16个可疑大家看看

显示全部楼层 · 发表于 2007-7-1 20:50:26

[MD5: D2370E F6560E 991225 0346E4 ACBC78 520CA1 5E20D7 2CDEB7 7BE1DF 29E089 D6CAD8 2E0DE9 579260 EEB26E 09402B 9B5E3F]

从几百个文件中筛选出来的，中viking真是麻烦啊

还有带宽全被广告下载的暴风和uusee还有51ditu占了

[ 本帖最后由 allenhippo 于 2007-7-1 20:51 编辑 ]

显示全部楼层 · 发表于 2007-7-1 20:59:59

问一下kav主动防御好像防不住VIKING吧

显示全部楼层 · 发表于 2007-7-1 21:02:13

BitDefender

This web page has been blocked by BitDefender Antivirus Real-time Protection!

The blocked web page included objects that were either infected or likely to be infected with a virus. Your system has NOT been infected.

BehavesLike:Trojan.Downloader

显示全部楼层 · 发表于 2007-7-1 21:03:16

Scan performed at: 2007-7-1 20:53:46
Scanning Log
NOD32 version 2366 (20070701) NT
Command line: C:\Documents and Settings\EQ2\桌面\virus
Operating memory - is OK

Date: 1.7.2007 Time: 20:53:54
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\virus\
C:\Documents and Settings\EQ2\桌面\virus\2007.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\virus\F521648.EXE - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\virus\kusn33sd.exe - probably a variant of Win32/Genetik trojan
Number of scanned files: 16
Number of threats found: 3
Number of files cleaned: 3
Time of completion: 20:54:03 Total scanning time: 9 sec (00:00:09)

Notes:
[7] File is probably infected with an unknown virus.

显示全部楼层 · 发表于 2007-7-1 21:05:08

大哥
你是用IKARUS选的吧

C:\ABC\virus\1.exe - Signature 'Trojan-PWS.Win32.QQRob.gi' found
C:\ABC\virus\12345.exe - Suspect code-parts found (Level: 150)
C:\ABC\virus\2007.exe - Suspect code-parts found (Level: 150)
C:\ABC\virus\20363.exe - Suspect code-parts found (Level: 120)
C:\ABC\virus\AlexaInstaller.exe
C:\ABC\virus\cc.exe - Signature 'Trojan.Dloader.YG' found
C:\ABC\virus\cone.exe - Signature 'Trojan-Downloader.Win32.Agent.avr' found
C:\ABC\virus\Expander.exe - Signature 'Trojan-Dropper.Win32.Delf.zn' found
C:\ABC\virus\F521648.EXE - Signature 'Backdoor.Win32.Agent.ahj' found
C:\ABC\virus\Installeur.exe - Signature 'Trojan.Popwin.BK' found
C:\ABC\virus\IsXunpack.exe - Signature 'Trojan-Dropper.Win32.Delf.zn' found
C:\ABC\virus\jj.exe - Signature 'Backdoor.Win32.Agent.sp' found
C:\ABC\virus\kusn33sd.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:\ABC\virus\qdAxB.exe - Signature 'Worm.Win32.Agent.t' found
C:\ABC\virus\SkypeClientt.exe - Suspect code-parts found (Level: 150)
C:\ABC\virus\WUN.exe - Signature 'Trojan-Dropper.Win32.Delf.zn' found

16 Files scanned
(0 Archives with 0 files)
11 Signatures found
4 Suspect code-parts found
Used time: 0:03.750

显示全部楼层 · 发表于 2007-7-1 21:10:51

detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\Expander.exe
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\IsXunpack.exe
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\WUN.exe
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\20363.exe
detected: virus Heur.Downloader (modification) File: E:\Ñù±¾\bingdu\cone.exe//ASPack
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\qdAxB.exe
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\kusn33sd.exe
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\F521648.EXE
detected: virus Heur.Trojan.Generic (modification) File: E:\Ñù±¾\bingdu\jj.exe

上报

显示全部楼层 · 发表于 2007-7-1 21:14:02

肉眼加运行筛选，当时忘了我有ikarus了

显示全部楼层 · 发表于 2007-7-1 21:15:21

AVK杀11个
AVK+MCAFEE杀15个
剩下一个

显示全部楼层 · 发表于 2007-7-1 21:23:42

可以防的住

显示全部楼层 · 发表于 2007-7-1 21:24:16

popwin。。。不知道为什么nod32总是不杀这个？已经上报N次了。。都没有定义。。

[病毒样本] 16个可疑大家看看

本帖子中包含更多资源

杀了3个，其余的上报

回复 #5 promised 的帖子

回复 #2 promised 的帖子

浏览过的版块