收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 大包生成物
返回列表 发新帖
查看: 1619|回复: 5
收起左侧

[病毒样本] 大包生成物

[复制链接]
雨宫优子
发表于 2008-7-8 12:40:24 | 显示全部楼层 |阅读模式
大堆生成物.........
沙盘弄到的..
附件
ati.rar (2.5MB)
回复

举报

IllusionWing
发表于 2008-7-8 13:23:44 | 显示全部楼层
41

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Kitman
发表于 2008-7-8 14:32:42 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\Administrator\桌面\safe lab'
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DKMZEI0M\chuanqishijie[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e80a48.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DKMZEI0M\maoxiandao[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48e20a41.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DKMZEI0M\menghuan[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e10a45.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DKMZEI0M\my[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48ce0a59.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DKMZEI0M\wulin[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48df0a55.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DRAARFIT\huanxiang[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48d40a55.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DRAARFIT\jianxia[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48d40a49.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DRAARFIT\tl[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48ce0a4d.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DRAARFIT\wanmeiguoji[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e10a42.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\DRAARFIT\zhengtu[1].exe
      [DETECTION] Is the Trojan horse TR/Agent.1068320
      [NOTE]      A backup was created as '48d80a49.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\P58DHRYW\qqsanguo[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e60a52.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\P58DHRYW\rexuechuanqi[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48eb0a47.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\P58DHRYW\wendao[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48e10a47.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\P58DHRYW\zhuxian[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e80a4b.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\TUWCF41N\chibi[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48dc0a4b.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\TUWCF41N\daojian[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e20a44.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\TUWCF41N\potian[1].exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e70a53.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\Content.IE5\TUWCF41N\wow[1].exe
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/Agent.shf.3
      [NOTE]      A backup was created as '48ea0a53.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\adsntzt.dll
      [DETECTION] Is the Trojan horse TR/Agent.1068320
      [NOTE]      A backup was created as '48e60a48.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\apzhctde.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48ed0a54.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\cdan3.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48d40a48.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\eeid2.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48dc0a49.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\hdf453d.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48d90a48.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\hecz9.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48d60a4a.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\htiz13.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48dc0a59.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\icmr14.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48e00a48.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\khyx7.exe
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/Agent.shf.3
      [NOTE]      A backup was created as '48ec0a4d.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\lkwe15.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48ea0a50.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\MMBAIKOK1100.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48b50a32.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\MMHADPQG1101.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48bb0a33.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\MMKAFNFW1110.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48be0a33.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\MMMHXGGD1070.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48c00a33.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\MMQACNAR1068.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48c40a33.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\MMWLANGH1006.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48ca0a33.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\mpwdeapi.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48ea0a56.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\mtzs0.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48ed0a5a.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\xpje12.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48dd0a56.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\zhgc5.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      A backup was created as '48da0a4f.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\zycbdime.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48d60a60.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\safe lab\WINDOWS\system32\zywlcime.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48ea0a60.qua'  ( QUARANTINE )
      [NOTE]      The file was deleted!


End of the scan: 2008年7月8日  14:32
Used time: 00:10 min

The scan has been done completely.

      9 Scanning directories
     51 Files were scanned
     40 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     40 files were deleted
      0 files were repaired
     40 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     11 Files not concerned
      0 Archives were scanned
      0 Warnings
     40 Notes
回复

举报

Palkia
发表于 2008-7-8 15:29:54 | 显示全部楼层
毒霸 41
回复

举报

kkgh
发表于 2008-7-8 15:39:22 | 显示全部楼层
费尔41个

瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.GameOL.oek
病毒: Trojan.PSW.Win32.GameOL.olw
病毒: Trojan.PSW.Win32.GameOL.oom
病毒: Trojan.PSW.Win32.RocOnline.ln
病毒: Trojan.PSW.Win32.WoWar.ard
病毒: Trojan.PSW.Win32.GameOL.nvl
病毒: Trojan.PSW.Win32.GameOL.opb
病毒: Trojan.PSW.Win32.GameOL.oft
病毒: Trojan.PSW.Win32.GameOL.opd
病毒: Trojan.PSW.Win32.GameOL.omf
病毒: Trojan.PSW.Win32.GameOL.opc
病毒: Trojan.PSW.Win32.GameOL.opf
病毒: Trojan.PSW.Win32.RocOnline.ln
病毒: Trojan.PSW.Win32.OnlineGame.ymp
病毒: Trojan.PSW.Win32.GameOL.oog
病毒: Trojan.PSW.Win32.GameOL.oom
病毒: Trojan.PSW.Win32.GameOL.omf
病毒: Trojan.PSW.Win32.GameOL.olx
病毒: AdWare.Win32.Agent.bvj   

用户来源:互联网

软件版本:20.52.10

40个
回复

举报

markrhy
发表于 2008-7-8 16:24:06 | 显示全部楼层
红伞杀!!!
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-3 07:06 , Processed in 0.135207 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表