[病毒样本] 19x

显示全部楼层 · 发表于 2009-11-25 02:10:12

2009/11/25 2:06:38 已删除木马程序 Trojan-Dropper.Win32.Small.eda G:\Temp\Virus\19x.rar/68.exe
2009/11/25 2:06:38 已删除木马程序 Trojan.Win32.Kilva.agu G:\Temp\Virus\19x.rar/80.exe
2009/11/25 2:06:39 已删除木马程序 Backdoor.Win32.Hupigon.iuaf G:\Temp\Virus\19x.rar/1394.exe
2009/11/25 2:06:39 已删除木马程序 Trojan.Win32.Scar.amjc G:\Temp\Virus\19x.rar/284734.exe
2009/11/25 2:06:40 已删除木马程序 Trojan-Downloader.Win32.Agent.cvpr G:\Temp\Virus\19x.rar/Dw_server.exe
2009/11/25 2:06:40 已删除木马程序 Trojan-Dropper.Win32.Agent.biku G:\Temp\Virus\19x.rar/InstallE.exe
2009/11/25 2:06:41 已删除木马程序 Trojan-Downloader.Win32.Agent.cvha G:\Temp\Virus\19x.rar/lvbao.exe
2009/11/25 2:06:41 已删除木马程序 Trojan.Win32.Genome.dyqv G:\Temp\Virus\19x.rar/player011.exe
2009/11/25 2:06:42 已删除木马程序 Trojan.Win32.Agent.cnjk G:\Temp\Virus\19x.rar/qq.exe/svchosts.exe
2009/11/25 2:06:54 已删除木马程序 Trojan-Downloader.Win32.Xanda.r G:\Temp\Virus\19x.rar/sy.exe
2009/11/25 2:06:55 已删除木马程序 Trojan-Dropper.Win32.Small.eda G:\Temp\Virus\19x.rar/17.exe
2009/11/25 3:05:45 已删除木马程序 Trojan-PSW.Win32.QQFish.eb G:\Temp\Virus\19x.rar/smss.exe
2009/11/25 3:05:46 已删除木马程序 Trojan-GameThief.Win32.WOW.veq G:\Temp\Virus\19x.rar/004.exe

To KL

[ 本帖最后由尤金卡巴斯基于 2009-11-25 03:07 编辑 ]

显示全部楼层 · 发表于 2009-11-25 06:05:32

Starting the file scan:

Begin scan in 'E:\病毒样本'
E:\病毒样本\68.exe
[DETECTION] Is the TR/Drop.Small.Eda.3 Trojan
[NOTE]    The file was deleted!
E:\病毒样本\80.exe
  [0] Archive type: RSRC
[DETECTION] Is the TR/Spy.Gen Trojan
--> Object
   [DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\1394.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.itdv back-door program
[NOTE]    The file was deleted!
E:\病毒样本\284734.exe
  [0] Archive type: RSRC
[DETECTION] Is the TR/BHO.Gen Trojan
--> Object
   [DETECTION] Is the TR/BHO.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\Dw_server.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\fy.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.vwy back-door program
[NOTE]    The file was deleted!
E:\病毒样本\InstallE.exe
[DETECTION] Is the TR/Agent.Small.DV Trojan
[NOTE]    The file was deleted!
E:\病毒样本\lvbao.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\player011.exe
[DETECTION] Is the TR/Agent.49152 Trojan
[NOTE]    The file was deleted!
E:\病毒样本\qq.exe
  [0] Archive type: RAR SFX (self extracting)
[DETECTION] Contains recognition pattern of the DR/Agent.cnjk.1 dropper
--> svchosts.exe
   [DETECTION] Is the TR/Agent.cnjj Trojan
[NOTE]    The file was deleted!
E:\病毒样本\Qvod.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\Setup.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.bavl worm
[NOTE]    The file was deleted!
E:\病毒样本\smss.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\sy.exe
  [0] Archive type: RSRC
[DETECTION] Is the TR/VB.ygb Trojan
--> Object
   [DETECTION] Is the TR/VB.ygb Trojan
[NOTE]    The file was deleted!
E:\病毒样本\Sz_ddos.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\x010.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
E:\病毒样本\004.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
[NOTE]    The file was deleted!
E:\病毒样本\17.exe
[DETECTION] Is the TR/Drop.Jadtre.B.39 Trojan
[NOTE]    The file was deleted!
E:\病毒样本\031.exe
  [0] Archive type: RSRC
[DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
--> Object
   [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
[WARNING] An exception has been identified!
[WARNING] In the module 'AVREP.DLL' an exception occured.
Calling the function BeforeRepair
Error description:ACCESS_VIOLATION
  EAX = 00000080  EBX = 00000000
  ECX = 00B7E798  EDX = 00B7D410
  ESI = 00B30FA0  EDI = 00000080
  EIP = 012F667C  EBP = 0272E7E4
  ESP = 0272E108  Flg = 00010246
  CS = 00000023 SS = 0000001B
[NOTE]    The file was deleted!
[WARNING] The file was ignored!

End of the scan: 2009年11月25日  06:13
Used time: 00:13 Minute(s)

The scan has been done completely.

   1 Scanned directories
   20 Files were scanned
   20 Viruses and/or unwanted programs were found
   0 Files were classified as suspicious
   19 files were deleted
   0 Viruses and unwanted programs were repaired
   0 Files were moved to quarantine
   0 Files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   1 Archives were scanned
   1 Warnings
   19 Notes

[ 本帖最后由 C.C. 于 2009-11-25 06:14 编辑 ]

显示全部楼层 · 发表于 2009-11-25 06:34:03

瑞星查出18 都干掉了

显示全部楼层 · 发表于 2009-11-25 07:23:09

a5直接不让下载

显示全部楼层 · 发表于 2009-11-25 08:24:10

2009-11-25 8:22:01 Administrator 2932 Sign of "Win32:Delf-FHQ [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\80.exe\[Embedded_R#DATEINFO]" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:Delf-FHQ [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\80.exe" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\1394.exe" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\284734.exe\[Embedded_R#0a5b0]" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\284734.exe" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\Dw_server.exe" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:PcClient-ZE [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\fy.exe" file.
2009-11-25 8:22:04 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\lvbao.exe" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Agent-GRW [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\player011.exe" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\qq.exe\svchosts.exe" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\Setup.exe" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\sy.exe\[Embedded_I#0b0c8]" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\sy.exe" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Rincux-C [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\Sz_ddos.exe" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Delf-HBH [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\004.exe\[Upack]\[Embedded_R#KERNL]" file.
2009-11-25 8:22:05 Administrator 2932 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Administrator\桌面\19x.rar\17.exe" file.

显示全部楼层 · 发表于 2009-11-25 08:38:51

下来以后Windows Defender就报了~~

显示全部楼层 · 发表于 2009-11-25 09:06:26

显示全部楼层 · 发表于 2009-11-25 09:12:03

ESET 13X，剩余 to
68.exe - Win32/KillAV.NGK 特洛伊木马 - 是已删除对象的一部分
80.exe - Win32/PSW.Delf.NLZ 特洛伊木马的变种 - 是已删除对象的一部分
1394.exe - Win32/Hupigon.NRW 特洛伊木马 - 是已删除对象的一部分
284734.exe - Win32/Spy.Agent.NOZ 特洛伊木马 - 是已删除对象的一部分
fy.exe - Win32/Agent.NTU 特洛伊木马 - 是已删除对象的一部分
InstallE.exe - Win32/Agent.NUC 特洛伊木马 - 是已删除对象的一部分
lvbao.exe - Win32/TrojanDownloader.Small.OSX 特洛伊木马 - 是已删除对象的一部分
player011.exe - Win32/TrojanDownloader.Adload.NFC 特洛伊木马 - 是已删除对象的一部分
qq.exe > RAR > svchosts.exe - Win32/TrojanClicker.Delf.NBJ 特洛伊木马 - 是已删除对象的一部分
Setup.exe - Win32/TrojanDownloader.Delf.PDC 特洛伊木马 - 是已删除对象的一部分
sy.exe - 可能是 Win32/VB.OEA 特洛伊木马的变种 - 是已删除对象的一部分
004.exe - Win32/TrojanDropper.Delf.NRD 特洛伊木马 - 是已删除对象的一部分
17.exe - Win32/KillAV.NGK 特洛伊木马 - 是已删除对象的一部分

显示全部楼层 · 发表于 2009-11-25 09:30:50

瑞星2010

显示全部楼层 · 发表于 2009-11-25 09:42:39

avira kll all

[病毒样本] 19x

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

kill all