收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 病毒一大包
12下一页
返回列表 发新帖
查看: 4040|回复: 19
收起左侧

[病毒样本] 病毒一大包

[复制链接]
chabosh
发表于 2008-4-29 21:21:53 | 显示全部楼层 |阅读模式
病毒一大包
安了那么多杀病毒毒软件,照样中毒!
这是实际的病毒样本

[ 本帖最后由 chabosh 于 2008-4-29 21:43 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

allinwonderi
发表于 2008-4-29 21:23:07 | 显示全部楼层
Samples
回复

举报

gho
发表于 2008-4-29 21:25:48 | 显示全部楼层
同问sample?
回复

举报

wangjay1980
发表于 2008-4-29 21:31:45 | 显示全部楼层
TO KL

Hello,

aaaamon.dll, QQGAME1.vbs_, SYSTEM128.vxd

No malicious code were found in these files.

dqBAIBAI1066.dll, xia14.exe_ - Trojan-PSW.Win32.OnLineGames.ackj,
dqDABDAB1067.dll - Trojan-PSW.Win32.OnLineGames.ackk,
dqKAFKAF1066.dll - Trojan-PSW.Win32.OnLineGames.ackl,
dqMYSMYS1045.dll - Trojan-PSW.Win32.OnLineGames.ackm,
dqQACQAC1041.dll, dqQACQAC1041.exe_ - Trojan-PSW.Win32.OnLineGames.ackn,
js0[1].exe_ - Trojan-PSW.Win32.OnLineGames.ackt,
js10[1].exe_ - Trojan-PSW.Win32.OnLineGames.acko,
js11[1].exe_ - Trojan-PSW.Win32.OnLineGames.ackp,
js14[1].exe_ - Trojan-PSW.Win32.OnLineGames.acks,
js25[1].exe_ - Trojan-PSW.Win32.OnLineGames.ackq,
js9[1].exe_ - Trojan-PSW.Win32.OnLineGames.ackr,
mm[1].exe_, ~~.exe_ - Trojan-Downloader.Win32.Losabel.io

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Nt_Win32.Jmp, Sy_Win7k.Jmp

These files are corrupted.

Please quote all when answering.

--
Best regards, Evgeny Aseev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

> Attachment: dudu.zip[:1:]

[ 本帖最后由 wangjay1980 于 2008-4-29 23:12 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

njdzhan
发表于 2008-4-29 21:34:12 | 显示全部楼层
sample是啥意思?
回复

举报

qigang
发表于 2008-4-29 21:37:00 | 显示全部楼层

224/77

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.PSW.Win32.GamesOnline.ua
病毒: Worm.Win32.PaBug.gfe     
病毒: Trojan.PSW.Win32.GameOL.nee
病毒: Trojan.PSW.Win32.GameOL.ngk
病毒: Trojan.PSW.Win32.GameOL.nav
病毒: Trojan.PSW.Win32.GameOL.ndz
病毒: Packer.Win32.Upack.a     
病毒: Trojan.PSW.Win32.GameOL.neh
病毒: Trojan.PSW.Win32.GameOL.nei
病毒: Trojan.PSW.Win32.GameOL.nga
病毒: Trojan.PSW.Win32.GameOL.nhq
病毒: Trojan.PSW.Win32.GameOL.nhb
病毒: Suspicious.Trojan.Win32.DelSelf.a
病毒: Trojan.PSW.Win32.XYOnline.adg
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.XYOnline.adg
病毒: Trojan.PSW.Win32.QQHX.twl
病毒: Trojan.PSW.Win32.GameOL.nfl
病毒: Trojan.PSW.Win32.SunGame.m
病毒: Trojan.PSW.Win32.GamesOnline.uf
病毒: Trojan.PSW.Win32.TLOnline.jls
病毒: Trojan.PSW.Win32.WoWar.apa
病毒: Trojan.PSW.Win32.GameOL.nfp
病毒: Worm.Win32.PaBug.gfg     
病毒: Trojan.PSW.Win32.GameOL.nfy
病毒: Trojan.PSW.Win32.GameOnlines.h
病毒: Trojan.PSW.Win32.GameOL.nds
病毒: Trojan.PSW.Win32.GameOL.mnt
病毒: Trojan.PSW.Win32.GameOL.nex
病毒: RootKit.Win32.Mnless.jz  
病毒: Trojan.PSW.Win32.RocOnline.kv
病毒: Trojan.PSW.Win32.RocOnline.kq
病毒: Trojan.PSW.Win32.GameOL.ndm
病毒: Trojan.PSW.Win32.GameOL.ncv
病毒: Trojan.PSW.Win32.GameOL.nfn
病毒: Trojan.PSW.Win32.XYOnline.adh
病毒: Trojan.PSW.Win32.GameOL.nen

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.42.12
回复

举报

hellobaby
发表于 2008-4-29 21:38:54 | 显示全部楼层
RS:237/89

[ 本帖最后由 hellobaby 于 2008-4-29 21:55 编辑 ]
回复

举报

allinwonderi
发表于 2008-4-29 21:39:40 | 显示全部楼层
[Scanning : C:\Documents and Settings\All Users\Documents\Test]


C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:fiosectc.exe<FSG>:fiosectc.exe <- Trojan.Psw.Onlinegames.Abtq : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:fmsjhif.exe <- Trojan.Psw.Onlinegames.Acbx : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:fmsjhif.exe<FSG>:fmsjhif.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Ybx : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:LotusHlp.exe<UPX>:LotusHlp.exe <- Trojan.Psw.Onlinegames.Abci : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:LotusHlp.exe<UPX>:LotusHlp.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abhj : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:mfchlp64.exe<FSG>:mfchlp64.exe <- Trojan.Psw.Onlinegames.Abum : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:mfchlp64.exe<FSG>:mfchlp64.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abxm : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:bincdwsa.exe<FSG>:bincdwsa.exe <- Trojan.Psw.Onlinegames.Abtp : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:bincdwsa.exe<FSG>:bincdwsa.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Xzy : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dbhlp32.exe<FSG>:dbhlp32.exe <- Trojan.Psw.Onlinegames.Abtl : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dbhlp32.exe<FSG>:dbhlp32.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abtl : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dionpis.exe <- Trojan.Psw.Onlinegames.Acby : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dionpis.exe<FSG>:dionpis.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Acbs : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:ntldr.exe<UPack>:ntldr.exe <- Worm.Anilogo.f : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dqSADSAD1040.exe <- Trojan.Psw.Onlinegames.Acfs : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dqHADHAD1066.exe <- Trojan.Psw.Onlinegames.Xzp : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dqKAFKAF1066.exe <- Trojan.Psw.Onlinegames.Xzu : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dqMYSMYS1045.exe <- Trojan.Psw.Onlinegames.Xzu : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:xia28.exe <- Trojan.Psw.Onlinegames.Xyz : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:xia3.exe <- Trojan.Psw.Qqpass.Bsi : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:xia3.exe<UPX>:xia3.exe<DLLRES>:FILE0.exe <- Trojan.Psw.Qqpass.Bsj : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:xia10.exe <- Trojan.Psw.Onlinegames.Xyz : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:zaztamsn.exe<UPack>:zaztamsn.exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Absk : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:zscqahlp.exe<UPack>:zscqahlp.exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Abws : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar<RAR>:dqBAIBAI1063.dll <- Trojan.Psw.Onlinegames.Xzn : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:dqHADHAD1066.dll <- Trojan.Psw.Onlinegames.Accf : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:DXDLG.EXE<UPack>:DXDLG.EXE <- Trojan.Psw.Onlinegames.Abhd : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:DXDLG.EXE<UPack>:DXDLG.EXE<DLLRES>:D3D9_32.DLL0.exe<UPack>:D3D9_32.DLL0.exe <- Trojan.Psw.Onlinegames.Abhf : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:DXDLG.EXE<UPack>:DXDLG.EXE<DLLRES>:D3D9_64.DLL1.exe<UPack>:D3D9_64.DLL1.exe <- Trojan.Psw.Onlinegames.Abhg : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js1[1].exe<UPack>:js1[1].exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Achh : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js20[1].exe <- Trojan.Psw.Onlinegames.Aayo : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js8[1].exe <- Trojan.Psw.Onlinegames.Abqj : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js8[1].exe<UPack>:js8[1].exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Acbr : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js19[1].exe <- Trojan.Psw.Onlinegames.Abzb : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js19[1].exe<UPX>:js19[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abzd : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js23[1].exe <- Trojan.Psw.Onlinegames.Abzb : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js23[1].exe<UPX>:js23[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abzd : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js27[1].exe<UPack>:js27[1].exe <- Trojan.Psw.Onlinegames.Abda : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js3[1].exe <- Trojan.Psw.Onlinegames.Ably : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js3[1].exe<UPX>:js3[1].exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abvj : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js3[1].exe<UPX>:js3[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abur : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js7[1].exe<UPack>:js7[1].exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Absk : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js10[1].exe<UPack>:js10[1].exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Acdd : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js18[1].exe <- Trojan.Psw.Onlinegames.Ably : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js18[1].exe<UPX>:js18[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abur : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js22[1].exe <- Trojan.Psw.Onlinegames.Abzb : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js22[1].exe<UPX>:js22[1].exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abzc : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js22[1].exe<UPX>:js22[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abzd : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js26[1].exe <- Trojan.Psw.Onlinegames.Acaa : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js26[1].exe<UPX>:js26[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abur : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js2[1].exe <- Trojan.Psw.Qqpass.Bsi : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js2[1].exe<UPX>:js2[1].exe<DLLRES>:FILE0.exe <- Trojan.Psw.Qqpass.Bsj : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js30[1].exe<UPX>:js30[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abzd : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar<RAR>:js6[1].exe<UPack>:js6[1].exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Absh : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:js25[1].exe<UPX>:js25[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abur : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:js29[1].exe<UPX>:js29[1].exe<DLLRES>:res0.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Acgb : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:js9[1].exe<UPack>:js9[1].exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Acek : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:smss.exe<UPack>:smss.exe <- Worm.Anilogo.f : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:8a.exe<FSG>:8a.exe <- Trojan.Psw.Onlinegames.Abum : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:8a.exe<FSG>:8a.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abxm : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:9a.exe<FSG>:9a.exe <- Trojan.Psw.Onlinegames.Abtp : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:9a.exe<FSG>:9a.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Xzy : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:10a.exe <- Trojan.Psw.Onlinegames.Acbx : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:10a.exe<FSG>:10a.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Ybx : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:16a.exe<UPX>:16a.exe <- Trojan.Psw.Qqpass.Brl : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:16a.exe<UPX>:16a.exe<DLLRES>:FILE0.exe <- Trojan.Psw.Qqpass.Bri : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:17a.exe<FSG>:17a.exe <- Trojan.Psw.Onlinegames.Abtl : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:17a.exe<FSG>:17a.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abtl : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:20a.exe <- Trojan.Psw.Onlinegames.Acby : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:20a.exe<FSG>:20a.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Acbs : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:24a.exe<UPX>:24a.exe <- Trojan.Psw.Onlinegames.Abci : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:24a.exe<UPX>:24a.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abhj : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar<RAR>:3a.exe<FSG>:3a.exe <- Trojan.Psw.Onlinegames.Abtq : No action
C:\Documents and Settings\All Users\Documents\Test\dudu.part4.rar<RAR>:Nt_Sys32.Sys <- Trojan.Psw.Qqpass.Bsj : No action



Scanned objects : 242

Infected objects : 74
回复

举报

allinwonderi
发表于 2008-4-29 21:40:27 | 显示全部楼层
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\fiosectc.exe->(FSG)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\fmsjhif.exe->(FSG)
[Found possible security risk]        <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\LotusHlp.exe->(UPX)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\mfchlp64.exe->(FSG)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\WSockDrv32.exe->(UPack)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\bincdwsa.exe->(FSG)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dbhlp32.exe->(FSG)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dionpis.exe->(FSG)
[Found security risk]        <W32/Agent.W.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\ntldr.exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqSADSAD1040.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqHADHAD1066.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqKAFKAF1066.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqMYSMYS1045.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqQACQAC1041.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia28.exe->exefile->(UPack)
[Found possible security risk]        <W32/Heuristic-KPP!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia29.exe->exefile->(UPack)
[Found security risk]        <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia3.exe->(UPX)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia10.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia12.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia14.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\xia25.exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\zxcsahlp.exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\zaztamsn.exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\zscqahlp.exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\zsdjabmp.exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\jbhxabyt.exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqBAIBAI1063.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqBAIBAI1066.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part1.rar->dudu\dqDABDAB1067.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqDXYDXY1006.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqHADHAD1066.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqKAFKAF1066.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqMYSMYS1045.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqWHXWHX1012.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqQACQAC1041.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\dqSADSAD1040.dll->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\DXDLG.EXE->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js12[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js16[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js1[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js20[1].exe->(UPack)
[Found possible security risk]        <W32/Heuristic-KPP!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js24[1].exe->exefile->(UPack)
[Found possible security risk]        <W32/Heuristic-KPP!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js28[1].exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js4[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js8[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js11[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js15[1].exe->(UPack)
[Found possible security risk]        <W32/Heuristic-KPP!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js27[1].exe->exefile->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js7[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js10[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js14[1].exe->(UPack)
[Found security risk]        <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js2[1].exe->(UPX)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js6[1].exe->(UPack)
[Found possible security risk]        <W32/Heuristic-210!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part2.rar->dudu\js0[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\js17[1].exe->(UPack)
[Found possible security risk]        <W32/Heuristic-210!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\js21[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\js5[1].exe->(UPack)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\js9[1].exe->(UPack)
[Found security risk]        <W32/Agent.W.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\smss.exe->(UPack)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\8a.exe->(FSG)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\9a.exe->(FSG)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\10a.exe->(FSG)
[Found security risk]        <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\16a.exe->(UPX)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\17a.exe->(FSG)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\20a.exe->(FSG)
[Found possible security risk]        <W32/Heuristic-KPP!Eldorado (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\24a.exe->(UPX)
[Found security risk]        <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\3a.exe->(FSG)
[Found security risk]        <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part3.rar->dudu\5a.exe->(UPack)
[Found virus]        <W32/InfoStealer!Generic (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part4.rar->dudu\Nt_Sys32.Sys
[Found Trojan]        <W32/Trojan2.SLD (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\dudu.part4.rar->dudu\conimef.exe

---------------------------------------------------------------------
Scan ended:        2008-4-29, 21:40:18
Duration:        0:00:27

Scan result:

Scanned files:                 9
Infected objects:         70
Disinfected objects:         0
Quarantined files:         0
---------------------------------------------------------------------
回复

举报

Palkia
发表于 2008-4-29 21:40:31 | 显示全部楼层

248/78

瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.GameOL.ndz
病毒: Trojan.PSW.Win32.GameOL.nav
病毒: Trojan.PSW.Win32.GameOL.neh
病毒: Packer.Win32.Upack.a     
病毒: Trojan.PSW.Win32.GameOL.nei
病毒: Trojan.PSW.Win32.GameOL.nee
病毒: Trojan.PSW.Win32.GameOL.ngk
病毒: Suspicious.Worm.Win32.Autorun.a
病毒: Suspicious.Trojan.Win32.DelSelf.a
病毒: Trojan.PSW.Win32.GameOL.nhb
病毒: Trojan.PSW.Win32.GameOL.mnt
病毒: Worm.Win32.PaBug.gfg     
病毒: Trojan.PSW.Win32.GamesOnline.uf
病毒: Trojan.PSW.Win32.GameOL.ncv
病毒: Trojan.PSW.Win32.GameOL.nen
病毒: Trojan.PSW.Win32.GamesOnline.ua
病毒: Trojan.PSW.Win32.QQHX.twl
病毒: Trojan.PSW.Win32.GameOL.nga
病毒: Trojan.PSW.Win32.GameOL.nhq
病毒: Trojan.PSW.Win32.XYOnline.adg
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.XYOnline.adg
病毒: Trojan.PSW.Win32.GameOL.nfl
病毒: Trojan.PSW.Win32.GameOnlines.h
病毒: Trojan.PSW.Win32.RocOnline.kv
病毒: Trojan.PSW.Win32.GameOL.nfn
病毒: Trojan.PSW.Win32.GameOL.nfp
病毒: RootKit.Win32.Mnless.jz  
病毒: Trojan.PSW.Win32.GameOL.nds
病毒: Trojan.PSW.Win32.SunGame.m
病毒: Trojan.PSW.Win32.WoWar.apa
病毒: Trojan.PSW.Win32.GameOL.ndm
病毒: Trojan.PSW.Win32.TLOnline.jls
病毒: Trojan.PSW.Win32.GameOL.nfy
病毒: Trojan.PSW.Win32.GameOL.nex
病毒: Trojan.PSW.Win32.RocOnline.kq
病毒: Trojan.PSW.Win32.XYOnline.adh
病毒: Worm.Win32.PaBug.gfe     
病毒: Worm.Win32.PaBug.gff     

MAC 地址:00:17:31:40:A3:57

用户来源:局域网

软件版本:20.42.12
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-21 22:36 , Processed in 0.139426 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表