35个，质量稍微好一点

显示全部楼层 · 发表于 2007-11-16 13:22:21

C:\ABC\样本.rar:\样本\abc.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\avwldmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avwldst.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\avzxfmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avzxfst.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\bf.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\BoldShl01.dll
C:\ABC\样本.rar:\样本\dh.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\down.exe - 特征码 'Trojan-PWS.Win32.Agent.BU' 被发现
C:\ABC\样本.rar:\样本\fjOs0r.dll - 特征码 'Virus.Win32.AutoRun.u' 被发现
C:\ABC\样本.rar:\样本\jh.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\KVBatch01.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\样本.rar:\样本\kvdxjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\LYLOADER.EXE - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\LYMANGR.DLL - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\mh.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.hqi' 被发现
C:\ABC\样本.rar:\样本\mir.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\MSDEG32.DLL - 特征码 'Generic.PWS.Games.3' 被发现
C:\ABC\样本.rar:\样本\my.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\pcibus.sys
C:\ABC\样本.rar:\样本\pk.exe - 特征码 'Trojan-PWS.Win32.QQPass.pb' 被发现
C:\ABC\样本.rar:\样本\qj.exe - 特征码 'Trojan-PWS.Win32.Delf.ix' 被发现
C:\ABC\样本.rar:\样本\qst.exe - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\样本.rar:\样本\ratbjpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\ratbjtl.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\S168.exe - 特征码 'Virus.Win32.AutoRun.u' 被发现
C:\ABC\样本.rar:\样本\SafeCtrl01.dll
C:\ABC\样本.rar:\样本\svcos.exe - 特征码 'Trojan-Spy.Win32.Delf.PG' 被发现
C:\ABC\样本.rar:\样本\swrcbzc.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\sys.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\样本\System6.ins - 特征码 'Trojan-Spy.Win32.Delf.OG' 被发现
C:\ABC\样本.rar:\样本\vip.exe - 特征码 'Trojan-Dropper.Win32.Delf.MM' 被发现
C:\ABC\样本.rar:\样本\Wn_Sys8x.Sys - 特征码 'Trojan-Proxy.Win32.Delf.AN' 被发现
C:\ABC\样本.rar:\样本\wow.exe - 特征码 'Trojan-PWS.Win32.Delf.ix' 被发现
C:\ABC\样本.rar:\样本\zt.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar
36 文件被扫描
(1 压缩档 35 文件)
32 特征码被侦测
0 可疑代码段被发现
耗时: 0:00.734

显示全部楼层 · 发表于 2007-11-16 13:25:35

deleted: virus Worm.Win32.Downloader.as File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\abc.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxq File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\avwldmn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxo File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\avwldst.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hyc File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\avzxfmn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxx File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\avzxfst.exe//UPack
deleted: virus Worm.Win32.Downloader.as File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\bf.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxs File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\dh.exe//UPack
deleted: Trojan program Trojan-Spy.Win32.Delf.aqo File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\down.exe
deleted: Trojan program Trojan-PSW.Win32.Nilage.bty File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\jh.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Nilage.bue File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\KVBatch01.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxg File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\kvdxjma.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpl File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\LYLOADER.EXE//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpo File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\LYMANGR.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hqi File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\mh.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxv File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\mir.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpp File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\MSDEG32.DLL//UPack
deleted: virus Worm.Win32.Downloader.aw File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\pcibus.sys
deleted: Trojan program Trojan-Downloader.Win32.Baser.bg File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\pk.exe//PE_Patch.EPProt//dsig
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hiq File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\qj.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxe File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\ratbjpi.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxc File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\ratbjtl.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxz File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\swrcbzc.dll
deleted: Trojan program Trojan-Spy.Win32.Pophot.xc File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\sys.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.WOW.afd File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\wow.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxi File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\zt.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpe File: C:\Users\Jack Jones\Desktop\Ñù±¾.rar/Ñù±¾\jh.exe//UPack

显示全部楼层 · 发表于 2007-11-16 13:27:30

C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\abc.exe - a variant of Win32/Jalous worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\avwldmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\avwldst.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\avzxfmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\avzxfst.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\bf.exe - a variant of Win32/Jalous worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\BoldShl01.dll - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\dh.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\down.exe - Win32/PSW.Delf.NGI trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\fjOs0r.dll - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\jh.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\KVBatch01.dll - Win32/PSW.OnLineGames.NII trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\kvdxjma.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\LYMANGR.DLL - Win32/PSW.OnLineGames.DTR trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\mh.exe - Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\mir.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\MSDEG32.DLL - a variant of Win32/PSW.OnLineGames.DVV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\my.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\pcibus.sys - a variant of Win32/Jalous worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\pk.exe - a variant of Win32/Delf.NDV worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\qj.exe - probably a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\qst.exe - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\ratbjpi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\ratbjtl.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\S168.exe - probably a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\SafeCtrl01.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\svcos.exe - a variant of Win32/PSW.Delf.NIY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\swrcbzc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\vip.exe - a variant of Win32/PSW.Lineage.ACN trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\wow.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 样本\zt.exe - probably a variant of Win32/Genetik trojan

显示全部楼层 · 发表于 2007-11-16 13:29:22

ESS33个

显示全部楼层 · 发表于 2007-11-16 13:30:45

mcafee 22个

显示全部楼层 · 发表于 2007-11-16 13:45:47

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.Win32.Mnless.zgw
病毒： Trojan.PSW.Win32.GameOnline.aer
病毒： Trojan.PSW.OnlineGames.vu
病毒： Trojan.PSW.Win32.GameOnline.aen
病毒： Trojan.PSW.Win32.GameOnline.aem
病毒： Trojan.PSW.Win32.XYOnline.hy
病毒： Trojan.PSW.Win32.XYOnline.jy
病毒： Dropper.Win32.XYOnline.v
病毒： Trojan.PSW.Win32.XYOnline.rv
病毒： Trojan.PSW.Win32.GameOnline.aaa
病毒： Trojan.Clicker.Win32.PopHot.dv

用户来源：互联网

软件版本：20.18.33

日期： 16.11.2007 时间：13:46:55
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\样本.rar
C:\样本.rar >>RAR >>样本\abc.exe - Win32/Jalous 蠕虫的变种
C:\样本.rar >>RAR >>样本\avwldmn.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\avwldst.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\avzxfmn.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\avzxfst.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\bf.exe - Win32/Jalous 蠕虫的变种
C:\样本.rar >>RAR >>样本\BoldShl01.dll - Win32/PSW.OnLineGames.NFL 木马
C:\样本.rar >>RAR >>样本\dh.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\down.exe - Win32/PSW.Delf.NGI 木马
C:\样本.rar >>RAR >>样本\fjOs0r.dll - 可能是 Win32/PSW.OnLineGames.NBR 木马的一个变种
C:\样本.rar >>RAR >>样本\jh.exe - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
C:\样本.rar >>RAR >>样本\KVBatch01.dll - Win32/PSW.OnLineGames.NII 木马
C:\样本.rar >>RAR >>样本\kvdxjma.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\LYLOADER.EXE - Win32/PSW.Agent.NEC 木马的变种
C:\样本.rar >>RAR >>样本\LYMANGR.DLL - Win32/PSW.OnLineGames.DTR 木马
C:\样本.rar >>RAR >>样本\mh.exe - Win32/PSW.Agent.NEC 木马
C:\样本.rar >>RAR >>样本\mir.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\MSDEG32.DLL - Win32/PSW.OnLineGames.DVV 木马的变种
C:\样本.rar >>RAR >>样本\my.exe - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
C:\样本.rar >>RAR >>样本\pcibus.sys - Win32/Jalous 蠕虫的变种
C:\样本.rar >>RAR >>样本\pk.exe - Win32/Delf.NDV 蠕虫的变种
C:\样本.rar >>RAR >>样本\qj.exe - 可能是 Win32/PSW.OnLineGames.GJV 木马的一个变种
C:\样本.rar >>RAR >>样本\qst.exe - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
C:\样本.rar >>RAR >>样本\ratbjpi.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\ratbjtl.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\S168.exe - 可能是 Win32/PSW.OnLineGames.NBR 木马的一个变种
C:\样本.rar >>RAR >>样本\SafeCtrl01.dll - 可能是 Win32/PSW.OnLineGames.NFL 木马的一个变种
C:\样本.rar >>RAR >>样本\svcos.exe - Win32/PSW.Delf.NIY 木马的变种
C:\样本.rar >>RAR >>样本\swrcbzc.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\样本.rar >>RAR >>样本\sys.exe - 是正常的
C:\样本.rar >>RAR >>样本\System6.ins - 是正常的
C:\样本.rar >>RAR >>样本\vip.exe - Win32/PSW.Lineage.ACN 木马的变种
C:\样本.rar >>RAR >>样本\Wn_Sys8x.Sys - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
C:\样本.rar >>RAR >>样本\wow.exe - Win32/PSW.OnLineGames.GJV 木马的变种
C:\样本.rar >>RAR >>样本\zt.exe - 可能是 Win32/Genetik 木马的一个变种
C:\样本.rar - 多重感染 - 已删除
已扫描的文件数目：36
已发现的病毒数目：33
已清除病毒的文件数目：1
完成时间： 13:47:06 总扫描时间：11 秒 (00:00:11)

显示全部楼层 · 发表于 2007-11-16 13:56:01

Hello,

BoldShl01.dll - Trojan-PSW.Win32.Nilage.buj,
fjOs0r.dll - Trojan-PSW.Win32.Delf.aho,
my.exe_, SafeCtrl01.dll - Trojan-PSW.Win32.OnLineGames.hyk,
qst.exe_ - Trojan-PSW.Win32.OnLineGames.hyl,
S168.exe_ - Trojan-PSW.Win32.Delf.ahp,
svcos.exe_ - Trojan-Spy.Win32.Delf.aqw,
System6.ins - Trojan-Spy.Win32.Delf.aqx,
vip.exe_ - Trojan-PSW.Win32.OnLineGames.hyn,
Wn_Sys8x.Sys - Trojan-PSW.Win32.OnLineGames.hym

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vladimir Lebedev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

显示全部楼层 · 发表于 2007-11-16 13:59:30

费尔很少,很少.

显示全部楼层 · 发表于 2007-11-16 13:59:32

33
Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\样本(2).rar'
C:\Users\morgan\Documents\
  样本(2).rar
[0] Archive type: RAR
--> Ñù±¾\abc.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.45056
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\avwldmn.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\avwldst.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\avzxfmn.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\avzxfst.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\bf.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.45056
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\BoldShl01.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\dh.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\down.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\fjOs0r.dll
      [DETECTION] Contains suspicious code HEUR/Crypted
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\jh.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\KVBatch01.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\kvdxjma.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\LYLOADER.EXE
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\LYMANGR.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\mh.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\mir.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\MSDEG32.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.gyo.2
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\my.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\pcibus.sys
--> Ñù±¾\pk.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\qj.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hiq
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\qst.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\ratbjpi.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\ratbjtl.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\S168.exe
      [DETECTION] Is the Trojan horse TR/Autorun.BK
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\SafeCtrl01.dll
--> Ñù±¾\svcos.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\swrcbzc.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\sys.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\System6.ins
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\vip.exe
      [DETECTION] Is the Trojan horse TR/PSW.Lineage.UZH
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\Wn_Sys8x.Sys
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\wow.exe
      [DETECTION] Is the Trojan horse TR/PSW.21946
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾\zt.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
      [WARNING] The file was ignored!

End of the scan: 2007年11月15日  21:59
Used time: 00:05 min

The scan has been done completely.

   0 Scanning directories
   36 Files were scanned
   19 viruses and/or unwanted programs were found
   14 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   17 Files not concerned
   1 Archives were scanned
   34 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-11-16 14:36:12

C:\ABC\样本.rar:\样本\abc.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\avwldmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avwldst.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\avzxfmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avzxfst.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\bf.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\BoldShl01.dll - 特征码 'Virus.Win32.Nilage.JY' 被发现
C:\ABC\样本.rar:\样本\dh.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\down.exe - 特征码 'Trojan-PWS.Win32.Agent.BU' 被发现
C:\ABC\样本.rar:\样本\fjOs0r.dll - 特征码 'Virus.Win32.AutoRun.u' 被发现
C:\ABC\样本.rar:\样本\jh.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\KVBatch01.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\样本.rar:\样本\kvdxjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\LYLOADER.EXE - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\LYMANGR.DLL - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\mh.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.hqi' 被发现
C:\ABC\样本.rar:\样本\mir.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\MSDEG32.DLL - 特征码 'Generic.PWS.Games.3' 被发现
C:\ABC\样本.rar:\样本\my.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\pcibus.sys - 特征码 'Virus.Worm.Win32.Downloader.aw' 被发现
C:\ABC\样本.rar:\样本\pk.exe - 特征码 'Trojan-PWS.Win32.QQPass.pb' 被发现
C:\ABC\样本.rar:\样本\qj.exe - 特征码 'Trojan-PWS.Win32.Delf.ix' 被发现
C:\ABC\样本.rar:\样本\qst.exe - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\样本.rar:\样本\ratbjpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\ratbjtl.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\S168.exe - 特征码 'Virus.Win32.AutoRun.u' 被发现
C:\ABC\样本.rar:\样本\SafeCtrl01.dll - 特征码 'Virus.Win32.Nilage.JY' 被发现
C:\ABC\样本.rar:\样本\svcos.exe - 特征码 'Trojan-Spy.Win32.Delf.PG' 被发现
C:\ABC\样本.rar:\样本\swrcbzc.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\sys.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\样本\System6.ins - 特征码 'Trojan-Spy.Win32.Delf.OG' 被发现
C:\ABC\样本.rar:\样本\vip.exe - 特征码 'Trojan-Dropper.Win32.Delf.MM' 被发现
C:\ABC\样本.rar:\样本\Wn_Sys8x.Sys - 特征码 'Trojan-Proxy.Win32.Delf.AN' 被发现
C:\ABC\样本.rar:\样本\wow.exe - 特征码 'Trojan-PWS.Win32.Delf.ix' 被发现
C:\ABC\样本.rar:\样本\zt.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar

37 文件被扫描
(1 压缩档 35 文件)
35 特征码被侦测
0 可疑代码段被发现
耗时: 0:00.687

[病毒样本] 35个，质量稍微好一点

本帖子中包含更多资源

26

33个

本帖子中包含更多资源

Kis杀剩的

已处理

浏览过的版块