[病毒样本] 6X

显示全部楼层 · 发表于 2008-7-2 11:12:00

放在那里MS有5天了....

显示全部楼层 · 发表于 2008-7-2 11:15:47

用G DATA AntiVirus检测病毒
版本 18.5.8071.731
病毒特征库日期 2008/7/2
开始时间： 2008/7/2 11:15
引擎：引擎A (AVK 18.4348), 引擎B (AVKB 18.331)
启发式：开启
档案文件：开启
系统区域：开启

检测系统区域...
检测以下目录和文件：
C:\Documents and Settings\祝俊杰\桌面\新建文件夹\

对象： beep.sys
路径: C:\Documents and Settings\祝俊杰\桌面\新建文件夹
状态：移动文件到隔离区
病毒： Rootkit.Win32.Clbd.cx (引擎A)
对象： clb3E8.tmp
路径: C:\Documents and Settings\祝俊杰\桌面\新建文件夹
状态：移动文件到隔离区
病毒： Rootkit.Win32.Clbd.cv (引擎A)
对象： clbdll.dll
路径: C:\Documents and Settings\祝俊杰\桌面\新建文件夹
状态：移动文件到隔离区
病毒： Rootkit.Win32.Clbd.cu (引擎A)
对象： clbdriver.sys
路径: C:\Documents and Settings\祝俊杰\桌面\新建文件夹
状态：移动文件到隔离区
病毒： Rootkit.Win32.Clbd.cx (引擎A)
对象： xmlsys.dll
路径: C:\Documents and Settings\祝俊杰\桌面\新建文件夹
状态：移动文件到隔离区
病毒： Trojan.Win32.BHO.eks (引擎A)

检测执行时间： 2008/7/2 11:15
6个文件已检测
5个受感染文件
0个可疑文件被发现

显示全部楼层 · 发表于 2008-7-2 11:16:17

NOD

D:\VIRUS\virus.zip » ZIP » beep.sys - Win32/Agent.NXH trojan
D:\VIRUS\virus.zip » ZIP » clb3E8.tmp - Win32/Agent.NXH trojan
D:\VIRUS\virus.zip » ZIP » clbdll.dll - Win32/Agent.NXH trojan
D:\VIRUS\virus.zip » ZIP » clbdriver.sys - Win32/Agent.NXH trojan
D:\VIRUS\virus.zip » ZIP » xmlsys.dll - Win32/Adware.IeDefender.NFX application

显示全部楼层 · 发表于 2008-7-2 11:30:17

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\virus.zip'
C:\Documents and Settings\morgan\My Documents\
  virus.zip
[0] Archive type: ZIP
--> beep.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> clb3E8.tmp
      [DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.CV
--> clbdll.dll
      [DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.CU
--> clbdriver.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> ie9FF8.tmp
--> xmlsys.dll
      [DETECTION] Is the Trojan horse TR/BHO.Fake.26624.A
   [WARNING] The file was ignored!
  virus.zip:Zone.Identifier

End of the scan: 2008年7月1日  20:30
Used time: 00:04 min

The scan has been done completely.

   0 Scanning directories
   8 Files were scanned
   5 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-7-2 11:33:44

nod32 2.7 剩下ie9FF8.tmp

显示全部楼层 · 发表于 2008-7-2 11:40:30

...left 1

显示全部楼层 · 发表于 2008-7-2 11:40:52

Scan Log
Version of virus signature database: 3233 (20080701)
Date: 2008-7-2 Time: 11:40:40
Scanned disks, folders and files: G:\v\virus.zip
G:\v\virus.zip » ZIP » beep.sys - Win32/Agent.NXH trojan - was a part of the deleted object
G:\v\virus.zip » ZIP » clb3E8.tmp - Win32/Agent.NXH trojan - was a part of the deleted object
G:\v\virus.zip » ZIP » clbdll.dll - Win32/Agent.NXH trojan - was a part of the deleted object
G:\v\virus.zip » ZIP » clbdriver.sys - Win32/Agent.NXH trojan - was a part of the deleted object
G:\v\virus.zip » ZIP » ie9FF8.tmp - is OK
G:\v\virus.zip » ZIP » xmlsys.dll - Win32/Adware.IeDefender.NFX application - was a part of the deleted object
Number of scanned objects: 6
Number of threats found: 5
Number of cleaned objects: 5
Time of completion: 11:40:40 Total scanning time: 0 sec (00:00:00)

显示全部楼层 · 发表于 2008-7-2 12:06:24

病毒 2008-07-02  12:06:00 C:\Documents and Settings\Administrator\桌面\virus.zip\clbdriver.sys Win32.Hack.Rootkit.cx.10240 清除成功
病毒 2008-07-02  12:06:00 C:\Documents and Settings\Administrator\桌面\virus.zip\clbdll.dll Win32.Hack.Rootkit.cu.43008 清除成功
病毒 2008-07-02  12:06:00 C:\Documents and Settings\Administrator\桌面\virus.zip\clb3E8.tmp Win32.Hack.Rootkit.cv.76288 清除成功
病毒 2008-07-02  12:05:59 C:\Documents and Settings\Administrator\桌面\virus.zip\beep.sys Win32.Hack.Rootkit.cx.10240 清除成功

显示全部楼层 · 发表于 2008-7-2 12:11:06

5个

显示全部楼层 · 发表于 2008-7-3 00:23:43

RS20.51.22未杀！

[病毒样本] 6X

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

8/0