收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 6个质量一般的货色(祝大家圣诞快乐)
12下一页
返回列表 发新帖
查看: 3013|回复: 13
收起左侧

[病毒样本] 6个质量一般的货色(祝大家圣诞快乐)

[复制链接]
schumi小粉
发表于 2008-12-25 20:10:55 | 显示全部楼层 |阅读模式
送上6个样本 ,ANTIVIR P KILL ALL,KIS MISS,TO KILL
大家帮忙看看,不知道质量如何,密码:infected


Email:



反病毒引擎版本最后更新扫描结果
a-squared4.0.0.732008.12.25Trojan.JS.Agent!IK
AhnLab-V32008.12.25.02008.12.25-
AntiVir7.9.0.452008.12.25JS/Dldr.Agent.TC
Authentium5.1.0.42008.12.25JS/Agent.GN
Avast4.8.1281.02008.12.24HTML:Agent-O
AVG8.0.0.1992008.12.25Exploit
BitDefender7.22008.12.25Trojan.Downloader.JS.Agent.F
CAT-QuickHeal10.002008.12.24-
ClamAV0.94.12008.12.24-
Comodo8112008.12.25-
DrWeb4.44.0.091702008.12.25-
eSafe7.0.17.02008.12.24-
eTrust-Vet31.6.62762008.12.24-
Ewido4.02008.12.25-
F-Prot4.4.4.562008.12.24JS/Agent.GN
F-Secure8.0.14332.02008.12.25-
Fortinet3.117.0.02008.12.25-
GData192008.12.25Trojan.Downloader.JS.Agent.F
IkarusT3.1.1.45.02008.12.25Trojan.JS.Agent
K7AntiVirus7.10.5662008.12.25-
Kaspersky7.0.0.1252008.12.25-
McAfee54742008.12.24Exploit-XMLhttpd.d
McAfee+Artemis54742008.12.24Exploit-XMLhttpd.d
Microsoft1.42052008.12.25Exploit:JS/Axdow.A
NOD3237172008.12.25-
Norman5.80.022008.12.24-
Panda9.0.0.42008.12.25-
PCTools4.4.2.02008.12.25-
Prevx1V22008.12.25-
Rising21.09.32.002008.12.25-
SecureWeb-Gateway6.7.62008.12.25Script.Dldr.Agent.TC
Sophos4.37.02008.12.25Troj/Iframe-BD
Sunbelt3.2.1809.22008.12.22-
Symantec102008.12.25-
TheHacker6.3.1.4.1992008.12.23-
TrendMicro8.700.0.10042008.12.25-
VBA323.12.8.102008.12.24-
ViRobot2008.12.24.15342008.12.24-
VirusBuster4.5.11.02008.12.24JS.ActiveXploit.Gen



[ 本帖最后由 schumi小粉 于 2008-12-25 20:56 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

08红伞威点
发表于 2008-12-25 20:23:58 | 显示全部楼层
Start of the scan: 2008年12月25日  20:15
Starting the file scan:

Begin scan in 'C:\Documents and Settings\***\桌面\新建文件夹'
C:\Documents and Settings\***\桌面\新建文件夹\6\opr00A5L
    [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.TC Java script virus
    [NOTE]      A backup was created as '49c579e6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\***\桌面\新建文件夹\6\opr00A5M
    [DETECTION] Contains HEUR/HTML.Malware suspicious code
    [NOTE]      The detection was classified as suspicious.
    [NOTE]      A backup was created as '48a02e7f.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\***\桌面\新建文件夹\6\opr00A5N
    [DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
    [NOTE]      A backup was created as '49c579e7.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\***\桌面\新建文件夹\6\opr00A6Z
    [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.HZ Java script virus
    [NOTE]      A backup was created as '48a02e70.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\***\桌面\新建文件夹\6\opr00A7G
    [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus
    [NOTE]      A backup was created as '49c579e9.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\***\桌面\新建文件夹\6\opr00A7J
    [DETECTION] Contains recognition pattern of the EXP/XMLSPAN.G exploit
    [NOTE]      A backup was created as '48a02e72.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!


End of the scan: 2008年12月25日  20:15
Used time: 00:07 Minute(s)

The scan has been done completely.

      2 Scanning directories
      6 Files were scanned
      5 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
      6 files were deleted
      0 files were repaired
      6 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
      0 Warnings
      6 Notes
-----------------------------------------------------------------
红伞杀。

opr00A5M启发,上报。
File ID  Filename Size (Byte) Result
25218791  opr00A5M  603 Byte  UNDER ANALYSIS
回复

举报

su-tt
发表于 2008-12-25 20:29:54 | 显示全部楼层
ESS不报
回复

举报

BING126
头像被屏蔽
发表于 2008-12-25 20:59:25 | 显示全部楼层
McAfee  报了1个。。

opr00a5l         no  
opr00a5m       no  
opr00a5n        no  
opr00a6z        no  
opr00a7g        no  
opr00a7j         exploit-xmlhttpd.d
回复

举报

sam.to
发表于 2008-12-25 21:00:58 | 显示全部楼层
to kl
回复

举报

schumi小粉
 楼主| 发表于 2008-12-25 21:05:35 | 显示全部楼层
Hello.

This file is already detected. Please update your bases.
Trojan-Downloader.HTML.IFrame.wn

>
>
Regards, Tatarinov Ivan
Virus Analyst
卡巴响应的速度飞快~
回复

举报

JusticeH
发表于 2008-12-25 21:13:50 | 显示全部楼层
BitDefender AntiVIrus 2009
found:
6\opr00A6Z Trojan.Downloader.JS.Agent.F Deleted
6\opr00A7J Trojan.JS.Agent.DYF Moved to Quarantine

其餘4個上報
回复

举报

sam.to
发表于 2008-12-25 21:20:00 | 显示全部楼层
Hello,

opr00A5L, opr00A5M, opr00A5N, opr00A7G

No malicious code were found in these files.

opr00A6Z - Trojan.JS.Agent.iq,
opr00A7J - Trojan-Downloader.JS.Agent.dee

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.
回复

举报

sam.to
发表于 2008-12-25 21:20:28 | 显示全部楼层
原來楼主已上报卡巴,但看不到
回复

举报

schumi小粉
 楼主| 发表于 2008-12-25 22:13:03 | 显示全部楼层
原帖由 sam.to 于 2008-12-25 21:20 发表
原來楼主已上报卡巴,但看不到
不好意思,字小了点。。。。嘿嘿
文字内容一致
opr00A5L,
opr00A5M,
opr00A5N,
opr00A7G

No malicious code were found in these files.

opr00A6Z - Trojan.JS.Agent.iq
opr00A7J - Trojan-Downloader.JS.Agent.dee

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-18 11:31 , Processed in 0.145213 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表