几个最新样本 + 几个比较旧 37 个网马

显示全部楼层 · 发表于 2007-9-30 13:01:20

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[E:\virus\2007年9月30日12时12分46秒CDB7F793.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:16957  MD5:14a48bec1c8b4270292cb5658f35ab8b

[E:\virus\2007年9月30日12时58分12秒cs0619[1].exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:36845  MD5:e79da007f3e696dfe149629975237205

[E:\virus\2007年9月30日12时58分14秒cq0619[1].exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:29874  MD5:4b155281a4c92d71146bbc227c4e8d78

[E:\virus\2007年9月30日12时58分15秒f2b4657b5568d072[1].exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:16957  MD5:14a48bec1c8b4270292cb5658f35ab8b

[E:\virus\2007年9月30日12时58分5秒zt0616[1].exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:27136  MD5:aaaf7e1245031cb0fd0d62e7a1eb2831

[E:\virus\2007年9月30日12时58分7秒moon[1].exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:16957  MD5:14a48bec1c8b4270292cb5658f35ab8b

[E:\virus\2007年9月30日12时58分9秒wm[1].exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:9296  MD5:b9b36eb5729ae417d73d35e7369fce2c

[E:\virus\AUTO.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:16957  MD5:14a48bec1c8b4270292cb5658f35ab8b

[E:\virus\CDB7F793.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:16957  MD5:14a48bec1c8b4270292cb5658f35ab8b

[E:\virus\K119112594610.EXE]
                  …………发现Spy！报告:[2]
文件信息:  大小:27136  MD5:aaaf7e1245031cb0fd0d62e7a1eb2831

[E:\virus\K119112595114.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:36845  MD5:e79da007f3e696dfe149629975237205

[E:\virus\K119112595215.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:9296  MD5:b9b36eb5729ae417d73d35e7369fce2c

[E:\virus\LYLOADER.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:11900  MD5:59f91b530692c80f44f87c3d8d5d8b28

文件数:37 病毒数:13  比重:0.3513513513514
OK  扫描完毕！
  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

我姑妈单位机子
网络版
这就是装瑞星的好处

显示全部楼层 · 发表于 2007-9-30 13:03:37

Zenmeyangle?

显示全部楼层 · 发表于 2007-9-30 13:12:46

32
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±12·Ö46ÃëCDB7F793.EXE
detected: Trojan program Trojan-PSW.Win32.OnLineGames.djv File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±58·Ö12Ãëcs0619[1].exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.Lmir.bmp File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±58·Ö14Ãëcq0619[1].exe//UPack//#
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±58·Ö15Ãëf2b4657b5568d072[1].exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dsm File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±58·Ö5Ãëzt0616[1].exe
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±58·Ö7Ãëmoon[1].exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.drf File: C:\Documents and Settings\Owner\×ÀÃæ\virus\2007Äê9ÔÂ30ÈÕ12Ê±58·Ö9Ãëwm[1].exe//PE_Patch//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\AUTO.EXE
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\CDB7F793.EXE
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\DBGHLP32.EXE//PE_Patch.UPX
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\DISKMAN32.EXE//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtr File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259351.EXE//#//PE_Patch//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259362.EXE//PE_Patch.UPX
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259373.EXE//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.doj File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259394.EXE//PE_Patch.UPX//UPX
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259405.EXE
detected: Trojan program Trojan-PSW.Win32.OnLineGames.duf File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259416.EXE//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgi File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259427.EXE//PE_Patch.UPX//UPX
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259438.EXE//PE_Patch.UPX
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K11911259459.EXE//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dsm File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K119112594610.EXE
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K119112594711.EXE//PE_Patch.UPX
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K119112595013.EXE//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.djv File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K119112595114.EXE//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.drf File: C:\Documents and Settings\Owner\×ÀÃæ\virus\K119112595215.EXE//PE_Patch//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\KVSC3.EXE//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtr File: C:\Documents and Settings\Owner\×ÀÃæ\virus\LYLOADER.EXE//PE_Patch//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\MPPDS.EXE
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\virus\MSPRINT32D.EXE//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgi File: C:\Documents and Settings\Owner\×ÀÃæ\virus\NVDISPDRV.DLL
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgi File: C:\Documents and Settings\Owner\×ÀÃæ\virus\NVDISPDRV.EXE//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.Lmir.bmp File: C:\Documents and Settings\Owner\×ÀÃæ\virus\PROVIE.EXE

显示全部楼层 · 发表于 2007-9-30 13:13:42

卡吧启发式 Trojan.Generic 好强

显示全部楼层 · 发表于 2007-9-30 13:41:56

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 279
Paranoia Database - 6236
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\virus

C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1212分46秒CDB7F793.EXE - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1258分12秒cs0619[1].exe - Infected with SDB:Trojan-PSW.OnLineGames.g - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1258分14秒cq0619[1].exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1258分15秒f2b4657b5568d072[1].exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1258分5秒zt0616[1].exe - Infected with SDB:Trojan-PSW.OnLineGames.8 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1258分7秒moon[1].exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\AUTO.EXE - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\autorun.inf - Infected with PDB:871 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\CDB7F793.EXE - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\DBGHLP32.DLL - Infected with SDB:Trojan-PSW.OnLineGames.12 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\DBGHLP32.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\DISKMAN32.DLL - Suspicious file
C:\Documents and Settings\uhthn\Desktop\virus\DISKMAN32.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\K11911259351.EXE - Infected with SDB:Trojan-PSW.OnLineGames.u - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K11911259362.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\K11911259373.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\K11911259394.EXE - Infected with SDB:Trojan-PSW.OnLineGames.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K11911259405.EXE - Infected with SDB:Trojan-PSW.OnLineGames.12 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K11911259416.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\K11911259427.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\K11911259438.EXE - Infected with SDB:Trojan-PSW.OnLineGames.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K11911259459.EXE - Infected with SDB:Trojan-PSW.OnLineGames.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K119112594610.EXE - Infected with SDB:Trojan-PSW.OnLineGames.8 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K119112594711.EXE - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\virus\K119112595013.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\K119112595114.EXE - Infected with SDB:Trojan-PSW.OnLineGames.g - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\K119112595215.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\virus\KVSC3.DLL - Infected with SDB:Trojan-PSW.OnLineGames.12 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\KVSC3.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\LYLOADER.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\virus\MPPDS.EXE - Infected with SDB:Trojan-PSW.OnLineGames.12 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\MSPRINT32D.DLL - Suspicious file
C:\Documents and Settings\uhthn\Desktop\virus\MSPRINT32D.EXE - Infected with SDB:Trojan-PSW.OnLineGames.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\NVDISPDRV.DLL - Suspicious file
C:\Documents and Settings\uhthn\Desktop\virus\NVDISPDRV.EXE - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\virus\PROVIE.EXE - Infected with SDB:Win32.Generic.Malware.6 - Deleted
C:\Documents and Settings\uhthn\Desktop\virus\2007年9月30日1258分9秒wm[1].exe - Suspicious of Trojan-PSW.OnLineGames.2

37 Files scanned
20 Infected files found
17 Suspicious files found
0 Files cured
20 Files deleted

显示全部楼层 · 发表于 2007-9-30 13:42:07

2007-9-30 13:41:53 1191130913 Administrator 3444 Sign of "Win32:Agent-HFX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\2007年9月30日12时12分46秒CDB7F793.EXE\[NsPack]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Onlinegames-ALS [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\2007年9月30日12时58分12秒cs0619[1].exe\[Upack]\[Embedded#ABCDE]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Agent-HFX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\2007年9月30日12时58分15秒f2b4657b5568d072[1].exe\[NsPack]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Small-HKX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\2007年9月30日12时58分5秒zt0616[1].exe" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Agent-HFX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\2007年9月30日12时58分7秒moon[1].exe\[NsPack]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Agent-HFX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\AUTO.EXE\[NsPack]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Agent-HFX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\CDB7F793.EXE\[NsPack]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\DBGHLP32.DLL" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\DBGHLP32.EXE\[UPX]\[Embedded#2060]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:OnLineGames-ST [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259351.EXE\[Embedded#0c80]\[Upack]\[Embedded#5158]\[Upack]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:OnLineGames-SR [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259351.EXE" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259373.EXE\[UPX]\[Embedded#1e60]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259394.EXE\[UPX]\[Embedded#2060]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259405.EXE\[Embedded#1a60]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259405.EXE" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259416.EXE\[UPX]\[Embedded#2060]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Onlinegames-BBR [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259427.EXE\[UPX]\[Embedded#1e60]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K11911259459.EXE\[UPX]\[Embedded#1e60]" file.
2007-9-30 13:41:56 1191130916 Administrator 3444 Sign of "Win32:Small-HKX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K119112594610.EXE" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K119112594711.EXE\[UPX]\[Embedded#2060]" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part1.rar\virus\K119112595013.EXE\[UPX]\[Embedded#2060]" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Onlinegames-ALS [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\K119112595114.EXE\[Upack]\[Embedded#ABCDE]" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\KVSC3.DLL" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\KVSC3.EXE\[UPX]\[Embedded#1e60]" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:OnLineGames-ST [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\LYLOADER.EXE\[Upack]\[Embedded#5158]\[Upack]" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\MPPDS.EXE\[Embedded#1a60]" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Nilage-JY [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\MPPDS.EXE" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Onlinegames-BBR [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\NVDISPDRV.DLL" file.
2007-9-30 13:41:57 1191130917 Administrator 3444 Sign of "Win32:Onlinegames-BBR [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\virus[1].part2.rar\virus\NVDISPDRV.EXE\[UPX]\[Embedded#1e60]" file.

显示全部楼层 · 发表于 2007-9-30 13:46:29

貌似漏掉一个？

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\virus'
C:\Users\morgan\Documents\virus\
  2007年9月30日12时12分46秒CDB7F793.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [INFO]    The file was deleted!
  2007年9月30日12时58分12秒cs0619[1].exe
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [INFO]    The file was deleted!
  2007年9月30日12时58分14秒cq0619[1].exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [INFO]    The file was deleted!
  2007年9月30日12时58分15秒f2b4657b5568d072[1].exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [INFO]    The file was deleted!
  2007年9月30日12时58分5秒zt0616[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dmn
   [INFO]    The file was deleted!
  2007年9月30日12时58分7秒moon[1].exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [INFO]    The file was deleted!
  2007年9月30日12时58分9秒wm[1].exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '472f383f.qua'!
  AUTO.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [INFO]    The file was deleted!
  autorun.inf
  CDB7F793.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [INFO]    The file was deleted!
  DBGHLP32.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '47463851.qua'!
  DBGHLP32.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  DISKMAN32.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '47523858.qua'!
  DISKMAN32.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259351.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
  K11911259362.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259373.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259394.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259405.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259416.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259427.EXE
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dgi.3
   [INFO]    The file was deleted!
  K11911259438.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K11911259459.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K119112594610.EXE
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dmn
   [INFO]    The file was deleted!
  K119112594711.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K119112595013.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  K119112595114.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [INFO]    The file was deleted!
  K119112595215.EXE
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '47303840.qua'!
  KVSC3.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '47523865.qua'!
  KVSC3.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
  MPPDS.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  MSPRINT32D.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '474f3862.qua'!
  MSPRINT32D.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
  NVDISPDRV.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dgi.3
   [INFO]    The file was deleted!
  NVDISPDRV.EXE
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dgi.3
   [INFO]    The file was deleted!
  PROVIE.EXE
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [INFO]    The file was deleted!

End of the scan: 2007年9月29日  22:45
Used time: 00:05 min

The scan has been done completely.

   1 Scanning directories
   37 Files were scanned
   30 viruses and/or unwanted programs were found
   6 Files were classified as suspicious:
   30 files were deleted
   0 files were repaired
   6 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   7 Files not concerned
   0 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-30 13:47:50

你的软件

C:\Documents and Settings\uhthn\Desktop\virus\autorun.inf - Infected with PDB:871 Malware program - Deleted

连inf文件都杀了？

显示全部楼层 · 发表于 2007-9-30 15:52:39

已删除：木马程序 Backdoor.Win32.Agent.bxj 文件: F:\9.30\virus.rar/virus\virus\2007年9月30日12时12分46秒CDB7F793.EXE
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.djv 文件: F:\9.30\virus.rar/virus\virus\2007年9月30日12时58分12秒cs0619[1].exe//PE_Patch//UPack
已删除：木马程序 Backdoor.Win32.Agent.bxj 文件: F:\9.30\virus.rar/virus\virus\2007年9月30日12时58分15秒f2b4657b5568d072[1].exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dsm 文件: F:\9.30\virus.rar/virus\virus\2007年9月30日12时58分5秒zt0616[1].exe
已删除：木马程序 Backdoor.Win32.Agent.bxj 文件: F:\9.30\virus.rar/virus\virus\2007年9月30日12时58分7秒moon[1].exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.drf 文件: F:\9.30\virus.rar/virus\virus\2007年9月30日12时58分9秒wm[1].exe//PE_Patch//UPack
已删除：木马程序 Backdoor.Win32.Agent.bxj 文件: F:\9.30\virus.rar/virus\virus\AUTO.EXE
已删除：木马程序 Backdoor.Win32.Agent.bxj 文件: F:\9.30\virus.rar/virus\virus\CDB7F793.EXE
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\DBGHLP32.EXE//PE_Patch.UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwn 文件: F:\9.30\virus.rar/virus\virus\DISKMAN32.DLL
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwa 文件: F:\9.30\virus.rar/virus\virus\DISKMAN32.EXE//PE_Patch.UPX//UPX
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.dtr 文件: F:\9.30\virus.rar/virus\virus\K11911259351.EXE//#//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwa 文件: F:\9.30\virus.rar/virus\virus\K11911259362.EXE//PE_Patch.UPX//UPX
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\K11911259373.EXE//PE_Patch.UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.doj 文件: F:\9.30\virus.rar/virus\virus\K11911259394.EXE//PE_Patch.UPX//UPX
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\K11911259405.EXE
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.duf 文件: F:\9.30\virus.rar/virus\virus\K11911259416.EXE//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dgi 文件: F:\9.30\virus.rar/virus\virus\K11911259427.EXE//PE_Patch.UPX//UPX
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\K11911259438.EXE//PE_Patch.UPX
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\K11911259459.EXE//PE_Patch.UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dsm 文件: F:\9.30\virus.rar/virus\virus\K119112594610.EXE
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\K119112594711.EXE//PE_Patch.UPX
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\K119112595013.EXE//PE_Patch.UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.djv 文件: F:\9.30\virus.rar/virus\virus\K119112595114.EXE//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.drf 文件: F:\9.30\virus.rar/virus\virus\K119112595215.EXE//PE_Patch//UPack
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\KVSC3.EXE//PE_Patch.UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dtr 文件: F:\9.30\virus.rar/virus\virus\LYLOADER.EXE//PE_Patch//UPack
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\MPPDS.EXE
已隔离：病毒 Heur.Invader (修改) 文件: F:\9.30\virus.rar/virus\virus\MSPRINT32D.EXE//PE_Patch.UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dgi 文件: F:\9.30\virus.rar/virus\virus\NVDISPDRV.DLL
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dgi 文件: F:\9.30\virus.rar/virus\virus\NVDISPDRV.EXE//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.Lmir.bmp 文件: F:\9.30\virus.rar/virus\virus\PROVIE.EXE

显示全部楼层 · 发表于 2007-9-30 17:22:24

License expired
License #000000119 Valid till 2006-12-31
Demo mode
Computer: PROMISED-1BD18F
System: Windows XP
Command line options:
/r=susp.rpt /ha=3 /collect_suspects /nc /sfx /af+ /fd+ /ar+ /bt- /mr- /ml+ /rw+ /as-
Program settings:
/r=susp.rpt /ha=3 /collect_suspects /nc /sfx /af+ /fd+ /ar+ /qu+ /ml+ /rw+

*:
C:\
C:\ABC\virus\virus\2007年9月30日12时12分46秒CDB7F793.EXE : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\ABC\virus\virus\2007年9月30日12时58分12秒cs0619[1].exe : infected Trojan-PSW.Win32.OnLineGames.djv
C:\ABC\virus\virus\2007年9月30日12时58分14秒cq0619[1].exe : infected MalwareScope.Trojan-PSW.Game.16
C:\ABC\virus\virus\2007年9月30日12时58分15秒f2b4657b5568d072[1].exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\ABC\virus\virus\2007年9月30日12时58分5秒zt0616[1].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\2007年9月30日12时58分7秒moon[1].exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\ABC\virus\virus\AUTO.EXE : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\ABC\virus\virus\CDB7F793.EXE : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\ABC\virus\virus\DBGHLP32.DLL : infected MalwareScope.Trojan-PSW.Game.1
C:\ABC\virus\virus\DBGHLP32.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\DISKMAN32.DLL : infected MalwareScope.Trojan-PSW.Game.1
C:\ABC\virus\virus\DISKMAN32.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259351.EXE : is suspected of Malware.Agent.108 (paranoid heuristics)
C:\ABC\virus\virus\K11911259362.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259373.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259394.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259405.EXE : infected MalwareScope.Trojan-PSW.Game.12
C:\ABC\virus\virus\K11911259416.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259427.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259438.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K11911259459.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K119112594610.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K119112594711.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K119112595013.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\K119112595114.EXE : infected Trojan-PSW.Win32.OnLineGames.djv
C:\ABC\virus\virus\KVSC3.DLL : infected MalwareScope.Trojan-PSW.Game.12
C:\ABC\virus\virus\KVSC3.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\LYLOADER.EXE : is suspected of Trojan-PSW.Game.32 (paranoid heuristics)
C:\ABC\virus\virus\MPPDS.EXE : infected MalwareScope.Trojan-PSW.Game.12
C:\ABC\virus\virus\MSPRINT32D.DLL : infected MalwareScope.Trojan-PSW.Game.1
C:\ABC\virus\virus\MSPRINT32D.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\NVDISPDRV.DLL : infected MalwareScope.Trojan-PSW.Game.12
C:\ABC\virus\virus\NVDISPDRV.EXE : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus\virus\PROVIE.EXE : infected MalwareScope.Trojan-PSW.Game.16
Program execution terminated by user

Directories    : 5    Files in archives:    Files on disks:
Archives:                - total    : 1    - total    : 54
- scanned       : 1    -  scanned : 1    - scanned    : 54
- contain viruses : 0    -  infected : 0    - infected : 27
- deleted       : 0    -  suspicious : 0    - suspicious  : 7

Startup : 17:19:16 30-09-2007
End       : 17:19:28 30-09-2007
Total time : 00:00:12

[病毒样本] 几个最新样本 + 几个比较旧 37 个网马

本帖子中包含更多资源

回复 5楼 uhthn2002 的帖子

浏览过的版块

[病毒样本] 几个最新样本 + 几个比较旧 37 个 网马

本帖子中包含更多资源

回复 5楼 uhthn2002 的帖子

浏览过的版块

[病毒样本] 几个最新样本 + 几个比较旧 37 个网马