[病毒样本] 37x

显示全部楼层 · 发表于 2009-5-2 21:21:58

汗...一个域名不同的品种

显示全部楼层 · 发表于 2009-5-2 21:30:32

e:\eeee\1.exe packed by UPX
>e:\eeee\1.exe infected with Trojan.PWS.Wsgame.11384
e:\eeee\2.exe packed by UPX
>e:\eeee\2.exe infected with Trojan.PWS.Wsgame.11386
e:\eeee\3.exe packed by UPX
>e:\eeee\3.exe infected with Trojan.PWS.Wsgame.11386
e:\eeee\4.exe packed by RCRYPTOR
>e:\eeee\4.exe packed by FLY-CODE
>>e:\eeee\4.exe - archive BINARYRES
>>>e:\eeee\4.exe\data001 infected with Trojan.PWS.Gamania.18602
>>e:\eeee\4.exe - archive contains infected objects
e:\eeee\5.exe packed by UPX
>e:\eeee\5.exe infected with Trojan.PWS.Wsgame.11386
e:\eeee\6.exe packed by ASPACK
>e:\eeee\6.exe probably infected with BACKDOOR.Trojan
>e:\eeee\6.exe packed by BINARYRES
e:\eeee\7.exe packed by UPX
>e:\eeee\7.exe infected with Trojan.PWS.Wsgame.11386
e:\eeee\server1.exe packed by UPX
>e:\eeee\server1.exe packed by FLY-CODE
>>e:\eeee\server1.exe - archive BINARYRES
>>>e:\eeee\server1.exe\data001 packed by UPACK
>>>e:\eeee\server1.exe\data002 packed by FLY-CODE
>>>e:\eeee\server1.exe\data003 packed by FLY-CODE
>>>e:\eeee\server1.exe\data004 packed by XOREXE
>>>>e:\eeee\server1.exe\data004 - archive BINARYRES
>>>>>e:\eeee\server1.exe\data004\data001 packed by UPACK
>>>>>e:\eeee\server1.exe\data004\data002 packed by XOREXE
>>>>>>e:\eeee\server1.exe\data004\data002 packed by FLY-CODE
>>>>>>>e:\eeee\server1.exe\data004\data002 - archive BINARYRES
>>>>>>>>e:\eeee\server1.exe\data004\data002\data001 packed by FLY-CODE
>>>>>>>>e:\eeee\server1.exe\data004\data002\data002 packed by UPACK
>>>e:\eeee\server1.exe\data005 - archive BINARYRES
>>>>e:\eeee\server1.exe\data005\data001 packed by BINARYRES
>>>>>e:\eeee\server1.exe\data005\data001 packed by UPACK
e:\eeee\server2.exe packed by UPX
>e:\eeee\server2.exe packed by FLY-CODE
>>e:\eeee\server2.exe - archive BINARYRES
>>>e:\eeee\server2.exe\data001 packed by UPACK
>>>e:\eeee\server2.exe\data002 packed by FLY-CODE
>>>e:\eeee\server2.exe\data003 packed by FLY-CODE
>>>e:\eeee\server2.exe\data004 packed by XOREXE
>>>>e:\eeee\server2.exe\data004 - archive BINARYRES
>>>>>e:\eeee\server2.exe\data004\data001 packed by UPACK
>>>>>e:\eeee\server2.exe\data004\data002 packed by XOREXE
>>>>>>e:\eeee\server2.exe\data004\data002 packed by FLY-CODE
>>>>>>>e:\eeee\server2.exe\data004\data002 - archive BINARYRES
>>>>>>>>e:\eeee\server2.exe\data004\data002\data001 packed by FLY-CODE
>>>>>>>>e:\eeee\server2.exe\data004\data002\data002 packed by UPACK
e:\eeee\youxi.exe - archive BINARYRES
e:\eeee\Baidu.cab - archive CAB
>e:\eeee\Baidu.cab\Baidu.exe packed by NSPACK
>>e:\eeee\Baidu.cab\Baidu.exe infected with Trojan.MulDrop.31219
e:\eeee\Baidu.cab - archive contains infected objects
e:\eeee\a1.css packed by NSPACK
>e:\eeee\a1.css infected with Trojan.MulDrop.31219
e:\eeee\a10.css packed by NSPACK
>e:\eeee\a10.css infected with Trojan.MulDrop.31219
e:\eeee\a11.css packed by NSPACK
>e:\eeee\a11.css infected with Trojan.MulDrop.31219
e:\eeee\a12.css packed by NSPACK
>e:\eeee\a12.css infected with Trojan.MulDrop.31219
e:\eeee\a13.css packed by NSPACK
>e:\eeee\a13.css infected with Trojan.MulDrop.31219
e:\eeee\a14.css packed by NSPACK
>e:\eeee\a14.css infected with Trojan.MulDrop.31219
e:\eeee\a15.css packed by NSPACK
>e:\eeee\a15.css infected with Trojan.MulDrop.31219
e:\eeee\a16.css packed by NSPACK
>e:\eeee\a16.css infected with Trojan.MulDrop.31219
e:\eeee\a17.css packed by NSPACK
>e:\eeee\a17.css infected with Trojan.MulDrop.31219
e:\eeee\a18.css packed by NSPACK
>e:\eeee\a18.css infected with Trojan.MulDrop.31219
e:\eeee\a19.css packed by NSPACK
>e:\eeee\a19.css infected with Trojan.MulDrop.31219
e:\eeee\a2.css packed by NSPACK
>e:\eeee\a2.css infected with Trojan.MulDrop.31219
e:\eeee\a20.css packed by NSPACK
>e:\eeee\a20.css infected with Trojan.MulDrop.31219
e:\eeee\a3.css packed by NSPACK
>e:\eeee\a3.css infected with Trojan.MulDrop.31219
e:\eeee\a4.css packed by NSPACK
>e:\eeee\a4.css infected with Trojan.MulDrop.31219
e:\eeee\a5.css packed by NSPACK
>e:\eeee\a5.css infected with Trojan.MulDrop.31219
e:\eeee\a6.css packed by NSPACK
>e:\eeee\a6.css infected with Trojan.MulDrop.31219
e:\eeee\a7.css packed by NSPACK
>e:\eeee\a7.css infected with Trojan.MulDrop.31219
e:\eeee\a9.css packed by NSPACK
>e:\eeee\a9.css infected with Trojan.MulDrop.31219
e:\eeee\as.css packed by NSPACK
>e:\eeee\as.css infected with Trojan.MulDrop.31219
e:\eeee\bf.css packed by NSPACK
>e:\eeee\bf.css infected with Trojan.MulDrop.31219
e:\eeee\lzz.css packed by NSPACK
>e:\eeee\lzz.css infected with Trojan.MulDrop.31219
e:\eeee\mm.css packed by NSPACK
>e:\eeee\mm.css infected with Trojan.MulDrop.31219
e:\eeee\ms.css packed by NSPACK
>e:\eeee\ms.css infected with Trojan.MulDrop.31219
e:\eeee\re.css packed by NSPACK
>e:\eeee\re.css infected with Trojan.MulDrop.31219
e:\eeee\real.css packed by NSPACK
>e:\eeee\real.css infected with Trojan.MulDrop.31219
Scan report for "e:\eeee":
      Scanned:       58/21                Cured: 0
Infected found:       33/2                Deleted: 0
  Modifications:       0/0                Renamed: 0
   Suspicious:       1/0                Moved: 0
      Adware:       0/0                Ignored: 0
      Dialers:       0/0
      Jokes:       0/0             Scan time: 0:00:02
   Riskware:       0/0             Scan speed: 893 Kb/s
   Hacktools:       0/0             Scan ended: 21:15:40

显示全部楼层 · 发表于 2009-5-2 22:31:35

kv 36个

显示全部楼层 · 发表于 2009-5-2 22:36:52

AVG
"D:\TDDownload\eeee.rar";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\eeee.rar:\1.exe";"Trojan horse PSW.OnlineGames3.BXL";"Infected"
"D:\TDDownload\eeee.rar:\2.exe";"Trojan horse PSW.OnlineGames3.COY";"Infected"
"D:\TDDownload\eeee.rar:\3.exe";"Trojan horse PSW.OnlineGames3.COT";"Infected"
"D:\TDDownload\eeee.rar:\4.exe";"Virus identified Win32/Cryptor";"Infected"
"D:\TDDownload\eeee.rar:\5.exe";"Trojan horse PSW.OnlineGames3.COY";"Infected"
"D:\TDDownload\eeee.rar:\6.exe";"Trojan horse Agent2.FRV";"Infected"
"D:\TDDownload\eeee.rar:\7.exe";"Trojan horse PSW.OnlineGames3.COY";"Infected"
"D:\TDDownload\eeee.rar:\a1.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a10.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a11.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a12.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a13.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a14.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a15.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a16.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\Baidu.cab";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\Baidu.cab:\Baidu.exe";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a17.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a18.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a19.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a2.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a20.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a3.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a4.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a5.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a6.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a7.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\a9.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\as.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\bf.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\lzz.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\mm.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\ms.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\re.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\real.css";"Trojan horse PSW.OnlineGames3.BBB";"Infected"
"D:\TDDownload\eeee.rar:\server1.exe";"Virus found Win32/Heur.dropper";"Infected"
"D:\TDDownload\eeee.rar:\server2.exe";"Virus found Win32/Heur.dropper";"Infected"

显示全部楼层 · 发表于 2009-5-2 22:42:34

ik kill all

显示全部楼层 · 发表于 2009-5-3 00:07:35

http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 multiple threats deleted (after the next restart) - quarantined
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 1.exe probably a variant of Win32/PSW.OnLineGames.NRD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 2.exe probably a variant of Win32/PSW.OnLineGames.NRD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 3.exe probably a variant of Win32/PSW.OnLineGames.NRD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 4.exe a variant of Win32/PSW.OnLineGames.NUO trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 5.exe probably a variant of Win32/PSW.OnLineGames.NRD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 6.exe Win32/VB.NZV trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » 7.exe probably a variant of Win32/PSW.OnLineGames.NRD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » server1.exe Win32/TrojanDropper.Agent.NXL trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » server2.exe Win32/TrojanDropper.Agent.NXL trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » youxi.exe Win32/PSW.OnLineGames.OJJ trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » Baidu.cab Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » Baidu.cab » CAB » Baidu.exe Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a1.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a10.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a11.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a12.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a13.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a14.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a15.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a16.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a17.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a18.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a19.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a2.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a20.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a3.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a4.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a5.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a6.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a7.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » a9.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » as.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » bf.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » lzz.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » mm.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » ms.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » re.css Win32/Agent.PBD trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 2c&t=1241280382 » RAR » real.css Win32/Agent.PBD trojan was a part of the deleted object

显示全部楼层 · 发表于 2009-5-3 01:59:35

瑞星病毒30个启发1个

[病毒样本] 37x

34

本帖子中包含更多资源

浏览过的版块