收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 过GDATA扫描,金山鉴定为病毒
123下一页
返回列表 发新帖
楼主: 绅博周幸
 收起左侧

[病毒样本] 过GDATA扫描,金山鉴定为病毒

[复制链接]
qianyuqx
头像被屏蔽
发表于 2011-10-16 19:05:22 | 显示全部楼层
to mse
回复

举报

ADSLgg
发表于 2011-10-16 19:53:17 | 显示全部楼层
红伞V5
回复

举报

冷雪
发表于 2011-10-16 20:05:41 | 显示全部楼层
360 3.0报。
回复

举报

hx1997
发表于 2011-10-16 20:17:12 | 显示全部楼层
DefenseWall log file

10.16.2011  20:15:24,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\system32\win32k.sys (文件 )

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\scsiport.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sdbus.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\secdrv.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\serenum.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\serial.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sffdisk.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sffp_mmc.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sffp_sd.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sfloppy.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\smclib.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sonydcam.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\splitter.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sr.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\srv.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\stream.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\swenum.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\swmidi.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\sysaudio.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tape.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tcpip.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tcpip6.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tdi.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tdpipe.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tdtcp.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\termdd.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tosdvd.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tsbvcap.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\tunmp.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\udfs.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\update.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usb8023.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbcamd.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbcamd2.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbd.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbhub.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbintel.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbohci.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\usbport.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\VBoxGuest.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\VBoxMouse.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\VBoxSF.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\VBoxVideo.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\vdmindvd.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\vga.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\videoprt.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\volsnap.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\wanarp.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\wdmaud.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\wmilib.sys (资源隔离)

10.16.2011  20:15:19,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\ws2ifsl.sys (资源隔离)

10.16.2011  20:15:18,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\system32\dllcache\win32k.sys (文件 )

10.16.2011  20:15:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\system32\config\ (文件 )

10.16.2011  20:15:15,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\SoftwareDistribution\Download\ (文件 )

10.16.2011  20:15:13,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\ServicePackFiles\ (文件 )

10.16.2011  20:15:12,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\repair\ (文件 )

10.16.2011  20:14:55,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\WINDOWS\Driver Cache\ (文件 )

10.16.2011  20:14:43,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\LocalService\ntuser.dat.LOG (文件 )

10.16.2011  20:14:43,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\NetworkService\NTUSER.DAT (文件 )

10.16.2011  20:14:43,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\NetworkService\ntuser.dat.LOG (文件 )

10.16.2011  20:14:43,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\LocalService\NTUSER.DAT (文件 )

10.16.2011  20:14:40,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\All Users\ntuser.dat.LOG (文件 )

10.16.2011  20:14:41,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\Default User\NTUSER.DAT (文件 )

10.16.2011  20:14:41,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\Default User\ntuser.dat.LOG (文件 )

10.16.2011  20:14:40,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\All Users\ntuser.dat (文件 )

10.16.2011  20:14:36,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\Administrator\NTUSER.DAT (文件 )

10.16.2011  20:14:36,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to open secured file C:\Documents and Settings\Administrator\ntuser.dat.LOG (文件 )

10.16.2011  20:14:36,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 10:Attempt to open protected file C:\Documents and Settings\Administrator\NetHood\ (资源隔离)

10.16.2011  20:14:26,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 10:Attempt to open protected file C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\ (资源隔离)

10.16.2011  20:14:23,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 10:Attempt to open protected file C:\Documents and Settings\Administrator\Cookies\ (资源隔离)

10.16.2011  20:14:18,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 10:Attempt to open protected file C:\Documents and Settings\Administrator\Application Data\Microsoft\Credentials\ (资源隔离)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to create new key HKCU\Software\Mozilla\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to create new key HKCU\Software\Mozilla\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to create new key HKCU\Software\Mozilla\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to set value MozillaAgent within the key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 8:Attempt to open protected file C:\WINDOWS\system32\drivers\npf.sys (资源隔离)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to set value AppData within the key HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to set value Local AppData within the key HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to set value Common AppData within the key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, Attempt to create new key HKCU\Software\Mozilla\ (注册表)

10.16.2011  20:14:17,模块 C:\Documents and Settings\Administrator\桌面\upx.exe, 1:Process is running untrusted now (进程)

回复

举报

留侯
发表于 2011-10-17 10:20:00 | 显示全部楼层
大蜘蛛:
upx.exe infected with Trojan.PWS.Siggen.28595
回复

举报

xyc5238207
发表于 2011-10-17 10:46:28 | 显示全部楼层
请问一下,我是拨号上网的,安装了gdata以后,每次开机读无法拨号,电机拨号的没有任何反应,拨号窗口不出来,电脑变得很卡了。吧gdata的实时监控关了就可以拨号了,请问这是为什么呢?
回复

举报

polluxkyo
头像被屏蔽
发表于 2011-10-17 10:53:24 | 显示全部楼层
FS Kill

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

阿童木看星星
发表于 2011-10-18 11:23:01 | 显示全部楼层
卡巴拦截

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

黯然星火
发表于 2011-10-18 11:28:43 | 显示全部楼层
卡巴拦截
回复

举报

qianyuqx
头像被屏蔽
发表于 2011-10-18 13:02:49 | 显示全部楼层
to rising
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-8-22 02:00 , Processed in 0.092728 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表