查看: 3691|回复: 15
收起左侧

[已鉴定] 來個+6

 关闭 [复制链接]
Graybird
发表于 2008-2-8 12:15:35 | 显示全部楼层
Starting the file scan:

Begin scan in 'E:\jh0828.rar'
E:\jh0828.rar
  [0] Archive type: RAR
  --> jh0828\QQ.asp
      [DETECTION] Is the Trojan horse TR/PSW.ASP.S
  --> jh0828\½ðºüQQ2008´óµÁ[ÊóÄêдººØËê°æ].exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
      [WARNING]   The file was ignored!

Starting the file scan:

Begin scan in 'E:\1.exe'
E:\1.exe
      [DETECTION] Is the Trojan horse TR/Drop.QQHelper.C
      [INFO]      The file was deleted!

Starting the file scan:

Begin scan in 'E:\MM.exe'
E:\MM.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.YQ
      [INFO]      The file was deleted!
Begin scan in 'E:\guaguaxixa.exe'
E:\guaguaxixa.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\004.rar'
E:\004.rar
  [0] Archive type: RAR
  --> jpg.exe
      [DETECTION] Contains detection pattern of the SPR/FileBinder.A program
      [INFO]      The file was deleted!
Begin scan in 'E:\wy1.0.rar'
Begin scan in 'E:\e77faefd945c06ee56575541844590d1.exe'
Begin scan in 'E:\jwtwg.rar'
E:\jwtwg.rar
  [0] Archive type: RAR
  --> ¾¢ÎèÍÅÖúÊÖ-ËæÐÄÎè.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING]   The file was ignored!
Begin scan in 'E:\qq.rar'
E:\qq.rar
  [0] Archive type: RAR
  --> ×îÐÂË¢QQÒµÎñ¹¤¾ß\×îÐÂË¢QQÒµÎñ¹¤¾ß.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING]   The file was ignored!
Begin scan in 'E:\71RqpGM0.rar'
E:\71RqpGM0.rar
  [0] Archive type: RAR
  --> ÅÜÅÜÃâ·ÑÆƽâÍâ¹Ò.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING]   The file was ignored!
Begin scan in 'E:\080123155454.rar'
E:\080123155454.rar
  [0] Archive type: RAR
  --> Íâ¹Ò.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [WARNING]   The file was ignored!
Begin scan in 'E:\QQTangwg.exe'
E:\QQTangwg.exe
  [0] Archive type: RAR SFX (self extracting)
  --> m.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Pcclient.q.1 Backdoor server programs
      [WARNING]   The file was ignored!
Begin scan in 'E:\fcg.rar'
E:\fcg.rar
  [0] Archive type: RAR
  --> fcg.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [WARNING]   The file was ignored!
Begin scan in 'E:\jpg.name_059040177055_2007-7-26_3-07-19_1123920_87152.exe'
E:\jpg.name_059040177055_2007-7-26_3-07-19_1123920_87152.exe
  [0] Archive type: ZIP SFX (self extracting)
  --> 18½ûÍøÖ·´óÈ«.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [WARNING]   The file was ignored!

e77faefd945c06ee56575541844590d1.exe
The file 'e77faefd945c06ee56575541844590d1.exe' has been determined to be 'MALWARE'. Our analysts named the threat DR/Agent.eyc. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection will be added to our virus definition file (VDF) with one of the next updates.

QQTangwg.exe
The file 'QQTangwg.exe' has been determined to be 'MALWARE'. Our analysts named the threat DR/PcClient.Q. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection will be added to our virus definition file (VDF) with one of the next updates.

qq.rar
The file 'fucker.EXE' has been determined to be 'MALWARE'. Our analysts discovered that the file is a Trojan. In general this kind of programs contains harmful functionality called payload. Detection will be added to our virus definition file (VDF) with one of the next updates.

wy1.0.rar
The file 'GuaQQ.exe' has been determined to be 'MALWARE'. Our analysts discovered that the file is a Trojan. In general this kind of programs contains harmful functionality called payload. Detection will be added to our virus definition file (VDF) with one of the next updates.

jpg.name_059040177055_2007-7-26_3-07-19_1123920_87152.exe
The file 'jpg.name_059040177055_2007-7-26_3-07-19_1123920_87152.exe' has been determined to be 'MALWARE'. Our analysts named the threat DR/Hupigon.exb. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection will be added to our virus definition file (VDF) with one of the next updates.

[ 本帖最后由 Graybird 于 2008-2-8 21:57 编辑 ]
wangjay1980
发表于 2008-2-8 12:16:45 | 显示全部楼层
发过
wolffshen
发表于 2008-2-8 12:18:07 | 显示全部楼层
FS 杀
结果: 找到 1 恶意软件
Trojan-Downloader.Win32.Delf.enh (病毒)
D:\Virus\Test\d\金狐QQ2008大盗[鼠年新春贺岁版].exe 操作: 删除
冷冷
发表于 2008-2-8 12:26:31 | 显示全部楼层
IK
I:\virus\test\1.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\test\jh0828.rar:\jh0828\QQ.asp
I:\virus\test\jh0828.rar:\jh0828\金狐QQ2008大盗[鼠年新春贺岁版--去除后门收信免杀加强版]说明.txt
I:\virus\test\jh0828.rar:\jh0828\金狐QQ2008大盗[鼠年新春贺岁版].exe - Signature 'Backdoor.Win32.GrayBird.lc' found
I:\virus\test\jh0828.rar:\jh0828\金狐QQ联盟.url
I:\virus\test\jh0828.rar
6 Files scanned
   (1 Archiv with 4 files)
2 Signatures found
0 Suspect code-parts found
Used time: 0:00.171

[ 本帖最后由 冷_冷 于 2008-2-8 14:19 编辑 ]
hj5abc
发表于 2008-2-8 12:59:22 | 显示全部楼层
AVAST 12  

Win32:QQPass-OQ [Trj]
Win32:Agent-JOJ [Trj]
Win32:Nilage-AI [Trj]
Win32:Delf-BLM [Trj]
Win32:Getos [Trj]
Win32:Hupigon-FB [Trj]
Win32:RPoly [Cryp]
Win32:QQPass-OQ [Trj]
Win32:Hupigon-DKF [Trj]
Win32:PcClient-CY [Trj]
Win32:Hupigon-DKZ [Trj]
Win32:Hupigon-DUB [Trj]


[ 本帖最后由 hj5abc 于 2008-2-8 16:45 编辑 ]
挪威的冬天
发表于 2008-2-8 13:18:26 | 显示全部楼层
病毒        2008-02-08  13:17:47        病毒在文件C:\Users\挪威的冬天\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IT07D11\1[1].exe中        Win32.PSWTroj.Agent.mh.114688        处理成功(操作:删除)       

信息        2008-02-08  13:18:02        您此次查毒共查出1个病毒以及危险代码                       
信息        2008-02-08  13:18:02        您此次查毒共查了内存模块0个,磁盘引导扇区0个,文件8个                       
信息        2008-02-08  13:18:02        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒                       
病毒        2008-02-08  13:18:02        C:\Users\挪威的冬天\Desktop\jh0828.rar\jh0828\金狐QQ2008大盗[鼠年新春贺岁版].exe        Win32.Packed.MaskPE        跳过,未处理
无尽藏海
发表于 2008-2-8 13:35:15 | 显示全部楼层
F:\virus\1.exe - probably a variant of Win32/AutoRun.FS worm


2008-2-8 13:34:50        Kernel        File  'F:\virus\jh0828.rar' was sent to ESET for analysis.
leonfg
发表于 2008-2-8 14:35:36 | 显示全部楼层
Virus check with G DATA AntiVirus
Version 18.2.7318.595
Virus signature dated 2/8/2008
Start time: 2/8/2008 14:35
Engine(s): Engine A (AVK 18.2696), Engine B (AVKB 18.127)
Heuristics: On
Archive: On
System areas: On

Check system areas...
Check the following directories and files:
  C:\Documents and Settings\GUNDAM\桌面\新建文件夹\

Object: 1.exe
        Path: C:\Documents and Settings\GUNDAM\桌面\新建文件夹
        Status: Virus detected
        Virus: Trojan-PSW.Win32.Agent.mh (Engine A)
Object: jh0828/金狐QQ2008大盗[鼠年新春贺岁版].exe data0001.bin
        In archive: C:\Documents and Settings\GUNDAM\桌面\新建文件夹\jh0828.rar
        Status: Virus detected
        Virus: Trojan-Downloader.Win32.Delf.enh (Engine A)
Object: jh0828.rar
        Path: C:\Documents and Settings\GUNDAM\桌面\新建文件夹
        Status: Virus detected
        Virus: Trojan-Downloader.Win32.Delf.enh (Engine A)

Analysis performed in full: 2/8/2008 14:35
    2 files checked
    2 infected files detected
    0 suspicious files found
qigang
发表于 2008-2-8 20:25:03 | 显示全部楼层

下面这个已经无法下载喽!

http://jin.jin.wmn.cc/jh/jh0828.rar
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-14 15:00 , Processed in 0.130942 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表