42个

显示全部楼层 · 发表于 2007-11-30 21:42:39

全灭
C:\ABC\样本.rar
C:\ABC\样本.rar\vbhnvbhmswbh.dll
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本.rar\vbhnvbhmswbh.dll
C:\ABC\样本.rar\wsjrhzx.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\wsjrhzx.dll
C:\ABC\样本.rar\swjqbzc.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\swjqbzc.dll
C:\ABC\样本.rar\wszjbzx.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\wszjbzx.dll
C:\ABC\样本.rar\sidjezy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\sidjezy.dll
C:\ABC\样本.rar\ratbmpi.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\ratbmpi.dll
C:\ABC\样本.rar\rarjepi.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\rarjepi.dll
C:\ABC\样本.rar\avzxjmn.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\avzxjmn.dll
C:\ABC\样本.rar\avwlemn.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\avwlemn.dll
C:\ABC\样本.rar\kapjezy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\kapjezy.dll
C:\ABC\样本.rar\avwggmn.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\avwggmn.dll
C:\ABC\样本.rar\rsmyhpm.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\rsmyhpm.dll
C:\ABC\样本.rar\16.exe
C:\ABC\样本.rar\16.exe\FILE:0000
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本.rar\16.exe\FILE:0000
>>> File "C:\ABC\样本.rar\16.exe" has been identified as suspicious 'Sus/Dropper-R'.
C:\ABC\样本.rar\kaqhkzy.dll
>>> Virus 'Mal/Behav-001' found in file C:\ABC\样本.rar\kaqhkzy.dll
C:\ABC\样本.rar\WinForm.dll
>>> File "C:\ABC\样本.rar\WinForm.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本.rar\inudhya.dll
>>> File "C:\ABC\样本.rar\inudhya.dll" has been identified as suspicious 'Sus/Madcode-A'.
C:\ABC\样本.rar\DbgHlp32.dll
>>> File "C:\ABC\样本.rar\DbgHlp32.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本.rar\wsjrhax.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\wsjrhax.exe
C:\ABC\样本.rar\Wn_Sys8x.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本.rar\Wn_Sys8x.Sys
C:\ABC\样本.rar\1.exe
C:\ABC\样本.rar\1.exe\FILE:0000
>>> File "C:\ABC\样本.rar\1.exe\FILE:0000" has been identified as suspicious 'Sus/Madcode-A'.
>>> Virus 'Mal/Packer' found in file C:\ABC\样本.rar\1.exe
C:\ABC\样本.rar\WinForm.exE
>>> Virus 'Mal/Packer' found in file C:\ABC\样本.rar\WinForm.exE
C:\ABC\样本.rar\20.exe
C:\ABC\样本.rar\20.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本.rar\20.exe\FILE:0000
>>> File "C:\ABC\样本.rar\20.exe" has been identified as suspicious 'Sus/Dropper-R'.
C:\ABC\样本.rar\swjqbac.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\swjqbac.exe
C:\ABC\样本.rar\wszjbax.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\wszjbax.exe
C:\ABC\样本.rar\wbhnwbglrxch.dll
>>> Virus 'Mal/Behav-160' found in file C:\ABC\样本.rar\wbhnwbglrxch.dll
C:\ABC\样本.rar\sidjeaz.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\sidjeaz.exe
C:\ABC\样本.rar\kawdfzy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\kawdfzy.dll
C:\ABC\样本.rar\kaqhkaz.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\kaqhkaz.exe
C:\ABC\样本.rar\DbgHlp32.exe
>>> Virus 'Mal/Behav-156' found in file C:\ABC\样本.rar\DbgHlp32.exe
C:\ABC\样本.rar\inetinfo.exe
C:\ABC\样本.rar\inetinfo.exe\FILE:0000
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本.rar\inetinfo.exe\FILE:0000
>>> Virus 'Mal/Behav-010' found in file C:\ABC\样本.rar\inetinfo.exe
C:\ABC\样本.rar\ratbmtl.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\ratbmtl.exe
C:\ABC\样本.rar\11.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本.rar\11.exe
C:\ABC\样本.rar\rarjetl.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\rarjetl.exe
C:\ABC\样本.rar\avzxjst.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\avzxjst.exe
C:\ABC\样本.rar\avwlest.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\avwlest.exe
C:\ABC\样本.rar\upxdnd.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本.rar\upxdnd.exe
C:\ABC\样本.rar\upxdnd.dll
>>> File "C:\ABC\样本.rar\upxdnd.dll" has been identified as suspicious 'Sus/Zhengtu-A'.
C:\ABC\样本.rar\kapjeaz.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\kapjeaz.exe
C:\ABC\样本.rar\avwggst.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\avwggst.exe
C:\ABC\样本.rar\4.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本.rar\4.exe
C:\ABC\样本.rar\rsmyhsp.exe
>>> Virus 'Mal/Behav-112' found in file C:\ABC\样本.rar\rsmyhsp.exe
C:\ABC\样本.rar\XP.EXE
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\样本.rar\XP.EXE

显示全部楼层 · 发表于 2007-11-30 21:45:13

已刪除: 特洛伊木馬程式 Trojan.Win32.Delf.ams 檔案: C:\Documents and Settings\kato9096\桌面\164415\1.exe//FSG//#
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ihu 檔案: C:\Documents and Settings\kato9096\桌面\164415\11.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ivx 檔案: C:\Documents and Settings\kato9096\桌面\164415\20.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.imx 檔案: C:\Documents and Settings\kato9096\桌面\164415\4.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iuw 檔案: C:\Documents and Settings\kato9096\桌面\164415\avwggmn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iuw 檔案: C:\Documents and Settings\kato9096\桌面\164415\avwggst.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ing 檔案: C:\Documents and Settings\kato9096\桌面\164415\avwlemn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ing 檔案: C:\Documents and Settings\kato9096\桌面\164415\avwlest.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jaf 檔案: C:\Documents and Settings\kato9096\桌面\164415\avzxjmn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iys 檔案: C:\Documents and Settings\kato9096\桌面\164415\avzxjst.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.isb 檔案: C:\Documents and Settings\kato9096\桌面\164415\DbgHlp32.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iwb 檔案: C:\Documents and Settings\kato9096\桌面\164415\inetinfo.exe//UPack//#
已刪除: 特洛伊木馬程式 Trojan.Win32.Delf.ams 檔案: C:\Documents and Settings\kato9096\桌面\164415\inudhya.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jck 檔案: C:\Documents and Settings\kato9096\桌面\164415\kapjeaz.exe//UPack//#
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jck 檔案: C:\Documents and Settings\kato9096\桌面\164415\kapjezy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ixo 檔案: C:\Documents and Settings\kato9096\桌面\164415\kaqhkaz.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ixq 檔案: C:\Documents and Settings\kato9096\桌面\164415\kaqhkzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iwb 檔案: C:\Documents and Settings\kato9096\桌面\164415\kawdfzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ivf 檔案: C:\Documents and Settings\kato9096\桌面\164415\rarjepi.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ivf 檔案: C:\Documents and Settings\kato9096\桌面\164415\rarjetl.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jbm 檔案: C:\Documents and Settings\kato9096\桌面\164415\ratbmpi.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jbm 檔案: C:\Documents and Settings\kato9096\桌面\164415\ratbmtl.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iqv 檔案: C:\Documents and Settings\kato9096\桌面\164415\rsmyhpm.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ion 檔案: C:\Documents and Settings\kato9096\桌面\164415\rsmyhsp.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iys 檔案: C:\Documents and Settings\kato9096\桌面\164415\sidjeaz.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iyz 檔案: C:\Documents and Settings\kato9096\桌面\164415\sidjezy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.itl 檔案: C:\Documents and Settings\kato9096\桌面\164415\swjqbac.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.itp 檔案: C:\Documents and Settings\kato9096\桌面\164415\swjqbzc.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jaq 檔案: C:\Documents and Settings\kato9096\桌面\164415\upxdnd.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.isb 檔案: C:\Documents and Settings\kato9096\桌面\164415\upxdnd.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jbv 檔案: C:\Documents and Settings\kato9096\桌面\164415\WinForm.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.isb 檔案: C:\Documents and Settings\kato9096\桌面\164415\WinForm.exE
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iwa 檔案: C:\Documents and Settings\kato9096\桌面\164415\Wn_Sys8x.Sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ive 檔案: C:\Documents and Settings\kato9096\桌面\164415\wsjrhax.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ive 檔案: C:\Documents and Settings\kato9096\桌面\164415\wsjrhzx.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iof 檔案: C:\Documents and Settings\kato9096\桌面\164415\wszjbax.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.iok 檔案: C:\Documents and Settings\kato9096\桌面\164415\wszjbzx.dll
已刪除: 病毒 Worm.Win32.AutoRun.br 檔案: C:\Documents and Settings\kato9096\桌面\164415\XP.EXE//UPack

4个不报，已上报

显示全部楼层 · 发表于 2007-11-30 21:45:23

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\样本.rar'
C:\Documents and Settings\Administrator\桌面\样本.rar
  [0] Archive type: RAR
  --> vbhnvbhmswbh.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> wsjrhzx.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ive
  --> swjqbzc.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
  --> wszjbzx.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iok
  --> sidjezy.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.22884
  --> ratbmpi.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> rarjepi.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ivf
  --> avzxjmn.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.24932
  --> avwlemn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ing
  --> kapjezy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGam.htk
  --> avwggmn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuw
  --> rsmyhpm.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iqv
  --> 16.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> WinForm.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> inudhya.dll
   [DETECTION] Is the Trojan horse TR/Delf.bag
  --> DbgHlp32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> wsjrhax.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ive
  --> Wn_Sys8x.Sys
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iwa
  --> 1.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> WinForm.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 20.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iwa
  --> swjqbac.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
  --> wszjbax.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iok
  --> wbhnwbglrxch.dll
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> sidjeaz.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.22884
  --> kawdfzy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.ikc
  --> kaqhkaz.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> DbgHlp32.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> inetinfo.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.ikc
  --> ratbmtl.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.acd
  --> rarjetl.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ivf
  --> avzxjst.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.24932
  --> avwlest.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ing
  --> upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> kapjeaz.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGam.htk
  --> avwggst.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuw
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> rsmyhsp.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iqv
  --> XP.EXE
   [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
   [WARNING] The file was ignored!

End of the scan: 星期五 2007年11月30日  21:45
Used time: 00:07 min

The scan has been done completely.

   0 Scanning directories
   44 Files were scanned
   35 viruses and/or unwanted programs were found
   6 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   9 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-11-30 22:01:56

卡巴只得38个

显示全部楼层 · 发表于 2007-11-30 22:03:34

sophos 也不适合平时使用……

显示全部楼层 · 发表于 2007-11-30 22:06:31

ESET全灭

D:\病毒测试\未解压样本\样本.rar » RAR » vbhnvbhmswbh.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
D:\病毒测试\未解压样本\样本.rar » RAR » wsjrhzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » swjqbzc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » wszjbzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » sidjezy.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » ratbmpi.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » rarjepi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » avzxjmn.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » avwlemn.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » kapjezy.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » avwggmn.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » rsmyhpm.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » 16.exe - probably a variant of Win32/PSW.OnLineGames.GJV trojan
D:\病毒测试\未解压样本\样本.rar » RAR » kaqhkzy.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » WinForm.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
D:\病毒测试\未解压样本\样本.rar » RAR » inudhya.dll - Win32/PSW.Delf.NKS trojan
D:\病毒测试\未解压样本\样本.rar » RAR » DbgHlp32.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
D:\病毒测试\未解压样本\样本.rar » RAR » wsjrhax.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm
D:\病毒测试\未解压样本\样本.rar » RAR » 1.exe - Win32/PSW.Delf.NKS trojan
D:\病毒测试\未解压样本\样本.rar » RAR » WinForm.exE - a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\样本.rar » RAR » 20.exe - probably a variant of Win32/AutoRun.Q worm
D:\病毒测试\未解压样本\样本.rar » RAR » swjqbac.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » wszjbax.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » wbhnwbglrxch.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
D:\病毒测试\未解压样本\样本.rar » RAR » sidjeaz.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » kawdfzy.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » kaqhkaz.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » DbgHlp32.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\样本.rar » RAR » inetinfo.exe - probably unknown NewHeur_PE virus
D:\病毒测试\未解压样本\样本.rar » RAR » ratbmtl.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » 11.exe - probably a variant of Win32/PSW.OnLineGames.NGU trojan
D:\病毒测试\未解压样本\样本.rar » RAR » rarjetl.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » avzxjst.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » avwlest.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » upxdnd.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\样本.rar » RAR » upxdnd.dll - Win32/PSW.OnLineGames.HCV trojan
D:\病毒测试\未解压样本\样本.rar » RAR » kapjeaz.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » avwggst.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » 4.exe - Win32/PSW.OnLineGames.NGU trojan
D:\病毒测试\未解压样本\样本.rar » RAR » rsmyhsp.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\样本.rar » RAR » XP.EXE - Win32/Mypis.L virus

显示全部楼层 · 发表于 2007-11-30 22:23:25

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.SunOnline.hp
病毒： Trojan.PSW.Win32.GameOnline.aqb
病毒： Trojan.PSW.Win32.GameOnline.anj
病毒： Trojan.PSW.Win32.GameOnline.ars
病毒： Trojan.PSW.Win32.TLOnline.jjw
病毒： Trojan.PSW.Win32.YBOnline.cd
病毒： Trojan.PSW.Win32.GameOnline.arq
病毒： Trojan.PSW.Win32.GameOnline.amy
病毒： Trojan.PSW.Win32.GameOnline.aqn
病毒： Trojan.PSW.Win32.RocOnline.il
病毒： Trojan.PSW.Win32.SunOnline.hq
病毒： Trojan.PSW.Win32.QQHX.tsi
病毒： Trojan.PSW.Win32.GameOnline.atl
病毒： Worm.Win32.PaBug.el
病毒： Trojan.PSW.Win32.GameOnline.atl
病毒： Worm.Win32.PaBug.el
病毒： Trojan.PSW.Win32.GameOnline.aqb
病毒： Trojan.PSW.Win32.GameOnline.anj
病毒： Trojan.PSW.Win32.GameOnline.ars
病毒： Trojan.PSW.Win32.AskTao.ey
病毒： Trojan.PSW.Win32.QQHX.tsi
病毒： Trojan.PSW.Win32.TLOnline.jjw
病毒： Trojan.PSW.Win32.WoWar.afp
病毒： Trojan.PSW.Win32.YBOnline.cd
病毒： Trojan.PSW.Win32.GameOnline.arq
病毒： Trojan.PSW.Win32.GameOnline.ang
病毒： Trojan.PSW.Win32.GameOnline.art
病毒： Trojan.PSW.Win32.GameOnline.art
病毒： Trojan.PSW.Win32.GameOnline.aqo
病毒： Trojan.PSW.Win32.XYOnline.sl
病毒： Trojan.PSW.Win32.AskTao.et
病毒： Worm.Win32.Agent.zci

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.20.42

显示全部楼层 · 发表于 2007-11-30 22:39:46

BD 40个

显示全部楼层 · 发表于 2007-11-30 23:04:20

TIS2008，几次都和瑞星一样的查杀数量。。。。

"病毒扫描日志" "2007/11/30" ""
"时间" "已检测，用户设定为信任" "类型" "威胁名称" "受感染文件" "第一处理措施" "第二处理措施"

"23:01" "手动扫描" "文件" "PAK_Generic.006" "vbhnvbhmswbh.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "wsjrhzx.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "swjqbzc.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.ISZ" "wszjbzx.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "sidjezy.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "ratbmpi.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "avwlemn.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "kapjezy.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "avwggmn.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "rsmyhpm.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "16.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "wsjrhax.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_DELF.NOC" "1.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.006" "WinForm.exE (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "20.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "swjqbac.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.ISZ" "wszjbax.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PAK_Generic.006" "wbhnwbglrxch.dll (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "sidjeaz.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "kaqhkaz.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.006" "DbgHlp32.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "inetinfo.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "ratbmtl.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.LYT" "11.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "rarjetl.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "avzxjst.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "avwlest.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.006" "upxdnd.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "kapjeaz.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "avwggst.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "4.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "TSPY_ONLINEG.EOS" "rsmyhsp.exe (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "PACKER-GEN.001" "XP.EXE (E:\下载\病毒测试\样本.rar)" "忽略成功" ""
"23:01" "手动扫描" "文件" "---" "E:\下载\病毒测试\样本.rar" "忽略成功" ""

显示全部楼层 · 发表于 2007-11-30 23:24:55

Hello,

16.exe_ - Trojan-PSW.Win32.WOW.afu,
DbgHlp32.dll - Trojan-PSW.Win32.OnLineGames.jdx,
vbhnvbhmswbh.dll, wbhnwbglrxch.dll - Trojan-PSW.Win32.WOW.aft

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Ermilov Maxim
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[病毒样本] 42个

本帖子中包含更多资源

本帖子中包含更多资源

67/34

本帖子中包含更多资源