第三包12个

Palkia

卡巴K8个~
费尔。。。

sam.to

已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Hmir.wg        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/logo.jpg
已刪除: 特洛伊木馬程式 Trojan.Win32.Pakes.bqt        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/e.exe
已刪除: 特洛伊木馬程式 Trojan.Win32.DNSChanger.aqd        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/codechot4531.exe//data0001
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Delf.ad        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/cybar.dll//UPX
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Delf.ak        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/cyupdater.exe//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan.Win32.Inject.tp        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/kr3.int
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.tw        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/cybho.dll//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 色情程式 not-a-virus:Porn-Dialer.Win32.GBDialer.j        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/gdnOT2904.exe
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Small.gh        檔案: C:\Documents and Settings\kato9096\桌面\Malware3.rar/comload.dll//UPX


9,二个不报,上报

woai_jolin

Scan Log
Version of virus signature database: 2824 (20080126)
Date: 2008-1-26  Time: 20:16:07
Scanned disks, folders and files: G:\v\Malware3.rar
G:\v\Malware3.rar » RAR » BmpOperate.zip - is OK
G:\v\Malware3.rar » RAR » webinfs.exe - is OK
G:\v\Malware3.rar » RAR » logo.jpg - a variant of Win32/TrojanDownloader.QQHelper.NDW trojan - was a part of the deleted object
G:\v\Malware3.rar » RAR » e.exe - Win32/Rootkit.Agent.NEA trojan - was a part of the deleted object
G:\v\Malware3.rar » RAR » udefender_os1zn2mO7Z.exe » UPX v12_m2 - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » Entries.bin - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » Strings.txt - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » notepad.exe.dat - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » calc.exe.dat - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » freebsd.exe.dat - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » linux - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » DcryptDll.dll - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » nsExec.dll - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » StartMenu.dll - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » modern-header.bmp - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » Uninstall.exe » NSIS » Entries.bin - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » Uninstall.exe » NSIS » Strings.txt - is OK
G:\v\Malware3.rar » RAR » codechot4531.exe » NSIS » Uninstall.exe » NSIS » modern-header.bmp - is OK
G:\v\Malware3.rar » RAR » cybar.dll » UPX v12_m5_dll - is OK
G:\v\Malware3.rar » RAR » cyupdater.exe - probably unknown NewHeur_PE virus [7] - was a part of the deleted object
G:\v\Malware3.rar » RAR » kr3.int - is OK
G:\v\Malware3.rar » RAR » cybho.dll » PECompact v2.xx - is OK
G:\v\Malware3.rar » RAR » gdnOT2904.exe - Win32/Dialer.NAD trojan - was a part of the deleted object
G:\v\Malware3.rar » RAR » comload.dll - Win32/TrojanDownloader.Small.ON trojan - was a part of the deleted object
Number of scanned objects: 25
Number of threats found: 5
Time of completion: 20:16:22  Total scanning time: 15 sec (00:00:15)

Notes:
[7] Object is probably infected with an unknown virus.

冷冷

I:\virus\test\BmpOperate.zip - Signature 'Virus.Win32.Trojan' found
I:\virus\test\codechot4531.exe
I:\virus\test\comload.dll - Signature 'Trojan.Win32.Dialer.eh' found
I:\virus\test\cybar.dll - Signature 'Virus.Win32.Delf.HNL' found
I:\virus\test\cybho.dll - Suspect code-parts found (Level: 155)
I:\virus\test\cyupdater.exe - Signature 'Backdoor.Pigeon.194' found
I:\virus\test\e.exe - Signature 'Virus.Win32.Virut.av' found
I:\virus\test\gdnOT2904.exe - Signature 'not-a-virus:Porn-Dialer.Win32.GBDialer.j' found
I:\virus\test\kr3.int
I:\virus\test\logo.jpg
I:\virus\test\udefender_os1zn2mO7Z.exe - Signature 'not-a-virus:.FraudTool.Win32.UltimateDefender.v' found
I:\virus\test\webinfs.exe - Signature 'Packed.Win32.Klone.af' found
12 Files scanned
   (0 Archives with 0 files)
8 Signatures found
1 Suspect code-part found
Used time: 0:05.797
-------------------------------------------------------------------------------

I:\virus\test/codechot4531.exe: Trojan.DNSChanger-2168 FOUND
I:\virus\test/comload.dll: Trojan.Downloader-458 FOUND
I:\virus\test/e.exe: Trojan.Agent-11470 FOUND
I:\virus\test/gdnOT2904.exe: Dialer-950 FOUND
I:\virus\test/udefender_os1zn2mO7Z.exe: Trojan.Crypt-35 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 197940
Engine version: 0.92
Scanned directories: 1
Scanned files: 12
Infected files: 5
Data scanned: 2.68 MB
Time: 8.015 sec (0 m 8 s)

sam.to

Hello,

BmpOperate.zip, webinfs.exek

No malicious code were found in these files.

udefender_os1zn2mO7Z.exek - not-a-virus:FraudTool.Win32.UltimateDefender.v

This file is already detected by our extended bases as a potentially risk program.
If you know purpose of this program then there's no need to bother, just add it to exclusion list,
else there is unknown malicious software on your computer possibly. You can do this:

Please download and run utility from
ftp://ftp.kaspersky.com/utils/getsysteminfo/GetSystemInfo.exe
Create text report and upload it to
http://www.kaspersky.ru/helpdesk.html
Our support team will analize your report.

Please quote all when answering.

--
Best regards, Vladimir Krylov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

残缺的唯美

扫描统计:
扫描时间: 4秒
扫描选项:
扫描目标: G:\Users\Administrator\Desktop\Malware3.rar
  计数:
扫描的项目总数: 13
- 文件和目录: 13
- 注册表项: 0
- 进程和启动项: 0
- 网络和浏览器项目: 0
- 其他: 0

检测到的安全风险总数: 5
已解决的项目总数: 0
需要注意的项目总数: 5

已解决的风险:


未解决的风险:
Trojan Horse
病毒 ID: 25464
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 病毒
状态: 删除失败
-----------
1 文件
[e.exe] 位于[g:\users\administrator\desktop\malware3.rar] - 已感染


Downloader.MisleadApp
病毒 ID: 40906
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 病毒
状态: 删除失败
-----------
1 文件
[udefender_os1zn2mo7z.exe] 位于[g:\users\administrator\desktop\malware3.rar] - 已感染


Trojan.Zlob
病毒 ID: 4254
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 病毒
状态: 删除失败
-----------
1 文件
[codechot4531.exe] 位于[g:\users\administrator\desktop\malware3.rar] - 已感染


Dialer.DialPlatform
病毒 ID: 4294906109
类型: 已压缩
风险: 高 (高 隐蔽性，中 清除可能，高 性能，高 隐私)  
类别: 拨号程序
状态: 删除失败
-----------
1 文件
[gdnot2904.exe] 位于[g:\users\administrator\desktop\malware3.rar] - 已感染


Dialer.Pornpaq
病毒 ID: 4294906112
类型: 已压缩
风险: 高 (高 隐蔽性，高 清除可能，高 性能，高 隐私)  
类别: 拨号程序
状态: 删除失败
-----------
1 文件
[comload.dll] 位于[g:\users\administrator\desktop\malware3.rar] - 已感染

ballakay

Scanning Report
26 January 2008 21:28:39 - 21:28:43
Computer name: PUMA-PC
Scanning type: Scan target
Target: C:\Users\Administrator\Desktop\Malware3.rar


--------------------------------------------------------------------------------

Result: 7 malware found
Trojan.Win32.Pakes.bqt (virus)
C:\Users\Administrator\Desktop\Malware3.rar\e.exe
Trojan.Win32.DNSChanger.aqd (virus)
C:\Users\Administrator\Desktop\Malware3.rar\codechot4531.exe
AdWare.Win32.Delf.ad (adware)
C:\Users\Administrator\Desktop\Malware3.rar\cybar.dll
AdWare.Win32.Delf.ak (adware)
C:\Users\Administrator\Desktop\Malware3.rar\cyupdater.exe
AdWare.Win32.BHO.tw (adware)
C:\Users\Administrator\Desktop\Malware3.rar\cybho.dll
Porn-Dialer.Win32.GBDialer.j (pornware)
C:\Users\Administrator\Desktop\Malware3.rar\gdnOT2904.exe
Trojan-Downloader.Win32.Small.gh (virus)
C:\Users\Administrator\Desktop\Malware3.rar\comload.dll



--------------------------------------------------------------------------------

Riskware found
FraudTool.Win32.UltimateDefender.v (riskware)
C:\Users\Administrator\Desktop\Malware3.rar\udefender_os1zn2mO7Z.exe


--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 13
Not scanned: 0
Result:
Viruses: 3
Spyware: 4
Suspicious items: 0
Riskware: 1
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspicious items: 0
Disinfected: 0


--------------------------------------------------------------------------------

Options
Definitions version:
Viruses: 2008-01-26_03
Spyware: 2008-01-26_02
Scanning Engines:
F-Secure AVP: 7.00.171, 2008-01-26
F-Secure Libra: 2.04.01, 2008-01-24
F-Secure Orion: 1.02.37, 2008-01-26
F-Secure Draco: 1.00.35, 2008-01-14
Scanning options:
Scan all files
Scan inside archives
Actions:
Viruses: Delete infected files
Spyware: Delete infected files