30——40X

显示全部楼层 · 发表于 2008-12-28 12:05:57

时间紧...没整理大概30多吧

显示全部楼层 · 发表于 2008-12-28 12:11:35

请问。。。

这是啥？？？

显示全部楼层 · 发表于 2008-12-28 12:14:45

virus在样本区你想让我发啥

显示全部楼层 · 发表于 2008-12-28 12:14:54

剔除干净的上报5

显示全部楼层 · 发表于 2008-12-28 13:01:00

Hello,

dfbjj32tmp0.exe_, dfbjj32tmp1.exe_,

No malicious code were found in these files.

oyavrirey.dll - Trojan.Win32.BHO.jbh

This file is already detected. Please update your antivirus bases.

StxIiO.dll - Trojan.Win32.StartPage.dek,
wmgj.exe_ - Trojan-GameThief.Win32.OnLineGames.ubej,
xqdpcdi.sys - Trojan-Downloader.Win32.RtkDL.cxq

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

--
Best regards, Ilya Tolstikhin
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

> password:virus
>
> ------------------
> The Russia Kaspersky Lab Board Of the Honor Members
>
> Users ID:syfwxmh
>
>
------
Best regards, Ilya Tolstikhin
Virus analyst, Kaspersky Lab.

显示全部楼层 · 发表于 2008-12-28 15:08:16

效率真高...刚睡醒我再去找点去

显示全部楼层 · 发表于 2008-12-28 15:21:00

信息 2008-12-28  15:17:44 您此次查毒共查出30个病毒以及危险代码
信息 2008-12-28  15:17:44 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件89个
信息 2008-12-28  15:17:44 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

金山毒霸可信认证查询结果如下:

报告生成于: 2008/12/28 15:17

dfbjj32tmp0.exe    --------    安全
dfbjj32tmp1.exe    --------    安全
hosts    --------    安全
lpk.dll    --------    安全

dh.exe    --------    可疑的
jxsj.exe    --------    可疑的
alien32.exe    --------    可疑的
hjcaeotq.sys    --------    可疑的
oyavrirey.dll    --------    可疑的

1201.exe    --------    病毒
cqsj.exe    --------    病毒
dh2.exe    --------    病毒
dxc.exe    --------    病毒
jr.exe    --------    病毒
jx2.exe    --------    病毒
mh.exe    --------    病毒
msn080.exe    --------    病毒
my.exe    --------    病毒
qqhx.exe    --------    病毒
qqxx.exe    --------    病毒
pbhealth.dll    --------    病毒
pctools_20081228_7880.dll    --------    病毒
acpidisk.sys    --------    病毒
HBASKTAO.dll    --------    病毒
HBLYFX.dll    --------    病毒
msdanim.exe    --------    病毒
qtwm.exe    --------    病毒
q1383.exe    --------    病毒
zt.exe    --------    病毒

dh.dat    --------    未知
UserConfig.ini    --------    未知
2963134af8.dll    --------    未知
KB611311.log    --------    未知
syslgo.ini    --------    未知
system.ini    --------    未知
131C1BEA.dll    --------    未知
68b11c36f4.dll    --------    未知
B4eocaps.SRG    --------    未知
d3d1caps.SRG    --------    未知
xqdpcdi.sys    --------    未知
mprmsgse.axz    --------    未知
StxIiO.dll    --------    未知
System32Sovt.ini    --------    未知
IntelGFX.dat    --------    未知
mircrGFX.dat    --------    未知
wininit.ini    --------    未知

cb.exe    --------    分析中
mssj.exe    --------    分析中
myself.exe    --------    分析中
jjxzjcj32dla.dll    --------    分析中
jjxzwzjy081227.exe    --------    分析中
alien32.dll    --------    分析中
System.exe    --------    分析中
wmgj.exe    --------    分析中

理论文件总数: 54
实际文件总数: 54

其中:

分析中: 8
安全: 4
可疑的: 5
病毒: 20
未知: 17

识别率为: 68%

显示全部楼层 · 发表于 2008-12-28 15:30:29

End of the scan: 2008年12月28日  15:07
Used time: 00:13 Minute(s)
The scan has been done completely.

   17 Scanning directories
   56 Files were scanned
   32 viruses and/or unwanted programs were found
   2 Files were classified as suspicious:
   33 files were deleted
   0 files were repaired
   33 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   22 Files not concerned
   1 Archives were scanned
   0 Warnings
   33 Notes
-----------------------------------------
25220001  131C1BEA.dll  21 KB  UNDER ANALYSIS
25220058  2963134af8.dll  12 Byte  UNDER ANALYSIS
25220002  68b11c36f4.dll  147 Byte  UNDER ANALYSIS
25220003  B4eocaps.SRG  98 Byte  UNDER ANALYSIS
25220004  d3d1caps.SRG  93 Byte  UNDER ANALYSIS
546721  dfbjj32tmp1.exe  459.5 KB  CLEAN
25220059  dh.dat  576 Byte  UNDER ANALYSIS
25220060  HBASKTAO.dll  24 KB  MALWARE
25220005  IntelGFX.dat  18.55 KB  UNDER ANALYSIS
25220061  KB611311.log  16 Byte  UNDER ANALYSIS
25220006  mircrGFX.dat  18.5 KB  UNDER ANALYSIS
25220007  mprmsgse.axz  32 Byte  UNDER ANALYSIS
25220008  StxIiO.dll  48 KB  UNDER ANALYSIS
25220062  syslgo.ini  20 Byte  UNDER ANALYSIS
25220063  system.ini  356 Byte  UNDER ANALYSIS
25220009  System32Sovt.ini  23 Byte  UNDER ANALYSIS
25220064  UserConfig.ini  466 Byte  UNDER ANALYSIS
25220065  wininit.ini  57 Byte  UNDER ANALYSIS
--------------------------------------------------------------------------------
89630  hosts  734 Byte  KNOWN CLEAN
514512  lpk.dll  21.5 KB  KNOWN CLEAN

显示全部楼层 · 发表于 2008-12-29 21:33:29

File ID  Filename Size (Byte) Result
25220001  131C1BEA.dll  21 KB  MALWARE
25220058  2963134af8.dll  12 Byte  CLEAN
25220002  68b11c36f4.dll  147 Byte  CLEAN
25220003  B4eocaps.SRG  98 Byte  CLEAN
25220004  d3d1caps.SRG  93 Byte  CLEAN
546721  dfbjj32tmp1.exe  459.5 KB  CLEAN
25220059  dh.dat  576 Byte  CLEAN
25220060  HBASKTAO.dll  24 KB  MALWARE
25220005  IntelGFX.dat  18.55 KB  CLEAN
25220061  KB611311.log  16 Byte  CLEAN
25220006  mircrGFX.dat  18.5 KB  CLEAN
25220007  mprmsgse.axz  32 Byte  CLEAN
25220008  StxIiO.dll  48 KB  MALWARE
25220062  syslgo.ini  20 Byte  CLEAN
25220063  system.ini  356 Byte  CLEAN
25220009  System32Sovt.ini  23 Byte  CLEAN
25220064  UserConfig.ini  466 Byte  CLEAN
25220065  wininit.ini  57 Byte  CLEAN
------------------------------------------------------------------------------
Filename Result
131C1BEA.dll  MALWARE

The file '131C1BEA.dll' has been determined to be 'MALWARE'. Our analysts named the threat TR/Spy.Agent.gnz.82. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.01.01.42.
--------------------------------------------------------------------------------------------------------
Filename Result
HBASKTAO.dll  MALWARE

The file 'HBASKTAO.dll' has been determined to be 'MALWARE'. Our analysts named the threat BDS/Agent.vzr.17. The term "BDS/" denotes a Backdoor-Server program. Backdoor-Server programs are used to spy out, modify or delete data.Detection is added to our virus definition file (VDF) starting with version 7.01.01.38.
---------------------------------------------------------------------------------------------------------
Filename Result
StxIiO.dll  MALWARE

The file 'StxIiO.dll' has been determined to be 'MALWARE'. Our analysts named the threat TR/StartPage.dek.3. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.01.01.42.
------------------------------------------------------------------------------------------------------
三个确认病毒并已入库，其余的为干净文件。

[病毒样本] 30——40X

本帖子中包含更多资源

回复 2楼 loa123 的帖子

回复 5楼 syfwxmh 的帖子

回复 8楼 08红伞威点的帖子

[病毒样本] 30——40X

本帖子中包含更多资源

回复 2楼 loa123 的帖子

回复 5楼 syfwxmh 的帖子

回复 8楼 08红伞威点 的帖子

回复 8楼 08红伞威点的帖子