收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 网马又一筐
12
返回列表 发新帖
楼主: zane_xzz
 收起左侧

[病毒样本] 网马又一筐

[复制链接]
uhthn2002
发表于 2007-10-15 21:20:08 | 显示全部楼层
Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 550
Paranoia Database - 10482
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\new

C:\Documents and Settings\uhthn\Desktop\new\svcos.exe - Infected Win32.Trojan-PSW.Delf.b
C:\Documents and Settings\uhthn\Desktop\new\xuik.exe - Suspected MalwareDetector:Generic.PSW.4
C:\Documents and Settings\uhthn\Desktop\new\100.exe - Infected Trojan-PSW.OnLineGames.u
C:\Documents and Settings\uhthn\Desktop\new\101.exe - Infected Trojan-PSW.OnLineGames.43
C:\Documents and Settings\uhthn\Desktop\new\102.exe - Infected Trojan-PSW.OnLineGames.8
C:\Documents and Settings\uhthn\Desktop\new\103.exe - Infected Trojan-PSW.OnLineGames.48
C:\Documents and Settings\uhthn\Desktop\new\104.exe - Infected Trojan-PSW.OnLineGames.42
C:\Documents and Settings\uhthn\Desktop\new\105.exe - Infected Trojan-PSW.OnLineGames.48
C:\Documents and Settings\uhthn\Desktop\new\106.exe - Infected Trojan-PSW.OnLineGames.43
C:\Documents and Settings\uhthn\Desktop\new\107.exe - Infected Trojan-PSW.OnLineGames.48
C:\Documents and Settings\uhthn\Desktop\new\108.exe - Suspected MalwareDetector:Generic.PSW.3
C:\Documents and Settings\uhthn\Desktop\new\109.exe - Infected Trojan-PSW.OnLineGames.43
C:\Documents and Settings\uhthn\Desktop\new\110.exe - Suspected Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\new\111.exe - Infected Trojan-PSW.OnLineGames.48
C:\Documents and Settings\uhthn\Desktop\new\112.exe - Infected Win32.Generic.Malware.91648.2a0
C:\Documents and Settings\uhthn\Desktop\new\113.exe - Infected MalwareDetector:Win32.Backdoor.kolmat.a
C:\Documents and Settings\uhthn\Desktop\new\114.exe - Infected Generic.Malware.43365.133
C:\Documents and Settings\uhthn\Desktop\new\115.exe - Infected Trojan-PSW.OnLineGames.52
C:\Documents and Settings\uhthn\Desktop\new\116.exe - Infected Trojan-PSW.OnLineGames.48
C:\Documents and Settings\uhthn\Desktop\new\117.exe - Infected Trojan-PSW.OnLineGames.43
C:\Documents and Settings\uhthn\Desktop\new\118.exe - Infected Generic.Malware.164749.97e
C:\Documents and Settings\uhthn\Desktop\new\119.exe - Infected Trojan-PSW.OnLineGames.48
C:\Documents and Settings\uhthn\Desktop\new\888.exe - Suspected Win32.Trojan-Downloader.Zlob.1

23 Files scanned
19 Infected files found
4 Suspected files found
0 Files cured
19 Files deleted
回复

举报

wangjay1980
发表于 2007-10-15 21:41:53 | 显示全部楼层
23quansha
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.efs        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\100.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.efl        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\101.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fbo        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\102.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\103.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.doj        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\104.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\105.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.bgr        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\106.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.eop        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\107.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fdy        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\108.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dgi        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\109.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.QQPass.ahs        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\110.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fcg        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\111.exe//PE_Patch//UPack
deleted: virus Worm.Win32.Viking.lw        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\112.exe
deleted: Trojan program Backdoor.Win32.Kolmat.b        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\113.exe//NSPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.cnf        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\114.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fbx        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\115.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fbv        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\116.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fbu        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\117.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-Spy.Win32.Agent.pr        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\118.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fch        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\119.exe
deleted: virus Virus.Win32.AutoRun.om        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\888.exe//PE_Patch.UPX//UPX
deleted: virus Worm.Win32.QQPass.ac        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\svcos.exe//UPX//PEPatch
deleted: adware not-a-virus:AdWare.Win32.Agent.no        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð_2).rar/н¨Îļþ¼Ð (2)\xuik.exe//PE_Patch//UPack
回复

举报

popfather
头像被屏蔽
发表于 2007-10-15 21:49:35 | 显示全部楼层
瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.XYOnline.kt
病毒: Trojan.PSW.Win32.OnlineGames.zem
病毒: Trojan.PSW.Win32.OnlineGames.zyr
病毒: Trojan.PSW.Win32.LMir.ywz
病毒: Trojan.PSW.Win32.Shanda.ab
病毒: Trojan.PSW.Win32.DJOnline.t
病毒: Trojan.PSW.Win32.OnlineGames.bgr
病毒: Trojan.PSW.Win32.SunOnline.dr
病毒: Trojan.PSW.Win32.OnlineGames.yul
病毒: Worm.Win32.PaBug.az      
病毒: Trojan.PSW.Win32.OnlineGames.zzv
病毒: Worm.Win32.Viking.viv   
病毒: Trojan.Win32.Agent.zkn   
病毒: Trojan.PSW.Win32.OnlineGames.zrt
病毒: Trojan.PSW.Win32.OnlineGames.zyq
病毒: Trojan.PSW.Win32.OnlineGames.zzt
病毒: Trojan.PSW.Win32.OnlineGames.zyp
病毒: Dropper.Win32.ArpCheater.a
病毒: Trojan.DL.Win32.Autorun.yuw
病毒: Trojan.DL.Win32.Autorun.yvg
病毒: Trojan.DL.Win32.Agent.zmk

MAC 地址:00:10:5C:F1:92:84

用户来源:互联网

软件版本:20.14.02
瑞星08 21个
回复

举报

netplaier
发表于 2007-10-15 22:04:22 | 显示全部楼层
---------------------------------------------------------
AVG Anti-Spyware - 扫描报告
---------------------------------------------------------

+ 扫描结果
107.exe

Downloader.Zlob.dfw

已清除.
113.exe

Hijacker.Small

已清除.
118.exe

Logger.Agent.pr

已清除.
108.exe

Trojan.Agent

已清除.
106.exe

Trojan.OnLineGames.bgr

已清除.
114.exe

Trojan.OnLineGames.cnf

已清除.
109.exe

Trojan.OnLineGames.dgi

已清除.
104.exe

Trojan.OnLineGames.doj

已清除.
100.exe

Trojan.OnLineGames.dvu

已清除.
101.exe

Trojan.OnLineGames.efl

已清除.
112.exe

Worm.Viking.bx

已清除.
共查杀:11项
报告结束
---------------------------------------------------------
Dr.Web - 扫描报告
---------------------------------------------------------

+ 扫描结果
100.exeTrojan.MulDrop.9098Deleted.
101.exeTrojan.PWS.Wsgame.1562Deleted.
102.exeTrojan.PWS.Wsgame.1699Deleted.
103.exeTrojan.PWS.Gamania.5102Deleted.
104.exeTrojan.PWS.Wsgame.1430Deleted.
105.exeBackDoor.RShellDeleted.
106.exeTrojan.PWS.Gamania.3716Deleted.
107.exeBackDoor.RShellDeleted.
108.exeTrojan.PWS.Gamania.5198Deleted.
109.exeTrojan.PWS.Wsgame.1614Deleted.
110.exeTrojan.PWS.Qqpass.1474Deleted.
111.exeTrojan.PWS.Gamania.5191Deleted.
112.exeWin32.HLLW.Gavir.72Deleted.
113.exeTrojan.Inject.263Deleted.
114.exeTrojan.PWS.SpywooolDeleted.
115.exeTrojan.PWS.Wsgame.1698Deleted.
116.exeTrojan.PWS.Gamania.5192Deleted.
117.exeTrojan.PWS.Gamania.5177Deleted.
118.exeTrojan.ArpspoofDeleted.
119.exeTrojan.PWS.Gamania.5193Deleted.
888.exeBackDoor.WebDorDeleted.
svcos.exeWin32.HLLW.Autoruner.originDeleted.
xuik.exeTrojan.PWS.NongminDeleted.
共查杀:23项
报告结束
---------------------------------------------------------
Kaspersky - 扫描报告
---------------------------------------------------------

+ 扫描结果
100.exe木马程序 Trojan-PSW.Win32.OnLineGames.efs已删除
101.exe木马程序 Trojan-PSW.Win32.OnLineGames.efl已删除
102.exe木马程序 Trojan-PSW.Win32.OnLineGames.fbo已删除
103.exe木马程序 Trojan-PSW.Win32.OnLineGames.eop已删除
104.exe木马程序 Trojan-PSW.Win32.OnLineGames.doj已删除
105.exe木马程序 Trojan-PSW.Win32.OnLineGames.eop已删除
106.exe木马程序 Trojan-PSW.Win32.OnLineGames.bgr已删除
107.exe木马程序 Trojan-PSW.Win32.OnLineGames.eop已删除
108.exe木马程序 Trojan-PSW.Win32.OnLineGames.fdy已删除
109.exe木马程序 Trojan-PSW.Win32.OnLineGames.dgi已删除
110.exe木马程序 Trojan-PSW.Win32.QQPass.ahs已删除
111.exe木马程序 Trojan-PSW.Win32.OnLineGames.fcg已删除
112.exe病毒 Worm.Win32.Viking.lw已删除
113.exe木马程序 Backdoor.Win32.Kolmat.b已删除
114.exe木马程序 Trojan-PSW.Win32.OnLineGames.cnf已删除
115.exe木马程序 Trojan-PSW.Win32.OnLineGames.fbx已删除
116.exe木马程序 Trojan-PSW.Win32.OnLineGames.fbv已删除
117.exe木马程序 Trojan-PSW.Win32.OnLineGames.fbu已删除
118.exe木马程序 Trojan-Spy.Win32.Agent.pr已删除
119.exe木马程序 Trojan-PSW.Win32.OnLineGames.fch已删除
888.exe病毒 Virus.Win32.AutoRun.om已删除
svcos.exe病毒 Worm.Win32.QQPass.ac已删除
xuik.exe广告程序 not-a-virusAdWare.Win32.Agent.no已删除
共查杀:23项
报告结束
回复

举报

BING126
头像被屏蔽
发表于 2007-10-16 15:59:05 | 显示全部楼层
扫描开始时间: 2007-10-16 15:58:22
扫描日志
NOD32 版本 2592 (20071015) NT
命令行: C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar

日期: 2007年10月16日  时间: 15:58:24
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\100.exe<病毒 - Win32/PSW.Agent.NEC 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\101.exe<病毒 - Win32/PSW.OnLineGames.YA 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\102.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NFL 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\103.exe<病毒 - Win32/PSW.OnLineGames.NGU 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\104.exe<病毒 - Win32/PSW.OnLineGames.YA 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\105.exe<病毒 - Win32/PSW.OnLineGames.NGU 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\106.exe<病毒 - Win32/PSW.OnLineGames.YA 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\107.exe<病毒 - Win32/PSW.OnLineGames.NGU 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\108.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\109.exe<病毒 - Win32/PSW.OnLineGames.YA 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\110.exe<病毒 - 可能是 Win32/AutoRun.Q 蠕虫 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\111.exe<病毒 - Win32/PSW.OnLineGames.FCG 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\112.exe<病毒 - Win32/Viking.LU 病毒>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\113.exe<病毒 - Win32/Delf.NGD 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\114.exe<病毒 - Win32/PSW.Legendmir.NEP 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\115.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NFL 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\116.exe<病毒 - Win32/PSW.OnLineGames.NGU 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\117.exe<病毒 - Win32/PSW.OnLineGames.NFL 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\118.exe<病毒 - Win32/Agent.NEM 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\119.exe<病毒 - Win32/PSW.OnLineGames.FCH 木马>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\888.exe<病毒 - Win32/Delf.NDV 蠕虫 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\svcos.exe<病毒 - 可能是 Win32/PSW.Delf.NHI 木马 变种>
C:\Documents and Settings\Administrator\桌面\新建文件夹 2).rar ?RAR ?新建文件夹 (2)\xuik.exe<病毒 - 可能是 Win32/Genetik 木马 变种>
已扫描文件数量: 23
已发现病毒数量: 23
完成时间: 15:58:27 总共扫描时间: 3 秒 (00:00:03)
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-19 17:48 , Processed in 0.099134 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表