收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 一个小毒包
123下一页
返回列表 发新帖
查看: 3807|回复: 25
收起左侧

[病毒样本] 一个小毒包

[复制链接]
64575509
发表于 2008-8-7 10:09:29 | 显示全部楼层 |阅读模式
一个小毒包
回复

举报

qigang
发表于 2008-8-7 10:12:41 | 显示全部楼层

67/22

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.PSW.Win32.Mapdimp.n
病毒: Trojan.PSW.Win32.Mapdimp.o
病毒: Trojan.PSW.Win32.GameOL.pcl
病毒: Trojan.PSW.Win32.GameOL.pcy
病毒: Trojan.PSW.Win32.GameOL.owc
病毒: Trojan.DL.Win32.Undef.adp
病毒: Trojan.PSW.Win32.GameOL.paq
病毒: Trojan.Win32.Undef.kgr   
病毒: Trojan.PSW.Win32.GameOL.owf
病毒: Trojan.PSW.Win32.GameOL.oum
病毒: Trojan.Win32.Undef.kfg   
病毒: Trojan.Win32.Undef.kfm   
病毒: Trojan.PSW.Win32.GameOL.oek
病毒: Trojan.Win32.Undef.keu   
病毒: Trojan.PSW.Win32.GameOL.ott
病毒: Trojan.PSW.Win32.GameOL.pcs

用户来源:互联网

软件版本:20.56.22
回复

举报

aribeth199
发表于 2008-8-7 10:17:32 | 显示全部楼层
2008-8-7 10:15:16        http://bbs.kafan.cn/attachment.p ... mp;t=1218075415//tl样本/up01.exe//PE_Patch//UPack        检测到: Trojan.Win32.Agent.xqr
回复

举报

电影结束了
发表于 2008-8-7 10:19:06 | 显示全部楼层
扫描系统区域...
扫描所选择的目录和文件...
对象: up01.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: DeepScan:Generic.PWS.Games.3.11865E38 (BD 引擎)
对象: up01B.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up02.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up02B.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
对象: up03B.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.YXK (BD 引擎)
对象: up04B.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
对象: up05.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up06.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.YXK (BD 引擎)
对象: up07.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up08.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up09.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: up10.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
对象: up11.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: BehavesLike:Trojan.AppInitDLL (BD 引擎)
对象: up12.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up13.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up14.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up15.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up16.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up17.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.YXK (BD 引擎)
对象: up18.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
对象: up19.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
对象: up20.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: DeepScan:Generic.Malware.Fdld!!gPWS.841DF74E (BD 引擎)
对象: up21.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.Lmir.UMH (BD 引擎)
对象: up22.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.YXK (BD 引擎)
对象: up23.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
对象: up24.exe
        路径: C:\Documents and Settings\wangcheng\桌面\tl样本\tl样本
        Status: 病毒文件已删除
        病毒: Trojan.PWS.OnlineGames.ZAY (BD 引擎)
扫描完成: 2008-8-7 10:18
    已检查 27 个文件
    已发现 26 个染毒文件
回复

举报

Kitman
发表于 2008-8-7 10:26:38 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Users\TOSHIBA\Downloads\tl样本'
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up01.exe
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/OnLineGames.D root kit
    [NOTE]      A backup was created as '48ca5d4d.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up01B.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a13d24e.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up02.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48ca5d4f.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up02B.exe
      [DETECTION] Is the TR/PSW.Online.Osh.2 Trojan
    [NOTE]      A backup was created as '48ca5d4e.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up03B.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a13d24f.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up04B.exe
      [DETECTION] Is the TR/PSW.Online.bin Trojan
    [NOTE]      A backup was created as '48ca5d50.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up05.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a13d251.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up06.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48ca5d52.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up07.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a13d253.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up08.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48ca5d54.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up09.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a13d250.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up10.exe
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/Spy.Agent.dhi.13 Trojan
    [NOTE]      A backup was created as '48cb5d4f.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up11.exe
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/Spy.Agent.dpw.2 Trojan
    [NOTE]      A backup was created as '4a12d250.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up12.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48cb5d51.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up13.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a12d252.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up14.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48cb5d53.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up15.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48cb5d50.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up16.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a12d251.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up17.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48cb5d52.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up18.exe
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/Gendal.28672.8 Trojan
    [NOTE]      A backup was created as '4a3ee349.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up19.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a3ee611.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up20.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48cc5d50.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up21.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48cc5d51.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up22.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4a15d252.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up23.exe
      [DETECTION] Is the TR/PSW.Online.aklp Trojan
    [NOTE]      A backup was created as '48cc5d53.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\up24.exe
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/PSW.OnlineGames.ZKH.38 Trojan
    [NOTE]      A backup was created as '4a15d254.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\tl样本\tl样本\upkk.exe
      [DETECTION] Contains HEUR/Crypted suspicious code
    [NOTE]      A backup was created as '49055d51.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!


End of the scan: 2008年8月7日  10:24
Used time: 00:07 Minute(s)

The scan has been done completely.

      2 Scanning directories
     27 Files were scanned
     26 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
     27 files were deleted
      0 files were repaired
     27 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
      0 Warnings
     27 Notes
回复

举报

Palkia
发表于 2008-8-7 10:27:06 | 显示全部楼层
信息        2008-08-07  10:26:17        您此次查毒清除了24个病毒                       
信息        2008-08-07  10:26:17        您此次查毒共查出24个病毒以及危险代码                       
信息        2008-08-07  10:26:17        您此次查毒共查了内存模块0个,磁盘引导扇区0个,文件56个                       
信息        2008-08-07  10:26:17        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒
回复

举报

dy001
发表于 2008-8-7 10:32:14 | 显示全部楼层
NOD32699,扫描28个,发现25,还算不错吧?呵呵~~
(办公室NOD,家里用卡巴)
回复

举报

kkgh
发表于 2008-8-7 10:40:34 | 显示全部楼层
费尔27个
回复

举报

tcgg1983
发表于 2008-8-7 10:42:35 | 显示全部楼层
费尔28文件 27病毒
回复

举报

htyhzd 该用户已被删除
发表于 2008-8-7 10:45:23 | 显示全部楼层
f-secure 23个
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-7-14 07:03 , Processed in 0.160468 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表