10 个进口货

显示全部楼层 · 发表于 2007-7-20 18:01:19

[MD5: B596FF A886AC B19650 0BF5EA 4B94B9 58F05E 0F19E7 8752D6 D3D77A D48147]

基本上都是北美那边的...国内毒杀厌了也杀杀国外的

显示全部楼层 · 发表于 2007-7-20 18:01:38

强

风暴胜者V2 贺岁精简网络版本
_________您的安全是我们的责任_______________
作者：Sanhuan222@163.com TM:469428271
个人Blog：http://hi.baidu.com/迅者/

===============================================
___________病毒查杀结果__________________

===============================================

2007年5月20日18时4分19秒开始查杀C:\Documents and Settings\Administrator\桌面\virus\Message.pif
威胁性文件：C:\Documents and Settings\Administrator\桌面\virus\Message.pif\Information.exe
威胁性文件：C:\Documents and Settings\Administrator\桌面\virus\Message.pif\00-METALLICA_SONG.MP3.pif
****************************
您应该引起注意的文件:

-----------------------------------------

=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。

C:\Documents and Settings\Administrator\桌面\virus\Message.pif\Information.exe 带壳文件:UPX加壳
C:\Documents and Settings\Administrator\桌面\virus\Message.pif\Joke.com 带壳文件:UPX加壳
C:\Documents and Settings\Administrator\桌面\virus\Message.pif\Message.pif 带壳文件:UPX加壳
-----------------------------------------

2007年5月20日18时4分20秒收起线程…100% 查杀完毕！
扫描文件：9查杀病毒：2

[ 本帖最后由 FBAV 于 2007-7-20 18:04 编辑 ]

显示全部楼层 · 发表于 2007-7-20 18:04:15

原生态的~~

显示全部楼层 · 发表于 2007-7-20 18:04:19

Scan performed at: 2007-7-20 18:04:30
Scanning Log
NOD32 version 2409 (20070720) NT
Command line: C:\Documents and Settings\EQ2\桌面\Message.pif
Operating memory - is OK
Date: 20.7.2007 Time: 18:04:36
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\Message.pif\
C:\Documents and Settings\EQ2\桌面\Message.pif\00-METALLICA_SONG.MP3.pif.vir - Win32/MTX.A virus - quarantined - cleaned by deleting [1]
C:\Documents and Settings\EQ2\桌面\Message.pif\Card.DOC.doc.vir - Win32/Badtrans.29020.A worm - quarantined - cleaned by deleting [1]
C:\Documents and Settings\EQ2\桌面\Message.pif\Doll.com.vir - Win32/Bagle.AH worm - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\Message.pif\Garry.cpl.vir - Win32/Bagle.drp.gen2 worm - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\Message.pif\Information.obj.vir - Win32/Bagle.J worm - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\Message.pif\Joke.com.vir - Win32/Bagle.AB worm - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\Message.pif\Message.pif.vir - Win32/Bagle.M worm - quarantined - cleaned by deleting [1]
C:\Documents and Settings\EQ2\桌面\Message.pif\traba_del_queso.doc.doc.vir - Win32/Sircam worm - quarantined - cleaned by deleting [1]
C:\Documents and Settings\EQ2\桌面\Message.pif\your_document.pif.vir - Win32/Sobig.F worm - quarantined - unable to clean - deleted
Number of scanned files: 10
Number of threats found: 9
Number of files cleaned: 5
Time of completion: 18:04:36 Total scanning time: 0 sec (00:00:00)
Notes:
[1] File has been deleted - contained only the virus body.

[ 本帖最后由 EQ2 于 2007-7-20 18:05 编辑 ]

显示全部楼层 · 发表于 2007-7-20 18:04:30

Starting the file scan:

Begin scan in 'F:\病毒样本\Message.pif.rar'
F:\病毒样本\Message.pif.rar
  [0] Archive type: RAR
  --> Message.pif.vir
   [DETECTION] Contains signature of the worm WORM/Bagle.O
  --> 00-METALLICA_SONG.MP3.pif.vir
   [DETECTION] Contains code of the Windows virus W95/Matrix.SCR
  --> Doll.com.vir
   [DETECTION] Contains signature of the worm WORM/Bagle.AI
  --> Garry.cpl.vir
   [DETECTION] Contains signature of the worm WORM/Bagle.AI
  --> Joke.com.vir
   [DETECTION] Contains signature of the worm WORM/Bagle.AA
  --> Card.DOC.doc.vir
   [DETECTION] Contains signature of the worm WORM/BadTrans.B1
  --> traba_del_queso.doc.doc.vir
   [DETECTION] Contains signature of the worm WORM/W32.Sircam.C
  --> Information.obj.vir
   [DETECTION] Contains signature of the worm WORM/Bagle.J
  --> your_document.pif.vir
   [DETECTION] Contains signature of the worm WORM/Sobig.F
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-7-20 18:04:35

NOD32发现9个

显示全部楼层 · 发表于 2007-7-20 18:07:19

9个就9个

[:30:] [:30:] [:30:] [:30:] [:30:] [:30:] [:30:] [:30:]
已删除: 病毒 Email-Worm.Win32.Bagle.n       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\Message.pif.vir
已删除: 病毒 Email-Worm.Win32.MTX       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\00-METALLICA_SONG.MP3.pif.vir
已删除: 病毒 Email-Worm.Win32.Bagle.ai       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\Doll.com.vir
已删除: 病毒 Email-Worm.Win32.Bagle.ai       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\Garry.cpl.vir
已删除: 病毒 Email-Worm.Win32.Bagle.z       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\Joke.com.vir
已删除: 病毒 Email-Worm.Win32.BadtransII       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\Card.DOC.doc.vir
已删除: 病毒 Email-Worm.Win32.Sircam.c       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\traba_del_queso.doc.doc.vir
已删除: 病毒 Email-Worm.Win32.Bagle.i       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\Information.obj.vir
已删除: 病毒 Email-Worm.Win32.Sobig.f.dam       文件: C:\Documents and Settings\wing\桌面\Message[1].pif.rar\your_document.pif.vir

[ 本帖最后由自由于 2007-7-20 18:48 编辑 ]

显示全部楼层 · 发表于 2007-7-20 18:21:23

nod32都是已知的.

9..

Scan performed at: 2007-7-20 18:16:08
Scanning Log
NOD32 version 2409 (20070720) NT
Command line: F:\Message[1].pif
Operating memory - is OK

Date: 20.7.2007 Time: 18:16:11
Anti-Stealth technology is enabled.
Scanned disks, folders and files: F:\Message[1].pif\
F:\Message[1].pif\00-METALLICA_SONG.MP3.pif.vir - Win32/MTX.A virus
F:\Message[1].pif\Card.DOC.doc.vir - Win32/Badtrans.29020.A worm
F:\Message[1].pif\Doll.com.vir - Win32/Bagle.AH worm
F:\Message[1].pif\Garry.cpl.vir - Win32/Bagle.drp.gen2 worm
F:\Message[1].pif\Information.obj.vir - Win32/Bagle.J worm
F:\Message[1].pif\Joke.com.vir - Win32/Bagle.AB worm
F:\Message[1].pif\Message.pif.vir - Win32/Bagle.M worm
F:\Message[1].pif\traba_del_queso.doc.doc.vir - Win32/Sircam worm
F:\Message[1].pif\your_document.pif.vir - Win32/Sobig.F worm
Number of scanned files: 10
Number of threats found: 9
Number of files cleaned: 5
Time of completion: 18:16:12 Total scanning time: 1 sec (00:00:01)
Notes:
[1] File has been deleted - contained only the virus body.

[ 本帖最后由 hj5abc 于 2007-7-20 18:24 编辑 ]

显示全部楼层 · 发表于 2007-7-20 18:26:13

蜘蛛发现9个直接移到隔离区了

显示全部楼层 · 发表于 2007-7-20 18:29:41

原帖由自由于 2007-7-20 18:07 发表
全吃
已检测到: 病毒 Email-Worm.Win32.Bagle.n URL: http://bbs.kafan.cn/attachment.php?aid=103038/Message.pif.vir
已删除: 病毒 Email-Worm.Win32.Bagle.n 文件: C:\Documents and Settings\wing\桌面\M ...

卡巴是9个的..

[病毒样本] 10 个进口货

本帖子中包含更多资源