卡巴报毒但还是中招了

scottxzt

程序:
C:\DOCUMENTS AND SETTINGS\DELL\桌面\AUTO.EXE
木马程序生成以下文件:
1) C:\WINDOWS\SYSTEM32\EB3FC60C.EXE
2) C:\WINDOWS\SYSTEM32\E5046A58.DLL
是否删除木马程序及其衍生物?

sam.to

http://bbs.kaspersky.com.cn/viewthread.php?tid=1289
http://bbs.kaspersky.com.cn/viewthread.php?tid=212

看看

[ 本帖最后由 kato9096 于 2007-12-5 20:33 编辑 ]

xfsd

会吐气泡的丽丽鱼
来源：观赏鱼热线　时间：2005-12-5 16:35:00　点击次数：1663　【字体：大 中 小】
　　丽丽鱼又名小丽丽鱼、核桃鱼、加拉米鱼、密妒鱼。它是原籍在印度的小型热带鱼。它体长只有 6 厘米左右，呈椭圆形，稍侧扁。雄鱼非常漂亮，有红、橙、蓝三色组成。头部为橙色、黑眼晴、红眼眶，鳃盖上有大块蓝色斑，整个躯干上有橙、蓝相间的条纹，背、臀、尾三鳍均有红、蓝、灰斑点，并镶以红边。其雌鱼体色稍浅，呈银灰色，有黄蓝相间的彩色条纹，各鳍均比雄鱼短。
　　丽丽鱼的雌、雄鱼的胸鳍无色透明，腹鳍移到胸部演化成长长的须，很是别致。丽丽鱼以其美丽的颜色，深受人们喜爱，也是目前饲养较普遍、较广泛的观赏鱼。养丽丽鱼时，不必配对，可多养一些色彩鲜艳的雄鱼，少养一些雌鱼。

xfsd

可呢被挂了的。没情况

hyacinth

我又也遇到这样的情况啊!!!

mofunzone

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\auto.exe'
C:\Users\morgan\Documents\
  auto.exe
    [0] Archive type: Runtime Packed
    --> Object
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
      [WARNING]   The file was ignored!

mofunzone

Starting the file scan:

Begin scan in 'C:\TDDOWNLOAD\zt0616.exe'
C:\TDDOWNLOAD\
  zt0616.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Spy.Gen
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\cq0619.exe'
C:\TDDOWNLOAD\
  cq0619.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\cs0619.exe'
C:\TDDOWNLOAD\
  cs0619.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Spy.Gen
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\dh3.exe'
C:\TDDOWNLOAD\
  dh3.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\dh0616.exe'
C:\TDDOWNLOAD\
  dh0616.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\jh0619.exe'
C:\TDDOWNLOAD\
  jh0619.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\qqhx.exe'
C:\TDDOWNLOAD\
  qqhx.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jlf
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\qqsg.exe'
C:\TDDOWNLOAD\
  qqsg.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\tl0619.exe'
C:\TDDOWNLOAD\
  tl0619.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Spy.Gen
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\wd0618.exe'
C:\TDDOWNLOAD\
  wd0618.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Spy.Gen
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\wl0618.exe'
C:\TDDOWNLOAD\
  wl0618.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Spy.Gen
            [WARNING]   Infected files in archives cannot be repaired!
      [INFO]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\wow0617.exe'
C:\TDDOWNLOAD\
  wow0617.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.iqw
      [INFO]      The file was deleted!


End of the scan: 2007年12月5日  08:01
Used time: 00:06 min

The scan has been done completely.

      0 Scanning directories
     12 Files were scanned
      8 viruses and/or unwanted programs were found
      4 Files were classified as suspicious:
     12 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      4 Files not concerned
     11 Archives were scanned
     11 Warnings
      0 Notes

Love=卡巴+费尔

费尔都报了。

patrick9802

进去，BD报了，木马，并且隔离了，还不错哦，实时监控很好。

leonfg

估计漏了一些进来