一包，几个

woai_jolin

BitDefender Log File
Product : Bitdefender Internet Security
Version : BitDefender UIScanner v.11
Log date : 10:10:11 19/08/2007
Log path : C:\Documents and Settings\Administrator\Application Data\BitDefender\Desktop\Profiles\Logs\contextual\1187489411_9_02.xml

Scan Paths: Path0000: F:\v\16.rar


Scan Options: Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : No


Target selection options: Scan registry keys : No
Scan cookies : No
Scan boot sectors : No
Scan memory processes : No
Scan archives : Yes
Scan runtime packers : Yes
Scan email : Yes
Scan all files : No
Heuristic Scan : Yes
Scanned extenstions : (null)
Exclude extensions :  


Target Processing Default action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None


Scan engines summary Number of virus signatures : 798396
Archive plugins : 40
Email plugins : 6
Scan plugins : 12
Archive plugins : 40
System plugins : 4
Unpack plugins : 6


Overall scan summary Scanned items : 36
Infected items : 32
Suspicious items : 0
Resolved items : 0
Individual viruses found : 30
Scanned directories : 0
Scanned boot sectors : 0
Scanned archives : 2
Input-output errors : 0
Scan time : 00:00:00:04
Files per second : 9


Scanned files summary Scanned : 36
Infected : 32


Scanned processes summary Scanned : 0
Infected : 0


Scanned registry keys summary Scanned : 0
Infected : 0


Scanned cookies summary Scanned : 0
Infected : 0


Remaining issues:Object Name Threat Name  Final Status


Resolved issues:Object Name Threat Name  Final Status
F:\v\16.rar Rootkit.Agent.GV Deleted
F:\v\16.rar Rootkit.Agent.Q Deleted
F:\v\16.rar Trojan.Agent.AAMW Deleted
F:\v\16.rar Trojan.Downloader.Agent.BOY Deleted
F:\v\16.rar Trojan.Downloader.Agent.BQR Deleted
F:\v\16.rar Trojan.Downloader.Agent.BQR Deleted
F:\v\16.rar Trojan.Downloader.Femad.XA Deleted
F:\v\16.rar Trojan.Downloader.LoadAdv.B Deleted
F:\v\16.rar Trojan.Dropper.Ntrootkit.A Deleted
F:\v\16.rar Trojan.Peed.IEL Deleted
F:\v\16.rar Trojan.Peed.OQ Deleted
F:\v\16.rar Trojan.Spy.Banker.ZMJ Deleted

Roboon

Roboon发言：病毒确实很老

woai_jolin

Scan Stats:
  Scan Time: 6
  Scan Options:
  Scan Targets: F:\v\16.rar
  Counts:
   Total items scanned: 18
   - Files & Directories: 18
   - Registry Entries: 0
   - Processes & Start-up Items: 0
   - Network & Browser Items: 0
   - Other: 0

   Total security risks detected: 9
   Total items resolved: 1
   Total items that require attention: 8

Resolved Threats:


Unresolved Threats:
Trojan.Pandex
Virus ID: 11511
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[runtime.sys] inside of [f:\v\16.rar] - Infected


Trojan.Pandex
Virus ID: 11511
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[ip6fw.sys] inside of [f:\v\16.rar] - Infected


Trojan.Packed.13
Virus ID: 53517
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[5.dllb] inside of [f:\v\16.rar] - Infected


Trojan.Packed.13
Virus ID: 53517
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[win32.exe] inside of [f:\v\16.rar] - Infected


Trojan.Pandex
Virus ID: 11511
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[2838371.exe] inside of [f:\v\16.rar] - Infected


Trojan.Pandex
Virus ID: 11511
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[loader.exe] inside of [f:\v\16.rar] - Infected


Trojan.Anserin
Virus ID: 16325
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Reviewed
-----------
1 File
[clean_289993.dll] inside of [f:\v\16.rar] - Infected


Trojan.Anserin
Virus ID: 16325
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[de.exe] inside of [f:\v\16.rar] - Infected


Trojan.Pandex
Virus ID: 11511
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
State: Remove Failed
-----------
1 File
[runtime2.sys] inside of [f:\v\16.rar] - Infected

popfather

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： RootKit.Agent.xe         
病毒： Trojan.DL.Win32.LoadAdv.h
病毒： RootKit.Win32.Agent.dp   
病毒： Trojan.DL.Win32.Agent.xxv
病毒： Backdoor.Win32.Agent.mkm
病毒： Worm.Mail.Win32.Zhelatin.fp
病毒： Worm.Mail.Win32.Zhelatin.dlj
病毒： Trojan.Win32.Agent.ady   
病毒： Trojan.DL.Agent.oaz      
病毒： Trojan.DL.Win32.Agent.xxw
病毒： Trojan.Win32.Agent.hzk   
病毒： RootKit.Win32.Agent.nfl  
病毒： Trojan.Spy.Win32.Bancos.aco
病毒： Trojan.DL.Obfuscated.gs  

MAC 地址：00:10:5C:F1:92:84

用户来源：互联网

软件版本：20.05.60

gho

已删除: 病毒 Email-Worm.Win32.Zhelatin.gv        文件: C:\Documents and Settings\gho\桌面\win32.exe
已删除: 木马程序 Trojan-Downloader.Win32.Alphabet.gen        文件: C:\Documents and Settings\gho\桌面\xar5043v7.exe//PE_Patch.PECompact//PecBundle//PECompact
已删除: 木马程序 Trojan.Win32.Agent.ady        文件: C:\Documents and Settings\gho\桌面\2838371.exe
已删除: 木马程序 Trojan-Downloader.Win32.Agent.bil        文件: C:\Documents and Settings\gho\桌面\5.dllb
已删除: 广告程序 not-a-virus:AdWare.Win32.Agent.bz        文件: C:\Documents and Settings\gho\桌面\9.exe
已删除: 木马程序 Trojan-Downloader.Win32.Agent.bqr        文件: C:\Documents and Settings\gho\桌面\clean_289993.dll
已删除: 木马程序 Trojan-Downloader.Win32.Agent.bqr        文件: C:\Documents and Settings\gho\桌面\de.exe
已删除: 病毒 Packed.Win32.Tibs.ab        文件: C:\Documents and Settings\gho\桌面\downloader.exe
已删除: 木马程序 Trojan-Downloader.Win32.Small.cib        文件: C:\Documents and Settings\gho\桌面\hoed.exe
已删除: 木马程序 Rootkit.Win32.Agent.dp        文件: C:\Documents and Settings\gho\桌面\ip6fw.sys//PE_Patch
已删除: 木马程序 Trojan.Win32.Agent.aqw        文件: C:\Documents and Settings\gho\桌面\L50.exe
已删除: 木马程序 Trojan-Downloader.Win32.LoadAdv.gen        文件: C:\Documents and Settings\gho\桌面\loadadv591.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-Downloader.Win32.Agent.boy        文件: C:\Documents and Settings\gho\桌面\loader.exe
已删除: 木马程序 Trojan-Spy.Win32.Bancos.aco        文件: C:\Documents and Settings\gho\桌面\ntos.exe
已删除: 木马程序 Rootkit.Win32.Agent.dw        文件: C:\Documents and Settings\gho\桌面\runtime.sys//PE_Patch
已删除: 木马程序 Rootkit.Win32.Agent.ey        文件: C:\Documents and Settings\gho\桌面\runtime2.sys
已删除: 木马程序 Trojan-Downloader.Win32.Small.egd        文件: C:\Documents and Settings\gho\桌面\svchost.exe

uhthn2002

C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\runtime.sys : infected Rootkit.Win32.Agent.dw
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\loadadv591.exe : infected Trojan.DownLoader.22411
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\ip6fw.sys : infected BackDoor.Bulknet
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\svchost.exe : infected Trojan.DownLoader.4995
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\hoed.exe : infected Trojan-Downloader.Win32.Small.cib
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\downloader.exe : infected Trojan.Packed.142
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\5.dllb : infected MalwareScope.Worm.Nuwar-Glowa.1
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\win32.exe : infected Email-Worm.Win32.Zhelatin.gv
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\2838371.exe : infected Trojan.Win32.Wigon.Z
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\loader.exe : infected Trojan-Downloader.Win32.Agent.boy
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\xar5043v7.exe : infected Trojan-Downloader.Win32.Alphabet.gen
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\clean_289993.dll : infected Trojan.Win32.PSW.Sinowal.Gen
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\de.exe : infected Trojan-Downloader.Win32.Agent.bqr
C:\Documents and Settings\uhthn\Desktop\16.rar:<RAR>\L50.exe : infected Trojan.Win32.Agent.aqw


Directories       : 0       Files in archives:      Files on disks:
Archives:                   - total       : 16      - total       : 1     
- scanned         : 1       -  scanned    : 16      - scanned     : 1     
- contain viruses : 1       -  infected   : 14      - infected    : 1     
- deleted         : 0       -  suspicious : 0       - suspicious  : 0

taihuxian

Scan performed at: 2007-8-19 15:35:44
Scanning Log
NOD32 version 2469 (20070818) NT
Command line: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar
Operating memory - is OK

Date: 19.8.2007  Time: 15:35:50
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?runtime.sys - probably a variant of Win32/Rootkit trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?loadadv591.exe - a variant of Win32/TrojanDownloader.Small.NUS trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?ip6fw.sys - a variant of Win32/Rootkit.Agent.DP trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?svchost.exe - probably a variant of Win32/TrojanDownloader.Small.AMB trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?downloader.exe - probably a variant of Win32/Obfuscated trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?5.dllb - a variant of Win32/TrojanDownloader.Small.AWA trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?win32.exe - Win32/Nuwar.Gen worm
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?2838371.exe - Win32/Wigon.Z trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?loader.exe - Win32/TrojanDownloader.Agent.BOY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?xar5043v7.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?clean_289993.dll - Win32/PSW.Sinowal.Gen trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?de.exe - Win32/PSW.Sinowal.Gen trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?runtime2.sys - a variant of Win32/Rootkit.Agent.EY trojan
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?ntos.exe - Win32/Spy.Agent.NDL trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\16.rar ?RAR ?L50.exe - probably a variant of Win32/Agent trojan
Number of scanned files: 17
Number of threats found: 15
Number of files cleaned: 1
Time of completion: 15:35:53 Total scanning time: 3 sec (00:00:03)

Notes:
[7] File is probably infected with an unknown virus.

azazkjkj

NeedoLab AntiVirus 1.52
-===========================-
Scanned File:1

Detected:Archive Infested

Deleted:1 Archive

Elasped Time:00.01.02
-===========================-
Needo Labs provide the real security to user!

jimmyleo

LS用的是什么 needdo？

qqq000@qq.com

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)
       [凝逸.扫描病毒引擎-日志]       2007.8.19 22:3:19
文件:F:\070815\16\runtime.sys | 感染:BackDoor.Bulknet [86>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\loadadv591.exe | 感染:Trojan.DownLoader.28737 [87>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\ip6fw.sys | 感染:BackDoor.Bulknet [88>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\svchost.exe | 感染:Trojan.DownLoader.4995 [89>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\hoed.exe | 感染:Trojan.DownLoader.29490 [90>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\downloader.exe | 感染:Trojan.Packed.142 [91>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\5.dllb | 感染:virus [416>20070819_ny0008.axx]2(1.1)
操作:删除文件
文件:F:\070815\16\win32.exe | 感染:Trojan.Packed.142 [92>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\2838371.exe | 感染:Trojan.NtRootKit.248 [149>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\loader.exe | 感染:BackDoor.Bulknet [93>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\xar5043v7.exe | 感染:Trojan.DownLoader.25873 [94>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\clean_289993.dll | 感染:Trojan.DownLoader.24029 [95>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\de.exe | 感染:Trojan.DownLoader.24029 [96>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\runtime2.sys | 感染:Trojan.NtRootKit.321 [97>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\ntos.exe | 感染:Trojan.Proxy.1724 [98>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070815\16\L50.exe | 感染:Trojan.DownLoader.25625 [99>20070819_ny0008.axx]3(1.1)
操作:删除文件
扫描完成|病毒:16 文件:16|耗时:3085
----------