收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 26
12
返回列表 发新帖
楼主: sam.to
 收起左侧

[病毒样本] 26

[复制链接]
yangpizhi
发表于 2008-4-20 21:44:16 | 显示全部楼层
FP挂6个
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\virus\26.rar->explorer.exe2->(UPack)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->2.exe3->(FSG)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\virus\26.rar->1.exe2->(UPack)
[Clean]        C:\virus\26.rar->mfchlp32.dll
[Found possible security risk]         <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\virus\26.rar->zaehddul.dll
[Found possible security risk]         <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\virus\26.rar->LotusHlp.dll
[Clean]        C:\virus\26.rar->fmsbbqi.dll
[Found possible security risk]         <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\virus\26.rar->Kvsc3.dll
[Clean]        C:\virus\26.rar->MsIMMs32.dll
[Clean]        C:\virus\26.rar->msccrt.dll
[Clean]        C:\virus\26.rar->cmdbcs.dll
[Clean]        C:\virus\26.rar->upxdnd.dll
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->8.exe2
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\virus\26.rar->7.exe3->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\virus\26.rar->5.exe3->(UPack)
[Clean]        C:\virus\26.rar->6.exe3->(UPX)
[Found possible virus]         <W32/NewMalware-Rootkit-PX-based!Maximus (not disinfectable)>        C:\virus\26.rar->6.exe3
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\virus\26.rar->4.exe3->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\virus\26.rar->3.exe3->(embedded)->(UPack)
[Found possible security risk]         <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\virus\26.rar->knhmtlvh.exe2->(UPX)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->mfchlp32.exe2->(FSG)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->LotusHlp.exe2
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->fmsbbqi.exe2->(FSG)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->Kvsc3.exE2
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->MsIMMs32.exE1
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\virus\26.rar->msccrt.exe1
[Found possible security risk]         <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\virus\26.rar->cmdbcs.exe2->(UPX)
[Contains infected objects]        C:\virus\26.rar
[Quarantined]        C:\virus\26.rar->cmdbcs.exe2->(UPX)
回复

举报

HC303
发表于 2008-4-20 21:54:27 | 显示全部楼层
全灭
Begin scan in 'E:\Virus Test\26'
E:\Virus Test\26\1.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\2.exe3
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\3.exe3
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.Agent.agp
      --> Object
          [DETECTION] Contains detection pattern of the rootkit RKIT/OnLineGames.C.1
      [NOTE]      The file was deleted!
E:\Virus Test\26\4.exe3
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\5.exe3
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zjk
      [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\6.exe3
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Contains detection pattern of the rootkit RKIT/OnLineGames.C.2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\7.exe3
    --> Object
      [1] Archive type: RSRC
      --> Object
        --> Object
          [3] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aayo
      [NOTE]      The file was deleted!
E:\Virus Test\26\8.exe2
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '48704aae.qua'!
E:\Virus Test\26\cmdbcs.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\cmdbcs.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\explorer.exe2
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\fmsbbqi.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.29
      [NOTE]      The file was deleted!
E:\Virus Test\26\fmsbbqi.exe2
      [DETECTION] Is the Trojan horse TR/PSW.16701
      [NOTE]      The file was deleted!
E:\Virus Test\26\knhmtlvh.exe2
      [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
      [NOTE]      The file was deleted!
E:\Virus Test\26\Kvsc3.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.15
      [NOTE]      The file was deleted!
E:\Virus Test\26\Kvsc3.exE2
      [DETECTION] Is the Trojan horse TR/PSW.18789
      [NOTE]      The file was deleted!
E:\Virus Test\26\LotusHlp.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\LotusHlp.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\mfchlp32.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.33
      [NOTE]      The file was deleted!
E:\Virus Test\26\mfchlp32.exe2
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aayv
      [NOTE]      The file was deleted!
E:\Virus Test\26\msccrt.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.30
      [NOTE]      The file was deleted!
E:\Virus Test\26\msccrt.exe1
      [DETECTION] Is the Trojan horse TR/PSW.16161
      [NOTE]      The file was deleted!
E:\Virus Test\26\MsIMMs32.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\MsIMMs32.exE1
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\upxdnd.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
E:\Virus Test\26\zaehddul.dll
      [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
      [NOTE]      The file was deleted!
回复

举报

梦想奇迹
发表于 2008-4-20 22:16:15 | 显示全部楼层
小红伞全干掉
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-5 01:02 , Processed in 0.094854 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表