9月28日最新感染文

jimmyleo

gankeyu的Uguard什么时候出beta？

changzheng2

Comodo  Trojan-Downloader.Win32.Delf.bq
Fortinet  W32/Delf.AQ!tr.dldr
Rising  Joke.Win32.Agent.fiq
Kaspersky  Trojan.Win32.FlyStudio.an
ClamAV  Trojan.Dropper-2514
Avast!  Win32:Getos [Trj]
Avira  DR/FlyStudio.AN
VBA32  Trojan.Click.2809
Ikarus  Trojan.Win32.Agent.ala
a-squared  Trojan.Win32.Agent.ala
F-secure  Trojan.Win32.FlyStudio.an
Webwasher  Trojan.FlyStudio.AN
F-Prot  W32/Backdoor.ARJU (exact)
Authentium  W32/Backdoor.ARJU
Microsoft  Worm:Win32/Nuj.A


  NOT Compressed
  [ GNR info ]
    * Creating several executable files on hard-drive.
   
  [ Changes to filesystem ]
    * Creates directory C:\WINDOWS\TEMP\E_00000004.
    * Creates file C:\WINDOWS\TEMP\E_00000004\krnln.fnr.
    * Creates file C:\WINDOWS\TEMP\E_00000004\shellEx.fne.
    * Creates file C:\WINDOWS\TEMP\E_00000004\eAPI.fne.
    * Creates file C:\WINDOWS\TEMP\E_00000004\shell.fne.

逍遥高手

利害啊 小心为妙

solcroft

Comodo竟然报了，可是... downloader？

zszzd

易语言的库也是对API的封装，不可能不调用API的

sanhu35

http://www.eqspywatch.com/bbs/read.php?tid=7858&keyword=

看看我的贴吧，希望对你们有帮助

NobleT

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2007-11-9, 9:17

Scan name: [Custom Scan]
Path to scan: F:\|

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-11-9, 17:15:14
---------------------------------------------------------------------

[Clean]        Boot sector on drive F:
[Clean]        Boot sector on drive E:
[Clean]        Boot sector on drive D:
[Clean]        Boot sector on drive G:
[Clean]        Boot sector on drive C:
[Clean]        Master Boot Record on disk 0
[Clean]        F:\1BD7EEA0.rar->1BD7EEA0.DLL
[Clean]        F:\1BD7EEA0.rar
[Clean]        F:\LFS_S2W_KeyGen.exe
[Clean]        F:\RECYCLER\S-1-5-21-746137067-725345543-839522115-1003\desktop.ini
[Clean]        F:\RECYCLER\S-1-5-21-746137067-725345543-839522115-1003\INFO2
[Clean]        F:\wos5_00006.jpg
[Clean]        F:\wos5_00008.jpg
[Clean]        F:\wos5_00010.jpg
[Clean]        F:\wos5_00011.jpg
[Clean]        F:\wos5_00013.jpg
[Clean]        F:\wos5_00017.jpg
[Clean]        F:\wos5_00022.jpg
[Clean]        F:\存档\fdgvd.sav
[Clean]        F:\存档\Hroll\playersave\commondt.sav
[Clean]        F:\存档\Hroll\playersave\playersave
[Clean]        F:\存档\Hroll\playersave2\commondt.sav
[Clean]        F:\存档\Hroll\playersave2\playersave
[Found backdoor]         <W32/Backdoor.ARJU (exact, not disinfectable)>        F:\感染.rar->感染.exe
[Contains infected objects]        F:\感染.rar
[Quarantined]        F:\感染.rar->感染.exe

---------------------------------------------------------------------
Scan ended:        2007-11-9, 17:15:16
Duration:        0:00:01

Scan result:

Scanned files:                 23
Infected objects:         1
Disinfected objects:         0
Quarantined files:         1
----------------------------------------------------

huangong

全疯了！
删掉图标，恢复即可。
还有个别 .txt , .jpg的图标不是原来的；
用优化大师之类修复一下就可以了

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Joke.Win32.Agent.fiq     

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.17.42