18个快餐exe

显示全部楼层 · 发表于 2007-8-14 11:42:49

[MD5: A45D73 73A278 E37436 30A9B8 32D5FA 3AAF9F C597E7 D7C27D FE2FDB DE5022 77A0E2 F2F8D4 885ECA 7F0569 487F00 31B537 AF4463 FFD75F]

[ 本帖最后由 promised 于 2007-8-14 11:49 编辑 ]

显示全部楼层 · 发表于 2007-8-14 11:46:17

detected: Trojan program Trojan-PSW.Win32.OnLineGames.mu File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/0temp.exe
detected: Trojan program Trojan-PSW.Win32.Gamec.ar File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/10temp.exe//data.rar/1.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ads File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/11temp.exe
detected: Trojan program Trojan-Downloader.Win32.Small.czl File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/12temp.exe//UPack
detected: Trojan program Backdoor.Win32.Delf.awy File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/13temp.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.bxg File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/16temp.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.afd File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/17temp.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.aci File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/18temp.exe//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.abr File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/2temp.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan.Win32.LipGame.cd File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/3temp.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.nn File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/4temp.exe
detected: Trojan program Trojan-PSW.Win32.Agent.mi File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/5temp.exe//FSG
detected: Trojan program Trojan-PSW.Win32.OnLineGames.afb File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/6temp.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.Lmir.bey File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/7temp.exe//data.rar/admin2.EXE//ASPack
detected: Trojan program Trojan-Downloader.Win32.Zlob.byg File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/8temp.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Spy.Win32.Delf.uv File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/9temp.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Delf.bps File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/crsss.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.nn File: C:\Documents and Settings\Owner\×ÀÃæ\exe.zip/exe/LYLOADER.EXE//PE_Patch//UPack

显示全部楼层 · 发表于 2007-8-14 11:47:09

_____________________________________________

         风暴微塔反病毒
                        [内测版]
               http://www.v0day.com/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\11temp.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\12temp.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\16temp.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\18temp.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\5temp.exe]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\5temp.exe]
                  …………引擎[2]发现病毒:Win32.NkHack.FSG.A
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\9temp.exe]
                  …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\crsss.exe]
                  …………引擎[2]发现病毒:Win32.NkHack.PeM.A
[C:\Documents and Settings\Administrator\桌面\virus\exe\exe\LYLOADER.EXE]
                  …………引擎[2]发现病毒:Win32.Unknow
文件数:18 病毒数:9  比重:0.5
OK  扫描完毕！

[ 本帖最后由 FBAV 于 2007-8-14 11:48 编辑 ]

显示全部楼层 · 发表于 2007-8-14 11:52:17

费尔17个

显示全部楼层 · 发表于 2007-8-14 11:53:07

Scan performed at: 2007-8-14 11:52:33
Scanning Log
NOD32 version 2458 (20070813) NT
Command line: C:\Documents and Settings\wangcheng\桌面\exe.zip
C:\Program Files\Eset\nod32.exe - is OK

Date: 14.8.2007 Time: 11:52:34
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\wangcheng\桌面\exe.zip
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/0temp.exe - a variant of Win32/PSW.Delf.VL trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/10temp.exe ?RAR ?1.exe - Win32/Spy.Delf.NFM trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/11temp.exe - Win32/TrojanDropper.Rime.Gen trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/12temp.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/13temp.exe - Win32/Delf.NFD trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/16temp.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/17temp.exe - a variant of Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/18temp.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/2temp.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/3temp.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/4temp.exe - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/5temp.exe - a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/6temp.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/7temp.exe ?RAR ?admin2.EXE - probably a variant of Win32/PSW.Legendmir.AYK trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/8temp.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/9temp.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/crsss.exe - a variant of Win32/AutoRun.K worm
C:\Documents and Settings\wangcheng\桌面\exe.zip ?ZIP ?exe/LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\wangcheng\桌面\exe.zip:Zone.Identifier - is OK
Number of scanned files: 20
Number of threats found: 18
Number of active threats: 1
Time of completion: 11:52:39 Total scanning time: 5 sec (00:00:05)

.............

显示全部楼层 · 发表于 2007-8-14 11:56:49

显示全部楼层 · 发表于 2007-8-14 12:02:37

--> exe/0temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.MU.20
      [WARNING] Infected files in archives cannot be repaired!
--> exe/10temp.exe
      [1] Archive type: RAR SFX (self extracting)
      --> 1.exe
         [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
         [WARNING] Infected files in archives cannot be repaired!
--> exe/11temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ads
      [WARNING] Infected files in archives cannot be repaired!
--> exe/12temp.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> exe/13temp.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.YPT.13 Backdoor server programs
      [WARNING] Infected files in archives cannot be repaired!
--> exe/16temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.rwa
      [WARNING] Infected files in archives cannot be repaired!
--> exe/17temp.exe
      [DETECTION] Contains signature of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> exe/18temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.3387
      [WARNING] Infected files in archives cannot be repaired!
--> exe/2temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
      [WARNING] Infected files in archives cannot be repaired!
--> exe/3temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.YN.160
      [WARNING] Infected files in archives cannot be repaired!
--> exe/4temp.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> exe/5temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.MI.2
      [WARNING] Infected files in archives cannot be repaired!
--> exe/6temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
      [WARNING] Infected files in archives cannot be repaired!
--> exe/7temp.exe
      [DETECTION] Contains signature of the dropper DR/PSW.Lmir.bey.1
      [WARNING] Infected files in archives cannot be repaired!
      [1] Archive type: RAR SFX (self extracting)
      --> admin2.EXE
         [DETECTION] Contains signature of the dropper DR/Delphi.Gen
         [WARNING] Infected files in archives cannot be repaired!
--> exe/8temp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
      [WARNING] Infected files in archives cannot be repaired!
--> exe/9temp.exe
      [DETECTION] Is the Trojan horse TR/Agent.ABIO.33
      [WARNING] Infected files in archives cannot be repaired!
--> exe/crsss.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> exe/LYLOADER.EXE
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    A backup was created as '472629a8.qua'  ( QUARANTINE )
      [INFO]    The file was deleted!
红伞19

显示全部楼层 · 发表于 2007-8-14 12:15:26

老毒比较多啊

显示全部楼层 · 发表于 2007-8-14 12:36:13

红伞19个

显示全部楼层 · 发表于 2007-8-14 12:38:02

Scan duration: 00:00:08

Scan areas:
F:\v\n\exe.zip  - recursive

Objects
-------------------
Scanned       21       Disinfected    0
Infected       7       Deleted       0
Suspicious    5       Quarantined    0

Error(s) occurred during the scan: 0

[病毒样本] 18个快餐exe

本帖子中包含更多资源

本帖子中包含更多资源