广告

promised

sophos
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\cswo.dll
>>> PUA secondary 'Boran' (of type Adware) found in registry key HKLM\SOFTWARE\Classes\.mpc
C:\ABC\gwas.dll
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\gwas.dll
C:\ABC\InsShell.exe
C:\ABC\InsShell.exe\FILE:0000
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\InsShell.exe\FILE:0000
C:\ABC\InsShell.exe\FILE:0001
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\InsShell.exe\FILE:0001
C:\ABC\InsShell.exe\FILE:0002
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\InsShell.exe\FILE:0002
C:\ABC\InsShell.exe\FILE:0003
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\InsShell.exe\FILE:0003
C:\ABC\InsShell.exe\FILE:0004
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\InsShell.exe\FILE:0004
C:\ABC\jzdv.dll
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\jzdv.dll
C:\ABC\lbfx.dll
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\lbfx.dll
C:\ABC\oeia.dll
>>> PUA 'Boran' (of type Adware) found in file C:\ABC\oeia.dll
C:\ABC\yeSetup.exe
>>> File "C:\ABC\yeSetup.exe" has been identified as suspicious 'Sus/Malware-A'.
ik
C:\ABC\ad.rar:\InsShell.exe - 特征码 'not-a-virus:AdWare.Win32.Boran.bo' 被发现
C:\ABC\ad.rar:\yeSetup.exe - 特征码 'not-a-virus:AdWare.Win32.AdMoke.bx' 被发现
C:\ABC\ad.rar:\gwas.dll - 特征码 'not-a-virus:AdWare.Win32.Boran.bo' 被发现
C:\ABC\ad.rar:\jzdv.dll - 特征码 'Virus.Win32.Boran.M' 被发现
C:\ABC\ad.rar:\lbfx.dll - 特征码 'not-a-virus:AdWare.Win32.Boran.bo' 被发现
C:\ABC\ad.rar:\cswo.dll - 特征码 'not-a-virus:AdWare.Win32.Boran.bo' 被发现
C:\ABC\ad.rar:\oeia.dll - 特征码 'not-a-virus:AdWare.Win32.Boran.bo' 被发现

Graybird

Starting the file scan:

Begin scan in 'E:\ad.rar'
E:\ad.rar
  [0] Archive type: RAR
  --> yeSetup.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [INFO]      The file was deleted!

C版报一个下载者~

[ 本帖最后由 Graybird 于 2007-11-25 18:32 编辑 ]

sam.to

已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.bo        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/InsShell.exe
已刪除: 特洛伊木馬程式 Trojan.Win32.Delf.aau        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/yeSetup.exe//ASPack
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.bo        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/gwas.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.bo        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/jzdv.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.bo        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/lbfx.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.bo        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/cswo.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.bo        檔案: C:\Documents and Settings\kato9096\桌面\161809.rar/oeia.dll

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： AdWare.Win32.Boran.bo   
病毒： Trojan.Win32.Mnless.zmf  
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.19.62

kkgh

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： AdWare.Win32.Boran.bo   
病毒： Trojan.Win32.Mnless.zmf  
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   
病毒： AdWare.Win32.Boran.bo   

用户来源：互联网

软件版本：20.19.62

BING126

FS7.10
AdWare.Win32.Boran.bo (adware)
C:\Documents and Settings\Administrator\桌面\ad.rar\InsShell.exe
C:\Documents and Settings\Administrator\桌面\ad.rar\gwas.dll
C:\Documents and Settings\Administrator\桌面\ad.rar\jzdv.dll
C:\Documents and Settings\Administrator\桌面\ad.rar\lbfx.dll
C:\Documents and Settings\Administrator\桌面\ad.rar\cswo.dll
C:\Documents and Settings\Administrator\桌面\ad.rar\oeia.dll

Trojan.Win32.Delf.aau (病毒)      
C:\Documents and Settings\Administrator\桌面\ad.rar\yeSetup.exe

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 981
Paranoia Database - 49114
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\New Folder (2)

C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\InsShell.exe - Infected ADWARE.BORAN.1 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\yeSetup.exe - Suspected MaliciousScope:WIN32.GENERIC.MALWARE.8
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\gwas.dll - Infected ADWARE.BORAN.1 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\jzdv.dll - Infected ADWARE.BORAN.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\lbfx.dll - Infected ADWARE.BORAN.5 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\cswo.dll - Infected ADWARE.BORAN.1 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\oeia.dll - Infected ADWARE.BORAN.2 - Deleted

7 Files scanned
6 Infected files found
1 Suspected files found
0 Files disinfected
6 Files deleted

Love=卡巴+费尔

瑞星

nosferatu

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\ad.rar'
C:\Documents and Settings\Administrator\桌面\ad.rar
  [0] Archive type: RAR
  --> InsShell.exe
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Boran.XSS.3
  --> yeSetup.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> gwas.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Boran.BO
  --> jzdv.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Boran.XSS.2
  --> lbfx.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Boran.XSS.2
  --> cswo.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Boran.XSS.3
  --> oeia.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Boran.XSS.2
      [INFO]      The file was deleted!


End of the scan: 星期一 2007年11月26日  00:38
Used time: 00:07 min

The scan has been done completely.

      0 Scanning directories
      8 Files were scanned
      7 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

啊弥陀佛

木马名称:未知木马
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AD\CSWO.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:未知木马
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AD\GWAS.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:未知木马
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AD\LBFX.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:未知木马
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AD\OEIA.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:未知木马
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AD\JZDV.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?