写病毒的真喜欢卡巴，怪叔叔2

qwerasdf123

毒网产物

红心王子

斧头监控干掉
表现不错哦

微点卫士

微点；
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\515.EXE
协议类型:TCP
本地地址:0.0.0.0
本地端口:2891
远端地址:220.181.26.77(北京)
远端端口:80
C:\DWNSETUP\PPSTREAMSETUP.EXE
协议类型:TCP
本地地址:0.0.0.0
本地端口:2975
远端地址:218.206.201.214(河南·漯河)
远端端口:80
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是可疑程序，是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\515.EXE
是否删除木马程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\515.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPORARY INTERNET FILES\CONTENT.IE5\6MERMK0M\SEFINSTALL515[1].TXT
2) C:\DWNSETUP\SSETUP.EXE
3) C:\WINDOWS\SYSTEM32\NVDLUCJ.DLL
4) C:\WINDOWS\SYSTEM32\PXFOXFM.DLL
5) C:\WINDOWS\SYSTEM32\SAIPYGOWD.EXE
6) C:\DWNSETUP\PPSTREAMSETUP.EXE
7) C:\DWNSETUP\KUWOSETUP.EXE
8) C:\DWNSETUP\STORM.EXE
9) C:\DWNSETUP\ALEXAINSTALLER.EXE
10) C:\WINDOWS.0\SYSTEM32\ALXRES.DLL
11) C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是否删除木马程序及其衍生物?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是否删除病毒程序?

The EQs

Scan performed at: 2007-8-17 12:43:13
Scanning Log
NOD32 version 2467 (20070816) NT
Command line: C:\Documents and Settings\EQ2\桌面\515.rar
Operating memory - is OK

Date: 17.8.2007  Time: 12:43:19
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\515.rar
C:\Documents and Settings\EQ2\桌面\515.rar ?RAR ?515.exe - Win32/Adware.MoKeAD application - was a part of the deleted object
Number of scanned files: 2
Number of threats found: 1
Number of files cleaned: 1
Time of completion: 12:43:19 Total scanning time: 0 sec (00:00:00)

欠妳緈諨

wangjay1980

detected: adware not-a-virus:AdWare.Win32.AdMoke.ar        URL: http://bbs.kafan.cn/attachment.php?aid=114940//515.exe//ASPack

sharkkong

已检测到: 广告程序 not-a-virus:AdWare.Win32.AdMoke.ar        URL: http://bbs.kafan.cn/attachment.php?aid=114940//515.exe//ASPack

vmzy

小红伞
515.rar
  [0] Archive type: RAR
  --> 515.exe
      [DETECTION] Is the Trojan horse TR/Adload.L.13

taihuxian

Result: 1 malware found
AdWare.Win32.AdMoke.ar (adware)
C:\Documents and Settings\Administrator\×ÀÃæ\515.rar\515.exe

hkt988

Product: BitDefender 9 Professional Plus
//        Version: 9.5
//
//        创建在:        17/08/2007        08:54:38
//
//-----------------------------------------------------------------


病毒统计

扫描路径        : D:\下载文件夹\515.rar
文件夹        : 0
文件        :  2
存档        : 1
被压缩的文件        : 0
被识别的病毒        : 1
被感染文件        : 1
警告        : 0