收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 番茄每日精选 20080621 附PC安全实验室手册
123
返回列表 发新帖
楼主: lanvin
 收起左侧

[病毒样本] 番茄每日精选 20080621 附PC安全实验室手册

[复制链接]
hum
发表于 2008-6-21 17:35:16 | 显示全部楼层
Symantec
21
回复

举报

欠妳緈諨
发表于 2008-6-21 19:42:45 | 显示全部楼层
IKARUS清空
D:\virus\20080621.zip:\20080621\XX_333.exe - 特征码 'Packed.Win32.Klone.af' 被发现
D:\virus\20080621.zip:\20080621\XX_336.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
D:\virus\20080621.zip:\20080621\XX_369.exe - 特征码 'Backdoor.Win32.Rbot.bpb' 被发现
D:\virus\20080621.zip:\20080621\XX_372.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.aanw' 被发现
D:\virus\20080621.zip:\20080621\XX_373.exe - 特征码 'Virus.Win32.OnLineGames.CYD' 被发现
D:\virus\20080621.zip:\20080621\XX_375.exe - 特征码 'Trojan-Dropper.Vb.ABT' 被发现
D:\virus\20080621.zip:\20080621\XX_376.exe - 特征码 'Backdoor.Win32.PcClient.df' 被发现
D:\virus\20080621.zip:\20080621\XX_377.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
D:\virus\20080621.zip:\20080621\XX_380.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\virus\20080621.zip:\20080621\XX_381.exe - 特征码 'Backdoor.Win32.PcClient.yw' 被发现
D:\virus\20080621.zip:\20080621\XX_383.exe - 特征码 'Backdoor.Win32.PoisonIvy.ay' 被发现
D:\virus\20080621.zip:\20080621\XX_387.exe - 特征码 'Trojan.Peed' 被发现
D:\virus\20080621.zip:\20080621\XX_388.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\virus\20080621.zip:\20080621\XX_390.exe - 特征码 'Trojan-Dropper.Vb.AQH' 被发现
D:\virus\20080621.zip:\20080621\XX_391.exe - 特征码 'Trojan-PWS.OnlineGames.NVI' 被发现
D:\virus\20080621.zip:\20080621\XX_394.exe - 特征码 'Trojan-Spy.Win32.Agent.acn' 被发现
D:\virus\20080621.zip:\20080621\XX_400.exe - 特征码 'Virus.Trojan.Win32.Buzus.fjh' 被发现
D:\virus\20080621.zip:\20080621\XX_402.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\virus\20080621.zip:\20080621\XX_407.exe - 特征码 'Backdoor.Win32.Rbot.aeu' 被发现
D:\virus\20080621.zip:\20080621\XX_409.exe - 特征码 'Trojan-Downloader.Win32.Flux.ep' 被发现
D:\virus\20080621.zip:\20080621\XX_410.exe - 特征码 'Trojan.Win32.Agent.jtr' 被发现
D:\virus\20080621.zip:\20080621\XX_411.exe - 特征码 'Trojan-Downloader.Agent.hax' 被发现
D:\virus\20080621.zip:\20080621\XX_412.exe - 特征码 'Backdoor.Win32.Bifrose.rcw' 被发现
D:\virus\20080621.zip

        24 文件被扫描
          (1 压缩档 23 文件)
        23 特征码被侦测
        0 可疑代码段被发现
        耗时: 0:00.687
回复

举报

allinwonderi
发表于 2008-6-21 22:02:12 | 显示全部楼层

F-Prot 4.4.4

[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_333.exe->(NSPack)->(PE_Patch)->(PE_Patch.MaskPE)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_336.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-210!Eldorado (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_369.exe->(Nakedpack)->(PECRC)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_372.exe
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_373.exe->(FSG)
[Found backdoor]         <W32/Backdoor2.AUCH (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_376.exe
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_377.exe
[Found downloader]         <W32/Banload.B.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_380.exe
[Found security risk]         <W32/Agent.G.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_383.exe
[Found Trojan]         <W32/Trojan2.URL (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_387.exe
[Found security risk]         <W32/AutoRun.B.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_388.exe
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_391.exe
[Found Trojan]         <W32/Trojan2.KVB (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_394.exe->(embedded)
[Found security risk]         <W32/Agent.G.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_400.exe->(embedded)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_402.exe
[Found security risk]         <W32/Nilage.gen!GSA (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_407.exe->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_409.exe->(UPack)
[Found Trojan]         <W32/Trojan2.AIBF (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_411.exe
[Found backdoor]         <W32/Backdoor2.APRY (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\20080621.zip->20080621/XX_412.exe

---------------------------------------------------------------------
Scan ended:        2008-6-21, 22:00:48
Duration:        0:00:27

Scan result:

Scanned files:                 6
Infected objects:         19
Disinfected objects:         0
Quarantined files:         0
---------------------------------------------------------------------
回复

举报

28654621
头像被屏蔽
发表于 2008-6-21 22:13:31 | 显示全部楼层
D:\download\20080621.zip>>20080621\XX_333.exe        TrojanPSW.OnLineGames.ajpn.brzq        木马        还未处理
D:\download\20080621.zip>>20080621\XX_336.exe        TrojanPSW.OnLineGames.yog.uibj        木马        还未处理
D:\download\20080621.zip>>20080621\XX_369.exe        Backdoor.Ceckno.aym.dwtf.arc        后门        还未处理
D:\download\20080621.zip>>20080621\XX_372.exe        TrojanPSW.OnLineGames.aanw.pttl        木马        还未处理
D:\download\20080621.zip>>20080621\XX_373.exe        Trojan.Cap841023.jvnq        木马        还未处理
D:\download\20080621.zip>>20080621\XX_376.exe        Backdoor.CKB.skyq        后门        还未处理
D:\download\20080621.zip>>20080621\XX_377.exe        TrojanPSW.OnLineGames.rri.fccq        木马        还未处理
D:\download\20080621.zip>>20080621\XX_380.exe        TrojanDownloader.Delf.bho.dgoh        木马        还未处理
D:\download\20080621.zip>>20080621\XX_381.exe        Trojan.PcClient.Gen.scdq        木马        还未处理
D:\download\20080621.zip>>20080621\XX_387.exe        Trojan.Brlrhe.zhuz        木马        还未处理
D:\download\20080621.zip>>20080621\XX_388.exe        Worm.AutoRun.bix.xstk        病毒        还未处理
D:\download\20080621.zip>>20080621\XX_390.exe        Trojan.Ayqliy.fsoa        木马        还未处理
D:\download\20080621.zip>>20080621\XX_391.exe        TrojanDropper.Gen.sojk        木马        还未处理
D:\download\20080621.zip>>20080621\XX_394.exe        TrojanSpy.Agent.acn.wafw        木马        还未处理
D:\download\20080621.zip>>20080621\XX_400.exe        Trojan.Buzus.fjh.sxqx        木马        还未处理
D:\download\20080621.zip>>20080621\XX_402.exe        TrojanPSW.OnLineGames.wlu.kjdk        木马        还未处理
D:\download\20080621.zip>>20080621\XX_407.exe        TrojanDownloader.Undef.jn.hell        木马        还未处理
D:\download\20080621.zip>>20080621\XX_409.exe        Backdoor.DKA.shlo        后门        还未处理
D:\download\20080621.zip>>20080621\XX_410.exe        TrojanDDos.Agent.si.ebwi        木马        还未处理
D:\download\20080621.zip>>20080621\XX_411.exe        Trojan.Inject.aed.lvaj        木马        还未处理
D:\download\20080621.zip>>20080621\XX_412.exe        Trojan.Undef.dnc.rrba        木马        还未处理

21
回复

举报

qwer9909
发表于 2008-6-21 23:04:28 | 显示全部楼层

蜘蛛19

20080621.zip\20080621/XX_333.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.1622;;
20080621.zip\20080621/XX_336.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.4601;;
20080621.zip\20080621/XX_372.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.4672;;
20080621.zip\20080621/XX_373.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.4548;;
20080621.zip\20080621/XX_376.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;BackDoor.Update.70;;
20080621.zip\20080621/XX_377.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.4293;;
20080621.zip\20080621/XX_380.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Win32.HLLW.Creater;;
20080621.zip\20080621/XX_381.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;BackDoor.PcClient;;
20080621.zip\20080621/XX_383.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;BackDoor.Poison;;
20080621.zip\20080621/XX_387.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.MulDrop.11810;;
20080621.zip\20080621/XX_388.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Win32.HLLW.Autoruner.1372;;
20080621.zip\20080621/XX_391.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.5543;;
20080621.zip\20080621/XX_400.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;BackDoor.Poison;;
20080621.zip\20080621/XX_402.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.PWS.Wsgame.4418;;
20080621.zip\20080621/XX_407.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.Hitpop;;
20080621.zip\20080621/XX_409.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.Popwin;;
20080621.zip\20080621/XX_410.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;BackDoor.Attacker;;
20080621.zip\20080621/XX_411.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.Virtumod.based.14;;
20080621.zip\20080621/XX_412.exe;C:\Documents and Settings\Administrator\桌面\20080621.zip;Trojan.MulDrop.15891;;
20080621.zip;C:\Documents and Settings\Administrator\桌面;发现压缩文件中有被感染的对象;;
回复

举报

醉一生爱妍
发表于 2008-6-21 23:11:25 | 显示全部楼层
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_333.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_336.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_372.exe - Win32/PSW.OnLineGames.OAR 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_373.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_376.exe - Win32/PcClient 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_377.exe - Win32/PSW.OnLineGames.OAR 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_380.exe - Win32/TrojanDownloader.Delf.BHO 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_383.exe - Win32/Poison 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_388.exe - 可能是 Win32/Delf.NDF 蠕虫 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_391.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_394.exe - 未查明的 NewHeur_PE 病毒 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_400.exe - Win32/Poison 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_402.exe - Win32/PSW.OnLineGames.ZJK 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_407.exe - Win32/Spy.Delf.NIL 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_409.exe - Win32/TrojanDownloader.Flux 特洛伊木马 的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_410.exe - Win32/Small.NO 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_411.exe - Win32/Inject.AED 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20080621.zip > ZIP > 20080621/XX_412.exe - 可能是 Win32/Bifrose 特洛伊木马 的变种 - 是已删除对象的一部分
回复

举报

无尽藏海
发表于 2008-6-21 23:15:05 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

jimmyleo
发表于 2008-6-22 01:03:21 | 显示全部楼层
panda 23

[ Sun Jun 22 01:00:19 2008 ] Generic Malware        in D:\Download\S\20080621\XX_333.EXE
[ Sun Jun 22 01:00:19 2008 ] Generic Malware        in D:\Download\S\20080621\XX_336.EXE
[ Sun Jun 22 01:00:19 2008 ] Generic Malware        in D:\Download\S\20080621\XX_369.EXE
[ Sun Jun 22 01:00:20 2008 ] Generic Malware        in D:\Download\S\20080621\XX_372.EXE
[ Sun Jun 22 01:00:20 2008 ] Trj/Lineage.IDE        in D:\Download\S\20080621\XX_373.EXE
[ Sun Jun 22 01:00:20 2008 ] Generic Malware        in D:\Download\S\20080621\XX_375.EXE
[ Sun Jun 22 01:00:20 2008 ] Generic Malware        in D:\Download\S\20080621\XX_376.EXE
[ Sun Jun 22 01:00:20 2008 ] Generic Malware        in D:\Download\S\20080621\XX_377.EXE
[ Sun Jun 22 01:00:22 2008 ] Trj/Downloader.NZK     in D:\Download\S\20080621\XX_380.EXE
[ Sun Jun 22 01:00:22 2008 ] Generic Malware        in D:\Download\S\20080621\XX_381.EXE
[ Sun Jun 22 01:00:22 2008 ] Bck/Poison.E           in D:\Download\S\20080621\XX_383.EXE
[ Sun Jun 22 01:00:22 2008 ] Generic Malware        in D:\Download\S\20080621\XX_387.EXE
[ Sun Jun 22 01:00:24 2008 ] W32/Autorun.OK.worm    in D:\Download\S\20080621\XX_388.EXE
[ Sun Jun 22 01:00:24 2008 ] Generic Malware        in D:\Download\S\20080621\XX_390.EXE
[ Sun Jun 22 01:00:24 2008 ] Trj/Lineage.IDW        in D:\Download\S\20080621\XX_391.EXE
[ Sun Jun 22 01:00:24 2008 ] Generic Malware        in D:\Download\S\20080621\XX_394.EXE
[ Sun Jun 22 01:00:24 2008 ] Generic Malware        in D:\Download\S\20080621\XX_400.EXE
[ Sun Jun 22 01:00:24 2008 ] Generic Malware        in D:\Download\S\20080621\XX_402.EXE
[ Sun Jun 22 01:00:24 2008 ] Generic Malware        in D:\Download\S\20080621\XX_407.EXE
[ Sun Jun 22 01:00:25 2008 ] Adware/Alexa           in D:\Download\S\20080621\XX_409.EXE
[ Sun Jun 22 01:00:25 2008 ] Generic Malware        in D:\Download\S\20080621\XX_410.EXE
[ Sun Jun 22 01:00:25 2008 ] Trj/Inject.K           in D:\Download\S\20080621\XX_411.EXE
[ Sun Jun 22 01:00:25 2008 ] Generic Malware        in D:\Download\S\20080621\XX_412.EXE
回复

举报

123
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-30 21:25 , Processed in 0.090333 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表