搜索
查看: 1230|回复: 8
收起左侧

[病毒样本] 四样本~~

[复制链接]
tonger2003
发表于 2007-3-27 23:53:44 | 显示全部楼层 |阅读模式
.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
The EQs
发表于 2007-3-27 23:55:40 | 显示全部楼层
Scan performed at: 2007-3-27 23:55:56
Scanning Log
NOD32 version 2148 (20070327) NT
Command line: C:\Documents and Settings\EQ2\桌面\downloader.rar C:\Documents and Settings\EQ2\桌面\tru14.rar C:\Documents and Settings\EQ2\桌面\0.rar C:\Documents and Settings\EQ2\桌面\16.rar
Operating memory - is OK

Date: 27.3.2007  Time: 23:56:02
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\downloader.rar; C:\Documents and Settings\EQ2\桌面\tru14.rar; C:\Documents and Settings\EQ2\桌面\0.rar; C:\Documents and Settings\EQ2\桌面\16.rar
C:\Documents and Settings\EQ2\桌面\downloader.rar ?RAR ?downloader.exe - Win32/TrojanDownloader.VB.APY trojan - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\0.rar ?RAR ?0.exe - Win32/Pacex.Gen virus
C:\Documents and Settings\EQ2\桌面\16.rar ?RAR ?16.exe - probably a variant of Win32/Spy.Delf.PG trojan
Number of scanned files: 8
Number of threats found: 3
Number of files cleaned: 3
Time of completion: 23:56:03 Total scanning time: 1 sec (00:00:01)
kp2006
头像被屏蔽
发表于 2007-3-28 00:24:48 | 显示全部楼层
金山报3 kv报3
mofunzone
发表于 2007-3-28 03:02:45 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\tru14.rar'
C:\Documents and Settings\morgan\My Documents\
  tru14.rar
    [0] Archive type: RAR
    --> tru14.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\0.rar'
C:\Documents and Settings\morgan\My Documents\
  0.rar
    [0] Archive type: RAR
    --> 0.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\16.rar'
C:\Documents and Settings\morgan\My Documents\
  16.rar
    [0] Archive type: RAR
    --> 16.exe
        [DETECTION] Is the Trojan horse TR/Spy.Delf.UO
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\downloader.rar'
C:\Documents and Settings\morgan\My Documents\
  downloader.rar
    [0] Archive type: RAR
    --> downloader.exe
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
jlennon
头像被屏蔽
发表于 2007-3-28 06:27:52 | 显示全部楼层

Scanning Report28 March 2007 06:27:18 - 06:27:19Computer name: 0553A719C5644CE
Scanning type: Scan target
Target: C:\Documents and Settings\Administrator\桌面\16.rar C:\Documents and Settings\Administrator\桌面\downloader.rar C:\Documents and Settings\Administrator\桌面\tru14.rar C:\Documents and Settings\Administrator\桌面\0.rar Result: 3 malware foundTrojan-PSW.Win32.QQPass.je (virus)
  • C:\Documents and Settings\Administrator\桌面\16.rar\16.exe
Trojan-Downloader.Win32.Cryptic.gen (virus)
  • C:\Documents and Settings\Administrator\桌面\downloader.rar\downloader.exe
Worm.Win32.Viking.jr (virus)
  • C:\Documents and Settings\Administrator\桌面\0.rar\0.exe
StatisticsScanned:
  • Files: 8
  • Not scanned: 0
Result:
  • Viruses: 3
  • Spyware: 0
  • Suspicious items: 0
  • Riskware: 0
Actions:
  • Disinfected: 0
  • Renamed: 0
  • Deleted: 0
  • Quarantined: 0
  • Failed: 0
Boot Sectors:
  • Scanned: 0
  • Infected: 0
  • Suspicious items: 0
  • Disinfected: 0
OptionsDefinitions version:
  • Viruses: 2007-03-28_01
  • Spyware: 2007-03-28_01
Scanning Engines:
  • F-Secure AVP: 7.00.171, 2007-03-27
  • F-Secure Libra: 2.04.01, 2007-03-24
  • F-Secure Orion: 1.02.37, 2007-03-27
  • F-Secure Draco: 1.00.35, 2007-03-26
Scanning options:
  • Scan all files
  • Scan inside archives
Actions:
  • Viruses: Ask after scan
  • Spyware: Ask after scan


[ 本帖最后由 jlennon 于 2007-3-28 06:29 编辑 ]
jlennon
头像被屏蔽
发表于 2007-3-28 07:18:09 | 显示全部楼层
-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.3.1
Virus signature file from: 2007-3-28, 3:01

Scan name: [Custom Scan]
Path to scan: C:\Documents and Settings\Administrator\桌面\tru14.rar|C:\Documents and Settings\Administrator\桌面\0.rar|C:\Documents and Settings\Administrator\桌面\16.rar|C:\Documents and Settings\Administrator\桌面\downloader.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-3-28, 7:13:38
---------------------------------------------------------------------

[Found possible virus]         <W32/PWStealer.gen1 (not disinfectable)>        C:\Documents and Settings\Administrator\桌面\tru14.rar->tru14.exe
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\tru14.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\tru14.rar->tru14.exe
[Found possible virus]         <W32/PWStealer.gen1 (not disinfectable)>        C:\Documents and Settings\Administrator\桌面\0.rar->0.exe
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\0.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\0.rar->0.exe
[Found backdoor]         <W32/Backdoor.ABBH (exact, not disinfectable)>        C:\Documents and Settings\Administrator\桌面\downloader.rar->downloader.exe->(UPX)
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\downloader.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\downloader.rar->downloader.exe->(UPX)

---------------------------------------------------------------------
Scan ended:        2007-3-28, 7:13:40
Duration:        0:00:02

Scan result:

Scanned files:                 4
Infected objects:         3
Disinfected objects:         0
Quarantined files:         3
---------------------------------------------------------------------
鼻耳盖子
发表于 2007-3-28 11:36:09 | 显示全部楼层

微点2个报已知,剩下2个通过行为杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
小邪邪
发表于 2007-3-28 12:32:58 | 显示全部楼层
看着眼熟,会不会是发过的?
gggh
发表于 2007-3-28 22:05:13 | 显示全部楼层
卡巴不报警...1
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|卡饭乐购| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2019-10-19 10:25 , Processed in 0.090467 second(s), 19 queries .

快速回复 返回顶部 返回列表