继续过...

显示全部楼层 · 发表于 2007-5-30 13:35:31

这个鸽子，卡巴7没有动静，来扫扫看。

显示全部楼层 · 发表于 2007-5-30 13:38:24

斧头表现的很出色，鸽子都被砍死了
卡巴7再次失守

显示全部楼层 · 发表于 2007-5-30 13:43:31

Virus check with AntiVirusKit
Version 16.0.7
Virus signatures of 2007-5-27
Start time: 2007-5-30 13:42
Engine(s): KAV engine (AVK 17.5523), BD-Engine (BD 17.5246)
Heuristic: On
Archives: On
System areas: On

Check system areas...
Check selected directories and files...
Object: nsuser.exe
Path: C:\Documents and Settings\Administrator\桌面\silence
Status: Move file into quarantine
Virus: DeepScan:Generic.Graybird.A96F2453 (BD-Engine)
Object: server.exe
Path: C:\Documents and Settings\Administrator\桌面\silence
Status: Move file into quarantine
Virus: DeepScan:Generic.Graybird.CEED8D0E (BD-Engine)
Object: sys.exe
Path: C:\Documents and Settings\Administrator\桌面\silence
Status: Move file into quarantine
Virus: DeepScan:Generic.Graybird.95F5AD6A (BD-Engine)
Analysis complete: 2007-5-30 13:42
3 files checked
3 infected files detected
0 suspected files detected

显示全部楼层 · 发表于 2007-5-30 13:43:57

小红伞，三个全杀。

Begin scan in 'E:\TOOLS\Virus\silence.rar'
E:\TOOLS\Virus\silence.rar
  [0] Archive type: RAR
  --> nsuser.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Graybird.360059.1 Backdoor server programs
  --> sys.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Graybird.360059.3 Backdoor server programs
  --> server.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [INFO]    A backup was created as '46c90f5b.qua'  ( QUARANTINE )
   [INFO]    The file was renamed to 'silence.rar.VIR'!

显示全部楼层 · 发表于 2007-5-30 13:55:47

ESS无视

显示全部楼层 · 发表于 2007-5-30 13:56:14

显示全部楼层 · 发表于 2007-5-30 15:29:54

Hello,

nsuser.exe, sys.exe - Backdoor.Win32.Hupigon.ene

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

server.exe - Backdoor.Win32.Hupigon.ene

This file is already detected. Please update your antivirus bases.

Please quote all when answering.

--
Best regards, Alexander Romanenko
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

> Attachment: silence.zip

显示全部楼层 · 发表于 2007-5-30 15:34:14

License expired
License #000000119 Valid till 2006-12-31
Demo mode
Command line options:
/r=susp.rpt /ha=3 /collect_suspects /nc /af+ /ar+ /bt- /mr- /ml+ /rw+ /as-
Ctrl-C will terminate program execution

*:
C:\
C:\...\nsuser.exe : is suspected of Backdoor.GrayBird.1 (paranoid heuristics)
C:\ABC\...\sys.exe : is suspected of Backdoor.GrayBird.1 (paranoid heuristics)
C:\...\server.exe : is suspected of Trojan-Spy.Banker.68 (paranoid heuristics)
Program execution terminated by user

Directories    : 3    Files in archives:    Files on disks:
Archives:                - total    : 3    - total    : 11
- scanned       : 1    -  scanned : 3    - scanned    : 11
- contain viruses : 0    -  infected : 0    - infected : 0
- deleted       : 0    -  suspicious : 3    - suspicious  : 1

Startup : 15:33:56 30-05-2007
End       : 15:34:01 30-05-2007
Total time : 00:00:05
终止批处理操作吗(Y/N)?

显示全部楼层 · 发表于 2007-5-30 15:35:49

LS用的什么版本的vba32？？？？最新的beta版？？？？

显示全部楼层 · 发表于 2007-5-30 15:36:27

3个。。

[Scan path] C:\Documents and Settings\Administrator\桌面\silence.rar
>>C:\Documents and Settings\Administrator\桌面\silence.rar\nsuser.exe infected with BackDoor.Beizhu.origin
>C:\Documents and Settings\Administrator\桌面\silence.rar\sys.exe infected with BackDoor.Beizhu
>>C:\Documents and Settings\Administrator\桌面\silence.rar\server.exe infected with BackDoor.Beizhu.origin
C:\Documents and Settings\Administrator\桌面\silence.rar - archive contains infected objects

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 5
Infected objects found: 3
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 1054 Kb/s
Scan time: 00:00:01

[病毒样本] 继续过...

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源