35个高质【MD5略】

显示全部楼层 · 发表于 2007-9-30 14:30:44

如题

卡巴杀了

[ 本帖最后由 wangjay1980 于 2007-9-30 22:59 编辑 ]

显示全部楼层 · 发表于 2007-9-30 14:37:21

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\35.zip'
C:\Users\morgan\Documents\
  35.zip
[0] Archive type: ZIP
--> tempU.exe
--> window.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1(1)(3).exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1(2)(1).exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1(3).exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1(4).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 01mh.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 2(3).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 3(2)(1).exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 3.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 03ms.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 5(3).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 5.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 8(1).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 10(2)(1).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 10(2).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 10.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 13cq.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 14.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 16xx.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 1630.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1631.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 1633.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> ad_2311.exe
--> menghuan1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> menghuan.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> mminstall.exe
--> moon.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> moyu.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> my.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
      [WARNING] Infected files in archives cannot be repaired!
--> tempA.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> tempG.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> tempO.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> tempP.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> tempS.exe
      [WARNING] The file was ignored!

End of the scan: 2007年9月29日  23:36
Used time: 00:05 min

The scan has been done completely.

   0 Scanning directories
   36 Files were scanned
   20 viruses and/or unwanted programs were found
   11 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   16 Files not concerned
   1 Archives were scanned
   32 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-30 14:39:38

Begin scan in 'C:\Documents and Settings\Administrator\桌面\35.zip'
C:\Documents and Settings\Administrator\桌面\35.zip
  [0] Archive type: ZIP
  --> window.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 1(1)(3).exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1(2)(1).exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1(3).exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1(4).exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 01mh.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 2(3).exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 3(2)(1).exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 03ms.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 5(3).exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 5.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 8(1).exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 10(2)(1).exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 10(2).exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 10.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 13cq.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 16xx.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 1630.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1631.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1633.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> menghuan1.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> menghuan.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> moon.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> moyu.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> my.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
  --> tempA.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> tempG.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> tempO.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> tempP.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
   [INFO]    The file was deleted!

End of the scan: 星期日 2007年9月30日  14:37
Used time: 00:44 min

The scan has been done completely.

   0 Scanning directories
   37 Files were scanned
   20 viruses and/or unwanted programs were found
   11 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   17 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-30 15:42:25

已删除：广告程序 not-a-virus:AdWare.Win32.Cinmus.ada 文件: F:\9.30\35.zip/tempU.exe//stream//data0002//data0003
已删除：广告程序 not-a-virus:AdWare.Win32.Cinmus.adb 文件: F:\9.30\35.zip/tempU.exe//stream//data0002//data0004
已删除：病毒 Worm.Win32.QQPass.w 文件: F:\9.30\35.zip/window.exe//UPX//PEPatch
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvx 文件: F:\9.30\35.zip/1(1)(3).exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvy 文件: F:\9.30\35.zip/1(2)(1).exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvx 文件: F:\9.30\35.zip/1(3).exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwk 文件: F:\9.30\35.zip/1(4).exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvw 文件: F:\9.30\35.zip/01mh.exe//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwd 文件: F:\9.30\35.zip/2(3).exe//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvu 文件: F:\9.30\35.zip/3(2)(1).exe
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czf 文件: F:\9.30\35.zip/3.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwj 文件: F:\9.30\35.zip/03ms.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvz 文件: F:\9.30\35.zip/5(3).exe//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwe 文件: F:\9.30\35.zip/5.exe//UPack
已删除：病毒 Virus.Win32.AutoRun.qh 文件: F:\9.30\35.zip/8(1).exe
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czf 文件: F:\9.30\35.zip/10(2)(1).exe//PE_Patch//UPack
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czf 文件: F:\9.30\35.zip/10(2).exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvz 文件: F:\9.30\35.zip/10.exe//UPack
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czf 文件: F:\9.30\35.zip/13cq.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwa 文件: F:\9.30\35.zip/14.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czg 文件: F:\9.30\35.zip/16xx.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwb 文件: F:\9.30\35.zip/1630.exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwc 文件: F:\9.30\35.zip/1631.exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwa 文件: F:\9.30\35.zip/1633.exe//PE_Patch.UPX//UPX
已删除：广告程序 not-a-virus:AdWare.Win32.Boran.aw 文件: F:\9.30\35.zip/ad_2311.exe//stream//data0001
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwf 文件: F:\9.30\35.zip/menghuan1.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvw 文件: F:\9.30\35.zip/menghuan.exe//UPack
已删除：木马程序 Trojan-Downloader.Win32.Agent.drh 文件: F:\9.30\35.zip/mminstall.exe
已删除：木马程序 Backdoor.Win32.Agent.bxj 文件: F:\9.30\35.zip/moon.exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwg 文件: F:\9.30\35.zip/moyu.exe//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dwh 文件: F:\9.30\35.zip/my.exe//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.dvw 文件: F:\9.30\35.zip/tempA.exe//UPack
已删除：木马程序 Trojan-PSW.Win32.QQGame.ah 文件: F:\9.30\35.zip/tempG.exe//PE_Patch//UPack
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czh 文件: F:\9.30\35.zip/tempO.exe//PE_Patch//UPack
已删除：木马程序 Trojan-Downloader.Win32.Zlob.czf 文件: F:\9.30\35.zip/tempP.exe//PE_Patch//UPack
已删除：广告程序 not-a-virus:AdWare.Win32.Boran.aw 文件: F:\9.30\35.zip/tempS.exe//stream

显示全部楼层 · 发表于 2007-9-30 15:43:38

deleted: adware not-a-virus:AdWare.Win32.Cinmus.ada File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempU.exe//stream//data0002//data0003
deleted: adware not-a-virus:AdWare.Win32.Cinmus.adb File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempU.exe//stream//data0002//data0004
deleted: virus Worm.Win32.QQPass.w File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/window.exe//UPX//PEPatch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvx File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1(1)(3).exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvy File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1(2)(1).exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvx File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1(3).exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwk File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1(4).exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvw File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/01mh.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwd File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/2(3).exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvu File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/3(2)(1).exe
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czf File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/3.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwj File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/03ms.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvz File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/5(3).exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwe File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/5.exe//UPack
deleted: virus Virus.Win32.AutoRun.qh File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/8(1).exe
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czf File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/10(2)(1).exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czf File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/10(2).exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvz File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/10.exe//UPack
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czf File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/13cq.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwa File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/14.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czg File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/16xx.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwb File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1630.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwc File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1631.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwa File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/1633.exe//PE_Patch.UPX//UPX
deleted: adware not-a-virus:AdWare.Win32.Boran.aw File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/ad_2311.exe//stream//data0001
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwf File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/menghuan1.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvw File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/menghuan.exe//UPack
deleted: Trojan program Trojan-Downloader.Win32.Agent.drh File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/mminstall.exe
deleted: Trojan program Backdoor.Win32.Agent.bxj File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/moon.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwg File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/moyu.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dwh File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/my.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.dvw File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempA.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.QQGame.ah File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempG.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czh File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempO.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.Zlob.czf File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempP.exe//PE_Patch//UPack
deleted: adware not-a-virus:AdWare.Win32.Boran.aw File: F:\Documents and Settings\Crusade\×ÀÃæ\35.zip/tempS.exe//stream

显示全部楼层 · 发表于 2007-9-30 17:52:54

NOD32只杀出22个哦。

显示全部楼层 · 发表于 2007-9-30 19:29:00

杀得多 EQ早就出现了

显示全部楼层 · 发表于 2007-9-30 19:44:56

启发真多

显示全部楼层 · 发表于 2007-9-30 19:48:30

显示全部楼层 · 发表于 2007-9-30 20:00:56

瑞星08只杀了6个..

Trojan.PSW.Win32.OnlineGames.zbo 35.zip>>5(3).exe>>upack0.34
Trojan.PSW.Win32.OnlineGames.zbo 35.zip>>10.exe>>upack0.34
Trojan.PSW.Win32.OnlineGames.zao 35.zip>>14.exe>>upx_c
Trojan.PSW.Win32.OnlineGames.zbc 35.zip>>1631.exe
Trojan.PSW.Win32.OnlineGames.zao 35.zip>>1633.exe>>upx_c
Trojan.PSW.Win32.OnlineGames.zbx 35.zip>>tempG.exe

[病毒样本] 35个高质【MD5略】

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块