eset smart security报

kp2006

快杀

[ 本帖最后由 kp2006 于 2007-4-8 08:45 编辑 ]

电影结束了

扫描系统区域...
扫描所选择的目录和文件...
对象: bot2[1].exe
        在压缩档案里: F:\桌面.rar
        Status: 已发现病毒
        病毒: Backdoor.Win32.ShBot.c (KAV 引擎), Dropped:Backdoor.Shbot.C (BD 引擎)
对象: bot1[1].exe
        在压缩档案里: F:\桌面.rar
        Status: 已发现病毒
        病毒: Trojan.Win32.Pakes (KAV 引擎), BehavesLike:Trojan.FWDisable (BD 引擎)
对象: [1].exe
        在压缩档案里: F:\桌面.rar
        Status: 已发现病毒
        病毒: Backdoor.Win32.ShBot.c (KAV 引擎), Backdoor.Shbot.C (BD 引擎)
对象: 桌面.rar
        路径: F:
        Status: 已发现病毒
        病毒: Backdoor.Win32.ShBot.c (2x), Trojan.Win32.Pakes (KAV 引擎), Dropped:Backdoor.Shbot.C, BehavesLike:Trojan.FWDisable, Backdoor.Shbot.C (BD 引擎)
对象: down[1].exe
        在压缩档案里: F:\gaibcjfi.rar
        Status: 已发现病毒
        病毒: Trojan-PSW.Win32.Delf.qc (KAV 引擎), Trojan.NSAnti.B (BD 引擎)
对象: gaibcjfi.sys
        在压缩档案里: F:\gaibcjfi.rar
        Status: 已发现病毒
        病毒: Trojan.Agent.AIQ (BD 引擎)
对象: gaibcjfi.rar
        路径: F:
        Status: 已发现病毒
        病毒: Trojan-PSW.Win32.Delf.qc (KAV 引擎), Trojan.NSAnti.B, Trojan.Agent.AIQ (BD 引擎)对象: 50.tmp
在压缩档案里: F:\fs.rar
Status: 已发现病毒
病毒: Backdoor.Win32.ShBot.c (KAV 引擎), Backdoor.Shbot.C (BD 引擎)
对象: fs.rar
路径: F:
Status: 已发现病毒
病毒: Backdoor.Win32.ShBot.c (KAV 引擎), Backdoor.Shbot.C (BD 引擎)


扫描完成: 2007-4-8 8:45
    已检查 2 个文件
    已发现 2 个染毒文件
    发现 0 个可疑文件

风野胤

不杀了
反正安全套装引擎和病毒库都和2.7一样
只是改进界面
加一个防火墙而已
倒是3.0出来了才值得期待呢

The EQs

Scan performed at: 2007-4-8 8:47:05
Scanning Log
NOD32 version 2173 (20070407) NT
Command line: C:\Documents and Settings\EQ2\桌面\fs.rar C:\Documents and Settings\EQ2\桌面\桌面.rar C:\Documents and Settings\EQ2\桌面\gaibcjfi.rar
Operating memory - is OK

Date: 8.4.2007  Time: 08:47:09
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\fs.rar; C:\Documents and Settings\EQ2\桌面\桌面.rar; C:\Documents and Settings\EQ2\桌面\gaibcjfi.rar
C:\Documents and Settings\EQ2\桌面\fs.rar ?RAR ?fs.exe - probably a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\EQ2\桌面\fs.rar ?RAR ?50.tmp - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\桌面.rar ?RAR ?bot2[1].exe - a variant of Win32/TrojanDropper.Small.ZG trojan
C:\Documents and Settings\EQ2\桌面\桌面.rar ?RAR ?bot1[1].exe - a variant of Win32/TrojanDropper.Small.ZG trojan
C:\Documents and Settings\EQ2\桌面\桌面.rar ?RAR ?[1].exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\gaibcjfi.rar ?RAR ?down[1].exe - Win32/PSW.Delf.NGO trojan - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\gaibcjfi.rar ?RAR ?gaibcjfi.sys - Win32/Adware.CDN application - was a part of the deleted object
Number of scanned files: 10
Number of threats found: 7
Number of files cleaned: 3
Time of completion: 08:47:09 Total scanning time: 0 sec (00:00:00)

Notes:
[7] File is probably infected with an unknown virus.

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\gaibcjfi.rar'
C:\Documents and Settings\morgan\My Documents\
  gaibcjfi.rar
    [0] Archive type: RAR
    --> down[1].exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSAnti.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> gaibcjfi.sys
        [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Cdnup.C.1
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\����.rar'
C:\Documents and Settings\morgan\My Documents\
  ����.rar
    [0] Archive type: RAR
    --> bot2[1].exe
        [DETECTION] Contains signature of the worm WORM/Womble.C
        [WARNING]   Infected files in archives cannot be repaired!
    --> bot1[1].exe
        [DETECTION] Contains signature of the worm WORM/Womble.C
        [WARNING]   Infected files in archives cannot be repaired!
    --> [1].exe
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\fs.rar'
C:\Documents and Settings\morgan\My Documents\
  fs.rar
    [0] Archive type: RAR
    --> fs.exe
    --> 50.tmp
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!

Whitlack

后面两个没等nod32报,windows defender直接报了

Nblock

木马名称:Trojan-PSW.Win32.Delf.clk
DOWN[1].EXE


恶意程序名称:AdWare.Win32.WinFixer.g
FS.EXE

solcroft

avast!静态扫描报3个，fs.exe运行时报，bot1[1].exe产生生成物后自行终止，不见恶意行为，剩下3个没动静的僵尸

[ 本帖最后由 solcroft 于 2007-4-8 14:15 编辑 ]

Nblock

原帖由 solcroft 于 2007-4-8 12:42 发表
avast!静态扫描报3个，fs.exe运行时报，bot1[1].exe产生生成物后自行终止，不见恶意行为，剩下两个没动静的僵尸

solcroft

原帖由 Nblock 于 2007-4-8 14:15 发表

http://bbs.kafan.cn/attachments/month_0704/20070408_e5d5b7df3a4dd37340615ArK2CegIEAc.png

产生后自行终止，在我机子上看不出恶意行为