[病毒样本] 1

显示全部楼层 · 发表于 2008-11-1 18:49:51

http://111.hfdy1515.net/cao/aa1.exe
http://111.hfdy1515.net/cao/aa2.exe
http://111.hfdy1515.net/cao/aa3.exe
http://111.hfdy1515.net/cao/aa4.exe
http://111.hfdy1515.net/cao/aa5.exe
http://111.hfdy1515.net/cao/aa6.exe
http://111.hfdy1515.net/cao/aa7.exe
http://111.hfdy1515.net/cao/aa8.exe
http://222.hfdy1515.net/cao/aa9.exe
http://222.hfdy1515.net/cao/aa10.exe
http://222.hfdy1515.net/cao/aa11.exe
http://222.hfdy1515.net/cao/aa12.exe
http://222.hfdy1515.net/cao/aa13.exe
http://222.hfdy1515.net/cao/aa14.exe
http://222.hfdy1515.net/cao/aa15.exe
http://333.hfdy1515.net/cao/aa17.exe
http://333.hfdy1515.net/cao/aa18.exe
http://333.hfdy1515.net/cao/aa19.exe
http://333.hfdy1515.net/cao/aa20.exe
http://333.hfdy1515.net/cao/aa21.exe
http://333.hfdy1515.net/cao/aa22.exe
http://333.hfdy1515.net/cao/aa23.exe
http://333.hfdy1515.net/cao/aa24.exe
http://444.hfdy1515.net/cao/aa25.exe
http://444.hfdy1515.net/cao/aa26.exe
http://444.hfdy1515.net/cao/aa27.exe
http://444.hfdy1515.net/cao/aa28.exe
http://444.hfdy1515.net/cao/aa29.exe
http://444.hfdy1515.net/cao/aa31.exe
http://444.hfdy1515.net/cao/aa32.exe
http://111.hfdy1515.net/cao/aa33.exe
http://222.hfdy1515.net/cao/aa34.exe
http://333.hfdy1515.net/cao/aa35.exe
http://444.hfdy1515.net/cao/aa36.exe
http://111.hfdy1515.net/cao/aa37.exe
http://222.hfdy1515.net/cao/aa38.exe
http://222.hfdy1515.net/cao/aa16.exe
http://333.hfdy1515.net/cao/aa39.exe
http://444.hfdy1515.net/cao/aa40.exe
http://444.hfdy1515.net/cao/aa41.exe
http://444.hfdy1515.net/cao/aa30.exe

显示全部楼层 · 发表于 2008-11-1 18:55:34

打包下到的~31个

显示全部楼层 · 发表于 2008-11-1 18:57:14

上报1

显示全部楼层 · 发表于 2008-11-1 19:05:58

Begin scan in 'C:\Documents and Settings\Administrator\桌面\��'
C:\Documents and Settings\Administrator\桌面\��\aa1.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.P Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa10.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa11.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa12.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa13.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa14.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa15.exe
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.Magania.ainu Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa16.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa17.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa18.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa19.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa2.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.P Trojan
      --> Object
      [DETECTION] Is the TR/Agent.16384.1 Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa20.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa21.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa22.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa24.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa25.exe
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.Magania.ahzn Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa26.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa27.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa28.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa29.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa3.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.P Trojan
      --> Object
      [DETECTION] Is the TR/Thief.OnLineGames.tppu.8 Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa30.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa31.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa33.exe
[DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa40.exe
[DETECTION] Contains recognition pattern of the DR/Cinmus.izz dropper
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa5.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.P Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa6.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.MultiFirst.R Trojan
      --> Object
      [DETECTION] Is the TR/PSW.Online.aklv Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa7.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.P Trojan
[DETECTION] Contains HEUR/Malware suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '49433842.qua'!
C:\Documents and Settings\Administrator\桌面\��\aa8.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.MultiFirst.R Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\��\aa9.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was successfully wiped!
[NOTE]    The file was deleted!
红伞全灭

显示全部楼层 · 发表于 2008-11-1 19:16:27

29

显示全部楼层 · 发表于 2008-11-1 19:59:17

诺顿10.1

显示全部楼层 · 发表于 2008-11-2 04:21:05

ESET 31全
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa15.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa17.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa18.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa20.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa16.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa19.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa2.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa22.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa24.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa21.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa26.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa27.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa28.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa29.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa33.exe - Win32/PSW.WOW.NFA trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa31.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa3.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa5.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa6.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa7.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa8.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa9.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa25.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa40.exe » NSIS » 44.exe - a variant of Win32/Adware.Cinmus application
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa30.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa1.exe - a variant of Win32/PSW.OnLineGames.NRF trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa10.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa11.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa12.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa13.exe - a variant of Win32/TrojanDropper.Agent.NMA trojan
C:\Documents and Settings\GUNDAM\桌面\桌面.rar » RAR » aa14.exe - a variant of Win32/PSW.OnLineGames.NRD trojan

显示全部楼层 · 发表于 2008-11-2 08:36:07

kis8.0.0.505 在EMU更新后直接拦截，正常更新则可以下载，扫描稍卡，删除费劲。

[病毒样本] 1

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源