34个盗号

显示全部楼层 · 发表于 2007-10-31 19:43:56

C:\ABC\样本.rar:\Packet.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\WanPacket.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\wpcap.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\scvhost.exe - 特征码 'Backdoor.Win32.Delf.awy' 被发现
C:\ABC\样本.rar:\upxdnd.dll
C:\ABC\样本.rar:\avwgemn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\avzxemn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\zhjtrx.dll - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\win18.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\NvWin75.Jmp - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\样本.rar:\swchost.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.ftd' 被发现
C:\ABC\样本.rar:\win17.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\win19.exe - 特征码 'Trojan-Spy.Win32.Banker.ahy' 被发现
C:\ABC\样本.rar:\avwgest.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\IGM.exe - 特征码 'Trojan-PWS.Win32.WOW.vd' 被发现
C:\ABC\样本.rar:\svchost.exe - 特征码 'Trojan-Dropper.Win32.Delf.ais' 被发现
C:\ABC\样本.rar:\win11.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\win13.exe - 特征码 'Trojan-PWS.Win32.Delf.ix' 被发现
C:\ABC\样本.rar:\avzxest.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\upxdnd.exe - 特征码 'Generic.PWS.Games.1' 被发现
C:\ABC\样本.rar:\win1.exe - 特征码 'Virus.Win32.Downloader.LL' 被发现
C:\ABC\样本.rar:\win3.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\win5.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\win6.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\win7.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\win8.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\win9.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\样本.rar:\608769WL.DLL - 特征码 'Virus.Win32.Onlinegames.ALS' 被发现
C:\ABC\样本.rar:\djatl.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\NvSys74.Sys - 特征码 'Trojan-PWS.Win32.Nilage.bga' 被发现
C:\ABC\样本.rar:\sqmapi32.dll - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\wlatl.dll - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\608769MM.DLL - 特征码 'Trojan-PWS.Win32.Lmir.bmq' 被发现
C:\ABC\样本.rar:\flsyhmsxch.dll - 可疑代码段被发现 (Level: 5)
C:\ABC\样本.rar
35 文件被扫描
(1 压缩档 34 文件)
32 特征码被侦测
1 可疑代码段被发现
耗时: 0:01.203

显示全部楼层 · 发表于 2007-10-31 19:47:33

deleted: Trojan program Backdoor.Win32.Delf.awy File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/scvhost.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gmr File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/upxdnd.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giy File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/avwgemn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giz File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/avzxemn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fnn File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win18.exe//PE_Patch//UPack
deleted: virus Virus.Win32.AutoRun.we File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/NvWin75.Jmp//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fxk File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/swchost.exe//ASPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fei File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win17.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ghb File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win19.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giv File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/avwgest.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.Lmir.bnx File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/IGM.exe//ASPack
deleted: Trojan program Trojan-Dropper.Win32.Delf.ais File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/svchost.exe//FSG//PEPatch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gaa File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win11.exe//PE_Patch.UPX//UPX//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.WOW.adf File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win13.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giv File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/avzxest.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.goa File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/upxdnd.exe//PE_Patch
deleted: Trojan program Trojan-Downloader.Win32.Delf.aas File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win1.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gnz File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win3.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fyn File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win5.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gny File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win6.exe//PE_Patch.UPX//UPX//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ghq File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win7.exe//PE_Patch.UPX//UPX//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fbm File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win8.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ftr File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/win9.exe//PE_Patch.UPX//UPX//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ggo File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/608769WL.DLL
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.feg File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/djatl.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.aie File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/NvSys74.Sys
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fnm File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/sqmapi32.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fnn File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/wlatl.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.Lmir.bnv File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/608769MM.DLL
deleted: Trojan program Trojan-PSW.Win32.WOW.adf File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/flsyhmsxch.dll//UPack//PE_Patch.MaskPE

显示全部楼层 · 发表于 2007-10-31 19:47:48

C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » scvhost.exe - Win32/Delf.AWY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » upxdnd.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » avwgemn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » avzxemn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » zhjtrx.dll - Win32/Delf.NHW trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win18.exe - Win32/PSW.OnLineGames.NGU trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » NvWin75.Jmp - Win32/AutoRun.BS worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » swchost.exe - Win32/PSW.WOW.WU trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win17.exe - Win32/PSW.OnLineGames.NGU trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win19.exe - Win32/Delf.NHW trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » avwgest.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » IGM.exe - Win32/PSW.Legendmir.NFF trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » svchost.exe - Win32/Delf.NGK trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win11.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » avzxest.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » upxdnd.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win1.exe - Win32/TrojanDownloader.SMW.A trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win3.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win5.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win6.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win7.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win8.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » win9.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 608769WL.DLL - Win32/PSW.OnLineGames.GGO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » djatl.dll - Win32/PSW.OnLineGames.FEG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » NvSys74.Sys - Win32/AutoRun.BS worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » sqmapi32.dll - Win32/PSW.OnLineGames.NHF trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » wlatl.dll - Win32/PSW.OnLineGames.NHF trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 608769MM.DLL - Win32/PSW.Legendmir.NFF trojan

显示全部楼层 · 发表于 2007-10-31 19:49:04

avira 30+1
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\��.rar'
C:\Documents and Settings\Administrator\桌面\��.rar
  [0] Archive type: RAR
  --> scvhost.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> avwgemn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giy
  --> avzxemn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giz
  --> zhjtrx.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> win18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fnn
  --> NvWin75.Jmp
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.aie
  --> swchost.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ggo
  --> win17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fei
  --> win19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ghb
  --> avwgest.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giy
  --> IGM.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> svchost.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> win11.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> win13.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> avzxest.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giz
  --> upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win1.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> win3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win5.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> win6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win8.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> win9.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 608769WL.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ggo
  --> djatl.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.feg
  --> NvSys74.Sys
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.aie
  --> sqmapi32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> wlatl.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fnn
  --> 608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> flsyhmsxch.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-10-31 19:49:47

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 736
Paranoia Database - 48287
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\New Folder (3)

C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\Packet.dll - Infected GENERIC.MALWARE.3AF.694C - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\WanPacket.dll - Infected GENERIC.MALWARE.CC3.54F1 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\wpcap.dll - Infected BACKDOOR.DELF.4 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\scvhost.exe - Infected BACKDOOR.DELF.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\upxdnd.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\avwgemn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\avzxemn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\zhjtrx.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win18.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\NvWin75.Jmp - Infected WIN32.TROJAN-PSW.QQPASS.D - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\swchost.exe - Infected WIN32.TROJAN-PSW.ONLINEGAMES.G - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win17.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win19.exe - Infected GENERIC.MALWARE.B27.6740 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\avwgest.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\IGM.exe - Infected WIN32.TROJAN-PSW.LMIR.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\svchost.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win11.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win13.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\avzxest.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\upxdnd.exe - Infected TROJAN-PSW.ONLINEGAMES.8 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win1.exe - Infected WIN32.GENERIC.MALWARE.49F.2400 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win3.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win5.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win6.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win7.exe - Suspected MaliciousScope:GENERIC.MALWARE.1
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win8.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\win9.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\608769WL.DLL - Infected WIN32.TROJAN-PSW.ONLINEGAMES.G - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\djatl.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\NvSys74.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\sqmapi32.dll - Infected GENERIC.MALWARE.F97.FF3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\wlatl.dll - Infected GENERIC.MALWARE.452.1B16 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\608769MM.DLL - Infected WIN32.MALWARE.AGENT.6 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (3)\flsyhmsxch.dll - Suspected MaliciousScope:GENERIC.MALWARE.3

34 Files scanned
26 Infected files found
8 Suspected files found
0 Files disinfected
26 Files deleted

显示全部楼层 · 发表于 2007-10-31 19:50:02

Begin scan in 'C:\Documents and Settings\dell\桌面\样本.rar'
C:\Documents and Settings\dell\桌面\样本.rar
  [0] Archive type: RAR
  --> scvhost.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> avwgemn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giy
  --> avzxemn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giz
  --> zhjtrx.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> win18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fnn
  --> NvWin75.Jmp
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.aie
  --> swchost.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ggo
  --> win17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fei
  --> win19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ghb
  --> avwgest.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giy
  --> IGM.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> svchost.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> win11.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> win13.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> avzxest.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giz
  --> upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win1.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> win3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win5.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> win6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> win8.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> win9.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 608769WL.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ggo
  --> djatl.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.feg
  --> NvSys74.Sys
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.aie
  --> sqmapi32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> wlatl.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fnn
  --> 608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> flsyhmsxch.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [WARNING] The file was ignored!

End of the scan: 2007年10月31日  19:48
Used time: 00:17 min

The scan has been done completely.

   0 Scanning directories
   36 Files were scanned
   30 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:

显示全部楼层 · 发表于 2007-10-31 19:52:13

AVK07杀32

使用 AntiVirusKit 进行病毒扫描
病毒签名 10/31/2007
开始时间: 10/31/2007 19:49
引擎: KAV 引擎 (AVK 18.44), AVAST 引擎 (AVKB 18.2)
高启发: 开启
文件: 开启
系统区域: 关闭

扫描选中目录和文件...
项目: 608769MM.DLL
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.Lmir.bnv (KAV 引擎)
项目: 608769WL.DLL
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.ggo (KAV 引擎)
项目: avwgemn.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.giy (KAV 引擎)
项目: avwgest.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.giv (KAV 引擎)
项目: avzxemn.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.giz (KAV 引擎)
项目: avzxest.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.giv (KAV 引擎)
项目: djatl.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.feg (KAV 引擎)
项目: flsyhmsxch.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.WOW.adf (KAV 引擎)
项目: IGM.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.Lmir.bnx (KAV 引擎)
项目: NvSys74.Sys
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.QQPass.aie (KAV 引擎)
项目: NvWin75.Jmp
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Virus.Win32.AutoRun.we (KAV 引擎)
项目: scvhost.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Backdoor.Win32.Delf.awy (KAV 引擎)
项目: sqmapi32.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fnm (KAV 引擎)
项目: svchost.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-Dropper.Win32.Delf.ais (KAV 引擎)
项目: swchost.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fxk (KAV 引擎)
项目: upxdnd.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.gmr (KAV 引擎)
项目: upxdnd.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.goa (KAV 引擎)
项目: WanPacket.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Win32:Trojan-gen {Other} (AVAST 引擎)
项目: win1.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-Downloader.Win32.Delf.aas (KAV 引擎)
项目: win11.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.gaa (KAV 引擎)
项目: win13.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.WOW.adf (KAV 引擎)
项目: win17.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fei (KAV 引擎)
项目: win18.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fnn (KAV 引擎)
项目: win19.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.ghb (KAV 引擎)
项目: win3.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.gnz (KAV 引擎)
项目: win5.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fyn (KAV 引擎)
项目: win6.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.gny (KAV 引擎)
项目: win7.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.ghq (KAV 引擎)
项目: win8.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fbm (KAV 引擎)
项目: win9.exe
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.ftr (KAV 引擎)
项目: wlatl.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.fnn (KAV 引擎)
项目: wpcap.dll
路径: D:\病毒测试\解压样本
状态: 发现病毒
病毒: Win32:Small-GXN [Trj] (AVAST 引擎)
病毒分析完成: 10/31/2007 19:49
34 文件被检查
32 感染文件发现
0 发现可疑文件

显示全部楼层 · 发表于 2007-10-31 19:54:44

看起来AVK07的侦测率比06
要好一些

显示全部楼层 · 发表于 2007-10-31 19:56:38

略好一点，AVAST和KAV互补性较好

显示全部楼层 · 发表于 2007-10-31 19:59:20

2224150  2  402.5 KB  MALWARE
1006662  Packet.dll  26.32 KB  CLEAN
1006659  WanPacket.dll  21.24 KB  CLEAN
540509  wpcap.dll  80.58 KB  CLEAN

[病毒样本] 34个盗号

本帖子中包含更多资源

30

29个

31

回复 1楼 promised 的帖子

回复 7楼欠你幸福的帖子

回复 8楼红心王子的帖子

[病毒样本] 34个盗号

本帖子中包含更多资源

30

29个

31

回复 1楼 promised 的帖子

回复 7楼 欠你幸福 的帖子

回复 8楼 红心王子 的帖子

回复 7楼欠你幸福的帖子

回复 8楼红心王子的帖子