昨天中的

显示全部楼层 · 发表于 2007-10-17 15:03:14

很无聊的毒

显示全部楼层 · 发表于 2007-10-17 15:04:23

扫描开始时间: 2007-10-17 15:04:08
扫描日志
NOD32 版本 2596 (20071017) NT
命令行: C:\Documents and Settings\Administrator\桌面\1017.rar

日期: 2007年10月17日时间: 15:04:10
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: C:\Documents and Settings\Administrator\桌面\1017.rar
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?0.exe<病毒 - Win32/Agent.NCH 蠕虫>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?1.exe<病毒 - Win32/Drowor.NAD 病毒>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?3.exe<病毒 - 可能是 Win32/PSW.Delf 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?4.exe<病毒 - Win32/AutoRun.BL 蠕虫>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?5.exe<病毒 - Win32/PSW.WOW.NDD 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?136588WO.DLL<病毒 - Win32/PSW.WOW.SV 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?AVPSrv.dll<病毒 - 可能是 Win32/PSW.OnLineGames.NFL 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?AVPSrv.exe<病毒 - Win32/PSW.OnLineGames.YA 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?avzxest.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?cmdbcs.dll<病毒 - Win32/PSW.OnLineGames.NFL 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?cmdbcs.exe<病毒 - Win32/PSW.OnLineGames.NFL 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?DiskMan32.dll<病毒 - Win32/PSW.OnLineGames.NFL 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?DiskMan32.exe<病毒 - Win32/PSW.OnLineGames.YA 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?IGW.exe<病毒 - 未知的 NewHeur_PE 病毒 [7]>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?kawdbaz.exe<病毒 - Win32/PSW.OnLineGames.EJA 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?kawdbzy.dll<病毒 - Win32/PSW.OnLineGames.EJA 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?kpwclqva.dll<病毒 - Win32/PSW.WOW.YB 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?KVMonXP1.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?LYLOADER.EXE<病毒 - Win32/PSW.Agent.NEC 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?LYMANGR.DLL<病毒 - Win32/PSW.OnLineGames.DTR 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?mm.exe<病毒 - Win32/PSW.QQPass.NCE 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?MSDEG32.DLL<病毒 - Win32/PSW.OnLineGames.DVV 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?NinSys74.Sys<病毒 - Win32/AutoRun.Q 蠕虫>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?nslookupi.exe<病毒 - Win32/Agent.NEM 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?ntsokele.exe<病毒 - Win32/Delf.NGD 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?NysWin75.Jmp<病毒 - Win32/AutoRun.BL 蠕虫>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?pp.exe<病毒 - Win32/PSW.Delf.NIY 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?rsztcpm.dll<病毒 - Win32/PSW.OnLineGames.EIM 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?rsztcsp.exe<病毒 - Win32/PSW.OnLineGames.EIM 木马>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?KVMonXP3.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Administrator\桌面\1017.rar ?RAR ?a.exe<病毒 - 可能是 Win32/Genetik 木马变种>
已扫描文件数量: 42
已发现病毒数量: 31
完成时间: 15:04:14 总共扫描时间: 4 秒 (00:00:04)

显示全部楼层 · 发表于 2007-10-17 15:05:13

KIS7杀了33个
已删除：病毒 Worm.Win32.Downloader.b 文件: D:\Downloads\1017.rar/0.exe//PE_Patch//UPack
已删除：木马程序 Trojan-Downloader.Win32.Agent.buv 文件: D:\Downloads\1017.rar/1.exe//UPack
已删除：木马程序 Trojan-PSW.Win32.Delf.aax 文件: D:\Downloads\1017.rar/3.exe//UPX
已删除：病毒 Worm.Win32.QQPass.ae 文件: D:\Downloads\1017.rar/4.exe//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.eex 文件: D:\Downloads\1017.rar/5.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.WOW.zo 文件: D:\Downloads\1017.rar/136588WO.DLL
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.edo 文件: D:\Downloads\1017.rar/AVPSrv.dll
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.edp 文件: D:\Downloads\1017.rar/AVPSrv.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.fhm 文件: D:\Downloads\1017.rar/avzxest.exe//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ems 文件: D:\Downloads\1017.rar/cmdbcs.dll
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ems 文件: D:\Downloads\1017.rar/cmdbcs.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\Downloads\1017.rar/DiskMan32.dll
已删除：木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\Downloads\1017.rar/DiskMan32.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.WOW.zo 文件: D:\Downloads\1017.rar/IGW.exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.eja 文件: D:\Downloads\1017.rar/kawdbaz.exe//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.eja 文件: D:\Downloads\1017.rar/kawdbzy.dll
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.eex 文件: D:\Downloads\1017.rar/kpwclqva.dll//UPack
已删除：木马程序 Trojan-Downloader.Win32.Delf.cgy 文件: D:\Downloads\1017.rar/KVMonXP1.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.fgk 文件: D:\Downloads\1017.rar/LYLOADER.EXE//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.fgl 文件: D:\Downloads\1017.rar/LYMANGR.DLL//UPack
已删除：木马程序 Trojan-Spy.Win32.QQLogger.e 文件: D:\Downloads\1017.rar/mm.exe//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.fgm 文件: D:\Downloads\1017.rar/MSDEG32.DLL//UPack
已删除：木马程序 Trojan-PSW.Win32.QQPass.ahk 文件: D:\Downloads\1017.rar/NinSys74.Sys
已删除：木马程序 Backdoor.Win32.Agent.alh 文件: D:\Downloads\1017.rar/nslookupi.exe//UPack
已删除：木马程序 Backdoor.Win32.Kolmat.b 文件: D:\Downloads\1017.rar/ntsokele.exe
已删除：病毒 Worm.Win32.QQPass.ae 文件: D:\Downloads\1017.rar/NysWin75.Jmp//UPX
已删除：木马程序 Trojan-PSW.Win32.Delf.aek 文件: D:\Downloads\1017.rar/pp.exe//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.egs 文件: D:\Downloads\1017.rar/rsztcpm.dll
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.eim 文件: D:\Downloads\1017.rar/rsztcsp.exe//UPack
已删除：木马程序 Trojan-Downloader.Win32.Delf.cgy 文件: D:\Downloads\1017.rar/use1.dll
已删除：木马程序 Trojan-Downloader.Win32.Delf.cgy 文件: D:\Downloads\1017.rar/user32.dll
已删除：木马程序 Trojan-Downloader.Win32.Delf.cgo 文件: D:\Downloads\1017.rar/KVMonXP3.exe
已删除：木马程序 Trojan-Downloader.Win32.Delf.cgo 文件: D:\Downloads\1017.rar/a.exe

显示全部楼层 · 发表于 2007-10-17 15:08:41

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\1017.rar'
C:\Users\morgan\Documents\
  1017.rar
  1017.rar:Zone.Identifier
[0] Archive type: RAR
--> wpcap.dll
--> 0.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Sma.17572.B
      [WARNING] Infected files in archives cannot be repaired!
--> 1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Zhidao
      [WARNING] Infected files in archives cannot be repaired!
--> 3.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.aax.1
      [WARNING] Infected files in archives cannot be repaired!
--> 4.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.ahk
      [WARNING] Infected files in archives cannot be repaired!
--> 5.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 136588WO.DLL
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> AVPSrv.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.edo.2
      [WARNING] Infected files in archives cannot be repaired!
--> AVPSrv.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.edo.2
      [WARNING] Infected files in archives cannot be repaired!
--> avzxein.dll
--> avzxest.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> cmdbcs.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ems.1
      [WARNING] Infected files in archives cannot be repaired!
--> cmdbcs.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ems.1
      [WARNING] Infected files in archives cannot be repaired!
--> DiskMan32.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
      [WARNING] Infected files in archives cannot be repaired!
--> DiskMan32.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
      [WARNING] Infected files in archives cannot be repaired!
--> IGW.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> kawdacs.dll
--> kawdbaz.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja
      [WARNING] Infected files in archives cannot be repaired!
--> kawdbzy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja.1
      [WARNING] Infected files in archives cannot be repaired!
--> kpwclqva.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> KVMonXP1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Delf.cgy.2
      [WARNING] Infected files in archives cannot be repaired!
--> LYLOADER.EXE
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> LYMANGR.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> mm.exe
      [DETECTION] Is the Trojan horse TR/Spy.QQLogger.E
      [WARNING] Infected files in archives cannot be repaired!
--> MSDEG32.DLL
      [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
      [WARNING] Infected files in archives cannot be repaired!
--> NinSys74.Sys
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.ahk
      [WARNING] Infected files in archives cannot be repaired!
--> npptools.dll
--> nslookupi.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.25 Backdoor server programs
      [WARNING] Infected files in archives cannot be repaired!
--> ntsokele.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Kolmat.B.11 Backdoor server programs
      [WARNING] Infected files in archives cannot be repaired!
--> NysWin75.Jmp
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.ahk
      [WARNING] Infected files in archives cannot be repaired!
--> Packet.dll
--> pp.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.aek
      [WARNING] Infected files in archives cannot be repaired!
--> RacvAvc.EXE
--> rsztafg.dll
--> rsztcpm.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.egs
      [WARNING] Infected files in archives cannot be repaired!
--> rsztcsp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eim
      [WARNING] Infected files in archives cannot be repaired!
--> use1.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Delf.cgy.2
      [WARNING] Infected files in archives cannot be repaired!
--> user32.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> WanPacket.dll
--> KVMonXP3.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> a.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> use3.dll
      [WARNING] The file was ignored!

End of the scan: 2007年10月17日  00:08
Used time: 00:05 min

The scan has been done completely.

   0 Scanning directories
   44 Files were scanned
   32 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   12 Files not concerned
   1 Archives were scanned
   34 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-17 15:38:21

Result: 33 malware found
Worm.Win32.Downloader.b (virus)
C:\Users\Administrator\Desktop\1017.rar\0.exe
Trojan-Downloader.Win32.Agent.buv (virus)
C:\Users\Administrator\Desktop\1017.rar\1.exe
Trojan-PSW.Win32.Delf.aax (virus)
C:\Users\Administrator\Desktop\1017.rar\3.exe
Worm.Win32.QQPass.ae (virus)
C:\Users\Administrator\Desktop\1017.rar\4.exe
C:\Users\Administrator\Desktop\1017.rar\NysWin75.Jmp
Trojan-PSW.Win32.OnLineGames.eex (virus)
C:\Users\Administrator\Desktop\1017.rar\5.exe
C:\Users\Administrator\Desktop\1017.rar\kpwclqva.dll
Trojan-PSW.Win32.WOW.zo (virus)
C:\Users\Administrator\Desktop\1017.rar\136588WO.DLL
C:\Users\Administrator\Desktop\1017.rar\IGW.exe
Trojan-PSW.Win32.OnLineGames.edo (virus)
C:\Users\Administrator\Desktop\1017.rar\AVPSrv.dll
Trojan-PSW.Win32.OnLineGames.edp (virus)
C:\Users\Administrator\Desktop\1017.rar\AVPSrv.exe
Trojan-PSW.Win32.OnLineGames.fhm (virus)
C:\Users\Administrator\Desktop\1017.rar\avzxest.exe
Trojan-PSW.Win32.OnLineGames.ems (virus)
C:\Users\Administrator\Desktop\1017.rar\cmdbcs.dll
C:\Users\Administrator\Desktop\1017.rar\cmdbcs.exe
Trojan-Downloader.Win32.Zlob.cdg (virus)
C:\Users\Administrator\Desktop\1017.rar\DiskMan32.dll
C:\Users\Administrator\Desktop\1017.rar\DiskMan32.exe
Trojan-PSW.Win32.OnLineGames.eja (virus)
C:\Users\Administrator\Desktop\1017.rar\kawdbaz.exe
C:\Users\Administrator\Desktop\1017.rar\kawdbzy.dll
Trojan-Downloader.Win32.Delf.cgy (virus)
C:\Users\Administrator\Desktop\1017.rar\KVMonXP1.exe
C:\Users\Administrator\Desktop\1017.rar\use1.dll
C:\Users\Administrator\Desktop\1017.rar\user32.dll
Trojan-PSW.Win32.OnLineGames.fgk (virus)
C:\Users\Administrator\Desktop\1017.rar\LYLOADER.EXE
Trojan-PSW.Win32.OnLineGames.fgl (virus)
C:\Users\Administrator\Desktop\1017.rar\LYMANGR.DLL
Trojan-Spy.Win32.QQLogger.e (virus)
C:\Users\Administrator\Desktop\1017.rar\mm.exe
Trojan-PSW.Win32.OnLineGames.fgm (virus)
C:\Users\Administrator\Desktop\1017.rar\MSDEG32.DLL
Trojan-PSW.Win32.QQPass.ahk (virus)
C:\Users\Administrator\Desktop\1017.rar\NinSys74.Sys
Backdoor.Win32.Agent.alh (virus)
C:\Users\Administrator\Desktop\1017.rar\nslookupi.exe
Backdoor.Win32.Kolmat.b (virus)
C:\Users\Administrator\Desktop\1017.rar\ntsokele.exe
Trojan-PSW.Win32.Delf.aek (virus)
C:\Users\Administrator\Desktop\1017.rar\pp.exe
Trojan-PSW.Win32.OnLineGames.egs (virus)
C:\Users\Administrator\Desktop\1017.rar\rsztcpm.dll
Trojan-PSW.Win32.OnLineGames.eim (virus)
C:\Users\Administrator\Desktop\1017.rar\rsztcsp.exe
Trojan-Downloader.Win32.Delf.cgo (virus)
C:\Users\Administrator\Desktop\1017.rar\KVMonXP3.exe
C:\Users\Administrator\Desktop\1017.rar\a.exe

显示全部楼层 · 发表于 2007-10-17 16:29:45

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\1017\0.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:17604  MD5:3df7786978e06b78702d359a7f0a83e3

[C:\Documents and Settings\Administrator\桌面\Virus\1017\1.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:13077  MD5:95d7fe01449ef53f91a20da9203aaccb

[C:\Documents and Settings\Administrator\桌面\Virus\1017\3.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:24712  MD5:ff3fcaf05dfa714ba248f07a9ce205c8

[C:\Documents and Settings\Administrator\桌面\Virus\1017\4.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:32382  MD5:93f279432efe5b15e632132b66bb9fa2

[C:\Documents and Settings\Administrator\桌面\Virus\1017\5.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:31753  MD5:ef1a34ae6a9d71f813a7bea9104a8445

[C:\Documents and Settings\Administrator\桌面\Virus\1017\136588WO.DLL]
                  …………发现Spy！报告: [4]
文件信息:  大小:46897  MD5:ad75e63f3185e42a35a3f04523c45eab

[C:\Documents and Settings\Administrator\桌面\Virus\1017\AVPSrv.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:23552  MD5:04fabcd5ae46ecfefaecb1facf916808

[C:\Documents and Settings\Administrator\桌面\Virus\1017\avzxest.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:15248  MD5:14c96fd2494c4a1d7208d111513dec7c

[C:\Documents and Settings\Administrator\桌面\Virus\1017\cmdbcs.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:24576  MD5:3ec24f8a9b0587856de149502f70f2fc

[C:\Documents and Settings\Administrator\桌面\Virus\1017\DiskMan32.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:25600  MD5:9c6b8e67b6a5a678f1c9364ca5796e3b

[C:\Documents and Settings\Administrator\桌面\Virus\1017\DiskMan32.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:16300  MD5:b84f506d48dcfe2f03542d116c1c0534

[C:\Documents and Settings\Administrator\桌面\Virus\1017\kawdbaz.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:14008  MD5:86a24d179b88a080cbfda8645425890e

[C:\Documents and Settings\Administrator\桌面\Virus\1017\kawdbzy.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:20058  MD5:64b65aa3e4db73ded02534692cd4a7ff

[C:\Documents and Settings\Administrator\桌面\Virus\1017\kpwclqva.dll]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:15065  MD5:6471e45cda8d63d585751b324030d6eb

[C:\Documents and Settings\Administrator\桌面\Virus\1017\KVMonXP1.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:28544  MD5:4bee5cdf02452751b7b62ac0cf3fa694

[C:\Documents and Settings\Administrator\桌面\Virus\1017\LYLOADER.EXE]
                  …………发现Spy！报告:[1]
文件信息:  大小:11928  MD5:c91c20df9ce865e532e434835493b563

[C:\Documents and Settings\Administrator\桌面\Virus\1017\LYMANGR.DLL]
                  …………发现Spy！报告:[1]
文件信息:  大小:3560  MD5:cdb67ca96baed27b976023173dd7741b

[C:\Documents and Settings\Administrator\桌面\Virus\1017\mm.exe]
                  …………发现Spy！报告:[2] [5] 下载者
文件信息:  大小:20828  MD5:c263dabc2a050cf1661f02fe9296c387

[C:\Documents and Settings\Administrator\桌面\Virus\1017\MSDEG32.DLL]
                  …………发现Spy！报告:[1]
文件信息:  大小:5852  MD5:e1e169f2e5ce22478d3029b2e4ba0f63

[C:\Documents and Settings\Administrator\桌面\Virus\1017\NinSys74.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:45182  MD5:ffbfaf643bf9a061e6a76146859c0e2d

[C:\Documents and Settings\Administrator\桌面\Virus\1017\nslookupi.exe]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:27766  MD5:730bf09013c1ff87b8d2f6df829db5ef

[C:\Documents and Settings\Administrator\桌面\Virus\1017\ntsokele.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:16384  MD5:694ef3e4c302667f472df81057189bb3

[C:\Documents and Settings\Administrator\桌面\Virus\1017\NysWin75.Jmp]
                  …………发现Spy！报告:[2]
文件信息:  大小:32382  MD5:93f279432efe5b15e632132b66bb9fa2

[C:\Documents and Settings\Administrator\桌面\Virus\1017\pp.exe]
                  …………发现Spy！报告:[2] [5] 下载者
文件信息:  大小:23095  MD5:a69c902616a82669287c62308a6e17d7

[C:\Documents and Settings\Administrator\桌面\Virus\1017\rsztcpm.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:23114  MD5:7600e6a1c04616df2b47cdd986ed4ade

[C:\Documents and Settings\Administrator\桌面\Virus\1017\rsztcsp.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:15295  MD5:57bde05af0b6bfdabae663366a210ed6

[C:\Documents and Settings\Administrator\桌面\Virus\1017\use1.dll]
                  …………发现Spy！报告: [4]
文件信息:  大小:18432  MD5:dd2aaec8ce745706f7a82663685a7e29

[C:\Documents and Settings\Administrator\桌面\Virus\1017\user32.dll]
                  …………发现Spy！报告: [4]
文件信息:  大小:30208  MD5:67049dc081f3afce8cd16fcb08fa3fe2

[C:\Documents and Settings\Administrator\桌面\Virus\1017\WanPacket.dll]
                  …………发现Spy！报告: [4] [2]
文件信息:  大小:61440  MD5:12aa2da30d1d2889511b4c1d14fb99b9

[C:\Documents and Settings\Administrator\桌面\Virus\1017\KVMonXP3.exe]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:28052  MD5:bec45f84d7658928d26ef64507ac3367

[C:\Documents and Settings\Administrator\桌面\Virus\1017\a.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:28052  MD5:bec45f84d7658928d26ef64507ac3367

[C:\Documents and Settings\Administrator\桌面\Virus\1017\use3.dll]
                  …………发现Spy！报告: [4]
文件信息:  大小:17408  MD5:a65511065c74d9cb9bf271c7166f33ae

文件数:42 病毒数:32  比重:0.7619047619048
OK  扫描完毕！

  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

显示全部楼层 · 发表于 2007-10-17 16:55:00

楼主，传授一下经验，装什么杀软才能中毒呢。

现在装了红伞和微点，想中个毒都好难的。

显示全部楼层 · 发表于 2007-10-17 16:58:47

Start of the scan: Wednesday, 17 October, 2007  16:58

Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\1017.rar'
C:\Documents and Settings\tim\桌面\1017.rar
  [0] Archive type: RAR
  --> 0.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Sma.17572.B
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Zhidao
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.aax.1
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ahk
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 136588WO.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> AVPSrv.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.edo.2
  --> AVPSrv.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.edo.2
  --> avzxest.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> cmdbcs.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ems.1
  --> cmdbcs.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ems.1
  --> DiskMan32.dll
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> DiskMan32.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IGW.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kawdbaz.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja
  --> kawdbzy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eja.1
  --> kpwclqva.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> KVMonXP1.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.cgy.2
  --> LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> LYMANGR.DLL
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> mm.exe
   [DETECTION] Is the Trojan horse TR/Spy.QQLogger.E
  --> MSDEG32.DLL
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
  --> NinSys74.Sys
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ahk
  --> nslookupi.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.25 Backdoor server programs
  --> ntsokele.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Kolmat.B.11 Backdoor server programs
  --> NysWin75.Jmp
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ahk
  --> pp.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.aek
  --> rsztcpm.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.egs
  --> rsztcsp.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.eim
  --> use1.dll
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.cgy.2
  --> user32.dll
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> KVMonXP3.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> a.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [INFO]    A backup was created as '4746cee8.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

End of the scan: Wednesday, 17 October, 2007  16:58
Used time: 00:02 min

The scan has been done completely.

   0 Scanning directories
   43 Files were scanned
   32 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   11 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-17 20:55:25

反病毒专家 AntiVirusKit 2006 扫描病毒日志记录
版本 16.0.5
双引擎反病毒签名 2008-8-8
开始时间: 2007-10-17 20:48
引擎: KAV 引擎 (AVK 18.888), BD 引擎 (BD 18.888)
高启发式: 打开
压缩文件: 打开
系统区域: 打开

扫描系统区域...
扫描所选择的目录和文件...
对象: 0.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Worm.Win32.Downloader.b (KAV 引擎), MemScan:Trojan.Exploit.Dcomrpc.AQ (BD 引擎)
对象: 1.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Agent.buv (KAV 引擎), Trojan.Downloader.Agent.YME (BD 引擎)
对象: 3.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.Delf.aax (KAV 引擎), Generic.PWStealer.363CF2CA (BD 引擎)
对象: 4.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Worm.Win32.QQPass.ae (KAV 引擎), Generic.PWStealer.A095640A (BD 引擎)
对象: 5.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.eex (KAV 引擎), Trojan.PWS.Onlinegames.NIG (BD 引擎)
对象: 136588WO.DLL
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.WOW.zo (KAV 引擎)
对象: AVPSrv.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.edo (KAV 引擎), DeepScan:Generic.Onlinegames.2.FC897E3C (BD 引擎)
对象: AVPSrv.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.edp (KAV 引擎), Generic.PWS.Games.4.72F77BEB (BD 引擎)
对象: avzxest.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fhm (KAV 引擎), Generic.Malware.SBdldg.E0BA90E9 (BD 引擎)
对象: cmdbcs.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.ems (KAV 引擎), Generic.PWS.Games.4.B92CF9E6 (BD 引擎)
对象: cmdbcs.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.ems (KAV 引擎), Generic.PWS.Games.4.C9DA7FF7 (BD 引擎)
对象: DiskMan32.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Zlob.cdg (KAV 引擎), DeepScan:Generic.Onlinegames.2.BC3A0810 (BD 引擎)
对象: DiskMan32.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Zlob.cdg (KAV 引擎), Trojan.Downloader.Zlob.CDG (BD 引擎)
对象: IGW.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.WOW.zo (KAV 引擎)
对象: kawdbaz.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.eja (KAV 引擎), DeepScan:Generic.Dld.Agent.5A6A9A4E (BD 引擎)
对象: kawdbzy.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.eja (KAV 引擎), BehavesLike:Trojan.WUDisable (BD 引擎)
对象: kpwclqva.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.eex (KAV 引擎), Trojan.PWS.Onlinegames.NIG (BD 引擎)
对象: KVMonXP1.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Delf.cgy (KAV 引擎), Generic.Malware.SBE!dldg.877DE7B8 (BD 引擎)
对象: LYLOADER.EXE
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fgk (KAV 引擎), Dropped:Generic.PWS.Games.3.7EF84076 (BD 引擎)
对象: LYMANGR.DLL
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fgl (KAV 引擎)
对象: mm.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Spy.Win32.QQLogger.e (KAV 引擎), Generic.PWStealer.C022D54A (BD 引擎)
对象: MSDEG32.DLL
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fgm (KAV 引擎), Generic.PWS.Games.3.7EF84076 (BD 引擎)
对象: NinSys74.Sys
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.QQPass.ahk (KAV 引擎), Generic.PWStealer.02B5B1B3 (BD 引擎)
对象: nslookupi.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Backdoor.Win32.Agent.alh (KAV 引擎), Backdoor.Agent.ALH (BD 引擎)
对象: ntsokele.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Backdoor.Win32.Kolmat.b (KAV 引擎), Backdoor.Klomat.A (BD 引擎)
对象: NysWin75.Jmp
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Worm.Win32.QQPass.ae (KAV 引擎), Generic.PWStealer.A095640A (BD 引擎)
对象: pp.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.Delf.aek (KAV 引擎), Trojan.PWS.Onlinegames.NHN (BD 引擎)
对象: rsztcpm.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.egs (KAV 引擎), BehavesLike:Trojan.WUDisable (BD 引擎)
对象: rsztcsp.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.eim (KAV 引擎), DeepScan:Generic.Dld.Agent.BF53D171 (BD 引擎)
对象: use1.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Delf.cgy (KAV 引擎)
对象: user32.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Delf.cgy (KAV 引擎)
对象: KVMonXP3.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Delf.cgo (KAV 引擎), Generic.Malware.SBE!dldg.C9402E68 (BD 引擎)
对象: a.exe
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Delf.cgo (KAV 引擎), Generic.Malware.SBE!dldg.C9402E68 (BD 引擎)
对象: use3.dll
在压缩档案里: D:\病毒测试\未解压样本\1017.rar
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Delf.cnv (KAV 引擎)

显示全部楼层 · 发表于 2007-10-17 21:06:27

avast 32
2007-10-17 21:01:23 LuckyStar 1556 Sign of "Win32:Pakes-EO [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\18.exe\[Upack]\[Embedded#0995c]" file.
2007-10-17 21:01:27 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\1.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:27 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\3.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:27 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\4.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:27 LuckyStar 1556 Sign of "Win32:Onlinegames-BBH [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\5.exe\[Upack]\[Embedded#7090]\[Upack]" file.
2007-10-17 21:01:27 LuckyStar 1556 Sign of "Win32:Delf-FZG [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\6.exe\[UPX]\[Embedded#060f8]" file.
2007-10-17 21:01:27 LuckyStar 1556 Sign of "Win32:Lmir-OK [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\7.exe\[ASPack]\[Embedded#J999666]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:Delf-EQW [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\8.exe\[Upack]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:Delf-FFM [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\9.exe\[Upack]\[Embedded#DOWN]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:Delf-FVM [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\10.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:Onlinegames-ALS [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\11.exe\[Upack]\[Embedded#ABCDE]\[UPX]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\12.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:Delf-FVM [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\13.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\14.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\15.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:28 LuckyStar 1556 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\18.zip\16.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:58 LuckyStar 1236 Sign of "Win32:Zhidao [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\1.exe" file.
2007-10-17 21:01:58 LuckyStar 1236 Sign of "Win32:Delf-GBV [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\3.exe\[UPX]\[Embedded#4aec]" file.
2007-10-17 21:01:58 LuckyStar 1236 Sign of "Win32:Delf-FZG [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\4.exe\[UPX]\[Embedded#060f8]" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Delf-DNR [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\5.exe\[FSG]\[Embedded#DATEINFO]\[Upack]" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Lmir-OK [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\136588WO.DLL" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\AVPSrv.dll" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\AVPSrv.exe\[UPX]\[Embedded#1e60]" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Delf-FVM [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\avzxest.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\cmdbcs.dll" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\cmdbcs.exe\[UPX]\[Embedded#1e60]" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Nilage-JY [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\DiskMan32.dll" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Trojan-gen {Other}" has been found in "D:\病毒测试\未解压样本\1017.rar\DiskMan32.exe" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Lmir-OK [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\IGW.exe\[Embedded#J999666]" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:Lmir-OK [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\IGW.exe" file.
2007-10-17 21:01:59 LuckyStar 1236 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\kawdbaz.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\kawdbzy.dll" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:Delf-DNR [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\kpwclqva.dll\[Upack]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:Delf-ECV [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\KVMonXP1.exe\[Upack]\[Embedded#DEDLL]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:OnLineGames-ST [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\LYLOADER.EXE\[Upack]\[Embedded#5158]\[Upack]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:OnLineGames-ST [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\LYMANGR.DLL\[Upack]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:QQLogger-C [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\mm.exe\[UPX]\[Embedded#4aec]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:Delf-FZG [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\NinSys74.Sys" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:Agent-JOM [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\nslookupi.exe\[Upack]" file.
2007-10-17 21:02:00 LuckyStar 1236 Sign of "Win32:Agent-ESW [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\ntsokele.exe" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:Delf-FZG [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\NysWin75.Jmp\[UPX]\[Embedded#060f8]" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:PePatch-FA [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\pp.exe\[UPX]" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\rsztcpm.dll" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:OnLineGames-BGD [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\rsztcsp.exe\[Upack]\[Embedded#MUSIC]" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:Delf-GEH [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\use1.dll" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:Delf-ECV [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\user32.dll" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:Delf-ECV [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\KVMonXP3.exe\[Upack]\[Embedded#DEDLL]" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:Delf-ECV [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\a.exe\[Upack]\[Embedded#DEDLL]" file.
2007-10-17 21:02:01 LuckyStar 1236 Sign of "Win32:Delf-GEH [Trj]" has been found in "D:\病毒测试\未解压样本\1017.rar\use3.dll" file.

[病毒样本] 昨天中的

本帖子中包含更多资源

浏览过的版块