USB 4X

显示全部楼层 · 发表于 2009-3-3 12:38:34

班里的

显示全部楼层 · 发表于 2009-3-3 12:39:07

名称: Packed/Upack
类型: Sequence

描述:

文件:
c:\users\administrator\desktop\4x\weiai.exe
-----------------------------------------------------
名称: Autoruner
类型: Worm

描述:
A malicious software that replicates independently via LANs, Internet, e-mail, IRC channels, file-sharing networks, etc.

文件:
c:\users\administrator\desktop\4x\antivirus 2009.exe
c:\users\administrator\desktop\4x\ms-dos.com
-----------------------------------------------------------------
名称: Backdoor.Agent.HGOF
类型: Trojan

描述:

文件:
c:\users\administrator\desktop\4x\kitkit.dll

[ 本帖最后由 ledled 于 2009-3-3 12:40 编辑 ]

显示全部楼层 · 发表于 2009-3-3 12:42:29

eset k al
C:\Documents and Settings\GUNDAM\桌面\4X.rar » RAR » 4X\Antivirus 2009.exe - Win32/AutoRun.ACL worm
C:\Documents and Settings\GUNDAM\桌面\4X.rar » RAR » 4X\kitkit.dll - probably a variant of Win32/TrojanDownloader.Agent.OMQ trojan
C:\Documents and Settings\GUNDAM\桌面\4X.rar » RAR » 4X\MS-DOS.com - Win32/AutoRun.ACL worm
C:\Documents and Settings\GUNDAM\桌面\4X.rar » RAR » 4X\weiai.exe - a variant of Win32/AutoRun.ADC worml

显示全部楼层 · 发表于 2009-3-3 12:44:21

Begin scan in 'D:\4X.rar'
D:\4X.rar
[0] Archive type: RAR
--> 4X\Antivirus 2009.exe
   [DETECTION] Is the TR/VB.bia Trojan
--> 4X\kitkit.dll
   [DETECTION] Contains recognition pattern of the RKIT/Agent.8320.C root kit
--> 4X\MS-DOS.com
   [DETECTION] Is the TR/VB.bia Trojan
   --> 4X\weiai.exe
      [DETECTION] Is the TR/Drop.Cattivo.A Trojan
[NOTE]    A backup was created as '49dab5ed.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2009-3-3 12:59:21

显示全部楼层 · 发表于 2009-3-3 14:56:54

显示全部楼层 · 发表于 2009-3-3 15:00:40

2009-3-3 15:01:27 1236063687 Administrator 1216 Sign of "Win32:AutoRun-AHJ [Wrm]" has been found in "d:\我的文档\桌面\4X\Antivirus 2009.exe" file.
2009-3-3 15:01:31 1236063691 Administrator 1216 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "d:\我的文档\桌面\4X\kitkit.dll\[Embedded_I#5cc0]" file.
2009-3-3 15:01:31 1236063691 Administrator 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "d:\我的文档\桌面\4X\kitkit.dll\[Embedded_I#8cc0]" file.
2009-3-3 15:01:31 1236063691 Administrator 1216 Sign of "Win32:AutoRun-AHJ [Wrm]" has been found in "d:\我的文档\桌面\4X\MS-DOS.com" file.
2009-3-3 15:01:31 1236063691 Administrator 1216 Sign of "Win32:Delf-KWY [Trj]" has been found in "d:\我的文档\桌面\4X\weiai.exe\[Upack]" file.

显示全部楼层 · 发表于 2009-3-3 15:07:41

NIS找到4个，我已经对他彻底死心了。。
还杀软了。

显示全部楼层 · 发表于 2009-3-3 15:13:41

DR.WEB
Antivirus 2009.exe - infected with Win32.HLLW.Autoruner.1835
kitkit.dll - infected with Trojan.MulDrop.29802
MS-DOS.com - infected with Win32.HLLW.Autoruner.1835
weiai.exe - infected with BackDoor.Pigeon.20770

显示全部楼层 · 发表于 2009-3-3 15:59:38

江民KV2009，今天的库，全部杀掉

[病毒样本] USB 4X

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

avast kill all~