这里有很多[e59170|8a0e51|c37978|ce4918]

jimmyleo

夜深了
累了 睡觉去料

1. http://60.191.247.178/bumian18.htm

复制代码

先捉了几只 大家继续

1. d:\download\virusscan\exe.rar:\momo.exe - Signature 'Trojan-PWS.Win32.QQPass.pb' found
   
2. d:\download\virusscan\exe.rar:\pk.exe - Signature 'Trojan-PWS.Win32.Delf.qc' found
   
3. d:\download\virusscan\exe.rar:\svcos.exe - Signature 'Generic.PWStealer' found
   
4. d:\download\virusscan\exe.rar:\vip.exe - Signature 'Trojan.Win32.Agent.qt' found
   
5. d:\download\virusscan\exe.rar
   
6. 
   
7. 5 Files scanned
   
8. (1 Archiv with 4 files)
   
9. 4 Signatures found
   
10. 0 Suspect code-parts found
    
11. Used time: 0:00.120

复制代码

[ 本帖最后由 jimmyleo 于 2007-10-2 00:08 编辑 ]

hj5abc

被阻挡..

还有
file:///C:/DOCUME%7E1/ADMINI%7E1/LOCALS%7E1/Temp/moz-screenshot.jpghttp://60.191.247.178/vip.cab
http://60.191.247.178/vip.exe

shaw530

D:\anti\exe.rar >>RAR >>momo.exe - Win32/TrojanDownloader.Delf.NZC 木马
D:\anti\exe.rar >>RAR >>pk.exe - Win32/PSW.Delf.NHI 木马的变种
D:\anti\exe.rar >>RAR >>svcos.exe - Win32/PSW.Delf.NIY 木马
D:\anti\exe.rar >>RAR >>vip.exe - Win32/Delf.NDL 蠕虫的变种

网页打开就被拦了

[ 本帖最后由 shaw530 于 2007-10-2 00:07 编辑 ]

mofunzone

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\exe.rar'
C:\Users\morgan\Documents\
  exe.rar
    [0] Archive type: RAR
    --> momo.exe
        [DETECTION] Is the Trojan horse TR/Dldr.Versie.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> pk.exe
        [DETECTION] Contains detection pattern of the VBS script virus VBS/Dldr.Psyme.GR.2
        [WARNING]   Infected files in archives cannot be repaired!
    --> svcos.exe
        [DETECTION] Is the Trojan horse TR/PSW.Delf.ada
        [WARNING]   Infected files in archives cannot be repaired!
    --> vip.exe
        [DETECTION] Is the Trojan horse TR/Agent.20992.18
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      The file was deleted!

taihuxian

BitDefender

This web page has been blocked by BitDefender Antivirus Real-time Protection!

The blocked web page included objects that were either infected or likely to be infected with a virus. Your system has NOT been infected.
http://www.bitdefender.com/vfind/?q=Generic.Malware.SWYddldg.0B70FB3E
http://www.bitdefender.com/vfind/?q=Generic.PWStealer.1C648394
http://www.bitdefender.com/vfind/?q=Generic.PWStealer.4BDF8DB9
http://www.bitdefender.com/vfind/?q=Trojan.Downloader.Delf.NZK

微点卫士

木马名称:Trojan.Win32.Genetik.cja

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\MOMO.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Delf.bwr

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIP.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PK.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\MSINFO\SYSTEM.2DT
2) C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\MSINFO\NEWINFO.BMP
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SVCOS.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\MSINFO\SYSTEM6.JUP
2) C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\MSINFO\SYSTEM6.INS
是否删除木马程序及其衍生物?

残缺的唯美

D:\Documents and Settings\EKINCHENG\桌面\exe.rar » RAR » momo.exe - Win32/TrojanDownloader.Delf.NZC trojan
D:\Documents and Settings\EKINCHENG\桌面\exe.rar » RAR » pk.exe - a variant of Win32/PSW.Delf.NHI trojan
D:\Documents and Settings\EKINCHENG\桌面\exe.rar » RAR » svcos.exe - Win32/PSW.Delf.NIY trojan
D:\Documents and Settings\EKINCHENG\桌面\exe.rar » RAR » vip.exe - a variant of Win32/Delf.NDL worm
D:\Documents and Settings\EKINCHENG\桌面\exe.rar - multiple threats - deleted - quarantined

wangjay1980

deleted: Trojan program Trojan-Downloader.Win32.Baser.o        File: C:\Documents and Settings\Owner\×ÀÃæ\exe.rar/momo.exe
deleted: Trojan program Trojan-PSW.Win32.Delf.qc        File: C:\Documents and Settings\Owner\×ÀÃæ\exe.rar/pk.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.Delf.ada        File: C:\Documents and Settings\Owner\×ÀÃæ\exe.rar/svcos.exe//UPX
deleted: virus Worm.Win32.Wogue.q        File: C:\Documents and Settings\Owner\×ÀÃæ\exe.rar/vip.exe//PE_Patch.PECompact//PecBundle//PECompact//PE_Patch.MaskPE

傻猪猪米走鸡

Scanning Log
Version of virus signature database: 2563 (20071001)
Date: 2.10.2007  Time: 08:28:59
Scanned disks, folders and files: F:\virus\exe.rar
F:\virus\exe.rar » RAR » momo.exe - Win32/TrojanDownloader.Delf.NZC trojan
F:\virus\exe.rar » RAR » pk.exe - a variant of Win32/PSW.Delf.NHI trojan
F:\virus\exe.rar » RAR » svcos.exe - Win32/PSW.Delf.NIY trojan
F:\virus\exe.rar » RAR » vip.exe - a variant of Win32/Delf.NDL worm

剑指七星

NIS报三个