15只

显示全部楼层 · 发表于 2007-9-4 17:26:35

[MD5: A1A8B9 FAF462 632819 3195C1 6A5D88 7201B7 92FF2E 1D01F4 F5004C E70252 9C3396 0FDD2C 673E06]

显示全部楼层 · 发表于 2007-9-4 17:27:16

--> 3.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> EE99C835.EXE
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> husjdd8s.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> load59.exe
   [DETECTION] Contains code of the Windows virus W32/Virut.U
  --> SERVICES.EXE
   [DETECTION] Is the Trojan horse TR/Patched.Service
  --> Tat.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> wdfmgrnt.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> wmid.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> wr-1-20.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> xxx.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.bys.1
  --> 0.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 2.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
   [INFO]    A backup was created as '47202522.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-9-4 17:28:16

已检测到: 病毒 Worm.Win32.Agent.t URL: http://bbs.kafan.cn/attachment.p ... ecBundle//PECompact

显示全部楼层 · 发表于 2007-9-4 17:33:32

detected: virus Worm.Win32.Agent.t File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/6.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan-Downloader.Win32.Agent.cru File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/7.exe
detected: Trojan program Backdoor.Win32.Agent.bex File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/EE99C835.EXE//ASPack
detected: Trojan program Trojan-Downloader.Win32.Agent.cru File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/husjdd8s.exe
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/load59.exe
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/Tat.exe//PE_Patch.UPX
detected: Trojan program Trojan-Downloader.Win32.Cryptic.gen File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/wdfmgrnt.exe
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/wmid.exe//PE_Patch.UPX
detected: Trojan program Trojan-Downloader.Win32.Small.fhc File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/wr-1-20.exe//PE_Patch.Upolyx//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Downloader.Win32.Agent.bys File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/xxx.exe
detected: Trojan program Backdoor.Win32.Agent.bex File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/0.exe//ASPack
detected: Trojan program Backdoor.Win32.Agent.bex File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/2.exe//ASPack

显示全部楼层 · 发表于 2007-9-4 17:37:59

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\virus\ABC\3.exe]
                  …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\ABC\4.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\ABC\6.exe]
                  …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\ABC\5.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\ABC\7.exe]
                  …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\ABC\9.exe]
                  …………引擎[2]发现病毒:Win32.Nop 筪kE
[C:\Documents and Settings\Administrator\桌面\virus\ABC\husjdd8s.exe]
                  …………引擎[2]发现病毒:Win32.Nop 筪kE
[C:\Documents and Settings\Administrator\桌面\virus\ABC\Tat.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\ABC\wmid.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\ABC\xxx.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\ABC\1.exe]
                  …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\ABC\2.exe]
                  …………引擎[3]发现Suspicious file
文件数:15 病毒数:12  比重:0.9333333333333
OK  扫描完毕！

[ 本帖最后由 FBAV 于 2007-9-4 17:40 编辑 ]

显示全部楼层 · 发表于 2007-9-4 17:38:50

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.DL.Win32.Agent.xfj
病毒： Dropper.Win32.VB.egb
病毒： Trojan.IMMSG.Win32.TBMSG.kz
病毒： Trojan.DL.Win32.Agent.xon
病毒： Trojan.Win32.Agent.vsf
病毒： Trojan.DL.Small.sdd
病毒： Trojan.PSW.Win32.Agent.nhm
病毒： Trojan.DL.Mnless.zq

MAC 地址：00:0F:3D:A0:CB:E4

用户来源：局域网

软件版本：20.08.12

11个

显示全部楼层 · 发表于 2007-9-4 17:40:39

扫描开始时间: 2007-9-4 17:40:00
扫描日志
NOD32 版本 2501 (20070903) NT
命令行: F:\virus\ABC.zip

日期: 2007年9月4日时间: 17:40:01
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: F:\virus\ABC.zip
F:\virus\ABC.zip ?ZIP ?3.exe<病毒 - 可能是 Win32/Agent.NEO 木马变种>
F:\virus\ABC.zip ?ZIP ?6.exe<病毒 - Win32/Agent.NAU 蠕虫变种>
F:\virus\ABC.zip ?ZIP ?7.exe<病毒 - Win32/TrojanDownloader.Agent.CRU 木马>
F:\virus\ABC.zip ?ZIP ?EE99C835.EXE<病毒 - 可能是 Win32/Agent.NEO 木马变种>
F:\virus\ABC.zip ?ZIP ?husjdd8s.exe<病毒 - Win32/TrojanDownloader.Agent.CRU 木马>
F:\virus\ABC.zip ?ZIP ?Tat.exe<病毒 - Win32/PSW.QQRob.NAQ 木马>
F:\virus\ABC.zip ?ZIP ?wdfmgrnt.exe<病毒 - Win32/TrojanDownloader.VB.APY 木马>
F:\virus\ABC.zip ?ZIP ?wmid.exe<病毒 - Win32/PSW.QQRob.NAQ 木马变种>
F:\virus\ABC.zip ?ZIP ?wr-1-20.exe<病毒 - 可能是 Win32/TrojanDownloader.Small.EQN 木马变种>
F:\virus\ABC.zip ?ZIP ?xxx.exe<病毒 - Win32/TrojanDownloader.Agent.BYS 木马>
F:\virus\ABC.zip ?ZIP ?0.exe<病毒 - 可能是 Win32/Agent.NEO 木马变种>
F:\virus\ABC.zip ?ZIP ?2.exe<病毒 - 可能是 Win32/Agent.NEO 木马变种>
已扫描文件数量: 15
已发现病毒数量: 12
完成时间: 17:40:04 总共扫描时间: 3 秒 (00:00:03)

显示全部楼层 · 发表于 2007-9-4 18:14:59

金山7个

显示全部楼层 · 发表于 2007-9-4 18:25:50

AVK杀15个

显示全部楼层 · 发表于 2007-9-4 19:06:59

Start of the scan: Tuesday, 4 September, 2007  19:06

Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\ABC.zip'
C:\Documents and Settings\tim\桌面\ABC.zip
  [0] Archive type: ZIP
  --> 3.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> EE99C835.EXE
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> husjdd8s.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> load59.exe
   [DETECTION] Contains code of the Windows virus W32/Virut.U
  --> SERVICES.EXE
   [DETECTION] Is the Trojan horse TR/Patched.Service
  --> Tat.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> wdfmgrnt.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> wmid.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> wr-1-20.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> xxx.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.bys.1
  --> 0.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 2.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
   [INFO]    A backup was created as '47203c82.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

[病毒样本] 15只

本帖子中包含更多资源

本帖子中包含更多资源