查看: 3592|回复: 22
收起左侧

[病毒样本] 来一包,热乎乎的。

[复制链接]
一派胡言
发表于 2007-5-4 11:22:01 | 显示全部楼层 |阅读模式


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
The EQs
发表于 2007-5-4 11:24:22 | 显示全部楼层

还剩8个

Scan performed at: 2007-5-4 11:24:02
Scanning Log
NOD32 version 2238 (20070503) NT
Command line: C:\Documents and Settings\EQ2\桌面\来一包
Operating memory - is OK

Date: 4.5.2007  Time: 11:24:06
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\来一包\
C:\Documents and Settings\EQ2\桌面\来一包\gz.exe - Win32/Pacex.Gen virus
C:\Documents and Settings\EQ2\桌面\来一包\Kvsc3.exe - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\EQ2\桌面\来一包\mppds.exe - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\EQ2\桌面\来一包\msccrt.exe - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\EQ2\桌面\来一包\nwiztlbb.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\来一包\qq.exe - probably a variant of Win32/PSW.QQPass.VD trojan
C:\Documents and Settings\EQ2\桌面\来一包\servhost.dll - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\EQ2\桌面\来一包\servhost.exe - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\EQ2\桌面\来一包\shualai.dll - a variant of Win32/Agent.NHN trojan
C:\Documents and Settings\EQ2\桌面\来一包\shualai.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\来一包\windds32.dll - probably a variant of Win32/Agent.NHG trojan
C:\Documents and Settings\EQ2\桌面\来一包\winform.dll - Win32/PSW.Agent.NEN trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\来一包\winform.exe - probably a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\EQ2\桌面\来一包\zt.exe - a variant of Win32/PSW.Agent.NDF trojan
Number of scanned files: 22
Number of threats found: 14
Number of files cleaned: 14
Time of completion: 11:24:14 Total scanning time: 8 sec (00:00:08)

Notes:
[7] File is probably infected with an unknown virus.
mofunzone
发表于 2007-5-4 11:24:23 | 显示全部楼层
等着看kv怎么样
p.s nod是杀不过antivir的

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\�һ��.rar'
C:\Documents and Settings\morgan\My Documents\
  �һ��.rar
    [0] Archive type: RAR
    --> nwiztlbb.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> msccrt.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> winform.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> cid_store.dat
    --> mppds.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> servhost.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> ~tmp.tmp
        [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.20
        [WARNING]   Infected files in archives cannot be repaired!
    --> shualai.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> windds32.dll
    --> Kvsc3.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> Kvsc3.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2116
        [WARNING]   Infected files in archives cannot be repaired!
    --> winform.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NB.136
        [WARNING]   Infected files in archives cannot be repaired!
    --> systemm.exe
        [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.7 Backdoor server programs
        [WARNING]   Infected files in archives cannot be repaired!
    --> nwiztlbu.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> msccrt.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2169
        [WARNING]   Infected files in archives cannot be repaired!
    --> mppds.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> servhost.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.NB.148
        [WARNING]   Infected files in archives cannot be repaired!
    --> nwiztlbb.exe
        [DETECTION] Is the Trojan horse TR/Agent.13369
        [WARNING]   Infected files in archives cannot be repaired!
    --> shualai.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> gz.exe
        [DETECTION] Is the Trojan horse TR/PCK.NSAnti.N.60
        [WARNING]   Infected files in archives cannot be repaired!
    --> qq.exe
        [DETECTION] Is the Trojan horse TR/PSW.Steal.30303
        [WARNING]   Infected files in archives cannot be repaired!
    --> zt.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!


End of the scan: 2007年5月3日  20:24
Used time: 00:11 min

The scan has been done completely.

      0 Scanning directories
     23 Files were scanned
     20 viruses and/or unwanted programs were found
     11 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -8 Files not concerned
      1 Archives were scanned
     21 Warnings
      0 Notes
      0 Hidden objects were found
欠妳緈諨
发表于 2007-5-4 11:51:51 | 显示全部楼层
11个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
红心王子
发表于 2007-5-4 11:56:45 | 显示全部楼层
还行KV江民07报了15个,先是KIS621拦截

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
蓝色牛仔裤
发表于 2007-5-4 11:59:04 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
KAV-Longhorn
发表于 2007-5-4 11:59:14 | 显示全部楼层
卡巴16个,DRWEB17个



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
soul20010
发表于 2007-5-4 12:03:00 | 显示全部楼层
Result: 12 malware found
Trojan-PSW.Win32.OnLineGames.qh (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\winform.dll

Trojan-PSW.Win32.OnLineGames.ms (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\servhost.dll

Trojan-PSW.Win32.Delf.qc (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\~tmp.tmp

Trojan-PSW.Win32.OnLineGames.es (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\Kvsc3.dll
    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\Kvsc3.exe
    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\msccrt.exe
    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\shualai.exe

Trojan-PSW.Win32.OnLineGames.oe (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\winform.exe

Backdoor.Win32.Agent.alh (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\systemm.exe

Trojan-PSW.Win32.OnLineGames.nb (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\servhost.exe

Packed.Win32.NSAnti.n (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\gz.exe

Trojan-PSW.Win32.QQPass.wm (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\À´Ò»°ü.rar\qq.exe
小邪邪
发表于 2007-5-4 12:49:58 | 显示全部楼层

AVK杀了20个

Anycall-D908
发表于 2007-5-4 12:55:24 | 显示全部楼层
真烦,每次都给EQ2抢先报了NOD32的,搞得我没得玩了.看来我还是换个冷门没人用的杀软算了
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 20:02 , Processed in 0.147103 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表