收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 16个
返回列表 发新帖
查看: 1617|回复: 9
收起左侧

[病毒样本] 16个

[复制链接]
promised
发表于 2007-9-2 15:46:28 | 显示全部楼层 |阅读模式
[MD5: 6F8E8C E4D3E4 B5E91A EBD8C8 E6A4E8 6E34E4 4E6B49 B563BB 7E8575 E8707E 8D0C18 18D5CC 023010 838DE6 474BD7 487DB2]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hj5abc
发表于 2007-9-2 15:49:55 | 显示全部楼层
13. 剩些dll.

F:\样本.zip » ZIP » 样本/wmsj.exe - probably unknown NewHeur_PE virus
F:\样本.zip » ZIP » 样本/winwm.exe - probably unknown NewHeur_PE virus
F:\样本.zip » ZIP » 样本/winsys32_070818.dll - probably a variant of Win32/Spy.Delf.NEN trojan
F:\样本.zip » ZIP » 样本/winow.exe - probably unknown NewHeur_PE virus
F:\样本.zip » ZIP » 样本/PegeFile.pif - probably a variant of Win32/PSW.Delf.NHI trojan
F:\样本.zip » ZIP » 样本/myplayer.com - probably a variant of Win32/Genetik trojan
F:\样本.zip » ZIP » 样本/mppds.exe - probably a variant of Win32/Genetik trojan
F:\样本.zip » ZIP » 样本/mppds.dll - probably a variant of Win32/Genetik trojan
F:\样本.zip » ZIP » 样本/Logo1_.exe - probably a variant of Win32/Viking virus
F:\样本.zip » ZIP » 样本/kulionzx.exe - probably unknown NewHeur_PE virus
F:\样本.zip » ZIP » 样本/kulionzx.dll - probably a variant of Win32/PSW.Delf.NDI trojan
F:\样本.zip » ZIP » 样本/kulionwm.dll - probably a variant of Win32/PSW.Delf.NDI trojan
F:\样本.zip » ZIP » 样本/Hide.exe - probably a variant of Win32/Genetik trojan
回复

举报

wangjay1980
发表于 2007-9-2 16:42:02 | 显示全部楼层
detected: Trojan program Trojan-Downloader.Win32.Delf.bnc        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/Hide.exe//UPack
detected: Trojan program Trojan-Spy.Win32.Delf.uh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/kulionwm.dll
detected: Trojan program Trojan-Spy.Win32.Delf.uh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/kulionzx.dll
detected: Trojan program Trojan-Spy.Win32.Delf.uh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/kulionzx.exe//UPack
detected: virus Worm.Win32.Viking.lz        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/Logo1_.exe//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bjx        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/mppds.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bjx        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/mppds.exe
detected: Trojan program Trojan-Spy.Win32.Agent.pn        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/myplayer.com//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.Nilage.blg        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/PegeFile.pif//PE_Patch//NSPack//PE_Patch
detected: Trojan program Trojan-Spy.Win32.Agent.pn        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/scrsys16_070818.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ahn        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/video.dll
detected: Trojan program Trojan-PSW.Win32.WOW.sa        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/winow.dll
detected: Trojan program Trojan-PSW.Win32.WOW.sa        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/winow.exe//UPack
detected: Trojan program Trojan-Spy.Win32.Delf.uh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/winwm.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ahn        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.zip/Ñù±¾/wmsj.exe
回复

举报

moonsilver
发表于 2007-9-2 16:53:17 | 显示全部楼层
全灭……
回复

举报

tracydk
发表于 2007-9-2 17:02:53 | 显示全部楼层
Starting the file scan:

Begin scan in 'F:\病毒样本\样本.zip'
F:\病毒样本\样本.zip
  [0] Archive type: ZIP
  --> Ñù±¾/Hide.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> Ñù±¾/kulionwm.dll
      [DETECTION] Is the Trojan horse TR/PSW.Steal.28160.19
  --> Ñù±¾/kulionzx.dll
      [DETECTION] Is the Trojan horse TR/PSW.Steal.28672.6
  --> Ñù±¾/kulionzx.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> Ñù±¾/Logo1_.exe
      [DETECTION] Contains signature of the worm WORM/Viking.DLL.1
  --> Ñù±¾/mppds.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾/mppds.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾/myplayer.com
      [DETECTION] Is the Trojan horse TR/KillAV.JU
  --> Ñù±¾/PegeFile.pif
      [DETECTION] Is the Trojan horse TR/PSW.Nilage.blg
  --> Ñù±¾/scrsys16_070818.dll
      [DETECTION] Is the Trojan horse TR/KillAV.JU
  --> Ñù±¾/video.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ahn
  --> Ñù±¾/winow.dll
      [DETECTION] Is the Trojan horse TR/PSW.33792.13
  --> Ñù±¾/winow.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> Ñù±¾/winsys32_070818.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> Ñù±¾/winwm.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> Ñù±¾/wmsj.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
      [INFO]      The file was deleted!
回复

举报

微点卫士
发表于 2007-9-2 17:08:38 | 显示全部楼层
微点:
木马名称:Trojan.Win32.Genetik.bmo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\HIDE.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dio

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\KULIONZX.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Agent.bpz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\MYPLAYER.COM
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Nilage.bqs

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\PEGEFILE.PIF
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Agent.bpu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\SCRSYS16_070818.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.WOW.avh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\WINOW.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dln

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\WINWM.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.ipc

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\WMSJ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\MPPDS.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MPPDS.EXE
2) C:\WINDOWS.0\SYSTEM32\MPPDS.DLL
是否删除木马程序及其衍生物?


可运行的都杀
回复

举报

欠妳緈諨
发表于 2007-9-2 17:15:32 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

1688388728
发表于 2007-9-2 18:25:53 | 显示全部楼层
已删除: 木马程序 Trojan-Downloader.Win32.Delf.bnc        文件: D:\病毒库\样本\样本\Hide.exe//UPack
已删除: 木马程序 Trojan-Spy.Win32.Delf.uh        文件: D:\病毒库\样本\样本\kulionwm.dll
已删除: 木马程序 Trojan-Spy.Win32.Delf.uh        文件: D:\病毒库\样本\样本\kulionzx.dll
已删除: 木马程序 Trojan-Spy.Win32.Delf.uh        文件: D:\病毒库\样本\样本\kulionzx.exe//UPack
已删除: 病毒 Worm.Win32.Viking.lz        文件: D:\病毒库\样本\样本\Logo1_.exe//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.bjx        文件: D:\病毒库\样本\样本\mppds.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.bjx        文件: D:\病毒库\样本\样本\mppds.exe
已删除: 木马程序 Trojan-Spy.Win32.Agent.pn        文件: D:\病毒库\样本\样本\myplayer.com//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.Nilage.blg        文件: D:\病毒库\样本\样本\PegeFile.pif//PE_Patch//NSPack//PE_Patch
已删除: 木马程序 Trojan-Spy.Win32.Agent.pn        文件: D:\病毒库\样本\样本\scrsys16_070818.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ahn        文件: D:\病毒库\样本\样本\video.dll
已删除: 木马程序 Trojan-PSW.Win32.WOW.sa        文件: D:\病毒库\样本\样本\winow.dll
已删除: 木马程序 Trojan-PSW.Win32.WOW.sa        文件: D:\病毒库\样本\样本\winow.exe//UPack
已删除: 木马程序 Trojan-Spy.Win32.Delf.uh        文件: D:\病毒库\样本\样本\winwm.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ahn        文件: D:\病毒库\样本\样本\wmsj.exe
回复

举报

uhthn2002
发表于 2007-9-2 18:27:19 | 显示全部楼层
Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Paranoia Database - 2476
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\欴掛

C:\Documents and Settings\uhthn\Desktop\欴掛\Hide.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\欴掛\kulionwm.dll - Infected with Win32.PDB-1455 Malware program (Paranoia Database) - Deleted
C:\Documents and Settings\uhthn\Desktop\欴掛\kulionzx.dll - Infected with Win32.PDB-1014 Malware program (Paranoia Database) - Deleted
C:\Documents and Settings\uhthn\Desktop\欴掛\kulionzx.exe - Infected with PDB-682 Malware program (Paranoia Database) - Deleted
C:\Documents and Settings\uhthn\Desktop\欴掛\Logo1_.exe - Suspicious of Win32.Worm.Viking.2
C:\Documents and Settings\uhthn\Desktop\欴掛\mppds.dll - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\欴掛\mppds.exe - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\欴掛\myplayer.com - Suspicious of Trojan-PSW.Game.4
C:\Documents and Settings\uhthn\Desktop\欴掛\PegeFile.pif - Infected with MalwareSpy.Win32.PDB-230 Malware program (Paranoia Database) - Deleted
C:\Documents and Settings\uhthn\Desktop\欴掛\scrsys16_070818.dll - Suspicious file
C:\Documents and Settings\uhthn\Desktop\欴掛\video.dll - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\欴掛\winow.dll - Suspicious of Win32.Backdoor.Hupigon.5
C:\Documents and Settings\uhthn\Desktop\欴掛\winow.exe - Infected with PDB-460 Malware program (Paranoia Database) - Deleted
C:\Documents and Settings\uhthn\Desktop\欴掛\winsys32_070818.dll - Suspicious of Win32.Backdoor.Hupigon.5
C:\Documents and Settings\uhthn\Desktop\欴掛\winwm.exe - Infected with PDB-382 Malware program (Paranoia Database) - Deleted
C:\Documents and Settings\uhthn\Desktop\欴掛\wmsj.exe - Infected with PDB-2462 Malware program (Paranoia Database) - Deleted

16 Files scanned
7 Infected files found
9 Suspicious files found
0 Files cured
7 Files deleted
回复

举报

timhas266
发表于 2007-9-2 19:47:13 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\样本.zip'
C:\Documents and Settings\tim\桌面\样本.zip
  [0] Archive type: ZIP
  --> Ñù±¾/Hide.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> Ñù±¾/kulionwm.dll
      [DETECTION] Is the Trojan horse TR/PSW.Steal.28160.19
  --> Ñù±¾/kulionzx.dll
      [DETECTION] Is the Trojan horse TR/PSW.Steal.28672.6
  --> Ñù±¾/kulionzx.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> Ñù±¾/Logo1_.exe
      [DETECTION] Contains signature of the worm WORM/Viking.DLL.1
  --> Ñù±¾/mppds.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾/mppds.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾/myplayer.com
      [DETECTION] Is the Trojan horse TR/KillAV.JU
  --> Ñù±¾/PegeFile.pif
      [DETECTION] Is the Trojan horse TR/PSW.Nilage.blg
  --> Ñù±¾/scrsys16_070818.dll
      [DETECTION] Is the Trojan horse TR/KillAV.JU
  --> Ñù±¾/video.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ahn
  --> Ñù±¾/winow.dll
      [DETECTION] Is the Trojan horse TR/PSW.33792.13
  --> Ñù±¾/winow.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> Ñù±¾/winsys32_070818.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> Ñù±¾/winwm.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> Ñù±¾/wmsj.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
      [INFO]      A backup was created as '470909c1.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-11 00:48 , Processed in 0.138014 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表