盗号33只

显示全部楼层 · 发表于 2007-10-19 18:28:52

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\djatl.dll]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:5960  MD5:d050a6893d96dada790469a78fdc0ed4

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\gjatl.dll]
                  …………发现Spy！报告: [4] [1]
文件信息:  大小:6658  MD5:9f0970803b9361d700bf4cdaa9800b14

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\NvSys74.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:45180  MD5:46c9b8882a71c1645aced0f13f06b4a7

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\NvWin75.Jmp]
                  …………发现Spy！报告:[2]
文件信息:  大小:32380  MD5:633ae3e7d581dc7d84ce6f42cd4c1b99

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\qj.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:14789  MD5:143960e96567ad065d258a4293160773

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\raqjcpi.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:22086  MD5:62ce0f48bc64bb355e28a030c57946eb

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\sqmapi32.dll]
                  …………发现Spy！报告: [4]
文件信息:  大小:9794  MD5:3240cd3b90ddb3ede7c285f512e4a0c9

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\upxdnd.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:19456  MD5:245cd4dbe0eb3cf5b7630866edba1aaa

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\upxdnd.exe]
                  …………发现Spy！报告:[2] [8] HOOK者
文件信息:  大小:26112  MD5:fa0561a9096cb6f3e687cf13ddf055c0

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\wlatl.dll]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:6934  MD5:56a18be9d4b38ee4cfcd62d02b211332

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy10.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14796  MD5:f4eef983448b8fe7e3754ca04de173d1

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy12.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:14148  MD5:6a517544859f72127ebfc7512c5d6f3e

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy14.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14516  MD5:2b5a8b8c26d57845ca30ab6654234e25

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy17.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:14524  MD5:e208bed8e7605475e8d40daa45fdc4dd

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy18.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:16957  MD5:b0a1d8ecf85760537db43c539707fad0

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy19.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:26521  MD5:f15ee50f4690fc7e93ea5ae6e926f7a4

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysy20.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:51505  MD5:f8e4441722eda2a5501f7c93908a643e

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\ysyupdate.exe]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:17808  MD5:61a9d3c1d04ce794c00ebc78768dd149

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\zhjtrx.dll]
                  …………发现Spy！报告:[2] [1]
文件信息:  大小:129115  MD5:fa45b33aa2edd5f779ce1c16e2de1e8a

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\zxatl.dll]
                  …………发现Spy！报告: [4] [2] [1]
文件信息:  大小:6650  MD5:415073263af533d8a6a3ca4edcb5a746

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\17.exe]
                  …………发现Spy！报告:[1]
文件信息:  大小:14148  MD5:cc46e90692af26eeb4b8d7633fb0ad58

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\608769MM.DLL]
                  …………发现Spy！报告: [4]
文件信息:  大小:43313  MD5:ec10c0e197ac2b074def06f819677749

[C:\Documents and Settings\Administrator\桌面\Virus\54544444444444\608769WO.DLL]
                  …………发现Spy！报告: [4]
文件信息:  大小:46897  MD5:f5ed54c4894754c95826c007a1d046dd

文件数:33 病毒数:23  比重:0.6969696969697
OK  扫描完毕！
  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-10-19 18:30 编辑 ]

显示全部楼层 · 发表于 2007-10-19 18:28:56

不知道是什么号哈

显示全部楼层 · 发表于 2007-10-19 18:29:19

下了看看

显示全部楼层 · 发表于 2007-10-19 18:29:47

扫描进行于：2007-10-19 18:29:16
扫描日志
NOD32版本 2602 (20071018) NT
命令行： C:\Documents and Settings\Deepin\桌面\样本.rar

日期： 19.10.2007 时间：18:29:19
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\Documents and Settings\Deepin\桌面\样本.rar
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>djatl.dll - Win32/PSW.OnLineGames.NHF 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>gjatl.dll - Win32/PSW.OnLineGames.NHF 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>IGM.exe - 未查明的 NewHeur_PE 病毒 [7]
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>IGW.exe - 未查明的 NewHeur_PE 病毒 [7]
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>NvSys74.Sys - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>NvWin75.Jmp - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>qj.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>raqjcpi.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>sqmapi32.dll - Win32/PSW.OnLineGames.NHF 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>upxdnd.dll - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>upxdnd.exe - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>wlatl.dll - Win32/PSW.OnLineGames.NHF 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy2.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy5.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy6.exe - Win32/PSW.OnLineGames.YA 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy7.exe - Win32/PSW.OnLineGames.YA 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy8.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy9.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy10.exe - 可能是 Win32/PSW.OnLineGames.NGU 木马的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy12.exe - Win32/PSW.OnLineGames.NGU 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy13.exe - Win32/PSW.OnLineGames.YA 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy14.exe - 可能是 Win32/PSW.OnLineGames.NGU 木马的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy17.exe - 可能是 Win32/PSW.OnLineGames.NGU 木马的一个变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy18.exe - Win32/TrojanDownloader.Flux 木马
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysy20.exe - Win32/PSW.Legendmir.NEP 木马
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>ysyupdate.exe - Win32/Jalous 蠕虫的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>zxatl.dll - Win32/PSW.OnLineGames.NHF 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>17.exe - Win32/PSW.OnLineGames.NGU 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>608769MM.DLL - Win32/PSW.Legendmir.NFF 木马
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>608769WO.DLL - Win32/PSW.Legendmir.NFF 木马的变种
C:\Documents and Settings\Deepin\桌面\样本.rar >>RAR >>BD7A8357.DLL - Win32/TrojanDownloader.Flux 木马
已扫描的文件数目：33
已发现的病毒数目：31
完成时间： 18:29:29 总扫描时间：10 秒 (00:00:10)

注意：
[7] 该文件可能感染上未知病毒。

显示全部楼层 · 发表于 2007-10-19 18:31:26

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Deepin\桌面\样本.rar'
C:\Documents and Settings\Deepin\桌面\样本.rar
  [0] Archive type: RAR
  --> IGM.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> IGW.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> NvSys74.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
  --> NvWin75.Jmp
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> qj.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> raqjcpi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> sqmapi32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.djz
  --> upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> wlatl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> ysy2.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ysy5.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ezx
  --> ysy6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ysy7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ysy8.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ysy9.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ysy10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> ysy12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.djz
  --> ysy13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dxz.1
  --> ysy14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> ysy17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> ysy18.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> ysy19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fid
  --> ysy20.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> zhjtrx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> zxatl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.djz
  --> 608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 608769WO.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> BD7A8357.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.SmallAl.fvn
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-10-19 18:50:53

小红伞 C 版（高启发）～检出 33 个（ 2个报壳、5个可疑、28个已知恶意程序）：

Start of the scan: 2007年10月19日 18:30

Starting the file scan:

Begin scan in 'C:\欴掛.rar'
C:\欴掛.rar

  [0] Archive type: RAR
--> djatl.dll
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK).
   Please verify the origin of the file
  --> gjatl.dll
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK).
   Please verify the origin of the file
  --> IGM.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> IGW.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> NvSys74.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
--> NvWin75.Jmp
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> qj.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> raqjcpi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> sqmapi32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.djz
  --> upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
--> upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
--> wlatl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> ysy2.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ysy5.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ezx
  --> ysy6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
--> ysy7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
--> ysy8.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ysy9.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ysy10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> ysy12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.djz
  --> ysy13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dxz.1
  --> ysy14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> ysy17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> ysy18.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> ysy19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fid
  --> ysy20.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.cvv.2
  --> ysyupdate.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agen.119296
  --> zhjtrx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> zxatl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.djz
  --> 608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 608769WO.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> BD7A8357.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.SmallAl.fvn

   [INFO]    A backup was created as '4746eaf8.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

End of the scan: 2007年10月19日 18:30
Used time: 00:02 min

The scan has been done completely.

   0 Scanning directories
   34 Files were scanned
28 viruses and/or unwanted programs were found
   5 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

[ 本帖最后由 B.K 于 2007-10-19 19:05 编辑 ]

显示全部楼层 · 发表于 2007-10-19 18:51:06

显示全部楼层 · 发表于 2007-10-19 18:55:24

rs 17个

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.DJOnline.z
病毒： Trojan.PSW.Win32.LMir.yxj
病毒： Worm.Win32.PaBug.bh
病毒： Trojan.PSW.Win32.GameOnline.e
病毒： Trojan.PSW.Win32.OnlineGames.zzp
病毒： Trojan.PSW.Win32.Shanda.ab
病毒： Trojan.PSW.Win32.DJOnline.z
病毒： Trojan.PSW.Win32.OnlineGames.dxz
病毒： Trojan.IMMSG.Win32.TBMSG.yhn
病毒： Trojan.PSW.Win32.GameOnline.bf
病毒： Trojan.PSW.Win32.Shanda.w
病毒： Trojan.DL.Win32.AdLoader.b
病毒： Trojan.Win32.Agent.zqp
病毒： Trojan.PSW.Win32.WoWar.aci
病毒： Trojan.IMMSG.Win32.TBNSG.yhn

MAC 地址：00:D0:F8:38:4B:7A

用户来源：互联网

软件版本：20.14.42

显示全部楼层 · 发表于 2007-10-19 18:58:09

费尔 14个

[病毒样本] 盗号33只

本帖子中包含更多资源

NOD32 31个

红伞 25 Viruses 5 suspicious files

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块