45个

显示全部楼层 · 发表于 2007-11-23 20:04:23

全灭
Quick Scanning
C:\ABC\样本\00001.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00001.exe
C:\ABC\样本\00002.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00002.exe
C:\ABC\样本\00003.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00003.exe
C:\ABC\样本\00004.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00004.exe
C:\ABC\样本\00005.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00005.exe
C:\ABC\样本\00006.exe
C:\ABC\样本\00006.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\00006.exe\FILE:0000
>>> Virus 'Mal/Dropper-H' found in file C:\ABC\样本\00006.exe
C:\ABC\样本\00007.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00007.exe
C:\ABC\样本\00008.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00008.exe
C:\ABC\样本\00009.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00009.exe
C:\ABC\样本\0001.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\0001.exe
C:\ABC\样本\00010.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00010.exe
C:\ABC\样本\00011.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00011.exe
C:\ABC\样本\00012.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00012.exe
C:\ABC\样本\00013.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00013.exe
C:\ABC\样本\00014.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00014.exe
C:\ABC\样本\00015.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00015.exe
C:\ABC\样本\00016.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00016.exe
C:\ABC\样本\00017.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00017.exe
C:\ABC\样本\00018.exe
C:\ABC\样本\00018.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00018.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00018.exe
C:\ABC\样本\00019.exe
C:\ABC\样本\00019.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00019.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00019.exe
C:\ABC\样本\00020.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00020.exe
C:\ABC\样本\00022.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00022.exe
C:\ABC\样本\00026.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00026.exe
C:\ABC\样本\avwlemn.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\avwlemn.dll
C:\ABC\样本\avzxhmn.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\avzxhmn.dll
C:\ABC\样本\GenProtect.dll
>>> File "C:\ABC\样本\GenProtect.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\kapjezy.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\kapjezy.dll
C:\ABC\样本\kaqhjzy.dll
>>> Virus 'Mal/Behav-001' found in file C:\ABC\样本\kaqhjzy.dll
C:\ABC\样本\kawdfzy.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\kawdfzy.dll
C:\ABC\样本\kvdxjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvdxjma.dll
C:\ABC\样本\kvdxsjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvdxsjma.dll
C:\ABC\样本\kvmxima.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvmxima.dll
C:\ABC\样本\LotusHlp.dll
>>> File "C:\ABC\样本\LotusHlp.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\mhlm.exe
C:\ABC\样本\mhlm.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\mhlm.exe
C:\ABC\样本\mylm.exe
C:\ABC\样本\mylm.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\mylm.exe
C:\ABC\样本\rarjepi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\rarjepi.dll
C:\ABC\样本\ratbkpi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\ratbkpi.dll
C:\ABC\样本\rsztlpm.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\rsztlpm.dll
C:\ABC\样本\swjqbzc.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\swjqbzc.dll
C:\ABC\样本\swrceac.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\swrceac.exe
C:\ABC\样本\swrcezc.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\swrcezc.dll
C:\ABC\样本\wd.exe
C:\ABC\样本\wd.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\wd.exe
C:\ABC\样本\Wn_Sys8x.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\Wn_Sys8x.Sys
C:\ABC\样本\wsjrfzx.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\wsjrfzx.dll
C:\ABC\样本\wszjbzx.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\wszjbzx.dll
45 files swept in 15 seconds.
46 viruses were discovered.
2 suspicious files were discovered.
45 files out of 45 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.

显示全部楼层 · 发表于 2007-11-23 20:04:47

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00001.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15866  MD5:e8ab90d180084ee97b073e8c98265773

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00002.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:17369  MD5:820207cc0dee8410728e4f2db649fe64

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00003.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15077  MD5:d5b7c27152528ebb2236ae28c3913009

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00004.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:20980  MD5:2746592420c8cafcbd47fdfc257bf0cd

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00005.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:15155  MD5:4928cf57902e3810c631fc4215592270

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00006.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:33920  MD5:6265a5b2464c99d002dd23a692c4044a

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00007.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15525  MD5:51d4632e8bd70adc8020e56a41bea6df

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00008.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:14813  MD5:324032a34c6b5bbc52b184ddc19ab8ae

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00009.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:13004  MD5:eb2b43be77c87a8d47c3b00ccecf2377

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\0001.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14706  MD5:abda325ccdfd792df53c764a1ba1eb32

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00010.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15610  MD5:d9f239db32a61e532613aba90e7d6f62

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00011.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16939  MD5:6e400aed4cdece55e766be17b17d8282

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00012.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:15909  MD5:f38834858ae99fdf45557192b1a147de

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00013.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:15909  MD5:d8f2bf69ea9d03918be83f6dd722c5a9

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00014.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14946  MD5:2209494b1ee5b64431618584e0de9101

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00015.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15020  MD5:77ff8289b4b03439ff0b3fb488c1a505

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00016.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15178  MD5:b3bb0f7720a06719dee7825e2b114cca

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00017.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15701  MD5:d3a9625595838a07ea1662863efb4e08

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00018.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:16900  MD5:ff86b726373abfdb88e20d1d046201f1

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00019.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16436  MD5:08a28f9d4fdbed5c5c4b8d18e2a86158

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00020.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15972  MD5:d018edc0346ae4d818376a3fe0f471f2

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00022.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15939  MD5:d3bf3c96dd5810191fe7a0ae8afb36c6

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\00026.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15143  MD5:8fb8bc6658bccb3aa855fe80e5f7337c

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\avwlemn.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:23884  MD5:119c21255d91041d2eec99db9e9f6c0b

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\avzxhmn.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24908  MD5:4262e6b1b291b7d38e83caae7b473336

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\kapjezy.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24420  MD5:61a5db411cffeff8e5d2a837ef100818

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\kaqhjzy.dll]
                  …………发现Spy！报告: [4]
文件信息:  大小:2117454  MD5:59e9a02ec940b0543de8e9a7557d3403

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\kawdfzy.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:23916  MD5:be4ebf42d2ebee1c93e840eedc170c03

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\kvdxjma.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:24396  MD5:0fd594c5ce2d220da7137e7b19a52a1d

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\kvdxsjma.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:23916  MD5:6e03474a364cbdf0f63202624b20cd26

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\kvmxima.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24912  MD5:2ed08a3036d225de2e294fee5eb7aa3a

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\LotusHlp.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:23552  MD5:7e5d19cc4c7b04d5fdf98ef0c4b52a7f

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\mhlm.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:12871  MD5:00768264170e3ee06a7abe99cfcd47f7

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\mylm.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:13207  MD5:cd3757ac71451a2657c37d7c56ccd6f1

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\rarjepi.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:24396  MD5:2d35d4209db6df9461ae24323eb412d9

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\ratbkpi.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:22860  MD5:0098feb5f0ae4b63f9cb0232b8fcd340

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\rsztlpm.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24396  MD5:2dd87b906177837fb54b0e900c35f250

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\swjqbzc.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24908  MD5:c285058303e13e75e723559ba63e45e2

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\swrceac.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15015  MD5:557070bd41cff8eff9c6caa6abd58688

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\swrcezc.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:23894  MD5:f05f7435c2c92cebfa888f46e88f92c4

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\wd.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:12022  MD5:59860f6e63604805e884c21fdc432203

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\Wn_Sys8x.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:48768  MD5:cd66155a7aebf77bd9963a9e488598c3

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\wsjrfzx.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:22378  MD5:42375df5511b09a581a705d2588be133

[C:\Documents and Settings\Administrator\桌面\Virus\样本\样本\wszjbzx.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:21850  MD5:62ec12da5e3aaffbbd136b245f95e6f4

文件数:45 病毒数:44  比重:0.9777777777778
OK  扫描完毕！

  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-11-23 20:06 编辑 ]

显示全部楼层 · 发表于 2007-11-23 20:05:01

C:\ABC\样本.rar:\样本\00001.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00002.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\样本\00003.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00004.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\00005.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\样本\00006.exe - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\样本.rar:\样本\00007.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\00008.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00009.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\0001.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00010.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\00011.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00012.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00013.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00014.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00015.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00016.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00017.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\00018.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\00019.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.ihg' 被发现
C:\ABC\样本.rar:\样本\00020.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00022.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00026.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\avwlemn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avzxhmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\GenProtect.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\样本.rar:\样本\kapjezy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kaqhjzy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kawdfzy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kvdxjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kvdxsjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kvmxima.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\LotusHlp.dll - 特征码 'Virus.Win32.OnLineGames.BHW' 被发现
C:\ABC\样本.rar:\样本\mhlm.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\mylm.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\rarjepi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\ratbkpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\rsztlpm.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\swjqbzc.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\swrceac.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\swrcezc.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\wd.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\Wn_Sys8x.Sys - 特征码 'Trojan-Proxy.Win32.Delf.AN' 被发现
C:\ABC\样本.rar:\样本\wsjrfzx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\wszjbzx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar

46 文件被扫描
(1 压缩档 45 文件)
45 特征码被侦测
0 可疑代码段被发现
耗时: 0:00.500

显示全部楼层 · 发表于 2007-11-23 20:06:42

Starting the file scan:

Begin scan in 'E:\样本.rar'
E:\样本.rar
  [0] Archive type: RAR
  --> Ñù±¾\00001.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ijj
  --> Ñù±¾\00002.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00003.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00004.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.acd
  --> Ñù±¾\00005.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00006.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\00007.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iec
  --> Ñù±¾\00008.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00009.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> Ñù±¾\0001.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00010.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.idh
  --> Ñù±¾\00011.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00012.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iih
  --> Ñù±¾\00013.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iih
  --> Ñù±¾\00014.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00015.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00016.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00017.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iiz
  --> Ñù±¾\00018.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> Ñù±¾\00019.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> Ñù±¾\00020.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00022.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.24908
  --> Ñù±¾\00026.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\avwlemn.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\avzxhmn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iih
  --> Ñù±¾\GenProtect.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iha.3
  --> Ñù±¾\kapjezy.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\kawdfzy.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\kvdxjma.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.idh
  --> Ñù±¾\kvdxsjma.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\kvmxima.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ijj
  --> Ñù±¾\LotusHlp.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\mhlm.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\mylm.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\rarjepi.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iec
  --> Ñù±¾\ratbkpi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\rsztlpm.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\swjqbzc.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.24908
  --> Ñù±¾\swrceac.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\swrcezc.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\wd.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\Wn_Sys8x.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\wsjrfzx.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iiz
  --> Ñù±¾\wszjbzx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was deleted!

End of the scan: 2007年11月23日  20:06
Used time: 00:44 min

The scan has been done completely.

   0 Scanning directories
   46 Files were scanned
   33 viruses and/or unwanted programs were found
   11 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   13 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-11-23 20:08:47

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.XYOnline.tn
病毒： Trojan.PSW.Win32.GameOnline.akk
病毒： Trojan.PSW.Win32.WoWar.afo
病毒： Worm.Win32.PaBug.eb
病毒： Trojan.PSW.Win32.XYOnline.td
病毒： Trojan.PSW.Win32.QQHX.tsd
病毒： Trojan.PSW.Win32.XYOnline.sz
病毒： Trojan.PSW.Win32.GameOnline.aly
病毒： Trojan.PSW.Win32.GameOnline.amb
病毒： Trojan.PSW.Win32.QQSG.ah
病毒： Trojan.PSW.Win32.DJOnline.aw
病毒： Trojan.PSW.Win32.XYOnline.ti
病毒： Trojan.PSW.Win32.GameOnline.amy
病毒： Trojan.PSW.Win32.GameOnline.alw
病毒： Trojan.PSW.Win32.GameOnline.akk
病毒： Trojan.PSW.Win32.QQHX.tsd
病毒： Trojan.PSW.Win32.XYOnline.sz
病毒： Trojan.PSW.Win32.XYOnline.tn
病毒： Trojan.PSW.Win32.XYOnline.ta
病毒： Trojan.PSW.Win32.RocOnline.hz
病毒： Trojan.PSW.Win32.XYOnline.th
病毒： Trojan.PSW.Win32.AskTao.er
病毒： Worm.Win32.PaBug.eb
病毒： Trojan.PSW.Win32.GameOnline.amd

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.19.41

显示全部楼层 · 发表于 2007-11-23 20:26:48

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ijj 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00001.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iha 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00002.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ini 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00003.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iit 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00004.exe//PE_Patch//UPack
已隔離: 病毒 Heur.Invader (修改) 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00005.exe//UPack
已刪除: 病毒 Virus.Win32.AutoRun.aen 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00006.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ifs 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00007.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiv 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00008.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.imu 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00009.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\0001.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.idh 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00010.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iih 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00012.exe//UPack//#
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iih 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00013.exe//UPack//#
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00014.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00015.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiz 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00017.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiy 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00018.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ihg 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00019.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ing 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00020.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ijy 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\00022.exe//UPack//#
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ing 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\avwlemn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iih 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\avzxhmn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iha 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\GenProtect.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiv 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\kaqhjzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inb 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\kawdfzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.idh 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\kvdxjma.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ini 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\kvdxsjma.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ijj 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\kvmxima.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.Small.ug 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\mhlm.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ikf 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\mylm.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iec 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\rarjepi.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\ratbkpi.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ijy 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\swjqbzc.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Nilage.bup 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\wd.exe//UPack
已刪除: 病毒 Virus.Win32.AutoRun.aen 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\Wn_Sys8x.Sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiz 檔案: C:\Documents and Settings\kato9096\桌面\160852.rar/欴掛\wsjrfzx.dll

9个未报,一个变种,已上报十个

显示全部楼层 · 发表于 2007-11-23 21:06:07

卡巴 7.0.1.282 BETA 高启发
40个

已隔离: 病毒 Heur.Trojan.Generic （变种）文件: F:\病毒样本\样本.rar/样本\00011.exe//UPack
已隔离: 病毒 Heur.Trojan.Generic （变种）文件: F:\病毒样本\样本.rar/样本\00016.exe//UPack
已隔离: 病毒 Heur.Trojan.Generic （变种）文件: F:\病毒样本\样本.rar/样本\00026.exe//UPack
已隔离: 病毒 Heur.Trojan.Generic （变种）文件: F:\病毒样本\样本.rar/样本\swrceac.exe//UPack
已删除: 病毒 Heur.Trojan.Generic 文件: F:\病毒样本\样本.rar/样本\00005.exe//UPack
已删除: 病毒 Heur.Trojan.PSW 文件: F:\病毒样本\样本.rar/样本\00009.exe
已删除: 病毒 Virus.Win32.AutoRun.aen 文件: F:\病毒样本\样本.rar/样本\00006.exe//UPX
已删除: 病毒 Virus.Win32.AutoRun.aen 文件: F:\病毒样本\样本.rar/样本\Wn_Sys8x.Sys
已删除: 木马程序 Trojan-PSW.Win32.Nilage.bup 文件: F:\病毒样本\样本.rar/样本\wd.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.idh 文件: F:\病毒样本\样本.rar/样本\00010.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.idh 文件: F:\病毒样本\样本.rar/样本\kvdxjma.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iec 文件: F:\病毒样本\样本.rar/样本\rarjepi.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ifs 文件: F:\病毒样本\样本.rar/样本\00007.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iha 文件: F:\病毒样本\样本.rar/样本\00002.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iha 文件: F:\病毒样本\样本.rar/样本\GenProtect.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ihg 文件: F:\病毒样本\样本.rar/样本\00019.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iih 文件: F:\病毒样本\样本.rar/样本\avzxhmn.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iis 文件: F:\病毒样本\样本.rar/样本\00012.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iis 文件: F:\病毒样本\样本.rar/样本\00013.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iit 文件: F:\病毒样本\样本.rar/样本\00004.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiv 文件: F:\病毒样本\样本.rar/样本\00008.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiv 文件: F:\病毒样本\样本.rar/样本\kaqhjzy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiy 文件: F:\病毒样本\样本.rar/样本\00018.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiz 文件: F:\病毒样本\样本.rar/样本\00017.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiz 文件: F:\病毒样本\样本.rar/样本\wsjrfzx.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ijj 文件: F:\病毒样本\样本.rar/样本\00001.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ijj 文件: F:\病毒样本\样本.rar/样本\kvmxima.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ijy 文件: F:\病毒样本\样本.rar/样本\00022.exe//UPack//#
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ijy 文件: F:\病毒样本\样本.rar/样本\swjqbzc.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ikf 文件: F:\病毒样本\样本.rar/样本\mylm.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inb 文件: F:\病毒样本\样本.rar/样本\kawdfzy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ing 文件: F:\病毒样本\样本.rar/样本\00020.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ing 文件: F:\病毒样本\样本.rar/样本\avwlemn.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ini 文件: F:\病毒样本\样本.rar/样本\00003.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ini 文件: F:\病毒样本\样本.rar/样本\kvdxsjma.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\0001.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\00014.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\00015.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\ratbkpi.dll
已删除: 木马程序 Trojan.Win32.Small.ug 文件: F:\病毒样本\样本.rar/样本\mhlm.exe//UPack

显示全部楼层 · 发表于 2007-11-23 23:06:58

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 977
Paranoia Database - 48989
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\1

C:\Documents and Settings\Uhthn\Desktop\1\00001.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00002.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00003.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00004.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\1\00005.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00006.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\00007.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00008.exe - Infected TROJAN-PSW.ONLINEGAMES.151 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\00009.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\1\0001.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00010.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00011.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00012.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00013.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00014.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00015.exe - Infected TROJAN-PSW.ONLINEGAMES.83 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\00016.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00017.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00018.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\1\00019.exe - Suspected MaliciousScope:GENERIC.MALWARE.4
C:\Documents and Settings\Uhthn\Desktop\1\00020.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00022.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\00026.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\avwlemn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\avzxhmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\GenProtect.dll - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kapjezy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kaqhjzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kawdfzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kvdxjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kvdxsjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kvmxima.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\LotusHlp.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\mhlm.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\mylm.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\rarjepi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\ratbkpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\rsztlpm.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\swjqbzc.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\swrceac.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\swrcezc.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\wd.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\Wn_Sys8x.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\wsjrfzx.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\wszjbzx.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted

45 Files scanned
21 Infected files found
24 Suspected files found
0 Files disinfected
21 Files deleted

显示全部楼层 · 发表于 2007-11-23 23:16:03

Hello,

00005.exe_, LotusHlp.dll - Trojan-PSW.Win32.OnLineGames.iob

These files are already detected. Please update your antivirus bases.

00011.exe_ - Trojan-PSW.Win32.OnLineGames.iod,
00016.exe_ - Trojan-PSW.Win32.OnLineGames.ioe,
00026.exe_ - Trojan-PSW.Win32.OnLineGames.iof,
kapjezy.dll - Trojan-PSW.Win32.OnLineGames.iog,
rsztlpm.dll - Trojan-PSW.Win32.OnLineGames.ioh,
swrceac.exe_ - Trojan-PSW.Win32.OnLineGames.ioi,
swrcezc.dll - Trojan-PSW.Win32.OnLineGames.ioj,
wszjbzx.dll - Trojan-PSW.Win32.OnLineGames.iok

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vladimir Krylov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

显示全部楼层 · 发表于 2007-11-23 23:25:53

E:\Download\样本_2.rar » RAR » 样本\00001.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00002.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_2.rar » RAR » 样本\00003.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00004.exe - Win32/PSW.OnLineGames.NGU trojan
E:\Download\样本_2.rar » RAR » 样本\00005.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_2.rar » RAR » 样本\00006.exe - probably a variant of Win32/AutoRun.Q worm
E:\Download\样本_2.rar » RAR » 样本\00007.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00008.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00009.exe - Win32/PSW.OnLineGames.IMU trojan
E:\Download\样本_2.rar » RAR » 样本\0001.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00010.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00011.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00012.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00013.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00014.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00015.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00016.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00017.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00018.exe - probably a variant of Win32/PSW.OnLineGames.NGU trojan
E:\Download\样本_2.rar » RAR » 样本\00019.exe - probably a variant of Win32/PSW.OnLineGames.NGU trojan
E:\Download\样本_2.rar » RAR » 样本\00020.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00022.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\00026.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\avwlemn.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\avzxhmn.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\GenProtect.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_2.rar » RAR » 样本\kapjezy.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\kaqhjzy.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\kawdfzy.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\kvdxjma.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\kvdxsjma.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\kvmxima.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\LotusHlp.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_2.rar » RAR » 样本\rarjepi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\ratbkpi.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\rsztlpm.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\swjqbzc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\swrceac.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\swrcezc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm
E:\Download\样本_2.rar » RAR » 样本\wsjrfzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_2.rar » RAR » 样本\wszjbzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan

[病毒样本] 45个

本帖子中包含更多资源

44

73/25

42

浏览过的版块