67个（0000*）

显示全部楼层 · 发表于 2007-12-8 18:43:27

deleted: virus Heur.Trojan.Generic (modification) File: I:\hanxiaojun\Ñù±¾(8).rar/real.exe//UPack
deleted: virus Heur.Trojan.Generic (modification) File: I:\hanxiaojun\Ñù±¾(8).rar/00001.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jlg File: I:\hanxiaojun\Ñù±¾(8).rar/00002.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: I:\hanxiaojun\Ñù±¾(8).rar/00003.exe
deleted: virus Heur.Trojan.Generic (modification) File: I:\hanxiaojun\Ñù±¾(8).rar/00004.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jqo File: I:\hanxiaojun\Ñù±¾(8).rar/00005.exe//PE_Patch//UPack
deleted: Trojan program Backdoor.Win32.PcClient.ie File: I:\hanxiaojun\Ñù±¾(8).rar/00006.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jfm File: I:\hanxiaojun\Ñù±¾(8).rar/00008.exe//PE_Patch//UPack//#//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jpc File: I:\hanxiaojun\Ñù±¾(8).rar/00009.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jop File: I:\hanxiaojun\Ñù±¾(8).rar/00010.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jer File: I:\hanxiaojun\Ñù±¾(8).rar/00012.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.iys File: I:\hanxiaojun\Ñù±¾(8).rar/00013.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.juv File: I:\hanxiaojun\Ñù±¾(8).rar/00014.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jws File: I:\hanxiaojun\Ñù±¾(8).rar/00015.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.iuu File: I:\hanxiaojun\Ñù±¾(8).rar/00016.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jqn File: I:\hanxiaojun\Ñù±¾(8).rar/00019.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jml File: I:\hanxiaojun\Ñù±¾(8).rar/00020.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jza File: I:\hanxiaojun\Ñù±¾(8).rar/00021.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.itl File: I:\hanxiaojun\Ñù±¾(8).rar/00022.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jct File: I:\hanxiaojun\Ñù±¾(8).rar/00023.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jox File: I:\hanxiaojun\Ñù±¾(8).rar/00024.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jox File: I:\hanxiaojun\Ñù±¾(8).rar/00025.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jfp File: I:\hanxiaojun\Ñù±¾(8).rar/00026.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jgq File: I:\hanxiaojun\Ñù±¾(8).rar/00027.exe//PE_Patch//UPack
deleted: virus Heur.Trojan.Generic (modification) File: I:\hanxiaojun\Ñù±¾(8).rar/gx24.exe//UPack
deleted: Trojan program Trojan.Win32.Qhost.aaf File: I:\hanxiaojun\Ñù±¾(8).rar/host.exe//UPack
deleted: Trojan program Trojan.Win32.Small.uj File: I:\hanxiaojun\Ñù±¾(8).rar/lmmh.exe//UPack
deleted: Trojan program Backdoor.Win32.Delf.cjx File: I:\hanxiaojun\Ñù±¾(8).rar/arp.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jyt File: I:\hanxiaojun\Ñù±¾(8).rar/12.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jyt File: I:\hanxiaojun\Ñù±¾(8).rar/gdqqsgi32.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jgq File: I:\hanxiaojun\Ñù±¾(8).rar/gdjzi32.dll//UPack//#
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jfp File: I:\hanxiaojun\Ñù±¾(8).rar/wszjbzx.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jox File: I:\hanxiaojun\Ñù±¾(8).rar/swrcezc.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.itp File: I:\hanxiaojun\Ñù±¾(8).rar/swjqbzc.dll
deleted: Trojan program Trojan-Downloader.Win32.Agent.blm File: I:\hanxiaojun\Ñù±¾(8).rar/pcihdd.sys
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jza File: I:\hanxiaojun\Ñù±¾(8).rar/gdwmi32.dll//UPack//#
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.iwb File: I:\hanxiaojun\Ñù±¾(8).rar/kawdfzy.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jrd File: I:\hanxiaojun\Ñù±¾(8).rar/sidjfzy.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.iuu File: I:\hanxiaojun\Ñù±¾(8).rar/kapjezy.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jpv File: I:\hanxiaojun\Ñù±¾(8).rar/DbgHlp32.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jlw File: I:\hanxiaojun\Ñù±¾(8).rar/NVDispDrv.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ifa File: I:\hanxiaojun\Ñù±¾(8).rar/cmdbcs.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gjr File: I:\hanxiaojun\Ñù±¾(8).rar/qdshm.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.juv File: I:\hanxiaojun\Ñù±¾(8).rar/addrtlhelp.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jfm File: I:\hanxiaojun\Ñù±¾(8).rar/gdqqhxi32.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jev File: I:\hanxiaojun\Ñù±¾(8).rar/gdqji32.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jop File: I:\hanxiaojun\Ñù±¾(8).rar/kvdxjma.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jpc File: I:\hanxiaojun\Ñù±¾(8).rar/avwghmn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jal File: I:\hanxiaojun\Ñù±¾(8).rar/rarjepi.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jaf File: I:\hanxiaojun\Ñù±¾(8).rar/avzxjmn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jrr File: I:\hanxiaojun\Ñù±¾(8).rar/gdhnxai32.dll//UPack//#
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jlg File: I:\hanxiaojun\Ñù±¾(8).rar/rsmyipm.dll

显示全部楼层 · 发表于 2007-12-8 18:43:57

Starting the file scan:

Begin scan in 'E:\样本.rar'
E:\样本.rar
  [0] Archive type: RAR
  --> real.exe
   [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
  --> soundma.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> 00001.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.23390.1
  --> 00002.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.23420
  --> 00003.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00004.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 00005.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLiGames.jrs
  --> 00006.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jal
  --> 00008.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jfm
  --> 00009.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jpc
  --> 00010.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jop
  --> 00012.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Jer.1
  --> 00013.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.24932
  --> 00014.exe
   [DETECTION] Is the Trojan horse TR/PSW.Onlineg.KC.2
  --> 00015.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.ikc
  --> 00016.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuu
  --> 00019.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jrd
  --> 00020.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.24920
  --> 00021.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 00022.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
  --> 00023.exe
   [DETECTION] Contains detection pattern of the dropper DR/Dldr.Agent.YMX
  --> 00024.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jox
  --> 00025.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jox
  --> 00026.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jfp
  --> 00027.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jgq.5
  --> gx24.exe
   [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
  --> host.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
  --> lmmh.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> lmmy.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> wdlm.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 28.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> arp.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> Wn_Sys8x.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
  --> gdqqsgi32.dll
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> gdjzi32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jgo.2
  --> wszjbzx.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jfp
  --> swrcezc.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jox
  --> swjqbzc.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.itp
  --> pcihdd.sys
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.blm.3
  --> gdwmi32.dll
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> kawdfzy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.ikc
  --> sidjfzy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jrd
  --> kapjezy.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.iuu
  --> avwlgmn.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.24920
  --> DbgHlp32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jpv.2
  --> NVDispDrv.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jlw.3
  --> cmdbcs.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> qdshm.dll
   [DETECTION] Is the Trojan horse TR/PSW.Onlineg.KC.2
  --> addrtlhelp.dll
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
  --> gdqqhxi32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jfm
  --> gdqji32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jev
  --> kvdxjma.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jop
  --> avwghmn.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jpc
  --> rarjepi.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jal
  --> avzxjmn.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.24932
  --> DbgHlp.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> gdhnxai32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLiGames.jrs
  --> okmhazy.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.23390.1
  --> rsmyipm.dll
   [DETECTION] Is the Trojan horse TR/FWDisable.23420
  --> wsmsezx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!

End of the scan: 2007年12月8日  18:44
Used time: 00:40 min

The scan has been done completely.

   0 Scanning directories
   68 Files were scanned
   55 viruses and/or unwanted programs were found
   6 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   13 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-12-8 18:45:20

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\real.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:19107  MD5:66cc6db20ed1927ce41c3247e34b53f0

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\soundma.exe]
                  …………发现Spy！报告:[1] Win32.NkHack.FSG.A
文件信息:  大小:2753  MD5:e045b960a1b2298e198eb7da4ab0c37b

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00001.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15969  MD5:881db3e1899697af4d12c6d079250fd6

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00002.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15970  MD5:3483bf9a601e2f275ff776f76f9b7b65

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00003.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:17308  MD5:54167db32000141407e9b59a877cc0c4

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00004.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:17397  MD5:08cf93b05b6a717af00d10a468def617

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00005.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15604  MD5:0e571fbf2bdb5578e12f91b4c47f5099

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00006.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15530  MD5:22193c846944788f04ec740afabedcf5

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00008.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:14732  MD5:365c33b28b64c7ec002febba817bddeb

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00009.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16374  MD5:7e856c86b80b61207fa064f98cebf228

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00010.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15409  MD5:9dcad19927952254aa79861a80f0a62f

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00012.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15664  MD5:e65df2ec0c4ceb809e458edfa4413cf4

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00013.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16133  MD5:592ad3636e541485f7c56d11056fdeca

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00014.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14783  MD5:63d023f1b84cfce3c3c776226f168684

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00015.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15309  MD5:d95eab7006079707160d6e4c1b793ba8

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00016.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15116  MD5:b7d2d2e3e8b1fcf21884ea95ebf37997

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00019.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16174  MD5:3f41103176d4c1ccfaf3d4a1f630bea3

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00020.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16709  MD5:6730db44bdd3b22dc10230bb6352a4ae

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00021.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:16184  MD5:e23cd372aa26d6dee24dcb5df23ae419

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00022.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15664  MD5:71a6a2dbde43f3fe64565b1143bb7883

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00023.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:19440  MD5:fc33df4bfb1079ebe1798c811ed7968a

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00024.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15393  MD5:bb728602f5b7df28b93464af972d9de0

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00025.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15111  MD5:d9cdd1602353ece805a29231ffb34694

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00026.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:15206  MD5:b99dee16b31cdd84dbd6721b0f2187f3

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\00027.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15352  MD5:ee88446faff34d35f9bccd5ec37b4913

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gx24.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:19284  MD5:a1ef0506920bd4272686ac1e5db31d74

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\host.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:5412  MD5:89c9808b5e33ad53f7d353b52dec5f3a

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\lmmh.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14533  MD5:f0e7120d8988bf022746c90fe0a41d9a

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\lmmy.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14644  MD5:07ad279dc2e09e7ffe3dc30ea93fdee7

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\wdlm.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:14547  MD5:8be1a07c76eaf9e4f80740815423c1bc

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\28.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:33396  MD5:44378bce7d87b87334a7cdf5310c21bd

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\arp.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:335106  MD5:86f4c3b866302eed83902e293f2c7329

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\12.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15392  MD5:f10197cbe6906ba1295c275d70f1bd51

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\Wn_Sys8x.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:48244  MD5:7776e0f28126a7097b91158780e538eb

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\NetMonInstaller.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:6656  MD5:f0a994d8f40bfde2328cb4dd8ff909ec

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gdqqsgi32.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:12313  MD5:11fd6e4e12ba135dbfba5c5ebf85fc8f

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\npf_mgm.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:49152  MD5:74a7390346b5e922192283af03e0b155

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gdjzi32.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:11958  MD5:e2905d04e2d6b0988459eff912acd765

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\wszjbzx.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:21850  MD5:d9e23444bcc8390f612920b50662ac23

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\swrcezc.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:22282  MD5:f6c77955e6becb2cad480775d8c3adea

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\swjqbzc.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24908  MD5:955f152ea30e975a1eb323fbc98c60fd

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gdwmi32.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:13083  MD5:f580c774cc037c5b1f9a2aed6516db5e

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\kawdfzy.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:23656  MD5:3aa32104d0444f07ea6b4ffed57535bc

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\sidjfzy.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:23906  MD5:161ebf691e3845fba01257136894fb88

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\kapjezy.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24422  MD5:2aadef681b9ac63a3ee7af2dac7d9c01

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\avwlgmn.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24918  MD5:223896be88b62f7130ce4362107ca62f

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\DbgHlp32.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:28160  MD5:d61a3a1f3d2e568d9c19c35fbc1ba32a

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\NVDispDrv.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:25088  MD5:18890dd5f5eaadcb6b5806c89e7c87e3

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\cmdbcs.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:25088  MD5:2729ce6e2d4150ad7184b668728d4411

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\qdshm.dll]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:4187  MD5:ced0aeca7b872fe5d13c168e06e3c1f9

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\addrtlhelp.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:7415  MD5:1b3b7cd270c5bd4930dd549635efd98d

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gdqqhxi32.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:11355  MD5:7a6f3eb8ba3c8ec2a4814756b4273664

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gdqji32.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:12287  MD5:df1104f216d6416e0456024cad8e5f7b

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\kvdxjma.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:22354  MD5:7b0d62af85ed74ae167f3b99bcc0f307

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\avwghmn.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24394  MD5:2e26cb121998e81b05f17e4d29f50dd1

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\rarjepi.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24400  MD5:1f28ba461ef7f1e8f2c830875032cbd8

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\avzxjmn.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:24914  MD5:48c3c8b695ff4afb5fe012ec8b82afc2

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\DbgHlp.dll]
                  …………发现Spy！报告:[1] Win32.Badsoft.RX[8] HOOK者
文件信息:  大小:28160  MD5:4acf6ff65b785eefa19bfd8bac11b738

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\gdhnxai32.dll]
                  …………发现Spy！报告: [4] [1] Win32.F/S.ByDwing
文件信息:  大小:12262  MD5:1181d2d5e062a2cbf34ec624405233af

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\okmhazy.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:23392  MD5:6ef19db2fd695170c4261565872a0e29

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\rsmyipm.dll]
                  …………发现Spy！报告:[6] 注入者[8] HOOK者
文件信息:  大小:23388  MD5:5bcb886f75bb6778105b5663c2bf5914

[C:\Documents and Settings\Administrator\桌面\Virus\样88888888888888888本\wsmsezx.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:25934  MD5:0496541aff4e25f24dac9520ce36005c

文件数:67 病毒数:62  比重:0.9253731343284
OK  扫描完毕！

  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

[ 本帖最后由 FBAV 于 2007-12-8 18:49 编辑 ]

显示全部楼层 · 发表于 2007-12-8 18:52:27

C:\Users\Wesley\Downloads\样本.rar » RAR » real.exe - probably unknown NewHeur_PE virus
C:\Users\Wesley\Downloads\样本.rar » RAR » 00001.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00002.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00003.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00004.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00006.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00009.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00010.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00012.exe - Win32/PSW.OnLineGames.JER trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00013.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00014.exe - probably a variant of Win32/PSW.OnLineGames.NGU trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00015.exe - probably unknown NewHeur_PE virus
C:\Users\Wesley\Downloads\样本.rar » RAR » 00016.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00019.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00020.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00021.exe - probably a variant of Win32/PSW.OnLineGames.NHF trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00022.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00023.exe - a variant of Win32/Agent.NLW trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00024.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00025.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00026.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » 00027.exe - Win32/PSW.OnLineGames.JGQ trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » gx24.exe - probably unknown NewHeur_PE virus
C:\Users\Wesley\Downloads\样本.rar » RAR » 28.exe - probably a variant of Win32/AutoRun.Q worm
C:\Users\Wesley\Downloads\样本.rar » RAR » arp.exe - probably unknown NewHeur_PE virus
C:\Users\Wesley\Downloads\样本.rar » RAR » Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm
C:\Users\Wesley\Downloads\样本.rar » RAR » gdjzi32.dll - Win32/PSW.OnLineGames.NJM trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » wszjbzx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » swrcezc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » swjqbzc.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » pcihdd.sys - Win32/TrojanDownloader.Agent.BLM trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » gdwmi32.dll - probably a variant of Win32/PSW.OnLineGames.NHF trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » kawdfzy.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » sidjfzy.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » kapjezy.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » avwlgmn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » DbgHlp32.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » NVDispDrv.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » cmdbcs.dll - Win32/PSW.OnLineGames.NFL trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » qdshm.dll - a variant of Win32/PSW.OnLineGames.NHF trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » addrtlhelp.dll - a variant of Win32/PSW.OnLineGames.NHF trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » kvdxjma.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » avwghmn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » rarjepi.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » avzxjmn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » DbgHlp.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » okmhazy.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » rsmyipm.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Users\Wesley\Downloads\样本.rar » RAR » wsmsezx.dll - a variant of Win32/PSW.OnLineGames.FDY trojan

显示全部楼层 · 发表于 2007-12-8 18:56:17

Quick Scanning

C:\ABC\样本\00001.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00001.exe
C:\ABC\样本\00002.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00002.exe
C:\ABC\样本\00003.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00003.exe
C:\ABC\样本\00004.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00004.exe
C:\ABC\样本\00005.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\00005.exe
C:\ABC\样本\00006.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00006.exe
C:\ABC\样本\00008.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\00008.exe
C:\ABC\样本\00009.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00009.exe
C:\ABC\样本\00010.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00010.exe
C:\ABC\样本\00012.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\00012.exe
C:\ABC\样本\00013.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00013.exe
C:\ABC\样本\00014.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\00014.exe
C:\ABC\样本\00015.exe
C:\ABC\样本\00015.exe\FILE:0000
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\00015.exe\FILE:0000
>>> Virus 'Mal/Behav-010' found in file C:\ABC\样本\00015.exe
C:\ABC\样本\00016.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00016.exe
C:\ABC\样本\00019.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00019.exe
C:\ABC\样本\00020.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00020.exe
C:\ABC\样本\00021.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\00021.exe
C:\ABC\样本\00022.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00022.exe
C:\ABC\样本\00023.exe
C:\ABC\样本\00023.exe\FILE:0000
>>> Virus 'Mal/Dorf-A' found in file C:\ABC\样本\00023.exe\FILE:0000
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\00023.exe
C:\ABC\样本\00024.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00024.exe
C:\ABC\样本\00025.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00025.exe
C:\ABC\样本\00026.exe
>>> Virus 'Mal/Behav-152' found in file C:\ABC\样本\00026.exe
C:\ABC\样本\00027.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\00027.exe
C:\ABC\样本\12.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\12.exe
C:\ABC\样本\28.exe
C:\ABC\样本\28.exe\FILE:0000
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\28.exe\FILE:0000
>>> File "C:\ABC\样本\28.exe" has been identified as suspicious 'Sus/Dropper-R'.
C:\ABC\样本\addrtlhelp.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\addrtlhelp.dll
C:\ABC\样本\arp.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\arp.exe
C:\ABC\样本\avwghmn.dll
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\avwghmn.dll
C:\ABC\样本\avwlgmn.dll
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\avwlgmn.dll
C:\ABC\样本\avzxjmn.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\avzxjmn.dll
C:\ABC\样本\cmdbcs.dll
>>> File "C:\ABC\样本\cmdbcs.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\daemon_mgm.exe
C:\ABC\样本\DbgHlp.dll
>>> File "C:\ABC\样本\DbgHlp.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\DbgHlp32.dll
>>> File "C:\ABC\样本\DbgHlp32.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\gdhnxai32.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\gdhnxai32.dll
C:\ABC\样本\gdjzi32.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\gdjzi32.dll
C:\ABC\样本\gdqji32.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\gdqji32.dll
C:\ABC\样本\gdqqhxi32.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\gdqqhxi32.dll
C:\ABC\样本\gdqqsgi32.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\gdqqsgi32.dll
C:\ABC\样本\gdwmi32.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\gdwmi32.dll
C:\ABC\样本\gx24.exe
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\样本\gx24.exe
C:\ABC\样本\host.exe
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\host.exe
C:\ABC\样本\kapjezy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kapjezy.dll
C:\ABC\样本\kawdfzy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kawdfzy.dll
C:\ABC\样本\kvdxjma.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\kvdxjma.dll
C:\ABC\样本\lmmh.exe
C:\ABC\样本\lmmh.exe\FILE:0000
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\lmmh.exe
C:\ABC\样本\lmmy.exe
C:\ABC\样本\lmmy.exe\FILE:0000
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\lmmy.exe\FILE:0000
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\lmmy.exe
C:\ABC\样本\NetMonInstaller.exe
C:\ABC\样本\npf_mgm.exe
C:\ABC\样本\NVDispDrv.dll
>>> File "C:\ABC\样本\NVDispDrv.dll" has been identified as suspicious 'Sus/Malware-B'.
C:\ABC\样本\okmhazy.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\okmhazy.dll
C:\ABC\样本\pcihdd.sys
>>> Virus 'Troj/DwnLdr-GZH' found in file C:\ABC\样本\pcihdd.sys
C:\ABC\样本\pthreadVC.dll
C:\ABC\样本\qdshm.dll
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\qdshm.dll
C:\ABC\样本\rarjepi.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\rarjepi.dll
C:\ABC\样本\real.exe
>>> Virus 'Mal/GamePSW-C' found in file C:\ABC\样本\real.exe
C:\ABC\样本\rpcapd.exe
C:\ABC\样本\rsmyipm.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\rsmyipm.dll
C:\ABC\样本\sidjfzy.dll
>>> File "C:\ABC\样本\sidjfzy.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\soundma.exe
>>> Virus 'Mal/Packer' found in file C:\ABC\样本\soundma.exe
C:\ABC\样本\soundman.exe
C:\ABC\样本\swjqbzc.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\swjqbzc.dll
C:\ABC\样本\swrcezc.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\swrcezc.dll
C:\ABC\样本\wdlm.exe
C:\ABC\样本\wdlm.exe\FILE:0000
>>> Virus 'Mal/EncPk-BW' found in file C:\ABC\样本\wdlm.exe
C:\ABC\样本\Wn_Sys8x.Sys
>>> Virus 'Mal/Gampass-A' found in file C:\ABC\样本\Wn_Sys8x.Sys
C:\ABC\样本\wsmsezx.dll
>>> File "C:\ABC\样本\wsmsezx.dll" has been identified as suspicious 'Sus/Malware-A'.
C:\ABC\样本\wszjbzx.dll
>>> Virus 'Mal/Delagen-A' found in file C:\ABC\样本\wszjbzx.dll

67 files swept in 15 seconds.
58 viruses were discovered.
7 suspicious files were discovered.
61 files out of 67 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.

显示全部楼层 · 发表于 2007-12-8 19:32:02

FS扫描41个

显示全部楼层 · 发表于 2007-12-8 19:47:52

15……趋势亚么趋势趋势亚么趋势……

Undet [             ](    ) in D:\Download\VirusScan\real.exe
Undet [             ](    ) in D:\Download\VirusScan\soundma.exe
Undet [             ](    ) in D:\Download\VirusScan\00001.exe
Undet [             ](    ) in D:\Download\VirusScan\00002.exe
Undet [             ](    ) in D:\Download\VirusScan\00003.exe
Undet [             ](    ) in D:\Download\VirusScan\00004.exe
Found [ TROJ_ZLOB.ANT]( 1) in D:\Download\VirusScan\00005.exe
Undet [             ](    ) in D:\Download\VirusScan\00006.exe
Undet [             ](    ) in D:\Download\VirusScan\00008.exe
Undet [             ](    ) in D:\Download\VirusScan\00009.exe
Undet [             ](    ) in D:\Download\VirusScan\00010.exe
Found [TSPY_ONLINEG.MBB]( 1) in D:\Download\VirusScan\00012.exe
Undet [             ](    ) in D:\Download\VirusScan\00013.exe
Undet [             ](    ) in D:\Download\VirusScan\00014.exe
Undet [             ](    ) in D:\Download\VirusScan\00015.exe
Undet [             ](    ) in D:\Download\VirusScan\00016.exe
Undet [             ](    ) in D:\Download\VirusScan\00019.exe
Undet [             ](    ) in D:\Download\VirusScan\00020.exe
Undet [             ](    ) in D:\Download\VirusScan\00021.exe
Undet [             ](    ) in D:\Download\VirusScan\00022.exe
Undet [             ](    ) in D:\Download\VirusScan\00023.exe
Undet [             ](    ) in D:\Download\VirusScan\00024.exe
Undet [             ](    ) in D:\Download\VirusScan\00025.exe
Undet [             ](    ) in D:\Download\VirusScan\00026.exe
Undet [             ](    ) in D:\Download\VirusScan\00027.exe
Undet [             ](    ) in D:\Download\VirusScan\gx24.exe
Undet [             ](    ) in D:\Download\VirusScan\host.exe
Found [  TROJ_SMALL.JPZ]( 1) in D:\Download\VirusScan\lmmh.exe
Undet [             ](    ) in D:\Download\VirusScan\lmmy.exe
Found [TROJ_DLOADER.SOE]( 1) in D:\Download\VirusScan\wdlm.exe
Undet [             ](    ) in D:\Download\VirusScan\28.exe
Undet [             ](    ) in D:\Download\VirusScan\arp.exe
Undet [             ](    ) in D:\Download\VirusScan\12.exe
Undet [             ](    ) in D:\Download\VirusScan\Wn_Sys8x.Sys
Undet [             ](    ) in D:\Download\VirusScan\soundman.exe
Undet [             ](    ) in D:\Download\VirusScan\NetMonInstaller.exe
Undet [             ](    ) in D:\Download\VirusScan\gdqqsgi32.dll
Undet [             ](    ) in D:\Download\VirusScan\daemon_mgm.exe
Undet [             ](    ) in D:\Download\VirusScan\npf_mgm.exe
Undet [             ](    ) in D:\Download\VirusScan\pthreadVC.dll
Undet [             ](    ) in D:\Download\VirusScan\rpcapd.exe
Found [TSPY_ONLINEG.NQS]( 1) in D:\Download\VirusScan\gdjzi32.dll
Found [TSPY_ONLINEG.ISZ]( 1) in D:\Download\VirusScan\wszjbzx.dll
Found [TSPY_ONLINEG.ISZ]( 1) in D:\Download\VirusScan\swrcezc.dll
Found [TSPY_ONLINEG.EOS]( 1) in D:\Download\VirusScan\swjqbzc.dll
Undet [             ](    ) in D:\Download\VirusScan\pcihdd.sys
Undet [             ](    ) in D:\Download\VirusScan\gdwmi32.dll
Undet [             ](    ) in D:\Download\VirusScan\kawdfzy.dll
Undet [             ](    ) in D:\Download\VirusScan\sidjfzy.dll
Found [TSPY_ONLINEG.EOS]( 1) in D:\Download\VirusScan\kapjezy.dll
Found [TSPY_ONLINEG.EOS]( 1) in D:\Download\VirusScan\avwlgmn.dll
Undet [             ](    ) in D:\Download\VirusScan\DbgHlp32.dll
Undet [             ](    ) in D:\Download\VirusScan\NVDispDrv.dll
Found [TSPY_ONLINEG.LYB]( 1) in D:\Download\VirusScan\cmdbcs.dll
Undet [             ](    ) in D:\Download\VirusScan\qdshm.dll
Undet [             ](    ) in D:\Download\VirusScan\addrtlhelp.dll
Found [TSPY_ONLINEG.NQQ]( 1) in D:\Download\VirusScan\gdqqhxi32.dll
Found [TSPY_ONLINEG.NQP]( 1) in D:\Download\VirusScan\gdqji32.dll
Undet [             ](    ) in D:\Download\VirusScan\kvdxjma.dll
Undet [             ](    ) in D:\Download\VirusScan\avwghmn.dll
Undet [             ](    ) in D:\Download\VirusScan\rarjepi.dll
Undet [             ](    ) in D:\Download\VirusScan\avzxjmn.dll
Undet [             ](    ) in D:\Download\VirusScan\DbgHlp.dll
Undet [             ](    ) in D:\Download\VirusScan\gdhnxai32.dll
Found [TSPY_ONLINEG.ISZ]( 1) in D:\Download\VirusScan\okmhazy.dll
Found [TSPY_ONLINEG.EOS]( 1) in D:\Download\VirusScan\rsmyipm.dll
Undet [             ](    ) in D:\Download\VirusScan\wsmsezx.dll

显示全部楼层 · 发表于 2007-12-8 20:52:07

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Win32.Logogo.o
病毒： Trojan.PSW.Win32.XYOnline.vk
病毒： Trojan.PSW.Win32.GameOnline.avb
病毒： Trojan.PSW.Win32.QQSG.ay
病毒： Trojan.PSW.Win32.XYOnline.ui
病毒： Trojan.PSW.Win32.ZhuXian.ek
病毒： Trojan.PSW.Win32.SunOnline.in
病毒： Trojan.PSW.Win32.GameOnline.arq
病毒： Trojan.PSW.Win32.OnlineGame.ymg
病毒： Trojan.PSW.Win32.QQHX.tsf
病毒： Trojan.PSW.Win32.GameOL.a
病毒： Trojan.PSW.Win32.GameOnline.zye
病毒： Trojan.PSW.Win32.GameOnline.aqb
病毒： Trojan.Win32.Mnless.zvz
病毒： Trojan.PSW.Win32.LMir.yzd
病毒： Trojan.PSW.Win32.GameOnline.auy
病毒： Trojan.PSW.Win32.GameOnline.avn
病毒： Trojan.Win32.QHost.xa
病毒： Trojan.PSW.Win32.XYOnline.ta
病毒： Trojan.PSW.Win32.RocOnline.hz
病毒： Trojan.PSW.Win32.AskTao.er
病毒： Dropper.Win32.Agent.yse
病毒： Trojan.PSW.Win32.ZeroOnline.cs
病毒： Trojan.PSW.Win32.GameOnline.auy
病毒： Trojan.PSW.Win32.LMir.yzd
病毒： Trojan.PSW.Win32.GameOnline.aqb
病毒： RootKit.Win32.Paice.a
病毒： Trojan.PSW.Win32.AskTao.ey
病毒： Trojan.PSW.Win32.GameOnline.zzl
病毒： Trojan.PSW.Win32.SunOnline.ho
病毒： Trojan.PSW.Win32.GameOnline.zyk
病毒： Trojan.PSW.Win32.GameOnline.zzs
病毒： Trojan.PSW.Win32.GameOL.w
病毒： Trojan.PSW.Win32.GameOnline.aox
病毒： Trojan.PSW.Win32.QQGame.am
病毒： Trojan.PSW.Win32.QQHX.tsl
病毒： Trojan.PSW.Win32.SunOnline.if
病毒： Trojan.PSW.Win32.XYOnline.vi
病毒： Trojan.PSW.Win32.SunOnline.in
病毒： Trojan.PSW.Win32.ZeroOnline.cq
病毒： Trojan.PSW.Win32.GameOnline.arq
病毒： Trojan.PSW.Win32.XYOnline.vg
病毒： Trojan.PSW.Win32.GameOnline.auz
病毒： Trojan.PSW.Win32.GameOL.bb

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.21.52

显示全部楼层 · 发表于 2007-12-8 20:54:47

唉。。。。

信息       2007-12-08  20:54:16       您此次查毒共查出54个病毒以及危险代码
信息       2007-12-08  20:54:16       您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件96个
信息       2007-12-08  20:54:16       金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\wsmsezx.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\rsmyipm.dll       Win32.Troj.OnlineGamesT.fd.19570       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\okmhazy.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdhnxai32.dll       Win32.Troj.OnlineGamesT.ty.102400       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\avzxjmn.dll       Win32.Troj.OnlineGamesT.ty.24902       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\rarjepi.dll       Win32.Troj.OnlineGamesT.ty.24902       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\avwghmn.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\kvdxjma.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdqji32.dll       Win32.Troj.OnlineGamesT.ty.90112       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdqqhxi32.dll       Win32.Troj.OnlineGamesT.ty.90112       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\addrtlhelp.dll       Win32.Troj.OnlineGames.yf.73728       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\qdshm.dll       Win32.Troj.OnLimeGamesT.ty.61440       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\cmdbcs.dll       Win32.Troj.OnlineGamesT.ia.26112       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\NVDispDrv.dll       Win32.Troj.OnlineGamesT.lz.127488       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\DbgHlp32.dll       Win32.Troj.OnlineGamesT.ip.28160       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\avwlgmn.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\kapjezy.dll       Win32.Troj.OnlineGamesT.ty.24902       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\sidjfzy.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\kawdfzy.dll       Win32.Troj.OnlineGamesT.ty.24902       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdwmi32.dll       Win32.Troj.OnlineGames.yf.73728       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\pcihdd.sys       Win32.Troj.Agent.dz.6768       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\swjqbzc.dll       Win32.Troj.OnlineGamesT.ty.24902       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\swrcezc.dll       Win32.Troj.OnLimeGamesT.zf.21080       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\wszjbzx.dll       Win32.Troj.OnlineGamesT.ty.24902       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdjzi32.dll       Win32.Troj.OnlineGames.yf.73728       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdqqsgi32.dll       Win32.Troj.OnlineGamesT.ty.102400       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\12.exe       Win32.Troj.OnLineGamesT.or.258048       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\arp.exe       Win32.Hack.ChatARP.y.372212       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\28.exe       Win32.Troj.QQThiefT.ty.112755       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\wdlm.exe       Win32.TrojDownloader.Small.110592       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\lmmy.exe       Win32.Troj.Agent.ya.110592       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\lmmh.exe       Win32.Troj.Small.uj.110592       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00027.exe       Win32.Troj.OnLineGamesT.or.258048       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00026.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00025.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00024.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00023.exe       Win32.PSWTroj.OnLineGames.106496       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00022.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00021.exe       Win32.Troj.OnLineGamesT.or.258048       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00020.exe       Win32.Troj.OnLineGamesT.gp.15597       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00019.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00016.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00015.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00013.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00012.exe       Win32.Troj.OnLineGamesT.or.258048       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00010.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00009.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00008.exe       Win32.Troj.OnLineGamesT.or.258048       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00006.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00005.exe       Trash.OnlineGamesT.aq.2615       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00004.exe       Win32.Troj.OnLineGamesT.gp.15597       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00003.exe       Win32.Troj.OnLineGamesT.gr.2637       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00002.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理
病毒       2007-12-08  20:54:16       C:\Documents and Settings\Norways Winter\桌面\样本.rar\00001.exe       Win32.Troj.AgentT.fm.14452       跳过，未处理

[ 本帖最后由挪威的冬天于 2007-12-8 23:44 编辑 ]

[病毒样本] 67个（0000*）

本帖子中包含更多资源

61

49

61

107/47