楼主: O(∩_∩)O哈哈~
收起左侧

[病毒样本] 好久没来样本区了 , 先发一包 …… 58X !!

  [复制链接]
O(∩_∩)O哈哈~
 楼主| 发表于 2010-10-10 19:51:41 | 显示全部楼层
回复 10楼 新新小仔001 的帖子

金山是有想当神器的野心么……
hx1997
发表于 2010-10-10 19:56:19 | 显示全部楼层
可牛云出45个
新新小仔001
发表于 2010-10-10 20:00:02 | 显示全部楼层
回复 11楼 O(∩_∩)O哈哈~ 的帖子

金山监控太弱
O(∩_∩)O哈哈~
 楼主| 发表于 2010-10-10 20:02:23 | 显示全部楼层
回复 13楼 新新小仔001 的帖子

可它的扫描器很合国情……国外不敢说……
rasis
发表于 2010-10-10 20:13:16 | 显示全部楼层
avira

Begin scan in 'D:\DOWNLOAD\待测'
D:\DOWNLOAD\待测\001.exe
    [DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
D:\DOWNLOAD\待测\100008.exe
  [DETECTION] Is the TR/Hijacker.Gen Trojan
--> Object
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\100009.exe
  [DETECTION] Is the TR/Hijacker.Gen Trojan
--> Object
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\10282.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\DOWNLOAD\待测\12487335602.exe
    [DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
D:\DOWNLOAD\待测\13054.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Hijacker.Gen Trojan
--> Object
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\20152.exe
[0] Archive type: RAR SFX (self extracting)
  [DETECTION] Contains code of the BOO/Trup.B boot sector virus
--> 360rps.exe
  [DETECTION] Contains code of the BOO/Trup.B boot sector virus
D:\DOWNLOAD\待测\360rps.exe
    [DETECTION] Is the TR/Dldr.VB.L Trojan
D:\DOWNLOAD\待测\3996.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\4061x.exe
    [DETECTION] Is the TR/Drop.Microjoin.D Trojan
D:\DOWNLOAD\待测\418.exe
[0] Archive type: NSIS
  [DETECTION] Contains virus patterns of Adware ADWARE/Zhongsou.A.40
--> ProgramFilesDir/IETimbar.dll
  [DETECTION] Contains virus patterns of Adware ADWARE/Zhongsou.A.40
D:\DOWNLOAD\待测\4248.exe
    [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
D:\DOWNLOAD\待测\4554.exe
    [DETECTION] Is the TR/VB.voa Trojan
D:\DOWNLOAD\待测\46.exe
    [DETECTION] Is the TR/Downloader.Gen Trojan
D:\DOWNLOAD\待测\5512.exe
    [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
D:\DOWNLOAD\待测\684.exe
    [DETECTION] Is the TR/ATRAPS.Gen2 Trojan
--> [TempDir]/2.exe.exe
  [DETECTION] Is the TR/Crypt.FSPM.Gen Trojan
D:\DOWNLOAD\待测\74fadacd1e7333ba9b510b3ee1d33cee.exe
    [DETECTION] Is the TR/Agent.awqn.2.A Trojan
D:\DOWNLOAD\待测\8722.exe
    [DETECTION] Is the TR/Dldr.Agent.RC Trojan
D:\DOWNLOAD\待测\954.exe
[0] Archive type: NSIS
  [DETECTION] Is the TR/Dropper.Gen Trojan
  --> [TempDir]/bofangqi.exe
    [1] Archive type: RSRC
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
  --> [TempDir]/suotiao.exe
    [1] Archive type: RSRC
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\ab6.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\DOWNLOAD\待测\b38d.exe
    [DETECTION] Is the TR/ATRAPS.Gen Trojan
D:\DOWNLOAD\待测\bofangqi.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Dropper.Gen Trojan
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\c4.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\DOWNLOAD\待测\c8.exe
    [DETECTION] Is the TR/Killav.gwd.2 Trojan
D:\DOWNLOAD\待测\insetupsl[1].exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\me2434.exe
[0] Archive type: NSIS
  [DETECTION] Is the TR/Dropper.Gen2 Trojan
--> ProgramFilesDir/38.dll
  [DETECTION] Is the TR/BHO.Gen Trojan
--> ProgramFilesDir/39.exe
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\msseces.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\opeEB.exe
    [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
D:\DOWNLOAD\待测\Qvodplayer.exe
    [DETECTION] Is the TR/Downloader.Gen4 Trojan
D:\DOWNLOAD\待测\suotiao.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Dropper.Gen Trojan
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\svchost.exe
    [DETECTION] Is the TR/Downloader.Gen4 Trojan
D:\DOWNLOAD\待测\svhost0.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\svhost1.exe
    [DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
D:\DOWNLOAD\待测\svhost3.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\svhost6.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\uaua3731[1].exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\ugn32x.exe
    [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
D:\DOWNLOAD\待测\Win11.exe
  [DETECTION] Is the TR/Agent.49152 Trojan
--> Object
  [DETECTION] Is the TR/Agent.49152 Trojan
D:\DOWNLOAD\待测\Win3.exe
    [DETECTION] Is the TR/Downloader.Gen Trojan
D:\DOWNLOAD\待测\Win4.exe
  [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
--> Object
  [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
D:\DOWNLOAD\待测\Win5.exe
    [DETECTION] Is the TR/Crypt.FKM.Gen Trojan
D:\DOWNLOAD\待测\Win6.exe
    [DETECTION] Is the TR/Dropper.Gen2 Trojan
D:\DOWNLOAD\待测\zcom.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Agent.eefh Trojan
--> Object
  [DETECTION] Is the TR/Agent.eefh Trojan

Beginning disinfection:
D:\DOWNLOAD\待测\zcom.exe
    [DETECTION] Is the TR/Agent.eefh Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\Win6.exe
    [DETECTION] Is the TR/Dropper.Gen2 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\Win5.exe
    [DETECTION] Is the TR/Crypt.FKM.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\Win4.exe
    [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\Win3.exe
    [DETECTION] Is the TR/Downloader.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\Win11.exe
    [DETECTION] Is the TR/Agent.49152 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\ugn32x.exe
    [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\uaua3731[1].exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\svhost6.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\svhost3.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\svhost1.exe
    [DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\svhost0.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\svchost.exe
    [DETECTION] Is the TR/Downloader.Gen4 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\suotiao.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\Qvodplayer.exe
    [DETECTION] Is the TR/Downloader.Gen4 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\opeEB.exe
    [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\msseces.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\me2434.exe
    [DETECTION] Is the TR/Dropper.Gen2 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\insetupsl[1].exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\c8.exe
    [DETECTION] Is the TR/Killav.gwd.2 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\c4.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\bofangqi.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\b38d.exe
    [DETECTION] Is the TR/ATRAPS.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\ab6.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\954.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\8722.exe
    [DETECTION] Is the TR/Dldr.Agent.RC Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\74fadacd1e7333ba9b510b3ee1d33cee.exe
    [DETECTION] Is the TR/Agent.awqn.2.A Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\684.exe
    [DETECTION] Is the TR/ATRAPS.Gen2 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\5512.exe
    [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\46.exe
    [DETECTION] Is the TR/Downloader.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\4554.exe
    [DETECTION] Is the TR/VB.voa Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\4248.exe
    [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\418.exe
    [DETECTION] Contains virus patterns of Adware ADWARE/Zhongsou.A.40
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\4061x.exe
    [DETECTION] Is the TR/Drop.Microjoin.D Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\3996.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\360rps.exe
    [DETECTION] Is the TR/Dldr.VB.L Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\20152.exe
    [DETECTION] Contains code of the BOO/Trup.B boot sector virus
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\13054.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\12487335602.exe
    [DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\10282.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\100009.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\100008.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
D:\DOWNLOAD\待测\001.exe
    [DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
    [NOTE]      The file was deleted!


End of the scan: 2010年10月10日  20:12
Used time: 00:01 Minute(s)

The scan has been done completely.

      1 Scanned directories
     85 Files were scanned
     47 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
     43 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
     38 Files not concerned
      9 Archives were scanned
      0 Warnings
     43 Notes
rasis
发表于 2010-10-10 20:20:17 | 显示全部楼层
我们收到了以下存档文件:

文件 ID          文件名         大小(字节)         结果
25912649          待测.7z         1.15 MB         OK

以下位置提供了存档中包含的文件及其结果的列表:
文件 ID          文件名         大小(字节)         结果
25912580          10.exe          35.22 KB          UNDER ANALYSIS
25912582          12487335624.exe          125.2 KB          UNDER ANALYSIS
25911433          360tc.exe          99.49 KB          UNDER ANALYSIS
25912583          3645.exe          32 KB          UNDER ANALYSIS
25912584          3ffd.exe          112 KB          UNDER ANALYSIS
25912650          4061.exe          56 KB          UNDER ANALYSIS
25912591          ehknru.exe          36 KB          UNDER ANALYSIS
25912592          eknrux.exe          60 KB          UNDER ANALYSIS
25912593          gua.exe          65.07 KB          UNDER ANALYSIS
25912595          kele.exe          65.07 KB          UNDER ANALYSIS
25912596          ph04521f33zc.exe          604.13 KB          UNDER ANALYSIS
25912651          ppsplayer.exe          189.53 KB          UNDER ANALYSIS
25912597          Setup.exe          24 KB          UNDER ANALYSIS
25912599          tmp.exe          88 KB          UNDER ANALYSIS
25912652          ##1.exe          20 KB          UNDER ANALYSIS
歌歌的人
发表于 2010-10-11 01:57:17 | 显示全部楼层
fatezero
发表于 2010-10-12 14:34:35 | 显示全部楼层
您好,

10.exe - Trojan-Downloader.Win32.VB.aawt,
10282.exe - Trojan-Clicker.Win32.VB.fqq,
3645.exe - Trojan-Downloader.Win32.VB.aawu,
3ffd.exe - Trojan.Win32.Qhost.ova,
4248.exe - Trojan-Downloader.Win32.Agent.evcn,
gua.exe - Trojan-Downloader.Win32.NSIS.fg,
kele.exe - Trojan-Downloader.Win32.NSIS.fh,
suotiao.exe - Trojan-Dropper.Win32.VB.nad,
Win11.exe - Trojan-Downloader.Win32.Adload.trp

以上文件包含恶意代码,下次更新后即可查杀。感谢您的上报。

12487335624.exe, Setup.exe - Trojan-Spy.Win32.Agent.blbc,
4061x.exe - Trojan-PSW.Win32.Bjlog.pet,
5512.exe - Backdoor.Win32.Hupigon.mhwb,
8722.exe - Trojan-Downloader.Win32.Agent.eugh,
eknrux.exe - Trojan-Downloader.Win32.Agent.eugj,
insetupsl[1].exe - Trojan.Win32.VBKrypt.kkr,
ph04521f33zc.exe - Backdoor.Win32.Hupigon.mhwc,
tmp.exe - Trojan-Downloader.Win32.Nekill.cb

以上文件卡巴斯基已经可以查杀,请您更新病毒库。

418.exe - not-a-virus:AdWare.Win32.Iebar.ae,
b38d.exe - not-a-virus:AdWare.Win32.Adnur.amb

以上文件为广告程序,卡巴斯基已经可以通过扩展病毒库查杀,关于扩展病毒库的详情请见:http://www.kaspersky.com/extraavupdates

ehknru.exe, uaua3731[1].exe

以上文件不包含恶意代码。

回复时请引用全部邮件。


--

卡巴斯基中国病毒实验室
中文主页:http://www.kaspersky.com.cn
病毒上报邮箱:viruslab@kaspersky.com.cn
技术支持邮箱:support@kaspersky.com.cn


sdie518
发表于 2010-10-12 15:55:10 | 显示全部楼层

qiaoli126
发表于 2010-10-12 16:07:08 | 显示全部楼层
nis2011 61/26扫描依然悲剧

您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-28 21:50 , Processed in 0.106504 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表