10+1

显示全部楼层 · 发表于 2008-1-12 15:36:52

那个大点的文件不知道能不能运行

显示全部楼层 · 发表于 2008-1-12 15:39:35

Starting the file scan:

Begin scan in 'E:\0112.rar'
E:\0112.rar
  [0] Archive type: RAR
  --> wow.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> zx.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> wow1.exe
   [DETECTION] Is the Trojan horse TR/PSW.76864
  --> dh.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.njx
  --> fy.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> mh.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> mir.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> my.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> qj.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> qst.exe
   [DETECTION] Is the Trojan horse TR/PSW.Steal.48270
   [INFO]    The file was deleted!
Begin scan in 'E:\Msgmaker.rar'
E:\Msgmaker.rar
  [0] Archive type: RAR
  --> Msgmaker.exe
   [DETECTION] Is the Trojan horse TR/Spy.Banker.Gen
   [INFO]    The file was deleted!

End of the scan: 2008年1月12日  15:40
Used time: 00:25 min

The scan has been done completely.

   0 Scanning directories
   13 Files were scanned
   11 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   2 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   2 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-1-12 15:41:00

D:\download\0112.rar>>wow.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
D:\download\0112.rar>>zx.exe TrojanPSW.OnLineGames.lhc.vxdm 木马还未处理
D:\download\0112.rar>>wow1.exe TrojanDownloader.VB.gzt.fubk 木马还未处理
D:\download\0112.rar>>dh.exe TrojanPSW.OnLineGames.njv.hwue 木马还未处理
D:\download\0112.rar>>fy.exe Backdoor.Delf.awy.crke 后门还未处理
D:\download\0112.rar>>mh.exe W32.Viking.k 病毒还未处理
D:\download\0112.rar>>mir.exe TrojanPSW.OnLineGames.lhc.erbo 木马还未处理
D:\download\0112.rar>>my.exe W32.Viking.k 病毒还未处理
D:\download\0112.rar>>qj.exe TrojanPSW.JHOnline.fde.vvwi 木马还未处理
D:\download\0112.rar>>qst.exe Worm.PaBug.gi.elyf 病毒还未处理

Msgmaker.rar 1207.47/1207.47KB 100.00% 在线扫描它是一个“间谍程序”2008-1-12 15:43:48 2008-1-12 15:43:56

[ 本帖最后由 28654621 于 2008-1-12 15:45 编辑 ]

显示全部楼层 · 发表于 2008-1-12 15:44:15

显示全部楼层 · 发表于 2008-1-12 15:51:04

总结:

C:\Documents and Settings\zh\桌面\0112.rar=>wow.exe 可疑的: Dropped:Generic.Malware.Fdld.789E3518
C:\Documents and Settings\zh\桌面\0112.rar=>zx.exe 被感染的: BehavesLike:Trojan.ShellHook
C:\Documents and Settings\zh\桌面\0112.rar=>wow1.exe 被感染的: DeepScan:Generic.PWS.WoW.737E033D
C:\Documents and Settings\zh\桌面\0112.rar=>fy.exe 被感染的: Backdoor.Agent.YPT
C:\Documents and Settings\zh\桌面\0112.rar=>mh.exe 被感染的: Generic.PWS.Games.4.CFCCF87B
C:\Documents and Settings\zh\桌面\0112.rar=>mir.exe 被感染的: BehavesLike:Trojan.ShellHook
C:\Documents and Settings\zh\桌面\0112.rar=>my.exe 被感染的: Generic.PWS.Games.4.1CB13796
C:\Documents and Settings\zh\桌面\0112.rar=>qj.exe 被感染的: BehavesLike:Trojan.ShellHook
C:\Documents and Settings\zh\桌面\0112.rar=>qst.exe 被感染的: Generic.PWStealer.03641FF6

扫描过的文件

C:\Documents and Settings\zh\桌面\0112.rar 确定
C:\Documents and Settings\zh\桌面\0112.rar=>wow.exe 可疑的: Dropped:Generic.Malware.Fdld.789E3518
C:\Documents and Settings\zh\桌面\0112.rar=>zx.exe 被感染的: BehavesLike:Trojan.ShellHook
C:\Documents and Settings\zh\桌面\0112.rar=>wow1.exe 被感染的: DeepScan:Generic.PWS.WoW.737E033D
C:\Documents and Settings\zh\桌面\0112.rar=>dh.exe 确定
C:\Documents and Settings\zh\桌面\0112.rar=>fy.exe 被感染的: Backdoor.Agent.YPT
C:\Documents and Settings\zh\桌面\0112.rar=>mh.exe 被感染的: Generic.PWS.Games.4.CFCCF87B
C:\Documents and Settings\zh\桌面\0112.rar=>mir.exe 被感染的: BehavesLike:Trojan.ShellHook
C:\Documents and Settings\zh\桌面\0112.rar=>my.exe 被感染的: Generic.PWS.Games.4.1CB13796
C:\Documents and Settings\zh\桌面\0112.rar=>qj.exe 被感染的: BehavesLike:Trojan.ShellHook
C:\Documents and Settings\zh\桌面\0112.rar=>qst.exe 被感染的: Generic.PWStealer.03641FF6
C:\Documents and Settings\zh\桌面\Msgmaker.rar 确定
C:\Documents and Settings\zh\桌面\Msgmaker.rar=>Msgmaker.exe 确定

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.len
病毒： Trojan.PSW.Win32.WorldOnline.mc
病毒： Trojan.Mnless.lpi
病毒： Trojan.PSW.Win32.GamesOnline.gc
病毒： Trojan.PSW.Win32.LMir.yzw
病毒： Trojan.PSW.Win32.GameOL.lcz
病毒： Trojan.PSW.Win32.JHOnline.fde
病毒： Worm.Win32.PaBug.gi

用户来源：互联网

软件版本：20.26.50

显示全部楼层 · 发表于 2008-1-12 15:54:07

rs 8ge

显示全部楼层 · 发表于 2008-1-12 15:56:02

趋势 10

Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(wow.exe)
Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(zx.exe)
Found [TSPY_WOWSTEAL.DG]( 1) in D:\Download\VirusScan\0112.rar,(wow1.exe)
Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(dh.exe)
Found [ TROJ_Generic]( 1) in D:\Download\VirusScan\0112.rar,(fy.exe)
Found [TSPY_ONLINEG.NSM]( 1) in D:\Download\VirusScan\0112.rar,(mh.exe)
Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(mir.exe)
Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(my.exe)
Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(qj.exe)
Found [  PACKER-GEN.001]( 1) in D:\Download\VirusScan\0112.rar,(qst.exe)
Undet [             ](    ) in D:\Download\VirusScan\Msgmaker.rar,(Msgmaker.exe)
Undet [             ](    ) in D:\Download\VirusScan\Msgmaker.rar

显示全部楼层 · 发表于 2008-1-12 15:58:23

"Win32:Agent-KKN [Trj]"          dh.exe
"Win32:Delf-FWD [Trj]"          fy.exe
"Win32:OnLineGames-BCD [Trj]"    mh.exe
"Win32:OnLineGames-BGD [Trj]"    mir.exe
"Win32:OnLineGames-BGD [Trj]"    qj.exe
"Win32:OnLineGames-BSI [Trj]"    qst.exe
"Win32:Delf-FKO [Trj]"          wow1.exe
"Win32:Delf-FVM [Trj]"          zx.exe

显示全部楼层 · 发表于 2008-1-12 16:02:30

显示全部楼层 · 发表于 2008-1-12 16:04:14

Scan Log
Version of virus signature database: 2785 (20080111)
Date: 2008-1-12 Time: 16:03:59
Scanned disks, folders and files: C:\Documents and Settings\Martin\桌面\0112.rar
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » wow.exe - a variant of Win32/PSW.OnLineGames.GJV trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » zx.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » dh.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » fy.exe - Win32/Delf.NFD trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » mh.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » mir.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » my.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » qj.exe - a variant of Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
C:\Documents and Settings\Martin\桌面\0112.rar » RAR » qst.exe - Win32/PSW.QQPass.AQZ trojan - was a part of the deleted object
Number of scanned objects: 11
Number of threats found: 9
Time of completion: 16:04:05 Total scanning time: 6 sec (00:00:06)

[病毒样本] 10+1

本帖子中包含更多资源

11

本帖子中包含更多资源

avast! Found 8

Jiangmin KV2008 Found 10

本帖子中包含更多资源