rookit[969D6B]

zane_xzz

969D6B

sjducker

抢沙发
NOD 和FS同时被过

[ 本帖最后由 sjducker 于 2007-8-26 11:13 编辑 ]

saga3721

Virus or unwanted program 'TR/Crypt.NSPM.Gen [TR/Crypt.NSPM.Gen]'
      detected in file 'C:\Documents and Settings\X\桌面\kavo.exe.
      Action performed: Deny access

红心王子

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\kavo.rar'
C:\Documents and Settings\Administrator\桌面\kavo.rar
  [0] Archive type: RAR
  --> kavo.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [INFO]      The file was deleted!


End of the scan: 2007年8月26日  11:18
Used time: 00:10 min

The scan has been done completely.

      0 Scanning directories
      2 Files were scanned
      1 viruses and/or unwanted programs were found
      0 classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found

wangjay1980

detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kavo.rar/kavo.exe

yashoo

已删除: 病毒 Heur.Trojan.Generic (变种)        文件: E:\test\kavo.rar/kavo.exe

solcroft

不见库文件或驱动的痕迹，不太像rootkit  

欠妳緈諨

文件名称 :   kavo.exe
文件大小 :   77565 byte
文件类型 :   MS-DOS executable (EXE), OS/2 or MS Windows
MD5 :   969d6bb139627a75aac28612f4276d60
SHA1 :   e5dfbebdc44e7b04fde4155b6f250bfc76788d39
扫描结果
扫描结果 :   24%的杀软(7/29)报告发现病毒
时间 :   2007/08/26 11:27:06 (CST)
软件名称 引擎版本 病毒库版本 病毒库时间 扫描结果 时间
a-squared 3.0.0.123 2007.08.24 2007-08-24 - 5.238
Arcavir 1.0.4 200708251110 2007-08-25 - 1.211
AVAST 1.0.8 000768-3 2007-08-25 - 3.072
AVG 7.5.48.442 269.12.8/973 2007-08-25 Obfustat.JIK 1.447
BitDefender 7.60825.814665 7.14499 2007-08-26 - 3.158
CA (VET) 8.4.0.24 31.1.5085 2007-08-25 Win32/NSAnti trojan.  0.847
ClamAV  0.91.1 4064 2007-08-26 Trojan.Spy-6766 0.0
ewid21o 4.0.0.2 2007.08.25 2007-08-25 - 2.015
F-SECURE 5.51.6100 2007.08.24.03 2007-08-24 - 2.439
IKARUS T3.1.1.12 2007.08.25.69399 2007-08-25 Packer.Malware.NSAnti.H 1.756
MKS_VIR 2.01 2007.08.25 2007-08-25 - 2.001
NOD32 2.70.8 2484 2007-08-25 - 0.142
nProtect 2007-08-24.00 37315 2007-08-24 - 13.824
QuickHeal 9.00 2007.08.25 2007-08-25 - 2.486
SOPHOS 2.47.0 4.19 2007-08-26 - 2.946
VBA32 3.12.2.3 20070824.1142 2007-08-24 - 0.732
VirusBuster 4.3.19:9 9.099.4/11.0 2007-08-26 - 1.536
冰岛杀毒 3.16.16 2007.08.25 2007-08-25 - 0.408
卡巴斯基 5.5.10 2007.08.26 2007-08-26 - 0.037
大蜘蛛 4.33 2007.08.24 2007-08-24 - 4.823
小红伞 7.4.1.63 6.39.1.44 2007-08-25 TR/Crypt.NSPM.Gen 2.265
江民杀毒 10.00.650 2007.08.25 2007-08-25 - 0.736
熊猫卫士 9.00.00 2007.08.25 2007-08-25 Suspicious file 3.968
瑞星 19.0 19.37.60.00 2007-08-25 - 3.726
诺曼 5.91.04 5.90 2007-08-24 - 4.082
赛门铁克 1.3.0.24 20070825.006 2007-08-25 - 0.188
趋势 8.500-1001 4.671.00 2007-08-23 - 0.040
迈克菲 5.1.00 5105 2007-08-24 New Malware.bl 0.725
金山毒霸 2007.6.20.249 2007.8.25 2007-08-25 - 0.811

全都报壳

Nblock

微点

[ 本帖最后由 Nblock 于 2007-8-26 11:35 编辑 ]

微点卫士

费尔扫描不报