收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 48 有些可能不是
12
返回列表 发新帖
楼主: qianwenxiang
 收起左侧

[病毒样本] 48 有些可能不是

[复制链接]
jimmyleo
发表于 2008-1-17 09:18:42 | 显示全部楼层
avz 6


D:\Download\Scan\2temp.exe - Suspicion for Virus.Win32.PE_Type1(dangerousness level is 75%)
D:\Download\Scan\AlxRes070826.exe - Suspicion for Virus.Win32.PE_Type1(dangerousness level is 75%)
D:\Download\Scan\crsss.exe >>>>> Trojan-Downloader.Win32.Delf.bny  deletion disabled by settings
D:\Download\Scan\ldcore.dll >>> suspicion for Trojan-Downloader.Win32.Small.dxm ( 0ADC734E 07DE5794 0009F7C5 00000000 6689)
D:\Download\Scan\rdshost32.exe - Suspicion for Virus.Win32.PE_Type1(dangerousness level is 75%)
D:\Download\Scan\scrsys070826.scr - Suspicion for Virus.Win32.PE_Type1(dangerousness level is 75%)
D:\Download\Scan\soundmix.exe >>> suspicion for Trojan.Win32.Agent.aec ( 089435C9 064A7ACE 001B47EB 001EA6B4 16896)
D:\Download\Scan\wxptdi.sys >>>>> Worm.Win32.Downloader.dv  deletion disabled by settings
D:\Download\Scan\~2_tmp.exe >>>>> Trojan-Downloader.Win32.Zlob.fee  deletion disabled by settings
D:\Download\Scan\~3_tmp.exe >>>>> Trojan-Downloader.Win32.Adload.op  deletion disabled by settings
回复

举报

啊弥陀佛
发表于 2008-1-17 09:55:39 | 显示全部楼层
木马名称:Trojan-Downloader.Win32.Delf.imh
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\CALC.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Delf.imi
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\FREEBSD.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Zlob.daw
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\NOTEPAD.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

病毒名称:Virus.Win32.Xorer.du
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\SETUP.EXE.VIR
是病毒程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Backdoor.Win32.Agent.eku
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\1TEMP.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.Genetik.buu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\2TEMP.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.Genetik.buu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\ALXRES070826.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Backdoor.Win32.Agent.ekx
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\AT1.810810.ORG.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Backdoor.Win32.Agent.eku
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\AT1.810810.ORG.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

蠕虫名称:Worm.Win32.AutoRun.e
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\CRSSS.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Clicker.Win32.VB.afh
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\GDISVC.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Small.lfq
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\LDCORE.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.Genetik.buu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\SCRSYS070826.SCR
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Spy.Win32.Agent.bqm
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\SCRSYS16_070826.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.Agent.dvs
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\SOUNDMIX.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Spy.Win32.Agent.bqm
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\WINSYS16_070826.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Delf.imh
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\KDHKS.EXE.VIR
是木马程序!
已成功阻止其运行,是否要删除此文件?

病毒名称:Virus.Win32.Xorer.du
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\000.CFG0.VIR
是病毒程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.gfw
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\ANTITOOL.EXE.3702718.VIR
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.gfw
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\ANTITOOL.EXE.VIR
是木马程序!
已成功阻止其运行,是否要删除此文件?

病毒名称:Virus.Win32.Xorer.du
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\0116[1]\LSASS.EXE
是病毒程序!
已成功阻止其运行,是否要删除此文件?

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ballakay
发表于 2008-1-17 12:30:43 | 显示全部楼层
Scanning Report
17 January 2008 12:30:07 - 12:30:17
Computer name: PUMA-PC
Scanning type: Scan target
Target: C:\Users\Administrator\Desktop\Desktop.rar


--------------------------------------------------------------------------------

Result: 38 malware found
Virus.Win32.Xorer.dr (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\000.cfg0.VIR
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\Setup.exe.VIR
C:\Users\Administrator\Desktop\Desktop.rar\0116.part4.rar\lsass.exe
Trojan-PSW.Win32.OnLineGames.mix (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\AntiTool.exe.3702718.VIR
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\AntiTool.exe.VIR
AdWare.Win32.MyTool.e (adware)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\tb_ietoolbar_20_web.zip.VIR\ietoolbar.exe
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\tb_ietoolbar_20_web.zip.VIR\tb_ietoolbar_20_instcount.exe
C:\Users\Administrator\Desktop\Desktop.rar\0116.part2.rar\ietoolbar.exe.VIR
AdWare.Win32.MyTool.k (adware)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\tb_ietoolbar_20_web.zip.VIR\tb_ietoolbar_20.dll
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\tb_ietoolbar_20.dll
Virus.Win32.Xorer.dp (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\dnsq.dll
Trojan-Downloader.Win32.Agent.hjg (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\alg.exe
Virus.Win32.Xorer.dd (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\netcfg.000
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\netcfg.dll
Virus.Win32.Xorer.df (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part3.rar\smss.exe
Trojan.Win32.DNSChanger.apn (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\calc.exe
Trojan.Win32.DNSChanger.apo (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\freebsd.exe
Trojan.Win32.DNSChanger.aud (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\notepad.exe
AdWare.Win32.NaviPromo.ce (adware)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\NSIS_Install_igb.exe.VIR
Backdoor.Win32.Agent.bms (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\1temp.exe
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\at1.810810.org.dll
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\at1.810810.org.exe
Trojan-Spy.Win32.Agent.um (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\2temp.exe
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\AlxRes070826.exe
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\scrsys070826.scr
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\scrsys16_070826.dll
C:\Users\Administrator\Desktop\Desktop.rar\0116.part2.rar\winsys16_070826.dll
Trojan-Downloader.Win32.Delf.bny (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\crsss.exe
Trojan.Win32.VB.boj (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\gdisvc.exe
Trojan-Downloader.Win32.Small.dxm (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\ldcore.dll
Trojan-Downloader.Win32.Adload.op (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\ONOGUMOBOUN
C:\Users\Administrator\Desktop\Desktop.rar\0116.part2.rar\~3_tmp.exe
Trojan-Spy.Win32.Bancos.zm (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\rdshost32.exe
Trojan.Win32.Agent.aec (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part1.rar\soundmix.exe
Trojan-Downloader.Win32.Zlob.fee (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part4.rar\~2_tmp.exe
Trojan-Spy.Win32.Agent.bao (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part2.rar\winsys32_070826.dll
Trojan-Spy.Win32.Banker.cfo (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part2.rar\winupdbc.exe
Worm.Win32.Downloader.dv (virus)
C:\Users\Administrator\Desktop\Desktop.rar\0116.part2.rar\wxptdi.sys




--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 62
Not scanned: 0
Result:
Viruses: 32
Spyware: 6
Suspicious items: 0
Riskware: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspicious items: 0
Disinfected: 0
回复

举报

wangjay1980
发表于 2008-1-17 15:07:59 | 显示全部楼层
Hello,

.6866266.exe_, pack.epk.VIR

These files are corrupted.

Autorun.inf.VIR, BasePro.dll, CF06674C-EDA6-48df-B12C-F810984ACF54.exe_, pthreadVC.dll, SrchPlug.dll, Update.dll

No malicious code were found in these files.

dnsq.dll - Virus.Win32.Xorer.dp,
notepad.exe_ - Trojan.Win32.DNSChanger.aud,
ONOGUMOBOUN, windivx.dll - Trojan-Downloader.Win32.Adload.op

These files are already detected. Please update your antivirus bases.

Hide.dll - Trojan.Win32.HideProc.k

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

tb_ietoolbar_20.dll, tb_ietoolbar_20_web.zip.VIR - not-a-virus:AdWare.Win32.MyTool.k

These files are Advertizing Tools, they are detected by
extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates

Please quote all when answering.
回复

举报

will
发表于 2008-1-17 16:13:15 | 显示全部楼层

KV2008杀30个…

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-24 18:32 , Processed in 0.112644 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表