收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 一窝22ge,md5内
12下一页
返回列表 发新帖
查看: 3212|回复: 18
收起左侧

[病毒样本] 一窝22ge,md5内

[复制链接]
zane_xzz
发表于 2007-9-6 09:10:12 | 显示全部楼层 |阅读模式
[MD5: A17604 60703D DC154B 5933A6 DE0728 23AE66 D3825B 288668 A3A813 6A71C7 342DB5 9C5C10 B0062A 4575DD D0BD7B 1CE373 E29166 014EC3 525171 8E1BE4 BD97AA 1211A0]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

东京时空
头像被屏蔽
发表于 2007-9-6 09:12:54 | 显示全部楼层
我倒现在还不知道拦截忽略以后怎么才能下载到硬盘上。!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

红心王子
发表于 2007-9-6 09:14:39 | 显示全部楼层
江民杀毒软件报告文件

        北京江民新科技术有限公司

        扫描引擎 11.00.700
        病毒库日期 2007-09-05
        更新日期 2007-09-06

扫描目标 C:\Documents and Settings\Administrator\桌面\新建文件夹\

开始时间 2007-09-06 09:13:58

在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\0.exe 中发现 Trojan/PSW.Delf.ahk 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\1.exe 中发现 Trojan/StartPage.aej 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\10.exe 中发现 TrojanSpy.Delf.akt 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\11.exe 中发现 Trojan/PSW.OnLineGames.fev 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\13.exe 中发现 Trojan/PSW.GamePass.uox 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\14.exe 中发现 Trojan/PSW.OnLineGames.etv 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\18.exe 中发现 Trojan/Agent.ori 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\19.exe 中发现 Backdoor/Delf.bfy 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\2.exe 中发现 Trojan/PSW.GamePass.xyw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\4.exe 中发现 Trojan/PSW.OnLineGames.fem 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\5.exe 中发现 Trojan/Agent.org 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\6.exe 中发现 Trojan/Agent.ord 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\7.exe 中发现 Trojan/PSW.GamePass.xwd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\8.exe 中发现 TrojanDownloader.Agent.oky 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹\桌面\9.exe 中发现 Trojan/PSW.Agent.dxj 病毒, 已删除
正常结束。

扫描结果:
                 文件数 :474                                 病毒体 :15        
                   删除 :15                                    解毒 :0         
    扫描速度(千字节/秒) :13166                             扫描时间 :00:00:09
    扫描文件速度(个/秒) :52
回复

举报

wangjay1980
发表于 2007-9-6 09:20:07 | 显示全部楼层
detected: virus Worm.Win32.QQPass.a        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\0.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan.Win32.StartPage.apw        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\1.exe//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.blb        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\10.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bka        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\11.exe//FSG
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bov        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\12.exe//UPX
detected: Trojan program Trojan-Downloader.Win32.Small.czl        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\13.exe//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.adn        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\14.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.Delf.zn        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\15.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bmj        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\18.exe//UPack
detected: Trojan program Backdoor.Win32.Delf.awy        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\19.exe
detected: Trojan program Trojan-PSW.Win32.WOW.uv        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\2.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bou        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\20.exe//UPack
detected: Trojan program Trojan-PSW.Win32.Delf.zm        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\3.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bjl        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\4.exe
detected: Trojan program Trojan-Spy.Win32.Delf.acg        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\5.exe//UPack
detected: Trojan program Trojan-Spy.Win32.Delf.ace        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\6.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ben        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\7.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Spy.Win32.Delf.abi        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\8.exe
detected: Trojan program Trojan-PSW.Win32.Delf.zn        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\9.exe//UPack
回复

举报

ssy275
发表于 2007-9-6 09:50:22 | 显示全部楼层
21个
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\0.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TROJ_GENERIC.APC","C:\Documents and Settings\ssy\桌面\1\桌面\1.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TSPY_ONLINEG.GCJ","C:\Documents and Settings\ssy\桌面\1\桌面\10.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TSPY_ONLINEG.BTO","C:\Documents and Settings\ssy\桌面\1\桌面\11.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\12.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TROJ_GENERIC.APC","C:\Documents and Settings\ssy\桌面\1\桌面\13.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TSPY_LEGMIR.BZC","C:\Documents and Settings\ssy\桌面\1\桌面\14.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\15.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\16.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\17.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\18.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\2.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\20.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\21.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\3.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TSPY_ONLINEG.GDJ","C:\Documents and Settings\ssy\桌面\1\桌面\4.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\5.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\6.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TSPY_ONLINEG.CZL","C:\Documents and Settings\ssy\桌面\1\桌面\7.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","TSPY_ONLINEG.GCJ","C:\Documents and Settings\ssy\桌面\1\桌面\8.exe","清除 失败","隔离 成功"
"09:47","文件监控","文件","PACKER-GEN.001","C:\Documents and Settings\ssy\桌面\1\桌面\9.exe","清除 失败","隔离 成功"
回复

举报

mofunzone
发表于 2007-9-6 09:58:45 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\桌面'
C:\Documents and Settings\Administrator\My Documents\桌面\
  0.exe
      [DETECTION] Contains detection pattern of the worm WORM/QQPass.A
      [INFO]      The file was deleted!
  1.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was deleted!
  10.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.blb.4
      [INFO]      The file was deleted!
  11.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  12.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [INFO]      The file was deleted!
  13.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
      [INFO]      The file was deleted!
  14.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [INFO]      The file was deleted!
  15.exe
      [DETECTION] Is the Trojan horse TR/Agent.12964
      [INFO]      The file was deleted!
  16.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '470d5efc.qua'!
  17.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '470d5efd.qua'!
  18.exe
      [DETECTION] Is the Trojan horse TR/Agent.12580
      [INFO]      The file was deleted!
  19.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was deleted!
  2.exe
      [DETECTION] Is the Trojan horse TR/PSW.WOW.UV
      [INFO]      The file was deleted!
  20.exe
      [DETECTION] Is the Trojan horse TR/Agent.11800
      [INFO]      The file was deleted!
  21.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '470d5ef8.qua'!
  3.exe
      [DETECTION] Is the Trojan horse TR/Agent.12716
      [INFO]      The file was deleted!
  4.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.bjl.5
      [INFO]      The file was deleted!
  5.exe
      [DETECTION] Is the Trojan horse TR/Agent.13496
      [INFO]      The file was deleted!
  6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.ace.1
      [INFO]      The file was deleted!
  7.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
      [INFO]      The file was deleted!
  8.exe
      [DETECTION] Is the Trojan horse TR/Agent.11112
      [INFO]      The file was deleted!
  9.exe
      [DETECTION] Is the Trojan horse TR/Agent.13023
      [INFO]      The file was deleted!


End of the scan: 2007年9月5日  18:58
Used time: 00:04 min

The scan has been done completely.

      1 Scanning directories
     22 Files were scanned
     19 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
     19 files were deleted
      0 files were repaired
      3 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      3 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes
回复

举报

tracydk
发表于 2007-9-6 10:00:55 | 显示全部楼层
原帖由 <i>东京时空</i> 于 2007-9-6 09:12 发表 <a href="http://bbs.kafan.cn/redirect.php?goto=findpost&pid=1672496&ptid=127016" target="_blank"><img src="http://bbs.kafan.cn/images/common/back.gif" border="0" onclick="zoom(this)" onload="attachimg(this, 'load')" alt="" /></a><br />
我倒现在还不知道拦截忽略以后怎么才能下载到硬盘上。!<img src="images/smilies/default/14.gif" smilieid="14" border="0" alt="" />
<br />
把网页监控关了下下来查毒
回复

举报

capsshift
发表于 2007-9-6 10:04:45 | 显示全部楼层
原帖由 tracydk 于 2007-9-6 10:00 发表

把网页监控关了下下来查毒

既然已经拦住了,就用不着测试了,我喜欢那种能同时过红伞和微点的,那才叫厉害。
回复

举报

qqq000@qq.com
头像被屏蔽
发表于 2007-9-6 11:00:48 | 显示全部楼层
[凝逸反毒] (http://hi.baidu.com/503165656)

       [凝逸.扫描病毒引擎-日志]       2007.9.6 11:0:11

文件:F:\070906\桌面[1]\桌面\0.exe | 感染:Win32.HLLW.Autoruner.249 [410>20070830_ny0012.axx]3(1.4)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\1.exe | 感染:virus [185>20070822_ny0010.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\10.exe | 感染:virus [617>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\11.exe | 感染:virus [621>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\12.exe | 感染:virus [622>20070906_ny0013.axx]3(1.4)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\13.exe | 感染:BACKDOOR.Trojan [955>20070729_ny0001.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\14.exe | 感染:virus [334>20070824_ny0011.axx]3(5.5)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\15.exe | 感染:virus [594>20070906_ny0013.axx]3(1.5)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\16.exe | 感染:virus [647>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\17.exe | 感染:virus [627>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\18.exe | 感染:virus [651>20070906_ny0013.axx]3(2.6)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\19.exe | 感染:virus [337>20070824_ny0011.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\2.exe | 感染:Trojan.PWS.Wow [90>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\20.exe | 感染:virus [619>20070906_ny0013.axx]3(3.5)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\21.exe | 感染:virus [687>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\3.exe | 感染:virus [653>20070906_ny0013.axx]3(2.6)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\4.exe | 感染:Trojan.PWS.Gamania.3865 [81>20070906_ny0013.axx]3(1.3)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\5.exe | 感染:virus [598>20070906_ny0013.axx]3(1.4)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\6.exe | 感染:Trojan.PWS.Gamania.3894 [96>20070906_ny0013.axx]3(1.4)
操作:删除文件
回复

举报

qqq000@qq.com
头像被屏蔽
发表于 2007-9-6 11:01:07 | 显示全部楼层
文件:F:\070906\桌面[1]\桌面\7.exe | 感染:Trojan.PWS.Gamania.3585 [369>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\8.exe | 感染:virus [613>20070906_ny0013.axx]3(1.4)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\9.exe | 感染:virus [595>20070906_ny0013.axx]3(1.3)
操作:删除文件

扫描完成|病毒:22 文件:22|耗时:12018
----------
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-11 19:10 , Processed in 0.137134 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表