收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 网络安全(毒网分析) 军事文摘
12下一页
返回列表 发新帖
查看: 3827|回复: 16
收起左侧

[已鉴定] 军事文摘

 关闭 [复制链接]
mox
发表于 2008-10-10 14:16:52 | 显示全部楼层 |阅读模式
http://www.jswzmil.com


-->http://www.jjjgo.cn/win.exe

--->http://www.hiiiii.cn/list.txt


http://www.jjjgo.cn/108.exe
http://www.jjjgo.cn/look/go1.exe
http://www.jjjgo.cn/look/go2.exe
http://www.jjjgo.cn/look/go3.exe
http://www.jjjgo.cn/look/go15.exe
http://www.jjjgo.cn/look/go4.exe
http://www.jjjgo.cn/look/go5.exe
http://www.jjjgo.cn/look/go6.exe
http://www.jjjgo.cn/look/go7.exe
http://www.jjjgo.cn/look/go8.exe
http://www.jjjgo.cn/look/go9.exe
http://www.jjjgo.cn/look/go10.exe
http://www.jjjgo.cn/look/go18.exe
http://www.jjjgo.cn/look/go19.exe
http://www.jjjgo.cn/look/go14.exe
http://www.jjjgo.cn/look/go11.exe
http://www.jjjgo.cn/look/go12.exe
http://www.jjjgo.cn/look/go13.exe
http://www.jjjgo.cn/look/go16.exe
http://www.jjjgo.cn/look/go20.exe
http://www.jjjgo.cn/look/cj/QQ.exe
http://www.jjjgo.cn/look/cj/pp0074.exe
http://www.jjjgo.cn/look/cj/ie.exe
http://www.jjjgo.cn/look/cj/alxea.exe
http://www.jjjgo.cn/look/cj/yoyo.exe
回复

举报

xiaosdsd
头像被屏蔽
发表于 2008-10-10 14:33:53 | 显示全部楼层
1.jpg
回复

举报

tanlimo
发表于 2008-10-10 14:46:56 | 显示全部楼层
2008-10-10 14:45:34        文件系统实时防护        文件        D:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\PGPICP20\win[1].exe        未查明的 NewHeur_PE 病毒        正在清除 (访问被拒绝) 时出错        NT AUTHORITY\SYSTEM        在应用程序新建的文件上发生事件: D:\Program Files\Internet Explorer\iexplore.exe.
回复

举报

sam.to
发表于 2008-10-10 14:49:10 | 显示全部楼层
卡巴报10 上报14

已刪除: 病毒 Virus.Win32.Parite.b        檔案: C:\Documents and Settings\kato9096\桌面\344876\108.exe$
已刪除: 病毒 Virus.Win32.Parite.b        檔案: C:\Documents and Settings\kato9096\桌面\344876\alxea.exe$
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcqi        檔案: C:\Documents and Settings\kato9096\桌面\344876\go10.exe$//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.WOW.cdw        檔案: C:\Documents and Settings\kato9096\桌面\344876\go11.exe$//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tlyx        檔案: C:\Documents and Settings\kato9096\桌面\344876\go13.exe$//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tmrw        檔案: C:\Documents and Settings\kato9096\桌面\344876\go16.exe$
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tlyy        檔案: C:\Documents and Settings\kato9096\桌面\344876\go19.exe$//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.afri        檔案: C:\Documents and Settings\kato9096\桌面\344876\go8.exe$//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tlyy        檔案: C:\Documents and Settings\kato9096\桌面\344876\go9.exe$//PE_Patch//UPack
已刪除: 病毒 Virus.Win32.Parite.b        檔案: C:\Documents and Settings\kato9096\桌面\344876\yoyo.exe$

344876.rar

1.42 MB, 下载次数: 122

评分

参与人数 1人气 +1 收起 理由
granthill + 1 谢谢~~打包!

查看全部评分

回复

举报

Mr.Z
发表于 2008-10-10 14:52:28 | 显示全部楼层
firefox早block了
回复

举报

granthill
发表于 2008-10-10 14:53:07 | 显示全部楼层
0 Scanning directories
     25 Files were scanned
     20 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
      0 Warnings
      1 Notes
回复

举报

Nerazzurri
发表于 2008-10-10 14:59:45 | 显示全部楼层

漏四个

2008/10/10        14:58:19        1223621899        Silhouette        2696        Sign of "Win32:Downloader-AZY [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\108.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Parite" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\alxea.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go1.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-WVL [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go10.exe$\[Upack]\[Embedded#5060]\[Upack]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go12.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go14.exe$\[Upack]\[Embedded#5070]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go15.exe$\[UPX]\[Embedded#4060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go16.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go18.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go19.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go2.exe$\[UPX]\[Embedded#5060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-ZRH [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go3.exe$\[UPX]\[Embedded#4060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go4.exe$\[UPX]\[Embedded#4060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go5.exe$\[UPX]\[Embedded#4060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-ZRP [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go6.exe$\[UPX]\[Embedded#4060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go7.exe$\[Upack]\[Embedded#4060]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go7.exe$\[Embedded#2534]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\go9.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Agent-GRW [Trj]" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\pp0074.exe$\[Upack]" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\QQ.exe$" file.  
2008/10/10        14:58:25        1223621905        Silhouette        2696        Sign of "Win32:Parite" has been found in "C:\Users\Silhouette\Desktop\344876.rar\344876\yoyo.exe$" file.
回复

举报

Nerazzurri
发表于 2008-10-10 15:00:25 | 显示全部楼层

avast!漏的

Begin scan in 'C:\Users\Silhouette\Desktop\344876.rar'
C:\Users\Silhouette\Desktop\344876.rar
C:\Users\Silhouette\Desktop\344876.rar
    [0] Archive type: RAR
    --> 344876\go13.exe$
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 344876\go8.exe$
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 344876\ie.exe$
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains HEUR/Malware suspicious code
    [NOTE]      The file was deleted!
回复

举报

edwardcl
发表于 2008-10-10 15:06:53 | 显示全部楼层
1010.JPG
回复

举报

08红伞威点
发表于 2008-10-10 15:41:29 | 显示全部楼层
扫描结果 :  29%的杀软(11/38)报告发现病毒
时间 :  2008/10/10 15:30:35
红伞查杀23个Pass 1个,上报提交分析。
--------------------------------------------------------------------
Start of the scan: 2008年10月10日  15:21
Starting the file scan:
Begin scan in 'C:\Documents and Settings\桌面\344876'
C:\Documents and Settings\桌面\344876\108.exe$
    [DETECTION] Contains code of the W32/Parite Windows virus
    [NOTE]      A backup was created as '492702b1.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\alxea.exe$
    [DETECTION] Contains code of the W32/Parite Windows virus
    [NOTE]      A backup was created as '496702ed.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go1.exe$
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      A backup was created as '492002f1.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go10.exe$
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      A backup was created as '4848e722.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go11.exe$
    [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
    [NOTE]      A backup was created as '492002f2.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go12.exe$
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/PSW.Delf.cpj Trojan
    [NOTE]      A backup was created as '4848e723.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go13.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492002f4.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go14.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492002f3.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go15.exe$
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      A backup was created as '4848e724.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go16.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '4848e725.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go18.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492002f6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go19.exe$
    [DETECTION] Is the TR/PSW.Onlineg.tlxy Trojan
    [NOTE]      A backup was created as '492002f5.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go2.exe$
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      A backup was created as '492102f5.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go3.exe$
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      A backup was created as '492202f5.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go4.exe$
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      A backup was created as '492302f6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go5.exe$
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      A backup was created as '492402f6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go6.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492502f6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go7.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492602f6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go8.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492702f7.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\go9.exe$
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '492802f7.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\ie.exe$
    [0] Archive type: RSRC
    --> Object
      [DETECTION] Contains HEUR/Malware suspicious code
    [NOTE]      A backup was created as '491d02ee.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\pp0074.exe$
      [DETECTION] Contains HEUR/Malware suspicious code
    [NOTE]      A backup was created as '491f02f9.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\桌面\344876\yoyo.exe$
    [DETECTION] Contains code of the W32/Parite Windows virus
    [NOTE]      A backup was created as '496802f9.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!

End of the scan: 2008年10月10日  15:21
Used time: 00:13 Minute(s)
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-18 23:08 , Processed in 0.140602 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表