好久没来样本区了，先发一包 …… 58X ！！

显示全部楼层 · 发表于 2010-10-10 19:51:41

回复 10楼新新小仔001 的帖子

金山是有想当神器的野心么……

显示全部楼层 · 发表于 2010-10-10 19:56:19

可牛云出45个

显示全部楼层 · 发表于 2010-10-10 20:00:02

回复 11楼 O(∩_∩)O哈哈~ 的帖子

金山监控太弱

显示全部楼层 · 发表于 2010-10-10 20:02:23

回复 13楼新新小仔001 的帖子

可它的扫描器很合国情……国外不敢说……

显示全部楼层 · 发表于 2010-10-10 20:13:16

avira

Begin scan in 'D:\DOWNLOAD\待测'
D:\DOWNLOAD\待测\001.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
D:\DOWNLOAD\待测\100008.exe
  [DETECTION] Is the TR/Hijacker.Gen Trojan
--> Object
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\100009.exe
  [DETECTION] Is the TR/Hijacker.Gen Trojan
--> Object
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\10282.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\DOWNLOAD\待测\12487335602.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
D:\DOWNLOAD\待测\13054.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Hijacker.Gen Trojan
--> Object
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\20152.exe
[0] Archive type: RAR SFX (self extracting)
  [DETECTION] Contains code of the BOO/Trup.B boot sector virus
--> 360rps.exe
  [DETECTION] Contains code of the BOO/Trup.B boot sector virus
D:\DOWNLOAD\待测\360rps.exe
[DETECTION] Is the TR/Dldr.VB.L Trojan
D:\DOWNLOAD\待测\3996.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\4061x.exe
[DETECTION] Is the TR/Drop.Microjoin.D Trojan
D:\DOWNLOAD\待测\418.exe
[0] Archive type: NSIS
  [DETECTION] Contains virus patterns of Adware ADWARE/Zhongsou.A.40
--> ProgramFilesDir/IETimbar.dll
  [DETECTION] Contains virus patterns of Adware ADWARE/Zhongsou.A.40
D:\DOWNLOAD\待测\4248.exe
[DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
D:\DOWNLOAD\待测\4554.exe
[DETECTION] Is the TR/VB.voa Trojan
D:\DOWNLOAD\待测\46.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
D:\DOWNLOAD\待测\5512.exe
[DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
D:\DOWNLOAD\待测\684.exe
[DETECTION] Is the TR/ATRAPS.Gen2 Trojan
--> [TempDir]/2.exe.exe
  [DETECTION] Is the TR/Crypt.FSPM.Gen Trojan
D:\DOWNLOAD\待测\74fadacd1e7333ba9b510b3ee1d33cee.exe
[DETECTION] Is the TR/Agent.awqn.2.A Trojan
D:\DOWNLOAD\待测\8722.exe
[DETECTION] Is the TR/Dldr.Agent.RC Trojan
D:\DOWNLOAD\待测\954.exe
[0] Archive type: NSIS
  [DETECTION] Is the TR/Dropper.Gen Trojan
  --> [TempDir]/bofangqi.exe
[1] Archive type: RSRC
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
  --> [TempDir]/suotiao.exe
[1] Archive type: RSRC
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\ab6.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\DOWNLOAD\待测\b38d.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
D:\DOWNLOAD\待测\bofangqi.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Dropper.Gen Trojan
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\c4.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\DOWNLOAD\待测\c8.exe
[DETECTION] Is the TR/Killav.gwd.2 Trojan
D:\DOWNLOAD\待测\insetupsl[1].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\me2434.exe
[0] Archive type: NSIS
  [DETECTION] Is the TR/Dropper.Gen2 Trojan
--> ProgramFilesDir/38.dll
  [DETECTION] Is the TR/BHO.Gen Trojan
--> ProgramFilesDir/39.exe
  [DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\msseces.exe
[DETECTION] Is the TR/Hijacker.Gen Trojan
D:\DOWNLOAD\待测\opeEB.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
D:\DOWNLOAD\待测\Qvodplayer.exe
[DETECTION] Is the TR/Downloader.Gen4 Trojan
D:\DOWNLOAD\待测\suotiao.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Dropper.Gen Trojan
--> Object
  [DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\svchost.exe
[DETECTION] Is the TR/Downloader.Gen4 Trojan
D:\DOWNLOAD\待测\svhost0.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\svhost1.exe
[DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
D:\DOWNLOAD\待测\svhost3.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\svhost6.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\uaua3731[1].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\DOWNLOAD\待测\ugn32x.exe
[DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
D:\DOWNLOAD\待测\Win11.exe
  [DETECTION] Is the TR/Agent.49152 Trojan
--> Object
  [DETECTION] Is the TR/Agent.49152 Trojan
D:\DOWNLOAD\待测\Win3.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
D:\DOWNLOAD\待测\Win4.exe
  [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
--> Object
  [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
D:\DOWNLOAD\待测\Win5.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
D:\DOWNLOAD\待测\Win6.exe
[DETECTION] Is the TR/Dropper.Gen2 Trojan
D:\DOWNLOAD\待测\zcom.exe
[0] Archive type: RSRC
  [DETECTION] Is the TR/Agent.eefh Trojan
--> Object
  [DETECTION] Is the TR/Agent.eefh Trojan

Beginning disinfection:
D:\DOWNLOAD\待测\zcom.exe
[DETECTION] Is the TR/Agent.eefh Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\Win6.exe
[DETECTION] Is the TR/Dropper.Gen2 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\Win5.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\Win4.exe
[DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\Win3.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\Win11.exe
[DETECTION] Is the TR/Agent.49152 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\ugn32x.exe
[DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\uaua3731[1].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\svhost6.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\svhost3.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\svhost1.exe
[DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\svhost0.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\svchost.exe
[DETECTION] Is the TR/Downloader.Gen4 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\suotiao.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\Qvodplayer.exe
[DETECTION] Is the TR/Downloader.Gen4 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\opeEB.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\msseces.exe
[DETECTION] Is the TR/Hijacker.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\me2434.exe
[DETECTION] Is the TR/Dropper.Gen2 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\insetupsl[1].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\c8.exe
[DETECTION] Is the TR/Killav.gwd.2 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\c4.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\bofangqi.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\b38d.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\ab6.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\954.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\8722.exe
[DETECTION] Is the TR/Dldr.Agent.RC Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\74fadacd1e7333ba9b510b3ee1d33cee.exe
[DETECTION] Is the TR/Agent.awqn.2.A Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\684.exe
[DETECTION] Is the TR/ATRAPS.Gen2 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\5512.exe
[DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\46.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\4554.exe
[DETECTION] Is the TR/VB.voa Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\4248.exe
[DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\418.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Zhongsou.A.40
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\4061x.exe
[DETECTION] Is the TR/Drop.Microjoin.D Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\3996.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\360rps.exe
[DETECTION] Is the TR/Dldr.VB.L Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\20152.exe
[DETECTION] Contains code of the BOO/Trup.B boot sector virus
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\13054.exe
[DETECTION] Is the TR/Hijacker.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\12487335602.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\10282.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\100009.exe
[DETECTION] Is the TR/Hijacker.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\100008.exe
[DETECTION] Is the TR/Hijacker.Gen Trojan
[NOTE]    The file was deleted!
D:\DOWNLOAD\待测\001.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen2 Trojan
[NOTE]    The file was deleted!

End of the scan: 2010年10月10日  20:12
Used time: 00:01 Minute(s)

The scan has been done completely.

   1 Scanned directories
   85 Files were scanned
   47 Viruses and/or unwanted programs were found
   0 Files were classified as suspicious
   43 files were deleted
   0 Viruses and unwanted programs were repaired
   0 Files were moved to quarantine
   0 Files were renamed
   0 Files cannot be scanned
   38 Files not concerned
   9 Archives were scanned
   0 Warnings
   43 Notes

显示全部楼层 · 发表于 2010-10-10 20:20:17

我们收到了以下存档文件:

文件 ID    文件名大小(字节) 结果
25912649    待测.7z 1.15 MB OK

以下位置提供了存档中包含的文件及其结果的列表:
文件 ID    文件名大小(字节) 结果
25912580    10.exe    35.22 KB    UNDER ANALYSIS
25912582    12487335624.exe    125.2 KB    UNDER ANALYSIS
25911433    360tc.exe    99.49 KB    UNDER ANALYSIS
25912583    3645.exe    32 KB    UNDER ANALYSIS
25912584    3ffd.exe    112 KB    UNDER ANALYSIS
25912650    4061.exe    56 KB    UNDER ANALYSIS
25912591    ehknru.exe    36 KB    UNDER ANALYSIS
25912592    eknrux.exe    60 KB    UNDER ANALYSIS
25912593    gua.exe    65.07 KB    UNDER ANALYSIS
25912595    kele.exe    65.07 KB    UNDER ANALYSIS
25912596    ph04521f33zc.exe    604.13 KB    UNDER ANALYSIS
25912651    ppsplayer.exe    189.53 KB    UNDER ANALYSIS
25912597    Setup.exe    24 KB    UNDER ANALYSIS
25912599    tmp.exe    88 KB    UNDER ANALYSIS
25912652    ##1.exe    20 KB    UNDER ANALYSIS

显示全部楼层 · 发表于 2010-10-11 01:57:17

显示全部楼层 · 发表于 2010-10-12 14:34:35

您好，

10.exe - Trojan-Downloader.Win32.VB.aawt,
10282.exe - Trojan-Clicker.Win32.VB.fqq,
3645.exe - Trojan-Downloader.Win32.VB.aawu,
3ffd.exe - Trojan.Win32.Qhost.ova,
4248.exe - Trojan-Downloader.Win32.Agent.evcn,
gua.exe - Trojan-Downloader.Win32.NSIS.fg,
kele.exe - Trojan-Downloader.Win32.NSIS.fh,
suotiao.exe - Trojan-Dropper.Win32.VB.nad,
Win11.exe - Trojan-Downloader.Win32.Adload.trp

以上文件包含恶意代码，下次更新后即可查杀。感谢您的上报。

12487335624.exe, Setup.exe - Trojan-Spy.Win32.Agent.blbc,
4061x.exe - Trojan-PSW.Win32.Bjlog.pet,
5512.exe - Backdoor.Win32.Hupigon.mhwb,
8722.exe - Trojan-Downloader.Win32.Agent.eugh,
eknrux.exe - Trojan-Downloader.Win32.Agent.eugj,
insetupsl[1].exe - Trojan.Win32.VBKrypt.kkr,
ph04521f33zc.exe - Backdoor.Win32.Hupigon.mhwc,
tmp.exe - Trojan-Downloader.Win32.Nekill.cb

以上文件卡巴斯基已经可以查杀，请您更新病毒库。

418.exe - not-a-virus:AdWare.Win32.Iebar.ae,
b38d.exe - not-a-virus:AdWare.Win32.Adnur.amb

以上文件为广告程序，卡巴斯基已经可以通过扩展病毒库查杀，关于扩展病毒库的详情请见：http://www.kaspersky.com/extraavupdates。

ehknru.exe, uaua3731[1].exe

以上文件不包含恶意代码。

回复时请引用全部邮件。

--

卡巴斯基中国病毒实验室
中文主页：http://www.kaspersky.com.cn
病毒上报邮箱：viruslab@kaspersky.com.cn
技术支持邮箱：support@kaspersky.com.cn

显示全部楼层 · 发表于 2010-10-12 15:55:10

显示全部楼层 · 发表于 2010-10-12 16:07:08

nis2011 61/26扫描依然悲剧

[病毒样本] 好久没来样本区了 ， 先发一包 …… 58X ！！

[病毒样本] 好久没来样本区了，先发一包 …… 58X ！！