per1
2007-07-24, 11:48 PM
我朋友說開到這個以後有些程式變的怪怪的...
個人用avast丟進去scan都scan不出甚麼virus出來..
有沒有人可以幫忙一下..??
先謝謝了..
原始檔已壓縮..
贊助商連結
個人用avast丟進去scan都scan不出甚麼virus出來..
有沒有人可以幫忙一下..??
先謝謝了..
原始檔已壓縮..
贊助商連結
贊助商連結 per1 2007-07-24, 11:48 PM 我朋友說開到這個以後有些程式變的怪怪的... 個人用avast丟進去scan都scan不出甚麼virus出來.. 有沒有人可以幫忙一下..?? 先謝謝了.. 原始檔已壓縮.. 贊助商連結 kk_pczone 2007-07-25, 12:09 AM AhnLab-V3 2007.7.25.0 2007.07.24 no virus found AntiVir 7.4.0.44 2007.07.24 TR/Crypt.XPACK.Gen Authentium 4.93.8 2007.07.23 no virus found Avast 4.7.997.0 2007.07.24 no virus found AVG 7.5.0.476 2007.07.24 BackDoor.Agent.JHB BitDefender 7.2 2007.07.24 Backdoor.IRCBot.ABEI CAT-QuickHeal 9.00 2007.07.24 (Suspicious) - DNAScan ClamAV devel-20070416 2007.07.24 no virus found DrWeb 4.33 2007.07.24 Win32.HLLW.Loook eSafe 7.0.15.0 2007.07.23 Suspicious Trojan/Worm eTrust-Vet 31.1.5003 2007.07.24 no virus found Ewido 4.0 2007.07.24 no virus found FileAdvisor 1 2007.07.24 no virus found Fortinet 2.91.0.0 2007.07.24 no virus found F-Prot 4.3.2.48 2007.07.23 no virus found F-Secure 6.70.13030.0 2007.07.24 no virus found Ikarus T3.1.1.8 2007.07.24 Backdoor.Win32.Rbot Kaspersky 4.0.2.24 2007.07.24 IM-Worm.Win32.Agent.g McAfee 5080 2007.07.23 no virus found Microsoft 1.2704 2007.07.24 no virus found NOD32v2 2417 2007.07.24 probably unknown NewHeur_PE virus Panda 9.0.0.4 2007.07.24 Suspicious file Sophos 4.19.0 2007.07.17 no virus found Sunbelt 2.2.907.0 2007.07.24 no virus found Symantec 10 2007.07.24 W32.Mytob@mm TheHacker 6.1.7.152 2007.07.23 no virus found VBA32 3.12.2.1 2007.07.23 no virus found VirusBuster 4.3.26:9 2007.07.24 no virus found Webwasher-Gateway 6.0.1 2007.07.24 Trojan.Crypt.XPACK.Gen ㄚ一 2007-07-25, 12:10 AM 沒有運行,只用以下兩款掃瞄 AntiVir: Begin scan in 'C:\Documents and Settings\Administrator\桌面\summer2008.zip' C:\Documents and Settings\Administrator\桌面\summer2008.zip [0] Archive type: ZIP --> 2007-07-21-213.scr [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen [WARNING] The file was ignored! KAV: detected: virus IM-Worm.Win32.Agent.g File: C:\Documents and Settings\Administrator\®à±\summer2008.zip/2007-07-21-213.scr//PE_Patch//NTKrnl Roger 2007-07-25, 04:03 PM 運行2007-07-21-213.scr,發現下列行為,被EQ-Secure RC4攔截! 2007-07-25 16:00:16 创建文件 操作:允许 进程路径:D:\desktop\virus\summer2008\2007-07-21-213.scr 文件路径:C:\Documents and Settings\HungAndy\Application Data\Sandbox\DefaultBox\user\current\Local Settings\Temp\~DF25BA.tmp 触发规则:黑名单->白名單->C:\Documents and Settings\HungAndy\Application Data\Sandbox\* 2007-07-25 16:00:18 创建注册表值 操作:阻止 进程路径:D:\desktop\virus\summer2008\2007-07-21-213.scr 注册表路径:HKEY_CURRENT_USER\machine\software\microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad 注册表名称:antivirus 注册表数据:{522A9D9F-31D1-41C4-BF43-A6705A4B3C7A} 触发规则:所有程序规则->自動運行->*\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad* 2007-07-25 16:00:18 创建文件 操作:允许 进程路径:D:\desktop\virus\summer2008\2007-07-21-213.scr 文件路径:C:\Documents and Settings\HungAndy\Application Data\Sandbox\DefaultBox\drive\C\windows\system32\printers.exe 触发规则:黑名单->白名單->C:\Documents and Settings\HungAndy\Application Data\Sandbox\* 2007-07-25 16:00:18 创建文件 操作:允许 进程路径:D:\desktop\virus\summer2008\2007-07-21-213.scr 文件路径:C:\Documents and Settings\HungAndy\Application Data\Sandbox\DefaultBox\drive\C\windows\system32\firewallav.dll 触发规则:黑名单->白名單->C:\Documents and Settings\HungAndy\Application Data\Sandbox\* 1.它會在C:\Documents and Settings\HungAndy\Local Settings\Temp\生成 ~DF25BA.tmp 2.它會创建注册表值 KEY_CURRENT_USER\machine\software\microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad antivirus {522A9D9F-31D1-41C4-BF43-A6705A4B3C7A} 3.它會在C\windows\system32\生成 printers.exe firewallav.dll shotpeng 2007-07-29, 06:21 PM 这个是msn virus来的。:p shotpeng 2007-07-29, 06:26 PM deleted: virus IM-Worm.Win32.Agent.g File: C:\Documents and Settings\Derek\Desktop\summer2008.zip\2007-07-21-213.scr/PE_Patch/NTKrnl |
|