[efede7 2f3c77]第一波

显示全部楼层 · 发表于 2007-8-8 08:54:36

Kaspersky Internet Security 7.0
The requested URL http://bbs.kafan.cn/attachment.php?aid=110625 is infected with Heur.Downloader virus

显示全部楼层 · 发表于 2007-8-8 08:57:11

--> 1.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> sf.exe
      [DETECTION] Is the Trojan horse TR/PSW.Nilage.bcw.21
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    A backup was created as '471e1537.qua'  ( QUARANTINE )
      [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-8-8 09:14:52

风暴胜者V2 贺岁精简网络版本
_________您的安全是我们的责任_______________
作者：Sanhuan222@163.com TM:469428271
个人Blog：http://hi.baidu.com/迅者/

===============================================
___________病毒查杀结果__________________

===============================================

2007年6月8日9时14分20秒开始查杀C:\Documents and Settings\Administrator\桌面\virus\exe
C:\Documents and Settings\Administrator\桌面\virus\exe\1.exe 为可疑文件
C:\Documents and Settings\Administrator\桌面\virus\exe\sf.exe 发现未知可疑文件:Win32.NkHack.PeM.A 操作:阻止运行
****************************
您应该引起注意的文件:

-----------------------------------------

=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。

C:\Documents and Settings\Administrator\桌面\virus\exe\sf.exe 带壳文件:Aspack加壳
-----------------------------------------

2007年6月8日9时14分20秒收起线程…100% 查杀完毕！
扫描文件：2查杀病毒：2

_____________________________________________

         风暴微塔反病毒
                        [内测版]
               http://www.v0day.com/
----------------------------------------------
开始扫描……

OK  扫描完毕！
[C:\Documents and Settings\Administrator\桌面\virus\exe\1.exe]
                  …………特征码引擎发现病毒
OK  扫描完毕！

显示全部楼层 · 发表于 2007-8-8 09:28:16

显示全部楼层 · 发表于 2007-8-8 09:48:03

金山报一个
卡吧6.0不报

显示全部楼层 · 发表于 2007-8-8 14:10:58

反病毒引擎版本最后更新扫描结果
AhnLab-V3 2007.8.3.0 2007.08.08 -
AntiVir 7.4.0.57 2007.08.07 TR/Delphi.Downloader.Gen
Authentium 4.93.8 2007.08.07 Possibly a new variant of W32/PWStealer1!Generic
Avast 4.7.1029.0 2007.08.07 Win32:Delf-FKN
AVG 7.5.0.476 2007.08.07 Win32/PEMask
BitDefender 7.2 2007.08.08 Generic.Malware.SBdldsp.436E17CA
CAT-QuickHeal 9.00 2007.08.07 (Suspicious) - DNAScan
ClamAV 0.91 2007.08.08 -
DrWeb 4.33 2007.08.08 DLOADER.Trojan
eSafe 7.0.15.0 2007.07.31 suspicious Trojan/Worm
eTrust-Vet 31.1.5042 2007.08.08 -
Ewido 4.0 2007.08.07 Trojan.Nilage.bcw
FileAdvisor 1 2007.08.08 -
Fortinet 2.91.0.0 2007.08.08 Gamania!tr.pws
F-Prot 4.3.2.48 2007.08.07 W32/PWStealer1!Generic
F-Secure 6.70.13030.0 2007.08.08 W32/NetworkWorm
Ikarus T3.1.1.12 2007.08.08 BehavesLikeWin32.ExplorerHijack
Kaspersky 4.0.2.24 2007.08.08 -
McAfee 5092 2007.08.07 New Malware.u
Microsoft 1.2704 2007.08.08 Trojan:Win32/SystemHijack.gen
NOD32v2 2442 2007.08.07 a variant of Win32/AutoRun.K
Norman 5.80.02 2007.08.07 -
Panda 9.0.0.4 2007.08.07 Suspicious file
Prevx1 V2 2007.08.08 -
Rising 19.35.20.00 2007.08.08 Worm.Win32.Agent.ioj
Sophos 4.19.0 2007.08.01 Mal/Packer
Sunbelt 2.2.907.0 2007.08.07 VIPRE.Suspicious
Symantec 10 2007.08.08 W32.SillyFDC
TheHacker 6.1.7.163 2007.08.07 -
VBA32 3.12.2.2 2007.08.07 suspected of Embedded.Trojan-PSW.Win32.Nilage.bcw
VirusBuster 4.3.26:9 2007.08.07 -
Webwasher-Gateway 6.0.1 2007.08.08 Trojan.Delphi.Downloader.Gen

显示全部楼层 · 发表于 2007-8-8 19:03:32

vba32 啟發一個

显示全部楼层 · 发表于 2007-8-8 19:18:27

D:\病毒库\exe.rar=>1.exe 感染: Generic.Malware.SBdldsp.436E17CA
D:\病毒库\exe.rar=>1.exe 杀毒失败
D:\病毒库\exe.rar=>1.exe 移动失败
D:\病毒库\exe.rar=>sf.exe 感染: DeepScan:Generic.Malware.SBVdld.21C8FB57
D:\病毒库\exe.rar=>sf.exe 杀毒失败
D:\病毒库\exe.rar=>sf.exe 移动失败

显示全部楼层 · 发表于 2007-8-9 22:10:06

Scan performed at: 2007-8-9 22:09:54
Scanning Log
NOD32 version 2446 (20070809) NT
Command line: C:\Documents and Settings\Administrator\×ÀÃæ\exe.rar
Operating memory - is OK

Date: 9.8.2007 Time: 22:09:59
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Administrator\×ÀÃæ\exe.rar
C:\Documents and Settings\Administrator\×ÀÃæ\exe.rar ?RAR ?1.exe - a variant of Win32/AutoRun.K worm
C:\Documents and Settings\Administrator\×ÀÃæ\exe.rar ?RAR ?sf.exe - a variant of Win32/Delf.CC worm
Number of scanned files: 3
Number of threats found: 2
Number of files cleaned: 1
Time of completion: 22:10:00 Total scanning time: 1 sec (00:00:01)

显示全部楼层 · 发表于 2007-8-9 23:58:09

[病毒样本] [efede7 2f3c77]第一波

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块