NOD32 Kaspersky FOUND NOTHING

promised

RT
STATUS: FINISHED
Complete scanning result of "eAPI.rar", received in VirusTotal at 04.03.2007, 14:41:20 (CET).

Antivirus	Version	Update	Result
AhnLab-V3	2007.4.3.1	04.03.2007 [td]no virus found
AntiVir	7.3.1.48	04.03.2007	APPL/eAPI
Authentium	4.93.8	03.31.2007 [td]no virus found
Avast	4.7.936.0	04.03.2007 [td]no virus found
AVG	7.5.0.447	04.03.2007 [td]no virus found
BitDefender	7.2	04.03.2007	Trojan.Spy.Agent.VS
CAT-QuickHeal	9.00	04.02.2007 [td]no virus found
ClamAV	devel-20070312	04.03.2007 [td]no virus found
DrWeb	4.33	04.03.2007 [td]no virus found
eSafe	7.0.15.0	04.03.2007	Suspicious Trojan/Worm
eTrust-Vet	30.6.3536	04.03.2007 [td]no virus found
Ewido	4.0	04.03.2007	Logger.Agent.vs
FileAdvisor	1	04.03.2007 [td]no virus found
Fortinet	2.85.0.0	04.02.2007 [td]no virus found
F-Prot	4.3.1.45	03.30.2007 [td]no virus found
F-Secure	6.70.13030.0	04.03.2007 [td]no virus found
Ikarus	T3.1.1.3	04.03.2007 [td]no virus found
Kaspersky	4.0.2.24	04.03.2007 [td]no virus found
McAfee	4998	04.02.2007 [td]no virus found
Microsoft	1.2306	04.03.2007 [td]no virus found
NOD32v2	2166	04.03.2007 [td]no virus found
Norman	5.80.02	04.03.2007 [td]no virus found
Panda	9.0.0.4	04.03.2007	Suspicious file
Prevx1	V2	04.03.2007 [td]no virus found
Sophos	4.16.0	03.30.2007	Mal/Behav-027
Sunbelt	2.2.907.0	04.03.2007	VIPRE.Suspicious
Symantec	10	04.03.2007 [td]no virus found
TheHacker	6.1.6.084	04.02.2007 [td]no virus found
VBA32	3.11.3	04.03.2007 [td]no virus found
VirusBuster	4.3.7:9	04.02.2007 [td]no virus found
Webwasher-Gateway	6.0.1	04.03.2007	Riskware.eAPI

Aditional Information

File size: 117315 bytes

MD5: dc2b3a3cee15c0eb3e7395179d8a08dc

SHA1: a7e17df6e7bb9d17999e19ff1e3358b2e73efb1b

packers: PECOMPACT

packers: PecBundle, PECompact

Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious

红伞报的好奇怪

[ 本帖最后由 promised 于 2007-4-3 20:47 编辑 ]

jlennon

Virus check with AntiVirusKit
Version 16.0.7
Virus signatures of 2007-4-1
Start time: 2007-4-3 18:32
Engine(s): KAV engine (AVK 17.3690), BD-Engine (BD 17.2421)
Heuristic: On
Archives: On
System areas: On

Check system areas...
Check selected directories and files...
Object: eAPI.fne
        In archive: C:\Documents and Settings\Administrator\桌面\eAPI.rar
        Status: Virus detected
        Virus: Trojan.Spy.Agent.VS (BD-Engine)
Object: eAPI.rar
        Path: C:\Documents and Settings\Administrator\桌面
        Status: Move file into quarantine
        Virus: Trojan.Spy.Agent.VS (BD-Engine)
Analysis complete: 2007-4-3 18:32
    1 files checked
    1 infected files detected
    0 suspected files detected

mhj144007

附件文件不存在或无法读入，请与管理员联系

要多少等級才能下載操作？？？

小邪邪

这个文件怪怪的

观弈书童

NOD32、金山挂

蓝色牛仔裤

这dd真的挺奇怪的, 等待高手分析.....

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:        21:18:47 2007-4-3

+ Scan result:        



D:\新建文件夹\eAPI.rar/eAPI.fne -> Logger.Agent.vs : No action taken.


::Report end

promised

原帖由 蓝色牛仔裤 于 2007-4-3 21:22 发表
这dd真的挺奇怪的, 等待高手分析.....

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ C ...

APPL/eAPI是什么DD
我发之前木有用多引擎扫过
这个病毒签名和文件名巧合太奇怪了

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\eAPI.rar'
C:\Documents and Settings\morgan\My Documents\
  eAPI.rar
    [0] Archive type: RAR
    --> eAPI.fne
        [DETECTION] Contains signature of the application APPL/eAPI
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      The file was deleted!
appl是application
eapi就是名称了