可怜的McAfee用户又中毒了

a750828

McAfee W32/Autorun.worm.i.gen

woai_jolin

Scan Log
Version of virus signature database: 2874 (20080214)
Date: 2008/2/14  Time: 21:07:15
Scanned disks, folders and files: G:\v\WINDOWS.rar
G:\v\WINDOWS.rar » RAR » jswj.exe - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » pop.21cn.com.iaf - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » WINIO.VXD - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » ARJ.EXE - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » WinIo.dll - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » WinIo.sys - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » jl2.txt » MIME » MIME » part000.txt - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » jl2.txt » MIME » MIME » part001.htm - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » jl2.txt » MIME » JLQ.ARJ - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » jl2.txt » MIME »  - error reading archive
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » jswj.exe - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » MSWINSCK.OCX - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » bb.bmp - is OK
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » winhelps.exe - probably a variant of Win32/VB trojan
G:\v\WINDOWS.rar » RAR » Recycled.exe » RAR » QQ .EXE - probably a variant of Win32/Autorun worm
Number of scanned objects: 16
Number of threats found: 2
Time of completion: 21:07:16  Total scanning time: 1 sec (00:00:01)

zxc3949

我用的咖啡8.5 使用目标另存为下载时 咖啡报:
2008-2-14        21:13:00        已由访问保护规则禁止         WWW-67DE99D7D30\Administrator        C:\Program Files\Maxthon2\Maxthon.exe        \REGISTRY\USER\S-1-5-21-1957994488-2052111302-682003330-500\Software\Microsoft\Internet Explorer\Main        用户定义的规则:禁止修改IE的搜索，默认主页设置（注册表）        已阻止的操作: 写入

病毒名 W32/Autorun.worm.i.gen

[ 本帖最后由 zxc3949 于 2008-2-14 21:16 编辑 ]

gho

ESS报2个变种病毒
Scan Log
Version of virus signature database: 2874 (20080214)
Date: 2008-2-14  Time: 21:19:11
Scanned disks, folders and files: I:\hanxiaojun\WINDOWS(1).rar
I:\hanxiaojun\WINDOWS(1).rar » RAR » Recycled.exe » RAR » jl2.txt » MIME - is OK (internal scanning not performed)
I:\hanxiaojun\WINDOWS(1).rar » RAR » Recycled.exe » RAR » winhelps.exe - probably a variant of Win32/VB trojan
I:\hanxiaojun\WINDOWS(1).rar » RAR » Recycled.exe » RAR » QQ .EXE - probably a variant of Win32/Autorun worm
Number of scanned objects: 12
Number of threats found: 2
Time of completion: 21:19:11  Total scanning time: 0 sec (00:00:00)

[ 本帖最后由 gho 于 2008-2-14 21:25 编辑 ]

gho

Scanning Report
14 February 2008 21:22:14 - 21:22:16
Computer name: CN-89FF4B9EA4D6
Scanning type: Scan target
Target: I:\hanxiaojun\WINDOWS(1).rar


--------------------------------------------------------------------------------

Result: 4 malware found
Trojan-PSW.Win32.QQPass.anz (virus)
I:\hanxiaojun\WINDOWS(1).rar\jswj.exe
I:\hanxiaojun\WINDOWS(1).rar\Recycled.exe\jswj.exe
I:\hanxiaojun\WINDOWS(1).rar\Recycled.exe\QQ .EXE
Trojan.Win32.VB.bmd (virus)
I:\hanxiaojun\WINDOWS(1).rar\Recycled.exe\winhelps.exe

Scofield328

来个卡巴斯基吧，哈哈。。。

gho

咦为什么我和版主的扫描结果不一致

清蒸波波面

费尔杀了4个木马

hj5abc

Sign of "Win32:QQPass-OT [Trj]" has been found in "F:\WINDOWS.rar\jswj.exe" file.  
Sign of "Win32:QQPass-OT [Trj]" has been found in "F:\WINDOWS.rar\Recycled.exe\jswj.exe" file.  
Sign of "Win32:AutoRun-KH" has been found in "F:\WINDOWS.rar\Recycled.exe\winhelps.exe" file.  
Sign of "Win32:AutoRun-KH" has been found in "F:\WINDOWS.rar\Recycled.exe\QQ .EXE\[Embedded#29a88]" file.  
Sign of "Win32:AutoRun-JW" has been found in "F:\WINDOWS.rar\Recycled.exe\QQ .EXE" file.

swans

费尔
E:\download\WINDOWS.rar>>jswj.exe        TrojanPSW.QQPass.anz.fkxf        木马        已删除/隔离
E:\download\WINDOWS.rar>>Recycled.exe>>jswj.exe        TrojanPSW.QQPass.anz.fkxf        木马        已删除/隔离
E:\download\WINDOWS.rar>>Recycled.exe>>QQ .EXE        TrojanPSW.QQPass.cyv.upqt        木马        已删除/隔离
E:\download\WINDOWS.rar>>Recycled.exe>>winhelps.exe        Trojan.VB.ypt.dvno        木马        已删除/隔离