3个[MD5: 80D351 4D3653 1D060D]

显示全部楼层 · 发表于 2007-6-16 10:59:33

Scan performed at: 2007-6-16 11:02:43
Scanning Log
NOD32 version 2335 (20070616) NT
Command line: C:\Documents and Settings\EQ2\桌面\样本.rar
Operating memory - is OK

Date: 16.6.2007 Time: 11:02:47
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\样本.rar
C:\Documents and Settings\EQ2\桌面\样本.rar ?RAR ?1021.exe - Win32/TrojanDownloader.Delf.NUH trojan - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\样本.rar ?RAR ?123456.Exe - probably a variant of Win32/Spy.Delf.PG trojan
C:\Documents and Settings\EQ2\桌面\样本.rar ?RAR ?dodolook048.exe ?NSIS ?84.exe ?NSIS ?acpidisk.sys - a variant of Win32/Adware.Cinmus application - was a part of the deleted object
Number of scanned files: 7
Number of threats found: 3
Number of files cleaned: 1
Time of completion: 11:02:47 Total scanning time: 0 sec (00:00:00)

显示全部楼层 · 发表于 2007-6-16 11:00:30

咖啡报木马

显示全部楼层 · 发表于 2007-6-16 11:00:43

风暴胜者V2 测试版本(http://www.v0day.com)
_________您的安全是我们的责任_______________
载入病毒库…进行整理…分配内存…可以使用

===============================================
___________病毒查杀结果__________________

===============================================

2007年6月16日11时4分1秒开始查杀C:\Documents and Settings\Administrator\桌面\virus\0Temp5088_1180619848\样34本
未知的木马病毒(启发)C:\Documents and Settings\Administrator\桌面\virus\0Temp5088_1180619848\样34本\1021.exe 操作:阻止运行
威胁性文件：C:\Documents and Settings\Administrator\桌面\virus\0Temp5088_1180619848\样34本\dodolook048.exe
=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。

C:\Documents and Settings\Administrator\桌面\virus\0Temp5088_1180619848\样34本\123456.Exe 带壳文件:UPX加壳
-----------------------------------------

2007年6月16日11时4分1秒收起线程…100% 查杀完毕！
扫描文件：3查杀病毒：2

显示全部楼层 · 发表于 2007-6-16 11:07:11

Virus: Trojan-Downloader.Win32.Banload.bpo, Trojan-Spy.Win32.Delf.ps, not-a-virus:AdWare.Win32.Cinmus.j (2x)

Virus found while downloading Web content.

Address: bbs.kafan.cn

显示全部楼层 · 发表于 2007-6-16 11:10:34

window defender出现作用

显示全部楼层 · 发表于 2007-6-16 11:11:12

AVK统杀

显示全部楼层 · 发表于 2007-6-16 11:12:25

deleted: Trojan program Trojan-Downloader.Win32.Banload.bpo File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/1021.exe//PE_Patch.PECompact//PecBundle//PECompact
deleted: Trojan program Trojan-Spy.Win32.Delf.ps File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/123456.Exe//UPX
deleted: adware not-a-virus:AdWare.Win32.Cinmus.j File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/dodolook048.exe//data0003//data0003
deleted: adware not-a-virus:AdWare.Win32.Cinmus.j File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/dodolook048.exe//data0003//data0004

显示全部楼层 · 发表于 2007-6-16 11:13:39

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\样本.rar'
C:\Documents and Settings\Administrator\My Documents\
  样本.rar
[0] Archive type: RAR
--> 1021.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 123456.Exe
      [DETECTION] Contains signature of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> dodolook048.exe
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Drop.Cinmus.H
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-6-16 11:51:40

不让下

[病毒样本] 3个[MD5: 80D351 4D3653 1D060D]

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源