abcdef.exe+install.exe,eset090719商业版无报告？请问这是什么病毒

显示全部楼层 · 发表于 2009-7-20 07:24:15

那天我逛一个论坛，看到说有个windows全系列的注册工具，但是下载链接坏了，我就去网上找了个，运行了以后没有反应，打开ess看首先发现了c.exe和e.exe有着很高的网络流量，于是我立即去pe下，发现病毒原来还生成了a.exe,b.exe,d.exe,f.exe这几个文件，都在用户的temp目录下，还有个install.exe我不清楚是不是病毒的一部分。

我前天在nod区下载的ess商业版，病毒库现在是0719的，查不出来这几个文件有毒，但是从文件名、运行特征、网络连接方面看，他应该是个木马或者木马下载器一类的东西。可是nod不报。

请大家帮忙看看这是什么病毒？
谢谢！

[ 本帖最后由 guohouzuo 于 2009-7-20 07:33 编辑 ]

显示全部楼层 · 发表于 2009-7-20 07:30:09

Avira miss ，to kill。

We received the following archive files:

File ID	?Filename	Size (Byte)	Result
25402474	virus.rar	827.48 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	?Filename	Size (Byte)	Result
25402475	b.exe	183 KB	MALWARE
25402476	e.exe	157.5 KB	MALWARE
25402477	f.exe	147.5 KB	MALWARE
25402478	Install.exe	133.3 KB	CLEAN

Please find a detailed report concerning each individual sample below:

?Filename	Result
b.exe	MALWARE

The file 'b.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Drop.BHO.CJ. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

?Filename	Result
e.exe	MALWARE

The file 'e.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Renos.oti.2. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.01.05.03.

?Filename	Result
f.exe	MALWARE

The file 'f.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Zlob.LN. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

?Filename	Result
Install.exe	CLEAN

The file 'Install.exe' has been determined to be 'CLEAN'. Our analysts did not discover any malicious content.

kaspersky miss 3x，to kill。

Hello,

a.exe_, b.exe_ - Trojan.Win32.FraudPack.ppk

These files are already detected. Please update your antivirus bases.

Install.exe_

No malicious code was found in this file.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

[ 本帖最后由幸福的猪猪于 2009-7-21 05:19 编辑 ]

显示全部楼层 · 发表于 2009-7-20 08:07:42

F:\DL\virus\c.exe TrojanDldr.Agent.ciyv.nltd 木马还未处理
F:\DL\virus\d.exe Trojan.Agent2.cgps.pzzs 木马还未处理
F:\DL\virus\e.exe TrojanDldr.Agent.ciyv.nltd 木马还未处理
F:\DL\virus\f.exe Trojan.Agent2.cgps.pzzs 木马还未处理

显示全部楼层 · 发表于 2009-7-20 09:29:41

瑞星2010

显示全部楼层 · 发表于 2009-7-20 10:30:10

连瑞星都能查出来，eset竟然没有反应～

[ 本帖最后由 guohouzuo 于 2009-7-20 10:31 编辑 ]

显示全部楼层 · 发表于 2009-7-20 10:32:55

刚才我去看排除列表里面也没有这几个文件，真奇怪，eset怎么没查出来

显示全部楼层 · 发表于 2009-7-20 11:14:02

查不出就上报啊

瑞星报壳..

显示全部楼层 · 发表于 2009-7-20 11:23:05

偶尔漏过很正常啊

显示全部楼层 · 发表于 2009-7-20 11:34:19

同意ls～

可是我感觉竟然连瑞星都能查得到的病毒，我eset扫描选项全开，什么高级启发、加壳、潜在不安全程序啊什么的，abcdef6个文件，竟然一个也查不出来有问题～

显示全部楼层 · 发表于 2009-7-20 11:44:05

mcafee miss1，to

[可疑文件] abcdef.exe+install.exe,eset090719商业版无报告？请问这是什么病毒

本帖子中包含更多资源

回复 1楼 guohouzuo 的帖子

本帖子中包含更多资源

本帖子中包含更多资源

回复 6楼 guohouzuo 的帖子

回复 6楼 guohouzuo 的帖子