收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 中了下载者逮到的1包!
返回列表 发新帖
查看: 2460|回复: 7
收起左侧

[病毒样本] 中了下载者逮到的1包!

[复制链接]
当空皓月
发表于 2008-1-15 21:26:12 | 显示全部楼层 |阅读模式
前几天试毒忘了开影子系统,中了下载者 ,从本本里逮到的一包,卡巴报67个,红伞报68个,想看看其他杀软报几个。倒,文件太大,传不上来。往qq邮箱里传,马上给链接
已上传到qq邮箱文件中转站,不知道怎么帖链接(记得qq邮箱有这功能),知道的说一下

搞好了 http://exs.mail.qq.com/cgi-bin/downloadfilepart?svrid=16&fid=3601fda57c5dc472b0c1d9b7162666bba000da81bdff5cdb&&txf_fid=02d1ea656642508a3d9e6e9bc0b04bcdde3c5ef2&&txf_sid=3c9ba92b2391ee775789326f29f87e447e35f2ac
提取码提取码:85db1ac5

[ 本帖最后由 futuregj 于 2008-1-15 21:42 编辑 ]
回复

举报

a750828
发表于 2008-1-15 21:37:10 | 显示全部楼层
樣本呢???
鏈接

[ 本帖最后由 a750828 于 2008-1-15 21:39 编辑 ]
回复

举报

Graybird
发表于 2008-1-15 21:51:41 | 显示全部楼层
Starting the file scan:

Begin scan in 'E:\桌面.rar'
E:\桌面.rar
  [0] Archive type: RAR
  --> 11.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 12.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 13.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 15.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnLinGame.jfh
  --> 16.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.67
  --> 17.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.53
  --> 18.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 19.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 2.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 20.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 23.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 24.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.F
  --> 25.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 26.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 27.EXE
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.hfo
  --> 4.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> 7.EXE
      [DETECTION] Is the Trojan horse TR/FWDisable.25525.1
  --> 8.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NHU.3
  --> 9.EXE
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> GJCSDYC.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> GJCSDZC.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> GJFHBYC.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> GJFHBZC.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> GJTMBYC.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> GJTMBZC.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> HAPPY.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> JSQSBYC.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> JSQSBZC.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> JSQXCYC.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> JSQXCZC.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> KAFYMAZ.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> KAFYMZY.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> KAQHMAZ.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnLinGame.jfh
  --> KAQHMZY.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> KVDXSOIS.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> KVDXSOMA.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> NTFS.DLL
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.hfo
  --> NVDISPDRV.DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.67
  --> NVDISPDRV.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.67
  --> QUIT.EXE
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.hfo
  --> RAQJMPI.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> RAQJMTL.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> REHTYG.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.67
  --> RSJZBPM.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.F
  --> RSJZBSP.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.F
  --> RSMYJPM.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> RSMYJSP.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> SMSS.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> SWRCGAC.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> SWRCGZC.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> TT1.EXE
      [DETECTION] Is the Trojan horse TR/PSW.Nilage.bqz
  --> UPXDND.DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.53
  --> UPXDND.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.53
  --> WIN.EXE
      [DETECTION] Is the Trojan horse TR/Dldr.Agen.QT.3
  --> WINFORM.DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nme
  --> WINFORM.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nme
  --> WSMSFAX.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> WSMSFZX.DLL
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> AVPSRV.EXE
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> FORMULARIO_TSE.SCR
      [DETECTION] Is the Trojan horse TR/Spy.Banker.cfo.11
  --> KYSFBNJ.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
  --> WINUPDBC.EXE
      [DETECTION] Is the Trojan horse TR/Spy.Banker.cfo.11
  --> RB.EXE
      [DETECTION] Contains detection pattern of the VBS script virus VBS/Dldr.Psyme.GC.2
  --> SVCH.EXE
      [DETECTION] Is the Trojan horse TR/PSW.Maran.AU
  --> TJ6VIEWER.DLL
      [DETECTION] Is the Trojan horse TR/Drop.Maran.CJ.2
  --> 1.EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nme
  --> 10.EXE
      [DETECTION] Is the Trojan horse TR/WuDisable.B
      [WARNING]   The file was ignored!


End of the scan: 2008年1月15日  21:52
Used time: 00:27 min

The scan has been done completely.

      0 Scanning directories
     68 Files were scanned
     67 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      1 Warnings
      0 Notes
回复

举报

qigang
发表于 2008-1-15 21:59:08 | 显示全部楼层

113/67

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.PSW.Win32.GameOL.lfz
病毒: Trojan.PSW.Win32.GameOL.ldd
病毒: Trojan.PSW.Win32.GameOL.lhj
病毒: Trojan.PSW.Win32.GameOL.lgr
病毒: Trojan.PSW.Win32.GamesOnline.gk
病毒: Trojan.PSW.Win32.GameOL.lfe
病毒: Trojan.PSW.Win32.GameOL.lgl
病毒: Trojan.PSW.Win32.GameOL.lgq
病毒: Trojan.PSW.Win32.JHOnline.fde
病毒: Trojan.PSW.Win32.QQSG.bx
病毒: Trojan.PSW.Win32.GameOL.ldc
病毒: Trojan.PSW.Win32.GameOL.leq
病毒: Trojan.Win32.Undef.biq   
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.GameOL.ibb
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Packer.Win32.VmpPacker.a
病毒: Trojan.Win32.Undef.biq   
病毒: Trojan.PSW.Win32.GameOL.lgf
病毒: Packer.Win32.Mian007.a   
病毒: Trojan.Win32.Agent.zri   
病毒: Trojan.PSW.Win32.GameOL.lfe
病毒: Worm.Mail.Zhelatin.fu   
病毒: Trojan.PSW.Win32.XYOnline.zx
病毒: Trojan.PSW.Win32.XYOnline.zx
病毒: Trojan.Spy.Banker.GEN   
病毒: Worm.Win32.AvKiller.ck   
病毒: Trojan.PSW.Win32.Maran.GEN
病毒: Trojan.PSW.Agent.jak     
病毒: Trojan.PSW.Win32.Maran.cj
病毒: Trojan.PSW.Win32.GameOL.len

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.27.12
回复

举报

wangjay1980
发表于 2008-1-15 22:01:44 | 显示全部楼层
太老 全杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

will
发表于 2008-1-16 10:24:36 | 显示全部楼层
楼主的一包里有67个  除去重复的20个 剩余47个KV2008 15号库杀45个



[ 本帖最后由 yimike 于 2008-1-16 10:27 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

blu_ray
发表于 2008-1-16 12:56:18 | 显示全部楼层
确实太老了,红伞全杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

The EQs
发表于 2008-1-16 13:01:11 | 显示全部楼层

67

C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 11.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 12.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 13.EXE - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 15.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 16.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 17.EXE - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 18.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 19.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 2.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 20.EXE - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 23.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 24.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 25.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 26.EXE - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 27.EXE - a variant of Win32/TrojanDownloader.Small.HLV trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 4.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 7.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 8.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 9.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » GJCSDYC.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » GJCSDZC.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » GJFHBYC.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » GJFHBZC.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » GJTMBYC.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » GJTMBZC.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » HAPPY.EXE - a variant of Win32/PSW.Lineage.ACN trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » JSQSBYC.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » JSQSBZC.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » JSQXCYC.DLL - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » JSQXCZC.EXE - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KAFYMAZ.EXE - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KAFYMZY.DLL - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KAQHMAZ.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KAQHMZY.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KVDXSOIS.EXE - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KVDXSOMA.DLL - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » NTFS.DLL - Win32/TrojanDownloader.Small.HLV trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » NVDISPDRV.DLL - probably a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » NVDISPDRV.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » QUIT.EXE - a variant of Win32/TrojanDownloader.Small.HLV trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RAQJMPI.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RAQJMTL.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » REHTYG.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RSJZBPM.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RSJZBSP.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RSMYJPM.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RSMYJSP.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » SMSS.EXE - probably a variant of Win32/Pacex virus(NewHeur_PE)
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » SWRCGAC.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » SWRCGZC.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » TT1.EXE - a variant of Win32/PSW.OnLineGames.NFF trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » UPXDND.DLL - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » UPXDND.EXE - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » WIN.EXE - Win32/Agent.QT trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » WINFORM.DLL - Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » WINFORM.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » WSMSFAX.EXE - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » WSMSFZX.DLL - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » AVPSRV.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » FORMULARIO_TSE.SCR - probably a variant of Win32/Spy.Banker trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » KYSFBNJ.EXE - probably a variant of Win32/Delf.NDF worm
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » WINUPDBC.EXE - probably a variant of Win32/Spy.Banker trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » RB.EXE - Win32/PSW.Maran trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » SVCH.EXE - Win32/PSW.Maran trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » TJ6VIEWER.DLL - Win32/PSW.Maran.NAD trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 1.EXE - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\����.rar » RAR » 10.EXE - Win32/PSW.OnLineGames.FDY trojan
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2026-4-8 01:16 , Processed in 0.079437 second(s), 4 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表