OPDA格盘代码卡巴斯基、nod32等己入库，其它主流厂商继续无视！

显示全部楼层 · 发表于 2009-8-8 10:32:10

原帖由 lingbo110120 于 2009-8-8 10:25 发表
样本呢？怎么给删了？

http://bbs.kafan.cn/thread-533817-1-1.html

显示全部楼层 · 发表于 2009-8-8 10:34:05

http://virscan.org/report/d81377fca5efe32d2cfb5b82ac4d9257.html

很多杀软对BaT衍生物有反应的。

Scanner results

Scanner results :	16% Scanner(6/37) found malware!
Time :	2009/08/08 11:28:00 (JST)

Scanner	Engine Ver	Sig Ver	Sig Date	Scan result	Time
a-squared	4.5.0.3	20090808063123	2009-08-08	-	0.363
AhnLab V3	2009.08.07.07	2009.08.07	2009-08-07	-	0.764
AntiVir	8.2.0.248	7.1.5.85	2009-08-07	BAT/Agent.484	0.435
Antiy	2.0.18	20090804.2672262	2009-08-04	-	0.121
Arcavir	2009	200908071405	2009-08-07	-	0.018
Authentium	5.1.1	200908071018	2009-08-07	-	1.184
AVAST!	4.7.4	090807-0	2009-08-07	-	0.002
AVG	8.5.288	270.13.47/2289	2009-08-08	-	0.314
BitDefender	7.81008.3835127	7.27051	2009-08-08	BehavesLike:BAT.Delete (suspected)	3.415
CA (VET)	9.0.0.143	31.6.6665	2009-08-08	-	6.627
ClamAV	0.95.2	9666	2009-08-08	-	0.005
Comodo	3.10	1903	2009-08-07	-	0.720
CP Secure	1.1.0.715	2009.08.08	2009-08-08	-	11.844
Dr.Web	4.44.0.9170	2009.08.07	2009-08-07	-	5.949
F-Prot	4.4.4.56	20090807	2009-08-07	-	1.225
F-Secure	7.02.73807	2009.08.07.10	2009-08-07	Trojan.BAT.Formatter.m [AVP]	0.053
Fortinet	2.81-3.120	10.691	2009-08-07	-	0.164
GData	19.6944/19.431	20090808	2009-08-08	Trojan.BAT.Formatter.m [Engine:A]	8.122
Ikarus	T3.1.01.64	2009.08.07.73200	2009-08-07	-	3.363
JiangMin	11.0.800	2009.08.07	2009-08-07	-	3.428
Kaspersky	5.5.10	2009.08.08	2009-08-08	Trojan.BAT.Formatter.m	0.049
KingSoft	2009.2.5.15	2009.8.7.18	2009-08-07	-	0.548
McAfee	5.3.00	5701	2009-08-07	-	3.045
Microsoft	1.4903	2009.08.07	2009-08-07	-	5.533
Norman	6.01.09	6.01.00	2009-08-06	-	0.004
nProtect	20090807.01	4975345	2009-08-07	-	8.261
Panda	9.05.01	2009.08.07	2009-08-07	-	1.756
Quick Heal	10.00	2009.08.07	2009-08-07	-	1.117
Rising	20.0	21.41.44.00	2009-08-07	-	0.283
Sophos	2.89.1	4.44	2009-08-08	-	2.828
Sunbelt	5318	5318	2009-08-07	-	1.371
Symantec	1.3.0.24	20090807.007	2009-08-07	-	0.191
The Hacker	6.3.4.3	v00378	2009-08-07	Bat/Generic	0.753
Trend Micro	8.700-1004	6.350.01	2009-08-07	-	0.022
VBA32	3.12.10.9	20090807.1152	2009-08-07	-	1.837
ViRobot	20090807	2009.08.07	2009-08-07	-	0.434
VirusBuster	4.5.11.10	10.111.6/1844209	2009-08-07	-	2.312

NOTICE: It may be false positive by some scanners when they found a malware, so you should judge it by yourself.

显示全部楼层 · 发表于 2009-8-8 10:34:57

http://bbs.kafan.cn/thread-533757-1-1.html
这个还是无视

显示全部楼层 · 发表于 2009-8-8 10:39:59

原帖由 寻找周宇轩 于 2009-8-8 10:34 发表
 http://bbs.kafan.cn/thread-533757-1-1.html
这个还是无视

不会啊。

We received the following archive files:

File ID	Filename	Size (Byte)	Result
25421581	Norton2010.rar	25.64 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25421582	Norton2010.exe	52 KB	MALWARE

Please find a detailed report concerning each individual sample below:

Filename	Result
Norton2010.exe	MALWARE

The file 'Norton2010.exe' has been determined to be 'MALWARE'.
Our analysts named the threat DR/Formatter.N.The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection is added to our virus definition file (VDF) starting with version 7.01.05.85.

红伞确认是Malware.

显示全部楼层 · 发表于 2009-8-8 10:51:09

測試準備好,開始了...

沒反應=- =...

原文件送上紅傘:Damage File (Unknown)....

[ 本帖最后由 harry4567 于 2009-8-8 10:55 编辑 ]

显示全部楼层 · 发表于 2009-8-8 10:53:56

因为是破解工具，估计很多人即使杀软特征码报了也当它是误杀，关了杀软继续点

显示全部楼层 · 发表于 2009-8-8 10:59:52

被解出來的update.exe.

显示全部楼层 · 发表于 2009-8-8 11:03:29

原帖由冲冲于 2009-8-8 10:53 发表
因为是破解工具，估计很多人即使杀软特征码报了也当它是误杀，关了杀软继续点

確實,我也中過招,中過寄生虫

显示全部楼层 · 发表于 2009-8-8 11:07:50

原帖由 harry4567 于 2009-8-8 10:51 发表
測試準備好,開始了...

沒反應=- =...

原文件送上紅傘:Damage File (Unknown)....

诡异哦。

我就搞不懂了，为什么红伞认为是damage file.

[ 本帖最后由 eyesineyes 于 2009-8-8 11:08 编辑 ]

显示全部楼层 · 发表于 2009-8-8 11:08:19

to mpav

[病毒样本] OPDA格盘代码卡巴斯基、nod32等己入库，其它主流厂商继续无视！

本帖子中包含更多资源