毒网``

显示全部楼层 · 发表于 2007-8-25 08:50:01

hXXp://ora.3168a.com/S168/S168.exe

这个是主体``哈哈

其他的:

抓包获得其他木马列表:

Http://okb.9168a.com/Sex/1.exe

把1.exe换成1-16.exe

哈哈``

第一个1.exe比较有看头,关瑞星,过卡吧主动``

显示全部楼层 · 发表于 2007-8-25 09:01:50

7和8挂掉了
别的nod全杀
飘走

显示全部楼层 · 发表于 2007-8-25 09:08:37

东西打包扔上来 MD5就不是我的事了

显示全部楼层 · 发表于 2007-8-25 09:15:51

已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/1.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/10.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/11.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/12.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/13.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/14.exe//PE_Patch
已删除: 病毒 Heur.Invader (变种) 文件: F:\病毒样本\Archive.zip/15.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/16.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.afz 文件: F:\病毒样本\Archive.zip/2.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/3.exe//PE_Patch
已删除: 木马程序 Trojan-Downloader.Win32.Agent.bek 文件: F:\病毒样本\Archive.zip/4.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aci 文件: F:\病毒样本\Archive.zip/5.exe//PE_Patch
已删除: 木马程序 Trojan-Downloader.Win32.Agent.bek 文件: F:\病毒样本\Archive.zip/6.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-Downloader.Win32.Agent.bek 文件: F:\病毒样本\Archive.zip/9.exe//PE_Patch//UPack

显示全部楼层 · 发表于 2007-8-25 09:16:18

Start of the scan: 2007年8月25日  09:15

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\Archive.zip
  [0] Archive type: ZIP
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/PSW.13312.24
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aci.14
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 15.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> S168.exe
   [DETECTION] Is the Trojan horse TR/Autorun.BK
   [INFO]    The file was deleted!

End of the scan: 2007年8月25日  09:15
Used time: 00:15 min

The scan has been done completely.

   1 Scanning directories
   16 Files were scanned
   15 viruses and/or unwanted programs were found
   1 classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-8-25 09:23:55

2007-8-25 9:23:34 Scanning Log
2007-8-25 9:23:34 Version of virus signature database: 2483 (20070824)
2007-8-25 9:23:34 Date: 25.8.2007 Time: 09:23:34
2007-8-25 9:23:34 Scanned disks, folders and files: D:\Documents and Settings\EKINCHENG\桌面\Archive.zip
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 1.exe - probably unknown NewHeur_PE virus [7]
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 10.exe - probably a variant of Win32/Genetik trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 11.exe - probably a variant of Win32/Genetik trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 12.exe - probably a variant of Win32/Genetik trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 13.exe - probably a variant of Win32/Genetik trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 14.exe - probably a variant of Win32/PSW.OnLineGames.NDV trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 15.exe - probably unknown NewHeur_PE virus [7]
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 16.exe - probably unknown NewHeur_PE virus [7]
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 2.exe - probably a variant of Win32/PSW.Agent.NDP trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 3.exe - probably a variant of Win32/Genetik trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 4.exe - probably unknown NewHeur_PE virus [7]
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 5.exe - probably a variant of Win32/PSW.OnLineGames.NDV trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 6.exe - probably a variant of Win32/PSW.OnLineGames.NDV trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » 9.exe - probably a variant of Win32/Genetik trojan
2007-8-25 9:23:38 D:\Documents and Settings\EKINCHENG\桌面\Archive.zip » ZIP » S168.exe - a variant of Win32/PSW.OnLineGames.NBR trojan
2007-8-25 9:23:38 Number of scanned files: 16
2007-8-25 9:23:38 Number of threats found: 15
2007-8-25 9:23:38 Time of completion: 09:23:38 Total scanning time: 4 sec (00:00:04)
2007-8-25 9:23:38
2007-8-25 9:23:38 Notes:
2007-8-25 9:23:38 [7] File is probably infected with an unknown virus.

显示全部楼层 · 发表于 2007-8-25 09:42:23

老鹰通杀，就不抓图了

显示全部楼层 · 发表于 2007-8-25 09:51:12

听楼主说的这么厉害,就不上去看了,怕怕!

显示全部楼层 · 发表于 2007-8-25 10:03:53

C:\virus\Archive.zip OK
C:\virus\Archive.zip=>1.exe Infected: Generic.PWS.Games.1.F34AD375
C:\virus\Archive.zip=>1.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>10.exe Infected: Generic.Onlinegames.3.9DC9C42E
C:\virus\Archive.zip=>10.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>11.exe Infected: Generic.Onlinegames.3.D4C07617
C:\virus\Archive.zip=>11.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>12.exe Infected: Generic.Onlinegames.3.74FF86D2
C:\virus\Archive.zip=>12.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>13.exe Infected: Generic.PWS.Games.2.A02AFC7B
C:\virus\Archive.zip=>13.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>14.exe Infected: Generic.Onlinegames.3.F6E68E8B
C:\virus\Archive.zip=>14.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>15.exe Infected: Generic.PWS.Games.2.2E32D55E
C:\virus\Archive.zip=>15.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>16.exe Infected: Generic.Onlinegames.3.FBDFA2EF
C:\virus\Archive.zip=>16.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>2.exe Infected: Generic.PWS.Games.1.A7AABECC
C:\virus\Archive.zip=>2.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>3.exe Infected: Generic.Onlinegames.3.5D9AA3C1
C:\virus\Archive.zip=>3.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>4.exe Infected: Generic.Onlinegames.3.7E419CCA
C:\virus\Archive.zip=>4.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>5.exe Infected: Generic.Onlinegames.3.AF0D7EC5
C:\virus\Archive.zip=>5.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>6.exe Infected: Generic.Onlinegames.3.46FC5A1B
C:\virus\Archive.zip=>6.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>9.exe Infected: Generic.Onlinegames.3.07DDEFD2
C:\virus\Archive.zip=>9.exe Deleted
C:\virus\Archive.zip Archive repacking successfully completed (actions successfully applied)
C:\virus\Archive.zip=>S168.exe OK
C:\virus\Archive.zip=>:Zone.Identifier OK

显示全部楼层 · 发表于 2007-8-25 10:07:35

熊猫卫士不让下载~~~~~~~~~~····

[病毒样本] 毒网``

本帖子中包含更多资源

红伞报!

浏览过的版块