继续发

显示全部楼层 · 发表于 2008-6-4 20:06:26

4个

显示全部楼层 · 发表于 2008-6-4 20:11:12

显示全部楼层 · 发表于 2008-6-4 20:11:49

RS20.47.22未杀！

显示全部楼层 · 发表于 2008-6-4 20:14:59

McAfee报了

显示全部楼层 · 发表于 2008-6-4 20:22:26

D:\firefox download\桌面.rar > RAR > A17-tmpaASI.exe - Win32/Adware.IeDefender.NDH 应用程序
D:\firefox download\桌面.rar > RAR > jkill.exe - Win32/ProcKill 应用程序
D:\firefox download\桌面.rar > RAR > djtopr1150.exe - Win32/Adware.TopRebates.A 应用程序
D:\firefox download\桌面.rar > RAR > A13-tmp - 正常
D:\firefox download\桌面.rar:Zone.Identifier - 正常

显示全部楼层 · 发表于 2008-6-4 20:46:55

3缺一？

Begin scan in 'C:\Documents and Settings\haha\桌面\桌面.rar'
C:\Documents and Settings\haha\桌面\桌面.rar
  [0] Archive type: RAR
  --> A17-tmpaASI.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Peregar.CG
  --> jkill.exe
   [DETECTION] Contains detection pattern of the SPR/JKill.A program
  --> djtopr1150.exe
   [DETECTION] Contains detection pattern of the dropper DR/WebRebates.G.6
   [NOTE]    A backup was created as '487525fe.qua'  ( QUARANTINE )
   [NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-6-4 20:50:22

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:A17-tmpaASI.exe <- Trojan.Agent.Ai : No action
C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:A17-tmpaASI.exe<DLLRES>:file0.exe <- Trojan.Agent.Ai : No action
C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:A17-tmpaASI.exe<DLLRES>:file0.exe<UPX>:file0.exe <- Downloader.Peregar.cg : No action
C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:A17-tmpaASI.exe<UPX>:A17-tmpaASI.exe <- Downloader.Peregar.cg : No action
C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:A17-tmpaASI.exe<UPX>:A17-tmpaASI.exe<DLLRES>:file0.exe <- Trojan.Agent.Ai : No action
C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:A17-tmpaASI.exe<UPX>:A17-tmpaASI.exe<DLLRES>:file0.exe<UPX>:file0.exe <- Downloader.Peregar.cg : No action
C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar<RAR>:jkill.exe <- Adware.Ia : No action

Scanned objects : 11

Infected objects : 7

显示全部楼层 · 发表于 2008-6-4 20:51:24

[Found downloader] <W32/Downldr2.BXCO (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\桌面(2).rar->A17-tmpaASI.exe->exefile

---------------------------------------------------------------------
Scan ended: 2008-6-4, 20:51:07
Duration: 0:00:00

Scan result:

Scanned files:    6
Infected objects:    1
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-6-5 00:48:39

Drweb 3/4

TIS2008 3/4

显示全部楼层 · 发表于 2008-6-5 00:50:17

原帖由 hahacomcn 于 2008-6-4 20:46 发表
3缺一？

Begin scan in 'C:\Documents and Settings\haha\桌面\桌面.rar'
C:\Documents and Settings\haha\桌面\桌面.rar
  [0] Archive type: RAR
  --> A17-tmpaASI.exe
   [DETECTION] Is the T ...

已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Peregar.cg 檔案: C:\Documents and Settings\kato9096\桌面\桌面.rar/A17-tmpaASI.exe//PE_Patch.UPX//UPX
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.WebRebates.g 檔案: C:\Documents and Settings\kato9096\桌面\桌面.rar/djtopr1150.exe//data0001
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Delf.ily 檔案: C:\Documents and Settings\kato9096\桌面\桌面.rar/A13-tmp

卡巴都是三缺一

已上报到卡巴

你的紅傘是不是免費版?

我的卡巴和你的紅傘不是缺同一个

[ 本帖最后由 kato9096 于 2008-6-5 00:52 编辑 ]

[病毒样本] 继续发

本帖子中包含更多资源

本帖子中包含更多资源

7/0

本帖子中包含更多资源

ArcaVir2008

F-Prot 4.4.4