查看: 3326|回复: 12
收起左侧

[已鉴定] 江民报毒··

 关闭 [复制链接]
jiffy
发表于 2008-5-31 23:49:25 | 显示全部楼层 |阅读模式
真.菲戈
发表于 2008-6-1 00:01:52 | 显示全部楼层
FF+ADB+红伞不报…
真.菲戈
发表于 2008-6-1 00:02:32 | 显示全部楼层
未开WG
真.菲戈
发表于 2008-6-1 00:04:51 | 显示全部楼层
果然用IE就报了……

未命名.jpg
yk1234
发表于 2008-6-1 00:22:14 | 显示全部楼层
能否发样本上来啊,不赶进去、那个htm

[ 本帖最后由 yk1234 于 2008-6-1 00:26 编辑 ]
mofunzone
发表于 2008-6-1 00:28:55 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\TDDOWNLOAD\ad02.swf'
C:\TDDOWNLOAD\
  ad02.swf
    [0] Archive type: SWC
    --> Object
      [NOTE]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\ko.exe'
C:\TDDOWNLOAD\
  ko.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: OVL
        --> Object
          [2] Archive type: OVL
          --> Object
            [3] Archive type: Runtime Packed
            --> Object
      [DETECTION] Is the Trojan horse TR/Downloader.Gen
      [NOTE]      The file was deleted!
Begin scan in 'C:\TDDOWNLOAD\ad01.swf'
C:\TDDOWNLOAD\
  ad01.swf
    [0] Archive type: SWC
    --> Object
      [NOTE]      The file was deleted!


End of the scan: 2008年5月31日  09:28
Used time: 00:05 min

The scan has been done completely.

      0 Scanning directories
      3 Files were scanned
      3 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      3 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
      0 Warnings
      3 Notes
mofunzone
发表于 2008-6-1 00:42:58 | 显示全部楼层
全灭

Start of the scan: 2008年5月31日  09:42

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\样本(19)'
C:\Documents and Settings\morgan\My Documents\样本(19)\
  1.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aiyg
            [WARNING]   Infected files in archives cannot be repaired!
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
  10.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  11.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  12.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: OVL
        --> Object
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '486f8031.qua'!
  13.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  14.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  15.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: OVL
        --> Object
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '486f8034.qua'!
  16.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aipa
            [WARNING]   Infected files in archives cannot be repaired!
      [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
      [NOTE]      The file was deleted!
  17.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ajus
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
      [NOTE]      The file was deleted!
  18.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  2.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  3.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: Runtime Packed
        --> Object
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      The file was deleted!
  4.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ajtp
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
      [NOTE]      The file was deleted!
  5.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ajtg
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
            [DETECTION] Contains detection pattern of the worm WORM/Downloader.MM
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.akyd
      [NOTE]      The file was deleted!
  7.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ajnn
            [WARNING]   Infected files in archives cannot be repaired!
      [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
      [NOTE]      The file was deleted!
  8.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  9.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ajus
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
      [NOTE]      The file was deleted!
  ko.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: OVL
        --> Object
          [2] Archive type: OVL
          --> Object
            [3] Archive type: Runtime Packed
            --> Object
      [DETECTION] Is the Trojan horse TR/Downloader.Gen
      [NOTE]      The file was deleted!


End of the scan: 2008年5月31日  09:42
Used time: 00:05 min

The scan has been done completely.

      1 Scanning directories
     19 Files were scanned
     21 viruses and/or unwanted programs were found
      2 Files were classified as suspicious:
     17 files were deleted
      0 files were repaired
      2 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -2 Files not concerned
      0 Archives were scanned
      8 Warnings
     19 Notes
star_xing
发表于 2008-6-1 00:43:53 | 显示全部楼层
ACCESS DENIED
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: http://bbs.kafan.cn/attachment.p ... 5a&t=1212252107

The folowing error was encountered:

The requested object is INFECTED. The following viruses Trojan-PSW.Win32.OnLineGames.aido were found

Please contact your service provider if you feel this is incorrect.



--------------------------------------------------------------------------------

Generated Sun Jun 01 00:44:31 2008 by 卡巴斯基反病毒软件 7.0
palfan
发表于 2008-6-1 02:57:54 | 显示全部楼层

回复 7楼 mofunzone 的帖子

启发报两只已上报

File ID FilenameSize (Byte)Result
25033153 15.exe 16.12 KB UNDER ANALYSIS
25033492 12.exe 19.79 KB UNDER ANALYSIS
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-15 07:38 , Processed in 0.137604 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表