35个，质量稍微好一点

显示全部楼层 · 发表于 2007-11-16 21:18:50

F-PROT17个.....

显示全部楼层 · 发表于 2007-11-16 21:56:01

kv 19个

显示全部楼层 · 发表于 2007-11-16 22:45:12

35
deleted: virus Worm.Win32.Downloader.as File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\abc.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxq File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\avwldmn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxo File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\avwldst.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hyc File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\avzxfmn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxx File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\avzxfst.exe//UPack
deleted: virus Worm.Win32.Downloader.as File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\bf.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Nilage.buj File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\BoldShl01.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\dh.exe//UPack
deleted: Trojan program Trojan-Spy.Win32.Delf.aqo File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\down.exe
deleted: Trojan program Trojan-PSW.Win32.Delf.aho File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\fjOs0r.dll
deleted: Trojan program Trojan-PSW.Win32.Nilage.bty File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\jh.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Nilage.bue File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\KVBatch01.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxg File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\kvdxjma.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpl File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\LYLOADER.EXE//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpo File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\LYMANGR.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hqi File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\mh.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxv File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\mir.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hpp File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\MSDEG32.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hyk File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\my.exe
deleted: virus Worm.Win32.Downloader.aw File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\pcibus.sys
deleted: Trojan program Trojan-Downloader.Win32.Baser.bg File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\pk.exe//PE_Patch.EPProt//dsig
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hiq File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\qj.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hyl File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\qst.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxe File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\ratbjpi.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxc File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\ratbjtl.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.Delf.ahp File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\S168.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hyk File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\SafeCtrl01.dll
deleted: Trojan program Trojan-Spy.Win32.Delf.aqw File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\svcos.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxz File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\swrcbzc.dll
deleted: Trojan program Trojan-Spy.Win32.Pophot.xc File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\sys.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Spy.Win32.Delf.aqx File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\System6.ins
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hyn File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\vip.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hym File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\Wn_Sys8x.Sys
deleted: Trojan program Trojan-PSW.Win32.WOW.afd File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\wow.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.hxi File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Ñù±¾\zt.exe//PE_Patch//UPack
这叫变态

显示全部楼层 · 发表于 2007-11-16 22:55:16

反病毒专家 AntiVirusKit 2006 扫描病毒日志记录
版本 16.0.5
双引擎反病毒签名
开始时间: 2007-11-16 22:49
引擎: BD 引擎 (BD 18.888)
高启发式: 打开
压缩文件: 打开
系统区域: 关闭

扫描所选择的目录和文件...
对象: ????\avwldmn.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: BehavesLike:Trojan.WUDisable (BD 引擎)
对象: ????\avwldst.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Generic.Malware.SBdldg.18EA748F (BD 引擎)
对象: ????\avzxfmn.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: BehavesLike:Trojan.WUDisable (BD 引擎)
对象: ????\avzxfst.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.Dld.Agent.609AE0E6 (BD 引擎)
对象: ????\BoldShl01.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.Onlinegames.2.5242DF3A (BD 引擎)
对象: ????\dh.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.Dld.Agent.F873B4C1 (BD 引擎)
对象: ????\down.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: GenPack:Trojan.Onlinegames.LE (BD 引擎)
对象: ????\fjOs0r.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Trojan.PWS.Delf.IGL (BD 引擎)
对象: ????\jh.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.PWS.Games.4.B5849EAE (BD 引擎)
对象: ????\KVBatch01.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.PWS.Games.4.8785A033 (BD 引擎)
对象: ????\kvdxjma.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: BehavesLike:Trojan.WUDisable (BD 引擎)
对象: ????\LYLOADER.EXE
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Dropped:Trojan.PWS.Onlinegames.AVH (BD 引擎)
对象: ????\LYMANGR.DLL
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Trojan.Generic.75674 (BD 引擎)
对象: ????\mir.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.Dld.Agent.B9E4EFDD (BD 引擎)
对象: ????\MSDEG32.DLL
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Generic.PWS.Games.3.A2322510 (BD 引擎)
对象: ????\my.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.PWS.Games.4.3A95DC91 (BD 引擎)
对象: ????\pk.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: GenPack:Trojan.PWS.Delf.IGH (BD 引擎)
对象: ????\qj.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnlineGames.NMS (BD 引擎)
对象: ????\qst.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Generic.PWStealer.E458EC26 (BD 引擎)
对象: ????\ratbjpi.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: BehavesLike:Trojan.WUDisable (BD 引擎)
对象: ????\ratbjtl.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.Dld.Agent.C6976C43 (BD 引擎)
对象: ????\S168.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Trojan.PWS.Delf.IFD (BD 引擎)
对象: ????\svcos.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Generic.PWStealer.BCAE606D (BD 引擎)
对象: ????\swrcbzc.dll
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: BehavesLike:Trojan.WUDisable (BD 引擎)
对象: ????\sys.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Generic.Onlinegames.5.21C32C86 (BD 引擎)
对象: ????\System6.ins
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Generic.PWStealer.61D784FC (BD 引擎)
对象: ????\vip.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Trojan.PWS.Lineage.UZH (BD 引擎)
对象: ????\Wn_Sys8x.Sys
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: Win32.Worm.Autorun.FF (BD 引擎)
对象: ????\wow.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.PWS.WoW.04808CE0 (BD 引擎)
对象: ????\zt.exe
在压缩档案里: D:\AVK2006\BDF\样本.rar
Status: 已发现病毒
病毒: DeepScan:Generic.PWS.Games.4.4B6F4229 (BD 引擎)
已检查 35个文件
已发现 30 个染毒文件
发现 0 个可疑文件

显示全部楼层 · 发表于 2007-11-17 00:14:56

微点一个延迟删除，其它exe全部砍掉！

时间处理结果病毒名称病毒进程名病毒文件创建者
2007-11-17 00:14:24 处理成功未知恶意程序 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\RATBJTL.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:22 处理成功未知恶意程序 C:\DFD21470140.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\RATBJTL.EXE
2007-11-17 00:13:45 处理成功未知恶意程序 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MIR.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:13:43 处理成功未知恶意程序 C:\DFD21432218.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MIR.EXE
2007-11-17 00:12:48 处理成功未知恶意程序 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\DH.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:12:46 处理成功未知恶意程序 C:\DFD21375125.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\DH.EXE
2007-11-17 00:12:33 处理成功未知恶意程序 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\AVZXFST.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:12:30 处理成功未知恶意程序 C:\DFD21359375.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\AVZXFST.EXE
2007-11-17 00:12:22 处理成功未知恶意程序 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\AVWLDST.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:12:19 处理成功未知恶意程序 C:\DFD21347171.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\AVWLDST.EXE

时间处理结果木马名称木马进程名木马文件创建者
2007-11-17 00:16:26 处理成功未知间谍软件 C:\WINDOWS\SYSTEM32\KVBATCH01.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\ZT.EXE
2007-11-17 00:16:26 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\ZT.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:15:53 处理成功未知木马 C:\WINDOWS\WEB\PRINTERS\IMAGES\NDMAI.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\VIP.EXE
2007-11-17 00:15:53 处理成功未知木马 C:\WINDOWS\WEB\PRINTERS\IMAGES\NDMAI.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\VIP.EXE
2007-11-17 00:15:52 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\VIP.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:15:21 延时删除未知木马 C:\WINDOWS\SYSTEM32\LWISYS16_071115.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SYS.EXE
2007-11-17 00:15:18 处理成功未知木马 C:\WINDOWS\SYSTEM32\INF\SCRSYS16_071115.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SYS.EXE
2007-11-17 00:15:18 处理成功未知木马 C:\WINDOWS\SYSTEM32\INF\SCRSYS071115.SCR C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SYS.EXE
2007-11-17 00:15:17 处理成功未知木马 C:\WINDOWS\SYSTEM32\MWISYS32_071115.DLL C:\WINDOWS\SYSTEM\SLXPRES071115.EXE
2007-11-17 00:15:17 处理成功未知木马 C:\WINDOWS\SYSTEM\SLXPRES071115.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SYS.EXE
2007-11-17 00:15:16 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SYS.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:42 处理成功未知间谍软件 C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\MSINFO\SYSTEM6.INS C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SVCOS.EXE
2007-11-17 00:14:42 处理成功未知间谍软件 C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\MSINFO\SYSTEM36.JUP C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SVCOS.EXE
2007-11-17 00:14:42 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\SVCOS.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:35 处理成功未知间谍软件 C:\PROGRAM FILES\COMMON FILES\FJOS0R.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\S168.EXE
2007-11-17 00:14:35 处理成功未知间谍软件 C:\PROGRAM FILES\INTERNET EXPLORER\ONLO0R.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\S168.EXE
2007-11-17 00:14:34 处理成功未知间谍软件 C:\PROGRAM FILES\INTERNET EXPLORER\ONLO0R.BAK C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\S168.EXE
2007-11-17 00:14:34 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\S168.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:29 处理成功未知木马 E:\AUTORUN.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QST.EXE
2007-11-17 00:14:29 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QST.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:16 处理成功未知木马 E:\AUTORUN.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QST.EXE
2007-11-17 00:14:16 处理成功未知木马 E:\AUTORUN.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QST.EXE
2007-11-17 00:14:15 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QST.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:09 处理成功未知间谍软件 C:\WINDOWS\SYSTEM32\AMPVSTQJ32.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QJ.EXE
2007-11-17 00:14:09 处理成功未知间谍软件 C:\WINDOWS\SYSTEM32\YTUELGOYGLEX.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QJ.EXE
2007-11-17 00:14:08 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\QJ.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:14:00 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\PK.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:13:53 处理成功未知间谍软件 C:\WINDOWS\SYSTEM32\SAFECTRL01.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MY.EXE
2007-11-17 00:13:52 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MY.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:13:26 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\DSL\LOCAL SETTINGS\TEMP\LYLOADER.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MH.EXE
2007-11-17 00:13:26 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MH.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:13:21 处理成功 Trojan-PSW.Win32.OnLineGames.wmm C:\DOCUMENTS AND SETTINGS\DSL\LOCAL SETTINGS\TEMP\LYLOADER.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MH.EXE
2007-11-17 00:13:09 处理成功 Trojan-PSW.Win32.OnLineGames.wmm C:\DOCUMENTS AND SETTINGS\DSL\LOCAL SETTINGS\TEMP\LYLOADER.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MH.EXE
2007-11-17 00:13:02 处理成功未知间谍软件 C:\WINDOWS\SYSTEM32\BOLDSHL01.DLL C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\JH.EXE
2007-11-17 00:13:01 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\JH.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:12:51 处理成功 Trojan-PSW.Win32.GamePass.wn C:\DOCUMENTS AND SETTINGS\DSL\LOCAL SETTINGS\TEMPORARY INTERNET FILES\SVCHOST.EXE C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\DOWN.EXE
2007-11-17 00:12:41 处理成功未知间谍软件 C:\WINDOWS\SYSTEM32\DRIVERS\PCIBUS.SYS C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\BF.EXE
2007-11-17 00:12:40 处理成功未知间谍软件 C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\BF.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:11:49 处理成功 Trojan-PSW.Win32.WOW.bmg C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\WOW.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2007-11-17 00:11:47 处理成功 Trojan-PSW.Win32.OnLineGames.wmm C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\LYLOADER.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE

时间处理结果蠕虫名称蠕虫进程名蠕虫文件创建者
2007-11-17 00:11:45 处理成功 Worm.Win32.Downloader.ge C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\ABC.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE

时间处理结果可疑程序进程名可疑程序文件创建者描述
2007-11-17 00:14:18 阻止 C:\DFD21470140.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\RATBJTL.EXE 试图删除文件
2007-11-17 00:13:40 阻止 C:\DFD21432218.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\MIR.EXE 试图删除文件
2007-11-17 00:12:44 阻止 C:\DFD21375125.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\DH.EXE 试图删除文件
2007-11-17 00:12:28 阻止 C:\DFD21359375.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\AVZXFST.EXE 试图删除文件
2007-11-17 00:12:16 阻止 C:\DFD21347171.BAT C:\DOCUMENTS AND SETTINGS\DSL\桌面\新建文件夹\样本\AVWLDST.EXE 试图删除文件

显示全部楼层 · 发表于 2007-11-17 00:26:50

Objekt: abc.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Worm.Win32.Downloader.as (KAV Engine)
Objekt: avwldmn.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxq (KAV Engine)
Objekt: avwldst.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxo (KAV Engine)
Objekt: avzxfmn.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hyc (KAV Engine)
Objekt: avzxfst.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxx (KAV Engine)
Objekt: bf.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Worm.Win32.Downloader.as (KAV Engine)
Objekt: BoldShl01.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.Nilage.buj (KAV Engine)
Objekt: dh.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxs (KAV Engine)
Objekt: down.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-Spy.Win32.Delf.aqo (KAV Engine)
Objekt: fjOs0r.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.Delf.aho (KAV Engine)
Objekt: jh.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.Nilage.bty (KAV Engine)
Objekt: KVBatch01.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.Nilage.bue (KAV Engine)
Objekt: kvdxjma.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxg (KAV Engine)
Objekt: LYLOADER.EXE
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hpl (KAV Engine)
Objekt: LYMANGR.DLL
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hpo (KAV Engine)
Objekt: mh.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hqi (KAV Engine)
Objekt: mir.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxv (KAV Engine)
Objekt: MSDEG32.DLL
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hpp (KAV Engine)
Objekt: my.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hyk (KAV Engine)
Objekt: pcibus.sys
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Worm.Win32.Downloader.aw (KAV Engine)
Objekt: pk.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-Downloader.Win32.Baser.bg (KAV Engine)
Objekt: qj.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hiq (KAV Engine)
Objekt: qst.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hyl (KAV Engine)
Objekt: ratbjpi.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxe (KAV Engine)
Objekt: ratbjtl.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxc (KAV Engine)
Objekt: S168.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.Delf.ahp (KAV Engine)
Objekt: SafeCtrl01.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hyk (KAV Engine)
Objekt: svcos.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-Spy.Win32.Delf.aqw (KAV Engine)
Objekt: swrcbzc.dll
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxz (KAV Engine)
Objekt: sys.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-Spy.Win32.Pophot.xc (KAV Engine)
Objekt: System6.ins
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-Spy.Win32.Delf.aqx (KAV Engine)
Objekt: vip.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hyn (KAV Engine)
Objekt: Wn_Sys8x.Sys
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hym (KAV Engine)
Objekt: wow.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.WOW.afd (KAV Engine)
Objekt: zt.exe
Pfad: C:\样本\样本
Status: Virus gefunden
Virus: Trojan-PSW.Win32.OnLineGames.hxi (KAV Engine)

显示全部楼层 · 发表于 2007-11-17 01:01:51

>>> File "C:\Scan\35\abc.exe\FILE:0000\FILE:0000" has been identified as suspicious 'Sus/Malware-B'.
>>> File "C:\Scan\35\abc.exe\FILE:0000" has been identified as suspicious 'Sus/Malware-B'.
>>> Virus 'Mal/Packer' found in file C:\Scan\35\abc.exe
>>> Virus 'Mal/Delagen-A' found in file C:\Scan\35\avwldmn.dll
>>> Virus 'Mal/Behav-152' found in file C:\Scan\35\avwldst.exe
>>> Virus 'Mal/Delagen-A' found in file C:\Scan\35\avzxfmn.dll
>>> Virus 'Mal/Behav-152' found in file C:\Scan\35\avzxfst.exe
>>> Virus 'Mal/Behav-160' found in file C:\Scan\35\bf.exe\FILE:0000\FILE:0000\FILE:0000
>>> File "C:\Scan\35\bf.exe\FILE:0000\FILE:0000" has been identified as suspicious 'Sus/Malware-B'.
>>> File "C:\Scan\35\bf.exe\FILE:0000\FILE:0001" has been identified as suspicious 'Sus/Malware-B'.
>>> File "C:\Scan\35\bf.exe\FILE:0000" has been identified as suspicious 'Sus/Malware-B'.
>>> Virus 'Mal/Packer' found in file C:\Scan\35\bf.exe
>>> Virus 'Mal/DllHook-A' found in file C:\Scan\35\BoldShl01.dll
>>> Virus 'Mal/Behav-152' found in file C:\Scan\35\dh.exe
>>> Virus 'Mal/EncPk-Z' found in file C:\Scan\35\down.exe
>>> Virus 'Mal/PWS-K' found in file C:\Scan\35\fjOs0r.dll
>>> Virus 'Mal/Packer' found in file C:\Scan\35\jh.exe
>>> Virus 'Mal/DllHook-A' found in file C:\Scan\35\KVBatch01.dll
>>> Virus 'Mal/Delagen-A' found in file C:\Scan\35\kvdxjma.dll
>>> Virus 'Mal/Packer' found in file C:\Scan\35\LYLOADER.EXE
>>> Virus 'Mal/Packer' found in file C:\Scan\35\LYMANGR.DLL
>>> Virus 'Mal/Packer' found in file C:\Scan\35\mh.exe\FILE:0000
>>> Virus 'Mal/PWS-N' found in file C:\Scan\35\mh.exe
>>> Virus 'Mal/Behav-152' found in file C:\Scan\35\mir.exe
>>> Virus 'Mal/Packer' found in file C:\Scan\35\MSDEG32.DLL
>>> Virus 'Mal/Packer' found in file C:\Scan\35\my.exe
>>> Virus 'Mal/Behav-160' found in file C:\Scan\35\pcibus.sys\FILE:0000\FILE:0000
>>> File "C:\Scan\35\pcibus.sys\FILE:0000" has been identified as suspicious 'Sus/Malware-B'.
>>> File "C:\Scan\35\pcibus.sys\FILE:0001" has been identified as suspicious 'Sus/Malware-B'.
>>> File "C:\Scan\35\pcibus.sys" has been identified as suspicious 'Sus/Malware-B'.
>>> Virus 'Mal/Packer' found in file C:\Scan\35\qj.exe
>>> Virus 'Mal/Gampass-A' found in file C:\Scan\35\qst.exe\FILE:0000
>>> Virus 'Mal/Dropper-H' found in file C:\Scan\35\qst.exe
>>> Virus 'Mal/Delagen-A' found in file C:\Scan\35\ratbjpi.dll
>>> Virus 'Mal/Behav-152' found in file C:\Scan\35\ratbjtl.exe
>>> Virus 'Mal/PWS-K' found in file C:\Scan\35\S168.exe\FILE:0000
>>> Virus 'Mal/Behav-156' found in file C:\Scan\35\SafeCtrl01.dll
>>> Virus 'Mal/Dloadr-B' found in file C:\Scan\35\svcos.exe\FILE:0000
>>> Virus 'Mal/Dropper-H' found in file C:\Scan\35\svcos.exe
>>> Virus 'Mal/Delagen-A' found in file C:\Scan\35\swrcbzc.dll
>>> Virus 'Mal/Packer' found in file C:\Scan\35\sys.exe
>>> Virus 'Mal/Dloadr-B' found in file C:\Scan\35\System6.ins
>>> File "C:\Scan\35\vip.exe\FILE:0000" has been identified as suspicious 'Sus/Dllhook-A'.
>>> Virus 'Mal/Gampass-A' found in file C:\Scan\35\Wn_Sys8x.Sys
>>> Virus 'Mal/Packer' found in file C:\Scan\35\wow.exe
>>> Virus 'Mal/Packer' found in file C:\Scan\35\zt.exe

35 files swept in 25 seconds.
37 viruses were discovered.
9 suspicious files were discovered.
34 files out of 35 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.

显示全部楼层 · 发表于 2007-11-17 01:21:56

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 878
Paranoia Database - 48756
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\2

C:\Documents and Settings\Uhthn\Desktop\2\abc.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\avwldmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\avwldst.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\avzxfmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\avzxfst.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\bf.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\BoldShl01.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\dh.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\down.exe - Infected MaliciousScope:TROJAN-DOWNLOADER.AGENT.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\fjOs0r.dll - Infected WIN32.VIRUS.AUTORUN.2 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\jh.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\KVBatch01.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\kvdxjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\LYLOADER.EXE - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\LYMANGR.DLL - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\mh.exe - Infected TROJAN-PSW.ONLINEGAMES.U - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\mir.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\MSDEG32.DLL - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\my.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\pcibus.sys - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\pk.exe - OK
C:\Documents and Settings\Uhthn\Desktop\2\qj.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\2\qst.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\ratbjpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\ratbjtl.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\S168.exe - Infected WIN32.VIRUS.AUTORUN.2 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\SafeCtrl01.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\svcos.exe - Infected WIN32.TROJAN-PSW.DELF.7 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\swrcbzc.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\sys.exe - Suspected MaliciousScope:GENERIC.MALWARE.4
C:\Documents and Settings\Uhthn\Desktop\2\System6.ins - Infected WIN32.TROJAN-PSW.DELF.2 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\vip.exe - Infected WIN32.TROJAN-PSW.GAME.26 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\Wn_Sys8x.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\wow.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\2\zt.exe - Suspected TROJAN-PSW.ONLINEGAMES.2

35 Files scanned
17 Infected files found
17 Suspected files found
0 Files disinfected
17 Files deleted

[病毒样本] 35个，质量稍微好一点

浏览过的版块