2个病毒

显示全部楼层 · 发表于 2007-10-8 11:29:05

2个病毒

显示全部楼层 · 发表于 2007-10-8 11:31:32

C:\Documents and Settings\Don johnson\Local Settings\Temporary Internet Files\Content.IE5\SYRCX96G\桌面[1].rar probably a variant of Win32/Genetik trojan deleted (after the next restart) - quarantined Event occurred on a new file created by the application: D:\Program Files\TheWorld 2.0\TheWorld.exe.
C:\Documents and Settings\Don johnson\Local Settings\Temporary Internet Files\Content.IE5\SYRCX96G\桌面[1].rar » RAR » 1.exe probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\Local Settings\Temporary Internet Files\Content.IE5\SYRCX96G\桌面[1].rar » RAR » 2.exe probably a variant of Win32/Genetik trojan

显示全部楼层 · 发表于 2007-10-8 11:36:49

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\��.rar'
C:\Users\morgan\Documents\
  ��.rar
[0] Archive type: RAR
--> 1.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.PF.127
      [WARNING] Infected files in archives cannot be repaired!
--> 2.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.92258
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-10-8 11:41:15

使用 AntiVirusKit 进行病毒扫描
版本
病毒签名 10/8/2007
开始时间: 10/8/2007 11:38
引擎: KAV 引擎 (AVK 17.8679), AVAST 引擎 (AVKB 17.398)
高启发: 开启
文件: 开启
系统区域: 关闭

扫描选中目录和文件...
项目: 1.exe
检查档案: D:\病毒测试\未解压样本\桌面.rar
状态: 发现病毒
病毒: Trojan-PSW.Win32.QQPass.pf (KAV 引擎)
项目: 2.exe
检查档案: D:\病毒测试\未解压样本\桌面.rar
状态: 发现病毒
病毒: Trojan-PSW.Win32.QQPass.agk (KAV 引擎)

显示全部楼层 · 发表于 2007-10-8 12:40:41

detected: Trojan program Trojan-PSW.Win32.QQPass.pf URL: http://bbs.kafan.cn/attachment.php?aid=136976//1.exe//UPack
detected: Trojan program Trojan-PSW.Win32.QQPass.agk URL: http://bbs.kafan.cn/attachment.p ... PX//PE_Patch.MaskPE

显示全部楼层 · 发表于 2007-10-8 14:17:08

微点砍掉

显示全部楼层 · 发表于 2007-10-8 17:49:37

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 332
Paranoia Database - 6935
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\1.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\New Folder\2.exe - Suspected MalwareDetector:Win32.Generic.PSW.1

2 Files scanned
0 Infected files found
2 Suspected files found
0 Files cured
0 Files deleted

显示全部楼层 · 发表于 2007-10-8 18:16:11

继续。。

显示全部楼层 · 发表于 2007-10-8 19:07:14

2007-10-8 19:07:00 1191841620 Administrator 1476 Sign of "Win32:Nilage-AI [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.rar\1.exe\[Upack]\[Embedded#DLLFILE]" file.
2007-10-8 19:07:04 1191841624 Administrator 1476 Sign of "Win32:QQPass-MH [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.rar\2.exe\[UPX]\[MaskPE]\[Embedded#66f0]\[NsPack]" file.

[病毒样本] 2个病毒

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块