假TXT

显示全部楼层 · 发表于 2008-5-15 13:06:40

已上报卡巴

反病毒引擎版本最後更新掃瞄結果
AhnLab-V3 2008.5.14.1 2008.05.14 -
AntiVir 7.8.0.17 2008.05.14 HEUR/Crypted
Authentium 5.1.0.4 2008.05.14 W32/Threat-SysVenFakP-based!Maximus
Avast 4.8.1195.0 2008.05.14 Win32:Qhost-AYU
AVG 7.5.0.516 2008.05.14 BHO.DYZ
BitDefender 7.2 2008.05.08 -
CAT-QuickHeal 9.50 2008.05.13 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.05.13 -
DrWeb 4.44.0.09170 2008.05.14 -
eSafe 7.0.15.0 2008.05.13 Suspicious File
eTrust-Vet 31.4.5788 2008.05.14 -
Ewido 4.0 2008.05.13 -
F-Prot 4.4.2.54 2008.05.14 W32/Threat-SysVenFakP-based!Maximus
F-Secure 6.70.13260.0 2008.05.14 -
Fortinet 3.14.0.0 2008.05.14 -
GData 2.0.7306.1023 2008.05.14 Win32:Qhost-AYU
Ikarus T3.1.1.26.0 2008.05.14 Virus.Win32.Qhost.AYU
Kaspersky 7.0.0.125 2008.05.14 -
McAfee 5294 2008.05.13 -
Microsoft 1.3408 2008.05.13 Trojan:Win32/Jhee.V
NOD32v2 3098 2008.05.14 a variant of Win32/BHO.NCY
Norman 5.80.02 2008.05.13 -
Panda 9.0.0.4 2008.05.14 -
Prevx1 V2 2008.05.14 Malicious Software
Rising 20.44.22.00 2008.05.14 -
Sophos 4.29.0 2008.05.14 Mal/Behav-160
Sunbelt 3.0.1114.0 2008.05.12 -
Symantec 10 2008.05.14 -
TheHacker 6.2.92.309 2008.05.13 -
VirusBuster 4.3.26:9 2008.05.13 -
Webwasher-Gateway 6.6.2 2008.05.14 Heuristic.Crypted

Hello,

4ace1.txt2 - Trojan-Downloader.Win32.Agent.par

This file is already detected. Please update your antivirus bases.

Please quote all when answering.

--
Best regards, Goncharov Ilya
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-5-15 19:17 编辑 ]

显示全部楼层 · 发表于 2008-5-15 13:08:00

Starting the file scan:

Begin scan in 'E:\AV\4ace1.zip'
E:\AV\4ace1.zip
  [0] Archive type: ZIP
--> 4ace1.txt2
      [DETECTION] Contains suspicious code HEUR/Crypted
   [NOTE]    The file was deleted!

End of the scan: 2008年5月15日  13:10
Used time: 00:20 min

The scan has been done completely.

   0 Scanning directories
   2 Files were scanned
   0 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

显示全部楼层 · 发表于 2008-5-15 13:24:20

我的红伞没报啊。

显示全部楼层 · 发表于 2008-5-15 13:24:28

Date,Virus Name,Virus Type,User,Filename,Scan Type
2008-5-15 13:24:08,TrojanDownloader.Agent.par.bllu,木马,Administrator,C:\Documents and Settings\Administrator\桌面\4ace1.zip>>4ace1.txt2,Manual scan

显示全部楼层 · 发表于 2008-5-15 13:35:06

C:\Documents and Settings\Administrator\桌面\4ace1.zip>>4ace1.txt2 TrojanDownloader.Agent.par.bllu 木马还未处理

显示全部楼层 · 发表于 2008-5-15 13:36:43

扫描系统区域...
扫描所选择的目录和文件...
对象: 4ace1.txt2
  在压缩档案里: F:\Virus\4ace1.zip
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Agent.par (AVP引擎)
对象: 4ace1.zip
路径: F:\Virus
状态: 已发现病毒
  病毒: Trojan-Downloader.Win32.Agent.par (AVP引擎)
分析完成: 2008-5-15 13:38
已扫描 1 个文件
已发现 1 个感染文件
发现 0 个可疑文件

显示全部楼层 · 发表于 2008-5-15 14:56:21

信息 2008-05-15  14:56:07 您此次查毒隔离了1个文件
信息 2008-05-15  14:56:07 您此次查毒共查出1个病毒以及危险代码
信息 2008-05-15  14:56:07 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件3个
信息 2008-05-15  14:56:07 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-05-15  14:56:07 D:\Desktop\4ace1.zip\4ace1.txt2 Win32.Troj.BHO.131072 隔离成功

显示全部楼层 · 发表于 2008-5-15 16:13:32

红伞处理了。
tr/dldr.agent.par

显示全部楼层 · 发表于 2008-5-15 16:20:58

The file '4ace1.txt2' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Agent.par. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Crypted.

显示全部楼层 · 发表于 2008-5-15 16:35:22

红伞真棒

[病毒样本] 假TXT

本帖子中包含更多资源

浏览过的版块