收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 65个,下载者生成物
123下一页
返回列表 发新帖
楼主: qwerasdf123
 收起左侧

[病毒样本] 65个,下载者生成物

[复制链接]
wangjay1980
发表于 2007-8-20 19:37:37 | 显示全部楼层
detected: Trojan program Trojan.Win32.Agent.ajr        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\111.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan-Downloader.Win32.VB.atk        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\112.exe
detected: Trojan program Trojan-Downloader.Win32.LoadAdv.gen        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\1228.exe//stream//data0001//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Downloader.Win32.Small.eqn        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\1228.exe//stream//data0002//PE_Patch.Upolyx//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Downloader.Win32.Agent.bys        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\1228.exe//stream//data0003//stream//data0002
detected: Trojan program Trojan-Downloader.Win32.QQHelper.vn        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\13d012.exe//data0002//PE_Patch.Upolyx
detected: adware not-a-virus:AdWare.Win32.BHO.av        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\13d012.exe//data0003
detected: Trojan program Trojan-Downloader.Win32.Agent.bys        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\162.exe//stream
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\2D72ED5C.EXE
detected: virus Heur.Invader (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\555.exe//ASPack
detected: Trojan program Backdoor.Win32.Agent.apu        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\567.exe
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\61E6FE84.EXE
detected: Trojan program Backdoor.Win32.Agent.ari        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\82B64774.DLL
detected: virus Worm.Win32.Agent.t        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\854.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: virus Virus.Win32.AutoRun.gm        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\987.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.bys        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\aabb.exe
detected: adware not-a-virus:AdWare.Win32.BHO.av        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\ad3770.exe//stream//data0001
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\auto.exe
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\B0B0111C.EXE
detected: Trojan program Trojan-Spy.Win32.Agent.pn        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\bw.exe//PE_Patch//UPack
detected: adware not-a-virus:AdWare.Win32.BHO.av        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\cpush.dll
detected: Trojan program Trojan-Downloader.Win32.QQHelper.xb        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\dodolook133.exe//UPX
detected: adware not-a-virus:AdWare.Win32.Cinmus.j        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\dodolook451.exe//stream//data0002//data0003
detected: adware not-a-virus:AdWare.Win32.Cinmus.j        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\dodolook451.exe//stream//data0002//data0004
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\husjdd8s.exe
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11245251001.exe
detected: virus Virus.Win32.AutoRun.gm        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11245251033.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.ccl        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11245251125.exe//PE_Patch.UPX//UPX
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11245251146.exe
detected: virus Worm.Win32.Agent.t        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11245251168.exe//#//PE_Patch.PECompact//PecBundle//PECompact
detected: adware not-a-virus:AdWare.Win32.BHO.av        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11875967963.exe//stream//data0002
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k11875968026.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan-Downloader.Win32.Agent.bmc        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\k118759681213.exe//UPX
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\kksi8s3.exe
detected: Trojan program Trojan-Proxy.Win32.Agent.mf        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\mgeqmm.exe
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\osiesd3.dll
detected: Trojan program Trojan-Downloader.Win32.Delf.bgp        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\rundll01.exe
detected: adware not-a-virus:AdWare.Win32.BHO.av        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\rundll03.exe//stream//data0001
detected: Trojan program Trojan-Downloader.Win32.Tiny.hu        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\setup291.exe
detected: Trojan program Trojan-Downloader.Win32.Delf.bgp        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\soft210.exe
detected: virus Virus.Win32.AutoRun.gm        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\svchost.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.ccl        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\system.dat//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.nn        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\TempA.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ahz        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\TempB.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wt        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\TempC.exe
detected: Trojan program Trojan-Downloader.Win32.Small.eqn        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\wr-1-26.exe//PE_Patch.Upolyx//PE_Patch.UPX//UPX
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\xxx.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.buv        File: C:\Documents and Settings\Owner\×ÀÃæ\kasper\~tmp4544.exe//UPack
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/2D72ED5C.EXE
deleted: Trojan program Trojan.Win32.Delf.acy File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/555.exe
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/60E6410.DLL
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/61E6FE84.DLL
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/61E6FE84.EXE
deleted: Trojan program Trojan-Downloader.Win32.Agent.bbb File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/85ij5fz.sys
deleted: adware not-a-virus:AdWare.Win32.Cinmus.j File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/acpidisk.sys
deleted: Trojan program Trojan-Spy.Win32.Agent.pn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/AlxRes070819.exe//PE_Patch//UPack
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/auto.exe
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/B0B0111C.EXE
deleted: Trojan program Backdoor.Win32.Agent.arn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/husjdd8s.exe
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11245251001.exe
deleted: Trojan program Trojan-Downloader.Win32.Delf.bcm File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11245251022.exe//PE_Patch//UPack
deleted: Trojan program Backdoor.Win32.Agent.arn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11245251146.exe
deleted: Trojan program Rootkit.Win32.Agent.he File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11245251168.exe
deleted: Trojan program Trojan-Spy.Win32.Agent.pn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11245284499.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.Delf.bem File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11875967952.exe//PE_Patch.PECompact//PecBundle//PECompact
deleted: virus Worm.Win32.Agent.t File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11875968026.exe//PE_Patch.PECompact//PecBundle//PECompact
deleted: Trojan program Trojan-Spy.Win32.Agent.pn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k11875968069.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.QQHelper.xu File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k118759680710.exe
deleted: Trojan program Trojan-Spy.Win32.Agent.pn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k118759681012.exe//PE_Patch//UPack
deleted: Trojan program Trojan.Win32.Agent.awj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/k118759681415.exe
deleted: Trojan program Trojan-Downloader.Win32.QQHelper.xv File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/my_70145.exe
deleted: Trojan program Trojan-Downloader.Win32.Ieser.c File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/oqqtvbghycoyw.dll
deleted: Trojan program Backdoor.Win32.HacDef.q File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/protector.sys
deleted: Trojan program Trojan-Spy.Win32.Agent.pn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/scrsys070819.scr//PE_Patch//UPack
deleted: Trojan program Backdoor.Win32.Nepoe.g File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/spooIsv.exe
deleted: Trojan program Trojan-Downloader.Win32.Agent.blu File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/SVCH0ST.EXE
deleted: Trojan program Trojan-Downloader.Win32.Ieser.c File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/vjqxijbfuwqyz.dll
deleted: Trojan program Trojan-Spy.Win32.Agent.pn File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/winsys32_070819.dll
deleted: Trojan program Backdoor.Win32.Agent.ahj File: C:\Documents and Settings\Owner\×ÀÃæ\kasper.zip/kasper/xxx.exe

[ 本帖最后由 wangjay1980 于 2007-8-20 23:11 编辑 ]
回复

举报

uhthn2002
发表于 2007-8-20 20:02:11 | 显示全部楼层
22+20
C:\Documents and Settings\uhthn\Desktop\kasper\112.exe : infected Trojan-Downloader.Win32.VB.atk
C:\Documents and Settings\uhthn\Desktop\kasper\13d012.exe : infected AdWare.Win32.BHO.av
C:\Documents and Settings\uhthn\Desktop\kasper\162.exe : infected Trojan-Downloader.Win32.Agent.bys
C:\Documents and Settings\uhthn\Desktop\kasper\2D72ED5C.EXE : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\567.exe : infected DDoS.Bonke
C:\Documents and Settings\uhthn\Desktop\kasper\60E6410.DLL : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\61E6FE84.DLL : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\61E6FE84.EXE : infected Backdoor.Win32.Agent.ahj
C:\Documents and Settings\uhthn\Desktop\kasper\82B64774.DLL : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\854.exe : infected Trojan.StartPage.20273
C:\Documents and Settings\uhthn\Desktop\kasper\987.exe : infected Virus.Win32.AutoRun.gm
C:\Documents and Settings\uhthn\Desktop\kasper\aabb.exe : infected Trojan-Downloader.Win32.Agent.bys
C:\Documents and Settings\uhthn\Desktop\kasper\AlxRes070819.exe : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\auto.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\B0B0111C.EXE : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\bw.exe : infected Trojan-Spy.Win32.Agent.pn
C:\Documents and Settings\uhthn\Desktop\kasper\cpush.dll : infected AdWare.Win32.BHO.av
C:\Documents and Settings\uhthn\Desktop\kasper\dodolook133.exe : infected Trojan.PWS.Qqpass.1131
C:\Documents and Settings\uhthn\Desktop\kasper\dodolook451.exe : infected AdWare.Win32.Cinmus.j
C:\Documents and Settings\uhthn\Desktop\kasper\husjdd8s.exe : infected Backdoor.Win32.Agent.arn
C:\Documents and Settings\uhthn\Desktop\kasper\k11245251001.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\k11245251022.exe : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\k11245251033.exe : infected Virus.Win32.AutoRun.gm
C:\Documents and Settings\uhthn\Desktop\kasper\k11245251146.exe : infected Backdoor.Win32.Agent.arn
C:\Documents and Settings\uhthn\Desktop\kasper\k11245284499.exe : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\k11875968069.exe : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\k118759681012.exe : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\k118759681213.exe : infected Trojan-Downloader.Win32.Agent.bmc
C:\Documents and Settings\uhthn\Desktop\kasper\mgeqmm.exe : is suspected of Trojan-Proxy.Agent.2
C:\Documents and Settings\uhthn\Desktop\kasper\rundll01.exe : is suspected of Win32.Trojan.Downloader (http://...)
C:\Documents and Settings\uhthn\Desktop\kasper\rundll03.exe : infected AdWare.Win32.BHO.av
C:\Documents and Settings\uhthn\Desktop\kasper\scrsys070819.scr : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\soft210.exe : is suspected of Win32.Trojan.Downloader (http://...)
C:\Documents and Settings\uhthn\Desktop\kasper\spooIsv.exe : infected Trojan.Inject.283
C:\Documents and Settings\uhthn\Desktop\kasper\SVCH0ST.EXE : is suspected of Trojan-PSW.Game.72 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\svchost.exe : infected Virus.Win32.AutoRun.gm
C:\Documents and Settings\uhthn\Desktop\kasper\TempA.exe : infected Trojan.MulDrop.8323
C:\Documents and Settings\uhthn\Desktop\kasper\TempC.exe : infected MalwareScope.Trojan-PSW.Game.12
C:\Documents and Settings\uhthn\Desktop\kasper\winsys32_070819.dll : is suspected of Trojan-PSW.Game.39 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\wr-1-26.exe : infected Trojan-Downloader.Win32.Small.eqn
C:\Documents and Settings\uhthn\Desktop\kasper\xxx.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\kasper\~tmp4544.exe : is suspected of Trojan-Spy.Delf.10 (paranoid heuristics)


Directories       : 0       Files in archives:      Files on disks:
Archives:                   - total       : 0       - total       : 65   
- scanned         : 0       -  scanned    : 0       - scanned     : 65   
- contain viruses : 0       -  infected   : 0       - infected    : 22   
- deleted         : 0       -  suspicious : 0       - suspicious  : 20
回复

举报

wangjay1980
发表于 2007-8-20 20:52:49 | 显示全部楼层
Hello,

2D72ED5C.exe_, 60E6410.DLL, 61E6FE84.DLL, 61E6FE84.exe_, auto.exe_, B0B0111C.exe_, k11245251001.exe_, xxx.exe_ - Backdoor.Win32.Agent.ahj,
555.exe_ - Trojan.Win32.Delf.acy,
AlxRes070819.exe_, k11245284499.exe_, k11875968069.exe_, k118759681012.exe_, scrsys070819.scr_, winsys32_070819.dll - Trojan-Spy.Win32.Agent.pn,
husjdd8s.exe_, k11245251146.exe_ - Backdoor.Win32.Agent.arn,
k11245251022.exe_ - Trojan-Downloader.Win32.Delf.bcm,
k11245251168.exe_ - Rootkit.Win32.Agent.he,
k11875967952.exe_ - Trojan-Downloader.Win32.Delf.bem,
k11875968026.exe_ - Worm.Win32.Agent.t,
k118759680710.exe_ - Trojan-Downloader.Win32.QQHelper.xu,
k118759681415.exe_ - Trojan.Win32.Agent.awj,
my_70145.exe_ - Trojan-Downloader.Win32.QQHelper.xv,
oqqtvbghycoyw.dll, vjqxijbfuwqyz.dll - Trojan-Downloader.Win32.Ieser.c,
protector.sys - Backdoor.Win32.HacDef.q,
spooIsv.exe_ - Backdoor.Win32.Nepoe.g,
SVCH0ST.exe_ - Trojan-Downloader.Win32.Agent.blu

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

85ij5fz.sys - Trojan-Downloader.Win32.Agent.bbb

This file is already detected. Please update your antivirus bases.

acpidisk.sys - not-a-virus:AdWare.Win32.Cinmus.j

This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates

Uninst.exe_

No malicious code was found in this file.

Please quote all when answering.

--
Best regards, Alexander Romanenko
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.



> Attachment: kasper.zip
回复

举报

qqq000@qq.com
头像被屏蔽
发表于 2007-8-20 20:57:09 | 显示全部楼层

[凝逸反毒]病毒:44

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)
[病毒库列表]
总数=23005
20070726_dw0001.axx | 病毒数:12691
20070726_kv0001.axx | 病毒数:1115
20070729_ny0001.axx | 病毒数:1319
20070801_ny0002.axx | 病毒数:302
20070802_ny0003.axx | 病毒数:384
20070802_ny0004.axx | 病毒数:196
20070811_ny0005.axx | 病毒数:469
20070816_ny0006.axx | 病毒数:1233
20070816_ny0007.axx | 病毒数:49
20070819_ny0008.axx | 病毒数:570
20070820_ny0009.axx | 病毒数:108
初始化成功

       [凝逸.扫描病毒引擎-日志]       2007.8.20 20:54:20
文件:F:\070820\kasper[1]\kasper\111.exe | 感染:Trojan.Click.4046 [235>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\112.exe | 感染:Trojan.DownLoader.29409 [43>20070802_ny0003.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\1228.exe | 感染:virus [644>20070816_ny0006.axx]3(32.42)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\13d012.exe | 感染:virus [637>20070816_ny0006.axx]3(21.24)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\162.exe | 感染:virus [732>20070816_ny0006.axx]3(35.42)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\2D72ED5C.EXE | 感染:virus [80>20070820_ny0009.axx]3(1.3)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\567.exe | 感染:BackDoor.Pigeon.199 [28>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\61E6FE84.EXE | 感染:virus [501>20070819_ny0008.axx]3(5.5)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\82B64774.DLL | 感染:DLOADER.Trojan [234>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\854.exe | 感染:virus [775>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\987.exe | 感染:virus [571>20070816_ny0006.axx]3(1.13)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\aabb.exe | 感染:Trojan.DownLoader.27534 [6999>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\ad3770.exe | 感染:virus [733>20070816_ny0006.axx]3(136.139)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\AlxRes070819.exe | 感染:virus [503>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\auto.exe | 感染:virus [80>20070820_ny0009.axx]3(1.3)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\B0B0111C.EXE | 感染:virus [64>20070820_ny0009.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\bw.exe | 感染:MULDROP.Trojan [107>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\cpush.dll | 感染:virus [695>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\dodolook133.exe | 感染:Trojan.PWS.Qqpass.1192 [156>20070819_ny0008.axx]3(17.17)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\dodolook451.exe | 感染:virus [714>20070816_ny0006.axx]3(11.17)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\husjdd8s.exe | 感染:virus [460>20070819_ny0008.axx]3(2.2)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11245251022.exe | 感染:virus [387>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11245251033.exe | 感染:virus [572>20070816_ny0006.axx]3(2.13)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11245251125.exe | 感染:virus [400>20070819_ny0008.axx]3(3.4)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11245251168.exe | 感染:virus [482>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11245284499.exe | 感染:virus [503>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11875967963.exe | 感染:virus [668>20070816_ny0006.axx]3(7.17)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11875968026.exe | 感染:virus [641>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k11875968069.exe | 感染:virus [503>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\k118759681012.exe | 感染:Trojan.Hitpop [28>20070820_ny0009.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\kksi8s3.exe | 感染:Trojan.Click.1956 [202>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\my_70145.exe | 感染:virus [379>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\osiesd3.dll | 感染:Trojan.Click.1956 [144>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\rundll01.exe | 感染:virus [686>20070816_ny0006.axx]3(2.3)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\rundll03.exe | 感染:virus [704>20070816_ny0006.axx]3(135.139)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\scrsys070819.scr | 感染:virus [503>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\setup291.exe | 感染:virus [570>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\soft210.exe | 感染:virus [456>20070819_ny0008.axx]3(3.3)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\svchost.exe | 感染:virus [576>20070816_ny0006.axx]3(6.13)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\system.dat | 感染:DLOADER.Trojan [212>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\Uninst.exe | 感染:virus [279>20070802_ny0003.axx]3(115.139)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\wr-1-26.exe | 感染:Trojan.DownLoader.26881 [209>20070816_ny0006.axx]2(5.9)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\xxx.exe | 感染:virus [499>20070819_ny0008.axx]3(2.2)
操作:删除文件
文件:F:\070820\kasper[1]\kasper\~tmp4544.exe | 感染:virus [470>20070819_ny0008.axx]3(1.1)
操作:删除文件
扫描完成|病毒:44 文件:65|耗时:38815

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

碧水寒潭
发表于 2007-8-20 21:02:47 | 显示全部楼层
Start of the scan: 2007年8月20日  21:00

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\kasper[1].part01.rar
  [0] Archive type: RAR
  --> kasper\111.exe
      [DETECTION] Is the Trojan horse TR/Agent.ajr.5
  --> kasper\112.exe
      [DETECTION] Is the Trojan horse TR/Dldr.VB.atk.58
  --> kasper\1228.exe
      [DETECTION] Contains signature of the dropper DR/Dldr.LoadAdv.69783
  --> kasper\13d012.exe
      [DETECTION] Is the Trojan horse TR/Dldr.QQHel.VN.23
  --> kasper\162.exe
      [DETECTION] Contains signature of the dropper DR/Dldr.Agent.bys.2
  --> kasper\2D72ED5C.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\555.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\567.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> kasper\60E6410.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> kasper\61E6FE84.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> kasper\61E6FE84.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\82B64774.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> kasper\854.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\85ij5fz.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> kasper\987.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\aabb.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.bys
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part02.rar
  [0] Archive type: RAR
  --> kasper\ad3770.exe
      [DETECTION] Contains signature of the dropper DR/BHO.AV.515
  --> kasper\AlxRes070819.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\auto.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\B0B0111C.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\bw.exe
      [DETECTION] Is the Trojan horse TR/Spy.Agent.PN.341
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part03.rar
  [0] Archive type: RAR
  --> kasper\dodolook451.exe
      [DETECTION] Contains signature of the dropper DR/Cinmus.PA
  --> kasper\husjdd8s.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\k11245251001.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\k11245251022.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\k11245251033.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part04.rar
  [0] Archive type: RAR
  --> kasper\k11245251146.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\k11245251168.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> kasper\k11245284499.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part05.rar
  [0] Archive type: RAR
  --> kasper\k11875967963.exe
      [DETECTION] Contains signature of the dropper DR/BHO.AV.516
  --> kasper\k11875968026.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\k11875968069.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\k118759680710.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part06.rar
  [0] Archive type: RAR
  --> kasper\k118759681213.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.bmc.8
  --> kasper\k118759681415.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> kasper\kksi8s3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\mgeqmm.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> kasper\my_70145.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part07.rar
  [0] Archive type: RAR
  --> kasper\osiesd3.dll
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> kasper\protector.sys
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Hacdef.Q Backdoor server programs
  --> kasper\rundll01.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\rundll03.exe
      [DETECTION] Contains signature of the dropper DR/BHO.AV.513
  --> kasper\scrsys070819.scr
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part08.rar
  [0] Archive type: RAR
  --> kasper\soft210.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\spooIsv.exe
      [DETECTION] Contains signature of the worm WORM/Poebot.IE.13
  --> kasper\SVCH0ST.EXE
      [DETECTION] Contains suspicious code HEUR/Malware
  --> kasper\svchost.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\system.dat
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.ccl
  --> kasper\TempA.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLine.agb.2
  --> kasper\TempB.exe
      [DETECTION] Is the Trojan horse TR/PSW.4096
  --> kasper\TempC.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
H:\AV-TEST\kasper[1].part09.rar
  [0] Archive type: RAR
  --> kasper\winsys32_070819.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kasper\wr-1-26.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> kasper\xxx.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> kasper\~tmp4544.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Zhidao
      [INFO]      The file was deleted!


End of the scan: 2007年8月20日  21:01
Used time: 01:07 min

The scan has been done completely.

      1 Scanning directories
     66 Files were scanned
     55 viruses and/or unwanted programs were found
      4 classified as suspicious:
      9 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      7 Files not concerned
      9 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found
回复

举报

微点卫士
发表于 2007-8-20 21:04:48 | 显示全部楼层
微点:
木马名称:Trojan-Downloader.Win32.VB.diy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\112.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Small.lz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\567.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件
蠕虫名称:Worm.Win32.Agent.drk

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\854.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.ioy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\AABB.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Agent.bof

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\BW.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.BHO.oj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\CPUSH.DLL
是广告软件!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.Cinmus.aul

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\DODOLOOK451.EXE
是广告软件!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Tiny.uo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SETUP291.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Delf.gyf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SOFT210.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.bnm

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\TEMPC.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

以上是已知的,下面未防不测,先发这么多
回复

举报

微点卫士
发表于 2007-8-20 21:14:48 | 显示全部楼层
微点:
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\~TMP4544.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM\INTERNAT.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\~TMP4544.EXE.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\WINDOWS.0\SYSTEM\INTERNAT.EXE
是否删除木马程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\~TMP4544.EXE
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\~TMP4544.EXE.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\2D72ED5C.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\2CFB87C4.EXE
2) C:\WINDOWS.0\SYSTEM32\730E1040.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\2D72ED5C.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\2CFB87C4.EXE
2) C:\WINDOWS.0\SYSTEM32\730E1040.DLL
是否删除木马程序及其衍生物?
木马名称:Trojan-Downloader.Win32.QQHelper.fog

程序:
C:\WINDOWS.0\SYSTEM32\NETDDE32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\2D72ED5C.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
广告软件名称:AdWare.Win32.BHO.or

程序:
C:\WINDOWS.0\SYSTEM32\D03.EXE
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\2D72ED5C.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\61E6FE84.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\FE14C8B0.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\61E6FE84.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\FE14C8B0.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\61E6FE84.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\61E6FE84.EXE
是否删除木马程序及其衍生物?
木马名称:Trojan-Downloader.Win32.Agent.ioy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\AABB.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\987.EXE
被修改文件:
C:\WINDOWS.0\SYSTEM32\DLLCACHE\SVCHOST.EXE
是否阻止文件被修改?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\987.EXE
是否删除病毒程序及其衍生物?
木马名称:Trojan-Downloader.Win32.LoadAdv.ad

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LOADADV579.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Small.knj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WR-1-321.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.jee

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\1228.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.BHO.oj

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.DLL
是广告软件!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.BHO.oj

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.TMP
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\AD3770.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\COMMON FILES\CPUSH\UNINST.EXE
2) C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.TMP
是否删除木马程序及其衍生物?
程序:
C:\WINDOWS.0\SYSTEM32\N1187615306K.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\WINDOWS.0\SYSTEM32\DLLCACHE\1028\SVCHOST.EXE
蠕虫程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\LOCALSERVICE.NT AUTHORITY\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\7THL1DZZ\SHENJI[1].EXE
2) C:\WINDOWS.0\SYSTEM32\N1187615306K.EXE
是否删除蠕虫程序及其衍生物?
程序:
C:\WINDOWS.0\SYSTEM32\N1187615306K.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\AUTO.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\ALXRES070819.EXE
木马程序生成以下文件:
1) D:\MYPLAYER.COM
2) C:\WINDOWS.0\SYSTEM32\ALXRES070819.EXE
3) C:\WINDOWS.0\SYSTEM32\INF\SCRSYS070819.SCR
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\B0B0111C.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\FD859C6C.EXE
2) C:\WINDOWS.0\SYSTEM32\B8916C78.DLL
3) C:\WINDOWS.0\SYSTEM32\DELMEP.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\B0B0111C.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\FD859C6C.EXE
2) C:\WINDOWS.0\SYSTEM32\B8916C78.DLL
是否删除木马程序及其衍生物?
广告软件名称:AdWare.Win32.Cinmus.atc

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DODOLOOK133.EXE
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\B0B0111C.EXE
1) C:\WINDOWS.0\SYSTEM32\DELMEP.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\B0B0111C.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\QQ2007β3.EXE

E:\AUTORUN.INF
自启动运行!
并生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\QQ2007β3.EXE
2) E:\AUTORUN.EXE
3) E:\AUTORUN.INF
以及可由此INF文件引导自启的文件:
E:\AUTORUN.EXE

是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\DODOLOOK133.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\HUSJDD8S.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\HUSJDD8S.EXE
2) C:\WINDOWS.0\SYSTEM32\OSIESD3.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\162.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\AABB.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\1228.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LOADADV579.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251001.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251001.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11875968069.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251022.EXE
可疑程序生成以下文件:
1) C:\PROGRAM FILES\INTERNET EXPLORER\NM070814.EXE
2) C:\PROGRAM FILES\INTERNET EXPLORER\NM070814.DLL
3) C:\NMDELM.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?  
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251022.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\INTERNET EXPLORER\NM070814.EXE
2) C:\PROGRAM FILES\INTERNET EXPLORER\NM32.DLL
3) C:\PROGRAM FILES\INTERNET EXPLORER\NM070814.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251033.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251022.EXE
1) C:\NMDELM.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251033.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251146.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\HUSJDD8S.EXE
2) C:\WINDOWS.0\SYSTEM32\KILLME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251146.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\HUSJDD8S.EXE
2) C:\WINDOWS.0\SYSTEM32\KILLME.BAT
是否删除可疑程序?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245284499.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11245251168.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\DRIVERS\FTDISK.SYS
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11875967952.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\INFCELCSPXLOV.DLL
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\AD3770.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\WINDOWS.0\SYSTEM32\DRIVERS\ACPIDISK.SYS
是否删除RootKit程序?
程序:
C:\WINDOWS.0\SYSTEM32\WINLIB .DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K11875968026.EXE

D:\AUTORUN.INF
自启动运行!
并生成以下文件:
1) D:\BROWD.EXE
2) D:\AUTORUN.INF
以及可由此INF文件引导自启的文件:
D:\BROWD.EXE

是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K118759680710.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPAQ
2) C:\WINDOWS.0\SYSTEM32\DRIVERS\KM1B.SYS
是否删除木马程序及其衍生物?


先来这么多,呼
回复

举报

微点卫士
发表于 2007-8-20 21:24:39 | 显示全部楼层
微点:
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K118759681012.EXE
木马程序生成以下文件:
1) D:\MYPLAYER.COM
2) C:\WINDOWS.0\SYSTEM32\ALXRES070818.EXE
3) C:\WINDOWS.0\SYSTEM32\INF\SCRSYS070818.SCR
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\K118759681213.EXE
是否删除木马程序及其衍生物?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\MGEQMM.EXE
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\U7XT07KT\MMINSTALL[1]
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPAQ
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\RUNDLL01.EXE
是否删除木马程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\RUNDLL01.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\U7XT07KT\WXPSETUP232[1].TXT
2) C:\DWNSETUP\WXPSETUP232.EXE
3) C:\DWNSETUP\WEBHELP.EXE
4) C:\WINDOWS.0\SYSTEM32\WEBHELP.EXE
5) C:\WINDOWS.0\SYSTEM32\WEBSHOW.DLL
6) C:\WINDOWS.0\SYSTEM32\DRIVERS\WEBSHOW.DRV
7) C:\WINDOWS.0\SYSTEM32\DRIVERS\WEBHELP.DRV
8) C:\DWNSETUP\WEBSHOW.DLL
9) C:\DWNSETUP\SETUP.EXE
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\UNINST.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.BHO.oj

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.DLL
是广告软件!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.BHO.oj

程序:
C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.TMP
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\RUNDLL03.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\COMMON FILES\CPUSH\CPUSH.TMP
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SCRSYS070819.SCR
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SPOOISV.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\LSSAS.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\YSDUJ.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SPOOISV.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\LSSAS.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\YSDUJ.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SVCHOST.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\SVCHOST.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\TEMPA.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
2) C:\WINDOWS.0\SYSTEM32\LYLOADER.EXE
3) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYMANGR.DLL
4) C:\WINDOWS.0\SYSTEM32\LYMANGR.DLL
5) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\MSDEG32.DLL
6) C:\WINDOWS.0\SYSTEM32\MSDEG32.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\TEMPB.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\ZEROEXPLORER.DAT
2) C:\WINDOWS.0\SYSTEM32\ZERO.DAT
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\UNINST.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.QQHelper.eiw

程序:
C:\DOCUMENTS AND SETTINGS\ALL USERS.WINDOWS.0\APPLICATION DATA\T\AD\D16738F4B\0001.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.itl

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\HJE4GY15\RETADPU[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.itl

程序:
C:\WINDOWS.0\RETADPU26.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\WR-1-26.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\RETADPU26.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\XXX.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\9F28F200.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\XXX.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\9F28F200.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\XXX.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KASPER\XXX.EXE
是否删除木马程序及其衍生物?


111 555  kksi8s3   SVCH0ST挂了,上报
回复

举报

欠妳緈諨
发表于 2007-8-20 21:58:35 | 显示全部楼层

回复 #7 sb 的帖子

金山和江民半斤八两25个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

欠妳緈諨
发表于 2007-8-20 22:03:44 | 显示全部楼层

回复 #5 tracydk 的帖子

AVAST一共删除54只

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-15 07:11 , Processed in 0.101071 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表