毒网更新2(33x)

显示全部楼层 · 发表于 2007-11-3 18:12:48

毒网更新2

显示全部楼层 · 发表于 2007-11-3 18:16:59

扫描进行于：2007-11-3 18:16:35
扫描日志
NOD32版本 2635 (20071102) NT
命令行： C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar

日期： 3.11.2007 时间：18:16:40
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa21.exe - Win32/Agent.NLW 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>wl0618.exe - Win32/PSW.OnLineGames.YA 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>111.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa7.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>qj0617.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>104.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>107.exe - Win32/PSW.OnLineGames.YA 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>108.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>110.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa3.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa6.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>3.exe - 未查明的 NewHeur_PE 病毒 [7]
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>103.exe - Win32/PSW.OnLineGames.YA 木马的变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa5.exe - Win32/PSW.OnLineGames.YA 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa19.exe - Win32/Delf.NHW 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>105.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>11679-23.exe - 可能是 Win32/Diamin 木马的一个变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>11680-23.exe - 可能是 Win32/Diamin 木马的一个变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa15.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>100.exe - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>wow0617.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa13.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>aa10.exe - Win32/PSW.Legendmir.BOQ 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>83122.exe >>NSIS >>func.exe - Win32/TrojanClicker.Small.JF 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>acdt-pid67N(1).exe >>NSIS >>func.exe - Win32/TrojanClicker.Small.JF 木马
C:\Documents and Settings\Administrator.0CDC92BBFF714E5\桌面\Update2.rar >>RAR >>acdt-pid67N.exe >>NSIS >>func.exe - Win32/TrojanClicker.Small.JF 木马
已扫描的文件数目：51
已发现的病毒数目：26
完成时间： 18:17:18 总扫描时间：38 秒 (00:00:38)

注意：
[7] 该文件可能感染上未知病毒。

显示全部楼层 · 发表于 2007-11-3 18:26:22

C:\ABC\Update2\100.exe - 特征码 'Trojan-PWS.Win32.Nilage.bga' 被发现
C:\ABC\Update2\103.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\104.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\105.exe - 特征码 'Generic.PWS.Games.1' 被发现
C:\ABC\Update2\107.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\108.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\110.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\111.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\11679-23.exe - 特征码 'Trojan.Win32.Diamin.ez' 被发现
C:\ABC\Update2\11680-23.exe - 特征码 'Trojan.Win32.Diamin.ez' 被发现
C:\ABC\Update2\3.exe - 特征码 'Packed.Win32.Klone.af' 被发现
C:\ABC\Update2\83122.exe - 特征码 'Trojan-Clicker.Win32.Small.jf' 被发现
C:\ABC\Update2\aa10.exe - 特征码 'Trojan-PWS.Win32.WOW.vd' 被发现
C:\ABC\Update2\aa13.exe - 特征码 'Trojan-PWS.Win32.Delf.ix' 被发现
C:\ABC\Update2\aa15.exe - 特征码 'Trojan-PWS.Win32.Nilage.bga' 被发现
C:\ABC\Update2\aa19.exe - 特征码 'Trojan-Spy.Win32.Banker.ahy' 被发现
C:\ABC\Update2\aa21.exe - 特征码 'Trojan-Downloader.Win32.Agent.blm' 被发现
C:\ABC\Update2\aa3.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\aa5.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\aa6.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\aa7.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\all.exe - 特征码 'Trojan-PWS.Win32.Papras.cg' 被发现
C:\ABC\Update2\dogdel.exe - 特征码 'Trojan-Dropper.Win32.Agent.bjw' 被发现
C:\ABC\Update2\npptools.dll
C:\ABC\Update2\qj0617.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\Update2\wl0618.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\Update2\wow0617.exe - 特征码 'Virus.Win32.Nilage.JY' 被发现
C:\ABC\Update2\xc60(1).exe - 特征码 'Trojan.Win32.Agent.qt' 被发现
C:\ABC\Update2\xc60(2).exe - 特征码 'Trojan.Win32.Agent.qt' 被发现
C:\ABC\Update2\xc60(3).exe - 特征码 'Trojan.Win32.Agent.qt' 被发现
C:\ABC\Update2\xc60.exe - 特征码 'Trojan.Win32.Agent.qt' 被发现
C:\ABC\Update2\acdt-pid67N\$PROGRAMFILES\Del.js
C:\ABC\Update2\acdt-pid67N\$PROGRAMFILES\func.exe - 特征码 'Trojan-Clicker.Win32.Small.jf' 被发现
C:\ABC\Update2\acdt-pid67N\$PROGRAMFILES\func.js - 特征码 'Trojan.Click.1237#1' 被发现
C:\ABC\Update2\acdt-pid67N\$PROGRAMFILES\page.html
C:\ABC\Update2\acdt-pid67N(1)\$PROGRAMFILES\Del.js
C:\ABC\Update2\acdt-pid67N(1)\$PROGRAMFILES\func.exe - 特征码 'Trojan-Clicker.Win32.Small.jf' 被发现
C:\ABC\Update2\acdt-pid67N(1)\$PROGRAMFILES\func.js - 特征码 'Trojan.Click.1237#1' 被发现
C:\ABC\Update2\acdt-pid67N(1)\$PROGRAMFILES\page.html

42 文件被扫描
(1 压缩档 0 文件)
34 特征码被侦测
0 可疑代码段被发现
耗时: 0:01.437

显示全部楼层 · 发表于 2007-11-3 19:15:47

Begin scan in 'C:\Documents and Settings\Administrator\桌面\Update2.rar'
C:\Documents and Settings\Administrator\桌面\Update2.rar
  [0] Archive type: RAR
  --> aa21.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.blm.3
  --> wl0618.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 111.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> qj0617.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 104.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 107.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 108.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 110.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.eai
  --> 103.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa5.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> dogdel.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.19968.14
  --> xc60(1).exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> xc60(2).exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> xc60(3).exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> xc60.exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> aa19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ghb
  --> 105.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> all.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> 11679-23.exe
   [DETECTION] Is the Trojan horse TR/Dialer.30192.266
  --> 11680-23.exe
   [DETECTION] Is the Trojan horse TR/Dialer.30192.241
  --> aa15.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ajt
  --> 100.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ajm
  --> wow0617.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa13.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> aa10.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 83122.exe
   [DETECTION] Is the Trojan horse TR/Drop.Click.JF.7
  --> acdt-pid67N(1).exe
   [DETECTION] Is the Trojan horse TR/Drop.Click.JF.7
  --> acdt-pid67N.exe
   [DETECTION] Is the Trojan horse TR/Drop.Click.JF.7

End of the scan: 2007年11月3日  19:15
Used time: 00:04 min

The scan has been done completely.

   0 Scanning directories
   35 Files were scanned
   32 viruses and/or unwanted programs were found

显示全部楼层 · 发表于 2007-11-3 21:11:50

已检测: 木马程序 Trojan-Downloader.Win32.Agent.blm 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa21.exe
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.ghq 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/111.exe//PE_Patch.UPX//UPX//PE_Patch
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.ghq 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa7.exe//PE_Patch.UPX//UPX//PE_Patch
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.fdd 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/qj0617.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.gfe 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/104.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.fts 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/107.exe//PE_Patch.UPX//UPX//PE_Patch
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.ftr 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/108.exe//PE_Patch.UPX//UPX//PE_Patch
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.fbm 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/110.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.gnz 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa3.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.gny 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa6.exe//PE_Patch.UPX//UPX//PE_Patch
已检测: 木马程序 Trojan-Downloader.Win32.Agent.eai 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/3.exe//NSPack
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.fym 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/103.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.fyn 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa5.exe
已检测: 恶意程序 HackTool.Win32.Jakuz.f 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/dogdel.exe
已检测: 木马程序 Trojan.Win32.Dialer.qn 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/xc60(1).exe//PE_Patch.PECompact//PecBundle//PECompact
已检测: 木马程序 Trojan.Win32.Dialer.qn 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/xc60(2).exe//PE_Patch.PECompact//PecBundle//PECompact
已检测: 木马程序 Trojan.Win32.Dialer.qn 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/xc60(3).exe//PE_Patch.PECompact//PecBundle//PECompact
已检测: 木马程序 Trojan.Win32.Dialer.qn 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/xc60.exe//PE_Patch.PECompact//PecBundle//PECompact
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.ghb 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa19.exe//UPack
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.gfb 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/105.exe
已检测: 木马程序 Trojan-PSW.Win32.Papras.cg 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/all.exe
已检测: 木马程序 Trojan.Win32.Dialer.gen 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/11679-23.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan.Win32.Dialer.gen 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/11680-23.exe//PE_Patch.UPX//UPX
已检测: 木马程序 Trojan-PSW.Win32.QQPass.ajt 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa15.exe//UPX
已检测: 木马程序 Trojan-PSW.Win32.QQPass.ajl 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/100.exe//UPX
已检测: 木马程序 Trojan-PSW.Win32.OnLineGames.gni 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/wow0617.exe
已检测: 木马程序 Trojan-PSW.Win32.WOW.adm 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa13.exe//FSG
已检测: 木马程序 Trojan-PSW.Win32.Lmir.boq 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/aa10.exe//ASPack
已检测: 木马程序 Trojan-Clicker.Win32.Small.jf 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/83122.exe//data0004
已检测: 木马程序 Trojan-Clicker.Win32.Small.jf 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/acdt-pid67N(1).exe//data0004
已检测: 木马程序 Trojan-Clicker.Win32.Small.jf 文件: C:\Documents and Settings\Administrator\桌面\Update2.rar/acdt-pid67N.exe

显示全部楼层 · 发表于 2007-11-3 21:47:03

C:\Documents and Settings\Uhthn\Desktop\New Folder\aa21.exe : infected Trojan-Downloader.Win32.Agent.blm
C:\Documents and Settings\Uhthn\Desktop\New Folder\wl0618.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\111.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa7.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\qj0617.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\104.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\107.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\108.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\110.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa3.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa6.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\3.exe : infected Trojan-Downloader.Win32.Agent.eai
C:\Documents and Settings\Uhthn\Desktop\New Folder\103.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa5.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa19.exe : infected Trojan-PSW.Win32.OnLineGames.ghb
C:\Documents and Settings\Uhthn\Desktop\New Folder\105.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\11679-23.exe : infected Trojan.Win32.Dialer.gen
C:\Documents and Settings\Uhthn\Desktop\New Folder\11680-23.exe : infected Trojan.Win32.Dialer.gen
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa15.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\Uhthn\Desktop\New Folder\100.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\Uhthn\Desktop\New Folder\wow0617.exe : infected MalwareScope.Trojan-PSW.Game.1
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa13.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa10.exe : infected MalwareScope.Trojan-PSW.Game.16
C:\Documents and Settings\Uhthn\Desktop\New Folder\acdt-pid67N(1).exe : infected Trojan.Click.1237
C:\Documents and Settings\Uhthn\Desktop\New Folder\acdt-pid67N.exe : infected Trojan.Click.1237

Directories    : 0    Files in archives:    Files on disks:
Archives:                - total    : 0    - total    : 33
- scanned       : 0    -  scanned : 0    - scanned    : 33
- contain viruses : 0    -  infected : 0    - infected : 25
- deleted       : 0    -  suspicious : 0    - suspicious  : 0

显示全部楼层 · 发表于 2007-11-3 21:47:38

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 803
Paranoia Database - 48490
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\New Folder

C:\Documents and Settings\Uhthn\Desktop\New Folder\aa21.exe - Infected TROJAN-DOWNLOADER.AGENT.5 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\npptools.dll - Suspected TROJAN-PSW.ONLINEGAMES.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\wl0618.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder\111.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa7.exe - Infected TROJAN-PSW.ONLINEGAMES.76 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\qj0617.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\104.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\107.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\108.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\110.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa3.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa6.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\3.exe - Infected MaliciousScope:TROJAN-DOWNLOADER.AGENT.25 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\103.exe - Infected TROJAN-PSW.ONLINEGAMES.70 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa5.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\dogdel.exe - Infected TROJAN-DOWNLOADER.AGENT.27 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\xc60(1).exe - Suspected MaliciousScope:GENERIC.MALWARE.16
C:\Documents and Settings\Uhthn\Desktop\New Folder\xc60(2).exe - Suspected MaliciousScope:GENERIC.MALWARE.16
C:\Documents and Settings\Uhthn\Desktop\New Folder\xc60(3).exe - Suspected MaliciousScope:GENERIC.MALWARE.16
C:\Documents and Settings\Uhthn\Desktop\New Folder\xc60.exe - Suspected MaliciousScope:GENERIC.MALWARE.16
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa19.exe - Infected GENERIC.MALWARE.B27.6740 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\105.exe - Infected TROJAN-PSW.ONLINEGAMES.8 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\all.exe - Infected TROJAN-PSW.PAPRAS.1 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\11679-23.exe - Suspected WIN32.TROJAN-DOWNLOADER (HTTP://...)
C:\Documents and Settings\Uhthn\Desktop\New Folder\11680-23.exe - Suspected WIN32.TROJAN-DOWNLOADER (HTTP://...)
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa15.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\100.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\wow0617.exe - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa13.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\New Folder\aa10.exe - Infected WIN32.TROJAN-PSW.LMIR.4 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder\83122.exe - Suspected TROJAN-PSW.ONLINEGAMES.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\acdt-pid67N(1).exe - Suspected TROJAN-PSW.ONLINEGAMES.3
C:\Documents and Settings\Uhthn\Desktop\New Folder\acdt-pid67N.exe - Suspected TROJAN-PSW.ONLINEGAMES.3

33 Files scanned
21 Infected files found
12 Suspected files found
0 Files disinfected
21 Files deleted

显示全部楼层 · 发表于 2007-11-3 22:18:41

Start of the scan: 2007年11月3日  22:17

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\Update2.rar
  [0] Archive type: RAR
  --> aa21.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.blm.3
  --> wl0618.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 111.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> qj0617.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 104.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 107.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 108.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 110.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.eai
  --> 103.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa5.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> dogdel.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.19968.14
  --> xc60(1).exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> xc60(2).exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> xc60(3).exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> xc60.exe
   [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> aa19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ghb
  --> 105.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> all.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> 11679-23.exe
   [DETECTION] Is the Trojan horse TR/Dialer.30192.266
  --> 11680-23.exe
   [DETECTION] Is the Trojan horse TR/Dialer.30192.241
  --> aa15.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ajt
  --> 100.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ajm
  --> wow0617.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa13.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> aa10.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 83122.exe
   [DETECTION] Is the Trojan horse TR/Drop.Click.JF.7
  --> acdt-pid67N(1).exe
   [DETECTION] Is the Trojan horse TR/Drop.Click.JF.7
  --> acdt-pid67N.exe
   [DETECTION] Is the Trojan horse TR/Drop.Click.JF.7
   [INFO]    The file was deleted!

End of the scan: 2007年11月3日  22:18
Used time: 00:19 min

The scan has been done completely.

   1 Scanning directories
   34 Files were scanned
   32 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-11-3 22:25:44

32
detected: Trojan program Trojan-Downloader.Win32.Agent.blm File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa21.exe
detected: virus Heur.Test File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/wl0618.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ghq File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/111.exe//PE_Patch.UPX//UPX//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ghq File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa7.exe//PE_Patch.UPX//UPX//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fdd File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/qj0617.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gfe File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/104.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fts File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/107.exe//PE_Patch.UPX//UPX//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ftr File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/108.exe//PE_Patch.UPX//UPX//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fbm File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/110.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gnz File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa3.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gny File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa6.exe//PE_Patch.UPX//UPX//PE_Patch
detected: Trojan program Trojan-Downloader.Win32.Agent.eai File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/3.exe//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fym File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/103.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fyn File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa5.exe
detected: malware HackTool.Win32.Jakuz.f File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/dogdel.exe
detected: Trojan program Trojan.Win32.Dialer.qn File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/xc60(1).exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan.Win32.Dialer.qn File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/xc60(2).exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan.Win32.Dialer.qn File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/xc60(3).exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan.Win32.Dialer.qn File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/xc60.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ghb File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa19.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gfb File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/105.exe
detected: Trojan program Trojan-PSW.Win32.Papras.cg File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/all.exe
detected: Trojan program Trojan.Win32.Dialer.gen File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/11679-23.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan.Win32.Dialer.gen File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/11680-23.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.QQPass.ajt File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa15.exe//UPX
detected: Trojan program Trojan-PSW.Win32.QQPass.ajl File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/100.exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gni File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/wow0617.exe
detected: Trojan program Trojan-PSW.Win32.WOW.adm File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa13.exe//FSG
detected: Trojan program Trojan-PSW.Win32.Lmir.boq File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/aa10.exe//ASPack
detected: Trojan program Trojan-Clicker.Win32.Small.jf File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/83122.exe//data0004
detected: Trojan program Trojan-Clicker.Win32.Small.jf File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/acdt-pid67N(1).exe//data0004
detected: Trojan program Trojan-Clicker.Win32.Small.jf File: C:\Documents and Settings\Owner\×ÀÃæ\Update2.rar/acdt-pid67N.exe

显示全部楼层 · 发表于 2007-11-3 22:30:28

[病毒样本] 毒网更新2(33x)

本帖子中包含更多资源

vba32

本帖子中包含更多资源