29更新

显示全部楼层 · 发表于 2007-12-29 23:26:38

Virus check with AntiVirusKit
Version 17.0.7089
Virus signatures of 12/29/2007
Start time: 12/29/2007 23:23
Engine(s): Engine A (AVK 18.2220), Engine B (AVKB 18.72)
Heuristic: On
Archives: On
System areas: Off

Check selected directories and files...
Object: cq0619.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.Lmir.boy (Engine A)
Object: cs0619.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.hfr (Engine A)
Object: dh0616.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mji (Engine A)
Object: dh3.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjp (Engine A)
Object: down.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Worm.Win32.AutoRun.big (Engine A)
Object: f2b4657b5568d072.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Worm.Win32.AutoRun.bjh (Engine A)
Object: ff.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.lyx (Engine A)
Object: g.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Worm.Win32.Downloader.bd (Engine A)
Object: InstallerN75New02.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Virus.Win32.VB.il (Engine A)
Object: jh0619.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjq (Engine A)
Object: lin.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.Magania.bre (Engine A)
Object: mh0618.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mal (Engine A)
Object: my0616.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mlw (Engine A)
Object: data.rar svchost.exe
In archive: D:\病毒测试\解压样本\postcard.exe
Status: Virus detected
Virus: Virus.Win32.Hidrag.g (Engine A)
Object: data.rar script.ini
In archive: D:\病毒测试\解压样本\postcard.exe
Status: Virus detected
Virus: Backdoor.IRC.Cloner.ae (Engine A)
Object: data.rar mirc.ini
In archive: D:\病毒测试\解压样本\postcard.exe
Status: Virus detected
Virus: Backdoor.IRC.Zapchast (Engine A)
Object: postcard.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Virus.Win32.Hidrag.g, Backdoor.IRC.Cloner.ae, Backdoor.IRC.Zapchast (Engine A)
Object: qj0617.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjo (Engine A)
Object: qqhx.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.jyi (Engine A)
Object: qqhx0.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mll (Engine A)
Object: qqsg.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjk (Engine A)
Object: rse.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.Delf.aih (Engine A)
Object: data.rar Setup.exe
In archive: D:\病毒测试\解压样本\setup.exe
Status: Virus detected
Virus: Trojan-Dropper.Win32.Agent.djn (Engine A)
Object: setup.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-Dropper.Win32.Agent.djn (Engine A)
Object: sms0s.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-Dropper.Win32.Microjoin.gc (Engine A)
Object: sms3s.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.lrc (Engine A)
Object: sms6s.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.kwh (Engine A)
Object: wd0618.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjl (Engine A)
Object: wl0618.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjm (Engine A)
Object: wow0617.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mjn (Engine A)
Object: xiaogui.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.Maran.ff (Engine A)
Object: zt0616.exe
Path: D:\病毒测试\解压样本
Status: Virus detected
Virus: Trojan-PSW.Win32.OnLineGames.mlk (Engine A)
Analysis complete: 12/29/2007 23:23
29 files checked
28 infected files detected
0 suspected files detected

显示全部楼层 · 发表于 2007-12-29 23:28:40

很强大……26个未知……

显示全部楼层 · 发表于 2007-12-29 23:29:52

微点报~

显示全部楼层 · 发表于 2007-12-30 01:36:15

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\1229'
C:\Documents and Settings\Administrator\My Documents\1229\
  aaa.exe
  cq0619.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  cs0619.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Spy.Gen
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  dh0616.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.mji
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  dh3.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains suspicious code HEUR/Malware
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  down.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [INFO]    The file was deleted!
  f2b4657b5568d072.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
         [DETECTION] Is the Trojan horse TR/Autorun.CA
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  ff.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Spy.Agent.ash
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  g.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Drop.Agent.23552
      [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  InstallerN75New02.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The fund was classified as suspicious.
   [INFO]    The file was moved to '47e98612.qua'!
  jh0619.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.28672.47
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  lin.exe
   [DETECTION] Is the Trojan horse TR/PSW.Magania.bre
   [INFO]    The file was deleted!
  mh0618.exe
[0] Archive type: RSRC
--> Object
--> Object
   [INFO]    The file was deleted!
  my0616.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains suspicious code HEUR/Malware
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  postcard.exe
[0] Archive type: RAR SFX (self extracting)
--> aliases.ini
--> control.ini
      [DETECTION] Is the Trojan horse TR/Zapchas.F.1
      [WARNING] Infected files in archives cannot be repaired!
--> mirc.ico
--> nicks.txt
      [DETECTION] Is the Trojan horse TR/Mirc.Fizz.A
      [WARNING] Infected files in archives cannot be repaired!
--> remote.ini
--> sup.bat
--> sup.reg
      [DETECTION] Is the Trojan horse TR/REG.Ircflood.C
      [WARNING] Infected files in archives cannot be repaired!
--> svchost.exe
      [DETECTION] Contains detection pattern of the Windows virus W32/Hidrag.a
      [WARNING] Infected files in archives cannot be repaired!
--> users.ini
--> servers.ini
--> script.ini
      [DETECTION] Contains detection pattern of the IRC virus IRC/Zapchast.16
      [WARNING] Infected files in archives cannot be repaired!
--> mirc.ini
      [DETECTION] Is the Trojan horse TR/PSW.Zapchast.845
      [WARNING] Infected files in archives cannot be repaired!
   [DETECTION] Is the Trojan horse TR/Hidrag.A
   [INFO]    The file was deleted!
  qj0617.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.mjo
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  qqhx.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.jyc
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  qqhx0.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains suspicious code HEUR/Malware
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  qqsg.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.mjk.2
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  rse.exe
   [DETECTION] Is the Trojan horse TR/Copiet.B.1
   [INFO]    The file was deleted!
  setup.exe
[0] Archive type: RAR SFX (self extracting)
   --> Setup.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
      --> Object
      --> Object
   [DETECTION] Contains detection pattern of the dropper DR/RKit.Agent.QW
   [INFO]    The file was deleted!
  sms0s.exe
   [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
   [INFO]    The file was deleted!
  sms3s.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.lpr
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  sms6s.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [INFO]    The file was deleted!
  wd0618.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains suspicious code HEUR/Malware
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  wl0618.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Spy.Gen
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  wow0617.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains suspicious code HEUR/Malware
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!
  xiaogui.exe
   [DETECTION] Is the Trojan horse TR/PSW.Maran.AU
   [INFO]    The file was deleted!
  zt0616.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains suspicious code HEUR/Malware
         [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!

End of the scan: 2007年12月29日  09:36
Used time: 00:05 min

The scan has been done completely.

   1 Scanning directories
   42 Files were scanned
   25 viruses and/or unwanted programs were found
   9 Files were classified as suspicious:
   27 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   17 Files not concerned
   22 Archives were scanned
   24 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-12-30 10:01:55

AVG Anti-Spyware - 扫描报告
---------------------------------------------------------

+ 创建时间: 10:05:34 2007-12-30

+ 扫描结果:

C:\Documents and Settings\zh\桌面\1229.part1.rar/xiaogui.exe -> Backdoor.Huai : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/sms0s.exe -> Dropper.Microjoin.gc : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/rse.exe -> Trojan.Delf.aih : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/cq0619.exe -> Trojan.Lmir.boy : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/lin.exe -> Trojan.Magania.bre : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/cs0619.exe -> Trojan.OnLineGames.hfr : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/qqhx.exe -> Trojan.OnLineGames.jyi : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/sms3s.exe -> Trojan.OnLineGames.kqd : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/sms6s.exe -> Trojan.OnLineGames.kvw : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/postcard.exe/control.ini -> Trojan.Zapchas.F : 已清除.
C:\Documents and Settings\zh\桌面\1229.part1.rar/g.exe -> Worm.Downloader.bd : 已清除.

显示全部楼层 · 发表于 2007-12-30 10:23:24

蜘蛛K了29个。。。。。。

[病毒样本] 29更新

回复 18楼 gankeyu 的帖子

浏览过的版块