连ClamAV都杀了 6bbdd7

显示全部楼层 · 发表于 2007-9-16 04:10:48

这个我不敢运行了，有HIPS的帮忙看看

[ 本帖最后由 solcroft 于 2007-9-16 05:41 编辑 ]

显示全部楼层 · 发表于 2007-9-16 04:13:04

Starting the file scan:

Begin scan in 'D:\winl0gon.zip'
D:\winl0gon.zip
  [0] Archive type: ZIP
  --> winl0gon.exe
   [DETECTION] Contains detection pattern of the SPR/PSW.Messen.A.1 program
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-9-16 04:43:52

我的红伞p死活不报
The file 'winl0gon.exe' has been determined to be 'MALWARE'. Our analysts named the threat SPR/PSW.Messen.A.1. The term "SPR/" ("Security or Privacy Risk") denotes a program that might possibly be able to affect the security of your system, might trigger activities you might not want or might violate your privacy.Detection is added to our virus definition file (VDF) starting with version 6.39.00.196.

但是我的病毒库不能升级到6.39.00.196

显示全部楼层 · 发表于 2007-9-16 04:50:38

Antivirus Version Last Update Result
AhnLab-V3 2007.9.14.0 2007.09.14 -
AntiVir 7.6.0.10 2007.09.14 -
Authentium 4.93.8 2007.09.15 W32/Trojan.CBFE
Avast 4.7.1043.0 2007.09.15 Win32:Delf-CAT
AVG 7.5.0.485 2007.09.15 Delf.AVY
BitDefender 7.2 2007.09.15 -
CAT-QuickHeal 9.00 2007.09.15 TrojanPSW.Delf.zk
ClamAV 0.91.2 2007.09.15 Trojan.Spy.Banker-5858
DrWeb 4.33 2007.09.15 -
eSafe 7.0.15.0 2007.09.13 suspicious Trojan/Worm
eTrust-Vet 31.1.5136 2007.09.14 -
Ewido 4.0 2007.09.15 -
FileAdvisor 1 2007.09.15 -
Fortinet 3.11.0.0 2007.09.15 -
F-Prot 4.3.2.48 2007.09.15 W32/Trojan.CBFE
F-Secure 6.70.13030.0 2007.09.15 Trojan-PSW.Win32.Delf.zk
Ikarus T3.1.1.12 2007.09.15 not-a-virus:PSWTool.Win32.IEPassView.a
Kaspersky 4.0.2.24 2007.09.15 Trojan-PSW.Win32.Delf.zk
McAfee 5120 2007.09.14 -
Microsoft 1.2803 2007.09.15 -
NOD32v2 2531 2007.09.15 Win32/RiskWare.PSWTool.Messen.A
Norman 5.80.02 2007.09.14 W32/Delf.AKVA
Panda 9.0.0.4 2007.09.15 Suspicious file
Prevx1 V2 2007.09.15 Heuristic: Suspicious File With Outbound Communications
Rising 19.40.52.00 2007.09.15 -
Sophos 4.21.0 2007.09.15 Messen
Sunbelt 2.2.907.0 2007.09.15 -
Symantec 10 2007.09.15 -
TheHacker 6.2.5.060 2007.09.14 Trojan/PSW.Delf.zk
VBA32 3.12.2.4 2007.09.15 Trojan-PSW.Win32.Delf.wv
VirusBuster 4.3.26:9 2007.09.15 -
Webwasher-Gateway 6.0.1 2007.09.14 Riskware.PSW.Messen.A.1

显示全部楼层 · 发表于 2007-9-16 07:58:26

显示全部楼层 · 发表于 2007-9-16 08:04:32

不敢运行，没有HIPS，沙盘也被我卸载了
我的小红伞C版没反应，不过我的微点应该可以报的，除了小猪还没有那个曾经过微点呢

显示全部楼层 · 发表于 2007-9-16 10:28:56

antivir 没反应阿。。

显示全部楼层 · 发表于 2007-9-16 11:00:15

AntiVir下载就报

显示全部楼层 · 发表于 2007-9-16 11:25:05

Malicious code found in file C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr000F3.zip.
Infection: Trojan-PSW.Win32.Delf.zk
Action: none.

显示全部楼层 · 发表于 2007-9-16 11:33:26

开web-traffic-scan，F-s拦死～～

[病毒样本] 连ClamAV都杀了 6bbdd7

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源