毒4个[35d745 82a877 632c7d 9d538c]

显示全部楼层 · 发表于 2007-6-8 15:13:49

35d745 82a877 632c7d 9d538c]

显示全部楼层 · 发表于 2007-6-8 15:50:53

木马名称:Backdoor.Win32.Hupigon.qc
程序:
I:\TEST\070608\7\DOWNLOADS[1]\GEZI.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Huigezi.dne
程序:
I:\TEST\070608\7\DOWNLOADS[1]\劲舞MB刷分外挂3.0破解版.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

显示全部楼层 · 发表于 2007-6-8 15:54:20

NSANTI真恶心

显示全部楼层 · 发表于 2007-6-8 17:11:33

-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.3.3
Virus signature file from: 2007-6-7, 20:26

Scan name: [Custom Scan]
Path to scan: C:\Documents and Settings\Administrator\桌面\Downloads[1].part2.rar|C:\Documents and Settings\Administrator\桌面\Downloads[1].part1.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-6-8, 17:10:39
---------------------------------------------------------------------

[Found backdoor] <W32/Hupigon.AFD (exact, not disinfectable)> C:\Documents and Settings\Administrator\桌面\Downloads[1].part2.rar->劲舞MB刷分外挂3.0破解版.exe
[Found password stealer] <W32/PWStealer.GQN (exact, not disinfectable)> C:\Documents and Settings\Administrator\桌面\Downloads[1].part2.rar->三钻会员教程.exe
[Contains infected objects] C:\Documents and Settings\Administrator\桌面\Downloads[1].part2.rar
[Quarantined] C:\Documents and Settings\Administrator\桌面\Downloads[1].part2.rar->三钻会员教程.exe
[Found backdoor] <W32/Hupigon.AFD (exact, not disinfectable)> C:\Documents and Settings\Administrator\桌面\Downloads[1].part1.rar->gezi.exe
[Contains infected objects] C:\Documents and Settings\Administrator\桌面\Downloads[1].part1.rar
[Quarantined] C:\Documents and Settings\Administrator\桌面\Downloads[1].part1.rar->gezi.exe

---------------------------------------------------------------------
Scan ended: 2007-6-8, 17:10:41
Duration: 0:00:02

Scan result:

Scanned files:    2
Infected objects:    3
Disinfected objects:    0
Quarantined files:    2
---------------------------------------------------------------------

显示全部楼层 · 发表于 2007-6-8 18:05:29

AVAST全灭

显示全部楼层 · 发表于 2007-6-8 19:00:36

显示全部楼层 · 发表于 2007-6-8 19:50:21

AntiVir PersonalEdition Classic
Report file date: 2007年6月8日  19:53

Scanning for 809587 virus strains and unwanted programs.

Licensed to:    Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform:       Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:       Administrator
Computer name: 5F100CEEF2BC4C6

Version information:
BUILD.DAT : 247          14437 Bytes 2007-5-10 11:55:00
AVSCAN.EXE : 7.0.4.15    282664 Bytes 2007-5-12 09:53:58
AVSCAN.DLL : 7.0.4.4    33832 Bytes 2007-3-27 05:31:56
LUKE.DLL    : 7.0.4.11    143400 Bytes 2007-3-27 05:26:06
LUKERES.DLL  : 7.0.4.0    10280 Bytes 2007-3-19 05:19:00
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 2006-5-31 07:08:58
ANTIVIR1.VDF : 6.38.1.170  5569024 Bytes 2007-5-21 12:05:50
ANTIVIR2.VDF : 6.38.1.227 320000 Bytes 2007-6-5 04:40:44
ANTIVIR3.VDF : 6.38.2.6    52224 Bytes 2007-6-7 05:34:00
AVEWIN32.DLL : 7.4.0.32 2478592 Bytes 2007-6-6 04:40:46
AVWINLL.DLL  : 1.0.0.7    14376 Bytes 2007-2-26 03:36:28
AVPREF.DLL : 7.0.2.1    24616 Bytes 2007-3-27 05:31:52
AVREP.DLL : 7.0.0.1    155688 Bytes 2007-4-16 06:16:24
AVPACK32.DLL : 7.3.0.10    360488 Bytes 2007-5-31 04:45:32
AVREG.DLL : 7.0.1.2    31784 Bytes 2007-3-15 02:05:10
AVEVTLOG.DLL : 7.0.0.18    86056 Bytes 2007-3-27 05:16:06
AVARKT.DLL : 1.0.0.17    278568 Bytes 2007-5-12 09:53:58
NETNT.DLL : 7.0.0.0       7720 Bytes 2007-3-8 04:09:44
RCIMAGE.DLL  : 7.0.1.15 2228264 Bytes 2007-3-13 03:46:20
RCTEXT.DLL : 7.0.45.0    86056 Bytes 2007-3-19 05:42:44

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\c1b80d6e.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Skipped files....................: C:\Program Files\Tencent\QQ\QQexternal.exe, D:\hk,

Start of the scan: 2007年6月8日  19:53

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\Downloads.part1.rar'
C:\Documents and Settings\Administrator\桌面\Downloads.part1.rar
  [0] Archive type: RAR
  --> gezi.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Hupigon.PV.11 Backdoor server programs
   [WARNING] The file was ignored!

End of the scan: 2007年6月8日  19:53
Used time: 00:07 min

The scan has been done completely.

   0 Scanning directories
   2 Files were scanned
   1 viruses and/or unwanted programs were found
   0 classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-6-8 21:12:58

http://www.bitdefender.com/vfind/?q=Backdoor.Pigeon.KG

显示全部楼层 · 发表于 2007-6-8 21:40:31

kav7秒杀。

[病毒样本] 毒4个[35d745 82a877 632c7d 9d538c]

本帖子中包含更多资源

微点拦截情况

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块