[病毒样本] 26x

显示全部楼层 · 发表于 2008-4-2 16:48:49

我下载了，怎么都是txt文本文件啊。

显示全部楼层 · 发表于 2008-4-2 16:54:44

问下楼主这两个文件各有多少病毒？我想检验几款杀软。谢谢！

显示全部楼层 · 发表于 2008-4-2 16:59:01

自己算算看不就知道了？
反正两包加起来是26，每包几个我没去留意

显示全部楼层 · 发表于 2008-4-2 16:59:31

[Found downloader] <W32/Downloader!ed9c (exact)> C:\test\fff\loadkl\loadkl.txt
[Found security risk] <W32/Backdoor.BVZK (exact)> C:\test\fff\loadkl\null.txt
[Found backdoor] <W32/Backdoor2.YDV (exact)> C:\test\fff\loadkl\pt.txt
[Found security risk] <W32/Backdoor.BVZK (exact)> C:\test\fff\loadkl\tool3.txt
[Found downloader] <W32/Downldr2.BDTZ (exact)> C:\test\fff\loadkl\tool5.txt
[Found security risk] <W32/Backdoor.BVZK (exact)> C:\test\fff\loadkl\toolbar.txt
[Found security risk] <W32/Backdoor.BVZK (exact)> C:\test\fff\loadkl\toolbar1.txt
[Found possible security risk] <W32/Heuristic-162!Eldorado (not disinfectable)> C:\test\fff\loadkl\us.txt->(PE-Crypt.Unopix)
[Found Trojan] <W32/Trojan2.AFTO (exact)> C:\test\fff\clicker\clicker.txt
[Found Trojan] <W32/Trojan.SSN (exact)> C:\test\fff\clicker\it_null.txt->(UPX)
[Found password stealer] <W32/Sinowal.DC (exact)> C:\test\fff\clicker\kl.txt
[Found possible security risk] <W32/Heuristic-MU3!Eldorado (damaged, not disinfectable)> C:\test\fff\clicker\loadcodec.txt->(embedded)

显示全部楼层 · 发表于 2008-4-2 16:59:34

Starting the file scan:

Begin scan in 'E:\loadkl.zip'
E:\loadkl.zip
  [0] Archive type: ZIP
  --> loadkl.txt
   [DETECTION] Is the Trojan horse TR/Dldr.JJPT
  --> null.txt
   [DETECTION] Is the Trojan horse TR/Tiny.705
  --> pt.txt
   [DETECTION] Is the Trojan horse TR/Drop.Rootkit.O
  --> se.txt
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> tool3.txt
   [DETECTION] Is the Trojan horse TR/Tiny.705
  --> tool31.txt
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> tool5.txt
   [DETECTION] Is the Trojan horse TR/Crypt.FSPM.Gen
  --> toolbar.txt
   [DETECTION] Is the Trojan horse TR/Tiny.705
  --> toolbar1.txt
   [DETECTION] Is the Trojan horse TR/Tiny.705
   [INFO]    The file was deleted!
Begin scan in 'E:\clicker.zip'
E:\clicker.zip
  [0] Archive type: ZIP
  --> clicker.txt
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> cn.txt
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> cy.txt
   [DETECTION] Is the Trojan horse TR/Spy.ZBot.arf
  --> ddos.txt
   [DETECTION] Is the Trojan horse TR/Pakes.clz
  --> de.txt
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> es.txt
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> it.txt
   [DETECTION] Contains suspicious code HEUR/Malware
  --> it_null.txt
   [DETECTION] Is the Trojan horse TR/Drop.Agent.cbl.2
  --> kl.txt
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Sinowal.AG Backdoor server programs
  --> loadcodec.txt
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
   [INFO]    The file was deleted!

End of the scan: 2008年4月2日  17:01
Used time: 00:23 min

The scan has been done completely.

   0 Scanning directories
   28 Files were scanned
   17 viruses and/or unwanted programs were found
   2 Files were classified as suspicious:
   2 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   11 Files not concerned
   2 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-2 17:00:58

clicker.zip这个不是病毒吧，里面都是txt文件，红伞一个都不报。

显示全部楼层 · 发表于 2008-4-2 17:04:12

哎...

信息 2008-04-02  17:04:00 您此次查毒清除了10个病毒
信息 2008-04-02  17:04:00 您此次查毒共查出10个病毒以及危险代码
信息 2008-04-02  17:04:00 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件39个
信息 2008-04-02  17:04:00 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-04-02  17:04:00 D:\Desktop\loadkl.zip\toolbar1.txt Win32.Troj.Agent.20480 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\loadkl.zip\toolbar.txt Win32.Troj.Agent.20480 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\loadkl.zip\tool5.txt Win32.TrojDownloader.Small.4608 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\loadkl.zip\tool3.txt Win32.Troj.Agent.20480 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\loadkl.zip\null.txt Win32.Troj.Agent.20480 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\loadkl.zip\loadkl.txt Win32.TrojDownloader.Small.7168 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\clicker.zip\loadcodec.txt Win32.TrojDownloader.Delf.233495 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\clicker.zip\kl.txt Win32.Hack.Agent.308016 清除成功
病毒 2008-04-02  17:04:00 D:\Desktop\clicker.zip\it_null.txt Win32.Troj.Dialer.ri.10382 清除成功
病毒 2008-04-02  17:03:59 D:\Desktop\clicker.zip\cn1.txt Win32.Troj.AgentT.eg.37376 清除成功

显示全部楼层 · 发表于 2008-4-2 17:04:51

3806551  au.txt  60 KB  MALWARE
3806552  cn1.txt  11 KB  MALWARE
3806553  gb.txt  79 KB  MALWARE
3806554  leeman.txt  12.5 KB  MALWARE
3806555  nz.txt  8.5 KB  MALWARE
3806529  se_exe.txt  325.17 KB  MALWARE
3806556  us.txt  28.41 KB  MALWARE

The file 'de.txt' has been determined to be 'MALWARE'.
Our analysts discovered that the file is a Trojan. In general this kind of programs contains harmful functionality called payload. Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Crypted.

The file 'it.txt' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates

[ 本帖最后由 Exia 于 2008-4-3 16:33 编辑 ]

显示全部楼层 · 发表于 2008-4-2 17:04:58

后缀写什么你就信什么呀...

再说不觉得作为 txt 他们稍微大了点么

[病毒样本] 26x

本帖子中包含更多资源

回复 3楼为你等候的帖子

12

19

回复 7楼 geforce 的帖子

[病毒样本] 26x

本帖子中包含更多资源

回复 3楼 为你等候 的帖子

12

19

回复 7楼 geforce 的帖子

回复 3楼为你等候的帖子