servhost（一小包）

显示全部楼层 · 发表于 2007-4-30 18:06:10

抓的几个，来尝尝。

显示全部楼层 · 发表于 2007-4-30 18:09:44

显示全部楼层 · 发表于 2007-4-30 18:11:28

卡7全干了，包括一个启发

显示全部楼层 · 发表于 2007-4-30 18:16:03

红伞全干，三个启发

Starting the file scan:

Begin scan in 'C:\Documents and Settings\FEAR\My Documents\Downloads\Compressed\servhost.rar'
C:\Documents and Settings\FEAR\My Documents\Downloads\Compressed\servhost.rar
  [0] Archive type: RAR
  --> nwiztlbb.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> systemm.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> system2.jmp
   [DETECTION] Is the Trojan horse TR/Dldr.Small.dii.31
  --> System64.sys
   [DETECTION] Is the Trojan horse TR/Dldr.Small.dii.32
  --> ~tmp.tmp
   [DETECTION] Is the Trojan horse TR/PSW.Steal.27532.1
  --> Kvsc3.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2116
  --> mppds.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.QQ.19
  --> msccrt.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> servhost.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NB.148
  --> winform.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NB.136
   [INFO]    The file was moved to '46a7c227.qua'!

显示全部楼层 · 发表于 2007-4-30 18:20:53

servhost.rar\nwiztlbb.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Probably MULDROP.Trojan;;
servhost.rar\systemm.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.Sniff;;
servhost.rar\system2.jmp;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Qqpass.615;;
servhost.rar\System64.sys;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Qqpass.617;;
servhost.rar\~tmp.tmp;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Gamania;;
servhost.rar\Kvsc3.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Probably BACKDOOR.Trojan;;
servhost.rar\mppds.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Wsgame;;
servhost.rar\msccrt.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Wsgame;;
servhost.rar\servhost.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Wsgame;;
servhost.rar\winform.exe;D:\Documents and Settings\dell\桌面\servhost.rar;Trojan.PWS.Wsgame;;
servhost.rar;D:\Documents and Settings\dell\桌面;Archive contains infected objects;;

显示全部楼层 · 发表于 2007-4-30 18:33:07

通杀

显示全部楼层 · 发表于 2007-4-30 19:10:46

egin scan in 'D:\servhost.rar'
D:\servhost.rar
  [0] Archive type: RAR
  --> nwiztlbb.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> systemm.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> system2.jmp
   [DETECTION] Is the Trojan horse TR/Dldr.Small.dii.31
  --> System64.sys
   [DETECTION] Is the Trojan horse TR/Dldr.Small.dii.32
  --> ~tmp.tmp
   [DETECTION] Is the Trojan horse TR/PSW.Steal.27532.1
  --> Kvsc3.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2116
  --> mppds.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.QQ.19
  --> msccrt.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> servhost.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NB.148
  --> winform.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NB.136
   [WARNING] The file was ignored!

End of the scan: 2007年4月30日  19:11
Used time: 00:14 min
The scan has been done completely.
   0 Scanning directories
   12 Files were scanned
   10 viruses and/or unwanted programs were found

显示全部楼层 · 发表于 2007-4-30 21:11:34

nod32杀了9个，放了systemm.exe这个

今天在这边表现强差人意啊

显示全部楼层 · 发表于 2007-4-30 21:23:49

CA挂了……
不过Dr.Web好点

显示全部楼层 · 发表于 2007-4-30 21:31:00

我来贴金山的~~~

[病毒样本] servhost（一小包）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源