18个

显示全部楼层 · 发表于 2007-10-13 15:18:11

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\1013.rar'
C:\Users\morgan\Documents\
  1013.rar
  1013.rar:Zone.Identifier
[0] Archive type: RAR
--> 113.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Kolmat.B.12 Backdoor server programs
      [WARNING] Infected files in archives cannot be repaired!
--> 114.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.cnf.3
      [WARNING] Infected files in archives cannot be repaired!
--> 115.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 116.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 117.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 118.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.KH.1
      [WARNING] Infected files in archives cannot be repaired!
--> 119.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 102.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 103.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 104.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.DOJ.1
      [WARNING] Infected files in archives cannot be repaired!
--> 105.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 106.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.cdv.11
      [WARNING] Infected files in archives cannot be repaired!
--> 107.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Zlob.dfw
      [WARNING] Infected files in archives cannot be repaired!
--> 108.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja
      [WARNING] Infected files in archives cannot be repaired!
--> 109.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dgi.4
      [WARNING] Infected files in archives cannot be repaired!
--> 110.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.agj
      [WARNING] Infected files in archives cannot be repaired!
--> 111.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
--> 112.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    The file was deleted!

End of the scan: 2007年10月13日  00:18
Used time: 00:03 min

The scan has been done completely.

   0 Scanning directories
   20 Files were scanned
   18 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   18 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-13 15:18:29

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\1013\114.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:43365  MD5:3b8aa5ea01e2366122be6a94ec4fe003

[C:\Documents and Settings\Administrator\桌面\Virus\1013\116.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:16836  MD5:94b6d7e1edb2cc6494c69981109ceadb

[C:\Documents and Settings\Administrator\桌面\Virus\1013\118.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:164749  MD5:77d17fb6599200780fab618ef972759e

[C:\Documents and Settings\Administrator\桌面\Virus\1013\119.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:13904  MD5:4aaf99537fc8635e8020682f4132293d

[C:\Documents and Settings\Administrator\桌面\Virus\1013\102.exe]
                  …………发现Spy！报告:[2] [8] HOOK者
文件信息:  大小:26624  MD5:62d6d0c01e36e3446586dad39bb36f0b

[C:\Documents and Settings\Administrator\桌面\Virus\1013\103.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:16052  MD5:4566a2db478b483929230c975679429a

[C:\Documents and Settings\Administrator\桌面\Virus\1013\105.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:13920  MD5:8544af1c22fad0916ec7669dcf219f7a

[C:\Documents and Settings\Administrator\桌面\Virus\1013\107.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:15507  MD5:dcc5244523a9ac227d0a27c26ffedd70

[C:\Documents and Settings\Administrator\桌面\Virus\1013\108.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:14006  MD5:bd6e90453e36ff34dd92b8a35fa2ce80

[C:\Documents and Settings\Administrator\桌面\Virus\1013\110.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:32405  MD5:431397f825df5c04bd6c88385cea7c35

[C:\Documents and Settings\Administrator\桌面\Virus\1013\111.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:15156  MD5:b48accdf21fd40cd2eb6b53da0f83341

[C:\Documents and Settings\Administrator\桌面\Virus\1013\112.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:14036  MD5:683b6e3a4e3d49d64ef765e36542b2ea

文件数:18 病毒数:12  比重:0.6666666666667
OK  扫描完毕！
  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-10-13 15:20 编辑 ]

显示全部楼层 · 发表于 2007-10-13 15:21:48

木马名称:Backdoor.Win32.Kolmat.h

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\113.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.mjo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\114.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Agent.bqk

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\118.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.pzn

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\119.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.qfw

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\103.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.nmi

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\104.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.qbs

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\105.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jmr

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\106.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Zlob.bvb

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\107.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.pzm

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\108.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.mcg

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\109.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.QQPass.fxx

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\110.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.qld

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\111.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.qbt

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\112.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\102.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\UPXDND.EXE
2) C:\WINDOWS.0\SYSTEM32\UPXDND.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\115.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MSPRINT32D.EXE
2) C:\WINDOWS.0\SYSTEM32\MSPRINT32D.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\116.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\QDSHM.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1013\117.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\DBGHLP32.EXE
2) C:\WINDOWS.0\SYSTEM32\DBGHLP32.DLL
是否删除木马程序及其衍生物?

显示全部楼层 · 发表于 2007-10-13 15:26:03

kv2008报16个

http://bbs.kafan.cn/attachment.php?aid=139133->113.exe                      worm/agent.je             2007-10-13 下午 03:25:23 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->114.exe                      trojan/psw.gamepass.yqu    2007-10-13 下午 03:25:24 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->115.exe                      trojan/psw.gamepass.aaot    2007-10-13 下午 03:25:24 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->117.exe                      trojan/psw.gamepass.aaot    2007-10-13 下午 03:25:24 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->118.exe                      trojanspy.agent.asa       2007-10-13 下午 03:25:25 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->119.exe                      trojandownloader.adload.lp 2007-10-13 下午 03:25:25 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->103.exe                      trojandownloader.adload.lp 2007-10-13 下午 03:25:25 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->104.exe                      trojandropper.agent.dko    2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->105.exe                      trojandownloader.adload.lp 2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->106.exe                      trojan/psw.gamepass.xxa    2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->107.exe                      trojandownloader.adload.lp 2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->108.exe                      trojanspy.delf.aud          2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->109.exe                      trojan/psw.onlinegames.hxv 2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->110.exe                      trojan/psw.qqpass.rts       2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->111.exe                      trojan/psw.onlinegames.igg 2007-10-13 下午 03:25:28 已删除
http://bbs.kafan.cn/attachment.php?aid=139133->112.exe                      trojandownloader.adload.lp 2007-10-13 下午 03:25:28 已删除

[ 本帖最后由 kp2006 于 2007-10-13 15:29 编辑 ]

显示全部楼层 · 发表于 2007-10-13 15:31:26

Result: 14 malware found
Backdoor.Win32.Kolmat.b (virus)
C:\Users\Administrator\Desktop\1013.rar\113.exe
Trojan-PSW.Win32.OnLineGames.cnf (virus)
C:\Users\Administrator\Desktop\1013.rar\114.exe
Trojan-Spy.Win32.Agent.pr (virus)
C:\Users\Administrator\Desktop\1013.rar\118.exe
Trojan-PSW.Win32.OnLineGames.eop (virus)
C:\Users\Administrator\Desktop\1013.rar\119.exe
C:\Users\Administrator\Desktop\1013.rar\103.exe
C:\Users\Administrator\Desktop\1013.rar\105.exe
C:\Users\Administrator\Desktop\1013.rar\107.exe
C:\Users\Administrator\Desktop\1013.rar\112.exe
Trojan-PSW.Win32.OnLineGames.doj (virus)
C:\Users\Administrator\Desktop\1013.rar\104.exe
Trojan-PSW.Win32.OnLineGames.bgr (virus)
C:\Users\Administrator\Desktop\1013.rar\106.exe
Trojan-PSW.Win32.OnLineGames.eja (virus)
C:\Users\Administrator\Desktop\1013.rar\108.exe
Trojan-PSW.Win32.OnLineGames.dgi (virus)
C:\Users\Administrator\Desktop\1013.rar\109.exe
Trojan-PSW.Win32.QQPass.agj (virus)
C:\Users\Administrator\Desktop\1013.rar\110.exe
Trojan-PSW.Win32.OnLineGames.erg (virus)
C:\Users\Administrator\Desktop\1013.rar\111.exe

显示全部楼层 · 发表于 2007-10-13 15:32:59

扫描进行于：2007-10-13 9:32:00
扫描日志
NOD32版本 2590 (20071012) NT
命令行： D:\下载文件夹\1013.rar

日期： 13.10.2007 时间：09:32:02
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：D:\下载文件夹\1013.rar
D:\下载文件夹\1013.rar >>RAR >>113.exe - Win32/Delf.NGD 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>114.exe - Win32/PSW.Legendmir.NEP 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>115.exe - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
D:\下载文件夹\1013.rar >>RAR >>117.exe - Win32/PSW.OnLineGames.NFL 木马的变种
D:\下载文件夹\1013.rar >>RAR >>118.exe - Win32/Agent.NEM 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>119.exe - Win32/PSW.OnLineGames.NGA 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>102.exe - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
D:\下载文件夹\1013.rar >>RAR >>104.exe - Win32/PSW.OnLineGames.YA 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>106.exe - Win32/PSW.OnLineGames.YA 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>108.exe - Win32/PSW.OnLineGames.EJA 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>109.exe - Win32/PSW.OnLineGames.YA 木马 - 是已删除对象的一部分
D:\下载文件夹\1013.rar >>RAR >>110.exe - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
已扫描的文件数目：19
已发现的病毒数目：12
已清除病毒的文件数目：1
完成时间： 09:32:05 总扫描时间：3 秒 (00:00:03)

显示全部楼层 · 发表于 2007-10-13 16:00:20

18
detected: Trojan program Backdoor.Win32.Kolmat.b File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/113.exe//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.cnf File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/114.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fbx File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/115.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fbv File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/116.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fbu File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/117.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Spy.Win32.Agent.pr File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/118.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/119.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fbo File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/102.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/103.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.doj File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/104.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/105.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bgr File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/106.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/107.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eja File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/108.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgi File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/109.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.QQPass.agj File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/110.exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.erg File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/111.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.eop File: C:\Documents and Settings\Owner\×ÀÃæ\1013.rar/112.exe

显示全部楼层 · 发表于 2007-10-13 20:16:11

红伞
AntiVir PersonalEdition Classic
Report file date: 2007年10月13日  20:15

Scanning for 878005 virus strains and unwanted programs.

Licensed to:    Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform:       Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:       superman
Computer name: E1A09BBE1055411

Version information:
BUILD.DAT : 270          15603 Bytes 2007-9-19 13:32:00
AVSCAN.EXE : 7.0.6.1    290856 Bytes 2007-8-23 06:16:29
AVSCAN.DLL : 7.0.6.0    49192 Bytes 2007-8-16 05:23:51
LUKE.DLL    : 7.0.5.3    147496 Bytes 2007-8-14 08:32:47
LUKERES.DLL  : 7.0.6.1    10280 Bytes 2007-8-21 05:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-7-18 07:27:15
ANTIVIR1.VDF : 7.0.0.0    1640448 Bytes 2007-9-13 07:26:55
ANTIVIR2.VDF : 7.0.0.57    446464 Bytes 2007-10-7 10:35:43
ANTIVIR3.VDF : 7.0.0.83    158720 Bytes  2007-10-12 10:35:43
AVEWIN32.DLL : 7.6.0.23 2753024 Bytes  2007-10-13 10:35:43
AVWINLL.DLL  : 1.0.0.7    14376 Bytes 2007-2-26 03:36:26
AVPREF.DLL : 7.0.2.2    25640 Bytes 2007-7-18 00:39:17
AVREP.DLL : 7.0.0.1    155688 Bytes 2007-4-16 06:16:24
AVPACK32.DLL : 7.3.0.15    360488 Bytes 2007-8-3 01:46:00
AVREG.DLL : 7.0.1.6    30760 Bytes 2007-7-18 00:17:06
AVARKT.DLL : 1.0.0.20    278568 Bytes 2007-8-28 05:26:33
AVEVTLOG.DLL : 7.0.0.20    86056 Bytes 2007-7-18 00:10:18
NETNT.DLL : 7.0.0.0       7720 Bytes 2007-3-8 04:09:42
RCIMAGE.DLL  : 7.0.1.30 2342952 Bytes 2007-8-7 05:38:13
RCTEXT.DLL : 7.0.62.0    86056 Bytes 2007-8-21 05:50:37
SQLITE3.DLL  : 3.3.17.1    339968 Bytes 2007-7-23 02:37:21

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\superman\LOCALS~1\Temp\7b87e97e.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2007年10月13日  20:15

Starting the file scan:

Begin scan in 'C:\Documents and Settings\superman\桌面\1013.rar'
C:\Documents and Settings\superman\桌面\1013.rar
  [0] Archive type: RAR
  --> 113.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Kolmat.B.12 Backdoor server programs
  --> 114.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.cnf.3
  --> 115.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 116.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 117.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 118.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.KH.1
  --> 119.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 102.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 103.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 104.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.DOJ.1
  --> 105.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 106.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.cdv.11
  --> 107.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.dfw
  --> 108.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja
  --> 109.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dgi.4
  --> 110.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.agj
  --> 111.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 112.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
   [INFO]    The file was moved to '4741b701.qua'!

End of the scan: 2007年10月13日  20:15
Used time: 00:14 min

The scan has been done completely.

   0 Scanning directories
   20 Files were scanned
   18 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-13 20:17:28

C:\ABC\1013.rar:\113.exe - 特征码 'Trojan.Win32.StartPage.aph' 被发现
C:\ABC\1013.rar:\114.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\1013.rar:\115.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\1013.rar:\116.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\1013.rar:\117.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\1013.rar:\118.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\1013.rar:\119.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\1013.rar:\102.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.fbo' 被发现
C:\ABC\1013.rar:\103.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\1013.rar:\104.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\1013.rar:\105.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\1013.rar:\106.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\1013.rar:\107.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\1013.rar:\108.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\1013.rar:\109.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\1013.rar:\110.exe - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\1013.rar:\111.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\1013.rar:\112.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\1013.rar

19 文件被扫描
(1 压缩档 18 文件)
18 特征码被侦测
0 可疑代码段被发现
耗时: 0:00.969

[病毒样本] 18个

本帖子中包含更多资源