57个

显示全部楼层 · 发表于 2007-11-23 20:35:13

继续全灭

C:\ABC\样本\01.exe
C:\ABC\样本\01.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\01.exe\FILE:0000
>>> Virus 'Mal/Dropper-H' found in file C:\ABC\样本\01.exe
C:\ABC\样本\02.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\02.exe
C:\ABC\样本\04.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\04.exe
C:\ABC\样本\05.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\05.exe
C:\ABC\样本\06.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\06.exe
C:\ABC\样本\07.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\07.exe
C:\ABC\样本\09.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\09.exe
C:\ABC\样本\10.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\10.exe
C:\ABC\样本\11.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\11.exe
C:\ABC\样本\12.exe
C:\ABC\样本\12.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\12.exe\FILE:0000
>>> File "C:\ABC\样本\12.exe" has been identified as suspicious 'Sus/Dropper-R'.
C:\ABC\样本\120.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\120.exe
C:\ABC\样本\13.exe
C:\ABC\样本\13.exe\FILE:0000
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\样本\13.exe\FILE:0000
C:\ABC\样本\13.exe\FILE:0000
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\样本\13.exe\FILE:0000
>>> Virus 'Mal/Behav-031' found in file C:\ABC\样本\13.exe
C:\ABC\样本\14.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\14.exe
C:\ABC\样本\15.exe
>>> Virus 'Mal/Behav-156' found in file C:\ABC\样本\15.exe
C:\ABC\样本\16.exe
C:\ABC\样本\16.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\16.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\16.exe
C:\ABC\样本\17.exe
C:\ABC\样本\17.exe\FILE:0000
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本\17.exe\FILE:0000
>>> File "C:\ABC\样本\17.exe" has been identified as suspicious 'Sus/Dropper-R'.
C:\ABC\样本\18.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\18.exe
C:\ABC\样本\19.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\19.exe
C:\ABC\样本\2.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\2.exe
C:\ABC\样本\20.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\20.exe
C:\ABC\样本\21.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\21.exe
C:\ABC\样本\210.exe
C:\ABC\样本\210.exe\FILE:0000
C:\ABC\样本\210.exe\FILE:0000\FILE:0000
C:\ABC\样本\210.exe\FILE:0000\FILE:0001
C:\ABC\样本\210.exe\FILE:0000\FILE:0002
C:\ABC\样本\210.exe\FILE:0000\FILE:0003
C:\ABC\样本\210.exe\FILE:0000\FILE:0004
C:\ABC\样本\210.exe\FILE:0000\FILE:0005
C:\ABC\样本\210.exe\FILE:0000\FILE:0006
C:\ABC\样本\210.exe\FILE:0000\FILE:0007
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\210.exe\FILE:0000
C:\ABC\样本\210.exe\FILE:0001
>>> Virus 'Mal/EncPk-AP' found in file C:\ABC\样本\210.exe\FILE:0001
>>> File "C:\ABC\样本\210.exe" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\22.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\22.exe
C:\ABC\样本\3.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\3.exe
C:\ABC\样本\4.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\4.exe
C:\ABC\样本\5.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\5.exe
C:\ABC\样本\6.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\6.exe
C:\ABC\样本\608769MM.DLL
>>> Virus 'Mal/Heuri-E' found in file C:\ABC\样本\608769MM.DLL
>>> Virus 'Mal/Behav-010' found in file C:\ABC\样本\608769MM.DLL
C:\ABC\样本\608769WL.DLL
>>> File "C:\ABC\样本\608769WL.DLL" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\7.exe
>>> Virus 'Mal/Behav-156' found in file C:\ABC\样本\7.exe
C:\ABC\样本\8.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\8.exe
C:\ABC\样本\addrcqhelp.dll
>>> Virus 'Mal/Behav-024' found in file C:\ABC\样本\addrcqhelp.dll
C:\ABC\样本\afmrdjpva.dll
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本\afmrdjpva.dll
C:\ABC\样本\AVPSrv.dll
>>> File "C:\ABC\样本\AVPSrv.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\avzxhmn.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\avzxhmn.dll
C:\ABC\样本\cmdbcs.dll
>>> Virus 'Mal/WOWPWS-A' found in file C:\ABC\样本\cmdbcs.dll
C:\ABC\样本\DbgHlp32.dll
>>> File "C:\ABC\样本\DbgHlp32.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\GenProtect.dll
>>> File "C:\ABC\样本\GenProtect.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\glrxjpuaflrw.dll
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本\glrxjpuaflrw.dll
>>> Virus 'Mal/Emogen-E' found in file C:\ABC\样本\glrxjpuaflrw.dll
C:\ABC\样本\kaqhjzy.dll
>>> Virus 'Mal/Behav-001' found in file C:\ABC\样本\kaqhjzy.dll
C:\ABC\样本\kqwdouaekpvag.dll
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本\kqwdouaekpvag.dll
C:\ABC\样本\kvdxjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvdxjma.dll
C:\ABC\样本\kvdxsjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvdxsjma.dll
C:\ABC\样本\kvmxima.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvmxima.dll
C:\ABC\样本\LotusHlp.dll
>>> File "C:\ABC\样本\LotusHlp.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\msccrt.dll
>>> File "C:\ABC\样本\msccrt.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\MsIMMs32.dll
>>> Virus 'Mal/WOWPWS-A' found in file C:\ABC\样本\MsIMMs32.dll
C:\ABC\样本\MsPrint32D.dll
>>> File "C:\ABC\样本\MsPrint32D.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\NVDispDrv.dll
>>> File "C:\ABC\样本\NVDispDrv.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\NvSys_55.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\NvSys_55.Sys
C:\ABC\样本\ratbkpi.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\ratbkpi.dll
C:\ABC\样本\ratbktl.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\ratbktl.exe
C:\ABC\样本\sidjdzy.dll
>>> Virus 'Mal/Emogen-I' found in file C:\ABC\样本\sidjdzy.dll
C:\ABC\样本\upxdnd.dll
>>> File "C:\ABC\样本\upxdnd.dll" has been identified as suspicious 'Sus/Zhengtu-A'.
C:\ABC\样本\WinForm.dll
>>> File "C:\ABC\样本\WinForm.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\Wn_Sys8x.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\Wn_Sys8x.Sys
C:\ABC\样本\ydkqxdinsx.dll
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本\ydkqxdinsx.dll

显示全部楼层 · 发表于 2007-11-23 20:40:32

Starting the file scan:

Begin scan in 'E:\样本.rar'
E:\样本.rar
  [0] Archive type: RAR
  --> Ñù±¾\01.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ida
  --> Ñù±¾\02.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\04.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\05.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ijw
  --> Ñù±¾\06.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\07.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\09.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ide
  --> Ñù±¾\10.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\11.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.igx
  --> Ñù±¾\12.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\120.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\13.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> Ñù±¾\14.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.acd
  --> Ñù±¾\15.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\16.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> Ñù±¾\17.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.afh
  --> Ñù±¾\18.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> Ñù±¾\19.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\2.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\20.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\21.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\210.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.2
  --> Ñù±¾\22.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hzt.8
  --> Ñù±¾\3.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\4.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\5.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> Ñù±¾\608769WL.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Ich.1
  --> Ñù±¾\addrcqhelp.dll
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> Ñù±¾\afmrdjpva.dll
   [DETECTION] Is the Trojan horse TR/PSW.Wow.afh
  --> Ñù±¾\AVPSrv.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\avzxhmn.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\cmdbcs.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\DbgHlp32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\GenProtect.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\glrxjpuaflrw.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.igx
  --> Ñù±¾\kaqhjzy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iiv.7
  --> Ñù±¾\kqwdouaekpvag.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> Ñù±¾\kvdxjma.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ijw
  --> Ñù±¾\kvdxsjma.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\kvmxima.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\LotusHlp.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hzt.8
  --> Ñù±¾\msccrt.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\MsIMMs32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\MsPrint32D.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\NVDispDrv.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Ich.1
  --> Ñù±¾\NvSys_55.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\ratbkpi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\ratbktl.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\sidjdzy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ide
  --> Ñù±¾\upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\WinForm.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Ñù±¾\Wn_Sys8x.Sys
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ida
  --> Ñù±¾\ydkqxdinsx.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was deleted!

End of the scan: 2007年11月23日  20:40
Used time: 00:44 min

The scan has been done completely.

   0 Scanning directories
   58 Files were scanned
   46 viruses and/or unwanted programs were found
   11 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   12 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-11-23 20:41:15

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Worm.Win32.PaBug.dv
病毒： Trojan.PSW.Win32.XYOnline.tp
病毒： Trojan.PSW.Win32.QQHX.tsd
病毒： Trojan.PSW.Win32.NSword.cm
病毒： Trojan.PSW.Win32.GameOnline.ail
病毒： Trojan.PSW.Win32.SunOnline.ha
病毒： Trojan.PSW.Win32.LMir.yys
病毒： Trojan.PSW.Win32.WoWar.afp
病毒： Trojan.PSW.Win32.GameOnline.amc
病毒： Trojan.PSW.Win32.RocOnline.id
病毒： Trojan.PSW.Win32.GameOnline.ajy
病毒： Trojan.PSW.Win32.QQSG.ai
病毒： Trojan.PSW.Win32.GameOnline.amn
病毒： Backdoor.Win32.Agent.cpt
病毒： Trojan.PSW.Win32.GameOnline.ahg
病毒： Trojan.PSW.Win32.GameOnline.akk
病毒： Trojan.PSW.Win32.GameOnline.alj
病毒： Trojan.PSW.Win32.LMir.yys
病毒： Trojan.PSW.Win32.Woool.c
病毒： Trojan.PSW.Win32.GameOnline.alv
病毒： Trojan.PSW.Win32.GameOnline.ajd
病毒： Trojan.PSW.Win32.GameOnline.ajy
病毒： Trojan.PSW.Win32.GameOnline.amn
病毒： Trojan.PSW.Win32.GameOnline.ail
病毒： Trojan.PSW.Win32.GameOnline.amc
病毒： Trojan.PSW.Win32.GameOnline.akk
病毒： Trojan.PSW.Win32.SunOnline.ha
病毒： Trojan.PSW.Win32.QQHX.tsd
病毒： Trojan.PSW.Win32.XYOnline.tp
病毒： Trojan.PSW.Win32.GameOnline.ahg
病毒： Trojan.PSW.Win32.GameOnline.alv
病毒： Trojan.PSW.Win32.QQSG.ai
病毒： Trojan.PSW.Win32.GameOnline.ajd
病毒： Trojan.PSW.Win32.NSword.cm
病毒： Trojan.PSW.Win32.GameOnline.alj
病毒： Worm.Win32.PaBug.dv

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.19.42

显示全部楼层 · 发表于 2007-11-23 20:52:36

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\01.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:33413  MD5:9b092a1fb77cab727bdda943f3e075da

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\02.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15900  MD5:eff7a299dc6da7e26fa7c0eb9d053b73

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\04.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15097  MD5:4587c45e7c9db77d309ce2716e10bba4

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\05.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15328  MD5:982f2a536ccfb0e67c9e58edc6b4ff47

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\06.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15954  MD5:313e502b2f39ae24763d6a666ddc65d1

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\07.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:14835  MD5:cec62fd4bb7004c3d1a5c7dc9a5c4f91

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\09.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14485  MD5:ce9fcf7fd8a05dc2298d4a11c602edb1

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\10.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:16600  MD5:2269a6979910f68c7be282b606c6de2e

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\11.exe]
                  …………发现Spy！报告:[2] [1] Win32.NkHack.FSG.A[5] 下载者
文件信息:  大小:30477  MD5:b68e1154e31958320c0f1f1d328985e1

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\120.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14702  MD5:7d01cdf7c990fedcf1f7276ffcad2404

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\13.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:41265  MD5:92f6fff9cc5773b17f71c758de9c6c08

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\14.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:22056  MD5:d97aa76174e184c31f31bf76c673ec3f

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\15.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:16108  MD5:5fce69ec5f56ce50d0d73d9aaa26fa96

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\16.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:17876  MD5:8f26e2e10afd13e7361342b787147b12

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\17.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:32256  MD5:e3eb4aa19f2b671f92ff933ca02ebe93

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\18.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:14220  MD5:d38d14525d345aacc4dcc0c6c38fab5f

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\19.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:14664  MD5:aa42ac0b3fcca360de349b5cfafce785

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\2.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:16132  MD5:1fef469abae1e189b00a89b574bb88a5

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\20.exe]
                  …………发现Spy！报告:[2] [1] Win32.NkHack.FSG.A
文件信息:  大小:29613  MD5:323b7540def71d5c9d5911dbd65b95d6

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\21.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:16208  MD5:4105de3672a9d13aa5a1bd03c5869530

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\210.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:216576  MD5:26617087fe792994ee2e08a12603859d

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\22.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing[5] 下载者
文件信息:  大小:13463  MD5:b0060b2161f8de25479e5c353a240283

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\3.exe]
                  …………发现Spy！报告:[2] [1] Win32.NkHack.FSG.A
文件信息:  大小:33653  MD5:431de106706c580dec5103297223e30c

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\4.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:17360  MD5:9b2268c82051d4de1a6c279485b21b6c

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\5.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:15128  MD5:4e5356b415d972d6cba6449c14904a6d

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\6.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:16332  MD5:c981199013750d0a22470fb7bb018046

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\608769MM.DLL]
                  …………发现Spy！报告: [4]
文件信息:  大小:44849  MD5:b4a9139993c8195d6570b9a52233e3e7

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\7.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:16004  MD5:82d3e8f91ba056f1139debafaad1b8f6

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\8.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:13136  MD5:4847d36227560da6f57f02ee548b33d4

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\addrcqhelp.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:11054  MD5:fe53a7b538a1d1243f715f6f3db7b34b

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\afmrdjpva.dll]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:20081  MD5:ec36b218ef172fb7d41107b90102b577

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\AVPSrv.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:26112  MD5:752c1a98fad822998b0436a58dfa1581

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\avzxhmn.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:24906  MD5:0ea481e074b112278d738ce7b1286c7e

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\cmdbcs.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:26112  MD5:ed98d370317175feffb5ba53510843ac

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\DbgHlp32.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:25088  MD5:0358807c452c9c5a9c103123b2561118

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\glrxjpuaflrw.dll]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:19241  MD5:a76d81349587d29572aca3fab390dcbf

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\kaqhjzy.dll]
                  …………发现Spy！报告: [4]
文件信息:  大小:2117476  MD5:fca95fb53d15e72602da58c231cfd9c6

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\kqwdouaekpvag.dll]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:18492  MD5:d2c964735a0f4d4881d7f3f214b7adbd

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\kvdxjma.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24400  MD5:22a182200fa61cd8d590863e89df55ab

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\kvdxsjma.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:23936  MD5:bacf49db5d6b1a59820bbe25fb1ea232

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\kvmxima.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:24918  MD5:a7c1c85cd337d6367fbcb38bbe1bf4f6

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\LotusHlp.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:20480  MD5:95a9a24a6ab3678011418bbe07198073

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\msccrt.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:26112  MD5:6ba7cb9de9ca8958a4320b16155fc943

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\MsIMMs32.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:25088  MD5:1dd5d2068a1bf6426996d857f2007075

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\MsPrint32D.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:23040  MD5:ee09e144fdf6efc1f11211a1e18d8032

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\NVDispDrv.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:18944  MD5:42394bf092c9bc75730eee794823f8ec

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\NvSys_55.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:44662  MD5:d6a478ad9c5a08be9027b15da8527571

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\ratbkpi.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:22900  MD5:1b46a8e6606805229e461dd9e74f1137

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\ratbktl.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14702  MD5:7d01cdf7c990fedcf1f7276ffcad2404

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\sidjdzy.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:22876  MD5:541c980cc7ccbe7d268101483d9535e6

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\upxdnd.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:24064  MD5:c074e004ac309b616a4250402aede5ab

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\WinForm.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:25088  MD5:b8556af8a1010ea4fdb00b29fe965821

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\Wn_Sys8x.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:48261  MD5:5b32f88f7196eaa28b1347e21ceeb903

[C:\Documents and Settings\Administrator\桌面\Virus\56\样本\ydkqxdinsx.dll]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:21857  MD5:a92c049bee6a2d5552127e27d57edcf2

文件数:57 病毒数:54  比重:0.9473684210526
OK  扫描完毕！
  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-11-23 20:55 编辑 ]

显示全部楼层 · 发表于 2007-11-23 21:02:24

卡巴 7.0.1.282 BETA
52个

已隔离: 病毒 Heur.Downloader （变种）文件: F:\病毒样本\样本.rar/样本\addrcqhelp.dll//UPack
已隔离: 病毒 Heur.Trojan.Generic （变种）文件: F:\病毒样本\样本.rar/样本\02.exe//UPack
已隔离: 病毒 Heur.Trojan.Generic （变种）文件: F:\病毒样本\样本.rar/样本\06.exe//UPack
已删除: 木马程序 Backdoor.Win32.Agent.cpt 文件: F:\病毒样本\样本.rar/样本\210.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.Lmir.boy 文件: F:\病毒样本\样本.rar/样本\13.exe//ASPack
已删除: 木马程序 Trojan-PSW.Win32.Lmir.boy 文件: F:\病毒样本\样本.rar/样本\608769MM.DLL
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hzt 文件: F:\病毒样本\样本.rar/样本\22.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.hzt 文件: F:\病毒样本\样本.rar/样本\LotusHlp.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iay 文件: F:\病毒样本\样本.rar/样本\608769WL.DLL
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.icd 文件: F:\病毒样本\样本.rar/样本\10.exe//PE_Patch//UPack//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.icd 文件: F:\病毒样本\样本.rar/样本\cmdbcs.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ich 文件: F:\病毒样本\样本.rar/样本\8.exe//PE_Patch//UPack//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ich 文件: F:\病毒样本\样本.rar/样本\NVDispDrv.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ida 文件: F:\病毒样本\样本.rar/样本\01.exe//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ida 文件: F:\病毒样本\样本.rar/样本\Wn_Sys8x.Sys
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ide 文件: F:\病毒样本\样本.rar/样本\09.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ide 文件: F:\病毒样本\样本.rar/样本\sidjdzy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.igx 文件: F:\病毒样本\样本.rar/样本\glrxjpuaflrw.dll//UPack//PE_Patch.MaskPE
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.igy 文件: F:\病毒样本\样本.rar/样本\11.exe//FSG
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iha 文件: F:\病毒样本\样本.rar/样本\4.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iha 文件: F:\病毒样本\样本.rar/样本\GenProtect.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ihs 文件: F:\病毒样本\样本.rar/样本\16.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ihu 文件: F:\病毒样本\样本.rar/样本\14.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ihy 文件: F:\病毒样本\样本.rar/样本\5.exe//PE_Patch//UPack//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ihz 文件: F:\病毒样本\样本.rar/样本\7.exe//PE_Patch//UPack//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iii 文件: F:\病毒样本\样本.rar/样本\upxdnd.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iij 文件: F:\病毒样本\样本.rar/样本\MsIMMs32.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiv 文件: F:\病毒样本\样本.rar/样本\07.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.iiv 文件: F:\病毒样本\样本.rar/样本\kaqhjzy.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ijw 文件: F:\病毒样本\样本.rar/样本\kvdxjma.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ikh 文件: F:\病毒样本\样本.rar/样本\15.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ikh 文件: F:\病毒样本\样本.rar/样本\DbgHlp32.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ikj 文件: F:\病毒样本\样本.rar/样本\05.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.imv 文件: F:\病毒样本\样本.rar/样本\19.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.imv 文件: F:\病毒样本\样本.rar/样本\MsPrint32D.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.imw 文件: F:\病毒样本\样本.rar/样本\6.exe//PE_Patch//UPack//PE_Patch
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.imw 文件: F:\病毒样本\样本.rar/样本\AVPSrv.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ini 文件: F:\病毒样本\样本.rar/样本\04.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ini 文件: F:\病毒样本\样本.rar/样本\kvdxsjma.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inl 文件: F:\病毒样本\样本.rar/样本\2.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inl 文件: F:\病毒样本\样本.rar/样本\WinForm.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inm 文件: F:\病毒样本\样本.rar/样本\21.exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inm 文件: F:\病毒样本\样本.rar/样本\msccrt.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inn 文件: F:\病毒样本\样本.rar/样本\3.exe//FSG
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inn 文件: F:\病毒样本\样本.rar/样本\ydkqxdinsx.dll//UPack//PE_Patch.MaskPE
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\120.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\ratbkpi.dll
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.inp 文件: F:\病毒样本\样本.rar/样本\ratbktl.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.QQPass.amm 文件: F:\病毒样本\样本.rar/样本\12.exe//UPX
已删除: 木马程序 Trojan-PSW.Win32.QQPass.amm 文件: F:\病毒样本\样本.rar/样本\NvSys_55.Sys
已删除: 木马程序 Trojan-PSW.Win32.WOW.afh 文件: F:\病毒样本\样本.rar/样本\17.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.WOW.afh 文件: F:\病毒样本\样本.rar/样本\afmrdjpva.dll//UPack//PE_Patch.MaskPE

显示全部楼层 · 发表于 2007-11-23 21:16:33

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ida 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\01.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ini 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\04.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ikj 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\05.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiv 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\07.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ide 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\09.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.icd 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\10.exe//PE_Patch//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.igy 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\11.exe//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.amm 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\12.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\120.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Lmir.boy 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\13.exe//ASPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ihu 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\14.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ikh 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\15.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ihs 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\16.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.WOW.afh 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\17.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.imv 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\19.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inl 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\2.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inm 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\21.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Backdoor.Win32.Agent.cpt 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\210.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hzt 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\22.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inn 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\3.exe//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iha 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\4.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ihy 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\5.exe//PE_Patch//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.imw 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\6.exe//PE_Patch//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Lmir.boy 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\608769MM.DLL
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iay 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\608769WL.DLL
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ihz 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\7.exe//PE_Patch//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ich 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\8.exe//PE_Patch//UPack//PE_Patch
已隔離: 病毒 Heur.Downloader (修改) 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\addrcqhelp.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.WOW.afh 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\afmrdjpva.dll//UPack//PE_Patch.MaskPE
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.imw 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\AVPSrv.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.icd 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\cmdbcs.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ikh 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\DbgHlp32.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iha 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\GenProtect.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.igx 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\glrxjpuaflrw.dll//UPack//PE_Patch.MaskPE
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iiv 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\kaqhjzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ijw 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\kvdxjma.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ini 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\kvdxsjma.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hzt 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\LotusHlp.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inm 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\msccrt.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iij 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\MsIMMs32.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.imv 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\MsPrint32D.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ich 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\NVDispDrv.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.amm 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\NvSys_55.Sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\ratbkpi.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inp 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\ratbktl.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ide 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\sidjdzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iii 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\upxdnd.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inl 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\WinForm.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ida 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\Wn_Sys8x.Sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inn 檔案: C:\Documents and Settings\kato9096\桌面\160876\样本\ydkqxdinsx.dll//UPack//PE_Patch.MaskPE

7个没报,一个变种,已上报8个

今天卡巴回复很慢

显示全部楼层 · 发表于 2007-11-23 23:08:44

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 977
Paranoia Database - 48989
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\2

C:\Documents and Settings\Uhthn\Desktop\2\01.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\02.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\04.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\05.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\06.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\07.exe - Infected TROJAN-PSW.ONLINEGAMES.151 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\09.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\10.exe - Infected TROJAN-PSW.ONLINEGAMES.135 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\11.exe - Infected TROJAN-PSW.ONLINEGAMES.121 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\12.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\120.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\13.exe - Infected WIN32.TROJAN-PSW.LMIR.6 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\14.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\15.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\16.exe - Suspected MaliciousScope:GENERIC.MALWARE.4
C:\Documents and Settings\Uhthn\Desktop\2\17.exe - Suspected MaliciousScope:WIN32.GENERIC.MALWARE.1
C:\Documents and Settings\Uhthn\Desktop\2\18.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\19.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\2.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\20.exe - Infected TROJAN-PSW.ONLINEGAMES.121 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\21.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\210.exe - Infected WIN32.TROJAN.DELF.5 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\22.exe - Infected GENERIC.MALWARE.1B3.3497 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\3.exe - Infected TROJAN-PSW.ONLINEGAMES.121 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\4.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\5.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\6.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\608769MM.DLL - Infected WIN32.MALWARE.AGENT.6 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\608769WL.DLL - Infected WIN32.TROJAN-PSW.ONLINEGAMES.G - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\7.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\2\8.exe - Infected GENERIC.MALWARE.744.3350 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\addrcqhelp.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\afmrdjpva.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\AVPSrv.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\avzxhmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\cmdbcs.dll - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\DbgHlp32.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\GenProtect.dll - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\glrxjpuaflrw.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\kaqhjzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\kqwdouaekpvag.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\kvdxjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\kvdxsjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\kvmxima.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\LotusHlp.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\msccrt.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\MsIMMs32.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\MsPrint32D.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\NVDispDrv.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\NvSys_55.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\ratbkpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\ratbktl.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\2\sidjdzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\upxdnd.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\WinForm.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\Wn_Sys8x.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\2\ydkqxdinsx.dll - Suspected MaliciousScope:GENERIC.MALWARE.3

57 Files scanned
33 Infected files found
24 Suspected files found
0 Files disinfected
33 Files deleted

显示全部楼层 · 发表于 2007-11-23 23:31:14

E:\Download\样本_3.rar » RAR » 样本\01.exe - Win32/AutoRun.Q worm
E:\Download\样本_3.rar » RAR » 样本\02.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\04.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\05.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\06.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\07.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\09.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\10.exe - a variant of Win32/PSW.OnLineGames.YA trojan
E:\Download\样本_3.rar » RAR » 样本\11.exe - probably a variant of Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\12.exe - probably a variant of Win32/Genetik trojan
E:\Download\样本_3.rar » RAR » 样本\120.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\13.exe - Win32/PSW.WOW.WU trojan
E:\Download\样本_3.rar » RAR » 样本\14.exe - probably a variant of Win32/PSW.OnLineGames.NGU trojan
E:\Download\样本_3.rar » RAR » 样本\15.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\16.exe - probably a variant of Win32/PSW.OnLineGames.NGU trojan
E:\Download\样本_3.rar » RAR » 样本\17.exe - Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\18.exe - probably a variant of Win32/Genetik trojan
E:\Download\样本_3.rar » RAR » 样本\19.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\2.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\20.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\21.exe - a variant of Win32/PSW.OnLineGames.YA trojan
E:\Download\样本_3.rar » RAR » 样本\210.exe - Win32/NetTool.Agent.B application
E:\Download\样本_3.rar » RAR » 样本\22.exe - Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\3.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\4.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\5.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\6.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\608769MM.DLL - Win32/PSW.Legendmir.NFF trojan
E:\Download\样本_3.rar » RAR » 样本\608769WL.DLL - Win32/PSW.Legendmir.NFN trojan
E:\Download\样本_3.rar » RAR » 样本\7.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\8.exe - Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\addrcqhelp.dll - probably a variant of Win32/Genetik trojan
E:\Download\样本_3.rar » RAR » 样本\afmrdjpva.dll - Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\AVPSrv.dll - Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\avzxhmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\cmdbcs.dll - Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\DbgHlp32.dll - Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\GenProtect.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\glrxjpuaflrw.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\kaqhjzy.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\kqwdouaekpvag.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
E:\Download\样本_3.rar » RAR » 样本\kvdxjma.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\kvdxsjma.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\kvmxima.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\LotusHlp.dll - Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\msccrt.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\Download\样本_3.rar » RAR » 样本\MsIMMs32.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\MsPrint32D.dll - Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\NVDispDrv.dll - Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\ratbkpi.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\ratbktl.exe - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\sidjdzy.dll - Win32/PSW.OnLineGames.FDY trojan
E:\Download\样本_3.rar » RAR » 样本\upxdnd.dll - Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\WinForm.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
E:\Download\样本_3.rar » RAR » 样本\Wn_Sys8x.Sys - Win32/AutoRun.Q worm
E:\Download\样本_3.rar » RAR » 样本\ydkqxdinsx.dll - a variant of Win32/PSW.OnLineGames.GJV trojan

显示全部楼层 · 发表于 2007-11-23 23:33:32

Hello,

02.exe_ - Trojan-PSW.Win32.OnLineGames.ion,
06.exe_ - Trojan-PSW.Win32.OnLineGames.ioo,
18.exe_ - Trojan-PSW.Win32.OnLineGames.iop,
20.exe_ - Trojan-PSW.Win32.OnLineGames.ioq,
addrcqhelp.dll - Trojan-PSW.Win32.OnLineGames.ior,
avzxhmn.dll - Trojan-PSW.Win32.OnLineGames.ios,
kqwdouaekpvag.dll - Trojan-PSW.Win32.OnLineGames.iot,
kvmxima.dll - Trojan-PSW.Win32.OnLineGames.iou

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vladimir Krylov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[病毒样本] 57个

本帖子中包含更多资源

57

95/37

56个

浏览过的版块