22个

显示全部楼层 · 发表于 2007-10-1 09:05:36

没全灭的还是赶紧换吧，好容易清闲一个双休日抓点样本上来

显示全部楼层 · 发表于 2007-10-1 09:08:07

MicroVita AntiSpyware
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\22\moon.exe]
                  …………发现Spy！报告: [4]
文件信息:  大小:18475  MD5:6d704cec55a38a5af355451400cb387b

[C:\Documents and Settings\Administrator\桌面\Virus\22\1.exe]
                  …………发现Spy！报告: [4]
文件信息:  大小:15360  MD5:d983fb2d1182eaa774eb2ad389000173

[C:\Documents and Settings\Administrator\桌面\Virus\22\2.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:13345  MD5:49df73e7d0d57c338c9d8fef3ae682ab

[C:\Documents and Settings\Administrator\桌面\Virus\22\3.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:12063  MD5:a66cadb32084947379ee728a3b89b632

[C:\Documents and Settings\Administrator\桌面\Virus\22\4.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:15964  MD5:f098ce4d2e44d2d060f6a64f4d41e301

[C:\Documents and Settings\Administrator\桌面\Virus\22\5.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:13834  MD5:9b219f71ed1743fafc7b84949d64539d

[C:\Documents and Settings\Administrator\桌面\Virus\22\6.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:15584  MD5:2dcb4539b008eca53dc4a9d2a0640e98

[C:\Documents and Settings\Administrator\桌面\Virus\22\7.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:16196  MD5:1862469f6c75d7ca34b57c763979e6af

[C:\Documents and Settings\Administrator\桌面\Virus\22\8.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:36845  MD5:abef62623f5b2940bd70be183a859fc1

[C:\Documents and Settings\Administrator\桌面\Virus\22\9.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:29700  MD5:b07a1c0e80a3e440fb9133e1b0cc3807

[C:\Documents and Settings\Administrator\桌面\Virus\22\10.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:14838  MD5:9ccefb789a61a05f669bde19b4a4cfd2

[C:\Documents and Settings\Administrator\桌面\Virus\22\11.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:14533  MD5:9b783da8aa5cdff857fe01bdaf8a08af

[C:\Documents and Settings\Administrator\桌面\Virus\22\12.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:13393  MD5:42c499c9539f07557590d678550c3339

[C:\Documents and Settings\Administrator\桌面\Virus\22\13.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:11785  MD5:b866becb61569a53ef5bdd1fa61a53bf

[C:\Documents and Settings\Administrator\桌面\Virus\22\14.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:12646  MD5:1bad2303479d6cd4cb06d53c9dcbdda6

[C:\Documents and Settings\Administrator\桌面\Virus\22\15.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:12147  MD5:a57348a1396a61d0270d935a5f119de2

[C:\Documents and Settings\Administrator\桌面\Virus\22\16.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:166397  MD5:0c4d2f3415a168c0aa3ea3ea9378df5c

[C:\Documents and Settings\Administrator\桌面\Virus\22\17.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:13084  MD5:0ee4413a69e801d26128d6378561dd01

[C:\Documents and Settings\Administrator\桌面\Virus\22\18.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:14814  MD5:8f59e8140322dca10260023566ea8718

[C:\Documents and Settings\Administrator\桌面\Virus\22\19.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:29884  MD5:4005d75dade5147cf546983142c99f29

[C:\Documents and Settings\Administrator\桌面\Virus\22\dd.exe]
                  …………发现Spy！报告: [4]
文件信息:  大小:37888  MD5:8a0e5130474250441e8a230eec6ae6fb

[C:\Documents and Settings\Administrator\桌面\Virus\22\jiqi.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:101968  MD5:58cfde8bae41708dc992e4b460126a8f

文件数:22 病毒数:22  比重:1
OK  扫描完毕！
  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-10-1 09:09 编辑 ]

显示全部楼层 · 发表于 2007-10-1 09:08:30

Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\22.rar'
C:\Documents and Settings\tim\桌面\22.rar
  [0] Archive type: RAR
  --> moon.exe
   [DETECTION] Is the Trojan horse TR/Agent.18475
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/Agent.13361
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dfs
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bqh
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dtf
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.DOJ.5
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.drk.1
  --> 8.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.UV
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dpd
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dte
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.NEP.2
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/Agent.18008
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.deg
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dkj
  --> 16.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.37 Backdoor server programs
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.drt
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dsl
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> dd.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Versie.1
  --> jiqi.exe
   [DETECTION] Is the Trojan horse TR/Spy.Agent.acb
   [INFO]    A backup was created as '472e48ad.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-10-1 09:10:48

费尔已知21个，启发一个（不是packed类启发

）

显示全部楼层 · 发表于 2007-10-1 09:35:28

TrustPort Antivirus On-Demand Scanner

   Status       Quarantined
   Target       G:\v\22.rar
                           Options
                                             , Requested action: Move to quarantine, Excluded extensions
                           disabled, Excluded objects disabled, Heuristics enabled, Sandbox enabled,
                           Scan archives

            Statistics       Details

                                                Files             Boot sectorsRegistry key

                           Scanned             24                      0                            0
                           Infected             22                      0                            0
                           Repaired             0                      0                            0
                           Renamed             0                      -                            -
                        Quarantined             1                      -                            -
                              Deleted             0                      -                            0

显示全部楼层 · 发表于 2007-10-1 09:44:01

Scanning Log
Version of virus signature database: 2561 (20071001)
Date: 1.10.2007 Time: 09:43:37
Scanned disks, folders and files: C:\Documents and Settings\Martin\桌面\22.rar
Number of scanned objects: 23
Number of threats found: 22
Time of completion: 09:43:52 Total scanning time: 15 sec (00:00:15)

显示全部楼层 · 发表于 2007-10-1 09:45:35

显示全部楼层 · 发表于 2007-10-1 09:48:32

显示全部楼层 · 发表于 2007-10-1 09:56:51

22
detected: virus Virus.Win32.AutoRun.pz File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/moon.exe//ASPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dse File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/1.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dqt File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/2.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dfs File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/3.exe//UPack
detected: Trojan program Trojan-PSW.Win32.Nilage.bqh File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/4.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtf File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/5.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.doj File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/6.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.drk File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/7.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.djv File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/8.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.wz File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/9.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dpd File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/10.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dte File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/11.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgw File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/12.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgx File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/13.exe//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.bxi File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/14.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dkj File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/15.exe//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.bvb File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/16.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.drt File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/17.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dsl File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/18.exe//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.xp File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/19.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Baser.o File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/dd.exe
detected: Trojan program Trojan-Spy.Win32.Agent.acb File: C:\Documents and Settings\Owner\×ÀÃæ\22.rar/jiqi.exe//PE_Patch//UPack

显示全部楼层 · 发表于 2007-10-1 10:08:13

J:\virus\22.rar:\moon.exe - Signature 'Win32.SuspectCrc' found
J:\virus\22.rar:\1.exe - Signature 'Generic.PWS.Games.3' found
J:\virus\22.rar:\2.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\3.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\4.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
J:\virus\22.rar:\5.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\6.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
J:\virus\22.rar:\7.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
J:\virus\22.rar:\8.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
J:\virus\22.rar:\9.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
J:\virus\22.rar:\10.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\11.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\12.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\13.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\14.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\15.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\16.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
J:\virus\22.rar:\17.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
J:\virus\22.rar:\18.exe - Signature 'Trojan-Spy.Win32.Bancos.ha' found
J:\virus\22.rar:\19.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
J:\virus\22.rar:\dd.exe - Signature 'Trojan-PWS.Win32.QQPass.pb' found
J:\virus\22.rar:\jiqi.exe - Signature 'Trojan-Spy.Win32.Agent.pn' found

      23 Files scanned
      (1 Archiv with 22 files)
      22 Signatures found
      0 Suspect code-parts found
      Used time: 0:00.351
请按任意键继续. . .

[病毒样本] 22个

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源