downloader+衍生物

显示全部楼层 · 发表于 2010-3-27 02:28:11

开始在“C:\Documents and Settings\Administrator\桌面\down.rar”中扫描
C:\Documents and Settings\Administrator\桌面\down.rar
  [0] 存档类型: RAR
--> browsor.dll
   [检测]       是 TR/Spy.28672.693 特洛伊木马
--> dtadhost.dll
   [检测]       是 TR/Crypt.FKM.Gen 特洛伊木马
--> f1drc1nr.dll
   [检测]       是 TR/Crypt.FKM.Gen 特洛伊木马
--> FastUserSwitchingCompatibilityex.dll
   [检测]       包含 BDS/Backdoor.Gen 后门程序的识别模式(有害)
--> mvscrtz.dll
   [检测]       是 TR/PSW.OnlineGames.wdtk 特洛伊木马
--> rpc~3~ss.dll
   [检测]       是 TR/ATRAPS.Gen 特洛伊木马
--> rpcss.dll
   [检测]       是 TR/PSW.Wow.ygm 特洛伊木马
--> t306060.dll
   [检测]       是 TR/PSW.Wow.xmx 特洛伊木马
--> t320034.dll
   [检测]       是 TR/PSW.OnlineGames.bmzd 特洛伊木马
--> t322049.dll
   [检测]       是 TR/PSW.Wow.xmh 特洛伊木马
--> gcjSo.DRV
   [1] 存档类型: RSRC
   [检测]       是 TR/Crypt.XPACK.Gen 特洛伊木马
--> Lonei.DRV
   [检测]       是 TR/PSW.Kykymber.bum 特洛伊木马
--> pxdRM.DRV
   [1] 存档类型: RSRC
   [检测]       是 TR/Crypt.XPACK.Gen 特洛伊木马
--> TIM858B.DRV
   [检测]       是 TR/ATRAPS.Gen 特洛伊木马
--> 1.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> 1001.exe
   [检测]       是 TR/Hijacker.Gen 特洛伊木马
--> 2.exe
   [检测]       包含 BDS/Backdoor.Gen 后门程序的识别模式(有害)
--> 360.exe
   --> Object
      [2] 存档类型: RSRC
      --> Object
      [检测]       是 TR/VB.adjy 特洛伊木马
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> dnflogin.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> google.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> kb371510.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> kb371511.exe
   --> Object
      [检测]       是 TR/Patched.aba 特洛伊木马
--> kb371512.exe
   [检测]       是 TR/Crypt.XPACK.Gen 特洛伊木马
--> kb371514.exe
   [1] 存档类型: RAR SFX (self extracting)
   --> Systam.exe
      [检测]       是 TR/Dldr.VB.vwz 特洛伊木马
--> kb371516.exe
   --> Object
      [检测]       是 TR/Patched.BP 特洛伊木马
--> kb371517.exe
   [检测]       是 TR/Crypt.PEPM.Gen 特洛伊木马
--> kb37152.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> kb371524.exe
   --> Object
      [2] 存档类型: RSRC
      --> Object
      [检测]       是 TR/Drop.VB.amae 特洛伊木马
      --> Object
      [检测]       是 TR/Drop.VB.amde 特洛伊木马
   [检测]       是 TR/Crypt.ZPACK.Gen 特洛伊木马
--> kb371527.exe
   --> Object
      [检测]       是 TR/Patched.aba 特洛伊木马
--> kb371528.exe
   [检测]       是 TR/Crypt.FKM.Gen 特洛伊木马
--> kb371530.exe
   [1] 存档类型: RSRC
   [检测]       包含 BDS/Backdoor.Gen 后门程序的识别模式(有害)
--> kb37154.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> kb37155.exe
   [检测]       是 TR/Dropper.Gen 特洛伊木马
--> kb38013.exe
   [检测]       是 TR/Agent.5120.82 特洛伊木马
--> servia.exe
   [检测]       是 TR/Downloader.Gen 特洛伊木马
--> smss.exe
   [检测]       是 TR/VB.adjy 特洛伊木马
--> svchost.exe
   [检测]       是 TR/Spy.Gen 特洛伊木马
--> Systam.exe
   [检测]       是 TR/Dldr.VB.vwz 特洛伊木马
--> Windows.ime
   [检测]       是 TR/Dldr.Agent.djqr 特洛伊木马
--> dsound.dll.mod
   [检测]       是 TR/Patched.BP 特洛伊木马
--> olepro32.dll.mod
   [检测]       是 TR/Patched.aba 特洛伊木马
--> Dg32.New
   [检测]       是 TR/Downloader.Gen 特洛伊木马
10 to Avira

显示全部楼层 · 发表于 2010-3-27 07:04:53

ess kill42

http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= 多个威胁连接中断 - 已隔离通过应用程序访问 web 时检测到威胁: E:\谷歌浏览器\chrome.exe.
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > back_XUNLEI.DLL Win32/TrojanClicker.BHO.NBO 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > FastUserSwitchingCompatibilityex.dll Win32/Farfli.AA 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > mvscrtz.dll Win32/PSW.OnLineGames.OYL 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > rpc~3~ss.dll Win32/PSW.OnLineGames.ORC 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > rpcss.dll Win32/PSW.OnLineGames.OTQ 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > t320034.dll Win32/PSW.OnLineGames.OYU 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > t322049.dll Win32/PSW.OnLineGames.OTS 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > gcjSo.DRV Win32/PSW.OnLineGames.OQU 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > Lonei.DRV Win32/PSW.OnLineGames.OQU 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > pxdRM.DRV Win32/PSW.OnLineGames.OQU 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > TIM858B.DRV Win32/PSW.OnLineGames.PBB 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > TIMF5BA.DRV Win32/PSW.OnLineGames.PBB 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > 1.exe Win32/TrojanDownloader.Agent.PSM 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > 1001.exe Win32/TrojanDownloader.Chekafe.A 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > 2.exe Win32/AutoRun.AntiAV.B 蠕虫
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > 360.exe Win32/TrojanClicker.BHO.NBN 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > dnflogin.exe Win32/PSW.OnLineGames.OUH 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > google.exe Win32/TrojanClicker.BHO.NBN 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371510.exe Win32/PSW.OnLineGames.PBB 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371511.exe Win32/PSW.OnLineGames.OQU 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371512.exe Win32/TrojanDownloader.VB.OES 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371514.exe 多个威胁
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371514.exe > RAR > Systam.exe Win32/VB.ORT 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371514.exe > RAR > TXPlatform.exe Win32/VB.OVN 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371516.exe Win32/PSW.OnLineGames.OQU 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371517.exe Win32/PSW.OnLineGames.ORY 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb37152.exe Win32/PSW.OnLineGames.OTS 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371524.exe Win32/PSW.VB.NEW 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371527.exe Win32/PSW.OnLineGames.OQU 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb371530.exe Win32/Dialer.NEW 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb37154.exe Win32/PSW.QQPass.NFW 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb37155.exe Win32/TrojanDownloader.Agent.PSM 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > kb38013.exe Win32/Spy.Small.CGL 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > servia.exe Win32/TrojanDownloader.Small.OTY 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > smss.exe Win32/TrojanClicker.VB.NNQ 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > svchost.exe Win32/TrojanDownloader.Small.OUV 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > svstem.exe Win32/PSW.VB.NEW 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > Systam.exe Win32/VB.ORT 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > TXPlatform.exe Win32/VB.OVN 特洛伊木马的变种
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > mygod.ime Win32/PSW.OnLineGames.OUH 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > dsound.dll.mod Win32/PSW.OnLineGames.OQU 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > olepro32.dll.mod Win32/PSW.OnLineGames.OQU 特洛伊木马
http://bbs.kafan.cn/attachment.p ... UZ4MVJ5K1orL0lySU0= > RAR > Dg32.New Win32/PSW.QQPass.NEH 特洛伊木马的变种

显示全部楼层 · 发表于 2010-3-27 10:55:02

毒霸 miss13

[病毒样本] downloader+衍生物