10个[MD5: C78685 BFAF60 F28472 F1AC1E 481313 81FCCE 292E3C 3BCCC9 4A95E6 663C2C]

显示全部楼层 · 发表于 2007-8-28 08:50:21

Starting the file scan:

Begin scan in 'F:\病毒样本\样本.rar'
F:\病毒样本\样本.rar
  [0] Archive type: RAR
  --> dhdpri.dll
   [DETECTION] Is the Trojan horse TR/Spy.Delf.WW
  --> jhapri.dll
   [DETECTION] Is the Trojan horse TR/Agent.16943.1
  --> jzipri.dll
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.18998.1
  --> mxaman.dll
   [DETECTION] Is the Trojan horse TR/Agent.17446
  --> myfpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> qjgpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> tlvpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> wlhpri.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> SysWin64.Jmp
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
  --> WinSys64.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-8-28 08:50:39

_____________________________________________

         风暴微塔反病毒
                        [内测版]
               http://www.v0day.com/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\dhdpri.dll]
                  …………引擎[3]发现Suspicious File
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\jhapri.dll]
                  …………引擎[3]发现Suspicious File
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\jzipri.dll]
                  …………引擎[3]发现Suspicious File
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\qjgpri.dll]
                  …………引擎[3]发现Suspicious File
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\wlhpri.dll]
                  …………引擎[3]发现Suspicious File
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\SysWin64.Jmp]
                  …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\样666666666本\WinSys64.Sys]
                  …………引擎[3]发现Suspicious File
文件数:10 病毒数:7  比重:0.7
OK  扫描完毕！

显示全部楼层 · 发表于 2007-8-28 08:52:21

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.OnlineGames.xyy
病毒： Trojan.PSW.Win32.XYOnline.gh
病毒： Trojan.PSW.Win32.OnlineGames.xyf
病毒： Worm.Win32.Pabug.k

用户来源：互联网

软件版本：20.07.02

显示全部楼层 · 发表于 2007-8-28 08:55:13

都不是exe

nod都全杀
飘

显示全部楼层 · 发表于 2007-8-28 09:04:55

detected: Trojan program Trojan-Spy.Win32.Delf.ww File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾1.rar/dhdpri.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.aqn File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾1.rar/qjgpri.dll
detected: virus Virus.Win32.AutoRun.ix File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾1.rar/SysWin64.Jmp//UPX
detected: virus Virus.Win32.AutoRun.ix File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾1.rar/WinSys64.Sys

显示全部楼层 · 发表于 2007-8-28 09:06:32

Scanning aborted at 2007-8-27 22:18:02.

Started scanning at 2007-8-28 9:06:09. Engine Ver: 31.1.0. Sig Ver:5088. Sig Date: 2007-8-27. ArcLib Ver: 7.3.0.9.
F:\v\样本.rar <dhdpri.dll> - Win32/Storark!generic trojan. Quarantined.
F:\v\样本.rar <jzipri.dll> - Win32/Storark!generic trojan. Quarantined.
F:\v\样本.rar <SysWin64.Jmp> - Win32/QQPass!generic trojan. Quarantined.
F:\v\样本.rar - Could not open the file.

Files Scanned: 11
Files Infected: 3
Files Cleaned \ Deleted: 0
Files Quarantined: 1
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0

Top infections found during scan (Limited to 10).
Win32/Storark!generic
Win32/QQPass!generic

Files not Cleaned\Deleted\Quarantined (Limit 100): 0

Finished scanning at 2007-8-28 9:06:12.

显示全部楼层 · 发表于 2007-8-28 09:09:24

费尔扫描全挂
驱逐舰1个

显示全部楼层 · 发表于 2007-8-28 10:23:22

Result: 4 malware found
Trojan-Spy.Win32.Delf.ww (virus)
C:\Documents and Settings\ssy\×ÀÃæ\2.rar\dhdpri.dll
Trojan-PSW.Win32.OnLineGames.aqn (virus)
C:\Documents and Settings\ssy\×ÀÃæ\2.rar\qjgpri.dll
Virus.Win32.AutoRun.ix (virus)
C:\Documents and Settings\ssy\×ÀÃæ\2.rar\SysWin64.Jmp
C:\Documents and Settings\ssy\×ÀÃæ\2.rar\WinSys64.Sys

显示全部楼层 · 发表于 2007-8-28 10:25:21

已删除: 木马程序 Trojan-Spy.Win32.Delf.ww 文件: E:\test\样本.rar/dhdpri.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aqn 文件: E:\test\样本.rar/qjgpri.dll
已删除: 病毒 Virus.Win32.AutoRun.ix 文件: E:\test\样本.rar/SysWin64.Jmp//UPX
已删除: 病毒 Virus.Win32.AutoRun.ix 文件: E:\test\样本.rar/WinSys64.Sys

[病毒样本] 10个[MD5: C78685 BFAF60 F28472 F1AC1E 481313 81FCCE 292E3C 3BCCC9 4A95E6 663C2C]

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块