7个

显示全部楼层 · 发表于 2007-12-2 16:55:04

C:\ABC\wulte\555.exe - 特征码 'Backdoor.Win32.PcClient.yw' 被发现
C:\ABC\wulte\aexqhw.dll
C:\ABC\wulte\aexqhw.sys
C:\ABC\wulte\dd0.exe - 特征码 'Packed.Win32.Klone.af' 被发现
C:\ABC\wulte\dwipse.exe
C:\ABC\wulte\hei.exe - 特征码 'Backdoor.Win32.Agent.cpt' 被发现
C:\ABC\wulte\MSINET.OCX

显示全部楼层 · 发表于 2007-12-2 16:56:41

已刪除: 特洛伊木馬程式 Trojan.Win32.Crypt.v 檔案: C:\Documents and Settings\kato9096\桌面\165312\wulte\dd0.exe//NSPack//PEPatch
已刪除: 特洛伊木馬程式 Backdoor.Win32.Agent.cpt 檔案: C:\Documents and Settings\kato9096\桌面\165312\wulte\hei.exe//PE_Patch.UPX//UPX

5个不报，已上报

显示全部楼层 · 发表于 2007-12-2 16:56:58

Begin scan in 'C:\Documents and Settings\haha\桌面\wulte.rar'
C:\Documents and Settings\haha\桌面\wulte.rar
  [0] Archive type: RAR
  --> wulte\aexqhw.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> wulte\dd0.exe
   [DETECTION] Is the Trojan horse TR/Agent.18944.C.2
  --> wulte\hei.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.2
   [INFO]    A backup was created as '47be73c6.qua'  ( QUARANTINE )

显示全部楼层 · 发表于 2007-12-2 16:59:05

扫描开始时间: 2007-12-2 16:59:12
扫描日志
NOD32 版本 2697 (20071202) NT
命令行: C:\Documents and Settings\Administrator\桌面\wulte.rar

日期: 2007年12月2日时间: 16:59:15
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: C:\Documents and Settings\Administrator\桌面\wulte.rar
C:\Documents and Settings\Administrator\桌面\wulte.rar ?RAR ?wulte\aexqhw.sys<病毒 - 未知的 NewHeur_PE 病毒 [7]>
C:\Documents and Settings\Administrator\桌面\wulte.rar ?RAR ?wulte\dd0.exe<病毒 - Win32/Small.NBN 木马>
已扫描文件数量: 7
已发现病毒数量: 2
完成时间: 16:59:16 总共扫描时间: 1 秒 (00:00:01)

注意:
[7] 文件可能感染了未知病毒。

显示全部楼层 · 发表于 2007-12-2 17:00:30

G:\Users\Administrator\Desktop\wulte.rar » RAR » wulte\aexqhw.sys - probably unknown NewHeur_PE virus - was a part of the deleted object
G:\Users\Administrator\Desktop\wulte.rar » RAR » wulte\dd0.exe - Win32/Small.NBN trojan - was a part of the deleted object
G:\Users\Administrator\Desktop\wulte.rar » RAR » wulte\hei.exe - Win32/NetTool.Agent.B application - was a part of the deleted object
G:\Users\Administrator\Desktop\wulte.rar - multiple threats - deleted - quarantined

3.0比你多1个

显示全部楼层 · 发表于 2007-12-2 20:03:25

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Worm.Agent.oj
病毒： Backdoor.Win32.Agent.cpt

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.20.62

显示全部楼层 · 发表于 2007-12-2 20:09:00

nod32

显示全部楼层 · 发表于 2007-12-2 21:10:14

Hello,

555.exe - Backdoor.Win32.PcClient.ajo,
aexqhw.dll - Backdoor.Win32.PcClient.ajn

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

aexqhw.sys, MSINET.OCX

No malicious code were found in these files.

dwipse.exe - not-a-virus:AdWare.Win32.Agent.wm

This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates

Please quote all when answering.

--
Best regards, Kirill Erakhtin
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

显示全部楼层 · 发表于 2007-12-2 21:40:19

DR.WEB 4.44
C:\Documents and Settings\Administrator\桌面\wulte.rar\wulte\aexqhw.dll - probably infected with DLOADER.Trojan
C:\Documents and Settings\Administrator\桌面\wulte.rar\wulte\dd0.exe - infected with DDoS.Rincux
C:\Documents and Settings\Administrator\桌面\wulte.rar\wulte\hei.exe\data002 - infected with Trojan.Sniff

Archive contains 3 infected items

[病毒样本] 7个

本帖子中包含更多资源

11/2

本帖子中包含更多资源