[病毒样本] 25x

显示全部楼层 · 发表于 2008-3-29 22:32:10

aerbeisi继续帮着上报到FP吧。。。最近估计没什么空测毒了
另外说一句，也在用FP测毒的朋友，一定要在高级扫描中设置好病毒的文件夹，然后选thorough scan，这样才能发挥最大威力，右键扫描只是normal scan，因为看见有的朋友是normal scan，所以特别提醒下
[Found security risk] <W32/Malware!9e52 (exact)> C:\virus\pack\AlbumdeFotos.exe
[Deleted] C:\virus\pack\AlbumdeFotos.exe
[Found security risk] <W32/Malware!9e52 (exact)> C:\virus\pack\amorecarinho.exe
[Deleted] C:\virus\pack\amorecarinho.exe
[Found adware] <W32/Adware.AAZT (exact)> C:\virus\pack\BndDrive4.dll
[Deleted] C:\virus\pack\BndDrive4.dll
[Found downloader] <W32/Downloader.BAZQ (exact)> C:\virus\pack\cartao_voxcard.exe
[Deleted] C:\virus\pack\cartao_voxcard.exe
[Found password stealer] <W32/Bancos.JSZ (exact)> C:\virus\pack\findx.exe
[Deleted] C:\virus\pack\findx.exe
[Found downloader] <W32/Downldr2.BJTB (exact)> C:\virus\pack\ftpdll.dll
[Deleted] C:\virus\pack\ftpdll.dll
[Clean] C:\virus\pack\ggl.exe
[Clean] C:\virus\pack\gr.dll
[Clean] C:\virus\pack\inetin.exe->(FSG)
[Clean] C:\virus\pack\ISMModule4.exe
[Found password stealer] <W32/Banker.ASWI (exact, damaged)> C:\virus\pack\Mensagem23.exe
[Deleted] C:\virus\pack\Mensagem23.exe
[Clean] C:\virus\pack\Mess.exe->(FSG)
[Found possible virus] <W32/Document-disguised-based!Maximus> C:\virus\pack\msmnsgr.exe
[Failed to disinfect] msmnsgr.exe
[Quarantined] C:\virus\pack\msmnsgr.exe
[Found password stealer] <W32/Bancos.KUA (exact)> C:\virus\pack\pula_cerca.exe
[Deleted] C:\virus\pack\pula_cerca.exe
[Clean] C:\virus\pack\QdrPack14.exe
[Found adware] <W32/Adware.ZAS (exact)> C:\virus\pack\QdrPack9.exe
[Deleted] C:\virus\pack\QdrPack9.exe
[Found Trojan] <W32/Trojan.AHCV (exact)> C:\virus\pack\qufapy.dll
[Deleted] C:\virus\pack\qufapy.dll
[Found password stealer] <W32/Banker.ASWI (exact, damaged)> C:\virus\pack\rdshost32.exe
[Deleted] C:\virus\pack\rdshost32.exe
[Clean] C:\virus\pack\RESSDT.exe
[Clean] C:\virus\pack\RESSDT.sys
[Found downloader] <W32/Downldr2.NVV (exact)> C:\virus\pack\svcdll.exe
[Deleted] C:\virus\pack\svcdll.exe
[Found possible virus] <W32/Downloader-WebExe-based!Maximus> C:\virus\pack\sysave.exe
[Failed to disinfect] sysave.exe
[Quarantined] C:\virus\pack\sysave.exe
[Found virus] <W32/Downloader.gen10> C:\virus\pack\SysWFGwd2.dll->(PE_Patch.MaskPE)
[Failed to disinfect] SysWFGwd2.dll->(PE_Patch.MaskPE)
[Quarantined] C:\virus\pack\SysWFGwd2.dll->(PE_Patch.MaskPE)
[Clean] C:\virus\pack\tourupd.exe
[Found password stealer] <W32/Bancos.JSZ (exact)> C:\virus\pack\win32dlll.exe
[Deleted] C:\virus\pack\win32dlll.exe

显示全部楼层 · 发表于 2008-3-30 00:26:13

信息 2008-03-30  00:26:09 您此次查毒共查出10个病毒以及危险代码
信息 2008-03-30  00:26:09 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件34个
信息 2008-03-30  00:26:09 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
风险程序 2008-03-30  00:26:09 D:\Desktop\pack\QdrPack14.exe Win32.Adware.AdBand.n.352256 隔离成功
风险程序 2008-03-30  00:26:09 D:\Desktop\pack\BndDrive4.dll Win32.Adware.AdBand.c.196608 隔离成功
病毒 2008-03-30  00:26:07 D:\Desktop\pack\SysWFGwd2.dll Win32.Packed.MaskPE 跳过，未处理
病毒 2008-03-30  00:26:02 D:\Desktop\pack\sysave.exe Win32.TrojDownloader.Small.16384 清除成功
病毒 2008-03-30  00:26:02 D:\Desktop\pack\rdshost32.exe Win32.Troj.Bancos.zm.11358208 清除成功
病毒 2008-03-30  00:26:02 D:\Desktop\pack\qufapy.dll Win32.Troj.BHO.ab.70144 清除成功
病毒 2008-03-30  00:26:02 D:\Desktop\pack\pula_cerca.exe Win32.TrojDownloader.Banload.121852 清除成功
病毒 2008-03-30  00:26:02 D:\Desktop\pack\Mensagem23.exe Win32.Troj.Bancos.zm.11358208 清除成功
病毒 2008-03-30  00:26:02 D:\Desktop\pack\inetin.exe Worm.AutoRun.73728 清除成功
病毒 2008-03-30  00:26:01 D:\Desktop\pack\cartao_voxcard.exe Win32.TrojDownloader.Banload.43520 清除成功

显示全部楼层 · 发表于 2008-3-30 00:47:51

D:\Virus\pack.part1.rar=]BndDrive4.dll Adware.Generic.8978 Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]ISMModule4.exe Adware.Generic.8979 Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]sysave.exe BehavesLike:Win32.ExplorerHijack Disinfect Failed
D:\Virus\pack.part1.rar=]findx.exe DeepScan:Generic.Banker.OT.D6E147B0 Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]win32dlll.exe DeepScan:Generic.Banker.OT.D6E147B0 Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]amorecarinho.exe GenPack:Trojan.Downloader.AHI Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]AlbumdeFotos.exe GenPack:Trojan.Downloader.AHI Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]RESSDT.exe Trojan.Agent.AHNA Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]RESSDT.sys Trojan.Agent.AHNA Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]qufapy.dll Trojan.BHO.AW Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]gr.dll Trojan.Crypt.AI Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]svcdll.exe Trojan.Downloader.Agent.AUI Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]msmnsgr.exe Trojan.Downloader.Banload.ALN Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]pula_cerca.exe Trojan.Downloader.Banload.BUN Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]cartao_voxcard.exe Trojan.Downloader.Banload.SZ Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]inetin.exe Trojan.Downloader.VB.VOX Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]Mess.exe Trojan.Downloader.VB.VOX Disinfect Failed (file was in an archive)
D:\Virus\pack.part1.rar=]Mensagem23.exe Trojan.Spy.Bancos.EM Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]rdshost32.exe Trojan.Spy.Bancos.EM Delete Failed (file was in an archive)
D:\Virus\pack.part1.rar=]ftpdll.dll Worm.Autorun.VCZ Delete Failed (file was in an archive)

显示全部楼层 · 发表于 2008-3-30 00:49:10

原来用FP的时候就是这样子
当时还感觉自己怎么想出这么好的一个方法，很方便的说

显示全部楼层 · 发表于 2008-3-30 01:27:33

费尔23

E:\病毒\pack\AlbumdeFotos.exe TrojanDownloader.Banload.ti.ewap 木马还未处理
E:\病毒\pack\amorecarinho.exe TrojanDownloader.Banload.ti.ewap 木马还未处理
E:\病毒\pack\BndDrive4.dll Adware.Agent.jl.xifk.dll 广告程序还未处理
E:\病毒\pack\cartao_voxcard.exe TrojanDownloader.Banload.aqo.pck 木马还未处理
E:\病毒\pack\findx.exe TrojanSpy.Bancos.zm.msb 木马还未处理
E:\病毒\pack\ftpdll.dll TrojanDownloader.Small.ths.lseu.dll 木马还未处理
E:\病毒\pack\gr.dll TrojanDownloader.Small.ivx.lkfk 木马还未处理
E:\病毒\pack\inetin.exe Worm.AutoRun.dbm.wuik 病毒还未处理
E:\病毒\pack\ISMModule4.exe Adware.Agent.jn.smrg 广告程序还未处理
E:\病毒\pack\Mensagem23.exe TrojanSpy.Bancos.zm.fcuj 木马还未处理
E:\病毒\pack\Mess.exe TrojanDownloader.VB.dgw.tdzt 木马还未处理
E:\病毒\pack\msmnsgr.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
E:\病毒\pack\pula_cerca.exe TrojanDownloader.Qbqlzw.razf 木马还未处理
E:\病毒\pack\QdrPack14.exe Adware.AdBand.n.ajwb 广告程序还未处理
E:\病毒\pack\QdrPack9.exe Adware.Agent.vu.egfr 广告程序还未处理
E:\病毒\pack\qufapy.dll Adware.ZQuest.lcso.dll 广告程序还未处理
E:\病毒\pack\rdshost32.exe TrojanSpy.Bancos.zm.fcuj 木马还未处理
E:\病毒\pack\RESSDT.exe TrojanDownloader.Agent.lrm.gwyr 木马还未处理
E:\病毒\pack\RESSDT.sys TrojanDownloader.Agent.lrm.qlfo 木马还未处理
E:\病毒\pack\svcdll.exe TrojanDownloader.Agent.aui.wam 木马还未处理
E:\病毒\pack\sysave.exe TrojanDownloader.Agent.llv.dtba 木马还未处理
E:\病毒\pack\SysWFGwd2.dll VirTool.MaskPE.f.pkfa.dll 黑客工具还未处理
E:\病毒\pack\win32dlll.exe TrojanSpy.Bancos.zm.msb 木马还未处理

[病毒样本] 25x

回复 11楼 yangpizhi 的帖子