病毒样本来了

显示全部楼层 · 发表于 2008-6-15 14:44:48

扫扫看结果说一下

显示全部楼层 · 发表于 2008-6-15 14:52:29

Begin scan in 'C:\Documents and Settings\haha\桌面\virus'
C:\Documents and Settings\haha\桌面\virus\1b601.txt
   [DETECTION] Is the Trojan horse TR/BHO.cgi
   [NOTE]    A backup was created as '488abc6f.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\2B1.DLL
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/BDSearch.CVA
   [NOTE]    A backup was created as '4885bc4f.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\39.exe
   [DETECTION] Contains detection pattern of the dropper DR/Drop.Agent.qoa.35
   [NOTE]    A backup was created as '4882bc46.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\40.exe
   [DETECTION] Contains detection pattern of the dropper DR/Boran.EL.24
   [NOTE]    A backup was created as '4882bc3d.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\4nvh.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    A backup was created as '48cabc7b.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\79e71.exe
   [DETECTION] Is the Trojan horse TR/BHO.cgi
   [NOTE]    A backup was created as '48b9bc47.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\8xbw.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    A backup was created as '48b6bc86.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\91B1.EXE
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Bho.bcx
   [NOTE]    A backup was created as '4896bc3f.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\a4x5j9vn.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    A backup was created as '48ccbc42.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\an006.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    A backup was created as '4884bc7c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\B791.DLL
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Bho.bcx
   [NOTE]    A backup was created as '488dbc45.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\ceeqjze2.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    A backup was created as '48b9bc73.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\cml22.tmp
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/BDSearch.CVA
   [NOTE]    A backup was created as '48c0bc7b.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\cpush.dll
   [DETECTION] Is the Trojan horse TR/Click.Age.180224
   [NOTE]    A backup was created as '48c9bc7e.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\d39.exe
   [DETECTION] Contains detection pattern of the dropper DR/BHO.bba.23
   [NOTE]    A backup was created as '488dbc41.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\DEV06.INF
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    A backup was created as '48aabc53.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\f91.bmp
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/BDSearch.CVA
   [NOTE]    A backup was created as '4885bc47.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\ThunderBHONew64.dll
   [DETECTION] Is the Trojan horse TR/StartPage.bbw.1
   [NOTE]    A backup was created as '48c9bc76.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\ThunderBHONew64[1].dll
   [DETECTION] Is the Trojan horse TR/StartPage.bbw.1
   [NOTE]    A backup was created as '4e4b16f7.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\ThunderHelper05.dll
   [DETECTION] Is the Trojan horse TR/BHO.byp
   [NOTE]    A backup was created as '48c9bc78.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\vistaAA.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.hul
   [NOTE]    A backup was created as '48c7bc77.qua'  ( QUARANTINE )

End of the scan: 2008年6月15日  14:51
Used time: 00:03 min

The scan has been done completely.

   1 Scanning directories
   22 Files were scanned
   20 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   21 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   0 Archives were scanned
   0 Warnings
   21 Notes

显示全部楼层 · 发表于 2008-6-15 14:52:37

Begin scan in 'C:\Documents and Settings\Administrator\桌面\毒[1]'
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\1b601.txt
   [DETECTION] Is the Trojan horse TR/BHO.cgi
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\2B1.DLL
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/BDSearch.CVA
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\39.exe
   [DETECTION] Contains detection pattern of the dropper DR/Drop.Agent.qoa.35
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\40.exe
   [DETECTION] Contains detection pattern of the dropper DR/Boran.EL.24
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\4nvh.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\79e71.exe
   [DETECTION] Is the Trojan horse TR/BHO.cgi
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\8xbw.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\91B1.EXE
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Bho.bcx
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\a4x5j9vn.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\an006.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\B791.DLL
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Bho.bcx
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ceeqjze2.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\cml22.tmp
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/BDSearch.CVA
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\cpush.dll
   [DETECTION] Is the Trojan horse TR/Click.Age.180224
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\d39.exe
   [DETECTION] Contains detection pattern of the dropper DR/BHO.bba.23
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\DEV06.INF
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\f91.bmp
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/BDSearch.CVA
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ThunderBHONew64.dll
   [DETECTION] Is the Trojan horse TR/StartPage.bbw.1
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ThunderBHONew64[1].dll
   [DETECTION] Is the Trojan horse TR/StartPage.bbw.1
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ThunderHelper05.dll
   [DETECTION] Is the Trojan horse TR/BHO.byp
   [NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\vistaAA.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.hul
   [NOTE]    The file was deleted!

End of the scan: 星期日 2008年6月15日  14:51
Used time: 00:17 min

The scan has been done completely.

   2 Scanning directories
   22 Files were scanned
   20 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   21 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   0 Archives were scanned
   0 Warnings
   21 Notes
机器狗病毒样本最新0

File ID	Filename	Size (Byte)	Result
25042702	机器狗病毒样本最新_.rar...新_.rar	73.6 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25042703	##############080...# .exe	121.48 KB	DAMAGED FILE (UNKNOWN)

[ 本帖最后由 nosferatu 于 2008-6-15 14:57 编辑 ]

显示全部楼层 · 发表于 2008-6-15 14:53:18

狗的最新样本miss。。。

显示全部楼层 · 发表于 2008-6-15 14:56:38

File ID    Filename Size (Byte) Result
25042702    机器狗病毒样本最新 (1).rar...1).rar 73.6 KB OK

A listing of files contained inside archives alongside their results can be found below:File ID    Filename Size (Byte) Result
25042703    ##############080...# .exe    121.48 KB    DAMAGED FILE (UNKNOWN)

显示全部楼层 · 发表于 2008-6-15 15:07:58

机器狗的那个没给密码
不过估计肯定能查出的
以上

显示全部楼层 · 发表于 2008-6-15 15:28:19

阿胤的脑袋没了==

重新上传下吧

显示全部楼层 · 发表于 2008-6-15 15:33:13

什么都啊

显示全部楼层 · 发表于 2008-6-15 19:12:46

打包(因机器狗病毒样本最新 .rar 沒有密碼,所以沒有放进去)
pw=infected
http://kafan.virus.googlepages.com/22.rar

The scan has been done completely.

   2 Scanning directories
   22 Files were scanned
   16 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   16 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   0 Archives were scanned
   0 Warnings
   16 Notes

已上报

File ID       Filename       Size (Byte)       Result
25046890       f91.bmp       840 KB       UNDER ANALYSIS
25046891       B791.DLL       52 KB       UNDER ANALYSIS
25046892       ~TMPPLS.DAT       550 Byte       UNDER ANALYSIS

已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.cgi       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾1b601.txt//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bdd       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾2B1.DLL
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Agent.qoa       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾39.exe//data0002
已刪除: 特洛伊木馬程式 Trojan.Win32.Obfuscated.ant       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾39.exe//data0003
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Boran.el       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾40.exe//stream//data0001
已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.cgi       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾79e71.exe//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bcx       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾91B1.EXE
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bcx       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾B791.DLL
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bdd       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾cml22.tmp
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bba       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾cpush.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bba       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾d39.exe//data0002
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.QQHelper.bhq       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾DEV06.INF
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.bdd       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾f91.bmp
已刪除: 特洛伊木馬程式 Trojan.Win32.StartPage.bbw       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾ThunderBHONew64.dll//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan.Win32.StartPage.bbw       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾ThunderBHONew64[1].dll//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.byp       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾ThunderHelper05.dll//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Delf.hul       檔案: C:\Documents and Settings\kato9096\獢\瘥?1]\?啣遣?辣憭鈾vistaAA.exe//PE_Patch.PECompact//PecBundle//PECompact

17个,已上报

已上报pc security labs

[ 本帖最后由 kato9096 于 2008-6-15 19:13 编辑 ]

显示全部楼层 · 发表于 2008-6-15 19:20:10

C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\1b601.txt Trojan.BHO.cgi.ftpk 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\2B1.DLL Adware.BHO.bdd.owuz.dll 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\39.exe Trojan.Obfuscated.ant.cqud.arc 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\40.exe Adware.Boran.el.vroy.arc 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\4nvh.sys RootKit.Undef.hh.rnop 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\79e71.exe Trojan.BHO.cgi.ftpk 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\8xbw.dll Trojan.Undef.hdp.xkaw.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\91B1.EXE Adware.BHO.bcx.ltqu.dll 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\a4x5j9vn.dll Trojan.Undef.hdp.xkaw.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\an006.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\B791.DLL Adware.BHO.bcx.ltqu.dll 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ceeqjze2.sys RootKit.Undef.hh.rnop 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\cml22.tmp Adware.BHO.bdd.owuz.dll 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\cpush.dll Trojan.Cap851318.dgxp.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\d39.exe Adware.BHO.bba.rhvq.arc 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\DEV06.INF TrojanDownloader.Mnless.acf.cbnh.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\f91.bmp Adware.BHO.bdd.owuz.dll 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ThunderBHONew64.dll Trojan.StartPage.bbw.zfrk.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ThunderBHONew64[1].dll Trojan.StartPage.bbw.zfrk.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\ThunderHelper05.dll Trojan.BHO.byp.fnub.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\毒[1]\新建文件夹\vistaAA.exe Trojan.Cap851615.nxvz 木马还未处理

[病毒样本] 病毒样本来了

本帖子中包含更多资源

21

浏览过的版块