11x

qianwenxiang

logdowns

KIS2008  

nosferatu

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\pack1'
C:\Documents and Settings\Administrator\桌面\pack1\7G4eY5F
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\Hacker
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\IMG34814.pif
    [DETECTION] Contains recognition pattern of the WORM/IrcBot.129536.2 worm
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\jiekou.exe
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\Mangerr.DLL
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.GB.5 back-door program
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\svx.exe
    [DETECTION] Is the TR/Click.Agent.bhr Trojan
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\Utility.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\vlc.exe
    [DETECTION] Is the TR/Click.Agent.bho Trojan
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\VmyNcpALbmID4.DLL
    [DETECTION] Is the TR/Dldr.Agent.OPD.1 Trojan
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\worlders.exe
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\pack1\XP professional.exe
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
    [NOTE]      The file was deleted!


End of the scan: 星期五 2008年8月22日  15:57
Used time: 00:19 Minute(s)

The scan has been done completely.

      1 Scanning directories
     11 Files were scanned
     11 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     11 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
      0 Warnings
     11 Notes

BING126

McAfee  3个。。

浪滔天

卡巴 8.0.0.454 高启发 10 个 其中启发1个

2008-08-22 20:52:25        扫描        已检测到: Backdoor.Win32.Hupigon.nqr        f:\病毒样本\pack1[1]\Hacker/PE_Patch.MaskPE/PE_Patch.MaskPE/PE_Patch.MaskPE/PE_Patch.MaskPE               
2008-08-22 20:52:25        扫描        已检测到: Heur.Trojan.Generic        f:\病毒样本\pack1[1]\jiekou.exe               
2008-08-22 20:52:24        扫描        已检测到: Backdoor.Win32.Hupigon.btrm        f:\病毒样本\pack1[1]\XP professional.exe               
2008-08-22 20:52:24        扫描        已检测到: Backdoor.Win32.Hupigon.cwkx        f:\病毒样本\pack1[1]\worlders.exe               
2008-08-22 20:52:24        扫描        已检测到: Trojan-Spy.Win32.Delf.djv        f:\病毒样本\pack1[1]\VmyNcpALbmID4.DLL/ASPack               
2008-08-22 20:52:24        扫描        已检测到: Suspicious.Packer        f:\病毒样本\pack1[1]\Utility.exe/NakedPack/PE_Patch.MaskPE/PE_Patch.MaskPE/PE_Patch.MaskPE/PE_Patch.MaskPE               
2008-08-22 20:52:23        扫描        已检测到: Trojan-Clicker.Win32.Agent.bho        f:\病毒样本\pack1[1]\vlc.exe               
2008-08-22 20:52:23        扫描        已检测到: Backdoor.Win32.Hupigon.emb        f:\病毒样本\pack1[1]\Mangerr.DLL               
2008-08-22 20:52:23        扫描        已检测到: Trojan-Clicker.Win32.Agent.bhr        f:\病毒样本\pack1[1]\svx.exe               
2008-08-22 20:52:23        扫描        已检测到: Backdoor.Win32.IRCBot.gen        f:\病毒样本\pack1[1]\IMG34814.pif

xuange

trend micro 5

aerbeisi

C:\test\pack1[1]\Hacker - Win32/Hupigon 木马的变种
C:\test\pack1[1]\IMG34814.pif - 可能是 IRC/SdBot 木马 的一个变种
C:\test\pack1[1]\jiekou.exe - 可能是 Win32/Hupigon 木马 的一个变种
C:\test\pack1[1]\Mangerr.DLL - Win32/Hupigon.EQE 木马
C:\test\pack1[1]\Utility.exe - Win32/Hupigon.NHZ 木马的变种
C:\test\pack1[1]\VmyNcpALbmID4.DLL - Win32/Delf.NNG 木马
C:\test\pack1[1]\worlders.exe - Win32/Hupigon 木马的变种
C:\test\pack1[1]\XP professional.exe - 可能是 Win32/GreyBird 木马 的一个变种
已扫描的文件数目：11
已发现的病毒数目：8

尤金卡巴斯基

2008/8/23 2:04:26        已删除        木马程序 Backdoor.Win32.Hupigon.nqr        G:\Temp\Virus\pack1\Hacker               
2008/8/23 2:04:26        已删除        木马程序 Backdoor.Win32.Hupigon.nqr        G:\Temp\Virus\pack1\Hacker//PE_Patch.MaskPE//PE_Patch.MaskPE//PE_Patch.MaskPE//PE_Patch.MaskPE               
2008/8/23 2:04:26        已删除        木马程序 Backdoor.Win32.IRCBot.gen        G:\Temp\Virus\pack1\IMG34814.pif               
2008/8/23 2:04:26        已删除        木马程序 Backdoor.Win32.Hupigon.emb        G:\Temp\Virus\pack1\Mangerr.DLL               
2008/8/23 2:04:26        已删除        木马程序 Trojan-Spy.Win32.Delf.djv        G:\Temp\Virus\pack1\VmyNcpALbmID4.DLL               
2008/8/23 2:04:26        已删除        木马程序 Trojan-Spy.Win32.Delf.djv        G:\Temp\Virus\pack1\VmyNcpALbmID4.DLL//ASPack               
2008/8/23 2:04:26        已删除        木马程序 Backdoor.Win32.Hupigon.btrm        G:\Temp\Virus\pack1\XP professional.exe               
2008/8/23 2:04:26        已删除        木马程序 Trojan-Clicker.Win32.Agent.bhr        G:\Temp\Virus\pack1\svx.exe               
2008/8/23 2:04:26        已删除        木马程序 Trojan-Clicker.Win32.Agent.bho        G:\Temp\Virus\pack1\vlc.exe               
2008/8/23 2:04:26        已删除        木马程序 Backdoor.Win32.Hupigon.cwkx        G:\Temp\Virus\pack1\worlders.exe               
2008/8/23 2:04:26        已隔离        恶意程序 Suspicious.Packer        G:\Temp\Virus\pack1\Utility.exe               
2008/8/23 2:04:26        已隔离        恶意程序 Suspicious.Packer        G:\Temp\Virus\pack1\Utility.exe//NakedPack//PE_Patch.MaskPE//PE_Patch.MaskPE//PE_Patch.MaskPE//PE_Patch.MaskPE               

其余上报

kemisoka

F-PROT:

[Found backdoor]    <W32/Hupigon.A.gen!Eldorado (not disinfectable, generic)>    C:\Malware Test\Hacker->(PE_Patch.MaskPE)
[Found possible virus]    <W32/IRCBot-based!Maximus>    C:\Malware Test\IMG34814.pif
[Found backdoor]    <W32/Hupigon.A.gen!Eldorado (not disinfectable, generic)>    C:\Malware Test\jiekou.exe
[Found backdoor]    <W32/Backdoor.AJXP (exact)>    C:\Malware Test\Mangerr.DLL
[Found possible security risk]    <W32/Heuristic-210!Eldorado (not disinfectable)>    C:\Malware Test\Utility.exe->(Nakedpack)-> (PE_Patch.MaskPE)->(PE_Patch.MaskPE)->(PE_Patch.MaskPE)->(PE_Patch.MaskPE)
[Found backdoor]    <W32/Hupigon.A.gen!Eldorado (not disinfectable, generic)>    C:\Malware Test\worlders.exe
[Found downloader]    <W32/Downloader.C.gen!Eldorado (not disinfectable, generic)>    C:\Malware Test\XP professional.exe

慢飞

clamav
-------


F:\pack1.part2.rar: Trojan.Packed-12 FOUND
F:\pack1.part1.rar: Trojan.Crypted-4 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 398562
Engine version: 0.93.1
Scanned directories: 0
Scanned files: 2
Infected files: 2

Data scanned: 2.22 MB
Time: 25.407 sec (0 m 25 s)
--------------------------------------
Completed
--------------------------------------