晚餐時間，一只操控磁盤的病毒

醉一生爱妍

NOD 飄！

Nblock

就这么简单  微点拦截

gho

MCAFEE MISS

冷冷

If I am free this evening, I will make and send a report to you !

醉一生爱妍

原帖由 冷_冷 于 2008-1-26 18:50 发表
If I am free this evening, I will make and send a report to you !

OK,wait report fo you

冷冷

原帖由 garyyan456 于 2008-1-26 18:58 发表

OK,wait report fo you

correct: Waiting your report!

---------------------------------------------------
00024B40   00426540      0   An application has made an attempt to load the C runtime library incorrectly.
00024B8E   0042658E      0   Please contact the application's support team for more information.
00024BD4   004265D4      0   R6033
00024BDB   004265DB      0   - Attempt to use MSIL code from this assembly during native code initialization
00024C2B   0042662B      0   This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
00024CCB   004266CB      0   R6032
00024CD2   004266D2      0   - not enough space for locale information
00024CFE   004266FE      0   R6031
00024D05   00426705      0   - Attempt to initialize the CRT more than once.
00024D35   00426735      0   This indicates a bug in your application.
00024D61   00426761      0   R6030
00024D68   00426768      0   - CRT not initialized
00024D80   00426780      0   R6028
00024D87   00426787      0   - unable to initialize heap
00024DA5   004267A5      0   R6027
00024DAC   004267AC      0   - not enough space for lowio initialization
00024DDA   004267DA      0   R6026
00024DE1   004267E1      0   - not enough space for stdio initialization
00024E0F   0042680F      0   R6025
00024E16   00426816      0   - pure virtual function call
00024E35   00426835      0   R6024
00024E3C   0042683C      0   - not enough space for _onexit/atexit table
00024E6A   0042686A      0   R6019
00024E71   00426871      0   - unable to open console device
00024E93   00426893      0   R6018
00024E9A   0042689A      0   - unexpected heap error
00024EB4   004268B4      0   R6017
00024EBB   004268BB      0   - unexpected multithread lock error
00024EE1   004268E1      0   R6016
00024EE8   004268E8      0   - not enough space for thread data
00024F0F   0042690F      0   This application has requested the Runtime to terminate it in an unusual way.
00024F5D   0042695D      0   Please contact the application's support team for more information.
00024FA3   004269A3      0   R6009
00024FAA   004269AA      0   - not enough space for environment
00024FCF   004269CF      0   R6008
00024FD6   004269D6      0   - not enough space for arguments
00024FF9   004269F9      0   R6002
00025000   00426A00      0   - floating point support not loaded
00025026   00426A26      0   Microsoft Visual C++ Runtime Library
00025052   00426A52      0   <program name unknown>
00025069   00426A69      0   Runtime Error!

[ 本帖最后由 冷_冷 于 2008-1-26 20:19 编辑 ]

Palkia

危险进程(PID:3108): C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX02.828\Swizzor.exe

产品名称: 无
文件版本: 无
公司名称: 无
文件描述: 无
数字签名: 没有发现签名

危险级别: 中
级别评分: 37.4408880
状态: 进程已被结束，但还没有清除，等待进一步处理。

建议: 如果能确认这个文件是安全的可以信任它，如果能确认是不安全的可以删除它，如果是正常的程序被意外的终止，可以暂时信任然后再重新运行一次。

如果无法确认它是否安全，建议使用在线扫描得到进一步的建议。

qigang

Rising20.28.52未杀。

剑书

Starting the file scan:

Begin scan in 'K:\Swizzor.zip'
K:\Swizzor.zip
  [0] Archive type: ZIP
  --> Swizzor.int
      [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
      [INFO]      A backup was created as '48042465.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!

28654621

Trojan.Inject.tp.aosz