病毒样本包

显示全部楼层 · 发表于 2008-11-15 12:48:03

大家测测看

显示全部楼层 · 发表于 2008-11-15 12:57:18

kaspersky miss4
to kl

显示全部楼层 · 发表于 2008-11-15 12:57:59

Scan 17/25
Sandbox 4

KnowClean 1
剩余3个生成物砍掉

Scanning Engines:
F-Secure AVP: 7.00.171, 2008-11-14
F-Secure Hydra: 2.08.8110, 2008-11-14

Worm.Win32.Delf.kt (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\10.exe\ctfidj.exe
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\10.exe Action: deleted
Trojan-GameThief.Win32.Magania.agzu (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\14.exe Action: deleted
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\17.exe Action: deleted
Trojan.Win32.VB.glz (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\2.exe\sfzerIE.exe
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\onsaStr.exe Action: deleted
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\sfzerIE.exe Action: deleted
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\桌球6.exe Action: deleted
Trojan-Downloader.Win32.VB.ipq (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\2.exe\cookiesr.exe
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\cookiesr.exe Action: deleted
Trojan-PSW.Win32.QQPass.dxs (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\33.exe Action: deleted
Trojan-GameThief.Win32.OnLineGames.tptp (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\4.exe Action: deleted
Trojan-Spy.Win32.Pophot.gey (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\8046.exe Action: deleted
Trojan-GameThief.Win32.OnLineGames.tqti (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\985244M.exe Action: deleted
Trojan-GameThief.Win32.Lmir.gey (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\985244MM.DLL Action: deleted
Trojan-Dropper.Win32.Small.cax (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\a.exe Action: deleted
Trojan.Win32.StartPage.cwu (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\eMvnno.exe Action: deleted
Worm.Win32.AutoRun.doc (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\n.exe Action: deleted
Trojan.Win32.Agent.aewu (virus)
C:\Documents and Settings\sk\桌面\virusrun\081115\25\新建文件夹 (2)\nwsaMv.exe Action: deleted

[ 本帖最后由 feihongtian 于 2008-11-15 13:04 编辑 ]

显示全部楼层 · 发表于 2008-11-15 13:05:26

20.exe 35.exe 无法执行

显示全部楼层 · 发表于 2008-11-15 13:41:47

Scan Stats:
  Scan Time: 6 seconds
  Scan Options:
  Scan Targets: D:\Virus\新建文件夹 (3).zip
  Counts:
Total items scanned: 31
- Files & Directories: 31
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0
- Trusted Files: 0
- Skipped Files: 0

Total security risks detected: 24
Total items resolved: 24
Total items that require attention: 0

显示全部楼层 · 发表于 2008-11-15 14:08:43

C:\新建文件夹 (3) 30 25 25 Completed

EAV 672 Kill 25

显示全部楼层 · 发表于 2008-11-15 14:21:31

NIS 2009

显示全部楼层 · 发表于 2008-11-15 14:27:31

红伞28个,不报的那两个NIS2009干掉了

Begin scan in 'G:\Downloads\新建文件夹 (3)'
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\0.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    The file was moved to '4983b28e.qua'!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\1.exe
[0] Archive type: OVL
--> Object
   [DETECTION] This file has been compressed using unusual runtime compression (PCK/UPACK). Please verify the origin of this file.
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\10.exe
[0] Archive type: ZIP SFX (self extracting)
   --> ctfidj.exe
      [DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[DETECTION] Contains recognition pattern of the DR/KillAV.PC dropper
   --> IElcsjsx.exe
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/StartPage.cwu.9 Trojan
   --> ctfid.exe
      --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the TR/Agent.bnt.20480 Trojan
      --> Object
         [DETECTION] Is the TR/Click.Agent.efq Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\11.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\14.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\17.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\2.exe
[0] Archive type: ZIP SFX (self extracting)
--> sfzerIE.exe
   [DETECTION] Is the TR/Onsat.57344 Trojan
--> cookiesr.exe
   [DETECTION] Is the TR/Dldr.Sansh.60577 Trojan
[DETECTION] Is the TR/Drop.bvz.116601 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\33.exe
   [DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\4.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\8046.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\985244M.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\985244MM.DLL
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\a.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Contains recognition pattern of the RKIT/Small.BU root kit
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\cookiesr.exe
[DETECTION] Is the TR/Dldr.Sansh.60577 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\eMvnno.exe
[DETECTION] Is the TR/StartPage.cwu.9 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\IElcsjsx.exe
[0] Archive type: RSRC
--> Object
   [DETECTION] Is the TR/StartPage.cwu.9 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\n.exe
[DETECTION] Contains recognition pattern of the WORM/Otwycal.g worm
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\nwsaMv.exe
[DETECTION] Is the TR/Agent.aewu.28672 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\onsaStr.exe
[DETECTION] Is the TR/Agent.aewu.28672 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\sfzerIE.exe
[DETECTION] Is the TR/Agent.aewu.28672 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\Strommo.exe
[0] Archive type: RSRC
--> Object
   [DETECTION] Is the TR/StartPage.cwu.9 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\桌球6.exe
[DETECTION] Is the TR/Agent.aewu.28672 Trojan
[NOTE]    The file was deleted!
G:\Downloads\新建文件夹 (3)\新建文件夹 (3)\新建文件夹 (2)\跳棋4.exe
[0] Archive type: RSRC
--> Object
   [DETECTION] Is the TR/StartPage.cwu.9 Trojan
[NOTE]    The file was deleted!

End of the scan: 2008年11月15日  19:29
Used time: 01:24 Minute(s)

The scan has been done completely.

   3 Scanning directories
   30 Files were scanned
   28 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   22 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   2 Archives were scanned
   0 Warnings
   23 Notes

显示全部楼层 · 发表于 2008-11-15 14:38:06

显示全部楼层 · 发表于 2008-11-15 23:38:00

20

35

红伞上报2个.

[病毒样本] 病毒样本包

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

回复 1楼 gzg 的帖子