收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 64
12
返回列表 发新帖
楼主: qianwenxiang
 收起左侧

[病毒样本] 64

[复制链接]
起起
发表于 2008-5-20 21:36:34 | 显示全部楼层
趋势科技一杀就直接隔离了,好像杀了37个.接着就没有看见压缩包了.
回复

举报

HC303
发表于 2008-5-20 22:27:59 | 显示全部楼层
红伞余下四个上报。
C:\Documents and Settings\Administrator\桌面\mr\136588M.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__265B1.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__28500.exe
      [DETECTION] Is the Trojan horse TR/PSW.Nilage.cfp
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__2BFC6.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__3261F.exe
  [0] Archive type: OVL
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aiqc
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__43572.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__44320.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__458EC.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__4B36E.exe
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__4D4F6.exe
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__5D8F4.exe
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__5FB71.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__684D6.exe
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.afqn
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__6C4CC.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__6ED65.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__733F9.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aigv
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__8F3F1.exe
  [0] Archive type: OVL
  --> Object
      [DETECTION] Is the Trojan horse TR/Agent.10680
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__99B3B.exe
    --> Object
      [1] Archive type: RSRC
      --> Object
        [2] Archive type: RSRC
        --> Object
            [DETECTION] Contains detection pattern of the SPR/PortScan.I program
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zcp
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__9AE3.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__9EB8.exe
  [0] Archive type: OVL
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aiqc
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__A0643.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__A4709.exe
    --> Object
      [1] Archive type: RSRC
      --> Object
        [2] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abei.1
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__CC1EB.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__DED73.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__E666F.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\2008-5-20__EF952.exe
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\anistio.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\anistio.exE
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\cedafb.dll
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\fmsbbqi.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\fmsbbqi.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\fsrgeb.dll
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\hapdrv.sys
      [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\interne.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zcp
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\mfdesy.dll
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMAAAMTM1042.dll
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMAAAMTM1042.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMBAIKOK1080.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMBAIKOK1080.exe
  [0] Archive type: OVL
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aiqc
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMCBDKTK1065.dll
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMCBDKTK1065.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMDXYBQE1023.dll
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMDXYBQE1023.exe
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMKAFNFW1081.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMKAFNFW1081.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMRJRTRG1030.dll
      [DETECTION] Is the Trojan horse TR/Agent.10680
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMRJRTRG1030.exe
  [0] Archive type: OVL
  --> Object
      [DETECTION] Is the Trojan horse TR/Agent.10680
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMWLVAHB1027.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\MMWLVAHB1027.exe
  [0] Archive type: OVL
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aiqc
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\msosdohs00.dll
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\msosmsfpfis64.sys
      [DETECTION] Is the Trojan horse TR/Proxy.Xorpix.EZ
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\msosmsp2p32.sys
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aicq
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\nicomsp2p32.sys
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aigh
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\sgrefg.dll
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\SGuard.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\sjhrdh.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\SysWoWaVi.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\ticisms.dll
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\ticisms.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\mr\WinSys16.Sys
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
回复

举报

Palkia
发表于 2008-5-20 22:39:37 | 显示全部楼层

kv 56

在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__DED73.exe 中发现 Trojan/PSW.GamePass.adkd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__E666F.exe 中发现 Trojan/PSW.GamePass.adkd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__EF952.exe 中发现 TrojanDropper.Driver.a 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->136588M.exe 中发现 Trojan/PSW.Lmir.cuw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->anistio.dll 中发现 Trojan/Ck88866.DLL.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->anistio.exE 中发现 Trojan/PSW.OnLineGames.tvm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->cedafb.dll 中发现 Trojan/Agent.aizd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->fmsbbqi.dll 中发现 Trojan/Ck88866.DLL.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->fmsbbqi.exe 中发现 Trojan/PSW.OnLineGames.tvl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->hapdrv.sys 中发现 Backdoor/HookSSDT.ei 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->HavDrv32.sys 中发现 Backdoor/HookSSDT.ei 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->mfdesy.dll 中发现 Trojan/Agent.alle 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMAAAMTM1042.dll 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMAAAMTM1042.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMBAIKOK1080.dll 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMBAIKOK1080.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMCBDKTK1065.dll 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMCBDKTK1065.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMDXYBQE1023.dll 中发现 Trojan/PSW.GamePass.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMDXYBQE1023.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMKAFNFW1081.dll 中发现 Trojan/PSW.GamePass.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMKAFNFW1081.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMRJRTRG1030.dll 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMRJRTRG1030.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMWLVAHB1027.dll 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->MMWLVAHB1027.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->msosdohs00.dll 中发现 Trojan/PSW.GamePass.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->msosmsfpfis64.sys 中发现 Rootkit.fpids.a 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->msosmsp2p32.sys 中发现 Trojan/PSW.OnLineGames.twi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->nicomsp2p32.sys 中发现 Trojan/PSW.OnLineGames.twi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->SGuard.exe 中发现 Backdoor/Huigezi.2004.cl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->SysWoWaVi.dll 中发现 Trojan/PSW.Nilage.cpn 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->ticisms.dll 中发现 Trojan/Ck88866.DLL.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->ticisms.exe 中发现 Trojan/Ck88866.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__2BFC6.exe 中发现 Trojan/PSW.OnLineGames.tvl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__4B36E.exe 中发现 Trojan/PSW.QQPass.sxl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__4D4F6.exe 中发现 TrojanDropper.Driver.a 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__5D8F4.exe 中发现 TrojanDropper.Driver.a 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__5FB71.exe 中发现 Trojan/PSW.GamePass.adkd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__6C4CC.exe 中发现 Trojan/PSW.GamePass.adkd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__6ED65.exe 中发现 Trojan/PSW.Lmir.cuw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__8F3F1.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__9AE3.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__9EB8.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__99B3B.exe 中发现 Trojan/VB.Small.ael 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__265B1.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__458EC.exe 中发现 Trojan/Ck88866.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__684D6.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__733F9.exe 中发现 Trojan/PSW.OnLineGames.tyk 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__3261F.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__28500.exe 中发现 Trojan/PSW.Nilage.clt 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__43572.exe 中发现 Trojan/PSW.OnLineGames.tvm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__44320.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__A0643.exe 中发现 Trojan/PSW.OnLineGames.agwj 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__A4709.exe 中发现 Trojan/PSW.GamePass.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\mr.rar->2008-5-20__CC1EB.exe 中发现 TrojanSpy.Iespy.bw 病毒, 已删除
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-7-15 23:03 , Processed in 0.097886 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表