今天先来19个 MD5内

显示全部楼层 · 发表于 2007-8-11 16:33:48

[MD5: EC565D 1E67DC 7081ED 80091D A15CA9 C616E4 13F958 F6BD71 7200F3 65E43D 8BA96D 1C6BB0 B584E9 3087DA FA8EDC E8D35F 2AA1CC 9A078A 338EE4]

显示全部楼层 · 发表于 2007-8-11 16:35:54

扫描开始时间: 2007-8-11 16:35:26
扫描日志
NOD32 版本 2451 (20070811) NT
命令行: F:\virus\163.rar

日期: 2007年8月11日时间: 16:35:27
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: F:\virus\163.rar
F:\virus\163.rar ?RAR ?1633.exe<病毒 - Win32/AutoRun.Q 蠕虫变种>
F:\virus\163.rar ?RAR ?1634.exe<病毒 - Win32/PSW.Legendmir.NEP 木马变种>
F:\virus\163.rar ?RAR ?1636.exe<病毒 - Win32/PSW.OnLineGames.YA 木马变种>
F:\virus\163.rar ?RAR ?1638.exe<病毒 - 可能是 Win32/PSW.Agent.NDP 木马变种>
F:\virus\163.rar ?RAR ?163a.exe<病毒 - 可能是 Win32/PSW.OnLineGames.YA 木马变种>
F:\virus\163.rar ?RAR ?163b.exe<病毒 - Win32/PSW.OnLineGames.NDA 木马变种>
F:\virus\163.rar ?RAR ?163c.exe<病毒 - 可能是 Win32/Genetik 木马变种>
F:\virus\163.rar ?RAR ?163f.exe<病毒 - 可能是 Win32/Genetik 木马变种>
F:\virus\163.rar ?RAR ?163h.exe<病毒 - 未知的 NewHeur_PE 病毒 [7]>
F:\virus\163.rar ?RAR ?163i.exe<病毒 - Win32/Delf.NGD 木马>
F:\virus\163.rar ?RAR ?163e.exe<病毒 - Win32/PSW.OnLineGames.YA 木马变种>
F:\virus\163.rar ?RAR ?163j.exe<病毒 - Win32/Agent.NEM 木马>
F:\virus\163.rar ?RAR ?163k.exe<病毒 - Win32/Viking.LU 病毒>
F:\virus\163.rar ?RAR ?1630.exe<病毒 - Win32/PSW.Agent.NEC 木马>
F:\virus\163.rar ?RAR ?1631.exe<病毒 - 可能是 Win32/Genetik 木马变种>
F:\virus\163.rar ?RAR ?1632.exe<病毒 - Win32/PSW.OnLineGames.YA 木马变种>
已扫描文件数量: 19
已发现病毒数量: 16
完成时间: 16:35:33 总共扫描时间: 6 秒 (00:00:06)

注意:
[7] 文件可能感染了未知病毒。

显示全部楼层 · 发表于 2007-8-11 16:37:17

--> 1633.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.MI
      [WARNING] Infected files in archives cannot be repaired!
--> 1634.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
      [WARNING] Infected files in archives cannot be repaired!
--> 1636.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
      [WARNING] Infected files in archives cannot be repaired!
--> 1637.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.19497
      [WARNING] Infected files in archives cannot be repaired!
--> 1638.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1639.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 163a.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
      [WARNING] Infected files in archives cannot be repaired!
--> 163b.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.UV.47
      [WARNING] Infected files in archives cannot be repaired!
--> 163c.exe
      [DETECTION] Is the Trojan horse TR/Agent.ABIO.38
      [WARNING] Infected files in archives cannot be repaired!
--> 163d.exe
      [DETECTION] Is the Trojan horse TR/Drop.QQP.14804.A
      [WARNING] Infected files in archives cannot be repaired!
--> 163f.exe
      [DETECTION] Is the Trojan horse TR/Agent.ABIO.34
      [WARNING] Infected files in archives cannot be repaired!
--> 163h.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 163i.exe
      [DETECTION] Is the Trojan horse TR/Agent.12288.D
      [WARNING] Infected files in archives cannot be repaired!
--> 163e.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
      [WARNING] Infected files in archives cannot be repaired!
--> 163j.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.38 Backdoor server programs
      [WARNING] Infected files in archives cannot be repaired!
--> 163k.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.AF.2
      [WARNING] Infected files in archives cannot be repaired!
--> 1630.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1631.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
      [WARNING] Infected files in archives cannot be repaired!
--> 1632.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.YN.152
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    A backup was created as '46f07552.qua'  ( QUARANTINE )
      [INFO]    The file was deleted!
全杀

显示全部楼层 · 发表于 2007-8-11 16:38:30

C:\ABC\163\1630.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.nn' 被发现
C:\ABC\163\1631.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wt' 被发现
C:\ABC\163\1632.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\163\1633.exe - 特征码 'Trojan-PWS.Win32.Agent.mi' 被发现
C:\ABC\163\1634.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\163\1636.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\163\1637.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\163\1638.exe - 特征码 'Trojan-PWS.Win32.Nilage.bbr' 被发现
C:\ABC\163\1639.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\163\163a.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.yn' 被发现
C:\ABC\163\163b.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\163\163c.exe - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\163\163d.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\163\163e.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\163\163f.exe - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\163\163h.exe - 特征码 'Trojan-Downloader.Win32.Small.czl' 被发现
C:\ABC\163\163i.exe - 特征码 'Trojan-Spy.Win32.Goldun.pq' 被发现
C:\ABC\163\163j.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\163\163k.exe - 特征码 'Worm.Win32.Viking.lj' 被发现

      19 文件被扫描
      (0 压缩档 0 文件)
      19 特征码被侦测
      0 可疑代码段被发现
      耗时: 0:00.813

显示全部楼层 · 发表于 2007-8-11 16:45:13

删除17个

显示全部楼层 · 发表于 2007-8-11 16:45:31

原帖由 promised 于 2007-8-11 16:38 发表
C:\ABC\163\1630.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.nn' 被发现
C:\ABC\163\1631.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wt' 被发现
C:\ABC\163\1632.exe - 特征码 'Trojan-PWS.Win32.OnLine ...

ikarus从哪里搞来这么强大的库，是不是卡巴的？

显示全部楼层 · 发表于 2007-8-11 16:50:24

BD的

显示全部楼层 · 发表于 2007-8-11 17:12:56

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: D:\DOCUME~1\lm\LOCALS~1\Temp\d1118797.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: L:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: 2007年8月11日  17:08

Starting the file scan:

Begin scan in 'L:\downloaded\163.rar'
L:\downloaded\163.rar
  [0] Archive type: RAR
  --> 1633.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.MI
  --> 1634.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> 1636.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
  --> 1637.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 1638.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1639.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 163a.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
  --> 163b.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 163c.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 163d.exe
   [DETECTION] Is the Trojan horse TR/Drop.QQP.14804.A
  --> 163f.exe
   [DETECTION] Is the Trojan horse TR/Agent.ABIO.34
  --> 163h.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> 163i.exe
   [DETECTION] Is the Trojan horse TR/Agent.12288.D
  --> 163e.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
  --> 163j.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.38 Backdoor server programs
  --> 163k.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.AF.2
  --> 1630.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1631.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
  --> 1632.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.YN.152
   [WARNING] The file was ignored!

小红伞 c 版

显示全部楼层 · 发表于 2007-8-11 18:00:58

显示全部楼层 · 发表于 2007-8-11 18:39:17

瑞星可以阿,查杀了17个,漏2个

今天先来19个 MD5内

本帖子中包含更多资源

本帖子中包含更多资源

回复 #6 zane_xzz 的帖子

本帖子中包含更多资源

瑞星杀毒软件2007

本帖子中包含更多资源