产物

显示全部楼层 · 发表于 2007-10-3 12:33:41

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.OnlineGames.zcb
病毒： Trojan.PSW.Win32.TLOnline.bh
病毒： Trojan.PSW.Win32.OnlineGames.zbm

3个

显示全部楼层 · 发表于 2007-10-3 12:34:34

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\1.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:16593  MD5:2be3e7ec804eb120fcd8dc2112a7ac11

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\4.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14496  MD5:80e6c37ce8ff3d08c8b7a888de054a09

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\5.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14307  MD5:3775d0c91fe8edee21c4c16c935af5e6

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\6.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14701  MD5:63bd3bf11e81cba1906c9627071d6816

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\7.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:11705  MD5:92721a0dce7be5d0246c3089afd2d68c

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\8.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:21185  MD5:7187084bbd8f069878bc8ea5d0220190

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\9.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:32380  MD5:5a32151ef7aee23e4fbda3f82d832e81

[C:\Documents and Settings\Administrator\桌面\Virus\ABC333\10.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14869  MD5:442019ee8bb996242e1c87f21377462a

文件数:10 病毒数:8  比重:0.8
OK  扫描完毕！

  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

显示全部楼层 · 发表于 2007-10-3 12:41:26

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\ABC.rar'
C:\Users\morgan\Documents\
  ABC.rar
[0] Archive type: RAR
--> 1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dtx
      [WARNING] Infected files in archives cannot be repaired!
--> 4.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 3.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
      [WARNING] Infected files in archives cannot be repaired!
--> 5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dvo
      [WARNING] Infected files in archives cannot be repaired!
--> 6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.duc.1
      [WARNING] Infected files in archives cannot be repaired!
--> 7.exe
      [DETECTION] Is the Trojan horse TR/Agent.11663
      [WARNING] Infected files in archives cannot be repaired!
--> 8.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 9.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQGame.AI.1
      [WARNING] Infected files in archives cannot be repaired!
--> 10.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dtw
      [WARNING] Infected files in archives cannot be repaired!
      [WARNING] The file was ignored!

End of the scan: 2007年10月2日  21:41
Used time: 00:04 min

The scan has been done completely.

   0 Scanning directories
   11 Files were scanned
   9 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   11 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-3 12:41:59

卡巴 7.0.0.125
10个

已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.doe 文件: F:\病毒样本\ABC.rar/7.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dtw 文件: F:\病毒样本\ABC.rar/10.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dtx 文件: F:\病毒样本\ABC.rar/2.exe//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dty 文件: F:\病毒样本\ABC.rar/3.exe//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dua 文件: F:\病毒样本\ABC.rar/4.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.duc 文件: F:\病毒样本\ABC.rar/6.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dvo 文件: F:\病毒样本\ABC.rar/5.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dwk 文件: F:\病毒样本\ABC.rar/1.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dzr 文件: F:\病毒样本\ABC.rar/8.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.QQGame.ai 文件: F:\病毒样本\ABC.rar/9.exe//UPX

显示全部楼层 · 发表于 2007-10-3 12:42:50

扫描进行于：2007-10-3 12:42:19
扫描日志
NOD32版本 2567 (20071002) NT
命令行： F:\Documents and Settings\kafan\桌面\ABC.rar

日期： 3.10.2007 时间：12:42:21
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：F:\Documents and Settings\kafan\桌面\ABC.rar
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>2.exe - Win32/PSW.OnLineGames.NFN 木马的变种
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>3.exe - Win32/PSW.OnLineGames.NFN 木马的变种
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>5.exe - 可能是 Win32/Genetik 木马的一个变种
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>6.exe - 可能是 Win32/Genetik 木马的一个变种
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>7.exe - Win32/PSW.OnLineGames.NEN 木马的变种
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>8.exe - 未查明的 NewHeur_PE 病毒 [7]
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>9.exe - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
F:\Documents and Settings\kafan\桌面\ABC.rar >>RAR >>10.exe - 可能是 Win32/Genetik 木马的一个变种
已扫描的文件数目：10
已发现的病毒数目：8
完成时间： 12:42:25 总扫描时间：4 秒 (00:00:04)

注意：
[7] 该文件可能感染上未知病毒。

显示全部楼层 · 发表于 2007-10-3 12:43:37

dr.web7个

显示全部楼层 · 发表于 2007-10-3 12:44:43

蜘蛛 4.44
[Scan path] C:\Users\Wao\Desktop\ABC.rar
>>C:\Users\Wao\Desktop\ABC.rar\1.exe - Ok
>>>C:\Users\Wao\Desktop\ABC.rar\2.exe infected with Trojan.DownLoader.origin
>>C:\Users\Wao\Desktop\ABC.rar\4.exe - Ok
>>>C:\Users\Wao\Desktop\ABC.rar\3.exe infected with Trojan.DownLoader.origin
>>C:\Users\Wao\Desktop\ABC.rar\5.exe infected with Trojan.PWS.Gamania.4505
>>C:\Users\Wao\Desktop\ABC.rar\6.exe infected with Trojan.PWS.Gamania.4527
>>C:\Users\Wao\Desktop\ABC.rar\7.exe infected with Trojan.PWS.Gamania.4394
>>>C:\Users\Wao\Desktop\ABC.rar\8.exe - Ok
>>C:\Users\Wao\Desktop\ABC.rar\9.exe infected with Trojan.PWS.Qqpass.1446
>>C:\Users\Wao\Desktop\ABC.rar\10.exe infected with Trojan.MulDrop.9100
C:\Users\Wao\Desktop\ABC.rar - archive contains infected objects

显示全部楼层 · 发表于 2007-10-3 13:31:31

全杀

UGuard Log (Digital Fox - gankeyu@126.com)
UGuarduu.exe = 4.2.0
HC0.rlb = 2.8.9
HC2.rlb = 2.4.0
FN0.rlb = 2.3.1
扫描选项：扫描档案, 扩展, 忽略非活动, 忽略大文件, nFile, BAT模拟, 捆绑检测, 变形壳, 启发,
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>1.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>10.exe 检测到 Packed.Generic.UPack
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>2.exe//UPX//Stream_01 检测到 Trojan.OnLineGames.dt
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>2.exe//UPX//Stream_02 检测到 Packed.Generic.S
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>2.exe//UPX//Stream_02 检测到 Generic.OperationOfSEH
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>2.exe//UPX 检测到 Generic.Binder
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>2.exe//UPX 检测到 Trojan.OnLineGames.dt
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>2.exe 检测到 Trojan.OnLineGames.dt
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>3.exe//UPX//Stream_01 检测到 Trojan.OnLineGames.dt
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>3.exe//UPX//Stream_02 检测到 Packed.Generic.S
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>3.exe//UPX//Stream_02 检测到 Generic.OperationOfSEH
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>3.exe//UPX 检测到 Generic.Binder
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>3.exe//UPX 检测到 Trojan.OnLineGames.dt
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>3.exe 检测到 Trojan.OnLineGames.dt
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>4.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>5.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>6.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>7.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>8.exe 检测到 Packed.Generic.UPack
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>9.exe//UPX//Stream_01 检测到 Win32.AutorunU
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>9.exe//UPX 检测到 Generic.Binder
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC.rar>>9.exe//UPX 检测到 Win32.AutorunU
检测到了 14 个未知的恶意程序，请上报。
任务扫描完成。共耗费的时间：0-00-00 00:00:03:0781，共扫描的文件数量：20，共扫描到的威胁数量：22，威胁率：1.1
UGuard Log (Digital Fox - gankeyu@126.com)
UGuarduu.exe = 4.2.0
HC0.rlb = 2.8.9
HC2.rlb = 2.4.0
FN0.rlb = 2.3.1
扫描选项：扫描档案, 扩展, 忽略非活动, 忽略大文件, nFile, BAT模拟, 捆绑检测, 变形壳, 启发,
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\1.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\10.exe 检测到 Packed.Generic.UPack
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX//Stream_01 检测到 Trojan.OnLineGames.dt
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX//Stream_02 检测到 Packed.Generic.S
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX//Stream_02 检测到 Generic.OperationOfSEH
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX 检测到 Generic.Binder
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX 检测到 Trojan.OnLineGames.dt
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe 检测到 Trojan.OnLineGames.dt
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX//Stream_01 检测到 Trojan.OnLineGames.dt
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX//Stream_02 检测到 Packed.Generic.S
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX//Stream_02 检测到 Generic.OperationOfSEH
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX 检测到 Generic.Binder
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX 检测到 Trojan.OnLineGames.dt
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe 检测到 Trojan.OnLineGames.dt
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\4.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\5.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\6.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\7.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\8.exe 检测到 Packed.Generic.UPack
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\9.exe//UPX//Stream_01 检测到 Win32.AutorunU
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\9.exe//UPX 检测到 Generic.Binder
[扫描] [Level 2] 在 E:\Documents and Settings\Administrator\桌面\Vir\ABC\9.exe//UPX 检测到 Win32.AutorunU
检测到了 14 个未知的恶意程序，请上报。
任务扫描完成。共耗费的时间：0-00-00 00:00:01:0859，共扫描的文件数量：19，共扫描到的威胁数量：22，威胁率：1.15789474
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\1.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\10.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\2.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\3.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\4.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\5.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\6.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\7.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\8.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\9.exe//UPX
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\9.exe
[处理] 正在处理 E:\Documents and Settings\Administrator\桌面\Vir\ABC\9.exe

显示全部楼层 · 发表于 2007-10-3 16:21:06

AVAST8个

[病毒样本] 产物

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块