50ge

显示全部楼层 · 发表于 2007-12-3 18:47:32

毒霸2008 15个木马病毒+3风险程序
瑞星（20.21.01）报20个。
红伞34+5个可疑

显示全部楼层 · 发表于 2007-12-3 18:50:35

ESS23
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_16.exe - probably unknown NewHeur_PE virus
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_17.exe - probably unknown NewHeur_PE virus
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_18.exe - Win32/Adware.BHO.AW application
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_2.EXE - a variant of Win32/TrojanDownloader.Agent.BTS trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_23.exe - Win32/PSW.OnLineGames.GJV trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_24.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_25.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_26.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_27.exe - a variant of Win32/TrojanDownloader.Alphabet.P trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_29.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_3.exe - probably unknown NewHeur_PE virus
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_30.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_32.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_35.dll - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_36.exe - a variant of Win32/Dialer.MiniDial application
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_39.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_4.exe - probably unknown NewHeur_PE virus
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_41.exe - probably unknown NewHeur_PE virus
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_43.dll - Win32/PSW.OnLineGames.HCV trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_44.dll - Win32/Delf.NCB trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_48.EXE - Win32/PSW.Agent.NEC trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_50.exe - Win32/PSW.OnLineGames.NGU trojan
D:\病毒测试\未解压样本\新建文件夹.zip » ZIP » 新建文件夹/12.3_7.exe - probably unknown NewHeur_PE virus

显示全部楼层 · 发表于 2007-12-3 18:57:47

Virus check with AntiVirusKit
Version 17.0.7089
Virus signatures of 12/3/2007
Start time: 12/3/2007 18:54
Engine(s): Engine A (AVK 18.1574), Engine B (AVKB 18.42)
Heuristic: On
Archives: On
System areas: Off

Check selected directories and files...
Object: 12.3_1.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Packed.Win32.PolyCrypt.b (Engine A)
Object: 12.3_11.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:AdWare.Win32.Comet.t (Engine A)
Object: [UPX]
In archive: D:\病毒测试\解压样本\新建文件夹\12.3_13.exe
Status: Virus detected
Virus: Win32:Small-EHR [Trj] (Engine B)
Object: 12.3_13.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:Small-EHR [Trj] (Engine B)
Object: [UPX]
In archive: D:\病毒测试\解压样本\新建文件夹\12.3_14.exe
Status: Virus detected
Virus: Win32:Small-EHR [Trj] (Engine B)
Object: 12.3_14.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:Small-EHR [Trj] (Engine B)
Object: 12.3_15.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:Monitor.Win32.Ardamax.k (Engine A)
Object: 12.3_16.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Virus.Win32.AutoRun.aho (Engine A)
Object: 12.3_17.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Virus.Win32.AutoRun.aho (Engine A)
Object: 12.3_18.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:AdWare.Win32.BHO.aw (Engine A)
Object: 12.3_19.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Virus.Win32.AutoRun.ahh (Engine A)
Object: 12.3_2.EXE
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:Virtualizer [Cryp] (Engine B)
Object: 12.3_21.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:Monitor.Win32.Ardamax.k (Engine A)
Object: 12.3_22.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:Monitor.Win32.Perflogger.163 (Engine A)
Object: 12.3_23.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.inq (Engine A)
Object: 12.3_24.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.inw (Engine A)
Object: 12.3_25.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.gvs (Engine A)
Object: 12.3_26.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.gvp (Engine A)
Object: 12.3_27.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-Downloader.Win32.Alphabet.gen (Engine A)
Object: 12.3_29.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.gyz (Engine A)
Object: 12.3_3.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-Downloader.Win32.Small.gxg (Engine A)
Object: 12.3_30.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.hfo (Engine A)
Object: 12.3_32.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.hgz (Engine A)
Object: 12.3_34.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Dialer found
Dialler: Trojan.Win32.Dialer.qn (Engine A)
Object: 12.3_35.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.gmh (Engine A)
Object: 12.3_36.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Dialer found
Dialler: not-a-virus:Porn-Dialer.Win32.EgroupDial.d (Engine A)
Object: 12.3_39.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.hgw (Engine A)
Object: 12.3_4.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-Spy.Win32.Agent.aom (Engine A)
Object: 12.3_40.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:Trojan-gen {Other} (Engine B)
Object: 12.3_41.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:VB-BGE [Wrm] (Engine B)
Object: 12.3_42.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:Monitor.Win32.Perflogger.ca (Engine A)
Object: 12.3_43.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.jdf (Engine A)
Object: 12.3_44.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:Trojan-gen {Other} (Engine B)
Object: 12.3_46.dll
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:AdWare.Win32.SecToolBar.k (Engine A)
Object: 12.3_47.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: not-a-virus:AdWare.Win32.Thesa.c (Engine A)
Object: 12.3_48.EXE
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.hhp (Engine A)
Object: 12.3_49.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Dialer found
Dialler: not-a-virus:Porn-Dialer.Win32.Juicy (Engine A)
Object: 12.3_50.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.hqh (Engine A)
Object: 12.3_6.exe
Path: D:\病毒测试\解压样本\新建文件夹
Status: Virus detected
Virus: Win32:PePatch-DS [Trj] (Engine B)
Analysis complete: 12/3/2007 18:54
50 files checked
37 infected files detected
0 suspected files detected

显示全部楼层 · 发表于 2007-12-3 19:10:12

C:\新建文件夹.zip\新建文件夹/12.3_1.exe - infected with Trojan.MulDrop.3797
C:\新建文件夹.zip\新建文件夹/12.3_15.exe - is a RiskWare program Program.Ardamax
C:\新建文件夹.zip\新建文件夹/12.3_16.exe - probably infected with DLOADER.Trojan
C:\新建文件夹.zip\新建文件夹/12.3_17.exe - probably infected with DLOADER.Trojan
C:\新建文件夹.zip\新建文件夹/12.3_19.exe - infected with Win32.HLLW.Autoruner.947
C:\新建文件夹.zip\新建文件夹/12.3_21.exe - is a RiskWare program Program.Ardamax
C:\新建文件夹.zip\新建文件夹/12.3_22.exe - infected with Trojan.Peflog.31
C:\新建文件夹.zip\新建文件夹/12.3_23.exe - infected with Trojan.PWS.Gamania.5810
C:\新建文件夹.zip\新建文件夹/12.3_24.exe - infected with Trojan.PWS.Gamania.5823
C:\新建文件夹.zip\新建文件夹/12.3_25.dll - infected with Trojan.PWS.Gamania.5519
C:\新建文件夹.zip\新建文件夹/12.3_26.dll - infected with Trojan.PWS.Gamania.5714
C:\新建文件夹.zip\新建文件夹/12.3_27.exe - infected with Trojan.DownLoader.25873
C:\新建文件夹.zip\新建文件夹/12.3_29.dll - infected with Trojan.PWS.Gamania.origin
C:\新建文件夹.zip\新建文件夹/12.3_3.exe - probably infected with DLOADER.Trojan
C:\新建文件夹.zip\新建文件夹/12.3_30.dll - infected with Trojan.PWS.Gamania.5549
C:\新建文件夹.zip\新建文件夹/12.3_31.exe - infected with Trojan.Click.4645
C:\新建文件夹.zip\新建文件夹/12.3_32.dll - infected with Trojan.PWS.Gamania.5688
C:\新建文件夹.zip\新建文件夹/12.3_34.exe - infected with Trojan.Mezzia.77
C:\新建文件夹.zip\新建文件夹/12.3_35.dll - infected with Trojan.PWS.Gamania.5447
C:\新建文件夹.zip\新建文件夹/12.3_39.dll - infected with Trojan.PWS.Gamania.5551
C:\新建文件夹.zip\新建文件夹/12.3_41.exe - infected with Win32.HLLM.Generic.85
C:\新建文件夹.zip\新建文件夹/12.3_42.exe - infected with Trojan.Peflog.156
C:\新建文件夹.zip\新建文件夹/12.3_43.dll - infected with Trojan.PWS.Wsgame.2256
C:\新建文件夹.zip\新建文件夹/12.3_44.dll - is a HackTool program Tool.Fakemake
C:\新建文件夹.zip\新建文件夹/12.3_46.dll - infected with Trojan.Fakealert.372
C:\新建文件夹.zip\新建文件夹/12.3_48.EXE - infected with Trojan.DownLoader.36455
C:\新建文件夹.zip\新建文件夹/12.3_50.exe - infected with Trojan.PWS.Gamania.5562
C:\新建文件夹.zip\新建文件夹/12.3_7.exe - infected with Win32.HLLW.Autoruner.923

Archive contains 28 infected items

DRWEB 4.44 28个

显示全部楼层 · 发表于 2007-12-3 20:45:03

已刪除: 病毒 Packed.Win32.PolyCrypt.b 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_1.exe//RPCrypt
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Comet.t 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_11.exe
已刪除: 病毒 Virus.Win32.AutoRun.aho 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_16.exe//UPack
已刪除: 病毒 Virus.Win32.AutoRun.aho 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_17.exe//UPack
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.BHO.aw 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_18.exe
已刪除: 病毒 Virus.Win32.AutoRun.ahh 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_19.exe//FSG
已隔離: 病毒 Heur.Invader (修改) 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_2.EXE
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inq 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_23.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.inw 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_24.exe//NSPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.gvs 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_25.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.gvp 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_26.dll
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Alphabet.gen 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_27.exe//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.gyz 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_29.dll
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Small.gxg 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_3.exe//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hfo 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_30.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hgz 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_32.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.Dialer.qn 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_34.exe//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.gmh 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_35.dll
已刪除: 色情程式 not-a-virus:Porn-Dialer.Win32.EgroupDial.d 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_36.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hgw 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_39.dll
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Agent.aom 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_4.exe//PE_Patch.UPX//UPX
已隔離: 病毒 Email-Worm.Win32.generic (修改) 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_41.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jdf 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_43.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.SecToolBar.k 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_46.dll
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.Thesa.c 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_47.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hhp 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_48.EXE//PE_Patch//UPack
已刪除: 色情程式 not-a-virus:Porn-Dialer.Win32.Juicy 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_49.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.hqh 檔案: C:\Documents and Settings\kato9096\桌面\165649\陔膘恅璃標\12.3_50.exe

28个,2个变种,22个没报,已上报

显示全部楼层 · 发表于 2007-12-3 20:53:39

CA 12
Started scanning at 2007-12-3 20:47:14. Engine Ver: 31.1.0. Sig Ver:5340. Sig Date: 2007-12-1. ArcLib Ver: 7.3.0.9.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_23.exe> - Win32/Orpdea!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_25.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_26.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_29.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_30.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_32.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_35.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_39.dll> - Win32/Storark!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_43.dll> - Win32/Frethog!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_44.dll> - Win32/Malum.CINT unknown type. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_46.dll> - Win32/Vundo.HF trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip <新建文件夹/12.3_48.EXE> - Win32/Lolyda!generic trojan. Quarantined.
C:\Documents and Settings\Administrator\桌面\新建文~1.ZIP - Could not open the file.

Files Scanned: 51
Files Infected: 12
Files Cleaned \ Deleted: 0
Files Quarantined: 1
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0

Top infections found during scan (Limited to 10).
Win32/Storark!generic
Win32/Frethog!generic
Win32/Lolyda!generic
Win32/Malum.CINT
Win32/Orpdea!generic
Win32/Vundo.HF

Files not Cleaned\Deleted\Quarantined (Limit 100): 0

Finished scanning at 2007-12-3 20:47:20.

显示全部楼层 · 发表于 2007-12-3 21:19:24

AVG Anti-Spyware - Scan Report(18)
---------------------------------------------------------

+ Created at: 21:19:03 2007-12-3

+ Scan result:

C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_18.exe -> Adware.BHO : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_6.exe -> Backdoor.Hupigon : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_27.exe -> Downloader.Alphabet : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_49.exe -> Heuristic.Win32.Dialer : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_15.exe -> Not-A-Virus.Monitor.Win32.Ardamax.k : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_21.exe -> Not-A-Virus.Monitor.Win32.Ardamax.k : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_22.exe -> Not-A-Virus.Monitor.Win32.Perflogger.163 : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_34.exe -> Trojan.Dialer.qn : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_42.exe -> Trojan.Keylog : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_40.exe -> Trojan.KeyLogger : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_35.dll -> Trojan.OnLineGames.gmh : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_30.dll -> Trojan.OnLineGames.hfo : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_39.dll -> Trojan.OnLineGames.hgw : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_32.dll -> Trojan.OnLineGames.hgz : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_48.EXE -> Trojan.OnLineGames.hhp : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_50.exe -> Trojan.OnLineGames.hqh : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_23.exe -> Trojan.OnLineGames.inq : Cleaned.
C:\Documents and Settings\Administrator\桌面\新建文件夹.zip/ÐÂ½¨ÎÄ¼þ¼Ð/12.3_44.dll -> Trojan.Zapchast.m : Cleaned.

::Report end

显示全部楼层 · 发表于 2007-12-3 22:29:48

费尔 19个

显示全部楼层 · 发表于 2007-12-3 23:49:40

G:\Security\VirusTest\Collection\scan\12.3_27.exe >>> suspicion for Trojan-Downloader.Win32.Alphabet.gen ( 09A65CE6 07444381 0025C787 001DB78B 21504)
G:\Security\VirusTest\Collection\scan\12.3_41.exe >>> suspicion for Trojan.Win32.ShareAll.c ( 0041D581 001B74A5 000C5B93 002E61E3 24576)
G:\Security\VirusTest\Collection\scan\12.3_48.EXE - Suspicion for Virus.Win32.PE_Type1(danger level 75%)
G:\Security\VirusTest\Collection\scan\12.3_50.exe >>>>> Trojan-PSW.Win32.OnLineGames.hqh deletion disabled by settings

显示全部楼层 · 发表于 2007-12-3 23:59:32

Hello,

12.3_10.dll, 12.3_12.exe_, 12.3_13.exe_, 12.3_14.exe_, 12.3_20.exe_, 12.3_28.ini, 12.3_33.exe_, 12.3_37.dll, 12.3_40.exe_, 12.3_44.dll, 12.3_5.exe_, 12.3_6.exe_, 12.3_8.dll, 12.3_9.dll

No malicious code were found in these files.

12.3_15.exe_, 12.3_21.exe_ - not-a-virus:Monitor.Win32.Ardamax.k,
12.3_22.exe_ - not-a-virus:Monitor.Win32.Perflogger.163,
12.3_42.exe_ - not-a-virus:Monitor.Win32.Perflogger.ca

These files are already detected by our extended bases as potentially risk programs.
If you know purpose of these programs then there's no need to bother, just add them to exclusion list,
else there are unknown malicious software on your computer possibly. You can do this:

Please download and run utility from
ftp://ftp.kaspersky.com/utils/getsysteminfo/GetSystemInfo.exe
Create text report and upload it to
http://www.kaspersky.ru/helpdesk.html
Our support team will analize your report.

12.3_2.exe_ - Trojan.Win32.Inject.mj,
12.3_45.dll - Trojan-PSW.Win32.Nilage.bva,
12.3_7.exe_ - Worm.Win32.AutoRun.cc

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

12.3_31.exe_ - Trojan-Clicker.Win32.VB.wd,
12.3_41.exe_ - Email-Worm.Win32.generic

These files are already detected. Please update your antivirus bases.

12.3_38.exe_

This file is corrupted.

Please quote all when answering.

--
Best regards, Yury Nesmachny
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[病毒样本] 50ge