logogogo.exe变种soundmno,及下的64个

promised

0

chenrui19930

第一个变种杀
C:\Documents and Settings\我的电脑\桌面\cab.zip » ZIP » cab.exe - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\cab.zip - probably unknown NewHeur_PE virus - deleted - quarantined

残缺的唯美

C:\Documents and Settings\Administrator\桌面\cab.zip » ZIP » cab.exe - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\cab.zip - probably unknown NewHeur_PE virus - deleted - quarantined

C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00001.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00002.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00003.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00004.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00006.exe - probably a variant of Win32/AutoRun.Q worm - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00007.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00008.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00009.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00010.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00011.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00012.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00013.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00014.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00015.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00016.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00017.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00019.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00020.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00022.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00023.exe - a variant of Win32/Agent.NLW trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00025.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\00026.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\arp.exe - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\avwghmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\avwlfmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\avzxjmn.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\C0NIME.EXE - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\dd.exe - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\kapjezy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\kaqhkzy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\kawdfzy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\kvdxjma.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\kvdxsjma.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\MYDJ0J.Exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\raqjfpi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\rarjepi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\ratbmpi.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\rsmyipm.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\rsztmpm.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\sidjezy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\smss.com - probably a variant of Win32/Delf trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\smss.exe - Win32/Delf.AWY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\swjqbzc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\swrcezc.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\WinForm.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\wsjrhzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\wsmsezx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar » RAR » 样本\wszjbzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\样本.rar - multiple threats - deleted - quarantined

chenrui19930

下的东西ESS灭49个
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00001.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00002.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00003.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00004.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00006.exe - probably a variant of Win32/AutoRun.Q worm - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00007.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00008.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00009.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00010.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00011.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00012.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00013.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00014.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00015.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00016.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00017.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00019.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00020.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00022.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00023.exe - a variant of Win32/Agent.NLW trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00025.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\00026.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\arp.exe - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\avwghmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\avwlfmn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\avzxjmn.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\C0NIME.EXE - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\dd.exe - probably unknown NewHeur_PE virus - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\kapjezy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\kaqhkzy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\kawdfzy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\kvdxjma.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\kvdxsjma.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\MYDJ0J.Exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\raqjfpi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\rarjepi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\ratbmpi.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\rsmyipm.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\rsztmpm.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\sidjezy.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\smss.com - probably a variant of Win32/Delf trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\smss.exe - Win32/Delf.AWY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\swjqbzc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\swrcezc.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\WinForm.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\wsjrhzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\wsmsezx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar » RAR » 样本\wszjbzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\我的电脑\桌面\样本.rar - multiple threats - deleted - quarantined

capsshift

趋势
cab.exe 查杀

样本。RAR

查出 34个，查出率34/64。

mofunzone

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\cab.zip'
C:\Users\morgan\Documents\
  cab.zip
    [0] Archive type: ZIP
      --> cab.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
            [WARNING]   Infected files in archives cannot be repaired!
      [WARNING]   The file was ignored!

下载的东西56个
Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\23.rar'
C:\Users\morgan\Documents\
  23.rar
    [0] Archive type: RAR
      --> ￑ﾱﾾ\00001.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00002.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00003.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.23922
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00004.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\00005.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jcu
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00006.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.11
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00007.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jal
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00008.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00009.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00010.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.24390
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00011.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.24406.1
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00012.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.25422
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00013.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.24932
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00014.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00015.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.ikc
            [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00016.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuu
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00017.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ive
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00019.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.22884
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00020.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/FWDisable.22360
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00021.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
      --> ￑ﾱﾾ\00022.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
              [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\00023.exe
        [DETECTION] Contains detection pattern of the dropper DR/Dldr.Agent.YMX
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00025.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ioj
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\00026.exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\arp.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
            [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\avwghmn.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\avwlfmn.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.22360
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\avzxjmn.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.24932
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\C0NIME.EXE
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
            [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\daemon_mgm.exe
    --> ￑ﾱﾾ\dd.exe
      --> ￑ﾱﾾ\gdwmi32.dll
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
          --> Object
    --> ￑ﾱﾾ\host.exe
        [DETECTION] Is the Trojan horse TR/Crypt.FSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\hursax.dll
        [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\kapjezy.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuu
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\kaqhkzy.dll
    --> ￑ﾱﾾ\kawdfzy.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.inb
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\kvdxjma.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.24390
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\kvdxsjma.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.23922
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\mhlm.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
            [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\myad.nls
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\MYDJ0J.Exe
        [1] Archive type: Runtime Packed
        --> Object
          [2] Archive type: RSRC
          --> Object
              [DETECTION] Contains suspicious code HEUR/Malware
              [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\mylm.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
            [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\NetMonInstaller.exe
    --> ￑ﾱﾾ\npf_mgm.exe
    --> ￑ﾱﾾ\pthreadVC.dll
    --> ￑ﾱﾾ\raqjfpi.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.25422
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\rarjepi.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jal
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\ratbmpi.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\rpcapd.exe
    --> ￑ﾱﾾ\rsmyipm.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\rsztmpm.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.24406.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\sidjezy.dll
        [DETECTION] Is the Trojan horse TR/FWDisable.22884
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\smss.com
        [DETECTION] Is the Trojan horse TR/Spy.Pcapbased.A.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\smss.exe
        [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\soundma.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Is the Trojan horse TR/Drop.Agent.Bih.1
            [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\swjqbzc.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\swrcezc.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ioj
        [WARNING]   Infected files in archives cannot be repaired!
      --> ￑ﾱﾾ\wd.exe
        [1] Archive type: Runtime Packed
        --> Object
            [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
            [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\WinForm.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\Wn_Sys8x.Sys
        [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.11
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\wsjrhzx.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ive
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\wsmsezx.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> ￑ﾱﾾ\wszjbzx.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
      [WARNING]   The file was ignored!


End of the scan: 2007年11月30日  19:13
Used time: 00:07 min

The scan has been done completely.

      0 Scanning directories
     65 Files were scanned
     40 viruses and/or unwanted programs were found
     16 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     25 Files not concerned
     23 Archives were scanned
     56 Warnings
      0 Notes

ggcn

红伞56个

Begin scan in 'C:\Documents and Settings\Administrator\桌面\样本.rar'
C:\Documents and Settings\Administrator\桌面\样本.rar
  [0] Archive type: RAR
  --> Ñù±¾\00001.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00002.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\00003.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.23922
  --> Ñù±¾\00004.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00005.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jcu
  --> Ñù±¾\00006.exe
      [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.11
  --> Ñù±¾\00007.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jal
  --> Ñù±¾\00008.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00009.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00010.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.24390
  --> Ñù±¾\00011.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.24406.1
  --> Ñù±¾\00012.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.25422
  --> Ñù±¾\00013.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.24932
  --> Ñù±¾\00014.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\00015.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.ikc
  --> Ñù±¾\00016.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuu
  --> Ñù±¾\00017.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ive
  --> Ñù±¾\00019.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.22884
  --> Ñù±¾\00020.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.22360
  --> Ñù±¾\00021.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\00022.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
  --> Ñù±¾\00023.exe
      [DETECTION] Contains detection pattern of the dropper DR/Dldr.Agent.YMX
  --> Ñù±¾\00025.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ioj
  --> Ñù±¾\00026.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\arp.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> Ñù±¾\avwghmn.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\avwlfmn.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.22360
  --> Ñù±¾\avzxjmn.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.24932
  --> Ñù±¾\C0NIME.EXE
      [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
  --> Ñù±¾\host.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> Ñù±¾\hursax.dll
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> Ñù±¾\kapjezy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuu
  --> Ñù±¾\kawdfzy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.inb
  --> Ñù±¾\kvdxjma.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.24390
  --> Ñù±¾\kvdxsjma.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.23922
  --> Ñù±¾\mhlm.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\myad.nls
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\MYDJ0J.Exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\mylm.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\raqjfpi.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.25422
  --> Ñù±¾\rarjepi.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jal
  --> Ñù±¾\ratbmpi.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\rsmyipm.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\rsztmpm.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.24406.1
  --> Ñù±¾\sidjezy.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.22884
  --> Ñù±¾\smss.com
      [DETECTION] Is the Trojan horse TR/Spy.Pcapbased.A.1
  --> Ñù±¾\smss.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> Ñù±¾\soundma.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.Bih.1
  --> Ñù±¾\swjqbzc.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
  --> Ñù±¾\swrcezc.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ioj
  --> Ñù±¾\wd.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> Ñù±¾\WinForm.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\Wn_Sys8x.Sys
      [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.11
  --> Ñù±¾\wsjrhzx.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ive
  --> Ñù±¾\wsmsezx.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\wszjbzx.dll
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      A backup was created as '477f3991.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!


End of the scan: 2007年12月1日星期六  11:17
Used time: 05:00 min

The scan has been done completely.

      0 Scanning directories
     65 Files were scanned
     46 viruses and/or unwanted programs were found
     10 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     19 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

promised

C:\ABC\cab.zip:\cab.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\cab.zip
C:\ABC\样本.rar:\样本\00001.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\00002.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\00003.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00004.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\00005.exe - 特征码 'Trojan-Spy.Win32.Banker.ahy' 被发现
C:\ABC\样本.rar:\样本\00006.exe - 特征码 'Virus.Win32.AutoRun.bs' 被发现
C:\ABC\样本.rar:\样本\00007.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00008.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00009.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00010.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00011.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00012.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00013.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00014.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00015.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00016.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00017.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00019.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00020.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00021.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\样本\00022.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00023.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\00025.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\00026.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\arp.exe - 特征码 'Trojan-Spy.Win32.Banker.ahy' 被发现
C:\ABC\样本.rar:\样本\avwghmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avwlfmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\avzxjmn.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\C0NIME.EXE - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\daemon_mgm.exe
C:\ABC\样本.rar:\样本\dd.exe
C:\ABC\样本.rar:\样本\gdwmi32.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\样本\host.exe - 可疑代码段 被发现 (Level: 120)
C:\ABC\样本.rar:\样本\hursax.dll - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\kapjezy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kaqhkzy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kawdfzy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kvdxjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\kvdxsjma.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\mhlm.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\myad.nls - 特征码 'Trojan.Win32.Delf.nf' 被发现
C:\ABC\样本.rar:\样本\MYDJ0J.Exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\样本\mylm.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\NetMonInstaller.exe
C:\ABC\样本.rar:\样本\npf_mgm.exe
C:\ABC\样本.rar:\样本\pthreadVC.dll
C:\ABC\样本.rar:\样本\raqjfpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\rarjepi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\ratbmpi.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\rpcapd.exe
C:\ABC\样本.rar:\样本\rsmyipm.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\rsztmpm.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\sidjezy.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\smss.com - 特征码 'Backdoor.Win32.Agent.ahj' 被发现
C:\ABC\样本.rar:\样本\smss.exe - 特征码 'Backdoor.Win32.Delf.awy' 被发现
C:\ABC\样本.rar:\样本\soundma.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\swjqbzc.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\swrcezc.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\wd.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\样本\WinForm.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.isb' 被发现
C:\ABC\样本.rar:\样本\Wn_Sys8x.Sys - 特征码 'Trojan-Proxy.Win32.Delf.AN' 被发现
C:\ABC\样本.rar:\样本\wsjrhzx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\wsmsezx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar:\样本\wszjbzx.dll - 特征码 'BehavesLikeTrojan.WUDisable' 被发现
C:\ABC\样本.rar

promised

Quick Scanning

        C:\ABC\cab\cab.exe
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\cab\cab.exe
        C:\ABC\cab\样本\样本\00001.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\00001.exe
        C:\ABC\cab\样本\样本\00002.exe
        C:\ABC\cab\样本\样本\00002.exe\FILE:0000
>>> Virus 'Mal/Behav-112' found in file C:\ABC\cab\样本\样本\00002.exe\FILE:0000
        C:\ABC\cab\样本\样本\00002.exe\FILE:0001
>>> File "C:\ABC\cab\样本\样本\00002.exe\FILE:0001" has been identified as suspicious 'Sus/Malware-A'.
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\00002.exe
        C:\ABC\cab\样本\样本\00003.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00003.exe
        C:\ABC\cab\样本\样本\00004.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00004.exe
        C:\ABC\cab\样本\样本\00005.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\00005.exe
        C:\ABC\cab\样本\样本\00006.exe
        C:\ABC\cab\样本\样本\00006.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\cab\样本\样本\00006.exe\FILE:0000
>>> File "C:\ABC\cab\样本\样本\00006.exe" has been identified as suspicious 'Sus/Dropper-R'.
        C:\ABC\cab\样本\样本\00007.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00007.exe
        C:\ABC\cab\样本\样本\00008.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00008.exe
        C:\ABC\cab\样本\样本\00009.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00009.exe
        C:\ABC\cab\样本\样本\00010.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00010.exe
        C:\ABC\cab\样本\样本\00011.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00011.exe
        C:\ABC\cab\样本\样本\00012.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00012.exe
        C:\ABC\cab\样本\样本\00013.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00013.exe
        C:\ABC\cab\样本\样本\00014.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00014.exe
        C:\ABC\cab\样本\样本\00015.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00015.exe
        C:\ABC\cab\样本\样本\00016.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00016.exe
        C:\ABC\cab\样本\样本\00017.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00017.exe
        C:\ABC\cab\样本\样本\00019.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00019.exe
        C:\ABC\cab\样本\样本\00020.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00020.exe
        C:\ABC\cab\样本\样本\00021.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\00021.exe
        C:\ABC\cab\样本\样本\00022.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00022.exe
        C:\ABC\cab\样本\样本\00023.exe
        C:\ABC\cab\样本\样本\00023.exe\FILE:0000
>>> Virus 'Mal/Dorf-A' found in file C:\ABC\cab\样本\样本\00023.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\00023.exe
        C:\ABC\cab\样本\样本\00025.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00025.exe
        C:\ABC\cab\样本\样本\00026.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\00026.exe
        C:\ABC\cab\样本\样本\arp.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\arp.exe
        C:\ABC\cab\样本\样本\avwghmn.dll
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\cab\样本\样本\avwghmn.dll
        C:\ABC\cab\样本\样本\avwlfmn.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\avwlfmn.dll
        C:\ABC\cab\样本\样本\avzxjmn.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\avzxjmn.dll
        C:\ABC\cab\样本\样本\C0NIME.EXE
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\cab\样本\样本\C0NIME.EXE
        C:\ABC\cab\样本\样本\daemon_mgm.exe
        C:\ABC\cab\样本\样本\dd.exe
        C:\ABC\cab\样本\样本\gdwmi32.dll
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\gdwmi32.dll
        C:\ABC\cab\样本\样本\host.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\host.exe
        C:\ABC\cab\样本\样本\hursax.dll
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\hursax.dll
        C:\ABC\cab\样本\样本\kapjezy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\kapjezy.dll
        C:\ABC\cab\样本\样本\kaqhkzy.dll
>>> Virus 'Mal/Behav-001' found in file C:\ABC\cab\样本\样本\kaqhkzy.dll
        C:\ABC\cab\样本\样本\kawdfzy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\kawdfzy.dll
        C:\ABC\cab\样本\样本\kvdxjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\kvdxjma.dll
        C:\ABC\cab\样本\样本\kvdxsjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\kvdxsjma.dll
        C:\ABC\cab\样本\样本\mhlm.exe
        C:\ABC\cab\样本\样本\mhlm.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\mhlm.exe
        C:\ABC\cab\样本\样本\myad.nls
>>> File "C:\ABC\cab\样本\样本\myad.nls" has been identified as suspicious 'Sus/Malware-A'.
        C:\ABC\cab\样本\样本\MYDJ0J.Exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\cab\样本\样本\MYDJ0J.Exe
        C:\ABC\cab\样本\样本\mylm.exe
        C:\ABC\cab\样本\样本\mylm.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\mylm.exe
        C:\ABC\cab\样本\样本\NetMonInstaller.exe
        C:\ABC\cab\样本\样本\npf_mgm.exe
        C:\ABC\cab\样本\样本\pthreadVC.dll
        C:\ABC\cab\样本\样本\raqjfpi.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\raqjfpi.dll
        C:\ABC\cab\样本\样本\rarjepi.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\rarjepi.dll
        C:\ABC\cab\样本\样本\ratbmpi.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\ratbmpi.dll
        C:\ABC\cab\样本\样本\rpcapd.exe
        C:\ABC\cab\样本\样本\rsmyipm.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\rsmyipm.dll
        C:\ABC\cab\样本\样本\rsztmpm.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\rsztmpm.dll
        C:\ABC\cab\样本\样本\sidjezy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\sidjezy.dll
        C:\ABC\cab\样本\样本\smss.com
        C:\ABC\cab\样本\样本\smss.com\FILE:0000
        C:\ABC\cab\样本\样本\smss.com\FILE:0001
        C:\ABC\cab\样本\样本\smss.com\FILE:0002
        C:\ABC\cab\样本\样本\smss.com\FILE:0003
        C:\ABC\cab\样本\样本\smss.com\FILE:0004
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\smss.com
        C:\ABC\cab\样本\样本\smss.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\smss.exe
        C:\ABC\cab\样本\样本\soundma.exe
        C:\ABC\cab\样本\样本\soundma.exe\FILE:0000
>>> File "C:\ABC\cab\样本\样本\soundma.exe\FILE:0000" has been identified as suspicious 'Sus/Madcode-A'.
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\soundma.exe
        C:\ABC\cab\样本\样本\swjqbzc.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\swjqbzc.dll
        C:\ABC\cab\样本\样本\swrcezc.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\swrcezc.dll
        C:\ABC\cab\样本\样本\wd.exe
        C:\ABC\cab\样本\样本\wd.exe\FILE:0000
>>> Virus 'Mal/Packer' found in file C:\ABC\cab\样本\样本\wd.exe
        C:\ABC\cab\样本\样本\WinForm.dll
>>> File "C:\ABC\cab\样本\样本\WinForm.dll" has been identified as suspicious 'Sus/Malware-B'.
        C:\ABC\cab\样本\样本\Wn_Sys8x.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\cab\样本\样本\Wn_Sys8x.Sys
        C:\ABC\cab\样本\样本\wsjrhzx.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\wsjrhzx.dll
        C:\ABC\cab\样本\样本\wsmsezx.dll
>>> File "C:\ABC\cab\样本\样本\wsmsezx.dll" has been identified as suspicious 'Sus/Malware-A'.
        C:\ABC\cab\样本\样本\wszjbzx.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\cab\样本\样本\wszjbzx.dll

65 files swept in 14 seconds.
58 viruses were discovered.
6 suspicious files were discovered.
59 files out of 65 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.

IllusionWing

cab搞定
下回来的扫出59个

UGuard Log (Digital Fox - gankeyu@126.com)
UGuarduu.exe = 4.5.5
HC0.rlb = 3.1.0
HC2.rlb = 2.4.0
FN0.rlb = 2.3.1
扫描选项：扫描档案, 扩展, 忽略非活动, 忽略大文件, nFile, BAT模拟, 捆绑检测, 变形壳, 启发,
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\新建文件夹\cab.exe 检测到 Packed.Generic.UPack
检测到了 1 个未知的恶意程序，请上报。
任务 扫描 完成。共耗费的时间：0-00-00 00:00:00:0020，共扫描的文件数量：1，共扫描到的威胁数量：1，威胁率：100%，扫描速率： 50 文件/秒，扫描速度： 923.88 千字节/秒，共扫描了 18.48 千字节。
UGuard Log (Digital Fox - gankeyu@126.com)
UGuarduu.exe = 4.5.5
HC0.rlb = 3.1.0
HC2.rlb = 2.4.0
FN0.rlb = 2.3.1
扫描选项：扫描档案, 扩展, 忽略非活动, 忽略大文件, nFile, BAT模拟, 捆绑检测, 变形壳, 启发,
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00001.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00002.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00003.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00004.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00005.exe 检测到 Packed.Generic.UPack
[扫描] [捆绑检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00006.exe//UPX 检测到 Generic.Binder
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00007.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00008.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00009.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00010.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00011.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00012.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00013.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00014.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00015.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00016.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00017.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00019.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00020.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00021.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00022.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00023.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00025.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\00026.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\arp.exe 检测到 Packed.Generic.UPack
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\avwghmn.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\avwlfmn.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\avzxjmn.dll 检测到 Generic.nFile
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\C0NIME.EXE 检测到 Packed.Generic.UPack
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\dd.exe 检测到 Backdoor.Agent.awz
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\gdwmi32.dll 检测到 Generic.nFile
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\host.exe 检测到 Packed.Generic.Modified
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\hursax.dll 检测到 Packed.Generic.UPack
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\kapjezy.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\kaqhkzy.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\kawdfzy.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\kvdxjma.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\kvdxsjma.dll 检测到 Generic.nFile
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\mhlm.exe 检测到 Packed.Generic.UPack
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\myad.nls 检测到 Risk.HookTool
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\MYDJ0J.Exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\mylm.exe 检测到 Packed.Generic.UPack
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\raqjfpi.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\rarjepi.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\ratbmpi.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\rsmyipm.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\rsztmpm.dll 检测到 Generic.nFile
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\sidjezy.dll 检测到 Trojan.Roast.Hidden
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\smss.com 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\smss.exe 检测到 Generic.nFile
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\soundma.exe 检测到 Packed.Generic.UPack
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\swjqbzc.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\swrcezc.dll 检测到 Generic.nFile
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\wd.exe 检测到 Packed.Generic.UPack
[扫描] [变形壳检测] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\WinForm.dll 检测到 Packed.Unknown.ca53
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\Wn_Sys8x.Sys 检测到 Generic.nFile
[扫描] [Level 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\wsjrhzx.dll 检测到 Trojan.Roast.Hidden
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\wsmsezx.dll 检测到 Generic.nFile
[扫描] [nFile Detect 2] 在 C:\Documents and Settings\Administrator\桌面\Virus\YB\样本\wszjbzx.dll 检测到 Generic.nFile
检测到了 55 个未知的恶意程序，请上报。
任务 扫描 完成。共耗费的时间：0-00-00 00:00:00:0811，共扫描的文件数量：65，共扫描到的威胁数量：59，威胁率：90.77%，扫描速率： 80.15 文件/秒，扫描速度： 5017.2 千字节/秒，共扫描了 4068.95 千字节。