5个NOD32全部过

显示全部楼层 · 发表于 2007-4-8 04:00:44

[:04:]

显示全部楼层 · 发表于 2007-4-8 04:25:09

File:  My_Documents.rar
Status:  INFECTED/MALWARE
MD5  d2e24e8f7fccebccfd43fc6ec829c166
Packers detected:  NSPACK, UPX, DRAGONARMOR

Scanner results
Scan taken on 07 Apr 2007 20:18:51 (GMT)
AntiVir  Found HEUR/Crypted, TR/PSW.Steal.27568.1, TR/Crypt.ULPM.Gen, DR/Delphi.Gen
ArcaVir  Found nothing
Avast  Found Win32:Agent-BCS
AVG Antivirus  Found nothing
BitDefender  Found Generic.Malware.SBVdld.3C43B7C5, Generic.PWStealer.7F3BC13D, Trojan.Agent.BCS
ClamAV  Found Trojan.Spy-3757
Dr.Web  Found Trojan.PWS.Gamania
F-Prot Antivirus  Found nothing
F-Secure Anti-Virus  Found nothing
Fortinet  Found nothing
Kaspersky Anti-Virus  Found Trojan-PSW.Win32.Delf.qc
NOD32  Found nothing
Norman Virus Control  Found nothing
Panda Antivirus  Found nothing
Rising Antivirus  Found nothing
VirusBuster  Found Packed/NSPack, Trojan.PWS.Delf.Gen.2
VBA32  Found Malware.Delf.104, Trojan.PWS.Gamania, Backdoor.Win32.VB.bax (probable variant)

显示全部楼层 · 发表于 2007-4-8 05:14:32

Virus check with AntiVirusKit
Version 16.0.7
Virus signatures of 2007-4-7
Start time: 2007-4-8 5:14
Engine(s): KAV engine (AVK 17.3765), BD-Engine (BD 17.3526)
Heuristic: On
Archives: On
System areas: On

Check system areas...
Check selected directories and files...
Object: 1.exe
In archive: C:\Documents and Settings\Administrator\桌面\My Documents.rar
Status: Virus detected
Virus: Trojan-PSW.Win32.Delf.qc (KAV engine), Generic.PWStealer.7F3BC13D (BD-Engine)
Object: 5.exe
In archive: C:\Documents and Settings\Administrator\桌面\My Documents.rar
Status: Virus detected
Virus: Generic.Malware.SBVdld.3C43B7C5 (BD-Engine)
Object: 2.exe
In archive: C:\Documents and Settings\Administrator\桌面\My Documents.rar
Status: Virus detected
Virus: Trojan.Agent.BCS (BD-Engine)
Object: 3.exe
In archive: C:\Documents and Settings\Administrator\桌面\My Documents.rar
Status: Virus detected
Virus: Generic.Malware.SBVdld.3C43B7C5 (BD-Engine)
Object: 4.exe
In archive: C:\Documents and Settings\Administrator\桌面\My Documents.rar
Status: Virus detected
Virus: Trojan.Agent.BCS (BD-Engine)
Object: My Documents.rar
Path: C:\Documents and Settings\Administrator\桌面
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.Delf.qc (KAV engine), Generic.Malware.SBVdld.3C43B7C5 (2x), Generic.PWStealer.7F3BC13D, Trojan.Agent.BCS (2x) (BD-Engine)
Analysis complete: 2007-4-8 5:14
1 files checked
1 infected files detected
0 suspected files detected

显示全部楼层 · 发表于 2007-4-8 07:19:16

红伞全毙了

Starting the file scan:

Begin scan in 'C:\Documents and Settings\FEAR\My Documents\My Documents.rar'
C:\Documents and Settings\FEAR\My Documents\My Documents.rar
  [0] Archive type: RAR
  --> 5.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/PSW.Steal.27568.1
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> 3.exe
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was moved to '4638275e.qua'!

显示全部楼层 · 发表于 2007-4-8 07:50:40

LS三个报壳。。。。

显示全部楼层 · 发表于 2007-4-8 07:52:14

风暴胜者V2 测试版本(http://www.v0day.com)
_________您的安全是我们的责任_______________
载入病毒库…进行整理…分配内存…可以使用

===============================================
___________病毒查杀结果__________________

===============================================

2007年4月8日7时52分开始查杀C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\5.exe 发现未知可疑文件:Win32.NkHack.BDX.A 操作:阻止运行
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\1.exe 为可疑文件
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\2.exe 为可疑文件
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\3.exe 发现未知可疑文件:Win32.NkHack.Preloc.A 操作:阻止运行
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\4.exe 发现未知可疑文件:Win32.NkHack.Preloc.A 操作:阻止运行
=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。

C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\5.exe 带壳文件:UPX加壳
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\3.exe 带壳文件:UPX加壳
C:\Documents and Settings\Administrator\桌面\新建文件夹\My Documents\4.exe 带壳文件:UPX加壳
-----------------------------------------

2007年4月8日7时52分2秒收起线程…100% 查杀完毕！
扫描文件：5查杀病毒：4

显示全部楼层 · 发表于 2007-4-8 10:22:13

原帖由 EQ2 于 2007-4-8 09:20 发表
LS三个报壳。。。。

很奇怪，怎么你也不顺便补充一下报编辑语言呢？

NOD32也真牛，把病毒全吓走了，不战而胜，果然是不同档次的

显示全部楼层 · 发表于 2007-4-8 12:19:48

avast!扫到3个

显示全部楼层 · 发表于 2007-4-8 12:25:40

卡巴报了3个

显示全部楼层 · 发表于 2007-4-8 12:40:20

周X是否做过免杀？

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:40:09 2007-4-8

+ Scan result:

E:\My Documents.rar/2.exe -> Backdoor.VB.bax : Cleaned with backup (quarantined).
E:\My Documents.rar/4.exe -> Logger.Agent.ct : Cleaned with backup (quarantined).
E:\My Documents.rar/1.exe -> Trojan.Delf.qc : Cleaned with backup (quarantined).

::Report end

5个NOD32全部过

本帖子中包含更多资源

本帖子中包含更多资源