硬盘终结者病毒样本，给自信的人试试

显示全部楼层 · 发表于 2008-4-12 22:27:31

江民杀毒软件报告文件

北京江民新科技术有限公司

扫描引擎 11.00.703
病毒库日期 2008-04-12
更新日期 2008-03-28

扫描目标 C:\Documents and Settings\Administrator\桌面\硬盘终结者.rar

开始时间 2008-03-28 14:25:48

在 C:\Documents and Settings\Administrator\桌面\硬盘终结者.rar->硬盘终结者\svchost.bmp.pif 中发现 Trojan/Zloyfly.a 病毒, 已删除
正常结束。

扫描结果:
               文件数 :3                                  病毒体 :1
               删除 :1                                  解毒 :0
扫描速度(千字节/秒) :96                               扫描时间 :00:00:12
扫描文件速度(个/秒) :0

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -    - - - - - - - - - - - -

显示全部楼层 · 发表于 2008-4-12 22:39:09

信息 2008-04-12  22:38:24 您此次查毒清除了1个病毒
信息 2008-04-12  22:38:24 您此次查毒共查出1个病毒以及危险代码
信息 2008-04-12  22:38:24 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件2个
信息 2008-04-12  22:38:24 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-04-12  22:38:24 D:\Desktop\ó2ÅìÖÕ½áÕß.rar\硬盘终结者\svchost.bmp.pif Win32.Troj.WuTao.nk.778430 清除成功

什么东西难道又是干 MBR/分区表的无聊玩意儿?

显示全部楼层 · 发表于 2008-4-12 23:01:45

2008/4/12 U 11:00:09 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SVCHOST.BMP.PIF Completed: Worm.P2P.generic
2008/4/12 U 11:00:09 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SVCHOST.BMP.PIF Detected: Worm.P2P.generic
2008/4/12 U 11:00:09 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SVCHOST.BMP.PIF Detected: Worm.P2P.generic
2008/4/12 U 11:00:07 Placed in group Untrusted : Backdoor.Win32.Hupigon.dev

显示全部楼层 · 发表于 2008-4-13 00:06:46

Premium Security Suite
Report file date: 2008年4月13日  00:05

Scanning for 1116118 virus strains and unwanted programs.

Licensed to:    AntiVir 8 - Betatest
Serial number: 0000149992-ADJIE-0001
Platform:       Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Boot mode:       Normally booted
Username:       acer
Computer name: IBM16

Version information:
BUILD.DAT    : 8.1.00.74    26052 Bytes 2008-2-18 12:13:00
AVSCAN.EXE : 8.1.2.4       311553 Bytes 2008-2-19 05:36:38
AVSCAN.DLL : 8.1.1.0       53505 Bytes 2008-2-19 05:36:38
LUKE.DLL    : 8.1.1.0       151809 Bytes 2008-2-19 05:36:46
LUKERES.DLL : 8.1.1.0       12033 Bytes 2008-2-19 05:36:46
ANTIVIR0.VDF  : 6.40.0.0    11030528 Bytes 2007-7-18 05:36:34
ANTIVIR1.VDF  : 7.0.1.95    3367424 Bytes  2007-12-14 05:36:36
ANTIVIR2.VDF  : 7.0.2.113    1673728 Bytes 2008-2-8 05:36:36
ANTIVIR3.VDF  : 7.0.2.155    274944 Bytes 2008-2-18 05:36:36
Engineversion : 8.1.0.8
AEVDF.DLL    : 8.1.0.3       86388 Bytes 2008-2-19 05:36:32
AESCRIPT.DLL  : 8.1.0.5       213368 Bytes 2008-2-19 05:36:32
AESCN.DLL    : 8.1.0.1       106834 Bytes 2008-2-19 05:36:32
AERDL.DLL    : 8.1.0.4       422226 Bytes 2008-2-19 05:36:32
AEPACK.DLL : 8.1.0.1       356692 Bytes 2008-2-19 05:36:32
AEOFFICE.DLL  : 8.1.0.2       180567 Bytes 2008-2-19 05:36:32
AEHEUR.DLL : 8.1.0.5    1028470 Bytes 2008-2-19 05:36:32
AEHELP.DLL : 8.1.0.3       106870 Bytes 2008-2-19 05:36:30
AEGEN.DLL    : 8.1.0.3       282996 Bytes 2008-2-19 05:36:30
AEEMU.DLL    : 8.1.0.1       430418 Bytes 2008-2-19 05:36:30
AECORE.DLL : 8.1.0.7       156022 Bytes 2008-2-19 05:36:30
AVWINLL.DLL : 1.0.0.7       14593 Bytes 2008-2-19 05:36:38
AVPREF.DLL : 8.0.0.1       25857 Bytes 2008-2-19 05:36:38
AVREP.DLL    : 7.0.0.1       155688 Bytes 2008-2-19 05:36:38
AVREG.DLL    : 8.0.0.0       30977 Bytes 2008-2-19 05:36:38
AVARKT.DLL : 1.0.0.23    307457 Bytes 2008-2-19 05:36:36
AVEVTLOG.DLL  : 8.0.0.7       102657 Bytes 2008-2-19 05:36:36
SQLITE3.DLL : 3.3.17.1    339968 Bytes 2008-2-19 05:36:48
SMTPLIB.DLL : 1.2.0.19       28929 Bytes 2008-2-19 05:36:48
NETNT.DLL    : 8.0.0.1       7937 Bytes 2008-2-19 05:36:46
RCIMAGE.DLL : 8.0.0.25    3494145 Bytes 2008-2-19 05:36:48
RCTEXT.DLL : 8.0.29.0       86273 Bytes 2008-2-19 05:36:48

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ACER~1.IBM\LOCALS~1\Temp\e4b9ac34.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008年4月13日  00:05

Starting the file scan:

Begin scan in 'D:\个人资料\桌面\硬盘终结者.rar'
D:\个人资料\桌面\硬盘终结者.rar
  [0] Archive type: RAR
  --> ￓﾲￅￌￖￕﾽ￡ￕ￟\svchost.bmp.pif
   [DETECTION] Contains detection pattern of the worm WORM/Agent.AC
   [INFO]    The file was deleted!

End of the scan: 2008年4月13日  00:06
Used time: 00:28 min

The scan has been done completely.

   0 Scanning directories
   2 Files were scanned
   1 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-13 00:11:39

显示全部楼层 · 发表于 2008-4-13 00:12:56

咖啡，1木马。

显示全部楼层 · 发表于 2008-4-13 14:31:28

我不太敢试一试
我什么都没有装

显示全部楼层 · 发表于 2008-4-13 14:36:51

显示全部楼层 · 发表于 2008-4-13 15:19:38

有更厉害的吗

显示全部楼层 · 发表于 2008-4-13 15:41:00

驱逐舰

[病毒样本] 硬盘终结者病毒样本，给自信的人试试

评分

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源