老毒物

显示全部楼层 · 发表于 2008-4-19 11:55:56

一般都杀吧？

显示全部楼层 · 发表于 2008-4-19 11:59:11

江民杀毒软件报告文件

      北京江民新科技术有限公司

      扫描引擎 11.00.703
      病毒库日期 2008-04-18
      更新日期 2008-04-04

扫描目标 C:\Documents and Settings\Administrator\桌面\4.rar

扫描目标 C:\Documents and Settings\Administrator\桌面\9kgen_up.rar

扫描目标 C:\Documents and Settings\Administrator\桌面\2.rar

扫描目标 C:\Documents and Settings\Administrator\桌面\3.rar

开始时间 2008-04-04 01:28:30

在 C:\Documents and Settings\Administrator\桌面\2.rar->eagle.exe 中发现 Worm/Socks.ah 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\4.rar->pinch.exe 中发现 Worm/Socks.ah 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\2.rar->wssl62.exe 中发现 TrojanDownloader.Agent.aemu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\3.rar->inst250.exe 中发现 Trojan/Pakes.asv 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\3.rar->1103.exe 中发现 TrojanProxy.Xorpix.ek 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\3.rar->080321.exe 中发现 TrojanClicker.Pamere.k 病毒, 已删除
正常结束。

扫描结果:
               文件数 :17                               病毒体 :6
               删除 :6                                  解毒 :0
扫描速度(千字节/秒) :534                            扫描时间 :00:00:05
扫描文件速度(个/秒) :3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -    - - - - - - - - - - - -

显示全部楼层 · 发表于 2008-4-19 12:01:30

Begin scan in 'E:\VIRUS\老毒物'
E:\VIRUS\老毒物\080321.exe
   [DETECTION] Is the Trojan horse TR/Click.Pamere.CR.1
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\080409.exe
   [DETECTION] Is the Trojan horse TR/Click.Pamere.DN.1
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\1103.exe
   [DETECTION] Is the Trojan horse TR/Hijacker.Gen
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\646.exe
   [DETECTION] Contains detection pattern of the dropper DR/MicroJoiner.Gen
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\bho.exe
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Bho.ajs
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\bhos.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Cryptic.JV
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\cpush.dll
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Sogou.Gen.1
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\eagle.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\file.exe
   [DETECTION] Is the Trojan horse TR/Spy.BZub.cku.1
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\file2.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\file4.exe
   [DETECTION] Is the Trojan horse TR/Pakes.cpw
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\inst250.exe
   [DETECTION] Is the Trojan horse TR/Pakes.cjt
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\pinch.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
   [WARNING] The file was ignored!
E:\VIRUS\老毒物\wssl62.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.mgq
   [WARNING] The file was ignored!

End of the scan: 2008年4月19日  11:59
Used time: 00:10 min

The scan has been done completely.

   1 Scanning directories
   16 Files were scanned
   14 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   0 Archives were scanned
   14 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-19 12:02:44

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\1'
C:\Documents and Settings\Administrator\My Documents\1\
  080321.exe
   [DETECTION] Is the Trojan horse TR/Click.Pamere.CR.1
   [NOTE]    The file was deleted!
  080409.exe
   [DETECTION] Is the Trojan horse TR/Click.Pamere.DN.1
   [NOTE]    The file was deleted!
  1103.exe
[0] Archive type: RSRC
   --> Object
      [1] Archive type: Runtime Packed
      --> Object
   [DETECTION] Is the Trojan horse TR/Hijacker.Gen
   [NOTE]    The file was deleted!
  646.exe
   [DETECTION] Contains detection pattern of the dropper DR/MicroJoiner.Gen
   [NOTE]    The file was deleted!
  9kgen_up.exe
  bho.exe
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Bho.ajs
   [NOTE]    The file was deleted!
  bhos.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Cryptic.JV
   [NOTE]    The file was deleted!
  cc.exe
  cpush.dll
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Sogou.Gen.1
   [NOTE]    The file was deleted!
  eagle.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
   [NOTE]    The file was deleted!
  file.exe
   [DETECTION] Is the Trojan horse TR/Spy.BZub.cku.1
   [NOTE]    The file was deleted!
  file2.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
   [NOTE]    The file was deleted!
  file4.exe
   [DETECTION] Is the Trojan horse TR/Pakes.cpw
   [NOTE]    The file was deleted!
  inst250.exe
   [DETECTION] Is the Trojan horse TR/Pakes.cjt
   [NOTE]    The file was deleted!
  pinch.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
   [NOTE]    The file was deleted!
  wssl62.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.mgq
   [NOTE]    The file was deleted!

End of the scan: 2008年4月18日  21:02
Used time: 00:04 min

The scan has been done completely.

   1 Scanning directories
   16 Files were scanned
   14 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   14 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   0 Archives were scanned
   0 Warnings
   14 Notes

显示全部楼层 · 发表于 2008-4-19 12:07:19

3824442 9kgen_up.exe 431 KB UNDER ANALYSIS
3812683 cc.exe 146.15 KB CLEAN

显示全部楼层 · 发表于 2008-4-19 12:09:11

正在扫描日志
病毒库版本: 3039 (20080418)
日期: 2008-4-19 时间: 12:06:46
已扫描的磁盘、文件夹和文件: E:\VIRUS\复件老毒物
E:\VIRUS\复件老毒物\1103.exe - Win32/Agent.OH 特洛伊木马
E:\VIRUS\复件老毒物\bho.exe - Win32/TrojanClicker.BHO.NAU 特洛伊木马
E:\VIRUS\复件老毒物\bhos.exe - Win32/TrojanDownloader.Small.OBK 特洛伊木马
E:\VIRUS\复件老毒物\eagle.exe - Win32/Socks.CD 蠕虫
E:\VIRUS\复件老毒物\file2.exe - Win32/TrojanProxy.Wopla.NAH 特洛伊木马
E:\VIRUS\复件老毒物\file4.exe - Win32/TrojanDownloader.FakeAlert.BU 特洛伊木马
E:\VIRUS\复件老毒物\inst250.exe - Win32/Srizbi.Gen 特洛伊木马
E:\VIRUS\复件老毒物\pinch.exe - Win32/Socks.CD 蠕虫
E:\VIRUS\复件老毒物\wssl62.exe - Win32/Agent.MGQ 特洛伊木马
已扫描的对象数: 16
发现的威胁数: 9
已清除对象数:0
完成时间: 12:06:46 总扫描时间: 0 秒 (00:00:00)

显示全部楼层 · 发表于 2008-4-19 12:39:40

k

Hello,

9kgen_up.exe_ - Trojan.Win32.Obfuscated.yn,
d.dat - Trojan.Win32.Pakes.crp,
upmdb.jpg_ - Trojan-PSW.Win32.OnLineGames.abgd

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

b.dat - not-a-virus:AdWare.Win32.Virtumonde.pko

This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates

cc.exe_

No malicious code was found in this file.

Please quote all when answering.

--
Best regards, Yury Nesmachny
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

> Attachment: d.zip

[ 本帖最后由 wangjay1980 于 2008-4-19 14:58 编辑 ]

显示全部楼层 · 发表于 2008-4-19 15:02:14

[扫描路径] C:\Documents and Settings\zh\桌面\file4.exe
C:\Documents and Settings\zh\桌面\file4.exe - 确定

[扫描路径] C:\Documents and Settings\zh\桌面\inst250.exe
C:\Documents and Settings\zh\桌面\inst250.exe 已被病毒感染：  Trojan.Sentinel

[扫描路径] C:\Documents and Settings\zh\桌面\bho.exe
C:\Documents and Settings\zh\桌面\bho.exe 是广告软件 Adware.Bho

[扫描路径] C:\Documents and Settings\zh\桌面\bhos.exe
C:\Documents and Settings\zh\桌面\bhos.exe 已被病毒感染：  Trojan.DownLoader.56891

[扫描路径] C:\Documents and Settings\zh\桌面\file.exe
>>>C:\Documents and Settings\zh\桌面\file.exe - 确定

[扫描路径] C:\Documents and Settings\zh\桌面\pinch.exe
C:\Documents and Settings\zh\桌面\pinch.exe 已被病毒感染：  BackDoor.FireOn.6

[扫描路径] C:\Documents and Settings\zh\桌面\9kgen_up.exe
C:\Documents and Settings\zh\桌面\9kgen_up.exe 已被病毒感染：  Trojan.Swizzor.based

[扫描路径] C:\Documents and Settings\zh\桌面\cc.exe
C:\Documents and Settings\zh\桌面\cc.exe - 确定

[扫描路径] C:\Documents and Settings\zh\桌面\cpush.dll
C:\Documents and Settings\zh\桌面\cpush.dll 是广告软件 Adware.Sogou.104

[扫描路径] C:\Documents and Settings\zh\桌面\file2.exe
>>>C:\Documents and Settings\zh\桌面\file2.exe - 确定

[扫描路径] C:\Documents and Settings\zh\桌面\646.exe
C:\Documents and Settings\zh\桌面\646.exe 已被病毒感染：  Trojan.MulDrop.11807

[扫描路径] C:\Documents and Settings\zh\桌面\eagle.exe
C:\Documents and Settings\zh\桌面\eagle.exe 已被病毒感染：  BackDoor.FireOn.6

[扫描路径] C:\Documents and Settings\zh\桌面\wssl62.exe
>C:\Documents and Settings\zh\桌面\wssl62.exe - 确定

[扫描路径] C:\Documents and Settings\zh\桌面\080321.exe
C:\Documents and Settings\zh\桌面\080321.exe 已被病毒感染：  Trojan.Click.17863

[扫描路径] C:\Documents and Settings\zh\桌面\080409.exe
C:\Documents and Settings\zh\桌面\080409.exe - 确定

[扫描路径] C:\Documents and Settings\zh\桌面\1103.exe
C:\Documents and Settings\zh\桌面\1103.exe 已被病毒感染：  BackDoor.Bech

-----------------------------------------------------------------------------
扫描统计
-----------------------------------------------------------------------------
已扫描对象: 18
发现受感染对象: 8
发现受变种感染对象: 0
发现可疑对象: 0
发现广告软件: 2

显示全部楼层 · 发表于 2008-4-19 22:45:01

rising20.40.52未杀！

显示全部楼层 · 发表于 2008-4-20 12:00:49

信息 2008-04-20  12:00:26 您此次查毒共查出8个病毒以及危险代码
信息 2008-04-20  12:00:26 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件25个
信息 2008-04-20  12:00:26 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
风险程序 2008-04-20  12:00:26 D:\Desktop\3.rar\080321.exe Win32.Adware.Pamere.cr.36864 跳过，未处理
病毒 2008-04-20  12:00:22 D:\Desktop\4.rar\pinch.exe Win32.Hack.VmwareT.35175 清除成功
病毒 2008-04-20  12:00:22 D:\Desktop\4.rar\bhos.exe Win32.TrojDownloader.Cryptic.jv.5120 清除成功
病毒 2008-04-20  12:00:22 D:\Desktop\4.rar\bho.exe Win32.Troj.Agent.ef.233984 清除成功
病毒 2008-04-20  12:00:22 D:\Desktop\3.rar\1103.exe Win32.Troj.Agent.OH.17920 清除成功
病毒 2008-04-20  12:00:22 D:\Desktop\2.rar\646.exe Win32.VirInstaller.Agent.235397 清除成功
病毒 2008-04-20  12:00:22 D:\Desktop\2.rar\eagle.exe Win32.Hack.VmwareT.35175 清除成功
病毒 2008-04-20  12:00:22 D:\Desktop\1.rar\cc.exe Win32.Troj.KillFiles.qh.149654 清除成功

[病毒样本] 老毒物

本帖子中包含更多资源

本帖子中包含更多资源

回复 3楼无尽藏海的帖子

本帖子中包含更多资源

29/0

[病毒样本] 老毒物

本帖子中包含更多资源

本帖子中包含更多资源

回复 3楼 无尽藏海 的帖子

本帖子中包含更多资源

29/0

回复 3楼无尽藏海的帖子