收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 eset报25
123下一页
返回列表 发新帖
查看: 3835|回复: 21
收起左侧

[病毒样本] eset报25

[复制链接]
kp2006
头像被屏蔽
发表于 2007-11-10 12:17:37 | 显示全部楼层 |阅读模式
快杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

mofunzone
发表于 2007-11-10 12:26:55 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\桌面.rar'
C:\Users\morgan\Documents\
  桌面.rar
    [0] Archive type: RAR
    --> temp.exe
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 18.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> m1[1].eXE
        [DETECTION] Is the Trojan horse TR/Autorun.BK
        [WARNING]   Infected files in archives cannot be repaired!
    --> S168[1].exe
        [DETECTION] Is the Trojan horse TR/Autorun.BK
        [WARNING]   Infected files in archives cannot be repaired!
    --> OnlO0r.bak
        [DETECTION] Is the Trojan horse TR/Autorun.BK
        [WARNING]   Infected files in archives cannot be repaired!
    --> jz2007.bmp
        [DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 55550.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> cqdoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> zxdoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> wodoor0.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.emj
        [WARNING]   Infected files in archives cannot be repaired!
    --> wgdoor0.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.emi
        [WARNING]   Infected files in archives cannot be repaired!
    --> wddoor0.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.emh
        [WARNING]   Infected files in archives cannot be repaired!
    --> tldoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> rxdoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> qqdoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> qhdoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> mydoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> mhdoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> fydoor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> dh3oor0.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> dadoor0.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.emc
        [WARNING]   Infected files in archives cannot be repaired!
    --> NODA6.tmp
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> svchost.exe
        [DETECTION] Is the Trojan horse TR/Autorun.BK
        [WARNING]   Infected files in archives cannot be repaired!
    --> fjOs0r.dll
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> OnlO0r.dll
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      The file was deleted!


End of the scan: 2007年11月9日  20:26
Used time: 00:05 min

The scan has been done completely.

      0 Scanning directories
     26 Files were scanned
     10 viruses and/or unwanted programs were found
     15 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     16 Files not concerned
      1 Archives were scanned
     25 Warnings
      0 Notes
回复

举报

458506
发表于 2007-11-10 12:27:31 | 显示全部楼层
发现病毒: Win32.Pathed.Downloader.A, Generic.PWS.Games.2.6CA232B5, Trojan.PWS.Delf.IFD (4x), Exploit.Win32.MS05-002.Gen, Generic.Onlinegames.3.C9A67557, Generic.Onlinegames.3.0B936DD4, Generic.Onlinegames.3.1C67C3EE, DeepScan:Generic.PWS.Games.1.59BC2CED, Generic.Onlinegames.3.73F63AD7, Generic.Onlinegames.3.74697175, Generic.Onlinegames.3.61114059, Generic.Malware.SPWS.E2F0DFA0, Generic.Onlinegames.3.7F8DF0B4, Generic.Malware.SPWS.8FA03C6B, Generic.PWS.Games.1.58C0495E, Generic.PWS.Games.1.E5ED7C8A, Generic.Malware.SgPWS.51697977, Generic.Malware.SgPWS.07F02960, Trojan.PWS.Delf.IGL (3x)

下载网页内容时, 发现病毒.

地址: bbs.kafan.cn
回复

举报

IllusionWing
发表于 2007-11-10 12:28:49 | 显示全部楼层
.....又少一个

UGuard Log (Digital Fox - gankeyu@126.com)
UGuarduu.exe = 4.5.0
HC0.rlb = 3.0.0
HC2.rlb = 2.4.0
FN0.rlb = 2.3.1
扫描选项:扫描档案, 扩展, 忽略非活动, 忽略大文件, nFile, BAT模拟, 捆绑检测, 变形壳, 启发,
[扫描] [捆绑检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\18.exe//Crypt1 检测到 Generic.Binder
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\55550.dll 检测到 Generic.OperationOfSEH
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\cqdoor0.dll 检测到 Generic.OperationOfSEH
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\dadoor0.dll 检测到 Generic.OperationOfSEH
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\dh3oor0.dll 检测到 Generic.OperationOfSEH
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\fjOs0r.dll 检测到 Generic.nFile
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\fydoor0.dll 检测到 Packed.Generic.sModified
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\m1[1].eXE 检测到 Packed.Generic.UPX.Modified.1
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\mhdoor0.dll 检测到 Generic.OperationOfSEH
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\mydoor0.dll 检测到 Packed.Generic.sModified
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\NODA6.tmp 检测到 Risk.HookTool.b
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\OnlO0r.bak 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\OnlO0r.dll 检测到 Generic.nFile
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\qhdoor0.dll 检测到 Generic.OperationOfSEH
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\qqdoor0.dll 检测到 Packed.Generic.sModified
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\rxdoor0.dll 检测到 Generic.OperationOfSEH
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\S168[1].exe 检测到 Packed.Generic.UPX.Modified.1
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\svchost.exe 检测到 Packed.Generic.UPX.Modified.1
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\temp.exe 检测到 Packed.Generic.UPX.Modified.2
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\tldoor0.dll//Crypt1 检测到 Generic.OperationOfSEH
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\wddoor0.dll 检测到 Packed.Generic.sModified
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\wgdoor0.dll 检测到 Packed.Generic.sModified
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\wodoor0.dll 检测到 Generic.OperationOfSEH
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\zxdoor0.dll 检测到 Generic.OperationOfSEH
检测到了 23 个未知的恶意程序,请上报。
任务 扫描 完成。共耗费的时间:0-00-00 00:00:00:0281,共扫描的文件数量:27,共扫描到的威胁数量:24,威胁率:88.89%,扫描速率: 96.09 文件/秒,扫描速度: 2008.98 千字节/秒,共扫描了 564.52 千字节。
回复

举报

FBAV
发表于 2007-11-10 12:44:30 | 显示全部楼层

少两个……

MicroVita AntiSpyware 100 C
_____________________________________________
                                          
             风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]                  
                   http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\18.exe]
                    …………发现Spy!报告:[1] Win32.NkHack.MicroJoiner[6] 注入者[8] HOOK者
文件信息:  大小:22016  MD5:6dc13d07d214f56619e658d837f20c28

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\m1[1].eXE]
                    …………发现Spy!报告:[2]
文件信息:  大小:29231  MD5:d4c26da5ffec8e1c479de08090f69810

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\S168[1].exe]
                    …………发现Spy!报告:[2]
文件信息:  大小:29231  MD5:d4c26da5ffec8e1c479de08090f69810

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\OnlO0r.bak]
                    …………发现Spy!报告: [4] [2]
文件信息:  大小:29231  MD5:d4c26da5ffec8e1c479de08090f69810

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\55550.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:17408  MD5:d078b0e5af27bd3fdfdb7ed75f23b45a

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\cqdoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:16896  MD5:663771e632d58203c38e1c281b5d73d5

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\zxdoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:22528  MD5:58b64638cd5238a242aa3da38ae0a7e8

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\wodoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:26112  MD5:b179929fa2d8e1685554cc9be55fc7b3

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\wgdoor0.dll]
                    …………发现Spy!报告:[2] [6] 注入者[8] HOOK者
文件信息:  大小:24064  MD5:3d80b2106d4d5b333471dd7bb25ea255

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\wddoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:15872  MD5:87433d5e46382436848a23b45ae7fd3e

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\tldoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:15360  MD5:50afb80b719fdfc6bee2cf23ad63c3b7

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\rxdoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:15872  MD5:872c9ed2aa3857c9397e3e884d8263c7

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\qqdoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:15872  MD5:3ee16518e83903d520605eb9bafd6063

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\qhdoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:15872  MD5:02ef86f4fcedd23a0efc2bd09f5172a1

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\mydoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:17920  MD5:ab33399400e70aa29d87623aea95c6b9

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\mhdoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:14848  MD5:6dd383351c0ced3f4cf22bc51cda9462

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\fydoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:13312  MD5:e76bc4020f0340c2fe6abd725bdd8481

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\dh3oor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:15360  MD5:4d28e010062eae4b0664a0878cc422ea

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\dadoor0.dll]
                    …………发现Spy!报告:[6] 注入者[8] HOOK者
文件信息:  大小:14336  MD5:44aa674d04dc698e55dfeceda2aa8215

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\NODA6.tmp]
                    …………发现Spy!报告:[8] HOOK者
文件信息:  大小:35887  MD5:5e6c04cd91faa2788b5a3278ea9403e3

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\svchost.exe]
                    …………发现Spy!报告:[2]
文件信息:  大小:29231  MD5:d4c26da5ffec8e1c479de08090f69810

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\fjOs0r.dll]
                    …………发现Spy!报告: [4] [8] HOOK者
文件信息:  大小:35887  MD5:5e6c04cd91faa2788b5a3278ea9403e3

[C:\Documents and Settings\Administrator\桌面\Virus\eset报25\OnlO0r.dll]
                    …………发现Spy!报告: [4] [8] HOOK者
文件信息:  大小:35887  MD5:5e6c04cd91faa2788b5a3278ea9403e3

文件数:25   病毒数:23  比重:0.92
OK  扫描完毕!
  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎   
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-11-10 12:46 编辑 ]
回复

举报

perfectycb
发表于 2007-11-10 12:48:19 | 显示全部楼层
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » temp.exe - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » 18.exe - a variant of Win32/PSW.OnLineGames.NFN trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » m1[1].eXE - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » S168[1].exe - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » OnlO0r.bak - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » jz2007.bmp - a variant of Win32/TrojanDownloader.Ani.Gen trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » 55550.dll - probably a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » cqdoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » zxdoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » wodoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » wgdoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » wddoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » tldoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » rxdoor0.dll - probably a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » qqdoor0.dll - probably a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » qhdoor0.dll - probably a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » mydoor0.dll - probably a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » mhdoor0.dll - a variant of Win32/PSW.OnLineGames.NFN trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » fydoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » dh3oor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » dadoor0.dll - a variant of Win32/PSW.OnLineGames.NFO trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » NODA6.tmp - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » svchost.exe - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » fjOs0r.dll - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Administrator\桌面\桌面.rar » RAR » OnlO0r.dll - probably a variant of Win32/PSW.OnLineGames.NBR trojan
回复

举报

IllusionWing
发表于 2007-11-10 13:11:09 | 显示全部楼层
WorkOnStudio v1.1

文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\18.exe , UGuard : Generic.Binder , Vita : [1] Win32.NkHack.MicroJoiner[6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\55550.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\cqdoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\dadoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\dh3oor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\fjOs0r.dll , UGuard : Generic.nFile , Vita : [4] [8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\fydoor0.dll , UGuard : Packed.Generic.sModified , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\m1[1].eXE , UGuard : Packed.Generic.UPX.Modified.1 , Vita : [2] , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\mhdoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\mydoor0.dll , UGuard : Packed.Generic.sModified , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\NODA6.tmp , UGuard : Risk.HookTool.b , Vita : [8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\OnlO0r.bak , UGuard : Generic.nFile , Vita : [4] [2] , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\OnlO0r.dll , UGuard : Generic.nFile , Vita : [4] [8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\qhdoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\qqdoor0.dll , UGuard : Packed.Generic.sModified , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\rxdoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\S168[1].exe , UGuard : Packed.Generic.UPX.Modified.1 , Vita : [2] , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\svchost.exe , UGuard : Packed.Generic.UPX.Modified.1 , Vita : [2] , 凝逸 : 没有发现病毒 , 卡巴斯基 : 木马程序 Trojan-PSW.Win32.Delf.age
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\tldoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\wddoor0.dll , UGuard : Packed.Generic.sModified , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\wgdoor0.dll , UGuard : Packed.Generic.sModified , Vita : [2] [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\wodoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\zxdoor0.dll , UGuard : Generic.OperationOfSEH , Vita : [6] 注入者[8] HOOK者 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 没有发现病毒
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\temp.exe , UGuard : Packed.Generic.UPX.Modified.2 , Vita : 没有发现病毒 , 凝逸 : 没有发现病毒 , 卡巴斯基 : 病毒 Virus.Win32.Downloader.q
文件路径 : C:\Documents and Settings\Administrator\桌面\Virus\YB\jz2007.bmp , UGuard : 没有发现病毒 , Vita : 没有发现病毒 , 凝逸 : ani漏洞(必杀) , 卡巴斯基 : 恶意程序 Exploit.Win32.IMG-ANI.ac
回复

举报

FBAV
发表于 2007-11-10 13:13:38 | 显示全部楼层
上楼需要我的CMD版吗?
回复

举报

Nerazzurri
发表于 2007-11-10 13:50:14 | 显示全部楼层

卡巴杀9个 其余16个已解决

Hello,

18.exe_, qqdoor0.dll - Trojan-PSW.Win32.QQPass.alg,
55550.dll - Trojan-PSW.Win32.OnLineGames.hiz,
cqdoor0.dll - Trojan-PSW.Win32.OnLineGames.hja,
dadoor0.dll - Trojan-PSW.Win32.OnLineGames.hjb,
dh3oor0.dll - Trojan-PSW.Win32.OnLineGames.hjc,
fydoor0.dll - Trojan-PSW.Win32.OnLineGames.hjd,
mhdoor0.dll - Trojan-PSW.Win32.OnLineGames.hje,
mydoor0.dll - Trojan-PSW.Win32.OnLineGames.hjf,
qhdoor0.dll - Trojan-PSW.Win32.OnLineGames.hjg,
rxdoor0.dll - Trojan-PSW.Win32.OnLineGames.hjh,
tldoor0.dll - Trojan-PSW.Win32.OnLineGames.hji,
wddoor0.dll - Trojan-PSW.Win32.OnLineGames.hjj,
wgdoor0.dll - Trojan-Downloader.Win32.Agent.ezl,
wodoor0.dll - Trojan-PSW.Win32.OnLineGames.hjk,
zxdoor0.dll - Trojan-PSW.Win32.OnLineGames.hjl

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Namestnikov Yury
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.
回复

举报

kkgh
发表于 2007-11-10 13:57:21 | 显示全部楼层
瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Win32.Loader.c           
病毒: Trojan.PSW.Win32.GameOnline.yh
病毒: Hack.SuspiciousAni      
病毒: Trojan.PSW.Win32.GameOnline.ym
病毒: Trojan.PSW.Win32.Shanda.at
病毒: Trojan.PSW.Win32.WLOnline.jjp
病毒: Trojan.PSW.Win32.GameOnline.yl
病毒: Trojan.PSW.Win32.GameOnline.yk
病毒: Trojan.PSW.Win32.AskTao.ei
病毒: Trojan.PSW.Win32.GameOnline.yj
病毒: Trojan.PSW.Win32.GameOnline.yi
病毒: Trojan.PSW.Win32.GameOnline.yh
病毒: Trojan.PSW.Win32.GameOnline.yf
病毒: Trojan.PSW.Win32.RocOnline.hl
病毒: Trojan.PSW.Win32.WsGame.bf
病毒: Trojan.PSW.Win32.GameOnline.ye
病毒: Trojan.PSW.Win32.XYOnline.rg

用户来源:互联网

软件版本:20.17.50
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-18 05:55 , Processed in 0.126667 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表