处理垃圾的时候跳出来的

mofunzone

9个，keygen出来的，现在的人的压缩技术越来越牛了
不过还是被我脱光了打屁屁

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\My Documents.rar'
C:\Documents and Settings\morgan\My Documents\
  My Documents.rar
    [0] Archive type: RAR
    --> wr-1-2000212.exe
        [DETECTION] Is the Trojan horse TR/Dldr.Agent.bls.4
        [WARNING]   Infected files in archives cannot be repaired!
    --> f1.exe
        [DETECTION] Contains signature of the Ad- or Spyware ADSPY/NewDotNet.L
        [WARNING]   Infected files in archives cannot be repaired!
    --> f33.exe
        [DETECTION] Is the Trojan horse TR/BHO.AB.4
        [WARNING]   Infected files in archives cannot be repaired!
    --> f4.exe
        [DETECTION] Is the Trojan horse TR/Dldr.DollarRev.F
        [WARNING]   Infected files in archives cannot be repaired!
    --> feb2.exe
        [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Agent.CO
        [WARNING]   Infected files in archives cannot be repaired!
    --> fin5.exe
        [DETECTION] Is the Trojan horse TR/Drop.Agent.85960
        [WARNING]   Infected files in archives cannot be repaired!
    --> ClientBundle1.exe
        [DETECTION] Contains signature of the dropper DR/NewDotNet.A.1125
        [WARNING]   Infected files in archives cannot be repaired!
    --> ClientApp1064.exe
        [DETECTION] Contains signature of the dropper DR/Dldr.NSIS.Agent.AC
        [WARNING]   Infected files in archives cannot be repaired!
    --> is67377.exe
        [DETECTION] Is the Trojan horse TR/Vundo.AJ.52
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!


End of the scan: 2007年4月25日  23:17
Used time: 00:09 min

The scan has been done completely.

      0 Scanning directories
     10 Files were scanned
      9 viruses and/or unwanted programs were found
      0 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
     10 Warnings
      0 Notes
      0 Hidden objects were found

mofunzone

File:         My_Documents.rar
Status:         INFECTED/MALWARE
MD5         318d9c97e09de2dfdf75d22b95c21c21
Packers detected:         PE_PATCH.UPOLYX, PE_PATCH.UPX, UPX, VIRTUMONDE

Scanner results
Scan taken on 26 Apr 2007 06:17:14 (GMT)
A-Squared         Found Adware.Win32.NewDotNet
AntiVir         Found TR/Dldr.Agent.bls.4, ADSPY/NewDotNet.L, TR/BHO.AB.4, TR/Dldr.DollarRev.F, ADSPY/Agent.CO, TR/Drop.Agent.85960, DR/NewDotNet.A.1125, DR/Dldr.NSIS.Agent.AC, TR/Vundo.AJ.52
ArcaVir         Found Adware.Virtumonde.If
Avast         Found Win32:Adware-gen.
AVG Antivirus         Found Downloader.Agent.KHO, Generic.GIW, Generic3.UNS, Generic.RAM, Dropper.Agent.DJX
BitDefender         Found Dropped:Application.Adware.NewDotNet.B, Adware.SurfSide.AX, MemScan:Trojan.Spy.WebBuy.A, Rootkit.Agent.CL, Trojan.Downloader.Nsis.Agent.AC, MemScan:Trojan.Vundo.AJ
ClamAV         Found Trojan.Packed-27
Dr.Web         Found Trojan.DownLoader.21526, Adware.NewDotNet, Trojan.StartPage.19993, Adware.Surfside, Adware.WebBuying, Trojan.MulDrop.6135, Trojan.Virtumod
F-Prot Antivirus         Found W32/Trojan.ADXF
F-Secure Anti-Virus         Found nothing
Fortinet         Found W32/Agent.BLS!tr.dldr
Kaspersky Anti-Virus         Found Trojan-Downloader.Win32.Agent.bls, not-a-virus:AdWare.Win32.NewDotNet, Trojan.Win32.BHO.ab, not-a-virus:AdWare.Win32.SurfSide.ax, not-a-virus:AdWare.Win32.Agent.co, Trojan-Dropper.Win32.Agent.bfr, Trojan-Downloader.NSIS.Agent.ac, not-a-virus:AdWare.Win32.Virtumonde.if
NOD32         Found Win32/TrojanDownloader.Agent.NKP, Win32/Adware.NdotNet application, Win32/Adware.ZQuest application, Win32/Adware.SurfSideKick application, Win32/Rootkit.Agent.NBF
Norman Virus Control         Found nothing
Panda Antivirus         Found Trj/Downloader.NYN
Rising Antivirus         Found Backdoor.SaveNow.a
VirusBuster         Found Adware.DR.NewDotNet.U, Adware.Surfside.AN, Trojan.DR.HideFile.A, Trojan.DL.Vundo.Gen!Pac4
VBA32         Found Downloader.Small.101 (paranoid heuristics), AdWare.Win32.NewDotNet, Application.Win32.Adware.ZQuest, AdWare.Win32.SurfSide.ax, AdvWare.Win32.Agent.co, Trojan-Dropper.Win32.Agent.bfr, Trojan-Downloader.NSIS.Agent.ac (probable variant)

lanvin

clamwin5个


Scan Started Thu Apr 26 14:26:38 2007
-------------------------------------------------------------------------------


C:\Documents and Settings\Administrator\桌面\My Documents\ClientApp1064.exe: Trojan.Downloader-3651 FOUND
C:\Documents and Settings\Administrator\桌面\My Documents\f1.exe: Adware.NewDotNet.B FOUND
C:\Documents and Settings\Administrator\桌面\My Documents\f33.exe: Trojan.Clicker-79 FOUND
C:\Documents and Settings\Administrator\桌面\My Documents\f4.exe: Adware.Surfside FOUND
C:\Documents and Settings\Administrator\桌面\My Documents\wr-1-2000212.exe: Trojan.Packed-27 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 112475
Engine version: 0.90.1
Scanned directories: 1
Scanned files: 9
Skipped non-executable files: 0
Infected files: 5

Data scanned: 1.20 MB
Time: 30.293 sec (0 m 30 s)
--------------------------------------
Completed
--------------------------------------

红心王子

KIS拦截：

soul20010

My_Documents.rar
  [0] Archive type: RAR
  --> wr-1-2000212.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.bls.4
  --> f33.exe
      [DETECTION] Is the Trojan horse TR/BHO.AB.4
  --> f4.exe
      [DETECTION] Is the Trojan horse TR/Dldr.DollarRev.F
  --> fin5.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.85960
  --> ClientBundle1.exe
      [DETECTION] Contains signature of the dropper DR/NewDotNet.A.1125
  --> ClientApp1064.exe
      [DETECTION] Contains signature of the dropper DR/Dldr.NSIS.Agent.AC
  --> is67377.exe
      [DETECTION] Is the Trojan horse TR/Vundo.AJ.52
      [INFO]      The file was moved to '468f4800.qua'!


End of the scan: 2007年4月26日  14:32
Used time: 00:07 min

The scan has been done completely.

      0 Scanning directories
     10 Files were scanned
      7 viruses and/or unwanted programs were found
      0 classified as suspicious:
      0 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      3 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found
怎么和LZ的结果不一样呢？那两个去哪里了？

曲中求

NOD 32：

Scan performed at: 2007-4-26 15:00:15
Scanning Log
NOD32 version 2219 (20070425) NT
Command line: C:\Documents and Settings\Administrator\桌面\My Documents.rar

Date: 26.4.2007  Time: 15:00:18
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Administrator\桌面\My Documents.rar
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?wr-1-2000212.exe - Win32/TrojanDownloader.Agent.NKP trojan
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?f1.exe - Win32/Adware.NdotNet application
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?f33.exe - Win32/Adware.ZQuest application
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?f4.exe - Win32/Adware.SurfSideKick application
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?fin5.exe - Win32/Rootkit.Agent.NBF trojan
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?ClientBundle1.exe ?NSIS ?f1.exe - Win32/Adware.NdotNet application
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?ClientBundle1.exe ?NSIS ?f33.exe - Win32/Adware.ZQuest application
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?ClientBundle1.exe ?NSIS ?f4.exe - Win32/Adware.SurfSideKick application
C:\Documents and Settings\Administrator\桌面\My Documents.rar ?RAR ?ClientBundle1.exe ?NSIS ?fin5.exe - Win32/Rootkit.Agent.NBF trojan
Number of scanned files: 15
Number of threats found: 9
Time of completion: 15:00:19 Total scanning time: 1 sec (00:00:01)

7sumetai

已删除: 木马程序 Trojan-Downloader.NSIS.Agent.ac        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\ClientApp1064.exe//data0001
已删除: 广告程序 not-a-virus:AdWare.Win32.NewDotNet        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\ClientBundle1.exe//data0002
已删除: 广告程序 not-a-virus:AdWare.Win32.Agent.co        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\ClientBundle1.exe//data0003
已删除: 木马程序 Trojan.Win32.BHO.ab        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\ClientBundle1.exe//data0004
已删除: 广告程序 not-a-virus:AdWare.Win32.SurfSide.ax        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\ClientBundle1.exe//data0005
已删除: 木马程序 Trojan-Dropper.Win32.Agent.bfr        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\ClientBundle1.exe//data0006
已删除: 木马程序 Trojan.Win32.BHO.ab        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\f33.exe
已删除: 广告程序 not-a-virus:AdWare.Win32.SurfSide.ax        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\f4.exe
已删除: 广告程序 not-a-virus:AdWare.Win32.Agent.co        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\feb2.exe
已删除: 木马程序 Trojan-Dropper.Win32.Agent.bfr        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\fin5.exe
已删除: 广告程序 not-a-virus:AdWare.Win32.Virtumonde.if        文件: C:\Documents and Settings\7sumetai\桌面\VirusUp\My_Documents\is67377.exe//Virtumonde

jlennon

couldsst

有两各 AD C版是没有的

鼻耳盖子

其中部分是ClientBundle1.exe的衍生物 微点直接拦