某贴生成物

显示全部楼层 · 发表于 2008-7-24 03:37:24

LZ的名字难听死了，为什么去改成这个样子？

AVG x18
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\agpqlrfm.exe; Trojan horse Generic10.BFRU; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\erms.exe; Trojan horse Downloader.Generic7.ZXK; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\evgratsm.dll; Trojan horse Downloader.Generic7.ZXG; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\kgxmotapktx.dll; Trojan horse Downloader.Adload.OY; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\kvxqmtre.dll; Trojan horse Generic10.BFRZ; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\qndsfmao.dll; Trojan horse Downloader.Generic7.ZXI; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php; Trojan horse Generic10.BFRU; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php:\$IG$IH$IF\agpqlrfm.exe; Trojan horse Generic10.BFRU; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php:\$IG$IH$IF\erms.exe; Trojan horse Downloader.Generic7.ZXK; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php:\$IG$IH$IF\evgratsm.dll; Trojan horse Downloader.Generic7.ZXG; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php:\$IG$IH$IF\kgxmotapktx.dll; Trojan horse Downloader.Adload.OY; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php:\$IG$IH$IF\kvxqmtre.dll; Trojan horse Generic10.BFRZ; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\s1265.php:\$IG$IH$IF\qndsfmao.dll; Trojan horse Downloader.Generic7.ZXI; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\smchk.exe; Trojan horse SHeur.BYDP; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\system32\drivers\beep.sys; Trojan horse Generic10.BBUI; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\system32\drivers\yqpxabz.sys; Trojan horse PSW.OnlineGames.P; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\system32\ggebz.exe; Trojan horse PSW.OnlineGames.P; Deleted
C:\Documents and Settings\Limited User\Desktop\Malware\Malware\Malware\wspwprtct.exe; Trojan horse SHeur.BYGR; Deleted

显示全部楼层 · 发表于 2008-7-24 04:50:12

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\Malware'
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\agpqlrfm.exe
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\erms.exe
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\evgratsm.dll
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\kgxmotapktx.dll
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\kvxqmtre.dll
[DETECTION] Contains recognition pattern of the ADSPY/Agent.PB adware or spyware
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\qndsfmao.dll
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\s1265.php
[DETECTION] Contains recognition pattern of the DR/Vapsup.iro dropper
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\system32\ggebz.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\system32\drivers\beep.sys
[DETECTION] Is the TR/PSW.OnlineGames.ZGC.1 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\system32\drivers\yqpxabz.sys
[DETECTION] Contains recognition pattern of the RKIT/Agent.XN.43 root kit
[NOTE]    The file was deleted!

End of the scan: 星期四 2008年7月24日  04:49
Used time: 00:13 Minute(s)

The scan has been done completely.

   6 Scanning directories
   17 Files were scanned
   10 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   10 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   7 Files not concerned
   0 Archives were scanned
   0 Warnings
   10 Notes

显示全部楼层 · 发表于 2008-7-24 06:59:19

费尔报十个。

显示全部楼层 · 发表于 2008-7-24 10:05:12

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： RootKit.Win32.Agent.bef
病毒： RootKit.Win32.Mnless.vo
病毒： Trojan.DL.Win32.QQHelper.bgc
病毒： Trojan.Win32.Vapsup.esd
病毒： Trojan.Win32.Undef.int
病毒： Trojan.Win32.Undef.inu
病毒： Trojan.DL.Win32.QQHelper.bhu

用户来源：互联网

软件版本：20.54.22

12个

显示全部楼层 · 发表于 2008-7-24 10:14:58

可是我觉得原来的更难听。。

显示全部楼层 · 发表于 2008-7-24 10:54:12

风险程序 2008-07-24  10:53:15 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\qndsfmao.dll Win32.Adware.QQHelper.159744 隔离成功
风险程序 2008-07-24  10:53:13 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\agpqlrfm.exe Win32.Adware.QQHelper.155648 隔离成功
病毒 2008-07-24  10:53:10 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\system32\ggebz.exe Win32.Troj.Agent.ks.98304 隔离成功
病毒 2008-07-24  10:53:08 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\system32\drivers\yqpxabz.sys Win32.Hack.Rootkit.al.3328 隔离成功
病毒 2008-07-24  10:53:06 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\system32\drivers\beep.sys Win32.Hack.Rootkit.vo.16256 隔离成功
病毒 2008-07-24  10:53:03 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\kvxqmtre.dll Win32.Troj.Unknown.397312 隔离成功
病毒 2008-07-24  10:53:01 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\kgxmotapktx.dll Win32.Troj.Vapsup.454656 隔离成功
病毒 2008-07-24  10:52:59 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\evgratsm.dll Win32.Troj.Click.a.245760 隔离成功
病毒 2008-07-24  10:52:57 C:\Documents and Settings\Administrator\桌面\Malware\Malware\Malware\erms.exe Win32.Troj.Vapsup.163840 隔离成功

显示全部楼层 · 发表于 2008-7-24 11:25:40

mcafee报9只

显示全部楼层 · 发表于 2008-7-24 12:05:26

总共才17，AVG怎么18

D:\病毒测试\临时解压\Malware\Malware\agpqlrfm.exe - 特征码 'AdWare.AdSpy' 被发现
D:\病毒测试\临时解压\Malware\Malware\erms.exe - 特征码 'Virus.Win32.Vapsup.GP' 被发现
D:\病毒测试\临时解压\Malware\Malware\evgratsm.dll - 特征码 'AdWare.AdSpy' 被发现
D:\病毒测试\临时解压\Malware\Malware\kgxmotapktx.dll - 特征码 'Virus.Win32.Vapsup.EB' 被发现
D:\病毒测试\临时解压\Malware\Malware\kvxqmtre.dll - 特征码 'Virus.Win32.Agent.LTS' 被发现
D:\病毒测试\临时解压\Malware\Malware\qndsfmao.dll - 特征码 'AdWare.AdSpy' 被发现
D:\病毒测试\临时解压\Malware\Malware\s1265.php - 特征码 'AdWare.Win32.Vapsup' 被发现
D:\病毒测试\临时解压\Malware\Malware\s1265.php.bat
D:\病毒测试\临时解压\Malware\Malware\smchk.exe - 可疑代码段被发现 (Level: 30)
D:\病毒测试\临时解压\Malware\Malware\smchk.exe.bat
D:\病毒测试\临时解压\Malware\Malware\wspwprtct.exe - 可疑代码段被发现 (Level: 30)
D:\病毒测试\临时解压\Malware\Malware\system32\conime.exe
D:\病毒测试\临时解压\Malware\Malware\system32\ctfmon.exe
D:\病毒测试\临时解压\Malware\Malware\system32\ggebz.exe - 特征码 'Virus.Win32.Agent.BQC' 被发现
D:\病毒测试\临时解压\Malware\Malware\system32\wuauclt.exe
D:\病毒测试\临时解压\Malware\Malware\system32\drivers\beep.sys - 特征码 'Virus.Win32.Agent.ZMQ' 被发现
D:\病毒测试\临时解压\Malware\Malware\system32\drivers\yqpxabz.sys - 特征码 'Rootkit.Agent.XN' 被发现

17 文件被扫描
(0 压缩档 0 文件)
10 特征码被侦测
2 可疑代码段被发现
耗时: 0:01.743

显示全部楼层 · 发表于 2008-7-24 12:07:42

avast! 9

[病毒样本] 某贴生成物

本帖子中包含更多资源

回复 2楼 solcroft 的帖子

9

本帖子中包含更多资源

回复 2楼 solcroft 的帖子