[病毒样本] 32x

显示全部楼层 · 发表于 2008-8-22 16:06:24

Begin scan in 'C:\Documents and Settings\Administrator\桌面\C'
C:\Documents and Settings\Administrator\桌面\C\1.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\23ma5.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\8k6mt8p.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\atmQQ2.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\aychuanshi.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Gendal.28672.10 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\ayjr.exe
   [DETECTION] Is the TR/Spy.Agent.dhh Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\ayjxqy.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\ayjxsj.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\ayqqhx.exe
   [DETECTION] Is the TR/PSW.Online.tdy Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\aytlbb.exe
   [DETECTION] Is the TR/PSW.Online.bin Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\aywmgj.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\aywow.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\ayzf.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\BaiXue.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\E2.tmp
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\e9ewcint.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\IAUpdater.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\IAvir.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\iebr.dll
[DETECTION] Is the TR/Dldr.Zlob.vrd Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\js.exe
[DETECTION] Is the TR/Agent.AIND.1 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\msliksurserv.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\nfh9j.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\setup.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\setupapi.dll
[DETECTION] Is the TR/PSW.Lineag.LQ Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\svchost.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\C\System.exe
[DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE]    The file was deleted!

End of the scan: 星期五 2008年8月22日  16:06
Used time: 00:20 Minute(s)

The scan has been done completely.

   1 Scanning directories
   32 Files were scanned
   26 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   26 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   0 Archives were scanned
   0 Warnings
   26 Notes

显示全部楼层 · 发表于 2008-8-22 16:30:49

UGuard 完成了在 C:\Documents and Settings\Administrator\桌面\C 上的扫描。
================
'Basic.Virus' 在 '1.exe' 中被检测到。
'Generic.nFile' 在 'atmQQ2.dll' 中被检测到。
'SL.Trojan.2867' 在 'aychuanshi.exe' 中被检测到。
'SL.Trojan.21121' 在 'ayjr.exe' 中被检测到。
'SL.Trojan.Win32.OnlineGames-Tif.noc.17076' 在 'ayjxqy.exe' 中被检测到。
'SL.Trojan.Win32.Agent.cas.2600' 在 'ayjxsj.exe' 中被检测到。
'SL.Trojan.Dropper.nbs.16896' 在 'ayqqhx.exe' 中被检测到。
'SL.Trojan.UpxPack.Agent.ncs.2559' 在 'aytlbb.exe' 中被检测到。
'SL.Trojan.Dropper.nbs.27811' 在 'aywow.exe' 中被检测到。
'SL.Trojan.Win32.Agent.lop.4984' 在 'ayzf.exe' 中被检测到。
'Heur.Downloader' 在 'BaiXue.exe' 中被检测到。
'Trojan.Game.a' 在 'E2.tmp' 中被检测到。
'Heur.SSDTModify' 在 'ksyscall.sys' 中被检测到。
'SL.Trojan.11315' 在 'setup.exe' 中被检测到。
'Generic.nFile' 在 'svchost.exe' 中被检测到。
'Basic.Virus' 在 'System.exe' 中被检测到。
'SL.Trojan.Generic.Win32.Agent.nid.15115' 在 'tmp2A.tmp' 中被检测到。
'Binder.HyperDetect' 在 'XPGuardSetup.exe' 中被检测到。
================
扫描文件数： 32
本次扫描发现了 18 个已知威胁，请及时处理。
实际文件数： 32
扫描时间： 0-00-00 00:00:08:0656
威胁比率： 56.25%

显示全部楼层 · 发表于 2008-8-22 16:38:39

显示全部楼层 · 发表于 2008-8-22 17:56:20

卡巴高启发 19个其中启发 5个

2008-08-22 17:54:59 扫描已检测到: Backdoor.Win32.Agent.piu f:\病毒样本\C[1]\System.exe
2008-08-22 17:55:05 扫描已检测到: Backdoor.Win32.Ceckno.cqr f:\病毒样本\C[1]\1.exe
2008-08-22 17:54:57 扫描已检测到: Backdoor.Win32.Hupigon.cbuc f:\病毒样本\C[1]\BaiXue.exe
2008-08-22 17:55:02 扫描已检测到: Heur.Trojan.Generic f:\病毒样本\C[1]\svchost.exe
2008-08-22 17:54:57 扫描已检测到: Heur.Trojan.Generic f:\病毒样本\C[1]\e9ewcint.sys
2008-08-22 17:54:57 扫描已检测到: Heur.Trojan.Generic f:\病毒样本\C[1]\aywmgj.exe
2008-08-22 17:54:56 扫描已检测到: Heur.Trojan.Generic f:\病毒样本\C[1]\ayjxsj.exe
2008-08-22 17:54:56 扫描已检测到: Heur.Trojan.Generic f:\病毒样本\C[1]\8k6mt8p.sys
2008-08-22 17:54:58 扫描已检测到: Trojan-Downloader.Win32.Agent.ify f:\病毒样本\C[1]\ksyscall.sys
2008-08-22 17:54:57 扫描已检测到: Trojan-Downloader.Win32.Zlob.vrd f:\病毒样本\C[1]\iebr.dll
2008-08-22 17:54:56 扫描已检测到: Trojan-GameThief.Win32.OnLineGames.shhv f:\病毒样本\C[1]\ayjr.exe/PE_Patch.UPX/UPX
2008-08-22 17:54:57 扫描已检测到: Trojan-GameThief.Win32.OnLineGames.sohn f:\病毒样本\C[1]\ayzf.exe
2008-08-22 17:54:56 扫描已检测到: Trojan-GameThief.Win32.OnLineGames.sowa f:\病毒样本\C[1]\ayjxqy.exe
2008-08-22 17:54:56 扫描已检测到: Trojan-GameThief.Win32.OnLineGames.subc f:\病毒样本\C[1]\aytlbb.exe
2008-08-22 17:54:56 扫描已检测到: Trojan-GameThief.Win32.OnLineGames.suxd f:\病毒样本\C[1]\aywow.exe
2008-08-22 17:54:56 扫描已检测到: Trojan-GameThief.Win32.OnLineGames.svoc f:\病毒样本\C[1]\ayqqhx.exe
2008-08-22 17:54:57 扫描已检测到: Trojan-PSW.Win32.OnLineGames.adtv f:\病毒样本\C[1]\E2.tmp/NSPack/PE_Patch.MaskPE
2008-08-22 17:54:56 扫描已检测到: Trojan-PSW.Win32.OnLineGames.adxb f:\病毒样本\C[1]\atmQQ2.dll/UPack/PE_Patch.MaskPE/PE_Patch.MaskPE/PE_Patch.MaskPE
2008-08-22 17:54:56 扫描已检测到: Trojan.Win32.Agent.sav f:\病毒样本\C[1]\aychuanshi.exe/PE_Patch.UPX/UPX

显示全部楼层 · 发表于 2008-8-22 18:00:51

金山 miss 13

显示全部楼层 · 发表于 2008-8-22 18:07:41

Start of the scan: 2008年8月22日  18:06

Starting the file scan:

Begin scan in 'H:\样本'
H:\样本\C[1].part1.rar
[0] Archive type: RAR
--> iebr.dll
   [DETECTION] Is the TR/Dldr.Zlob.vrd Trojan
--> setupapi.dll
   [DETECTION] Is the TR/PSW.Lineag.LQ Trojan
--> IAUpdater.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> IAvir.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 1.exe
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> 8k6mt8p.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
--> 23ma5.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
   --> aychuanshi.exe
      --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the TR/Gendal.28672.10 Trojan
   --> ayjr.exe
      [DETECTION] Is the TR/Spy.Agent.dhh Trojan
[NOTE]    The file was deleted!
H:\样本\C[1].part2.rar
[0] Archive type: RAR
   --> aytlbb.exe
      [DETECTION] Is the TR/PSW.Online.bin Trojan
--> BaiXue.exe
   [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
--> e9ewcint.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
--> js.exe
   [DETECTION] Is the TR/Agent.AIND.1 Trojan
--> msliksurserv.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
--> nfh9j.sys
   [DETECTION] Is the TR/Rootkit.Gen Trojan
--> setup.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> svchost.exe
   [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
--> System.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE]    The file was deleted!
H:\样本\C[1].part3.rar
[0] Archive type: RAR
   --> atmQQ2.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!

End of the scan: 2008年8月22日  18:06
Used time: 00:17 Minute(s)

The scan has been done completely.

   1 Scanning directories
   37 Files were scanned
   25 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   3 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   12 Files not concerned
   3 Archives were scanned
   0 Warnings
   3 Notes

显示全部楼层 · 发表于 2008-8-22 19:25:26

已刪除: 特洛伊木馬程式 Backdoor.Win32.Ceckno.cqr 檔案: C:\Documents and Settings\kato9096\桌面\C\1.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adxb 檔案: C:\Documents and Settings\kato9096\桌面\C\atmQQ2.dll//UPack//PE_Patch.MaskPE//PE_Patch.MaskPE//PE_Patch.MaskPE
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.sav 檔案: C:\Documents and Settings\kato9096\桌面\C\aychuanshi.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.shhv 檔案: C:\Documents and Settings\kato9096\桌面\C\ayjr.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.sowa 檔案: C:\Documents and Settings\kato9096\桌面\C\ayjxqy.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.swav 檔案: C:\Documents and Settings\kato9096\桌面\C\ayjxsj.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.svoc 檔案: C:\Documents and Settings\kato9096\桌面\C\ayqqhx.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.subc 檔案: C:\Documents and Settings\kato9096\桌面\C\aytlbb.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.swan 檔案: C:\Documents and Settings\kato9096\桌面\C\aywmgj.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.suxd 檔案: C:\Documents and Settings\kato9096\桌面\C\aywow.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.sohn 檔案: C:\Documents and Settings\kato9096\桌面\C\ayzf.exe
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.bhes 檔案: C:\Documents and Settings\kato9096\桌面\C\BaiXue.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adtv 檔案: C:\Documents and Settings\kato9096\桌面\C\E2.tmp//NSPack//PE_Patch.MaskPE
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Zlob.vrd 檔案: C:\Documents and Settings\kato9096\桌面\C\iebr.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.DNSChanger.hyb 檔案: C:\Documents and Settings\kato9096\桌面\C\inst2.exe
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.ify 檔案: C:\Documents and Settings\kato9096\桌面\C\ksyscall.sys
已刪除: 特洛伊木馬程式 Backdoor.Win32.Agent.piu 檔案: C:\Documents and Settings\kato9096\桌面\C\System.exe

报17.上报15

显示全部楼层 · 发表于 2008-8-22 19:28:33

6个过红伞上报[:26:]

显示全部楼层 · 发表于 2008-8-22 19:29:15

McAfee 15个。。

[病毒样本] 32x

NOD32 23个

红伞25个！

浏览过的版块