一包货（md5内详）

tonger2003

[MD5: D17C9C E2C32E 32BA08 B65C64 321E1F F06779 BF84FD 439C9F C9C6F2 655591 C917E3 8E3B42 628CD5 B98912]

小邪邪

咖啡：



AVK：

woai_jolin

2007/6/24 13:56:04        Scanning Log
2007/6/24 13:56:04        Version of virus signature database: 2349 (20070623)
2007/6/24 13:56:04        Date: 24.6.2007  Time: 13:56:04
2007/6/24 13:56:04        Scanned disks, folders and files: D:\病毒\
2007/6/24 13:56:08        D:\病毒\样本.rar - multiple threats - deleted - quarantined
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 9.exe - Win32/PSW.Agent.NEW trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 0.exe - probably unknown NewHeur_PE virus [7]
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 1.exe - probably a variant of Win32/PSW.Agent.NDP trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 10.exe - probably unknown NewHeur_PE virus [7]
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 11.exe - probably a variant of Win32/PSW.QQPass.VD trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 14.exe - Win32/PSW.Agent.NDP trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 2.exe - a variant of Win32/PSW.OnLineGames.YA trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 3.exe - a variant of Win32/PSW.Agent.NEW trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 4.exe - Win32/PSW.Agent.NDP trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 5.exe - a variant of Win32/PSW.OnLineGames.RC trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 6.exe - a variant of Win32/PSW.OnLineGames.RC trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 7.exe - a variant of Win32/PSW.Agent.NEW trojan
2007/6/24 13:56:08        D:\病毒\样本.rar » RAR » 8.exe - Win32/PSW.Agent.NDP trojan
2007/6/24 13:56:08        Number of scanned files: 15
2007/6/24 13:56:08        Number of threats found: 13
2007/6/24 13:56:08        Time of completion: 13:56:08  Total scanning time: 4 sec (00:00:04)
2007/6/24 13:56:08        Notes:
2007/6/24 13:56:08        [7] File is probably infected with an unknown virus.

欠妳緈諨

AVAST12个

欠妳緈諨

余下2个红伞杀
Begin scan in 'D:\病毒测试\未解压\��.rar'
D:\病毒测试\未解压\��.rar
  [0] Archive type: RAR
  --> 0.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 11.exe
      [DETECTION] Is the Trojan horse TR/PSW.Steal.31849
      [WARNING]   The file was ignored!

红心王子

斧头KV砍掉9个
监控识别率较高 有效拦截

Whkroran

deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qw        File: E:\Virus sample\Ñù±¾.rar/9.exe//PE_Patch//UPack
quarantined: virus Downloader (modification)        File: E:\Virus sample\Ñù±¾.rar/0.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.Small.cf        File: E:\Virus sample\Ñù±¾.rar/1.exe
deleted: Trojan program Trojan-Downloader.Win32.Small.czl        File: E:\Virus sample\Ñù±¾.rar/10.exe//NSPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.xc        File: E:\Virus sample\Ñù±¾.rar/11.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.Small.cf        File: E:\Virus sample\Ñù±¾.rar/14.exe
quarantined: virus Invader (modification)        File: E:\Virus sample\Ñù±¾.rar/2.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rc        File: E:\Virus sample\Ñù±¾.rar/3.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ui        File: E:\Virus sample\Ñù±¾.rar/4.exe
quarantined: virus Trojan.Generic (modification)        File: E:\Virus sample\Ñù±¾.rar/5.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Nilage.bjp        File: E:\Virus sample\Ñù±¾.rar/6.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.sl        File: E:\Virus sample\Ñù±¾.rar/7.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ui        File: E:\Virus sample\Ñù±¾.rar/8.exe

mofunzone

和avk一样
完美的一击

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\样本.rar'
C:\Documents and Settings\Administrator\My Documents\
  样本.rar
    [0] Archive type: RAR
    --> 9.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UF.60
        [WARNING]   Infected files in archives cannot be repaired!
    --> 0.exe
        [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 1.exe
        [DETECTION] Is the Trojan horse TR/PSW.Onlinegames.AWD.4
        [WARNING]   Infected files in archives cannot be repaired!
    --> 10.exe
        [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 11.exe
        [DETECTION] Is the Trojan horse TR/PSW.Steal.31849
        [WARNING]   Infected files in archives cannot be repaired!
    --> 13.exe
        [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.2
        [WARNING]   Infected files in archives cannot be repaired!
    --> 14.exe
        [DETECTION] Is the Trojan horse TR/PSW.7680.2
        [WARNING]   Infected files in archives cannot be repaired!
    --> 2.exe
        [DETECTION] Is the Trojan horse TR/Dropper.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 3.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 4.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UI.53
        [WARNING]   Infected files in archives cannot be repaired!
    --> 5.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 6.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 7.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 8.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UI.54
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!


End of the scan: 2007年6月23日  23:27
Used time: 00:10 min

The scan has been done completely.

      0 Scanning directories
     15 Files were scanned
     14 viruses and/or unwanted programs were found
      0 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
     15 Warnings
      0 Notes
      0 Hidden objects were found

1688388728

以 AntiVirusKit 掃瞄病毒
版本 17.0.6353
病毒特徵碼 6/24/2007
開始時間: 6/24/2007 14:32
引擎: 引擎 A (AVK 17.5610), 引擎 B (AVKB 17.272)
啟發式: 開啟
壓縮檔: 開啟
系統區域: 開啟

掃瞄系統區域...
掃瞄所選的目錄及檔案...
物件: 1.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.Small.cf (引擎 A)
物件: 10.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-Downloader.Win32.Small.czl (引擎 A)
物件: 11.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.QQPass.xc (引擎 A)
物件: 13.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Win32:Delf-DQP [Trj] (引擎 B)
物件: 14.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.Small.cf (引擎 A)
物件: 2.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Win32:Onlinegames-ACD [Trj] (引擎 B)
物件: 3.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.OnLineGames.rc (引擎 A)
物件: 4.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.OnLineGames.ui (引擎 A)
物件: [Upack]
        壓縮檔中: E:\病毒库\样本\5.exe
        狀態: 偵測到病毒
        病毒: Win32:Onlinegames-ACS [Trj] (引擎 B)
物件: 5.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Win32:Onlinegames-ACS [Trj] (引擎 B)
物件: 6.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.Nilage.bjp (引擎 A)
物件: 7.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.OnLineGames.sl (引擎 A)
物件: 8.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.OnLineGames.ui (引擎 A)
物件: 9.exe
        路徑: E:\病毒库\样本
        狀態: 偵測到病毒
        病毒: Trojan-PSW.Win32.OnLineGames.qw (引擎 A)
分析完成: 6/24/2007 14:32
    已掃瞄 14 檔案
    偵測到 13 已感染的檔案
    偵測到 0 可疑的檔案

promised

通杀

D:\Program Files\IKARUS>T3Scan.exe C:
IKARUS - T3SCAN V1.25 (WIN32)
         T3 V1.01.08
         Copyright (c) 2003 - 2007 by IKARUS Software.
         Written by Richard Schmoegner.
         All rights reserved.

Signaturdatenbank vom 24.6.2007 04:15:29 (Build: 69114)

C:\pagefile.sys - Datei konnte nicht ge鰂fnet werden
C:\ABC\样本\0.exe - Signatur 'Trojan-Downloader.Win32.Delf.ald' gefunden
C:\ABC\样本\1.exe - Signatur 'Trojan-PWS.Win32.Nilage.bbr' gefunden
C:\ABC\样本\10.exe - Signatur 'Backdoor.Win32.PcClient.GV' gefunden
C:\ABC\样本\11.exe - Signatur 'Trojan-PWS.Win32.Nilage.bga' gefunden
C:\ABC\样本\13.exe - Signatur 'MemScanTrojan.HackTool.Agent.AZ' gefunden
C:\ABC\样本\14.exe - Signatur 'Trojan-PWS.Win32.Nilage.bbr' gefunden
C:\ABC\样本\2.exe - Signatur 'Trojan-PWS.RD' gefunden
C:\ABC\样本\3.exe - Signatur 'Trojan-PWS.Win32.Nilage.bjp' gefunden
C:\ABC\样本\4.exe - Signatur 'Trojan-PWS.Win32.OnLineGames.ui' gefunden
C:\ABC\样本\5.exe - Signatur 'Trojan-PWS.Win32.Nilage.bjp' gefunden
C:\ABC\样本\6.exe - Signatur 'Trojan-PWS.Win32.Nilage.bjp' gefunden
C:\ABC\样本\7.exe - Signatur 'Trojan-PWS.Win32.Nilage.bjp' gefunden
C:\ABC\样本\8.exe - Signatur 'Trojan-PWS.Win32.OnLineGames.ui' gefunden
C:\ABC\样本\9.exe - Signatur 'Trojan-PWS.Win32.OnLineGames.uf' gefunden