四样本~~

tonger2003

.

The EQs

Scan performed at: 2007-3-27 23:55:56
Scanning Log
NOD32 version 2148 (20070327) NT
Command line: C:\Documents and Settings\EQ2\桌面\downloader.rar C:\Documents and Settings\EQ2\桌面\tru14.rar C:\Documents and Settings\EQ2\桌面\0.rar C:\Documents and Settings\EQ2\桌面\16.rar
Operating memory - is OK

Date: 27.3.2007  Time: 23:56:02
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\downloader.rar; C:\Documents and Settings\EQ2\桌面\tru14.rar; C:\Documents and Settings\EQ2\桌面\0.rar; C:\Documents and Settings\EQ2\桌面\16.rar
C:\Documents and Settings\EQ2\桌面\downloader.rar ?RAR ?downloader.exe - Win32/TrojanDownloader.VB.APY trojan - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\0.rar ?RAR ?0.exe - Win32/Pacex.Gen virus
C:\Documents and Settings\EQ2\桌面\16.rar ?RAR ?16.exe - probably a variant of Win32/Spy.Delf.PG trojan
Number of scanned files: 8
Number of threats found: 3
Number of files cleaned: 3
Time of completion: 23:56:03 Total scanning time: 1 sec (00:00:01)

kp2006

金山报3 kv报3

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\tru14.rar'
C:\Documents and Settings\morgan\My Documents\
  tru14.rar
    [0] Archive type: RAR
    --> tru14.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\0.rar'
C:\Documents and Settings\morgan\My Documents\
  0.rar
    [0] Archive type: RAR
    --> 0.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\16.rar'
C:\Documents and Settings\morgan\My Documents\
  16.rar
    [0] Archive type: RAR
    --> 16.exe
        [DETECTION] Is the Trojan horse TR/Spy.Delf.UO
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\downloader.rar'
C:\Documents and Settings\morgan\My Documents\
  downloader.rar
    [0] Archive type: RAR
    --> downloader.exe
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!

jlennon

Scanning Report28 March 2007 06:27:18 - 06:27:19Computer name: 0553A719C5644CE
Scanning type: Scan target
Target: C:\Documents and Settings\Administrator\桌面\16.rar C:\Documents and Settings\Administrator\桌面\downloader.rar C:\Documents and Settings\Administrator\桌面\tru14.rar C:\Documents and Settings\Administrator\桌面\0.rar Result: 3 malware foundTrojan-PSW.Win32.QQPass.je (virus)

• C:\Documents and Settings\Administrator\桌面\16.rar\16.exe

Trojan-Downloader.Win32.Cryptic.gen (virus)

• C:\Documents and Settings\Administrator\桌面\downloader.rar\downloader.exe

Worm.Win32.Viking.jr (virus)

• C:\Documents and Settings\Administrator\桌面\0.rar\0.exe

StatisticsScanned:

• Files: 8
• Not scanned: 0

Result:

• Viruses: 3
• Spyware: 0
• Suspicious items: 0
• Riskware: 0

Actions:

• Disinfected: 0
• Renamed: 0
• Deleted: 0
• Quarantined: 0
• Failed: 0

Boot Sectors:

• Scanned: 0
• Infected: 0
• Suspicious items: 0
• Disinfected: 0

OptionsDefinitions version:

• Viruses: 2007-03-28_01
• Spyware: 2007-03-28_01

Scanning Engines:

• F-Secure AVP: 7.00.171, 2007-03-27
• F-Secure Libra: 2.04.01, 2007-03-24
• F-Secure Orion: 1.02.37, 2007-03-27
• F-Secure Draco: 1.00.35, 2007-03-26

Scanning options:

• Scan all files
• Scan inside archives

Actions:

• Viruses: Ask after scan
• Spyware: Ask after scan

Copyright © 1998-2007 Product support | Send virus sample to F-Secure

[ 本帖最后由 jlennon 于 2007-3-28 06:29 编辑 ]

jlennon

-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.3.1
Virus signature file from: 2007-3-28, 3:01

Scan name: [Custom Scan]
Path to scan: C:\Documents and Settings\Administrator\桌面\tru14.rar|C:\Documents and Settings\Administrator\桌面\0.rar|C:\Documents and Settings\Administrator\桌面\16.rar|C:\Documents and Settings\Administrator\桌面\downloader.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-3-28, 7:13:38
---------------------------------------------------------------------

[Found possible virus]         <W32/PWStealer.gen1 (not disinfectable)>        C:\Documents and Settings\Administrator\桌面\tru14.rar->tru14.exe
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\tru14.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\tru14.rar->tru14.exe
[Found possible virus]         <W32/PWStealer.gen1 (not disinfectable)>        C:\Documents and Settings\Administrator\桌面\0.rar->0.exe
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\0.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\0.rar->0.exe
[Found backdoor]         <W32/Backdoor.ABBH (exact, not disinfectable)>        C:\Documents and Settings\Administrator\桌面\downloader.rar->downloader.exe->(UPX)
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\downloader.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\downloader.rar->downloader.exe->(UPX)

---------------------------------------------------------------------
Scan ended:        2007-3-28, 7:13:40
Duration:        0:00:02

Scan result:

Scanned files:                 4
Infected objects:         3
Disinfected objects:         0
Quarantined files:         3
---------------------------------------------------------------------

鼻耳盖子

小邪邪

看着眼熟，会不会是发过的？

gggh

卡巴不报警...1