36个

显示全部楼层 · 发表于 2007-11-18 16:19:07

Hello,

GenProtect.dll - Trojan-PSW.Win32.OnLineGames.icp

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

REGKEY.hiv

This file is corrupted.

Vml.exe - not-a-virus:NetTool.Win32.Agent.b

This file is already detected by our extended bases as a potentially risk program.
If you know purpose of this program then there's no need to bother, just add it to exclusion list,
else there is unknown malicious software on your computer possibly. You can do this:

Please download and run utility from
ftp://ftp.kaspersky.com/utils/getsysteminfo/GetSystemInfo.exe
Create text report and upload it to
http://www.kaspersky.ru/helpdesk.html
Our support team will analize your report.

Please quote all when answering.

--
Best regards, Ermilov Maxim
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

显示全部楼层 · 发表于 2007-11-18 16:20:47

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\样本(2).rar'
C:\Users\morgan\Documents\
  样本(2).rar
[0] Archive type: RAR
--> 12.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 23.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.blm.3
      [WARNING] Infected files in archives cannot be repaired!
--> 20.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.hcv
      [WARNING] Infected files in archives cannot be repaired!
--> 14.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 8.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 7.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> 6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 5.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 4.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 3.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 2.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> 15.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hqq
      [WARNING] Infected files in archives cannot be repaired!
--> 13.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 11.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 10.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 608769MM.DLL
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 608769WL.DLL
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Vml.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> upxdnd.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> SQLLink01.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> REGKEY.hiv
--> NVDispDrv.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> MsPrint32D.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.hcv
      [WARNING] Infected files in archives cannot be repaired!
--> MSDEG32.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.gyo.2
      [WARNING] Infected files in archives cannot be repaired!
--> LYMANGR.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> LYLOADER.EXE
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
      [WARNING] Infected files in archives cannot be repaired!
--> lqwdpvbflqwbh.dll
      [DETECTION] Contains suspicious code HEUR/Crypted
      [WARNING] Infected files in archives cannot be repaired!
--> kpwdouyfkqvb.dll
      [DETECTION] Contains suspicious code HEUR/Crypted
      [WARNING] Infected files in archives cannot be repaired!
--> GenProtect.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> DbgHlp32.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hqq
      [WARNING] Infected files in archives cannot be repaired!
--> cmdbcs.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> AVPSrv.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> afmsyflqva.dll
      [DETECTION] Contains suspicious code HEUR/Crypted
      [WARNING] Infected files in archives cannot be repaired!
--> pcihdd.sys
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.blm.3
      [WARNING] Infected files in archives cannot be repaired!
--> NvSys_54.Sys
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
      [WARNING] The file was ignored!

End of the scan: 2007年11月18日  00:20
Used time: 00:06 min

The scan has been done completely.

   0 Scanning directories
   37 Files were scanned
   26 viruses and/or unwanted programs were found
   9 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   11 Files not concerned
   1 Archives were scanned
   36 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-11-18 16:20:49

2007-11-18 16:11:07 Real-time file system protection file D:\firefox下载的文件\样本\pcihdd.sys Win32/TrojanDownloader.Agent.BLM trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:11:04 Real-time file system protection file D:\firefox下载的文件\样本\afmsyflqva.dll Win32/PSW.OnLineGames.GJV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:11:01 Real-time file system protection file D:\firefox下载的文件\样本\AVPSrv.dll probably a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:58 Real-time file system protection file D:\firefox下载的文件\样本\cmdbcs.dll probably a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:55 Real-time file system protection file D:\firefox下载的文件\样本\DbgHlp32.dll Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:52 Real-time file system protection file D:\firefox下载的文件\样本\GenProtect.dll a variant of Win32/PSW.OnLineGames.HCV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:49 Real-time file system protection file D:\firefox下载的文件\样本\kpwdouyfkqvb.dll a variant of Win32/PSW.OnLineGames.GJV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:46 Real-time file system protection file D:\firefox下载的文件\样本\lqwdpvbflqwbh.dll a variant of Win32/PSW.OnLineGames.GJV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:42 Real-time file system protection file D:\firefox下载的文件\样本\LYLOADER.EXE a variant of Win32/PSW.Agent.NEC trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:39 Real-time file system protection file D:\firefox下载的文件\样本\LYMANGR.DLL a variant of Win32/PSW.OnLineGames.DTR trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:35 Real-time file system protection file D:\firefox下载的文件\样本\MSDEG32.DLL a variant of Win32/PSW.OnLineGames.DVV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:30 Real-time file system protection file D:\firefox下载的文件\样本\MsPrint32D.dll a variant of Win32/PSW.OnLineGames.HCV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:23 Real-time file system protection file D:\firefox下载的文件\样本\NVDispDrv.dll probably a variant of Win32/PSW.OnLineGames.HCV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:17 Real-time file system protection file D:\firefox下载的文件\样本\SQLLink01.dll Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:12 Real-time file system protection file D:\firefox下载的文件\样本\upxdnd.dll probably a variant of Win32/PSW.OnLineGames.HCV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:08 Real-time file system protection file D:\firefox下载的文件\样本\Vml.exe Win32/NetTool.Agent.B application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:10:03 Real-time file system protection file D:\firefox下载的文件\样本\608769WL.DLL Win32/PSW.Legendmir.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:59 Real-time file system protection file D:\firefox下载的文件\样本\608769MM.DLL a variant of Win32/PSW.Legendmir.NFF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:56 Real-time file system protection file D:\firefox下载的文件\样本\10.exe a variant of Win32/PSW.OnLineGames.YA trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:51 Real-time file system protection file D:\firefox下载的文件\样本\11.exe probably a variant of Win32/PSW.OnLineGames.GJV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:47 Real-time file system protection file D:\firefox下载的文件\样本\13.exe probably a variant of Win32/PSW.WOW.WU trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:42 Real-time file system protection file D:\firefox下载的文件\样本\15.exe Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:39 Real-time file system protection file D:\firefox下载的文件\样本\2.exe a variant of Win32/PSW.Agent.NEC trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:34 Real-time file system protection file D:\firefox下载的文件\样本\3.exe a variant of Win32/PSW.OnLineGames.GJV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:29 Real-time file system protection file D:\firefox下载的文件\样本\4.exe a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:23 Real-time file system protection file D:\firefox下载的文件\样本\5.exe a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:17 Real-time file system protection file D:\firefox下载的文件\样本\6.exe a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:12 Real-time file system protection file D:\firefox下载的文件\样本\7.exe Win32/PSW.OnLineGames.NIF trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:08 Real-time file system protection file D:\firefox下载的文件\样本\8.exe a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:03 Real-time file system protection file D:\firefox下载的文件\样本\14.exe Win32/PSW.WOW.WU trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:09:00 Real-time file system protection file D:\firefox下载的文件\样本\19.exe probably a variant of Win32/PSW.OnLineGames.NFL trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:08:53 Real-time file system protection file D:\firefox下载的文件\样本\20.exe a variant of Win32/PSW.OnLineGames.GJV trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:08:46 Real-time file system protection file D:\firefox下载的文件\样本\23.exe Win32/Agent.NLW trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.
2007-11-18 16:08:39 Real-time file system protection file D:\firefox下载的文件\样本\12.exe probably a variant of Win32/Genetik trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: f:\Program Files\WinRAR\WinRAR.exe.

显示全部楼层 · 发表于 2007-11-18 16:23:31

卡巴厉害，10月1日的病毒库

显示全部楼层 · 发表于 2007-11-18 16:26:38

估计用新的启发引擎还能多一点。

显示全部楼层 · 发表于 2007-11-18 16:30:05

原帖由 etly 于 2007-11-18 16:15 发表
嘻嘻，更正。
25个，已经是用kis7最近的病毒库了。
怎么差别这么大。

我用的275版本，但病毒库BETA版的应该比正式版的稍微滞后一些，怎么反而检测到的会多呢？

显示全部楼层 · 发表于 2007-11-18 16:33:35

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.icd 檔案: C:\Documents and Settings\kato9096\桌面\样本.rar/10.exe

因为什么我跟14楼找到的10.exe的病毒名称不一样？

显示全部楼层 · 发表于 2007-11-18 16:48:54

再更新，38个
已检测到: 木马程序 Trojan-PSW.Win32.QQPass.alx 文件: C:\Documents and Settings\hui\桌面\样本.rar/12.exe//UPX
已检测到: 木马程序 Trojan-Downloader.Win32.Agent.blm 文件: C:\Documents and Settings\hui\桌面\样本.rar/23.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ick 文件: C:\Documents and Settings\hui\桌面\样本.rar/20.exe//PE_Patch.UPX//UPX
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.icg 文件: C:\Documents and Settings\hui\桌面\样本.rar/19.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.icg 文件: C:\Documents and Settings\hui\桌面\样本.rar/19.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.hfr 文件: C:\Documents and Settings\hui\桌面\样本.rar/14.exe//ASPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ich 文件: C:\Documents and Settings\hui\桌面\样本.rar/8.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ich 文件: C:\Documents and Settings\hui\桌面\样本.rar/8.exe//PE_Patch//UPack//PE_Patch
已检测到: 木马程序 Trojan-PSW.Win32.Nilage.bty 文件: C:\Documents and Settings\hui\桌面\样本.rar/7.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ias 文件: C:\Documents and Settings\hui\桌面\样本.rar/6.exe//PE_Patch//UPack//PE_Patch
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibz 文件: C:\Documents and Settings\hui\桌面\样本.rar/5.exe//PE_Patch//UPack//PE_Patch
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibl 文件: C:\Documents and Settings\hui\桌面\样本.rar/4.exe//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibp 文件: C:\Documents and Settings\hui\桌面\样本.rar/3.exe//FSG
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibi 文件: C:\Documents and Settings\hui\桌面\样本.rar/2.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.hre 文件: C:\Documents and Settings\hui\桌面\样本.rar/15.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.Lmir.boy 文件: C:\Documents and Settings\hui\桌面\样本.rar/13.exe
已检测到: 木马程序 Trojan-PSW.Win32.Lmir.boy 文件: C:\Documents and Settings\hui\桌面\样本.rar/13.exe//ASPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ice 文件: C:\Documents and Settings\hui\桌面\样本.rar/11.exe//FSG
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.icd 文件: C:\Documents and Settings\hui\桌面\样本.rar/10.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.icd 文件: C:\Documents and Settings\hui\桌面\样本.rar/10.exe//PE_Patch//UPack//PE_Patch
已检测到: 木马程序 Trojan-PSW.Win32.Lmir.boy 文件: C:\Documents and Settings\hui\桌面\样本.rar/608769MM.DLL
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.hfr 文件: C:\Documents and Settings\hui\桌面\样本.rar/608769WL.DLL
已检测到: 风险软件 not-a-virus:NetTool.Win32.Agent.b 文件: C:\Documents and Settings\hui\桌面\样本.rar/Vml.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibz 文件: C:\Documents and Settings\hui\桌面\样本.rar/upxdnd.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.hyr 文件: C:\Documents and Settings\hui\桌面\样本.rar/SQLLink01.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ich 文件: C:\Documents and Settings\hui\桌面\样本.rar/NVDispDrv.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.icg 文件: C:\Documents and Settings\hui\桌面\样本.rar/MsPrint32D.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibf 文件: C:\Documents and Settings\hui\桌面\样本.rar/MSDEG32.DLL//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibg 文件: C:\Documents and Settings\hui\桌面\样本.rar/LYMANGR.DLL//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ibi 文件: C:\Documents and Settings\hui\桌面\样本.rar/LYLOADER.EXE//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ick 文件: C:\Documents and Settings\hui\桌面\样本.rar/lqwdpvbflqwbh.dll//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ice 文件: C:\Documents and Settings\hui\桌面\样本.rar/kpwdouyfkqvb.dll//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.hqq 文件: C:\Documents and Settings\hui\桌面\样本.rar/DbgHlp32.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.icd 文件: C:\Documents and Settings\hui\桌面\样本.rar/cmdbcs.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.iad 文件: C:\Documents and Settings\hui\桌面\样本.rar/AVPSrv.dll
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.iab 文件: C:\Documents and Settings\hui\桌面\样本.rar/afmsyflqva.dll//UPack
已检测到: 木马程序 Trojan-Downloader.Win32.Agent.blm 文件: C:\Documents and Settings\hui\桌面\样本.rar/pcihdd.sys
已检测到: 木马程序 Trojan-PSW.Win32.QQPass.alx 文件: C:\Documents and Settings\hui\桌面\样本.rar/NvSys_54.Sys

显示全部楼层 · 发表于 2007-11-18 16:52:52

一个样本可能会被检测到两次，删除的数量应该才是真正的样本数量。

显示全部楼层 · 发表于 2007-11-18 16:56:04

原帖由 浪滔天 于 2007-11-18 16:26 发表
估计用新的启发引擎还能多一点。

忘了说了,是瑞星杀12个剩后的

[病毒样本] 36个

本帖子中包含更多资源

回复 14楼 baba 的帖子

回复 18楼 etly 的帖子

浏览过的版块