[MD5: C626FA AD7758 FAF04A 6D4971 4F381A 985E55 595FED C626FA]

qianwenxiang

[MD5: C626FA AD7758 FAF04A 6D4971 4F381A 985E55 595FED C626FA]

The EQs

2007-7-28 16:40:12        Scanning Log
2007-7-28 16:40:12        Version of virus signature database: 2426 (20070727)
2007-7-28 16:40:12        Date: 28.7.2007  Time: 16:40:12
2007-7-28 16:40:12        Scanned disks, folders and files: F:\新建文件夹\ad2516.rar
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar - multiple threats - deleted - quarantined
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » 3721.exe - probably a variant of Win32/Genetik trojan
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » directx.exe - probably a variant of Win32/Agent.NFM trojan
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » AS5.SYS - Delwin.1759 virus
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » insshell_698.exe - Win32/Adware.Boran application
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » 3.exe - a variant of Win32/PSW.Delf.NHI trojan
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » mm.exe - a variant of Win32/PSW.Delf.NHI trojan
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » ad2516.exe - probably a variant of Win32/Adware.BHO.AV application
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » ad2516.exe » NSIS:SFX=32256 » cpush.dll - probably a variant of Win32/Adware.BHO.AV application
2007-7-28 16:40:19        F:\新建文件夹\ad2516.rar » RAR » xxxx.exe - a variant of Win32/TrojanDownloader.Delf.NQX trojan
2007-7-28 16:40:19        Number of scanned files: 10
2007-7-28 16:40:19        Number of threats found: 8
2007-7-28 16:40:19        Time of completion: 16:40:19  Total scanning time: 7 sec (00:00:07)

guazi888

ad2516.exe

费尔漏掉了这个

红心王子

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.Clicker.Win32.Pophot.ab
病毒： Backdoor.Win32.Agent.lxa
病毒： DELWIN.1759              
病毒： Dropper.Rynima.e         
病毒： Trojan.PSW.Agent.kat     
病毒： Trojan.DL.Win32.Agent.wgj

MAC地址：00:D0:F8:38:4B:7A

用户来源：局域网

软件版本：19.33.52

7个

微点卫士

金山报6个病毒,1个风险程序
费尔报7个,其中一个启发

微点:
木马名称:Trojan-Spy.Win32.Small.nb

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DIRECTX.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.dvh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\3.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.dvh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\MM.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Delf.gfp

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\XXXX.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\3721.EXE
木马程序生成以下文件:
1) D:\MYPLAYER.COM
2) C:\WINDOWS.0\SYSTEM32\ALXRES070725.EXE
3) C:\WINDOWS.0\SYSTEM32\INF\SCRSYS070725.SCR
是否删除木马程序及其衍生物?
广告软件名称:AdWare.Win32.BHO.nq

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.DLL
是广告软件!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.BHO.nq

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.TMP
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AD2516.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\COMMON FILES\CPUSH\UNINST.EXE
是否删除木马程序及其衍生物?
广告软件名称:AdWare.Win32.Agent.gl

程序:
C:\WINDOWS.0\SYSTEM32\STDUPNET.DLL
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\INSSHELL_698.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\ALBUS.DLL
2) C:\WINDOWS.0\SYSTEM32\STDSTUB.DLL
3) C:\WINDOWS.0\SYSTEM32\STDVOTE.DLL
4) C:\WINDOWS.0\SYSTEM32\STDPLAY.DLL
是否删除木马程序及其衍生物?

最后一个AS5.SYS微点无法测试

xxwpk007

已检测到: 木马程序 Trojan-Spy.Win32.Agent.pn        文件: G:\样本\样本\ad2516\3721.exe//PE_Patch//UPack
已检测到: 木马程序 Backdoor.Win32.Rukap.gen        文件: G:\样本\样本\ad2516\directx.exe//UPX
已检测到: 病毒 Virus.Multi.Goblin.1759        文件: G:\样本\样本\ad2516\AS5.SYS
已检测到: 广告软件 not-a-virus:AdWare.Win32.Boran.w        文件: G:\样本\样本\ad2516\insshell_698.exe
已检测到: 木马程序 Trojan-PSW.Win32.Delf.qc        文件: G:\样本\样本\ad2516\3.exe//UPX
已检测到: 木马程序 Trojan-PSW.Win32.Delf.qc        文件: G:\样本\样本\ad2516\mm.exe//UPX
已检测到: 木马程序 Trojan-Downloader.Win32.Small.ege        文件: G:\样本\样本\ad2516\xxxx.exe

snakebone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\ad2516.rar'
C:\Documents and Settings\Administrator\桌面\
  ad2516.rar
    [0] Archive type: RAR
    --> 3721.exe
        [DETECTION] Is the Trojan horse TR/Spy.Agent.PN.315
        [WARNING]   Infected files in archives cannot be repaired!
    --> directx.exe
        [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Rukap.58880.54 Backdoor server programs
        [WARNING]   Infected files in archives cannot be repaired!
    --> AS5.SYS
        [DETECTION] Contains code of the Delwin virus
        [WARNING]   Infected files in archives cannot be repaired!
    --> insshell_698.exe
        [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Bor.X.19.C.4
        [WARNING]   Infected files in archives cannot be repaired!
    --> 3.exe
        [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.40
        [WARNING]   Infected files in archives cannot be repaired!
    --> mm.exe
        [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.40
        [WARNING]   Infected files in archives cannot be repaired!
    --> ad2516.exe
    --> xxxx.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      A backup was created as '46dd02a5.qua'  ( QUARANTINE )
        [INFO]      The file was deleted!

woai_jolin

7个

taihuxian

BitDefender

This web page has been blocked by BitDefender Antivirus Real-time Protection!

The blocked web page included objects that were either infected or likely to be infected with a virus. Your system has NOT been infected.
http://www.bitdefender.com/vfind/?q=GenPack:Generic.Malware.PWBdldPk.4C19C7B6
http://www.bitdefender.com/vfind/?q=Dropped:Adware.Sogou.F
http://www.bitdefender.com/vfind/?q=Generic.PWStealer.9516D44C
http://www.bitdefender.com/vfind/?q=Adware.Borlander.MMSAssist.A
http://www.bitdefender.com/vfind/?q=Delwin.1759.A
http://www.bitdefender.com/vfind/?q=Trojan.Munk.XA
http://www.bitdefender.com/vfind/?q=Generic.Onlinegames.5.F5B56FC3

tracydk

都没avast猛,11个