收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 onlinegame无尽.....56个
123下一页
返回列表 发新帖
查看: 4605|回复: 25
收起左侧

[病毒样本] onlinegame无尽.....56个

[复制链接]
promised
发表于 2008-6-29 17:11:25 | 显示全部楼层 |阅读模式
文件比较大,上传论坛不便
down:http://xianexs.mail.qq.com/cgi-bin/downloadfilepart/svrid213/vir.rar?svrid=213&fid=af920df026a421f1eaaeea690c4ac9e6c85a5532ff2de898&&txf_fid=&&txf_sid=
(提取码:a11f690a)

pw:vir
  1. http://why38.cn//xz/xz.txt

复制代码
  1. logingin.cn/xz/x.exe
  2. logingin.cn/xz/a.exe
  3. logingin.cn/mm/1.exe
  4. logingin.cn/mm/2.exe
  5. logingin.cn/mm/3.exe
  6. logingin.cn/mm/4.exe
  7. logingin.cn/mm/5.exe
  8. logingin.cn/mm/6.exe
  9. logingin.cn/mm/7.exe
  10. logingin.cn/mm/8.exe
  11. logingin.cn/mm/9.exe
  12. logingin.cn/mm/10.exe
  13. logingin.cn/mm/11.exe
  14. logingin.cn/mm/12.exe
  15. logingin.cn/mm/13.exe
  16. logingin.cn/mm/14.exe
  17. logingin.cn/mm/15.exe
  18. logingin.cn/mm/16.exe
  19. logingin.cn/mm/17.exe
  20. logingin.cn/mm/18.exe
  21. logingin.cn/mm/19.exe
  22. logingin.cn/mm/20.exe
  23. logingin.cn/mm/21.exe
  24. logingin.cn/mm/22.exe
  25. logingin.cn/mm/23.exe
  26. logingin.cn/mm/24.exe
  27. logingin.cn/mm/25.exe
  28. logingin.cn/mm/26.exe
  29. logingin.cn/mm/27.exe
  30. logingin.cn/mm/28.exe
  31. logingin.cn/mm/29.exe
  32. logingin.cn/mm/30.exe
  33. logingin.cn/mm/31.exe
  34. logingin.cn/mm/32.exe
  35. logingin.cn/mm/33.exe
  36. logingin.cn/mm/34.exe


复制代码

[ 本帖最后由 promised 于 2008-6-29 17:14 编辑 ]
回复

举报

醉一生爱妍
发表于 2008-6-29 17:12:46 | 显示全部楼层
MicroVita AntiSpyware  
_____________________________________________
                                           
             风暴微塔反间谍 T2
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]                   
                   http://221.10.254.214/
----------------------------------------------
开始扫描……


正在检查启动……
[C:\Documents and Settings\Administrator\桌面\vir\1.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:11332  MD5:b3bb8056f24197a05d73d35855f33ea6


[C:\Documents and Settings\Administrator\桌面\vir\10.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:19359  MD5:972985e20d32dcc37312056be25336a3


[C:\Documents and Settings\Administrator\桌面\vir\11.exe]
                    …………发现Spy!报告:[2] [1] Win32.Unknow
文件信息:  大小:10836  MD5:39d137bb31e97153770f5d8d872ba06f


[C:\Documents and Settings\Administrator\桌面\vir\13.exe]
                    …………发现Spy!报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:17017  MD5:8d77b5ca4b7479dcad2b4e2767010434


[C:\Documents and Settings\Administrator\桌面\vir\14.exe]
                    …………发现Spy!报告:[2] [1] Win32.Unknow
文件信息:  大小:28072  MD5:e93921df1145fe4ba3e10adb873b78f3


[C:\Documents and Settings\Administrator\桌面\vir\15.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:10756  MD5:4b6c14775c352363d484f2f55fe65fd2


[C:\Documents and Settings\Administrator\桌面\vir\16.exe]
                    …………发现Spy!报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:16602  MD5:85d9b37bab494f7831c9710e68ed8e73


[C:\Documents and Settings\Administrator\桌面\vir\17.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:17252  MD5:7bfed77a06924a9daf95d4691a4553e0


[C:\Documents and Settings\Administrator\桌面\vir\18.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:13048  MD5:efca9f8a6cad7ad445c07741e3d8f1c5


[C:\Documents and Settings\Administrator\桌面\vir\19.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:15580  MD5:96581ae954d78af5a62cd5962203877d


[C:\Documents and Settings\Administrator\桌面\vir\2.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:14328  MD5:5a53087acf4f8bcc10d3f65bd7ecc2f7


[C:\Documents and Settings\Administrator\桌面\vir\20.exe]
                    …………发现Spy!报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:16667  MD5:1e9b5b9e3b90a179494d793b76314050


[C:\Documents and Settings\Administrator\桌面\vir\21.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:13700  MD5:c7d2ba93a0dd691b239a712ac7c93c47


[C:\Documents and Settings\Administrator\桌面\vir\22.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:14000  MD5:52f74b947d0552a276b5c1df2d98f84a


[C:\Documents and Settings\Administrator\桌面\vir\23.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15559  MD5:b053b693ccc896e418b313882a9d0a08


[C:\Documents and Settings\Administrator\桌面\vir\24.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15864  MD5:7c38aa5a5e1b02913cec42fd42466b07


[C:\Documents and Settings\Administrator\桌面\vir\25.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:18296  MD5:455c16e48789c89be6c346767c68c42b


[C:\Documents and Settings\Administrator\桌面\vir\26.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16810  MD5:5698999081b9e55e135d4c9e6c4aff2b


[C:\Documents and Settings\Administrator\桌面\vir\27.exe]
                    …………发现Spy!报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:16395  MD5:26bc46442e632444c8c9a2dc5dd1955c


[C:\Documents and Settings\Administrator\桌面\vir\3.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:15812  MD5:e45e8606d4288e3f4118e5162585beb5


[C:\Documents and Settings\Administrator\桌面\vir\5.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:15372  MD5:bcaae59429e24fa7a1b47e261d8702e4


[C:\Documents and Settings\Administrator\桌面\vir\6.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:14708  MD5:3fb892de77f2a12eb650f70e42954350


[C:\Documents and Settings\Administrator\桌面\vir\7.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:17115  MD5:8af9c19559f10a326ca26687b96e7107


[C:\Documents and Settings\Administrator\桌面\vir\8.exe]
                    …………发现Spy!报告:[1] Win32.Unknow
文件信息:  大小:15476  MD5:3c15d35a66e08f4f7f74e7ae551cda89


[C:\Documents and Settings\Administrator\桌面\vir\9.exe]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15596  MD5:9587523f969851a6561fce81c408ff51


[C:\Documents and Settings\Administrator\桌面\vir\a.exe]
                    …………发现Spy!报告:[2] [1] Win32.Virus.Gen32 
文件信息:  大小:38400  MD5:e954fc7182f73c9388e2c92d03af027b


[C:\Documents and Settings\Administrator\桌面\vir\kcoin32.dll]
                    …………发现Spy!报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16889  MD5:09ba099e04c9a897eb8f970636f2d34a


文件数:54   病毒数:27  比重:0.5
OK  扫描完毕!

  ***日志解释 
 [4] 集中有害分析引擎
 [3] 全局系统判断引擎   
 [2] 文件特征码引擎 
 [1] 文件启发式引擎

[ 本帖最后由 garyyan456 于 2008-6-29 17:16 编辑 ]
回复

举报

hum
发表于 2008-6-29 17:13:25 | 显示全部楼层
Symantec 
-17
已全部上报!

估计后天全部入库

[ 本帖最后由 hum 于 2008-6-29 17:38 编辑 ]
回复

举报

醉一生爱妍
发表于 2008-6-29 17:14:06 | 显示全部楼层
.........................提取码啊
回复

举报

woai_jolin
发表于 2008-6-29 17:15:13 | 显示全部楼层

又是一个dll

2008-6-29 17:18:16 Real-time file system protection file G:\v\c\vir\mndhfdwd.dll probably a variant of Win32/PSW.OnLineGames.FDY trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:15 Real-time file system protection file G:\v\c\vir\midimapzx.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:14 Real-time file system protection file G:\v\c\vir\ksuserfy.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:12 Real-time file system protection file G:\v\c\vir\kbdswjr.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:11 Real-time file system protection file G:\v\c\vir\kbdgrms.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:10 Real-time file system protection file G:\v\c\vir\dpvvoxmh.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:08 Real-time file system protection file G:\v\c\vir\dispexcb.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:07 Real-time file system protection file G:\v\c\vir\d32dx9.sys Win32/Spy.KeySpy.U trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:06 Real-time file system protection file G:\v\c\vir\bootvidgj.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:05 Real-time file system protection file G:\v\c\vir\apsggjba.dll probably a variant of Win32/PSW.OnLineGames.FDY trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:03 Real-time file system protection file G:\v\c\vir\akjsdkaq.dll probably a variant of Win32/PSW.OnLineGames.FDY trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:02 Real-time file system protection file G:\v\c\vir\adsntzt.dll a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:01 Real-time file system protection file G:\v\c\vir\a.exe Win32/TrojanDownloader.Agent.QNV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:18:00 Real-time file system protection file G:\v\c\vir\9.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:58 Real-time file system protection file G:\v\c\vir\8.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:57 Real-time file system protection file G:\v\c\vir\7.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:56 Real-time file system protection file G:\v\c\vir\6.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:54 Real-time file system protection file G:\v\c\vir\5.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:53 Real-time file system protection file G:\v\c\vir\4.exe a variant of Win32/PSW.OnLineGames.NXI trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:52 Real-time file system protection file G:\v\c\vir\3.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:51 Real-time file system protection file G:\v\c\vir\27.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:50 Real-time file system protection file G:\v\c\vir\26.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:48 Real-time file system protection file G:\v\c\vir\25.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:47 Real-time file system protection file G:\v\c\vir\24.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:45 Real-time file system protection file G:\v\c\vir\23.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:44 Real-time file system protection file G:\v\c\vir\22.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:42 Real-time file system protection file G:\v\c\vir\21.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:41 Real-time file system protection file G:\v\c\vir\20.exe a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:39 Real-time file system protection file G:\v\c\vir\2.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:38 Real-time file system protection file G:\v\c\vir\19.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:37 Real-time file system protection file G:\v\c\vir\18.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:35 Real-time file system protection file G:\v\c\vir\17.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:34 Real-time file system protection file G:\v\c\vir\16.exe a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:33 Real-time file system protection file G:\v\c\vir\15.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:32 Real-time file system protection file G:\v\c\vir\14.exe Win32/Spy.KeySpy.NAA trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:30 Real-time file system protection file G:\v\c\vir\13.exe a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:29 Real-time file system protection file G:\v\c\vir\12.exe probably unknown NewHeur_PE virus cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:29 Real-time file system protection file G:\v\c\vir\11.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:27 Real-time file system protection file G:\v\c\vir\10.exe probably a variant of Win32/PSW.OnLineGames.OAF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-29 17:17:26 Real-time file system protection file G:\v\c\vir\1.exe a variant of Win32/PSW.Agent.NHQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

[ 本帖最后由 woai_jolin 于 2008-6-29 17:18 编辑 ]
回复

举报

醉一生爱妍
发表于 2008-6-29 17:17:42 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hj5abc
发表于 2008-6-29 17:20:51 | 显示全部楼层
估计antivir又是一片TR/Spy.Gen


回复

举报

promised
 楼主| 发表于 2008-6-29 17:22:36 | 显示全部楼层

回复 7楼 hj5abc 的帖子

这种东西只有卡巴和国产挂的很惨
回复

举报

woai_jolin
发表于 2008-6-29 17:27:29 | 显示全部楼层

回复 8楼 promised 的帖子

MS最近eset喜欢上olinegames了
2008-6-29 17:27:05        Kernel        File  'G:\v\c\vir\kcoin32.dll' was sent to ESET for analysis.
回复

举报

曲中求
发表于 2008-6-29 17:28:27 | 显示全部楼层

回复 9楼 woai_jolin 的帖子

呵呵,其实是一直。。
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-12-22 22:52 , Processed in 0.084360 second(s), 2 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表