收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【md5内详】10只
123下一页
返回列表 发新帖
查看: 3164|回复: 21
收起左侧

[病毒样本] 【md5内详】10只

[复制链接]
jimmyleo
发表于 2007-8-18 11:39:32 | 显示全部楼层 |阅读模式

0d330f|c56786|6c23fc|f3f6c8|ce15b4|44336d|36ec2f|6c23fc|993b1b|e9971d

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

wangjay1980
发表于 2007-8-18 11:44:44 | 显示全部楼层
deleted: Trojan program Rootkit.Win32.Agent.dw        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/runtime.sys
deleted: Trojan program Trojan-Downloader.Win32.LoadAdv.gen        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/loadadv413.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-Downloader.Win32.Small.cyn        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/file_3.exe
deleted: Trojan program Trojan-Downloader.Win32.Small.cyn        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/svchw.exe
deleted: Trojan program Trojan-Downloader.Win32.Agent.brk        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/file_1.exe
deleted: Trojan program Trojan-Spy.Win32.Banker.cnx        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/comi.dll
deleted: Trojan program Backdoor.Win32.Small.nz        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/bot.dll
deleted: Trojan program Trojan-Spy.Win32.Banker.cnx        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/mssys32.exe
deleted: Trojan program Trojan.Win32.FaceCodec.a        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/file_2.exe//data0001
deleted: Trojan program Trojan-Downloader.Win32.Agent.bjc        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/file_2.exe//data0004
deleted: Trojan program Trojan-Downloader.Win32.Small.cyn        File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/svchjx.dll
回复

举报

欠妳緈諨
发表于 2007-8-18 11:48:19 | 显示全部楼层
8只

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

残缺的唯美
发表于 2007-8-18 11:48:36 | 显示全部楼层
--> runtime.sys
        [DETECTION] Contains signature of the rootkit RKIT/Agent.DW.3
        [WARNING]   Infected files in archives cannot be repaired!
    --> loadadv413.exe
        [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> file_3.exe
        [DETECTION] Is the Trojan horse TR/Dldr.Small.cyn.1190
        [WARNING]   Infected files in archives cannot be repaired!
    --> svchw.exe
        [DETECTION] Is the Trojan horse TR/Dldr.Small.cyn.1190
        [WARNING]   Infected files in archives cannot be repaired!
    --> file_1.exe
        [DETECTION] Is the Trojan horse TR/Dldr.Agent.brk.94
        [WARNING]   Infected files in archives cannot be repaired!
    --> comi.dll
        [DETECTION] Is the Trojan horse TR/Spy.Banker.cnx.10
        [WARNING]   Infected files in archives cannot be repaired!
    --> bot.dll
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> mssys32.exe
        [DETECTION] Is the Trojan horse TR/Spy.Banker.cnx.9
        [WARNING]   Infected files in archives cannot be repaired!
    --> file_2.exe
        [DETECTION] Is the Trojan horse TR/Zlob.122885
        [WARNING]   Infected files in archives cannot be repaired!
    --> svchjx.dll
        [DETECTION] Is the Trojan horse TR/Dldr.Small.cyn
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      A backup was created as '46f46c0e.qua'  ( QUARANTINE )
        [INFO]      The file was deleted!
回复

举报

yurius
发表于 2007-8-18 11:53:13 | 显示全部楼层
Scan performed at: 2007-8-18 11:52:07
Scanning Log
NOD32 version 2469 (20070818) NT
Command line: C:\virus\10.rar
C:\Program Files\Eset\nod32.exe - is OK
MBR sector of the 1. physical disk - is OK
Active boot sector of the 1. physical disk - is OK
Active boot sector of the 2. physical disk - is OK
Active boot sector of the 3. physical disk - is OK

Date: 18.8.2007  Time: 11:52:09
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\virus\10.rar
C:\virus\10.rar ?RAR ?runtime.sys - Win32/Rootkit.Agent.DW trojan
C:\virus\10.rar ?RAR ?loadadv413.exe - a variant of Win32/TrojanDownloader.Small.NUS trojan
C:\virus\10.rar ?RAR ?file_3.exe - Win32/TrojanDownloader.Agent.AEF trojan
C:\virus\10.rar ?RAR ?svchw.exe - Win32/TrojanDownloader.Agent.AEF trojan
C:\virus\10.rar ?RAR ?file_1.exe - Win32/Rootkit.Agent.NBS trojan
C:\virus\10.rar ?RAR ?comi.dll - Win32/Spy.Banker.CKW trojan
C:\virus\10.rar ?RAR ?bot.dll - is OK
C:\virus\10.rar ?RAR ?mssys32.exe - Win32/Spy.Banker.CKW trojan
C:\virus\10.rar ?RAR ?file_2.exe ?NSIS ?System.dll - is OK
C:\virus\10.rar ?RAR ?file_2.exe ?NSIS ?install.ico - is OK
C:\virus\10.rar ?RAR ?file_2.exe ?NSIS ?olesupport.exe - Win32/TrojanDownloader.Agent.NPU trojan
C:\virus\10.rar ?RAR ?file_2.exe ?NSIS ?imex.bat - is OK
C:\virus\10.rar ?RAR ?file_2.exe ?NSIS ?NSISdl.dll - is OK
C:\virus\10.rar ?RAR ?svchjx.dll - Win32/TrojanDownloader.Small.CYN trojan
C:\virus\10.rar:Zone.Identifier - is OK
Number of scanned files: 15
Number of threats found: 9
Time of completion: 11:52:10 Total scanning time: 1 sec (00:00:01)
回复

举报

lengxue624
发表于 2007-8-18 12:01:48 | 显示全部楼层
为什么我扫了11只出来了
回复

举报

lengxue624
发表于 2007-8-18 12:04:01 | 显示全部楼层
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/runtime.sys: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/loadadv413.exe//PE_Patch.UPX//UPX: 检测到 木马程序 'Trojan-Downloader.Win32.LoadAdv.gen'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/loadadv413.exe//PE_Patch.UPX//UPX: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_3.exe: 检测到 木马程序 'Trojan-Downloader.Win32.Small.cyn'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_3.exe: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/svchw.exe: 检测到 木马程序 'Trojan-Downloader.Win32.Small.cyn'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/svchw.exe: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_1.exe: 检测到 木马程序 'Trojan-Downloader.Win32.Agent.brk'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_1.exe: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/comi.dll: 检测到 木马程序 'Trojan-Spy.Win32.Banker.cnx'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/comi.dll: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/bot.dll: 检测到 木马程序 'Backdoor.Win32.Small.nz'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/bot.dll: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/mssys32.exe: 检测到 木马程序 'Trojan-Spy.Win32.Banker.cnx'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/mssys32.exe: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_2.exe//data0001: 检测到 木马程序 'Trojan.Win32.FaceCodec.a'.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_2.exe//data0001: 未清除, 推迟.
2007-8-18 11:59:41        文件 C:\Documents and Settings\Administrator\桌面\10.rar/file_2.exe//data0004: 检测到 木马程序 'Trojan-Downloader.Win32.Agent.bjc'.
2007-8-18 11:59:42        文件 C:\Documents and Settings\Administrator\桌面\10.rar/svchjx.dll: 检测到 木马程序 'Trojan-Downloader.Win32.Small.cyn'.
2007-8-18 11:59:42        文件 C:\Documents and Settings\Administrator\桌面\10.rar/svchjx.dll: 未清除, 推迟.
2007-8-18 11:59:42        文件 c:\documents and settings\administrator\桌面\10.rar/runtime.sys: 检测到 木马程序 'Rootkit.Win32.Agent.dw'.
2007-8-18 11:59:46        文件 c:\documents and settings\administrator\桌面\10.rar/runtime.sys: 删除.
2007-8-18 11:59:46        文件 c:\documents and settings\administrator\桌面\10.rar/loadadv413.exe//PE_Patch.UPX//UPX: 检测到 木马程序 'Trojan-Downloader.Win32.LoadAdv.gen'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/loadadv413.exe: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_3.exe: 检测到 木马程序 'Trojan-Downloader.Win32.Small.cyn'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_3.exe: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/svchw.exe: 检测到 木马程序 'Trojan-Downloader.Win32.Small.cyn'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/svchw.exe: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_1.exe: 检测到 木马程序 'Trojan-Downloader.Win32.Agent.brk'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_1.exe: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/comi.dll: 检测到 木马程序 'Trojan-Spy.Win32.Banker.cnx'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/comi.dll: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/bot.dll: 检测到 木马程序 'Backdoor.Win32.Small.nz'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/bot.dll: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/mssys32.exe: 检测到 木马程序 'Trojan-Spy.Win32.Banker.cnx'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/mssys32.exe: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_2.exe//data0001: 检测到 木马程序 'Trojan.Win32.FaceCodec.a'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_2.exe//data0004: 检测到 木马程序 'Trojan-Downloader.Win32.Agent.bjc'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/file_2.exe: 删除.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/svchjx.dll: 检测到 木马程序 'Trojan-Downloader.Win32.Small.cyn'.
2007-8-18 11:59:50        文件 c:\documents and settings\administrator\桌面\10.rar/svchjx.dll: 删除.
回复

举报

yurius
发表于 2007-8-18 12:26:10 | 显示全部楼层
[Scan path] C:\virus\10.rar
>C:\virus\10.rar\runtime.sys infected with BackDoor.Bulknet
>>C:\virus\10.rar\loadadv413.exe infected with Trojan.DownLoader.28737
>>C:\virus\10.rar\file_3.exe infected with Trojan.Proxy.1999
>>C:\virus\10.rar\svchw.exe infected with Trojan.Proxy.1999
>>C:\virus\10.rar\file_1.exe infected with BackDoor.Bulknet
>>>C:\virus\10.rar\comi.dll infected with Trojan.PWS.Banker.9983
>>>C:\virus\10.rar\bot.dll infected with Win32.HLLM.MyDoom.110
>>>C:\virus\10.rar\mssys32.exe infected with Trojan.PWS.Banker.10029
>>>>>C:\virus\10.rar\file_2.exe\data001 - Ok
>>>>>C:\virus\10.rar\file_2.exe\data002 - Ok
>>>>>C:\virus\10.rar\file_2.exe\data003 is adware program Adware.BusMedia.46
>>>>>C:\virus\10.rar\file_2.exe\data004 - Ok
>>>>>C:\virus\10.rar\file_2.exe\data005 - Ok
>C:\virus\10.rar\file_2.exe - archive contains infected objects
>C:\virus\10.rar\svchjx.dll infected with Trojan.DownLoader.14310
C:\virus\10.rar - archive contains infected objects
C:\virus\10.rar:Zone.Identifier - Ok
回复

举报

Love=卡巴+费尔
发表于 2007-8-18 13:51:18 | 显示全部楼层
Panda

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

woai_jolin
发表于 2007-8-18 13:53:26 | 显示全部楼层
BitDefender Log File
Product : Bitdefender Internet Security
Version : BitDefender UIScanner v.11
Log date : 13:53:25 18/08/2007
Log path : C:\Documents and Settings\Administrator\Application Data\BitDefender\Desktop\Profiles\Logs\contextual\1187416405_9_02.xml

Scan Paths: Path0000: F:\v\10.rar


Scan Options: Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : No


Target selection options: Scan registry keys : No
Scan cookies : No
Scan boot sectors : No
Scan memory processes : No
Scan archives : Yes
Scan runtime packers : Yes
Scan email : Yes
Scan all files : No
Heuristic Scan : Yes
Scanned extenstions : (null)
Exclude extensions :  


Target Processing Default action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None


Scan engines summary Number of virus signatures : 793346
Archive plugins : 40
Email plugins : 6
Scan plugins : 12
Archive plugins : 40
System plugins : 4
Unpack plugins : 6


Overall scan summary Scanned items : 24
Infected items : 20
Suspicious items : 0
Resolved items : 0
Individual viruses found : 16
Scanned directories : 0
Scanned boot sectors : 0
Scanned archives : 2
Input-output errors : 0
Scan time : 00:00:00:04
Files per second : 6


Scanned files summary Scanned : 24
Infected : 20


Scanned processes summary Scanned : 0
Infected : 0


Scanned registry keys summary Scanned : 0
Infected : 0


Scanned cookies summary Scanned : 0
Infected : 0


Remaining issues:Object Name Threat Name  Final Status


Resolved issues:Object Name Threat Name  Final Status
F:\v\10.rar DeepScan:Generic.Zlob.7.D4B41E4D Deleted
F:\v\10.rar Generic.Malware.dld!!.B528E0D7 Deleted
F:\v\10.rar Rootkit.Agent.GK Deleted
F:\v\10.rar Trojan.Agent.ABJF Deleted
F:\v\10.rar Trojan.Downloader.Agent.BRK Deleted
F:\v\10.rar Trojan.Downloader.Loadadv.AL Deleted
F:\v\10.rar Trojan.Downloader.Small.CYN Deleted
F:\v\10.rar Trojan.Downloader.Small.CYN Deleted
F:\v\10.rar Trojan.Spy.Banker.CNX Deleted
F:\v\10.rar Trojan.Spy.Banker.CNX Deleted
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-22 08:19 , Processed in 0.135928 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表