东方卫士网站发现病毒大汇总３０个,新挂的（感谢刺猬及江民版主）

显示全部楼层 · 发表于 2007-12-10 13:20:58

目前统计结果：３０个打包压缩

１个下载地址失效：http://www.68yu.cn/7.exe　

ＰＳ：谁试试7.exe这个网址，我下载不了

[ 本帖最后由绅博周幸于 2007-12-10 13:28 编辑 ]

显示全部楼层 · 发表于 2007-12-10 13:21:57

Starting the file scan:

Begin scan in 'C:\Users\Xing\Desktop\Downloads\Downloads.rar'
C:\Users\Xing\Desktop\Downloads\Downloads.rar
  [0] Archive type: RAR
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> 001[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.iqw
  --> 002[1].htm
   [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.C
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLi.iiu.1.A
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/PSW.27648.5
  --> 8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jpv.1
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ana
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.acd
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.22884
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jro
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jti.5
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> 20.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 21.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.blm.3
  --> 22.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.joj.5
  --> 23.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jtq
  --> 24.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 25.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jjr
  --> 68down.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> news_1[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen
  --> t.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.45056
  --> xx.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [WARNING] The file was ignored!

End of the scan: 2007年12月9日  21:19
Used time: 00:17 min

The scan has been done completely.

   0 Scanning directories
   31 Files were scanned
   28 viruses and/or unwanted programs were found
   2 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

２８＋２，红伞全灭

显示全部楼层 · 发表于 2007-12-10 13:23:17

30个？今天一天就挂了这么多？
还是以前到现在的总体数目

显示全部楼层 · 发表于 2007-12-10 13:27:31

原帖由 pluto1313 于 2007-12-10 13:23 发表
30个？今天一天就挂了这么多？
还是以前到现在的总体数目

新挂的，其中的下载者应该还能拉出些病毒样本

显示全部楼层 · 发表于 2007-12-10 13:28:20

NOD32报26个

显示全部楼层 · 发表于 2007-12-10 13:31:17

７那个样本能下否？？？？？？？？？？？？？？？？？？？？？？？？

显示全部楼层 · 发表于 2007-12-10 13:32:34

2007-12-10 13:29:23 No Action Taken I:\hanxiaojun\Downloads.rar\1.EXE\00000c80.EXE New Malware.aj(Trojan)
2007-12-10 13:29:23 No Action Taken I:\hanxiaojun\Downloads.rar\2.EXE\2.EXE\00003260.EXE PWS-OnlineGames.v.dll(Trojan)
2007-12-10 13:29:24 No Action Taken I:\hanxiaojun\Downloads.rar\3.EXE New Malware.aj(Trojan)
2007-12-10 13:29:24 No Action Taken I:\hanxiaojun\Downloads.rar\4.EXE New Malware.n(Trojan)
2007-12-10 13:29:26 No Action Taken I:\hanxiaojun\Downloads.rar\5.EXE New Malware.aj(Trojan)
2007-12-10 13:29:28 No Action Taken I:\hanxiaojun\Downloads.rar\6.EXE New Malware.aj(Trojan)
2007-12-10 13:29:29 No Action Taken I:\hanxiaojun\Downloads.rar\8.EXE New Malware.aj(Trojan)
2007-12-10 13:29:31 No Action Taken I:\hanxiaojun\Downloads.rar\9.EXE New Malware.aj(Trojan)
2007-12-10 13:29:32 No Action Taken I:\hanxiaojun\Downloads.rar\10.EXE New Malware.aj(Trojan)
2007-12-10 13:29:33 No Action Taken I:\hanxiaojun\Downloads.rar\11.EXE\11.EXE\0000b6d4.EXE PWS-LegMir(Trojan)
2007-12-10 13:29:33 No Action Taken I:\hanxiaojun\Downloads.rar\12.EXE\12.EXE\0000a4f8.EXE PWS-QQGame(Trojan)
2007-12-10 13:29:34 No Action Taken I:\hanxiaojun\Downloads.rar\13.EXE New Malware.aj(Trojan)
2007-12-10 13:29:35 No Action Taken I:\hanxiaojun\Downloads.rar\14.EXE\14.EXE\0000630c.EXE PWS-OnlineGames.i(Trojan)
2007-12-10 13:29:35 No Action Taken I:\hanxiaojun\Downloads.rar\15.EXE New Malware.n(Trojan)
2007-12-10 13:29:35 No Action Taken I:\hanxiaojun\Downloads.rar\16.EXE New Malware.n(Trojan)
2007-12-10 13:29:36 No Action Taken I:\hanxiaojun\Downloads.rar\17.EXE New Malware.aj(Trojan)
2007-12-10 13:29:36 No Action Taken I:\hanxiaojun\Downloads.rar\18.EXE\18.EXE\0000f64c.EXE PWS-LegMir.dll(Trojan)
2007-12-10 13:29:38 No Action Taken I:\hanxiaojun\Downloads.rar\19.EXE\19.EXE\0000a200.EXE Generic BackDoor(Trojan)
2007-12-10 13:29:38 No Action Taken I:\hanxiaojun\Downloads.rar\20.EXE Downloader.gen.a(Trojan)
2007-12-10 13:29:38 No Action Taken I:\hanxiaojun\Downloads.rar\21.EXE\00004ce0.EXE Generic Downloader.ab(Trojan)
2007-12-10 13:29:39 No Action Taken I:\hanxiaojun\Downloads.rar\22.EXE New Malware.aj(Trojan)
2007-12-10 13:29:40 No Action Taken I:\hanxiaojun\Downloads.rar\23.EXE New Malware.aj(Trojan)
2007-12-10 13:29:40 No Action Taken I:\hanxiaojun\Downloads.rar\24.EXE New Malware.n(Trojan)
2007-12-10 13:29:40 No Action Taken I:\hanxiaojun\Downloads.rar\25.EXE New Malware.n(Trojan)
2007-12-10 13:29:43 No Action Taken I:\hanxiaojun\Downloads.rar\68DOWN.EXE New Malware.aj(Trojan)
2007-12-10 13:29:43 No Action Taken I:\hanxiaojun\Downloads.rar\T.EXE New Malware.aq(Trojan)
2007-12-10 13:29:45 No Action Taken I:\hanxiaojun\Downloads.rar\XX.EXE New Malware.aj(Trojan)

显示全部楼层 · 发表于 2007-12-10 13:33:58

deleted: Trojan program Trojan-PSW.Win32.OnLineGames.kap File: I:\hanxiaojun\Downloads.rar/1.exe
deleted: Trojan program Trojan-Downloader.VBS.Agent.hn File: I:\hanxiaojun\Downloads.rar/001[1].htm
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jnr File: I:\hanxiaojun\Downloads.rar/2.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Downloads.rar/3.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jzr File: I:\hanxiaojun\Downloads.rar/4.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Downloads.rar/5.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Downloads.rar/6.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Downloads.rar/8.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Downloads.rar/9.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Downloads.rar/10.exe
deleted: Trojan program Trojan-PSW.Win32.Lmir.boy File: I:\hanxiaojun\Downloads.rar/11.exe//ASPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.ana File: I:\hanxiaojun\Downloads.rar/12.exe//UPX
deleted: virus Heur.Trojan.PSW File: I:\hanxiaojun\Downloads.rar/13.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.iys File: I:\hanxiaojun\Downloads.rar/14.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jtw File: I:\hanxiaojun\Downloads.rar/15.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jqt File: I:\hanxiaojun\Downloads.rar/16.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jti File: I:\hanxiaojun\Downloads.rar/17.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hfr File: I:\hanxiaojun\Downloads.rar/18.exe//ASPack
deleted: Trojan program Backdoor.Win32.Delf.awy File: I:\hanxiaojun\Downloads.rar/19.exe//FSG
deleted: Trojan program Trojan-Downloader.Win32.Delf.aas File: I:\hanxiaojun\Downloads.rar/20.exe//UPX
deleted: Trojan program Trojan-Downloader.Win32.Agent.blm File: I:\hanxiaojun\Downloads.rar/21.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.joj File: I:\hanxiaojun\Downloads.rar/22.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jtq File: I:\hanxiaojun\Downloads.rar/23.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jtu File: I:\hanxiaojun\Downloads.rar/24.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.kbk File: I:\hanxiaojun\Downloads.rar/25.exe//UPack
deleted: virus Worm.Win32.Downloader.cg File: I:\hanxiaojun\Downloads.rar/68down.exe//PE_Patch//UPack
deleted: virus Worm.Win32.Downloader.bd File: I:\hanxiaojun\Downloads.rar/t.exe//NSPack
deleted: virus Worm.Win32.Downloader.cn File: I:\hanxiaojun\Downloads.rar/xx.exe//PE_Patch//UPack//#

显示全部楼层 · 发表于 2007-12-10 13:40:56

原帖由 绅博周幸 于 2007-12-10 13:31 发表
７那个样本能下否？？？？？？？？？？？？？？？？？？？？？？？？

2007-12-10 13:39:32 开始连接......
2007-12-10 13:39:32 开始搜索候选资源......
2007-12-10 13:39:33 没搜索到候选资源，稍后重试搜索
2007-12-10 13:39:40 原始资源连接失败
2007-12-10 13:39:40 下载失败
$SO

显示全部楼层 · 发表于 2007-12-10 14:22:09

小A29个

[病毒样本] 东方卫士网站发现病毒大汇总３０个,新挂的（感谢刺猬及江民版主）

本帖子中包含更多资源

浏览过的版块