2.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.eqn        File: C:\Documents and Settings\Owner\×&Agrave;&Atilde;&aelig;\TDDOWNLOAD.rar/no.exe//BeRo//PE_Patch.UPX//UPX//PE_Patch.MaskPE
deleted: Trojan program Trojan-Downloader.Win32.Baser.aa        File: C:\Documents and Settings\Owner\×&Agrave;&Atilde;&aelig;\TDDOWNLOAD.rar/e.exe//BeRo//ASPack
deleted: Trojan program Trojan-Downloader.Win32.Baser.ab        File: C:\Documents and Settings\Owner\×&Agrave;&Atilde;&aelig;\TDDOWNLOAD.rar/line.exe