11ge !

显示全部楼层 · 发表于 2007-9-15 17:33:56

Undet [             ](    ) in D:\download\virusscan\11.rar,(b.exe)
Undet [             ](    ) in D:\download\virusscan\11.rar,(c.exe)
Found [  TROJ_AGENT.UQH]( 1) in D:\download\virusscan\11.rar,(d.exe)
Undet [             ](    ) in D:\download\virusscan\11.rar,(e.exe)
Undet [             ](    ) in D:\download\virusscan\11.rar,(f.exe)
Found [ TROJ_DELF.JZE]( 1) in D:\download\virusscan\11.rar,(g.exe)
Found [TSPY_LINEAGE.FKP]( 1) in D:\download\virusscan\11.rar,(h.exe)
Undet [             ](    ) in D:\download\virusscan\11.rar,(i.exe)
Undet [             ](    ) in D:\download\virusscan\11.rar,(j.exe)
Found [ TROJ_ANOMALY.DX]( 1) in D:\download\virusscan\11.rar,(k.exe)
Undet [             ](    ) in D:\download\virusscan\11.rar,(a.exe)
1 files have been read.
1 files have been checked.
1 files have been scanned.
11 files have been scanned. (including files in archived)
1 files containing viruses.
Found 4 viruses totally.

显示全部楼层 · 发表于 2007-9-15 17:33:58

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\virus\11\c.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\11\c.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\11\e.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\11\f.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\11\g.exe]
                  …………引擎[2]发现病毒:Win32.Packer
[C:\Documents and Settings\Administrator\桌面\virus\11\k.exe]
                  …………引擎[2]发现病毒:Win32.Packer
文件数:11 病毒数:6  比重:0.5454545454545
OK  扫描完毕！

显示全部楼层 · 发表于 2007-9-15 17:37:47

2007-9-15 17:36:58 1189849018 Administrator 3916 Sign of "Win32:MianCrypt-gen [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\11.rar\b.exe" file.
2007-9-15 17:37:03 1189849023 Administrator 3916 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Administrator\桌面\11.rar\d.exe" file.
2007-9-15 17:37:03 1189849023 Administrator 3916 Sign of "Win32:OnLineGames-AAH [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\11.rar\h.exe\[ASPack]\[Embedded#TSRANIANT]" file.
2007-9-15 17:37:03 1189849023 Administrator 3916 Sign of "Win32:OnLineGames-AAH [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\11.rar\i.exe\[Embedded#TSRANIANT]" file.
2007-9-15 17:37:03 1189849023 Administrator 3916 Sign of "Win32:OnLineGames-AAH [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\11.rar\i.exe" file.
2007-9-15 17:37:03 1189849023 Administrator 3916 Sign of "Win32:Agent-JQE [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\11.rar\j.exe\[UPX]" file.

小a 5个

显示全部楼层 · 发表于 2007-9-15 17:39:05

A virus or unwanted program has been found in the HTTP Data.

Requested URL: bbs.kafan.cn/attachment.php?aid=127998
Information: Is the Trojan horse TR/Crypt.NSPM.Gen

显示全部楼层 · 发表于 2007-9-15 17:41:31

----------
[凝逸反毒] (http://hi.baidu.com/503165656)

[凝逸.扫描病毒引擎-日志] 2007.9.15 17:41:12

文件:F:\070914\11\e.exe | 感染:Trojan.PWS.Wsgame [602>20070726_dw0001.axx]2(1.2)
操作:删除文件
文件:F:\070914\11\f.exe | 感染:Trojan.DownLoader.32009 [217>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\11\k.exe | 感染:virus [675>20070816_ny0006.axx]2(1.1)
操作:删除文件

扫描完成|病毒:3 文件:11|耗时:3145
----------

显示全部楼层 · 发表于 2007-9-15 17:43:58

Scan performed at: 2007-9-15 17:43:28
Scanning Log
NOD32 version 2531 (20070915) NT
Command line: C:\Documents and Settings\Don johnson\桌面\11.rar
Operating memory - is OK

Date: 15.9.2007 Time: 17:43:32
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\11.rar
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?b.exe - probably a variant of Win32/Pacex virus - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?d.exe - probably a variant of Win32/Agent trojan
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?f.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?g.exe - Win32/TrojanDropper.Delf.AAH trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?h.exe - a variant of Win32/PSW.Lineage.ACN trojan
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?i.exe - a variant of Win32/PSW.Lineage.DN trojan
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?j.exe - probably a variant of Win32/TrojanDownloader.QQHelper.NDF trojan
C:\Documents and Settings\Don johnson\桌面\11.rar ?RAR ?k.exe - probably unknown NewHeur_PE virus [7]
Number of scanned files: 12
Number of threats found: 8
Number of files cleaned: 1
Time of completion: 17:43:39 Total scanning time: 7 sec (00:00:07)

Notes:
[7] File is probably infected with an unknown virus.

显示全部楼层 · 发表于 2007-9-15 17:48:41

红伞扫描10个

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\11.rar'
C:\Documents and Settings\Administrator\桌面\11.rar
  [0] Archive type: RAR
  --> b.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> c.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> d.exe
   [DETECTION] Is the Trojan horse TR/Spy.Bgliby.A
  --> e.exe
   [DETECTION] Is the Trojan horse TR/Lineage.DVG
  --> f.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> g.exe
   [DETECTION] Is the Trojan horse TR/Delf.adk
  --> h.exe
   [DETECTION] Is the Trojan horse TR/Lineage.D712E0EF
  --> i.exe
   [DETECTION] Is the Trojan horse TR/Lineage.9A04B756
  --> k.exe
   [DETECTION] Is the Trojan horse TR/Agent.8192.189
  --> a.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was deleted!

End of the scan: 2007年9月15日  17:47
Used time: 00:20 min

The scan has been done completely.

   0 Scanning directories
   13 Files were scanned
   8 viruses and/or unwanted programs were found
   2 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   5 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-15 18:08:15

瑞星07监控 6个
11.rar>>d.exe    Trojan.Mnless.lzv
11.rar>>f.exe    Trojan.DL.Direct.jg
11.rar>>g.exe>>bero>>upx_c>>pe_patch(14)    Dropper.Dropres.b
11.rar>>h.exe>>Aspack212r                                  Trojan.PSW.Lineage.mug
11.rar>>i.exe>>pearmor                                        Trojan.PSW.Lineage.mug
11.rar>>k.exe>>bero>>upx_c>>pe_patch(14)    Trojan.DL.Delf.xrr

显示全部楼层 · 发表于 2007-9-15 18:27:14

加上一个手动删除的，ＫＩＳ７．０．０．１２５只发现６个病毒

[病毒样本] 11ge !

本帖子中包含更多资源