11个

promised

[MD5: E916EA 15E779 3F3096 7D05CD 4747A9 66C2F4 0ED1AD FBCC84 663D43 748C19 D6C23F]
样本实在太多
睡觉去了
明天继续

sb

卡巴两个
已检测到: 木马程序 Backdoor.Win32.Small.ps        文件: C:\Documents and Settings\Administrator\桌面\样本.rar/secmgnt.dll//PE_Patch.UPX//UPX

已检测到: 木马程序 Trojan-Downloader.Win32.Agent.cru        文件: C:\Documents and Settings\Administrator\桌面\样本.rar/osiesd3.dll

斑竹什么地方有样本?我也想去抓来玩玩

The EQs

Scan performed at: 2007-9-3 21:57:48
Scanning Log
NOD32 version 2499 (20070903) NT
Command line: C:\Documents and Settings\Don johnson\桌面\样本.rar
Operating memory - is OK

Date: 3.9.2007  Time: 21:57:52
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\样本.rar
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?7793EF25.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?svchost.dll - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?Tat.dll - Win32/PSW.QQRob.NAQ trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\样本.rar ?RAR ?wmid.dll - a variant of Win32/PSW.QQRob.NAQ trojan
Number of scanned files: 12
Number of threats found: 4
Number of files cleaned: 1
Time of completion: 21:57:52 Total scanning time: 0 sec (00:00:00)

欠妳緈諨

残缺的唯美

--> 7793EF25.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> dfkoxz58.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> dfkoxz58.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> enr5exht.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> osiesd3.dll
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> secmgnt.dll
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Small.PS Backdoor server programs
  --> sgzy0wu.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> svchost.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Tat.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> wmid.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 0rwrkv.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      A backup was created as '470a7e83.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Paranoia Database - 2743
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\7793EF25.DLL - Suspicious of Trojan-Downloader.VB.1
C:\Documents and Settings\uhthn\Desktop\New Folder\dfkoxz58.dll - Suspicious file
C:\Documents and Settings\uhthn\Desktop\New Folder\dfkoxz58.sys - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\enr5exht.sys - Suspicious of Trojan-Rootkit.Agent.1
C:\Documents and Settings\uhthn\Desktop\New Folder\osiesd3.dll - Suspicious of MalwareSpy.Trojan-Downloader.VB.1
C:\Documents and Settings\uhthn\Desktop\New Folder\secmgnt.dll - Suspicious file
C:\Documents and Settings\uhthn\Desktop\New Folder\sgzy0wu.sys - Suspicious of Trojan-Rootkit.Agent.1
C:\Documents and Settings\uhthn\Desktop\New Folder\svchost.dll - Suspicious of Trojan-PSW.Game.29
C:\Documents and Settings\uhthn\Desktop\New Folder\Tat.dll - Suspicious of Win32.Backdoor.Hupigon.5
C:\Documents and Settings\uhthn\Desktop\New Folder\wmid.dll - Suspicious of Win32.Backdoor.Hupigon.5
C:\Documents and Settings\uhthn\Desktop\New Folder\0rwrkv.dll - Suspicious of Trojan-PSW.OnLineGames.2

11 Files scanned
0 Infected files found
10 Suspicious files found
0 Files cured
0 Files deleted

icka

反病毒专家 AntiVirusKit 2006 扫描病毒日志记录
版本 16.0.5
双引擎反病毒签名 2006-10-26
开始时间: 2007-9-3 23:26
引擎: KAV 引擎 (AVK 17.442), BD 引擎 (BD 17.381)
高启发式: 打开
压缩文件: 打开
系统区域: 打开

扫描系统区域...
扫描所选择的目录和文件...
对象: osiesd3.dll
        在压缩档案里: D:\病毒样本\0903\样本.rar
        Status: 已发现病毒
        病毒: Trojan-Downloader.Win32.Agent.cru (KAV 引擎), Trojan.PopWin.FJ (BD 引擎)
对象: secmgnt.dll
        在压缩档案里: D:\病毒样本\0903\样本.rar
        Status: 已发现病毒
        病毒: Backdoor.Win32.Small.ps (KAV 引擎), Backdoor.Agent.AMN (BD 引擎)
对象: 7793EF25.DLL
        在压缩档案里: D:\病毒样本\0903\样本.rar
        Status: 已发现病毒
        病毒: Generic.Popwin.13B57778 (BD 引擎)
对象: svchost.dll
        在压缩档案里: D:\病毒样本\0903\样本.rar
        Status: 已发现病毒
        病毒: DeepScan:Generic.Malware.SPdldPk!g.5407EDB3 (BD 引擎)
对象: Tat.dll
        在压缩档案里: D:\病毒样本\0903\样本.rar
        Status: 已发现病毒
        病毒: Trojan.Qqrob.NAI (BD 引擎)
对象: 样本.rar
        路径: D:\病毒样本\0903
        Status: 已发现病毒
        病毒: Trojan-Downloader.Win32.Agent.cru, Backdoor.Win32.Small.ps (KAV 引擎), Generic.Popwin.13B57778, Trojan.PopWin.FJ, Backdoor.Agent.AMN, DeepScan:Generic.Malware.SPdldPk!g.5407EDB3, Trojan.Qqrob.NAI (BD 引擎)
扫描完成: 2007-9-3 23:26
    已检查 1 个文件
    已发现 1 个染毒文件
    发现 0 个可疑文件

扫描开始时间: 2007-9-4 1:04:23
扫描日志
NOD32 版本 2500 (20070903) NT
命令行: F:\virus\样本.rar

日期: 2007年9月4日  时间: 01:04:25
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: F:\virus\样本.rar
F:\virus\样本.rar ?RAR ?7793EF25.DLL<病毒 - 可能是 Win32/Agent.NEO 木马 变种>
F:\virus\样本.rar ?RAR ?osiesd3.dll<病毒 - Win32/TrojanDownloader.Agent.CRU 木马>
F:\virus\样本.rar ?RAR ?svchost.dll<病毒 - 可能是 Win32/Agent.NEO 木马 变种>
F:\virus\样本.rar ?RAR ?Tat.dll<病毒 - Win32/PSW.QQRob.NAQ 木马>
F:\virus\样本.rar ?RAR ?wmid.dll<病毒 - Win32/PSW.QQRob.NAQ 木马 变种>
已扫描文件数量: 11
已发现病毒数量: 5
完成时间: 01:04:25 总共扫描时间: 0 秒 (00:00:00)

微点卫士

微点：
木马名称:Backdoor.Win32.Small.pt
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\样本\SECMGNT.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

jhtl

诺顿4个。。。