来一大包病毒样本

gzg

大家一起扫扫看

nosferatu

26ge
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\桌面'
C:\Documents and Settings\Administrator\桌面\桌面\17747.htm
      [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agen.E.32
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\HAHA.js
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.DZ
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ie1.htm
      [DETECTION] Contains suspicious code HEUR/Exploit.HTML
      [INFO]      The file was moved to '47224ca7.qua'!
C:\Documents and Settings\Administrator\桌面\桌面\ie3.htm
      [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agen.E.31
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ie5.htm
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.DK
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\Serdll.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '47634caa.qua'!
C:\Documents and Settings\Administrator\桌面\桌面\webxl.js
      [DETECTION] Contains detection pattern of the exploits EXP/Thunder.2
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy1.exe
      [DETECTION] Contains detection pattern of the dropper DR/Cinmus.RJ
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy10.exe
      [DETECTION] Is the Trojan horse TR/Agent.12719
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy11.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy13.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy15.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy16.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy17.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dcu
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy18.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy19.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '476a4cc3.qua'!
C:\Documents and Settings\Administrator\桌面\桌面\ysy2.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.agy
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy20.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy3.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '476a4cc7.qua'!
C:\Documents and Settings\Administrator\桌面\桌面\ysy4.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQPass.aez
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dbw
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.czk
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy7.exe
      [DETECTION] Is the Trojan horse TR/Agent.11574
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy8.exe
      [DETECTION] Is the Trojan horse TR/Agent.12472
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysy9.exe
      [DETECTION] Is the Trojan horse TR/Agent.12597
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\桌面\ysydown.exe
      [DETECTION] Is the Trojan horse TR/PSW.Nilage.bpm
      [INFO]      The file was deleted!


End of the scan: 2007年9月20日  00:20
Used time: 00:46 min

The scan has been done completely.

      1 Scanning directories
     29 Files were scanned
     22 viruses and/or unwanted programs were found
      4 Files were classified as suspicious:
     22 files were deleted
      0 files were repaired
      4 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      7 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes

浪滔天

卡巴 7.0.1.222 高启发
18个

已隔离: 病毒 Heur.Trojan.Generic (变种)        文件: F:\病毒样本\桌面[1]\ysy18.exe
已删除: 恶意程序 Exploit.VBS.Agent.d        文件: F:\病毒样本\桌面[1]\ie1.htm
已删除: 木马程序 Trojan-Downloader.JS.Agent.ot        文件: F:\病毒样本\桌面[1]\ie5.htm
已删除: 木马程序 Trojan-Dropper.Win32.Delf.bac        文件: F:\病毒样本\桌面[1]\ysy20.exe//FSG//PEPatch
已删除: 木马程序 Trojan-PSW.Win32.Delf.baq        文件: F:\病毒样本\桌面[1]\ysy10.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.Nilage.bpm        文件: F:\病毒样本\桌面[1]\ysydown.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.cuv        文件: F:\病毒样本\桌面[1]\ysy1.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.cwe        文件: F:\病毒样本\桌面[1]\ysy8.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.czg        文件: F:\病毒样本\桌面[1]\ysy15.exe//ASPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.czk        文件: F:\病毒样本\桌面[1]\ysy6.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.czy        文件: F:\病毒样本\桌面[1]\ysy11.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dbq        文件: F:\病毒样本\桌面[1]\ysy7.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dbq        文件: F:\病毒样本\桌面[1]\ysy9.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dbw        文件: F:\病毒样本\桌面[1]\ysy5.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dcu        文件: F:\病毒样本\桌面[1]\ysy17.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.QQPass.aez        文件: F:\病毒样本\桌面[1]\ysy4.exe//UPX
已删除: 木马程序 Trojan-PSW.Win32.WOW.xj        文件: F:\病毒样本\桌面[1]\ysy13.exe//FSG
已删除: 木马程序 Trojan-Spy.Win32.Delf.agy        文件: F:\病毒样本\桌面[1]\ysy2.exe//UPack

yurius

symantec 13

W32.SillyFDC,不操作,1,ysydown.exe
Infostealer.Gampass,不操作,1,ysy9.exe
Infostealer.Gampass,不操作,1,ysy8.exe
Infostealer.Gampass,不操作,1,ysy7.exe
Infostealer.Gampass,不操作,1,ysy6.exe
Infostealer.QQRob.A,不操作,1,ysy4.exe
Infostealer.Gampass,不操作,1,ysy3.exe
Infostealer.Gampass,不操作,1,ysy2.exe
Infostealer.Gampass,不操作,1,ysy19.exe
Infostealer.Gampass,不操作,1,ysy17.exe
Infostealer.Gampass,不操作,1,ysy15.exe
Trojan.Dropper,不操作,1,ysy11.exe
Infostealer.Gampass,不操作,1,ysy10.exe

红心王子

2007-9-20        8:31:50        1190248310        Administrator        3124        Sign of "Win32:Onlinegames-BBR [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy11.exe\[UPX]\[Embedded#2060]" file.  
2007-9-20        8:31:53        1190248313        Administrator        3124        Sign of "Win32:Onlinegames-ALS [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy15.exe\[ASPack]\[Embedded#ABCDE]" file.  
2007-9-20        8:31:53        1190248313        Administrator        3124        Sign of "Win32:Delf-FVM [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy17.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:54        1190248314        Administrator        3124        Sign of "Win32:Agent-GJB [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy20.exe" file.  
2007-9-20        8:31:54        1190248314        Administrator        3124        Sign of "Win32:Delf-FKO [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy13.exe\[FSG]\[Embedded#DATEINFO]\[Upack]" file.  
2007-9-20        8:31:54        1190248314        Administrator        3124        Sign of "Win32:Onlinegames-BBZ [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy1.exe\[Embedded#1c60]" file.  
2007-9-20        8:31:54        1190248314        Administrator        3124        Sign of "Win32:Onlinegames-BBZ [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy1.exe" file.  
2007-9-20        8:31:54        1190248314        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part1.rar\ysy2.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:56        1190248316        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy6.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Autorun-BS [Wrm]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy4.exe\[UPX]\[Embedded#05ef8]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy9.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy8.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy7.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Nilage-AI [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysydown.exe\[UPX]\[Embedded#2af0]\[UPX]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy19.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Delf-FVM [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy3.exe\[Upack]\[Embedded#MUSIC]" file.  
2007-9-20        8:31:57        1190248317        Administrator        3124        Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\桌面.part2.rar\ysy10.exe\[Upack]\[Embedded#MUSIC]" file.

zzm3145

ZASS 22个

wangjay1980

22
detected: Trojan program Trojan-PSW.Win32.OnLineGames.czy        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy11.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.czg        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy15.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dcu        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy17.exe//UPack
detected: Trojan program Trojan-Dropper.Win32.Delf.bac        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy20.exe//FSG//PEPatch
detected: Trojan program Trojan-PSW.Win32.WOW.xj        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy13.exe//FSG
detected: Trojan program Trojan-PSW.Win32.OnLineGames.cuv        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy1.exe
detected: Trojan program Trojan-Spy.Win32.Delf.agy        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy2.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.czk        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy6.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dbw        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy5.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.QQPass.aez        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy4.exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dbq        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy9.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.cwe        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy8.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dbq        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy7.exe//UPack
detected: malware Exploit.VBS.Agent.d        File: E:\Ñù±¾\н¨Îļþ¼Ð\ie1.htm
detected: Trojan program Trojan-Downloader.JS.Agent.ot        File: E:\Ñù±¾\н¨Îļþ¼Ð\ie5.htm
detected: Trojan program Trojan-PSW.Win32.Nilage.bpm        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysydown.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.deg        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy19.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ddw        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy3.exe//UPack
detected: Trojan program Trojan-PSW.Win32.Lmir.bml        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy16.exe//ASPack
detected: Trojan program Trojan-Downloader.Win32.Small.arz        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy18.exe
detected: Trojan program Trojan.Win32.Agent.bon        File: E:\Ñù±¾\н¨Îļþ¼Ð\Serdll.dll
detected: Trojan program Trojan-PSW.Win32.Delf.baq        File: E:\Ñù±¾\н¨Îļþ¼Ð\ysy10.exe//UPack

tracydk

20个

zszzd

KILL_
6只

zszzd