df7394,Hupigon?????????

显示全部楼层 · 发表于 2007-9-8 12:26:19

文件名称 : 你想知道而不敢问的性知识.chm
文件大小 : 905856 byte
文件类型 : MS Windows HtmlHelp Data
MD5 : df7394aedf5acd7969603b4ffa409a9e
SHA1 : 4fc2743d986bf71fea0193dded9f8943f981c47d
扫描结果
扫描结果 : 6%的杀软(2/32)报告发现病毒
时间 : 2007/09/08 12:17:34 (CST)
软件名称引擎版本病毒库版本病毒库时间扫描结果时间
a-squared 3.0.0.123 2007.09.06 2007-09-06 - 4.073
Arcavir 1.0.4 200709071807 2007-09-07 - 1.595
AVAST 1.0.8 000773-2 2007-09-07 - 3.042
AVG 7.5.48.442 269.13.7/992 2007-09-06 - 1.449
BitDefender 7.60825.868416 7.14666 2007-09-08 - 3.442
CA (VET) 8.4.0.24 31.1.5119 2007-09-08 - 1.031
ClamAV 0.91.1 4192 2007-09-08 Trojan.Packed-76 0.351
Comodo 2.11 2.0.0.277 2007-09-07 - 1.157
ewido 4.0.0.2 2007.09.07 2007-09-07 - 1.966
F-SECURE 5.51.6100 2007.09.07.08 2007-09-07 - 2.903
Hauri 20070907 2007.09.07 2007-09-07 - 0.444
IKARUS T3.1.1.12 2007.09.07.69467 2007-09-07 - 1.244
MKS_VIR 2.01 2007.09.08 2007-09-08 - 2.007
NOD32 2.70.8 2514 2007-09-08 - 0.082
nProtect 2007-09-07.00 909334 2007-09-07 - 11.136
QuickHeal 9.00 2007.09.07 2007-09-07 - 2.301
SOPHOS 2.49.1 4.21 2007-09-08 - 2.593
The Hacker 6.1.9 v00181 2007-09-07 - 0.663
VBA32 3.12.2.4 20070907.0759 2007-09-07 - 0.923
VirusBuster 4.3.19:9 9.103.1/11.0 2007-09-07 - 3.422
冰岛杀毒 3.16.16 2007.09.07 2007-09-07 - 0.578
卡巴斯基 5.5.10 2007.09.08 2007-09-08 - 0.351
大蜘蛛 4.33 2007.09.07 2007-09-07 - 5.359
小红伞 7.6.0.5 6.39.1.105 2007-09-07 - 2.510
江民杀毒 10.00.650 2007.09.06 2007-09-06 Backdoor/Huigezi.2007.afzv 1.198
熊猫卫士 9.04.03.0001 2007.09.07 2007-09-07 - 3.647
瑞星 19.0 19.39.51.00 2007-09-08 - 2.200
诺曼 5.91.07 5.90 2007-09-07 - 2.822
赛门铁克 1.3.0.24 20070907.007 2007-09-07 - 0.233
趋势 8.500-1001 4.703.00 2007-09-07 - 0.035
迈克菲 5.2.00 5115 2007-09-07 - 0.907
金山毒霸 2007.6.20.249 2007.9.7 2007-09-07 - 0.826
注意: 就算报告发现病毒，也可能是杀软误报，请根据查毒结果自行判断

显示全部楼层 · 发表于 2007-9-8 12:28:11

费尔过了

显示全部楼层 · 发表于 2007-9-8 12:31:40

微点：
C:\WINDOWS.0\IEXPLORE.RA
协议类型:TCP
本地地址:0.0.0.0
本地端口:1484
远端地址:218.5.157.79(福建·泉州)
远端端口:8000
程序:
C:\WINDOWS.0\DOWNLOADED PROGRAM FILES\1.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\IXP000.TMP\复件IE~1.EXE
2) C:\WINDOWS.0\IEXPLORE.RA
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\IXP000.TMP\复件IE~1.EXE
删除失败!

延迟删除文件!

显示全部楼层 · 发表于 2007-9-8 12:32:41

这个
C:\ABC\1\复件IE~1.EXE - 特征码 'Backdoor.Win32.PoisonIvy.j' 被发现

显示全部楼层 · 发表于 2007-9-8 12:33:17

AhnLab-V3	2007.9.8.0	2007.09.07	-
AntiVir	7.6.0.5	2007.09.07	-
Authentium	4.93.8	2007.09.07	-
Avast	4.7.1043.0	2007.09.07	-
AVG	7.5.0.485	2007.09.07	-
BitDefender	7.2	2007.09.08	-
CAT-QuickHeal	9.00	2007.09.07	-
ClamAV	0.91.2	2007.09.08	Trojan.Downloader.HTML.Codebase
DrWeb	4.33	2007.09.07	-
eSafe	7.0.15.0	2007.09.04	-478793432
eTrust-Vet	31.1.5119	2007.09.08	-
Ewido	4.0	2007.09.07	-
FileAdvisor	1	2007.09.08	-
Fortinet	3.11.0.0	2007.09.07	-
F-Prot	4.3.2.48	2007.09.07	-
F-Secure	6.70.13030.0	2007.09.07	-
Ikarus	T3.1.1.12	2007.09.08	-
Kaspersky	4.0.2.24	2007.09.08	-
McAfee	5115	2007.09.07	-
Microsoft	1.2803	2007.09.08	Exploit:HTML/CodeBaseExec.B
NOD32v2	2514	2007.09.08	-
Norman	5.80.02	2007.09.07	-
Panda	9.0.0.4	2007.09.07	-
Prevx1	V2	2007.09.08	-
Rising	19.39.51.00	2007.09.08	-
Sophos	4.21.0	2007.09.08	-
Sunbelt	2.2.907.0	2007.09.07	-
Symantec	10	2007.09.08	-
TheHacker	6.1.9.181	2007.09.07	-
VBA32	3.12.2.4	2007.09.07	-
VirusBuster	4.3.26:9	2007.09.07	-
Webwasher-Gateway	6.0.1	2007.09.07	-

显示全部楼层 · 发表于 2007-9-8 12:49:15

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\复件IE~1.zip'
C:\Documents and Settings\Administrator\My Documents\
  复件IE~1.zip
[0] Archive type: ZIP
--> ¸´¼þIE~1.EXE
      [DETECTION] Contains detection pattern of the worm WORM/Rous.A
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-9-8 13:01:24

F:\virus\��IE~1.zip » ZIP » 复件IE~1.EXE - is OK

显示全部楼层 · 发表于 2007-9-8 16:08:13

pass

[病毒样本] df7394,Hupigon?????????

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块