今日的包36个

显示全部楼层 · 发表于 2008-5-27 19:25:08

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar<RAR>:c-setup.exe <- Trojan.Downloader.Delf.Idy : No action
C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar<RAR>:ctfmona.exe <- Trojan.Agent.Qnp : No action
C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar<RAR>:ekel.exe <- Trojan.Vapsup.ffe : No action
C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar<RAR>:mooncodec1345.exe<NSIS>:DcryptDll.dll <- Trojan.Agent.Ki : No action

Scanned objects : 58

Infected objects : 4

显示全部楼层 · 发表于 2008-5-27 19:25:54

[Found security risk] <W32/Swizzor.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part1.rar->virus\9kgen_up.int
[Found security risk] <W32/Swizzor.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part1.rar->virus\9kgen_up1.int
[Found possible virus] <W32/Adware-RegBHO-based.1!Maximus (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar->virus\boqnrwdmtpe.dll
[Found security risk] <W32/Delf.C.gen!Eldorado (damaged, not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar->virus\c-setup.exe->(Aspack)
[Found security risk] <W32/Tibs.M.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part2.rar->virus\MediaTubeCodec_ver1.971.45.exe
[Found security risk] <W32/Zlob.S.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part3.rar->virus\setup.exe
[Found security risk] <W32/Zlob.S.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part3.rar->virus\setup.exe1.exe
[Found security risk] <W32/Zlob.S.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part3.rar->virus\setup2.exe
[Found security risk] <W32/Swizzor.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\virus.part3.rar->virus\sn_pkz.int
[Found possible virus] <W32/Adware-Vapsup!Maximus (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\virus.part4.rar->virus\vltdfabw.dll

---------------------------------------------------------------------
Scan ended: 2008-5-27, 19:25:42
Duration: 0:00:26

Scan result:

Scanned files:    9
Infected objects:    10
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-5-27 19:28:24

rs 6

显示全部楼层 · 发表于 2008-5-27 21:09:48

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.DL.Win32.Zlob.gbo
病毒： Trojan.Win32.Vapsup.elr
病毒： Trojan.Win32.Undef.gub
病毒： Trojan.Win32.Zlob.ajl
病毒： Trojan.Win32.Vapsup.eml

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.46.12

显示全部楼层 · 发表于 2008-5-28 06:29:57

继续更新

Scan performed at: 2008/5/28 6:29:12
Scanning Log
NOD32 version 3136 (20080527) NT
Command line: G:\v\virus
C:\Program Files\Eset\nod32.exe - is OK

Date: 28.5.2008 Time: 06:29:14
Anti-Stealth technology is enabled.
Scanned disks, folders and files: G:\v\virus\
G:\v\virus\9kgen_up.int - is OK
G:\v\virus\9kgen_up1.int - is OK
G:\v\virus\apsagy.dll - Win32/Adware.IeDefender.NEN application
G:\v\virus\atfxqogp.dll - is OK
G:\v\virus\boqnrwdmtpe.dll - is OK
G:\v\virus\c-setup.exe ?ASPack v2.12 - is OK
G:\v\virus\Codec.exe - is OK
G:\v\virus\crack.exe - is OK
G:\v\virus\ctfmona.exe - is OK
G:\v\virus\ekel.exe - is OK
G:\v\virus\file.exe - is OK
G:\v\virus\keygen.exe - is OK
G:\v\virus\khfCrSiG.dll - Win32/Adware.Virtumonde application
G:\v\virus\MediaTubeCodec_ver1.971.45.exe - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?notepad.exe.dat - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?calc.exe.dat - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?linux - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?DcryptDll.dll - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?StartMenu.dll - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?Uninstall.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?Uninstall.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\mooncodec1345.exe ?NSIS ?Uninstall.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?notepad.exe.dat - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?calc.exe.dat - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?linux - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?dcryptdll.dll - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?StartMenu.dll - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?Uninstall.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?Uninstall.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\mooncodec4049.exe ?NSIS ?Uninstall.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?notepad.exe.dat - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?calc.exe.dat - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?linux - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?dcryptdll.dll - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?StartMenu.dll - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?Uninstall.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?Uninstall.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\mooncodec4192.exe ?NSIS ?Uninstall.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\msprint.exe ?PECompact v2.xx - is OK
G:\v\virus\nnnmjgGv.dll - is OK
G:\v\virus\notepad.exe - is OK
G:\v\virus\notepad1.exe - is OK
G:\v\virus\nyps4.exe - is OK
G:\v\virus\qoMcbAQK.dll - is OK
G:\v\virus\setup.exe - is OK
G:\v\virus\setup.exe1.exe - is OK
G:\v\virus\setup2.exe - is OK
G:\v\virus\sn_pkz.int - is OK
G:\v\virus\sn_pkz1.int - is OK
G:\v\virus\Uninstall.exe ?NSIS ?Entries.bin - is OK
G:\v\virus\Uninstall.exe ?NSIS ?Strings.txt - is OK
G:\v\virus\Uninstall.exe ?NSIS ?modern-header.bmp - is OK
G:\v\virus\urqOICvT.dll - is OK
G:\v\virus\urqPgGYR.dll - is OK
G:\v\virus\vltdfabw.dll - is OK
G:\v\virus\vregfwlx.dll - is OK
G:\v\virus\winjrs32.dll - is OK
G:\v\virus\wvUmkiiJ.dll - Win32/Adware.Virtumonde application
G:\v\virus\xmpstean.exe - is OK
Number of scanned files: 68
Number of threats found: 3
Time of completion: 06:29:30 Total scanning time: 16 sec (00:00:16)

显示全部楼层 · 发表于 2008-5-28 11:08:25

已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Peregar.nb 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\apsagy.dll//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Delf.idy 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\c-setup.exe//ASPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.qnp 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\ctfmona.exe
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Virtumonde.tsv 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\file.exe
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Zlob.nxb 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\MediaTubeCodec_ver1.971.45.exe
已刪除: 特洛伊木馬程式 Trojan.Win32.DNSChanger.dlc 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\mooncodec1345.exe//data0001
已刪除: 特洛伊木馬程式 Trojan.Win32.DNSChanger.dja 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\mooncodec4049.exe//data0001
已刪除: 特洛伊木馬程式 Trojan.Win32.DNSChanger.dja 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\mooncodec4192.exe//data0001
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Agent.rzj 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\msprint.exe//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan.Win32.Obfuscated.aul 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\nnnmjgGv.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.Inject.cgy 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\nyps4.exe
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Zlob.nxc 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\setup.exe
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Zlob.nxc 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\setup.exe1.exe
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Zlob.nxc 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\setup2.exe
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Virtumonde.tst 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\urqOICvT.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Virtumonde.tst 檔案: C:\Documents and Settings\kato9096\桌面\virus\virus\urqPgGYR.dll

16,TO KL

显示全部楼层 · 发表于 2008-5-30 20:47:06

Hello.
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.
-----------------
Regards, Namestnikov Yury
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com http://www.viruslist.com

显示全部楼层 · 发表于 2008-5-30 23:31:37

sav 10都能发现14个

[病毒样本] 今日的包36个

ArcaVir2008

F-Prot 4.4.4

41/6