收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 35
12
返回列表 发新帖
楼主: sam.to
 收起左侧

[病毒样本] 35

[复制链接]
欠妳緈諨
发表于 2008-7-8 00:39:14 | 显示全部楼层
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw10.exe2 - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw11.exe3 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw12.exe2 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw13.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw14.exe2 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw15.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw16.exe2 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw17.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw18.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw19.exe2 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw2.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw20.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw21.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw22.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw23.exe2 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw24.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw25.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw26.exe2
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw27.exe2 - 特征码 'Trojan.Win32.Agent.thz' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw28.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw29.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw3.exe3 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw30.exe2 - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw31.exe3 - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw32.exe3 - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw33.exe2 - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw34.exe2 - 特征码 'Trojan-PWS.Win32.Gamec.aa' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw35.exe2 - 特征码 'Virus.Win32.Agent.LWQ' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw4.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw5.exe2 - 特征码 'Trojan-PWS.OnlineGames.ZAY' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw6.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw7.exe2 - 特征码 'Virus.Trojan.Win32.Agent.sav' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw8.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\qqw9.exe2 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar:\5581144\wqq1.exe3 - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
D:\病毒测试\临时解压\5581144.rar

        36 文件被扫描
          (1 压缩档 35 文件)
        34 特征码被侦测
        0 可疑代码段被发现
        耗时: 0:01.252
回复

举报

欠妳緈諨
发表于 2008-7-8 00:40:51 | 显示全部楼层
avast! 33

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

markrhy
发表于 2008-7-8 16:17:04 | 显示全部楼层
红伞杀!!!
回复

举报

sam.to
 楼主| 发表于 2008-7-11 17:58:59 | 显示全部楼层
有更新,已上报到卡巴

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

glenovos
发表于 2008-7-11 18:30:35 | 显示全部楼层

32

有一部分还杀不了。上报了

扫描进行于:2008-7-11 18:28:03
日期: 11.7.2008  时间:18:28:10
已扫描的磁盘,文件夹及文件:C:\Documents and Settings\Administrator\桌面\5581144.rar
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw10.exe2 - Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw11.exe3 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw12.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw13.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw14.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw15.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw16.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw17.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw18.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw19.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw2.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw20.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw21.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw22.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw23.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw24.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw25.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw26.exe2 - probably a variant of Win32/Genetik 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw27.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw28.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw29.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw3.exe3 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw30.exe2 - Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw31.exe3 - Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw32.exe3 - probably a variant of Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw33.exe2 - probably a variant of Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw34.exe2 - a variant of Win32/PSW.QQPass.NCZ 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw35.exe2 - a variant of Win32/TrojanDownloader.Flux 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw4.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw5.exe2 - Win32/PSW.WOW.NDK 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw6.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw7.exe2 - a variant of Win32/PSW.OnLineGames.NXI 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw8.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\qqw9.exe2 - probably a variant of Win32/PSW.OnLineGames.NML 木马
C:\Documents and Settings\Administrator\桌面\5581144.rar ?RAR ?5581144\wqq1.exe3 - probably a variant of Win32/PSW.OnLineGames.NML 木马
已扫描的文件数目:36
已发现的病毒数目:35
活动的病毒数目:1
完成时间: 18:28:41 总扫描时间:31 秒 (00:00:31)
回复

举报

Palkia
发表于 2008-7-11 19:03:54 | 显示全部楼层

回复 14楼 kato9096 的帖子

病毒        2008-07-11  19:03:19        C:\Documents and Settings\Administrator\桌面\283540.zip\283540\qqw25.exe        Win32.Troj.GameOnlineT.xx.61440        清除成功
回复

举报

斯太尔
发表于 2008-7-11 22:16:34 | 显示全部楼层
小A已经全灭!
2008-7-11 22:15:25        David        3400        Sign of "Win32:OnLineGames-EEP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw10.exe2\[Upack]\[Embedded#MAIN]" file.  
2008-7-11 22:15:33        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw11.exe3\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:35        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw12.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:36        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw13.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:37        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw14.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:38        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw15.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:40        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw16.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:41        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw17.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:42        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw18.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:43        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw19.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:44        David        3400        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw2.exe2" file.  
2008-7-11 22:15:45        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw20.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:46        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw21.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:47        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw22.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:49        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw23.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:50        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw24.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:51        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw25.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:52        David        3400        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw26.exe2\[Upack]\[Embedded#03008]\[Embedded#08008]" file.  
2008-7-11 22:15:53        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw27.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:15:54        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw28.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:55        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw29.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:56        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw3.exe3\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:15:58        David        3400        Sign of "Win32:OnLineGames-EEP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw30.exe2\[Upack]\[Embedded#MAIN]" file.  
2008-7-11 22:15:59        David        3400        Sign of "Win32:OnLineGames-EEP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw31.exe3\[Upack]\[Embedded#MAIN]" file.  
2008-7-11 22:16:00        David        3400        Sign of "Win32:OnLineGames-EEP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw32.exe3\[Upack]\[Embedded#MAIN]" file.  
2008-7-11 22:16:01        David        3400        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw33.exe2" file.  
2008-7-11 22:16:02        David        3400        Sign of "Win32:QQPass-RX [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw34.exe2" file.  
2008-7-11 22:16:03        David        3400        Sign of "Win32:Agent-LWQ [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw35.exe2\[Upack]\[Embedded#06010]" file.  
2008-7-11 22:16:05        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw4.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:16:06        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw5.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:16:07        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw6.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:16:08        David        3400        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw7.exe2\[UPX]\[Embedded#4060]" file.  
2008-7-11 22:16:09        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw8.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:16:10        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\qqw9.exe2\[Upack]\[Embedded#4080]" file.  
2008-7-11 22:16:12        David        3400        Sign of "Win32:OnLineGames-DQP [Trj]" has been found in "C:\Documents and Settings\David\桌面\5581144.rar\5581144\wqq1.exe3\[Upack]\[Embedded#4080]" file.
回复

举报

斯太尔
发表于 2008-7-11 22:29:13 | 显示全部楼层
巡警11个,360全灭
回复

举报

ssy275
发表于 2008-7-11 22:47:31 | 显示全部楼层
35BitDefender Log FileOverall scan summary
Scanned items:37
Infected items:35
Suspicious items:0
Resolved items:0
Individual viruses found:8
Scanned directories:0
Scanned boot sectors:0
Scanned archives:1
Input-output errors:0
Scan time:00:00:00:12
Files per second:3
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-7-16 04:14 , Processed in 0.089706 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表