卡巴主动防御失效 微点报警02357D

Nblock

卡巴瑞星来运行  8是扫描 生成物注册表 重启系统查看卡巴和系统是否正常

[ 本帖最后由 Nblock 于 2007-9-16 22:45 编辑 ]

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Win32.AVKiller.a         

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.40.62

1688388728

检测到：木马程序 Trojan-Downloader.Win32.Agent.dkv        URL: http://bbs.kafan.cn/attachment.p ... XE//PE_Patch.MaskPE

1688388728

我的卡巴没主动防御.
用eq防御.

残缺的唯美

2007-9-16 19:33:13        Scanning Log
2007-9-16 19:33:13        Version of virus signature database: 2532 (20070916)
2007-9-16 19:33:13        Date: 16.9.2007  Time: 19:33:13
2007-9-16 19:33:13        Scanned disks, folders and files: D:\Documents and Settings\EKINCHENG\桌面\DOWN.rar
2007-9-16 19:33:13        D:\Documents and Settings\EKINCHENG\桌面\DOWN.rar » RAR » DOWN.EXE - a variant of Win32/Delf.NDF worm
2007-9-16 19:33:13        Number of scanned files: 2
2007-9-16 19:33:13        Number of threats found: 1
2007-9-16 19:33:13        Time of completion: 19:33:13  Total scanning time: 0 sec (00:00:00)

残缺的唯美

2007-9-16 19:33:39        Scanning Log
2007-9-16 19:33:39        Version of virus signature database: 2532 (20070916)
2007-9-16 19:33:39        Date: 16.9.2007  Time: 19:33:39
2007-9-16 19:33:39        Scanned disks, folders and files: D:\Documents and Settings\EKINCHENG\桌面\衍生物.rar
2007-9-16 19:33:39        D:\Documents and Settings\EKINCHENG\桌面\衍生物.rar » RAR » HBPKVUA.EXE - a variant of Win32/Delf.NDF worm
2007-9-16 19:33:39        D:\Documents and Settings\EKINCHENG\桌面\衍生物.rar » RAR » DYSQGLB.EXE - a variant of Win32/Delf.NDF worm
2007-9-16 19:33:39        Number of scanned files: 3
2007-9-16 19:33:39        Number of threats found: 2
2007-9-16 19:33:39        Time of completion: 19:33:39  Total scanning time: 0 sec (00:00:00)

红心王子

2007-9-16        19:38:23        1189942703        Administrator        3748        Sign of "Win32:Delf-ERE [Wrm]" has been found in "C:\Documents and Settings\Administrator\桌面\DOWN.rar\DOWN.EXE" file.  
2007-9-16        19:38:27        1189942707        Administrator        3748        Sign of "Win32:Delf-ERE [Wrm]" has been found in "C:\Documents and Settings\Administrator\桌面\衍生物.rar\HBPKVUA.EXE" file.  
2007-9-16        19:38:27        1189942707        Administrator        3748        Sign of "Win32:Delf-ERE [Wrm]" has been found in "C:\Documents and Settings\Administrator\桌面\衍生物.rar\DYSQGLB.EXE" file.

曲中求

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\DOWN.rar'
C:\Documents and Settings\Administrator\桌面\DOWN.rar
  [0] Archive type: RAR
  --> DOWN.EXE
      [DETECTION] Is the Trojan horse TR/Agent.61318
      [WARNING]   The file was ignored!

Begin scan in 'C:\Documents and Settings\Administrator\桌面\衍生物.rar'
C:\Documents and Settings\Administrator\桌面\衍生物.rar
  [0] Archive type: RAR
  --> HBPKVUA.EXE
      [DETECTION] Is the Trojan horse TR/Agent.61318
  --> DYSQGLB.EXE
      [DETECTION] Is the Trojan horse TR/Agent.61318
      [WARNING]   The file was ignored!

xzthink

扫描进行于：2007-9-16 21:14:32
扫描日志
NOD32版本 2532 (20070916) NT
命令行： F:\virus test\DOWN.rar
d:\Eset\nod32.exe - 是正常的
系统内存  - 是正常的
1 的MBR区.物理磁盘 - 是正常的
1 的启动引导区.物理磁盘 - 是正常的

日期： 16.9.2007  时间：21:14:50
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：F:\virus test\DOWN.rar
F:\virus test\DOWN.rar >>RAR >>DOWN.EXE - Win32/Delf.NDF 蠕虫的变种
已扫描的文件数目：2
已发现的病毒数目：1
已清除病毒的文件数目：1
完成时间： 21:14:51 总扫描时间：1 秒 (00:00:01)

浪滔天

卡巴 7.0.0.125 主动防御

动作比较多，还有几个提示处理没抓图。

[ 本帖最后由 浪滔天 于 2007-9-16 21:27 编辑 ]