刚发现的几个病毒

显示全部楼层 · 发表于 2010-10-20 11:08:14

本帖最后由 chabosh 于 2010.10.20 11:08 编辑

刚发现的几个病毒

显示全部楼层 · 发表于 2010-10-20 11:14:28

没病毒！！

显示全部楼层 · 发表于 2010-10-20 11:18:56

回复 1楼 chabosh 的帖子

样本里有很多不能运行...
XHhips 发现8个显示2个（Bug待修复)
http://bbs.kafan.cn/thread-817994-1-1.html

显示全部楼层 · 发表于 2010-10-20 11:25:19

回复 2楼 yuanjian1324 的帖子

没有进行扫描请不要乱说

360杀毒扫描日志

病毒库版本：6307203
扫描时间：2010-10-20 11:08:30
扫描用时：00:00:52
扫描类型：右键扫描
扫描文件总数：46
威胁总数：12

扫描选项
----------------------
扫描所有文件：否
扫描压缩包：否
发现病毒处理方式：自动
扫描系统内存：是
扫描磁盘引导区：是
扫描Rootkit：否
使用启发式扫描：是

扫描内容
----------------------
D:\Bingdu.rar

白名单设置
----------------------

扫描结果
======================
病毒扫描结果
----------------------
D:\Bingdu.rar=>bingdu\cz.exe 恶意浏览器插件(TrojanClicker/Win32.BHO.NCB) 已删除
D:\Bingdu.rar=>bingdu\jg.exe Malware.QVM03.Gen 已删除
D:\Bingdu.rar=>bingdu\kav.exe 木马(TR/Crypt.XDR.Gen) 已删除
D:\Bingdu.rar=>bingdu\oneg10019890.exe 木马(TR/Crypt.XPACK.Gen) 已删除
D:\Bingdu.rar=>bingdu\oneg1414359.exe 木马(HEUR/Malware) 已删除
D:\Bingdu.rar=>bingdu\oneg513796.exe 木马(HEUR/Crypted) 已删除
D:\Bingdu.rar=>bingdu\oneg9894921.exe 木马(TR/ATRAPS.Gen) 已删除
D:\Bingdu.rar=>bingdu\oneg9981515.exe 木马释放器(Win32/Agent.AMDC) 已删除
D:\Bingdu.rar=>bingdu\smss.exe 木马(TR/Dropper.Gen) 已删除
D:\Bingdu.rar=>bingdu\te.exe Malware.QVM03.Gen 已删除
D:\Bingdu.rar=>bingdu\updata.exe 木马(Win32/Trojan.gen) 已删除
D:\Bingdu.rar=>bingdu\oneg9942750.exe 可疑木马(Trojan.Generic.4906675) 已删除

显示全部楼层 · 发表于 2010-10-20 12:08:18

本帖最后由 fatezero 于 2010.10.20 12:08 编辑

KIS 8X

未处理: Trojan-Downloader.Win32.Geral.uni       E:\download\Bingdu\updata.exe       稍后处理
未处理: Trojan-Downloader.Win32.Geral.vng       E:\download\Bingdu\kav.exe/PE_Patch/UPack       稍后处理
未处理: Trojan-Clicker.Win32.VB.fst       E:\download\Bingdu\TE.exe       稍后处理
未处理: Trojan-GameThief.Win32.OnLineGames.bnrw       E:\download\Bingdu\OneG9981515.exe/PE_Patch/UPack       稍后处理
未处理: Trojan-GameThief.Win32.OnLineGames.xfij       E:\download\Bingdu\OneG9942750.exe       稍后处理
未处理: Trojan-GameThief.Win32.OnLineGames.xgec       E:\download\Bingdu\OneG10019890.exe       稍后处理
未处理: Trojan-Clicker.Win32.VB.fst       E:\download\Bingdu\JG.exe       稍后处理
未处理: Trojan-Clicker.Win32.VB.fsx       E:\download\Bingdu\CZ.exe       稍后处理

显示全部楼层 · 发表于 2010-10-20 12:24:05

本帖最后由三生缘石于 2010.10.20 12:27 编辑

ess kill 11
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\CZ.exe - Win32/TrojanClicker.BHO.NCB 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\JG.exe - Win32/TrojanClicker.BHO.NCB 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\kav.exe - Win32/AntiAV.NGR 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG10019890.exe - Win32/PSW.OnLineGames.PEA 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG1414359.exe - Win32/PSW.OnLineGames.QLE 特洛伊木马
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG335593.exe > PECompact v2.xx - 解压错误
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG9250265.exe > PECompact v2.xx - 解压错误
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG9894921.exe - Win32/PSW.OnLineGames.NAQ 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG9942750.exe - Win32/PSW.OnLineGames.QLE 特洛伊木马
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\OneG9981515.exe - Win32/Agent.RYN 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\smss.exe - Win32/TrojanClicker.BHO.NCB 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\TE.exe - Win32/TrojanClicker.BHO.NCB 特洛伊木马的变种
C:\Users\微亿毫\Desktop\Bingdu.rar > RAR > Bingdu\updata.exe - Win32/TrojanDownloader.Agent.PVW 特洛伊木马
to eset
http://samples.nod32.com.sg/index.php?a=query&md5=6d101055bd33aed365f00bb8b5de72ec

显示全部楼层 · 发表于 2010-10-20 13:06:40

avira

Begin scan in 'D:\Download\Bingdu'
D:\Download\Bingdu\kav.exe
  [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
--> Object
  [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
[NOTE]    The file was moved to quarantine directory and named '4e6dd78a.qua'!
D:\Download\Bingdu\OneG10019890.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was moved to quarantine directory and named '56edf822.qua'!
D:\Download\Bingdu\OneG1414359.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '04b2a2ca.qua'!
D:\Download\Bingdu\OneG1534328.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '6285ed08.qua'!
D:\Download\Bingdu\OneG1704796.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '2701c036.qua'!
D:\Download\Bingdu\OneG283718.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '581af257.qua'!
D:\Download\Bingdu\OneG513796.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '14a2de1d.qua'!
D:\Download\Bingdu\OneG721062.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '68ba9e4d.qua'!
D:\Download\Bingdu\OneG8010656.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '45e0b100.qua'!
D:\Download\Bingdu\OneG801906.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '5c888a9a.qua'!
D:\Download\Bingdu\OneG815593.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '30d4a6aa.qua'!
D:\Download\Bingdu\OneG9369812.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '416d9f3f.qua'!
D:\Download\Bingdu\OneG976734.exe
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to quarantine directory and named '4f77aff8.qua'!
D:\Download\Bingdu\OneG9894921.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    The file was moved to quarantine directory and named '0a5ed6ba.qua'!
D:\Download\Bingdu\OneG9942750.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
[NOTE]    The file was moved to quarantine directory and named '0355d211.qua'!
D:\Download\Bingdu\OneG9981515.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was moved to quarantine directory and named '5b14cb78.qua'!
D:\Download\Bingdu\smss.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was moved to quarantine directory and named '77f2b2b7.qua'!
D:\Download\Bingdu\updata.exe
[DETECTION] Is the TR/Dldr.Geral.uni Trojan
[NOTE]    The file was moved to quarantine directory and named '491fd210.qua'!

显示全部楼层 · 发表于 2010-10-20 13:10:49

微点kill 9

显示全部楼层 · 发表于 2010-10-20 13:11:46

没病毒！

显示全部楼层 · 发表于 2010-10-20 13:16:04

BitDefender2011

[病毒样本] 刚发现的几个病毒

评分

浏览过的版块