又16只

promised

[MD5: BDE381 628DBD EC57B7 723444 B86944 0BB6FE 1723C1 75E1EA 81A00C 69F569 9753BA B18183 FAF462 E25E03 DD7420 6232BE]

[ 本帖最后由 promised 于 2007-9-18 20:45 编辑 ]

scottxzt

Begin scan in 'C:\Documents and Settings\dell\桌面\样本.rar'
C:\Documents and Settings\dell\桌面\样本.rar
  [0] Archive type: RAR
  --> 0.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.buv.1
  --> 10.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> 11.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 12.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 13.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 14.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.ahj.752 Backdoor server programs
  --> 2.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Flux.A.2
  --> 3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> 5.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Tin.8192.A
  --> 6.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 7.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> 9.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 8.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> 15.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> 16.exe
      [DETECTION] Is the Trojan horse TR/Agent.14336.17
      [INFO]      The file was successfully wiped!
      [INFO]      The file was deleted!


End of the scan: 2007年9月18日  20:42
Used time: 00:19 min

The scan has been done completely.

      0 Scanning directories
     17 Files were scanned
     16 viruses and/or unwanted programs were found

nosferatu

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\��.rar'
C:\Documents and Settings\Administrator\桌面\��.rar
  [0] Archive type: RAR
  --> 0.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.buv.1
  --> 10.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> 11.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 12.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 13.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 14.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.ahj.752 Backdoor server programs
  --> 2.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Flux.A.2
  --> 3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> 5.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Tin.8192.A
  --> 6.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 7.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> 9.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 8.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> 15.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> 16.exe
      [DETECTION] Is the Trojan horse TR/Agent.14336.17
      [INFO]      The file was deleted!


End of the scan: 2007年9月18日  20:44
Used time: 00:32 min

The scan has been done completely.

      0 Scanning directories
     17 Files were scanned
     16 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.IMMSG.Win32.TBMSG.yga
病毒： Trojan.Win32.Agent.tzp   
病毒： Trojan.Win32.Agent.vrx   
病毒： Trojan.DL.Win32.Agent.xfl
病毒： Worm.Win32.Agent.ilk     
病毒： Worm.Win32.Cnt.b         
病毒： Trojan.IMMSG.Win32.TBMSG.ik
病毒： Trojan.IMMSG.Win32.TBMsg.iv
病毒： Trojan.IMMSG.Win32.TBMSG.jk
病毒： Dropper.Win32.Agent.nww  
病毒： Trojan.DL.Small.sdd      
病毒： Trojan.DL.Win32.Agent.xfj
病毒： Trojan.Win32.MultiDrop.c
病毒： Trojan.DL.Win32.Agent.xbm

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.41.12

kp2006

avast!都报

kp2006

avast!样本版块表现很好

残缺的唯美

D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 11.exe - probably unknown NewHeur_PE virus
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 10.exe - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 1.exe - a variant of Win32/Drowor virus
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 0.exe - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 2.exe - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 14.exe - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 13.exe - probably unknown NewHeur_PE virus
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 12.exe - probably unknown NewHeur_PE virus
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 9.exe - a variant of Win32/Agent.NAU worm
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 7.exe - Win32/TrojanDownloader.VB.APY trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 6.exe - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 5.exe - Win32/Small.PJ trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 3.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar - multiple threats - deleted - quarantined
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 16.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 15.exe - Win32/TrojanDownloader.Small.EQN trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 8.exe - Win32/TrojanDropper.Small.NGC trojan

wangjay1980

16
detected: Trojan program Trojan-Downloader.Win32.Agent.djc        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/0.exe//ASPack
detected: Trojan program Trojan-Downloader.Win32.Agent.buv        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/1.exe//UPack
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/10.exe
detected: Trojan program Trojan-Downloader.Win32.Delf.boz        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/11.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: virus Worm.Win32.Agent.t        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/12.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan-Downloader.Win32.Banload.bpo        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/13.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/14.exe
detected: Trojan program Trojan-Downloader.Win32.Flux.a        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/2.exe//UPack//ASPack
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/3.exe
detected: Trojan program Backdoor.Win32.Small.bq        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/5.exe//UPX
detected: Trojan program Trojan-Downloader.Win32.Agent.djc        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/6.exe//ASPack
detected: Trojan program Trojan-Downloader.Win32.Cryptic.gen        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/7.exe
detected: virus Worm.Win32.Agent.t        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/9.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan-Dropper.Win32.Small.ayg        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/8.exe
detected: Trojan program Trojan-Downloader.Win32.Small.eqn        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/15.exe//PE_Patch.Upolyx//PE_Patch.UPX//UPX
detected: Trojan program Trojan.Win32.LowZones.ek        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾3.rar/16.exe//PE_Patch.UPX//UPX

qqq000@qq.com

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)

       [凝逸.扫描病毒引擎-日志]       2007.9.18 21:34:51

文件:F:\070918\样本\0.exe | 感染:Trojan.Popwin [175>20070916_ny0019.axx]3(4.4)
操作:删除文件
文件:F:\070918\样本\1.exe | 感染:virus [148>20070802_ny0003.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\10.exe | 感染:Trojan.Popwin.634 [8>20070822_ny0010.axx]3(4.6)
操作:删除文件
文件:F:\070918\样本\11.exe | 感染:virus [12628>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\12.exe | 感染:virus [12569>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\13.exe | 感染:virus [10845>20070726_dw0001.axx]3(1.2)
操作:删除文件
文件:F:\070918\样本\14.exe | 感染:Trojan.Popwin [5129>20070726_dw0001.axx]3(2.5)
操作:删除文件
文件:F:\070918\样本\2.exe | 感染:MULDROP.Trojan [104>20070801_ny0002.axx]3(2.3)
操作:删除文件
文件:F:\070918\样本\3.exe | 感染:Trojan.Popwin.629 [68>20070819_ny0008.axx]3(1.3)
操作:删除文件
文件:F:\070918\样本\5.exe | 感染:virus [255>20070802_ny0003.axx]3(2.2)
操作:删除文件
文件:F:\070918\样本\6.exe | 感染:Trojan.Popwin [174>20070916_ny0019.axx]3(3.4)
操作:删除文件
文件:F:\070918\样本\7.exe | 感染:TrojanDownloader.Small.cam [630>20070729_ny0001.axx]2(1.1)
操作:删除文件
文件:F:\070918\样本\9.exe | 感染:DLOADER.Trojan [44>20070801_ny0002.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\8.exe | 感染:virus [244>20070802_ny0003.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\15.exe | 感染:virus [154>20070802_ny0003.axx]2(1.1)
操作:删除文件

扫描完成|病毒:15 文件:16|耗时:11707
----------

The EQs

Scan performed at: 2007-9-18 21:46:36
Scanning Log
NOD32 version 2537 (20070918) NT
Command line: C:\Documents and Settings\Don johnson\桌面\样本.rar
Operating memory - is OK

Date: 18.9.2007  Time: 21:46:40
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\样本.rar
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?0.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?1.exe - a variant of Win32/Drowor virus
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?10.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?11.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?12.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?13.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?14.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?2.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?3.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?5.exe - Win32/Small.PJ trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?6.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?7.exe - Win32/TrojanDownloader.VB.APY trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?9.exe - a variant of Win32/Agent.NAU worm
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?8.exe - Win32/TrojanDropper.Small.NGC trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?15.exe - Win32/TrojanDownloader.Small.EQN trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?16.exe - probably a variant of Win32/Genetik trojan
Number of scanned files: 17
Number of threats found: 16
Number of files cleaned: 1
Time of completion: 21:46:44 Total scanning time: 4 sec (00:00:04)

Notes:
[7] File is probably infected with an unknown virus.