再来2个

显示全部楼层 · 发表于 2007-6-3 00:41:30

大家继续测试，呵呵

显示全部楼层 · 发表于 2007-6-3 01:10:37

扫描开始时间: 2007-6-3 1:09:41
扫描日志
NOD32 版本 2305 (20070601) NT
命令行: F:\绅博GDATA_AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar

日期: 2007年6月3日时间: 01:09:43
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: F:\绅博GDATA_AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar
F:\绅博GDATA_AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar ?RAR ?1(2).exe<病毒 - 可能是 Win32/Genetik 木马变种>
F:\绅博GDATA_AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar ?RAR ?1(1).exe<病毒 - Win32/PSW.Delf.NHI 木马>
已扫描文件数量: 3
已发现病毒数量: 2
完成时间: 01:09:46 总共扫描时间: 3 秒 (00:00:03)

第二个js nod不报

扫描开始时间: 2007-6-3 1:10:21
扫描日志
NOD32 版本 2305 (20070601) NT
命令行: F:\_smss1.rar

日期: 2007年6月3日时间: 01:10:23
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: F:\_smss1.rar
F:\_smss1.rar ?RAR ?smss1.exe<病毒 - 可能是 Win32/PSW.Delf.NHI 木马变种>
已扫描文件数量: 1
已发现病毒数量: 1
完成时间: 01:10:23 总共扫描时间: 0 秒 (00:00:00)

显示全部楼层 · 发表于 2007-6-3 06:30:09

Virus: Trojan-PSW.Win32.OnLineGames.qg, Trojan-PSW.Win32.Hangame.cl, Virus.Win32.AutoRun.p

Virus found while downloading Web content.

Address: bbs.kafan.cn

显示全部楼层 · 发表于 2007-6-3 06:37:22

Begin scan in 'D:\Documents and Settings\dell\桌面\新建文件夹'
D:\Documents and Settings\dell\桌面\新建文件夹\
D:\Documents and Settings\dell\桌面\新建文件夹\绅博GDATA AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar
  [0] Archive type: RAR
  --> 1(3).exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.QG
   [WARNING] Infected files in archives cannot be repaired!
  --> 1(2).exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [WARNING] Infected files in archives cannot be repaired!
  --> 1(1).exe
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
   [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
D:\Documents and Settings\dell\桌面\新建文件夹\绅博GDATA AntiVirenKit（中国）论坛_风云墙技术论坛_a_index[1].rar
  [0] Archive type: RAR
  --> a_index[1].js
   [DETECTION] Contains signature of the exploits EXP/IframeJS
   [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was successfully wiped!
   [INFO]    The file was deleted!
D:\Documents and Settings\dell\桌面\新建文件夹\_smss1.rar
  [0] Archive type: RAR
  --> smss1.exe
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
   [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was successfully wiped!
   [INFO]    The file was deleted!

End of the scan: 2007年6月3日  06:36
Used time: 00:26 min

The scan has been done completely.

   1 Scanning directories
   8 Files were scanned
   5 viruses and/or unwanted programs were found

显示全部楼层 · 发表于 2007-6-3 08:50:37

detected: Trojan program Trojan-PSW.Win32.OnLineGames.qg File: C:\Documents and Settings\Owner\×ÀÃæ\Éð²©GDATA AntiVirenKit£¨ÖÐ¹ú£©ÂÛÌ³_·çÔÆÇ½¼¼ÊõÂÛÌ³_070531.rar/1(3).exe
detected: Trojan program Trojan-PSW.Win32.Hangame.cl File: C:\Documents and Settings\Owner\×ÀÃæ\Éð²©GDATA AntiVirenKit£¨ÖÐ¹ú£©ÂÛÌ³_·çÔÆÇ½¼¼ÊõÂÛÌ³_070531.rar/1(2).exe
detected: virus Virus.Win32.AutoRun.p File: C:\Documents and Settings\Owner\×ÀÃæ\Éð²©GDATA AntiVirenKit£¨ÖÐ¹ú£©ÂÛÌ³_·çÔÆÇ½¼¼ÊõÂÛÌ³_070531.rar/1(1).exe//UPX
deleted: Trojan program Trojan.JS.Agent.d File: C:\Documents and Settings\Owner\×ÀÃæ\Éð²©GDATA AntiVirenKit£¨ÖÐ¹ú£©ÂÛÌ³_·çÔÆÇ½¼¼ÊõÂÛÌ³_a_index[1].rar/a_index[1].js
deleted: virus Virus.Win32.AutoRun.p File: C:\Documents and Settings\Owner\×ÀÃæ\_smss1.rar/smss1.exe//UPX

显示全部楼层 · 发表于 2007-6-3 08:51:51

拦截2个包

显示全部楼层 · 发表于 2007-6-3 10:52:28

2007/6/3 10:48:33 Scanning Log
2007/6/3 10:48:33 Version of virus signature database: 2305 (20070601)
2007/6/3 10:48:33 Date: 3.6.2007 Time: 10:48:33
2007/6/3 10:48:33 Scanned disks, folders and files: E:\病毒测试\
2007/6/3 10:48:33 E:\病毒测试\_smss1.rar - probably a variant of Win32/PSW.Delf.NHI trojan - deleted - quarantined
2007/6/3 10:48:33 E:\病毒测试\_smss1.rar » RAR » smss1.exe - probably a variant of Win32/PSW.Delf.NHI trojan
2007/6/3 10:48:39 E:\病毒测试\绅博GDATA AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar - multiple threats - deleted
2007/6/3 10:48:39 E:\病毒测试\绅博GDATA AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar » RAR » 1(2).exe - probably a variant of Win32/Genetik trojan
2007/6/3 10:48:39 E:\病毒测试\绅博GDATA AntiVirenKit（中国）论坛_风云墙技术论坛_070531.rar » RAR » 1(1).exe - Win32/PSW.Delf.NHI trojan
2007/6/3 10:48:39 Number of scanned files: 8
2007/6/3 10:48:39 Number of threats found: 3
2007/6/3 10:48:39 Time of completion: 10:48:39 Total scanning time: 6 sec (00:00:06)

显示全部楼层 · 发表于 2007-6-3 13:45:39

----------
[凝逸反毒] (http://hi.baidu.com/503165656)

[凝逸.扫描病毒引擎-日志] 2007.6.3 13:46:10

文件:F:\070603\Trojan-PSW.Win32.OnLineGames.qg\1(3).exe | 感染:BackDoor.Pigeon.2685 [25>2007_e30d34_0139.axx]3
操作:删除文件

文件:F:\070603\Trojan-PSW.Win32.OnLineGames.qg\1(2).exe | 感染:worm.win32.delf.cc [119>2007_e30d34_0139.axx]3
操作:删除文件

文件:F:\070603\Trojan-PSW.Win32.OnLineGames.qg\1(1).exe | 感染:worm.win32.delf.cc [117>2007_e30d34_0139.axx]3
操作:删除文件

文件:F:\070603\Trojan-PSW.Win32.OnLineGames.qg\smss1.exe | 感染:Trojan.PWS.Wsgame [126>2007_b4454a_0221.axx]3
操作:删除文件

扫描完成|病毒:4 文件:6|耗时:711

显示全部楼层 · 发表于 2007-6-3 16:00:25

咖啡报四个，不错

2007-6-3 16:01:35 未采取操作 C:\Documents and Settings\Administrator\桌面\_smss1.rar\SMSS1.EXE\SMSS1.EXE PWS-OnlineGames.a.dldr(特洛伊)
2007-6-3 16:01:35 未采取操作 C:\Documents and Settings\Administrator\桌面\070531.rar\1(3).EXE New Malware.bl (ED)(特洛伊)
2007-6-3 16:01:35 未采取操作 C:\Documents and Settings\Administrator\桌面\070531.rar\1(2).EXE PWS-Lineage(特洛伊)
2007-6-3 16:01:35 未采取操作 C:\Documents and Settings\Administrator\桌面\070531.rar\1(1).EXE\1(1).EXE PWS-OnlineGames.a.dldr(特洛伊)

显示全部楼层 · 发表于 2007-6-4 16:33:44

木马名称:Trojan-PSW.Win32.OnLineGames.egt
程序:
I:\TEST\070603\3\绅博GDATA ANTIVIRENKIT（中国）论坛_风云墙技术论坛_070531\1(3).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Hangame.oi
程序:
I:\TEST\070603\3\绅博GDATA ANTIVIRENKIT（中国）论坛_风云墙技术论坛_070531\1(2).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

[病毒样本] 再来2个

本帖子中包含更多资源

本帖子中包含更多资源

微点拦

本帖子中包含更多资源