收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 20090407 收集36个
返回列表 发新帖
查看: 2803|回复: 5
收起左侧

[病毒样本] 20090407 收集36个

[复制链接]
killloop
发表于 2009-4-7 16:14:25 | 显示全部楼层 |阅读模式
已上报江民和瑞星

http://www.brsbox.com/filebox/down/fc/8bfa3a48df25c56e6ec89139d6ccea20

不能解压把iso改成rar
解压密码:a

收集的这些没经过主防测试是否为病毒,只是看着眼熟就下回来了。八九不离十。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Sherry.ai
发表于 2009-4-7 16:18:01 | 显示全部楼层
很多外挂
回复

举报

HC303
发表于 2009-4-7 16:38:46 | 显示全部楼层
Begin scan in 'G:\virus\1'
G:\virus\1\1\1.exe
    [DETECTION] Is the TR/Vundo.Gen Trojan
    --> Object
      [1] Archive type: RSRC
      --> Object
        [DETECTION] Is the TR/Renaz.10937 Trojan
G:\virus\1\1\1.rar
  [0] Archive type: RAR
    --> xunxian.exe
      [1] Archive type: RAR SFX (self extracting)
      --> qidong.exe
        [DETECTION] Is the TR/Hijacker.Gen Trojan
        --> Object
          [3] Archive type: RSRC
          --> Object
            [DETECTION] Is the TR/Agent2.hgr Trojan
G:\virus\1\1\CK159.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
G:\virus\1\1\dnf.exe
  [0] Archive type: OVL
    [DETECTION] Is the TR/Dropper.Gen Trojan
G:\virus\1\1\DNFWD.exe
  [0] Archive type: RAR SFX (self extracting)
    [DETECTION] Contains recognition pattern of the DR/Agent.1451 dropper
    --> winrar.com
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\DNFWD.rar
  [0] Archive type: RAR
    --> DNFWD.exe
      [1] Archive type: RAR SFX (self extracting)
      [DETECTION] Contains recognition pattern of the DR/Agent.1451 dropper
      --> winrar.com
        [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\dnfwg.exe
  [0] Archive type: RAR SFX (self extracting)
    [DETECTION] Contains recognition pattern of the SPR/Tool.Obfuscator.C.38 program
    --> hh.com
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\dnfwg1.exe
  [0] Archive type: RAR SFX (self extracting)
    --> feifei_dnf.exe
      [1] Archive type: RAR SFX (self extracting)
      --> feifei\ᅱ쿼ᅨ￐￐ᅭᄏᄡᅫ.exe
        [2] Archive type: RAR SFX (self extracting)
        --> InjectLoader.dll
          [DETECTION] Is the TR/Spy.281535.A Trojan
    --> 456.exe
      [DETECTION] Is the TR/Spy.Gen Trojan
G:\virus\1\1\dnfwg11.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 005.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
G:\virus\1\1\DNFWG12.exe
  [0] Archive type: RAR SFX (self extracting)
    --> DNFᅢ→￉뫄¬쬬.exe
      [DETECTION] Is the TR/Spy.FlyStudi.nac Trojan
    --> ᄇ¬ᅧᅯᄇᄍᄊᄀ.exe
      [1] Archive type: RSRC
      [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
发表帖子[完    --> ᄋ￀ᄋ¬ᄋ￀ᄉ?.exe
      [1] Archive type: RAR SFX (self extracting)
      --> ᄇ¬ᅧᅯᄇᄍᄊᄀ.exe
        [2] Archive type: RSRC
        [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
G:\virus\1\1\dnfwudi.exe
  [0] Archive type: RAR SFX (self extracting)
    --> winrar.com
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\dnfxwg11.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 2.exe
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\fhwg.exe
  [0] Archive type: OVL
    [DETECTION] Is the TR/Dropper.Gen Trojan
G:\virus\1\1\jxwg.exe
  [0] Archive type: RAR SFX (self extracting)
    --> jx.exe
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
G:\virus\1\1\luob_xunxian.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 456.exe
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\mirswg.exe
  [0] Archive type: RSRC
    [DETECTION] Is the TR/Hijacker.Gen Trojan
G:\virus\1\1\QJYS.rar
  [0] Archive type: RAR
    --> QJYS.exe
      [1] Archive type: RAR SFX (self extracting)
成后可按 Ctrl+Enter       --> ᅲᅯᄊᆵᄌ￐ᅡᅫᅣᄐ?.exe
        [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\qqsgwg.exe
  [0] Archive type: RAR SFX (self extracting)
    --> QQ￈�ᄍᄆᆭᄆᆭᅪ¬쬬\WinIo.dll
      [DETECTION] Is the TR/Smalldrp.QAW Trojan
    --> QQ￈�ᄍᄆᆭᄆᆭᅪ¬쬬\hknms.sys
      [DETECTION] Is the TR/Rkproc.19968 Trojan
    --> QQ￈�ᄍᄆᆭᄆᆭᅪ¬쬬\에ᄈᆪᅧᅮᅩ�.url
      [DETECTION] Contains recognition pattern of the DR/Crypt.TPM.8 dropper
    --> 1.exe
      --> Object
        [2] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/Agent2.gxl Trojan
        --> Object
          [DETECTION] Is the TR/PSW.26112.1 Trojan
    --> QQ￈�ᄍᄆᆭᄆᆭᅪ¬쬬\￈�ᄍᄆᆭᄆᆭ.exe
      [1] Archive type: OVL
      [DETECTION] Is the TR/Dropper.Gen Trojan
G:\virus\1\1\qqxwwg.exe
  [0] Archive type: RAR SFX (self extracting)
发布]  预览    --> ᄚ뷰ᄚ뽀￐?\MSWINZCXL.vbs
      [DETECTION] Contains recognition pattern of the VBS/StartPage.Z VBS script virus
G:\virus\1\1\rxjh_Herowg.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
G:\virus\1\1\sgwg.exe
  [0] Archive type: RAR SFX (self extracting)
    --> ￈�째¬ᄋ￑ᅪ¬쬬\QQ￈�ᄍ￐ᄀ￀ᅦᅪ¬쬬.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> sgs.exe
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
G:\virus\1\1\slyxhj.exe
  [0] Archive type: RAR SFX (self extracting)
    --> msn.com
      [DETECTION] Is the TR/Crypt.FSPM.Gen Trojan
    --> winrar.com
      [DETECTION] Is the TR/Crypt.FSPM.Gen Trojan
帖子  恢复    --> ￉?￁ᅮᄁ￐ᅴ최ᄏ?.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
G:\virus\1\1\waigua.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
G:\virus\1\1\waigua1.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 1.0.1.8.4\1.0.1.8.4\youxia\mapdata7.dat
      [DETECTION] Is the TR/ATRAPS.Gen Trojan
    --> winrar.com
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\waigua123.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 9x.exe
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    --> 에ᄈᆪᅧᅮᅩ�.url
      [DETECTION] Contains recognition pattern of the DR/Crypt.TPM.8 dropper
G:\virus\1\1\wg999.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 123.exe
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\wg9991.exe
  [0] Archive type: RAR SFX (self extracting)
    --> DNFᅪ¬쬬\hook.dll
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    --> 123.exe
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\wowglider.rar
  [0] Archive type: RAR
    --> mmoglider\Shadow.sys
      [DETECTION] Contains recognition pattern of the RKIT/Agent.31232 root kit
    --> mmoglider\ᅣ뎌￞ᄏᆲᅬ│ᄏ.exe
      [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
G:\virus\1\1\wulinwg.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 456.exe
      [DETECTION] Is the TR/Spy.Gen Trojan
G:\virus\1\1\xjxsjwg.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 1.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> ᄑᆪᅬ￀ᅧ￀ᄑ￧\jxwawa.exe
      [1] Archive type: RSRC
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
G:\virus\1\1\XXFH.exe
  [0] Archive type: RAR SFX (self extracting)
    --> winrar.com
      [DETECTION] Contains HEUR/Malware suspicious code
G:\virus\1\1\xxyqjwg.exe
  [0] Archive type: RAR SFX (self extracting)
    --> 1.exe
      [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
数据  清空    --> ᅫ?ᅮᅫ\main.exe
      [DETECTION] Is the TR/Agent.bsbn Trojan
内容     --> ᅫ?ᅮᅫ\에ᄈᆪᅧᅮᅩ�.url
      [DETECTION] Contains recognition pattern of the DR/Crypt.TPM.8 dropper
G:\virus\1\1\yyfz.rar
  [0] Archive type: RAR
    --> yyfz\yywg.exe
      [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
    --> yyfz\HOOK.dll
      [DETECTION] Is the TR/ATRAPS.Gen Trojan
G:\virus\1\1\zxbl.exe
  [0] Archive type: RAR SFX (self extracting)
    --> zxbl.exe
      --> Object
        [2] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/Agent2.hfu Trojan
        --> Object
          [DETECTION] Is the TR/PSW.OnlineGames.uuus Trojan
G:\virus\1\1\zxmxdwgg.rar
  [0] Archive type: RAR
    --> zxmxdwgg.exe
      [1] Archive type: RAR SFX (self extracting)
      --> winkanfh2.exe
        [DETECTION] Is the TR/Dropper.Gen Trojan
      --> ᅢᄚᅬᅰ￐ᄀ쭤V070ᄌ뛰V1.7ᄇ¬ᅧᅯᄚ₩.exe
        [DETECTION] Is the TR/Spy.Gen Trojan

Beginning disinfection:
G:\virus\1\1\1.exe
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\1.rar
    [NOTE]      The file was deleted!
G:\virus\1\1\CK159.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\dnf.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\DNFWD.exe
    [DETECTION] Contains recognition pattern of the DR/Agent.1451 dropper
    [NOTE]      The file was deleted!
G:\virus\1\1\DNFWD.rar
    [NOTE]      The file was moved to '4a21117b.qua'!
G:\virus\1\1\dnfwg.exe
    [DETECTION] Contains recognition pattern of the SPR/Tool.Obfuscator.C.38 program
    [NOTE]      The file was deleted!
G:\virus\1\1\dnfwg1.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\dnfwg11.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\DNFWG12.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\dnfwudi.exe
    [NOTE]      The file was moved to '4a41119b.qua'!
G:\virus\1\1\dnfxwg11.exe
    [NOTE]      The file was moved to '4b34a18c.qua'!
G:\virus\1\1\fhwg.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\jxwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\luob_xunxian.exe
    [NOTE]      The file was moved to '4a4a11a2.qua'!
G:\virus\1\1\mirswg.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\QJYS.rar
    [NOTE]      The file was moved to '4a341177.qua'!
G:\virus\1\1\qqsgwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\qqxwwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\rxjh_Herowg.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\sgwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\slyxhj.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\waigua.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\1\1\waigua1.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\waigua123.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\wg999.exe
    [NOTE]      The file was moved to '4a141194.qua'!
G:\virus\1\1\wg9991.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\wowglider.rar
    [NOTE]      The file was deleted!
G:\virus\1\1\wulinwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\xjxsjwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\XXFH.exe
    [NOTE]      The file was moved to '4a211185.qua'!
G:\virus\1\1\xxyqjwg.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\yyfz.rar
    [NOTE]      The file was deleted!
G:\virus\1\1\zxbl.exe
    [NOTE]      The file was deleted!
G:\virus\1\1\zxmxdwgg.rar
    [NOTE]      The file was deleted!


End of the scan: 2009年4月7日  16:39
Used time: 00:14 Minute(s)

The scan has been done completely.

      2 Scanned directories
   1269 Files were scanned
     48 Viruses and/or unwanted programs were found
     13 Files were classified as suspicious
     28 files were deleted
      0 Viruses and unwanted programs were repaired
      7 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
   1208 Files not concerned
     75 Archives were scanned
      0 Warnings
     35 Notes

余下的DNF-DG.EXE上报和启发的上报.
回复

举报

ledled
发表于 2009-4-7 19:01:42 | 显示全部楼层
VB Kill 29
回复

举报

Palkia
发表于 2009-4-7 19:03:09 | 显示全部楼层
miss to js
回复

举报

青春灌醉
发表于 2009-4-8 10:37:45 | 显示全部楼层
动作好快啊,上报了就好,我们就静等处理结果啦
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-11-7 05:45 , Processed in 0.135054 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表