是不是老worm-來5個高手鑑定-外加誤報測試

显示全部楼层 · 发表于 2007-5-13 13:30:25

worm-1.rar-裡面5檔案,大小都不一樣,不知道是不是老worm,剛剛試了很多軟體都殺了

卡巴.mcafee.大蜘蛛.nod32 全殺

---------------
re_file-誤報測試1.rar
屍體,報的打屁屁~

卡巴.mcafee.大蜘蛛.nod32沒報~

显示全部楼层 · 发表于 2007-5-13 13:32:04

下面那个的确是尸体。。。。。。

显示全部楼层 · 发表于 2007-5-13 13:32:47

扫描系统区域...
扫描所选择的目录和文件...
对象: flec006.exe
      在压缩档案里: D:\worm-1.rar
      Status: 已发现病毒
      病毒: Trojan-Downloader.Win32.Bagle.y (KAV 引擎), Win32.Bagle.FS@mm (BD  引擎)
对象: wintems.exe
      在压缩档案里: D:\worm-1.rar
      Status: 已发现病毒
      病毒: Email-Worm.Win32.Bagle.gi (KAV 引擎), Win32.Bagle.FQ@mm (BD  引擎)
对象: m_hook.sys
      在压缩档案里: D:\worm-1.rar
      Status: 已发现病毒
      病毒: Email-Worm.Win32.Bagle.gm (KAV 引擎), Win32.Bagle.GM (BD  引擎)
对象: ixnkmdixmpva.exe
      在压缩档案里: D:\worm-1.rar
      Status: 已发现病毒
      病毒: Email-Worm.Win32.Bagle.gm (KAV 引擎), Win32.Bagle.FG@mm (BD  引擎)
对象: hidn2.exe
      在压缩档案里: D:\worm-1.rar
      Status: 已发现病毒
      病毒: Email-Worm.Win32.Bagle.gm (KAV 引擎), Win32.Bagle.FG@mm (BD  引擎)
对象: worm-1.rar
      路径: D:
      Status: 已发现病毒
      病毒: Trojan-Downloader.Win32.Bagle.y, Email-Worm.Win32.Bagle.gi, Email-Worm.Win32.Bagle.gm (3x) (KAV 引擎), Win32.Bagle.FS@mm, Win32.Bagle.FQ@mm, Win32.Bagle.GM, Win32.Bagle.FG@mm (2x) (BD  引擎)
Analysis complete: 2007-5-13 13:32
1 files checked
1 infected files detected
发现 0 个可疑文件
邮件蠕虫
第二个没鞭

显示全部楼层 · 发表于 2007-5-13 13:34:06

Scan performed at: 2007-5-13 13:34:15
Scanning Log
NOD32 version 2262 (20070512) NT
Command line: C:\Documents and Settings\EQ2\桌面\worm-1.rar
Operating memory - is OK

Date: 13.5.2007 Time: 13:34:19
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\worm-1.rar
C:\Documents and Settings\EQ2\桌面\worm-1.rar ?RAR ?flec006.exe - Win32/Bagle.GS worm - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\worm-1.rar ?RAR ?wintems.exe - Win32/Bagle.GR worm - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\worm-1.rar ?RAR ?m_hook.sys - Win32/Bagle.GO worm - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\worm-1.rar ?RAR ?ixnkmdixmpva.exe - Win32/Bagle.GO worm - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\worm-1.rar ?RAR ?hidn2.exe - Win32/Bagle.GO worm - was a part of the deleted object
Number of scanned files: 6
Number of threats found: 5
Number of files cleaned: 1
Time of completion: 13:34:20 Total scanning time: 1 sec (00:00:01)

显示全部楼层 · 发表于 2007-5-13 13:34:09

趨勢全殺
另一包沒有誤報

显示全部楼层 · 发表于 2007-5-13 13:34:27

Start of the scan: 2007年5月13日  13:34

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\worm-1.rar'
C:\Documents and Settings\Administrator\桌面\worm-1.rar
  [0] Archive type: RAR
  --> flec006.exe
   [DETECTION] Is the Trojan horse TR/Bagle.Gen.B
  --> wintems.exe
   [DETECTION] Is the Trojan horse TR/Bagle.Gen.B
  --> m_hook.sys
   [DETECTION] Contains signature of the rootkit RKIT/Bagle.GM
  --> ixnkmdixmpva.exe
   [DETECTION] Contains signature of the worm WORM/Bagle.GM.1
  --> hidn2.exe
   [DETECTION] Contains signature of the worm WORM/Bagle.GM.1

显示全部楼层 · 发表于 2007-5-13 13:34:55

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\re_file-誤報測試1.rar'

End of the scan: 2007年5月13日 13:34
Used time: 00:03 min

The scan has been done completely.

显示全部楼层 · 发表于 2007-5-13 13:35:58

驱逐舰

显示全部楼层 · 发表于 2007-5-13 13:38:53

去年的病毒了

显示全部楼层 · 发表于 2007-5-13 14:29:54

C:\Documents and Settings\moonsilver\桌面\worm-1.
rar>>flec006.exe

Trojan.DL.Bagle.em

C:\Documents and Settings\moonsilver\桌面\worm-1.
rar>>wintems.exe

Trojan.DL.Bagle.ek

C:\Documents and Settings\moonsilver\桌面\worm-1.
rar>>m_hook.sys

Worm.Mail.Bagle.so

C:\Documents and Settings\moonsilver\桌面\worm-1.
rar>>ixnkmdixmpva.exe

Worm.Mail.Bagle.so

C:\Documents and Settings\moonsilver\桌面\worm-1.
rar>>hidn2.exe

Worm.Mail.Bagle.so

rising

[病毒样本] 是不是老worm-來5個高手鑑定-外加誤報測試

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源