这个是不是盗号病毒！

tyyds

我玩冒险岛下栽了个外挂，很多杀软报病毒，因为很多外挂的写法疑似病毒，没什么好奇怪！但是有的朋友说容易被盗号！还请高手给鉴定下！主要看下是不是含有盗号木马！

lingbo110120

File swwV065_3_8k8e.rar received on 10.07.2008 16:52:15 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 3/36 (8.34%)

Loading server information...
Your file is queued in position: 1.
Estimated start time is between 37 and 53 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.

Compact
Print results

Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position:
) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.  

Email:

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.10.3.2	2008.10.07	-
AntiVir	7.8.1.34	2008.10.07	-
Authentium	5.1.0.4	2008.10.07	-
Avast	4.8.1248.0	2008.10.07	-
AVG	8.0.0.161	2008.10.07	-
BitDefender	7.2	2008.10.07	-
CAT-QuickHeal	9.50	2008.10.07	-
ClamAV	0.93.1	2008.10.07	-
DrWeb	4.44.0.09170	2008.10.07	-
eSafe	7.0.17.0	2008.10.07	-
eTrust-Vet	31.6.6133	2008.10.07	-
Ewido	4.0	2008.10.07	-
F-Prot	4.4.4.56	2008.10.06	-
F-Secure	8.0.14332.0	2008.10.07	-
Fortinet	3.113.0.0	2008.10.07	-
GData	19	2008.10.07	-
Ikarus	T3.1.1.34.0	2008.10.07	VirTool.Win32.DelfInject.AF
K7AntiVirus	7.10.487	2008.10.07	-
Kaspersky	7.0.0.125	2008.10.07	-
McAfee	5399	2008.10.07	-
Microsoft	1.4005	2008.10.07	-
NOD32	3500	2008.10.07	-
Norman	5.80.02	2008.10.06	-
Panda	9.0.0.4	2008.10.07	-
PCTools	4.4.2.0	2008.10.07	-
Prevx1	V2	2008.10.07	CE
Rising	20.65.12.00	2008.10.07	-
SecureWeb-Gateway	6.7.6	2008.10.07	-
Sophos	4.34.0	2008.10.07	-
Sunbelt	3.1.1707.1	2008.10.07	-
Symantec	10	2008.10.07	-
TheHacker	6.3.1.0.102	2008.10.07	-
TrendMicro	8.700.0.1004	2008.10.07	-
VBA32	3.12.8.6	2008.10.07	suspected of Backdoor.XiaoBird.67 (paranoid heuristics)
ViRobot	2008.10.7.1410	2008.10.07	-
VirusBuster	4.5.11.0	2008.10.07	-

谁说很多少软报毒的？

tyyds

不好意思，我就用个卡把！我的朋友也说报出！我就说很多杀软了 抱歉！
还请给个明确的结论，这个我看不懂

呵呵---路过，不发表看法

theboyfromchina

爽歪歪嘛？我坚决不用～～～～～～～应该是有毒的～～～～～见到SWW就知道了…………

lingbo110120

首先上面的报告卡巴没有报....
我的绿色卡巴KAV8.0也没报

还有 我不是测试人员- -
我不能明确给你答复
我不是毒组的

这个东西多半不是毒

lingbo110120

报告来了 明确给你回复 不是毒  没有明确可疑动作

• Submission details:
  • Submission received: 8 October 2008, 01:56:55
  • Processing time: 5 min 22 sec
  • Submitted sample:
    • File MD5: 0x2DAC47080C94BAA00182BEACB5A03C9B
    • Filesize: 26,112 bytes

• Summary of the findings:

What's been found	Severity Level
Downloads/requests other files from Internet.

Technical Details:

• The new window was created, as shown below:

NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.

File System Modifications

• The following file was created in the system:

#	Filename(s)	File Size	File MD5
1	[file and pathname of the sample #1]	26,112 bytes	0x2DAC47080C94BAA00182BEACB5A03C9B

Memory Modifications

• There was a new process created in the system:

Process Name	Process Filename	Main Module Size
[filename of the sample #1]	[file and pathname of the sample #1]	49,152 bytes

Other details

• Analysis of the file resources indicate the following possible country of origin:

China

• The following Internet Connection was established:

Server Name	Server Port	Connect as User	Connection Password
bbs.bb1314.com	80	(null)	(null)

• The following GET requests were made:
  • index.html
  • index.jpg

[ 本帖最后由 lingbo110120 于 2008-10-7 23:07 编辑 ]

tyyds

多谢！我用着放心了

08红伞威点

红伞Pass，上报提交分析。

wusuobuzai

报的不是很多,应该是误报吧~