收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 乱七八糟一堆
12
返回列表 发新帖
楼主: promised
 收起左侧

[病毒样本] 乱七八糟一堆

[复制链接]
uhthn2002
发表于 2007-11-3 01:15:34 | 显示全部楼层
C:\Documents and Settings\Uhthn\Desktop\ad\ad\102350.exe : infected Trojan-Downloader.Win32.Adload.ca
C:\Documents and Settings\Uhthn\Desktop\ad\ad\1283.exe:<RAR>\xboxcenter.dll : infected Trojan.Win32.Agent.ut
C:\Documents and Settings\Uhthn\Desktop\ad\ad\1283.exe:<RAR>\ehuupdate.exe : infected Trojan.Win32.Agent.ut
C:\Documents and Settings\Uhthn\Desktop\ad\ad\1283.exe : backup copy created
C:\Documents and Settings\Uhthn\Desktop\ad\ad\2006929112921bind_40072.exe : infected Trojan-Downloader.NSIS.QQHelper.r
C:\Documents and Settings\Uhthn\Desktop\ad\ad\2060.exe:<RAR>\tool.exe : infected AdWare.Win32.Dm.g
C:\Documents and Settings\Uhthn\Desktop\ad\ad\2060.exe : backup copy created
C:\Documents and Settings\Uhthn\Desktop\ad\ad\5106.exe : infected AdWare.Win32.IEHlpr.q
C:\Documents and Settings\Uhthn\Desktop\ad\ad\corder.exe : infected Trojan.Corder
C:\Documents and Settings\Uhthn\Desktop\ad\ad\JXJ_QQ.Exe : infected Trojan-PSW.Win32.QQShou.iq
C:\Documents and Settings\Uhthn\Desktop\ad\ad\killqq.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\Uhthn\Desktop\ad\ad\KNQQ.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\Uhthn\Desktop\ad\ad\Kuaiso_06006.exe : infected AdWare.Win32.Kuaiso.a
C:\Documents and Settings\Uhthn\Desktop\ad\ad\M_ayi.exe : infected Trojan-Downloader.Win32.Agent.anz
C:\Documents and Settings\Uhthn\Desktop\ad\ad\QQUpdate.exe : infected Trojan.DownLoader.11008
C:\Documents and Settings\Uhthn\Desktop\ad\ad\server.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\Uhthn\Desktop\ad\ad\Setsfc.exe : infected Trojan-PSW.Win32.QQPass.z
C:\Documents and Settings\Uhthn\Desktop\ad\ad\SoundMan.exe : infected Trojan-PSW.Win32.QQPass.z
C:\Documents and Settings\Uhthn\Desktop\ad\ad\XBG.exe : infected MalwareScope.Trojan-PSW.Game.7


Directories       : 1       Files in archives:      Files on disks:
Archives:                   - total       : 3       - total       : 19   
- scanned         : 2       -  scanned    : 3       - scanned     : 19   
- contain viruses : 2       -  infected   : 3       - infected    : 16   
- deleted         : 0       -  suspicious : 0       - suspicious  : 0     

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 786
Paranoia Database - 48413
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\ad

C:\Documents and Settings\Uhthn\Desktop\ad\ad\102350.exe - Suspected BACKDOOR.DELF.1
C:\Documents and Settings\Uhthn\Desktop\ad\ad\1283.exe - OK
C:\Documents and Settings\Uhthn\Desktop\ad\ad\2006929112921bind_40072.exe - Suspected TROJAN-PSW.ONLINEGAMES.3
C:\Documents and Settings\Uhthn\Desktop\ad\ad\2060.exe - OK
C:\Documents and Settings\Uhthn\Desktop\ad\ad\5106.exe - Suspected TROJAN-DOWNLOADER.AGENT.1
C:\Documents and Settings\Uhthn\Desktop\ad\ad\corder.exe - OK
C:\Documents and Settings\Uhthn\Desktop\ad\ad\JXJ_QQ.Exe - Suspected WIN32.TROJAN-PSW.QQPASS.1
C:\Documents and Settings\Uhthn\Desktop\ad\ad\killqq.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\ad\ad\KNQQ.exe - Suspected MaliciousScope:WIN32.GENERIC.MALWARE.1
C:\Documents and Settings\Uhthn\Desktop\ad\ad\Kuaiso_06006.exe - Infected GENERIC.MALWARE.A51.70A19 - Deleted
C:\Documents and Settings\Uhthn\Desktop\ad\ad\kuaiso_06045.exe - Suspected TROJAN.DIALER.1
C:\Documents and Settings\Uhthn\Desktop\ad\ad\kw_wl_lyric_036.exe - Suspected TROJAN-DOWNLOADER (HTTP://{REMOVED}/...)
C:\Documents and Settings\Uhthn\Desktop\ad\ad\M_ayi.exe - Infected GENERIC.MALWARE.CF2.B96C - Deleted
C:\Documents and Settings\Uhthn\Desktop\ad\ad\QQUpdate.exe - Suspected WIN32.WORM.VIKING.2
C:\Documents and Settings\Uhthn\Desktop\ad\ad\rjzc139_cns_yassist.exe - Infected GENERIC.MALWARE.C2D.56F8E - Deleted
C:\Documents and Settings\Uhthn\Desktop\ad\ad\server.exe - Infected WIN32.TROJAN-PSW.QQPASS.2 - Deleted
C:\Documents and Settings\Uhthn\Desktop\ad\ad\Setsfc.exe - Suspected TROJAN-DOWNLOADER (HTTP://{REMOVED}/...)
C:\Documents and Settings\Uhthn\Desktop\ad\ad\SoundMan.exe - OK
C:\Documents and Settings\Uhthn\Desktop\ad\ad\XBG.exe - Infected WIN32.TROJAN-PSW.QQPASS.2 - Deleted

19 Files scanned
5 Infected files found
10 Suspected files found
0 Files disinfected
5 Files deleted
回复

举报

傻猪猪米走鸡
发表于 2007-11-3 09:22:26 | 显示全部楼层
20ge ENA is good
回复

举报

yager 该用户已被删除
发表于 2007-11-3 09:41:52 | 显示全部楼层
我的ess怎么只有15个???
回复

举报

nealee
发表于 2007-11-3 10:06:32 | 显示全部楼层

回复 10楼 xemacs 的帖子

卡 8的界面真漂亮 。。。
回复

举报

wangjay1980
发表于 2007-11-3 15:27:48 | 显示全部楼层
kw_wl_lyric_036.exe_, QQUpdate.exe_, rjzc139_cns_yassist.exe_

No malicious code were found in these files.
回复

举报

txl_2
发表于 2007-11-4 10:39:48 | 显示全部楼层
我下载来试下
回复

举报

pmj_sh
发表于 2007-11-4 14:18:54 | 显示全部楼层
Object: 102350.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-Downloader.Win32.Adload.cz (Engine A)
Object: data.rar xboxcenter.dll
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\1283.exe
        Status: Virus detected
        Virus: Trojan.Win32.Agent.ut (Engine A)
Object: data.rar ehuupdate.exe
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\1283.exe
        Status: Virus detected
        Virus: Trojan.Win32.Agent.ut (Engine A)
Object: 1283.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan.Win32.Agent.ut (2x) (Engine A)
Object: data0001
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\2006929112921bind_40072.exe
        Status: Virus detected
        Virus: Trojan-Downloader.NSIS.QQHelper.r (Engine A)
Object: 2006929112921bind_40072.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-Downloader.NSIS.QQHelper.r (Engine A)
Object: data.rar tool.exe
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\2060.exe
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.Dm.g (Engine A)
Object: 2060.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.Dm.g (Engine A)
Object: 5106.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.IEHlpr.q (Engine A)
Object: corder.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan.Win32.VB.ats (Engine A)
Object: JXJ_QQ.Exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.QQShou.iq (Engine A)
Object: killqq.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.QQPass.wa (Engine A)
Object: KNQQ.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.QQPass.sg (Engine A)
Object: stream data0001
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\Kuaiso_06006.exe
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.Kuaiso.a (Engine A)
Object: Kuaiso_06006.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.Kuaiso.a (Engine A)
Object: stream data0013
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\kuaiso_06045.exe
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.Kuaiso.a (Engine A)
Object: kuaiso_06045.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: not-a-virus:AdWare.Win32.Kuaiso.a (Engine A)
Object: kw_wl_lyric_036.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Win32:Trojan-gen {Other} (Engine B)
Object: stream data0001
        In archive: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad\M_ayi.exe
        Status: Virus detected
        Virus: Trojan-Downloader.Win32.Agent.anz (Engine A)
Object: M_ayi.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-Downloader.Win32.Agent.anz (Engine A)
Object: QQUpdate.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Win32:Trojan-gen {Delphi} (Engine B)
Object: rjzc139_cns_yassist.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Win32:Adware-gen [Adw] (Engine B)
Object: server.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.QQPass.hn (Engine A)
Object: Setsfc.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.QQPass.z (Engine A)
Object: SoundMan.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.QQPass.z (Engine A)
Object: XBG.exe
        Path: C:\Documents and Settings\Jimmy\桌面\ad[1]\ad\ad
        Status: Virus detected
        Virus: Trojan-PSW.Win32.Delf.py (Engine A)
Analysis complete: 11/4/2007 14:18
    19 files checked
    19 infected files detected
    0 suspected files detected

比06检出率高,小a。。。
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-20 13:19 , Processed in 0.101479 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表