收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 11个
123下一页
返回列表 发新帖
楼主: 28654621
 收起左侧

[病毒样本] 11个

[复制链接]
spaceplane
发表于 2008-2-29 16:38:42 | 显示全部楼层

回复 5楼 mofunzone 的帖子

哦对,新记数,麻烦
回复

举报

taiw_1144
发表于 2008-2-29 16:50:17 | 显示全部楼层
木马名称:Trojan-PSW.Win32.OLGames.jbo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\CKCLTBLOV.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Rootkit.bgb

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\HHUSPJSP.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OLGames.jbo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\ITBMUWZJ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Small.lpn

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\UPDATE.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OLGames.hiv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y10.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OLGames.iyf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y17.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.QQPass.hru

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y19.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Vaklik.y

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y21.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Vaklik.es

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y5.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OLGames.huj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y6.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

发现未知间谍软件,是否删除?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ATTACHMENT\#$@%1\Y18.EXE
木马程序生成以下文件:
1) C:\WINDOWS\937431M.EXE
2) C:\WINDOWS\937431MM.DLL
是否删除木马程序及其衍生物?
回复

举报

欠妳緈諨
发表于 2008-2-29 17:09:12 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

jpzy
发表于 2008-2-29 17:49:11 | 显示全部楼层
AVG8.0,全灭~~

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ballakay
发表于 2008-2-29 18:22:14 | 显示全部楼层
FS全杀!
Scanning Report
29 February 2008 18:21:45 - 18:21:48
Computer name: PUMA-PC
Scanning type: Scan target
Target: C:\Users\Administrator\Desktop\_$@%1.rar


--------------------------------------------------------------------------------

Result: 11 malware found
Trojan-PSW.Win32.OnLineGames.pgc (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\ckcltblov.exe
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\itbmuwzj.exe
Trojan-PSW.Win32.OnLineGames.pcn (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\hhuspjsp.exe
Trojan-Downloader.Win32.Small.hrp (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\update.exe
Trojan-PSW.Win32.OnLineGames.ocq (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y10.exe
Trojan-PSW.Win32.OnLineGames.omq (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y17.exe
Trojan-PSW.Win32.Lmir.bpv (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y18.exe
Trojan-PSW.Win32.QQPass.atb (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y19.exe
Trojan.Win32.Vaklik.eb (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y21.exe
Trojan.Win32.Vaklik.gi (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y5.exe
Trojan-PSW.Win32.OnLineGames.omm (virus)
C:\Users\Administrator\Desktop\_$@%1.rar\#$@%1\y6.exe




--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 12
Not scanned: 0
Result:
Viruses: 11
Spyware: 0
Suspicious items: 0
Riskware: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspicious items: 0
Disinfected: 0


--------------------------------------------------------------------------------

Options
Definitions version:
Viruses: 2008-02-29_02
Spyware: 2008-02-29_02
Scanning Engines:
F-Secure AVP: 7.00.171, 2008-02-29
F-Secure Libra: 2.04.01, 2008-02-28
F-Secure Orion: 1.02.38, 2008-02-29
F-Secure Draco: 1.00.35, 2008-02-13
Scanning options:
Scan all files
Scan inside archives
Actions:
Viruses: Quarantine and delete
Spyware: Quarantine and delete
回复

举报

hahacomcn
发表于 2008-2-29 19:10:30 | 显示全部楼层
原帖由 mofunzone 于 2008-2-29 14:08 发表
删除文件后,发现全灭了


现在扫完还得去数数~  
回复

举报

allinwonderi
发表于 2008-2-29 19:37:18 | 显示全部楼层
ArcaBit, FP6 not Found.
回复

举报

allinwonderi
发表于 2008-2-29 19:56:54 | 显示全部楼层
刚测时出现错误,修正一下。
 
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Virus\#$@%1.rar->#$@%1\ckcltblov.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Virus\#$@%1.rar->#$@%1\hhuspjsp.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Virus\#$@%1.rar->#$@%1\itbmuwzj.exe->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\update.exe
[Found security risk]         <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y10.exe->(UPack)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y17.exe
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y18.exe
[Found security risk]         <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y19.exe->(UPX)
[Found security risk]         <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y21.exe->(UPack)
[Found security risk]         <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y5.exe->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Virus\#$@%1.rar->#$@%1\y6.exe

---------------------------------------------------------------------
Scan ended:        2008-2-29, 19:54:44
Duration:        0:00:09

Scan result:

Scanned files:                 6
Infected objects:         11
Disinfected objects:         0
Quarantined files:         0
---------------------------------------------------------------------
回复

举报

allinwonderi
发表于 2008-2-29 19:57:42 | 显示全部楼层
[Scanning : C:\Virus]


C:\Virus\#$@%1.rar<RAR>:hhuspjsp.exe<UPack>:hhuspjsp.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Pda : No action
C:\Virus\#$@%1.rar<RAR>:update.exe <- Trojan.Downloader.Small.Hrp : No action
C:\Virus\#$@%1.rar<RAR>:update.exe<UPack>:update.exe<DLLRES>:res0.exe <- Trojan.Downloader.Agent.Hig : No action
C:\Virus\#$@%1.rar<RAR>:y10.exe<UPack>:y10.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Ocu : No action
C:\Virus\#$@%1.rar<RAR>:y17.exe <- Trojan.Psw.Onlinegames.Omq : No action
C:\Virus\#$@%1.rar<RAR>:y17.exe<UPack>:y17.exe<DLLRES>:ABCDE0.exe <- Trojan.Psw.Onlinegames.Olx : No action
C:\Virus\#$@%1.rar<RAR>:y18.exe <- Trojan.Psw.Lmir.Bpv : No action
C:\Virus\#$@%1.rar<RAR>:y18.exe<UPack>:y18.exe<DLLRES>:J9996660.exe <- Trojan.Psw.Onlinegames.Oqu : No action
C:\Virus\#$@%1.rar<RAR>:y19.exe <- Trojan.Psw.Qqpass.Atb : No action
C:\Virus\#$@%1.rar<RAR>:y19.exe<UPX>:y19.exe<DLLRES>:FILE0.exe <- Trojan.Psw.Qqpass.Ass : No action
C:\Virus\#$@%1.rar<RAR>:y21.exe<UPack>:y21.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Oqy : No action
C:\Virus\#$@%1.rar<RAR>:y5.exe<UPack>:y5.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Ppm : No action
C:\Virus\#$@%1.rar<RAR>:y6.exe<UPack>:y6.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Omm : No action



Scanned objects : 38

Infected objects : 13
回复

举报

Palkia
发表于 2008-2-29 20:22:43 | 显示全部楼层

11

C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\ckcltblov.exe - Win32/PSW.OnLineGames.NLY 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\hhuspjsp.exe - Win32/PSW.OnLineGames.NMF 特洛伊木马
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\itbmuwzj.exe - Win32/PSW.OnLineGames.NLY 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\update.exe - Win32/TrojanDownloader.Small.HLV 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y10.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y17.exe - 可能是 Win32/PSW.WOW.WU 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y18.exe - Win32/PSW.WOW.WU 特洛伊木马
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y19.exe - 可能是 Win32/Genetik 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y21.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y5.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\#$@%1.rar > RAR > #$@%1\y6.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马 的变种
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-12-17 10:47 , Processed in 0.068452 second(s), 3 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表