毒网挖来的,[84db94] RS and KAV pass

显示全部楼层 · 发表于 2007-9-22 14:44:23

A-Squared	Found nothing
AntiVir	Found DR/Delphi.Gen
ArcaVir	Found nothing
Avast	Found Win32:Nilage-AI
AVG Antivirus	Found nothing
BitDefender	Found Generic.Malware.SBdld.C5F08824
ClamAV	Found nothing
CPsecure	Found Troj.PSW.W32.Agent.ha
Dr.Web	Found Trojan.StartPage.372
F-Prot Antivirus	Found nothing
F-Secure Anti-Virus	Found nothing
Fortinet	Found nothing
Kaspersky Anti-Virus	Found nothing
NOD32	Found probably a variant of Win32/Genetik (probable variant)
Norman Virus Control	Found Sandbox: W32/Malware; [ General information ] * File might be compressed. * Decompressing ASPack. * Accesses executable file from resource section. * File length: 31232 bytes. [ Changes to filesystem ] * Deletes file C:\Program Files\Common Files\Microsoft Shared\MSINFO\mydown.dll. * Creates file C:\Program Files\Common Files\Microsoft Shared\MSINFO\mydown.dll. [ Network ] * Hooks into Shell explorer.
Panda Antivirus	Found nothing
Rising Antivirus	Found nothing
Sophos Antivirus	Found Mal/PWS-K
VirusBuster	Found nothing
VBA32	Found Backdoor.XiaoBird.9 (paranoid heuristics) (probable variant)

诺盟的沙盘难得表现啊

显示全部楼层 · 发表于 2007-9-22 14:46:34

vba报小鸟

显示全部楼层 · 发表于 2007-9-22 14:46:44

XiaoBird？？？？？
这是？？？？？？？
鸽子？？？？？？？

VBA32

显示全部楼层 · 发表于 2007-9-22 14:47:26

detected: virus Heur.Downloader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\~tmp1452.rar/~tmp1452.exe//ASPack

显示全部楼层 · 发表于 2007-9-22 14:48:02

C:\ABC\~tmp1452.rar:\~tmp1452.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.jj' 被发现

显示全部楼层 · 发表于 2007-9-22 15:52:28

McAfee PWS-QQGame

显示全部楼层 · 发表于 2007-9-22 17:53:35

Virus infection found

File which you are trying download contains virus. Loading has been interrupted.
Technical data:
Error name: Virus Alert
Virus description Generic.Malware.SBdld.C5F08824
Error code: -1602
Requested URL: /attachment.php?aid=130637
Requested HTTP method: GET
Requested ContentType: application/octet-stream
Requested IP: 211.136.18.143

显示全部楼层 · 发表于 2007-9-22 18:07:53

2007-9-22 18:08:08 引擎版本=5200.2160
2007-9-22 18:08:08 防病毒 DAT 版本=5125.0000
2007-9-22 18:08:08 EXTRA.DAT 中的检测项特征码数=无
2007-9-22 18:08:08 EXTRA.DAT 中的检测项特征码名称=无
2007-9-22 18:08:00 扫描已启动 3109AB0180954E2\星星按需扫描
2007-9-22 18:08:09 未采取操作星星 E:\病毒\~tmp1452.rar\~TMP1452.EXE\~TMP1452.EXE\0000a4f0.EXE PWS-QQGame(特洛伊)

显示全部楼层 · 发表于 2007-9-22 20:29:03

已删除：木马程序 Trojan-Downloader.Win32.Delf.cew 文件　: G:\9.22\~tmp1452.rar/~tmp1452.exe//ASPack

显示全部楼层 · 发表于 2007-9-22 21:14:13

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 198
Paranoia Database - 5514
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\~tmp1452.exe

C:\Documents and Settings\uhthn\Desktop\~tmp1452.exe - Infected with PDB:Win32.c80 Malware program - Deleted

1 Files scanned
1 Infected files found
0 Suspicious files found
0 Files cured
1 Files deleted

[病毒样本] 毒网挖来的,[84db94] RS and KAV pass

本帖子中包含更多资源