NOD 32：现场抓网马一只

曲中求

搜索“死亡笔记”。。。。。。哎。。。

金剑

14点28分你中的

蓝色牛仔裤

看你往哪逃~~

2007-4-1 14:33:12        Safe'n'Sec Scan report

2007-4-1 14:33:12        Scan start time:        2007-4-1 14:33:12

2007-4-1 14:33:12        Action applied to detected malware:       
2007-4-1 14:33:12        Scan level:        Full

2007-4-1 14:33:13        D:\645.rar        Infected        Trojan-Downloader.JS.IstBar.ai#3        Moved to quarantine
2007-4-1 14:33:13        Scan area:

2007-4-1 14:33:13        D:\645.rar
2007-4-1 14:33:13       
2007-4-1 14:33:13        Objects scanned:        1
2007-4-1 14:33:13        Malicious objects detected:        1
2007-4-1 14:33:13        Malicious objects deleted / removed:        1

2007-4-1 14:33:13        Scan completion time:        2007-4-1 14:33:13

蓝色牛仔裤

Virus check with AntiVirusKit
Version 16.0.7
Virus signatures of 2007-3-29
Start time: 2007-4-1 14:34
Engine(s): KAV engine (AVK 17.3611), BD-Engine (BD 17.5838)
Heuristic: On
Archives: On
System areas: On

Check system areas...
Check selected directories and files...
Object: 645.html&ed_ads_open_class=0&ed_ads_logo=0&ed_ads_tempstop=&ed_ads_webtest=0&ed_ads_group=
        In archive: D:\645.rar
        Status: Virus detected
        Virus: Trojan.Downloader.JS.Istbar.B (BD-Engine)
Object: 645.rar
        Path: D:
        Status: Virus detected
        Virus: Trojan.Downloader.JS.Istbar.B (BD-Engine)
Analysis complete: 2007-4-1 14:34
    1 files checked
    1 infected files detected
    0 suspected files detected

曲中求

挂的比较惨啊。。。。。

AhnLab-V3	2007.3.31.0	04.01.2007 [td]no virus found
AntiVir	7.3.1.47	03.31.2007 [td]no virus found
Authentium	4.93.8	03.31.2007 [td]no virus found
Avast	4.7.936.0	03.31.2007 [td]no virus found
AVG	7.5.0.447	03.31.2007	Exploit
BitDefender	7.2	04.01.2007	Trojan.Downloader.JS.Istbar.B
CAT-QuickHeal	9.00	03.31.2007 [td]no virus found
ClamAV	devel-20070312	04.01.2007	Trojan.Clicker.HTML.Agent
DrWeb	4.33	03.31.2007 [td]no virus found
eSafe	7.0.15.0	03.31.2007 [td]no virus found
eTrust-Vet	30.6.3527	03.31.2007 [td]no virus found
Ewido	4.0	03.31.2007	Downloader.IstBar.ai
FileAdvisor	1	04.01.2007 [td]no virus found
Fortinet	2.85.0.0	04.01.2007 [td]no virus found
F-Prot	4.3.1.45	03.30.2007 [td]no virus found
F-Secure	6.70.13030.0	03.31.2007 [td]no virus found
Ikarus	T3.1.1.3	04.01.2007	Trojan-Downloader.JS.IstBar.AI
Kaspersky	4.0.2.24	04.01.2007 [td]no virus found
McAfee	4997	03.31.2007 [td]no virus found
Microsoft	1.2306	04.01.2007 [td]no virus found
NOD32v2	2160	03.31.2007	JS/TrojanDownloader.IstBar.G
Norman	5.80.02	03.31.2007 [td]no virus found
Panda	9.0.0.4	03.31.2007 [td]no virus found
Prevx1	V2	04.01.2007 [td]no virus found
Sophos	4.16.0	03.30.2007 [td]no virus found
Sunbelt	2.2.907.0	03.31.2007 [td]no virus found
Symantec	10	04.01.2007 [td]no virus found
TheHacker	6.1.6.083	03.30.2007 [td]no virus found
UNA	1.83	03.16.2007	TrojanDownloader.JS.IstBar
VBA32	3.11.3	04.01.2007	Trojan-Downloader.JS.IstBar.ai#3
VirusBuster	4.3.7:9	03.31.2007	JS.IstBar.B
Webwasher-Gateway	6.0.1	04.01.2007 [td]no virus found

solcroft

原帖由 曲中求 于 2007-4-1 16:07 发表
挂的比较惨啊。。。。。

只是弹出广告窗口的脚本罢了，要说成是“网马”可有点牵强
但其实NOD32杀脚本也好的，NOD32免杀木马太好做，所以针对脚本先下手为强

[ 本帖最后由 solcroft 于 2007-4-1 16:16 编辑 ]

gggh

卡巴不报杀....

The EQs

nod32就是杀这类和蠕虫强

观弈书童

C:\Documents and Settings\Administrator\桌面\病毒样本\样本文件\645.rar ?RAR ?645.html&ed_ads_open_class=0&ed_ads_logo=0&ed_ads_tempstop=&ed_ads_webtest=0&ed_ads_group= - JS/TrojanDownloader.IstBar.G 木马

马力

驱逐舰飘过~~~~~