收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 先传一些..貌似都是老外的..
12
返回列表 发新帖
楼主: qianwenxiang
 收起左侧

[病毒样本] 先传一些..貌似都是老外的..

[复制链接]
wangjay1980
发表于 2007-10-2 17:16:01 | 显示全部楼层
好几个软件安装包啊,还有AVG
回复

举报

The EQs
发表于 2007-10-2 17:21:50 | 显示全部楼层
Scan performed at: 2007-10-2 17:20:23
Scanning Log
NOD32 version 2564 (20071002) NT
Command line: C:\Documents and Settings\Don johnson\桌面\execute
Operating memory - is OK

Date: 2.10.2007  Time: 17:20:27
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\execute\
C:\Documents and Settings\Don johnson\桌面\execute\1-fe5e180d56ed9c233080898276c260cc.exe ?NSIS ?ContentTool.dll - Win32/Adware.SmartShopper application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\1-fe5e180d56ed9c233080898276c260cc.exe ?NSIS ?SearchTool.dll - Win32/Adware.SmartShopper application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\11679-23.exe - probably a variant of Win32/Diamin trojan
C:\Documents and Settings\Don johnson\桌面\execute\11680-23.exe - probably a variant of Win32/Diamin trojan
C:\Documents and Settings\Don johnson\桌面\execute\83122.exe ?NSIS ?func.exe - Win32/TrojanClicker.Small.JF trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\A.exe ?NSIS ?a.sys - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\A.exe ?NSIS ?staA.dll - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\A.exe ?NSIS ?winA.dll - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\acdt-pid67N(1).exe ?NSIS ?func.exe - Win32/TrojanClicker.Small.JF trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\acdt-pid67N.exe ?NSIS ?func.exe - Win32/TrojanClicker.Small.JF trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\AlexaInstaller_sohbanetcom-20.exe - Win32/Adware.Alexa application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\Avast Virus Cleaner Tool crack.exe - probably a variant of Win32/TrojanDownloader.Delf trojan
C:\Documents and Settings\Don johnson\桌面\execute\ContraVirus_Installer.exe ?NSIS ?ContraVirusPro.exe - Win32/Adware.AdProtect application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\crack.exe - probably a variant of Win32/TrojanDownloader.Agent trojan
C:\Documents and Settings\Don johnson\桌面\execute\csrss32.exe - Win32/TrojanClicker.Small.NBH trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\dapsolfeb.exe - Win32/Dialer.Delsim application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\dns_bot_20070615(1).exe - Win32/Adware.Ezula application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\dns_bot_20070615.exe - Win32/Adware.Ezula application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\down.exe - a variant of Win32/TrojanDownloader.Small.NXD trojan
C:\Documents and Settings\Don johnson\桌面\execute\DragRacer-v3-Setup.exe ?NSIS ?DLP.dll - a variant of Win32/Adware.Webdir application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeBrazilNewReleaseInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeFreeInstall.exe - probably a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeFreeInstallW.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeFreeInstall_br.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeFreeInstall_ru.exe - probably a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeFreeInstall_se.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeFree_new.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeNewReleaseInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeNewReleaseInstall_tr.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\ErrorSafeSpanishNewReleaseInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\explorer2.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\execute\fill.dll - Win32/Adware.Virtumonde.FP application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\hbtools.exe ?NSIS ?HBTVSetup.exe ?NSIS ?TVEngineCommand.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\hbtools.exe ?NSIS ?HBTVSetup.exe ?NSIS ?HBTV.exe - a variant of Win32/Adware.180Solutions application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\hbtools.exe ?NSIS ?HBTVSetup.exe ?NSIS ?HBTVHelper.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\hbtools.exe ?NSIS ?HBTVSetup.exe ?NSIS ?uninstaller.exe ?NSIS ?TVEngineCommand.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\hotbar.exe ?NSIS ?Uninstaller.exe - probably a variant of Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\immortal_20070525.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\execute\Install-Errorprotector-Free.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\install252.exe - Win32/Hoax.Renos.HV application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_br.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_btb.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_de.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_dk.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_es.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_fr.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_jp.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_nl.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_pm.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_se.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installdrivecleanerstart_tbn.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\installprivacyprotectorfree.exe - a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\install_en(1).exe - Win32/TrojanDownloader.Adload.NDX trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\install_en.exe - Win32/TrojanDownloader.Adload.NDX trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\jokes_en-gb.exe ?NSIS ?jokester.dll - Win32/Adware.Comet application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(1).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(2).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(3).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(4).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(5).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(6).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702(7).exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\kcehc_eicooc20070702.exe - Win32/TrojanDownloader.Tiny.ID trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\lo1(1).dll - a variant of Win32/Adware.Virtumonde.FP application
C:\Documents and Settings\Don johnson\桌面\execute\lo1.dll - a variant of Win32/Adware.Virtumonde.FP application
C:\Documents and Settings\Don johnson\桌面\execute\mirar_distro_876260.exe - Win32/Adware.Mirar application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\mw_setup.exe ?NSIS ?MalwareWiped 6.9.exe - Win32/Adware.MalwareWipe application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\p2p.exe - a variant of Win32/Dialer.StarDialer application
C:\Documents and Settings\Don johnson\桌面\execute\p2psetup.exe - Win32/Adware.P2PNet application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\PCTurboProInstallerFree.exe - probably a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\plugin.dll - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\execute\PR.exe - a variant of Win32/Dialer.IT trojan
C:\Documents and Settings\Don johnson\桌面\execute\qj0617.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\execute\RockXP4.exe ?RAR ?pwdump2\pwdump2.exe - Win32/PSWTool.PWDump2 application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\RockXP4.exe ?RAR ?pwdump2\samdump.dll - Win32/PSWTool.PWDump2 application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\run_original.exe - probably a variant of JS/Seeker.A virus - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\sd_setup(1).exe ?NSIS ?SpyDawn.exe - Win32/FraudTool.SpyHeal.A application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\sd_setup(1).exe ?NSIS ?uninst.exe - Win32/FraudTool.SpyHeal.A application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\sd_setup.exe ?NSIS ?SpyDawn.exe - Win32/FraudTool.SpyHeal.A application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\sd_setup.exe ?NSIS ?uninst.exe - Win32/FraudTool.SpyHeal.A application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\SecureInstall_LOFS020701Inst.exe - Win32/Adware.WhenU.SaveNow application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\setup_file.exe - Win32/TrojanDropper.Agent.TV trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility(1).exe ?NSIS ?SBTVSetup.exe ?NSIS ?TVEngineCommand.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility(1).exe ?NSIS ?SBTVSetup.exe ?NSIS ?SBTV.exe - a variant of Win32/Adware.180Solutions application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility(1).exe ?NSIS ?SBTVSetup.exe ?NSIS ?SBTVHelper.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility(1).exe ?NSIS ?SBTVSetup.exe ?NSIS ?uninstaller.exe ?NSIS ?TVEngineCommand.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility.exe ?NSIS ?SBTVSetup.exe ?NSIS ?TVEngineCommand.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility.exe ?NSIS ?SBTVSetup.exe ?NSIS ?SBTV.exe - a variant of Win32/Adware.180Solutions application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility.exe ?NSIS ?SBTVSetup.exe ?NSIS ?SBTVHelper.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\spamblockerutility.exe ?NSIS ?SBTVSetup.exe ?NSIS ?uninstaller.exe ?NSIS ?TVEngineCommand.dll - Win32/Adware.HotBar application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\SystemDoctor2006FreeInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\SystemDoctor2006FreeInstall_jp.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\s_sinstallerandtoolbar3.exe ?NSIS ?screensavers.exe ?NSIS ?broker.exe - Win32/Adware.Comet application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\s_sinstallerandtoolbar3.exe ?NSIS ?sinstaller3.exe ?NSIS ?SSSInstaller.dll - a variant of Win32/Adware.Comet application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\ucleaner_setup(1).exe - probably a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\ucleaner_setup.exe - probably a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(1).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(2).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(3).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(4).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(5).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(6).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup(7).exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\udefender_setup.exe - a variant of Win32/Adware.UltimateDefender application
C:\Documents and Settings\Don johnson\桌面\execute\user4.exe - Win32/TrojanDownloader.Small.DXM trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\vod.exe - Win32/TrojanDropper.Delf.NEG trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\weatherstudio(1).exe ?NSIS ?broker.exe - Win32/Adware.Comet application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\weatherstudio.exe ?NSIS ?broker.exe - Win32/Adware.Comet application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\execute\WinAntiSpyware2007FreeInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\WinAntiVirusPro2006FreeInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\WinAntiVirusPro2006FreeInstall_dk.exe - probably a variant of Win32/Adware.WinFixer application
C:\Documents and Settings\Don johnson\桌面\execute\WinAntiVirusPro2007FreeInstall.exe - Win32/Adware.WinFixer application - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\execute\wl0618.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\execute\wow0617.exe - probably a variant of Win32/Genetik trojan
Number of scanned files: 2095
Number of threats found: 115
Number of files cleaned: 99
Time of completion: 17:21:32 Total scanning time: 65 sec (00:01:05)

Notes:
[7] File is probably infected with an unknown virus.
回复

举报

The EQs
发表于 2007-10-2 17:43:02 | 显示全部楼层
看见AVG,7Z等安装包。。。。。。
回复

举报

qianwenxiang
 楼主| 发表于 2007-10-2 18:18:18 | 显示全部楼层
原帖由 FBAV 于 2007-10-2 17:01 发表
从哪里来的呀?外国论坛?

http://www.ece.cmu.edu/~ebuehl/public_html/0702-0807.txt
回复

举报

qianwenxiang
 楼主| 发表于 2007-10-2 18:18:56 | 显示全部楼层
原帖由 EQ2 于 2007-10-2 17:43 发表
看见AVG,7Z等安装包。。。。。。

没注意..一下子全部打包了
回复

举报

qigang
发表于 2007-10-2 18:58:21 | 显示全部楼层

2112/51

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Dropper.Win32.Agent.ylp  
病毒: Trojan.Clicker.Win32.Small.kj
病毒: Trojan.Dialer.hsi        
病毒: Trojan.Win32.Agent.fb   
病毒: Trojan.DL.Win32.Agent.yhk
病毒: Adware.WinFixer.a        
病毒: Trojan.DL.Win32.WinFixer.o
病毒: Trojan.DL.Agent.bsf      
病毒: Trojan.DL.WinFixer.p     
病毒: Trojan.DL.Win32.WinFixer.o
病毒: Trojan.Win32.Agent.ymg   
病毒: Trojan.Vundo.rg         
病毒: Trojan.DL.Win32.Agent.bn
病毒: Trojan.DL.Win32.Tiny.id  
病毒: Trojan.Vundo.rg         
病毒: Trojan.Mnless.loo        
病毒: Trojan.Dialer.csb        
病毒: Backdoor.NetWorking.a   
病毒: Trojan.DL.Agent.blo      
病毒: Trojan.DL.Small.vbu      
病毒: Trojan.JS.Seeker.ao      
病毒: Trojan.Spy.PerfLoger.c   
病毒: Trojan.Spy.Banker.rcv   
病毒: Trojan.EliteBar.h        
病毒: Adware.Win32.Clicker.b   
病毒: Trojan.DL.Win32.Agent.xes
病毒: Trojan.Win32.MnLess.kks  
病毒: Trojan.PSW.Win32.RBLand.bd
病毒: Trojan.Dialer.GEN        
病毒: Trojan.DL.MNless.cq      

MAC地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:19.43.10
回复

举报

king6808
发表于 2007-10-2 19:03:13 | 显示全部楼层
算了,太麻烦了
回复

举报

promised
发表于 2007-10-2 21:08:32 | 显示全部楼层
F-PROT Antivirus version 6.2.1
FRISK Software International (C) Copyright 1989-2007

Engine version: 4.3.3.49
Virus signatures: 200709290930bc1999f9eddb940b57e11447a7a97e87
                  (C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software\F-PROT Antivirus for Windows\antivir.def)

[Clean]    C:\ABC\execute\1-fe5e180d56ed9c233080898276c260cc.exe
[Found trojan] <W32/Trojan.AODX (exact)>         C:\ABC\execute\11679-23.exe
[Found trojan] <W32/Trojan.AODX (exact)>         C:\ABC\execute\11680-23.exe
[Clean]    C:\ABC\execute\3wPlayer-1.0.0.3-setup-0676.exe
[Clean]    C:\ABC\execute\7z448.exe
[Clean]    C:\ABC\execute\83122.exe
[Clean]    C:\ABC\execute\A.exe
[Found security risk] <W32/Malware!0c22 (exact)>         C:\ABC\execute\acdt-pid67N(1).exe
[Found security risk] <W32/Malware!0c22 (exact)>         C:\ABC\execute\acdt-pid67N.exe
[Found adware] <W32/AdwareX.FET (exact)>         C:\ABC\execute\AlexaInstaller_sohbanetcom-20.exe
[Clean]    C:\ABC\execute\AntivirusProtection.exe
[Found downloader] <W32/Downloader.BFAQ (exact)>         C:\ABC\execute\Avast Virus Cleaner Tool crack.exe
[Clean]    C:\ABC\execute\avg_setup.exe
[Found application] <W32/HackToolX.VS (exact)>         C:\ABC\execute\ContraVirus_Installer.exe
[Found adware] <W32/Adware.TWP (exact)>         C:\ABC\execute\crack.exe
[Clean]    C:\ABC\execute\csrss32.exe->(UPX)
[Found security risk] <W32/Dialer.DEA (exact)>         C:\ABC\execute\dapsolfeb.exe
[Clean]    C:\ABC\execute\dir.exe
[Found backdoor] <W32/Backdoor.ATQK (exact)>         C:\ABC\execute\dns_bot_20070615(1).exe
[Found backdoor] <W32/Backdoor.ATQK (exact)>         C:\ABC\execute\dns_bot_20070615.exe
[Clean]    C:\ABC\execute\down(1).exe
[Found possible virus] < (not disinfectable)>         C:\ABC\execute\down.exe->(NSPack)->(PE_Patch)
[Found adware] <W32/AdwareX.BZH (exact)>         C:\ABC\execute\DragRacer-v3-Setup.exe
[Clean]    C:\ABC\execute\entertainment.exe
[Found adware] <W32/Adware.PPD (exact)>         C:\ABC\execute\ErrorSafeBrazilNewReleaseInstall.exe
[Clean]    C:\ABC\execute\ErrorSafeFreeInstall.exe
[Found backdoor] <W32/Backdoor.ATJS (exact)>         C:\ABC\execute\ErrorSafeFreeInstallW.exe
[Found security risk] <W32/Malware!2c2e (exact)>         C:\ABC\execute\ErrorSafeFreeInstall_br.exe
[Found adware] <W32/Adware.PPF (exact)>         C:\ABC\execute\ErrorSafeFreeInstall_ru.exe
[Found security risk] <W32/Malware!0a1c (exact)>         C:\ABC\execute\ErrorSafeFreeInstall_se.exe
[Found downloader] <W32/Downldr2.TBC (exact)>         C:\ABC\execute\ErrorSafeFree_new.exe
[Found backdoor] <W32/Backdoor.ATJS (exact)>         C:\ABC\execute\ErrorSafeNewReleaseInstall.exe
[Found adware] <W32/Adware.PPE (exact)>         C:\ABC\execute\ErrorSafeNewReleaseInstall_tr.exe
[Found adware] <W32/Adware.PPD (exact)>         C:\ABC\execute\ErrorSafeSpanishNewReleaseInstall.exe
[Clean]    C:\ABC\execute\explorer2.exe->(UPX)
[Clean]    C:\ABC\execute\explorer2.exe
[Found adware] <W32/Adware.JMY (exact)>         C:\ABC\execute\fill.dll
[Found security risk] <W32/Malware!fb88 (exact)>         C:\ABC\execute\hbtools.exe
[Clean]    C:\ABC\execute\hotbar.exe
[Found possible virus] <W32/Downloader-Sml-based!Maximus>         C:\ABC\execute\immortal_20070525.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\Install-Errorprotector-Free.exe
[Found possible downloader] < (not disinfectable)>         C:\ABC\execute\install252.exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_br.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_btb.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_de.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_dk.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_es.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_fr.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_jp.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_nl.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_pm.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_se.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installdrivecleanerstart_tbn.exe
[Clean]    C:\ABC\execute\installer-12116-17-Windows-Live-Messenger-8-1-0178-French.exe->(UPX)
[Clean]    C:\ABC\execute\installer-12116-17-Windows-Live-Messenger-8-1-0178-French.exe
[Clean]    C:\ABC\execute\installer.exe->exefile
[Clean]    C:\ABC\execute\installer.exe
[Found adware] <W32/Adware.XOV (exact)>         C:\ABC\execute\installer_en.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\installprivacyprotectorfree.exe
[Found adware] <W32/Adware.PZB (exact)>         C:\ABC\execute\install_en(1).exe
[Found adware] <W32/Adware.PZB (exact)>         C:\ABC\execute\install_en.exe
[Found application] <W32/PortScan (exact)>         C:\ABC\execute\ipscan.exe
[Found adware] <W32/Adware.VNN (exact)>         C:\ABC\execute\jokes_en-gb.exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(1).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(2).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(3).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(4).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(5).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(6).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702(7).exe
[Found downloader] <W32/Downldr2.LUX (exact)>         C:\ABC\execute\kcehc_eicooc20070702.exe
[Clean]    C:\ABC\execute\KeyHook.dll
[Clean]    C:\ABC\execute\LinkedInToolbarIEInstaller.exe
[Found adware] <W32/Virtumonde.LL (exact)>         C:\ABC\execute\lo1(1).dll
[Found adware] <W32/Virtumonde.LL (exact)>         C:\ABC\execute\lo1.dll
[Found downloader] <W32/Downldr2.BBE (exact)>         C:\ABC\execute\mirar_distro_876260.exe
[Clean]    C:\ABC\execute\MSIMClientSetup.1.0.697.0-static.exe
[Clean]    C:\ABC\execute\music.exe
[Clean]    C:\ABC\execute\mw_setup.exe
[Clean]    C:\ABC\execute\NetPumper-1.50-setup-0180.exe
[Clean]    C:\ABC\execute\NetPumper-1.50-setup-0374.exe
[Clean]    C:\ABC\execute\NetPumper-1.50-setup-0678.exe
[Found possible virus] <W32/Dialer.gen2!EEH>         C:\ABC\execute\p2p.exe->(UPX)
[Clean]    C:\ABC\execute\p2psetup.exe->(UPX)
[Clean]    C:\ABC\execute\p2psetup.exe
[Clean]    C:\ABC\execute\PCTurboProInstallerFree.exe
[Clean]    C:\ABC\execute\pilotcodec1402.exe
[Found trojan] <W32/Trojan.MST (exact)>         C:\ABC\execute\plugin.dll
[Found security risk] <W32/Dialer.DDO (exact)>         C:\ABC\execute\PR.exe->(UPX)
[Clean]    C:\ABC\execute\qj0617.exe->(UPX)
[Clean]    C:\ABC\execute\qj0617.exe
[Clean]    C:\ABC\execute\QuickTime_Pro_7.1_Keygen.exe
[Clean]    C:\ABC\execute\rav.exe
[Clean]    C:\ABC\execute\RemoteView_Setup.exe
[Clean]    C:\ABC\execute\reverc.exe
[Found security risk] <W32/Malware!09fd (exact)>         C:\ABC\execute\RockXP4.exe
[Found security risk] <W32/Malware!7a22 (exact)>         C:\ABC\execute\RuneScape Auto Miner.exe
[Found trojan] <JS/Seeker.B@troj (exact, not disinfectable)>         C:\ABC\execute\run_original.exe
[Found trojan] <W32/Trojan.BNKR (exact)>         C:\ABC\execute\sd_setup(1).exe
[Found trojan] <W32/Trojan.BNKR (exact)>         C:\ABC\execute\sd_setup.exe
[Found adware] <W32/Savenow.D (exact)>         C:\ABC\execute\SecureInstall_LOFS020701Inst.exe
[Clean]    C:\ABC\execute\Setup(1).exe->(UPX)
[Clean]    C:\ABC\execute\Setup(1).exe
[Clean]    C:\ABC\execute\Setup(2).exe->(UPX)
[Clean]    C:\ABC\execute\Setup(2).exe
[Clean]    C:\ABC\execute\Setup.exe->(UPX)
[Clean]    C:\ABC\execute\Setup.exe
[Found trojan] <W32/Elitebar.J (exact)>         C:\ABC\execute\setup_file.exe
[Found adware] <W32/AdwareX.TD (exact)>         C:\ABC\execute\spamblockerutility(1).exe
[Found adware] <W32/AdwareX.TD (exact)>         C:\ABC\execute\spamblockerutility.exe
[Clean]    C:\ABC\execute\spydb.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\SystemDoctor2006FreeInstall.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\SystemDoctor2006FreeInstall_jp.exe
[Found adware] <W32/Adware.SHT (exact)>         C:\ABC\execute\s_sinstallerandtoolbar3.exe
[Clean]    C:\ABC\execute\u.exe->(UPX)
[Clean]    C:\ABC\execute\u.exe
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\ucleaner_setup(1).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\ucleaner_setup.exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(1).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(2).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(3).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(4).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(5).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(6).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup(7).exe->(UPX)
[Found possible virus] <W32/SelfStarterInternetTrojan!Maximus>         C:\ABC\execute\udefender_setup.exe->(UPX)
[Found trojan] <W32/TrojanX.ZKP (exact)>         C:\ABC\execute\user4.exe
[Found possible virus] < (damaged, not disinfectable)>         C:\ABC\execute\vod.exe->(UPack)
[Clean]    C:\ABC\execute\vr_setup_3_0.exe
[Found adware] <W32/AdwareX.CPH (exact)>         C:\ABC\execute\weatherstudio(1).exe
[Found adware] <W32/AdwareX.CPH (exact)>         C:\ABC\execute\weatherstudio.exe
[Found adware] <W32/Adware.WVE (exact)>         C:\ABC\execute\WinAntiSpyware2007FreeInstall.exe
[Found adware] <W32/Adware.WVE (exact)>         C:\ABC\execute\WinAntiVirusPro2006FreeInstall.exe
[Clean]    C:\ABC\execute\WinAntiVirusPro2006FreeInstall_dk.exe
[Found adware] <W32/Adware.WVE (exact)>         C:\ABC\execute\WinAntiVirusPro2007FreeInstall.exe
[Clean]    C:\ABC\execute\wl0618.exe->(UPX)
[Clean]    C:\ABC\execute\wl0618.exe
[Clean]    C:\ABC\execute\wow0617.exe
[Clean]    C:\ABC\execute\wr-1-682.exe->(UPX)
[Clean]    C:\ABC\execute\wr-1-682.exe
[Found possible virus] <W32/Threat-HLLIP-based!Maximus>         C:\ABC\execute\xc60(1).exe
[Found possible virus] <W32/Threat-HLLIP-based!Maximus>         C:\ABC\execute\xc60(2).exe
[Found possible virus] <W32/Threat-HLLIP-based!Maximus>         C:\ABC\execute\xc60(3).exe
[Found possible virus] <W32/Threat-HLLIP-based!Maximus>         C:\ABC\execute\xc60.exe


Results:

Files: 134
Skipped files: 0
MBR/boot sectors checked: 0
Objects scanned: 157
Infected objects: 92
Files with errors: 0
Disinfected: 0

Running time: 00:25
回复

举报

king6808
发表于 2007-10-2 22:14:31 | 显示全部楼层
太多了
回复

举报

mofunzone
发表于 2007-10-3 06:20:24 | 显示全部楼层
End of the scan: 2007年10月2日  15:20
Used time: 00:08 min

The scan has been done completely.

      1 Scanning directories
    154 Files were scanned
    112 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
    111 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     42 Files not concerned
      1 Archives were scanned
      2 Warnings
      0 Notes
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-18 23:57 , Processed in 0.099878 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表