25只

显示全部楼层 · 发表于 2008-1-13 13:20:54

e12a115d2f106e09fcb1fbe8db221d7e *1.exe
3e9cfecb5ac48d5a4034b6360181981c *2.exe
4e842d392de16e54e5e753d8711eece7 *3.exe
f239ea9a1ac41e475d2f4af3de659e30 *4.exe
8adcaa4f37770a826c92b6dcc519246e *5.exe
90840cbb73209312c47a5987cf66ae74 *6.exe
142738a4071e99dacddb4f511278e9ea *7.exe
94d866dd8169bc739139a208db981528 *8.exe
47e1b79ae45b929b0403f75de91b277e *9.exe
fd6e0a9da28b808052496ab75a258b6a *10.exe
da498b4a5f70ec372b439d8de57e709c *11.exe
cd5eb7d03574e57e8a27e8d4a1df7288 *12.exe
e88f7da8e4c276bf0e7b3afd4fa2be5f *13.exe
e41c8b33ed27efcbd10295b2d5703777 *14.exe
a7b3ca46f49e0fd598e88acc10fd2a87 *15.exe
80adee4dc9248bf6c11a3857568ff38d *16.exe
e47bcf2aaa31010e322ac6e56528e058 *17.exe
46308f7c0761a8c5edc53c245f2c1982 *18.exe
6099d6d6f98ca08e1078e927be344bd6 *19.exe
35eb9c63eb97812c1ce1ba2e8d105fc9 *20.exe
9e9f8b916e7b5f2decdb15e1a83042a5 *21.exe
ceea2cd10edae81e3bf9a0be81a485a5 *23.exe
57204d5c7fdcf6d60268c985a9f239f3 *24.exe
f00d3c04c1230f96a01d90880c568599 *25.exe
e98504e05f8f6413e3370aa147a2660a *27.exe

复制代码

ClamAV
d:\download\virusscan\pack\1.exe: PUA.Packed.UPack-1 FOUND
d:\download\virusscan\pack\2.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\3.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\4.exe: PUA.Packed.UPack-1 FOUND
d:\download\virusscan\pack\5.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\6.exe: PUA.Packed.UPack-2 FOUND
d:\download\virusscan\pack\7.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\8.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\9.exe: PUA.Packed.UPack-1 FOUND
d:\download\virusscan\pack\10.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\11.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\12.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\13.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\14.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\15.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\16.exe: PUA.Packed.UPack-1 FOUND
d:\download\virusscan\pack\17.exe: PUA.Packed.UPack-1 FOUND
d:\download\virusscan\pack\18.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\19.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\20.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\21.exe: Trojan.QQPass-493 FOUND
d:\download\virusscan\pack\23.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\24.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\25.exe: PUA.Packed.UPack FOUND
d:\download\virusscan\pack\27.exe: PUA.Packed.UPack-2 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 191841
Engine version: 0.91.2
Scanned directories: 2
Scanned files: 25
Skipped non-executable files: 0
Infected files: 25
Data scanned: 0.65 MB
Time: 10.956 sec (0 m 10 s)

复制代码

显示全部楼层 · 发表于 2008-1-13 13:24:44

25个全灭

Begin scan in 'D:\Downloads\样本\pack1.rar'
D:\Downloads\样本\pack1.rar
  [0] Archive type: RAR
  --> pack\1.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> pack\2.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\3.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\4.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> pack\5.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.C
  --> pack\6.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nmg
  --> pack\7.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.25525.1
  --> pack\8.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> pack\9.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> pack\10.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\11.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> pack\12.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\13.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\14.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> pack\15.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\16.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.67
  --> pack\17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.53
  --> pack\18.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\19.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\20.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\21.exe
   [DETECTION] Is the Trojan horse TR/PSW.Steal.48254
  --> pack\23.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\24.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.F
  --> pack\25.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> pack\27.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen

显示全部楼层 · 发表于 2008-1-13 13:32:30

nod32只杀了24只！~~

显示全部楼层 · 发表于 2008-1-13 13:33:39

真的是25只？

晕了，我的只扫出了两个可疑文件

显示全部楼层 · 发表于 2008-1-13 13:34:11

一共3个文件，2个可疑

显示全部楼层 · 发表于 2008-1-13 13:36:39

刚刚是下载的时候没下全

重新下了之后就正常了

下面是扫描结果

显示全部楼层 · 发表于 2008-1-13 13:39:23

晕费尔只报了23个少了2个！
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\1.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\2.exe TrojanPSW.OnLineGames.lhc.urig 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\4.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\5.exe TrojanPSW.OnLineGames.lhc.jjfy 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\6.exe W32.Warezov.p 病毒还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\7.exe TrojanPSW.OnLineGames.lhc.axcn 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\8.exe TrojanPSW.OnLineGames.lhc.kedt 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\9.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\10.exe TrojanPSW.OnLineGames.lhc.vxdm 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\11.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\12.exe TrojanPSW.OnLineGames.lhc.scvx 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\13.exe TrojanPSW.OnLineGames.lhc.kzjb 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\14.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\16.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\17.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\18.exe TrojanPSW.WOW.aio.ltrh 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\19.exe TrojanPSW.OnLineGames.lhc.bqek 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\20.exe TrojanPSW.OnLineGames.nil.pjcm 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\21.exe Trojan.DiskAutorun.auk.rmya 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\23.exe TrojanPSW.OnLineGames.lhc.xmjf 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\24.exe TrojanPSW.OnLineGames.lhc.jafm 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\25.exe TrojanPSW.OnLineGames.lhc.rbvz 木马还未处理
C:\Documents and Settings\Administrator\桌面\pack.rar>>pack\27.exe Trojan.Undef.biq.zbpa 木马还未处理

显示全部楼层 · 发表于 2008-1-13 13:49:38

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\pack.rar'
C:\Documents and Settings\Administrator\My Documents\
  pack.rar
[0] Archive type: RAR
   --> pack\1.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\2.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\3.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\4.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\5.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.C
            [WARNING] Infected files in archives cannot be repaired!
--> pack\6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nmg
      [WARNING] Infected files in archives cannot be repaired!
   --> pack\7.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/FWDisable.25525.1
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\8.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\9.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\10.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\11.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
   --> pack\12.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\13.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\14.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
   --> pack\15.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\16.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.67
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\17.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.53
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\18.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\19.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\20.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\21.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Steal.48254
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\23.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\24.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.F
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\25.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/WuDisable.B
            [WARNING] Infected files in archives cannot be repaired!
   --> pack\27.exe
      [1] Archive type: Runtime Packed
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Contains suspicious code HEUR/Malware
            [WARNING] Infected files in archives cannot be repaired!
   [INFO]    The file was deleted!

End of the scan: 2008年1月12日  21:49
Used time: 00:04 min

The scan has been done completely.

   0 Scanning directories
   26 Files were scanned
   20 viruses and/or unwanted programs were found
   5 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   25 Archives were scanned
   23 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-1-13 13:56:39

显示全部楼层 · 发表于 2008-1-13 14:11:55

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.lgl
病毒： Trojan.PSW.Win32.GameOL.lgh
病毒： Trojan.PSW.Win32.GameOL.lgk
病毒： Trojan.PSW.Win32.GamesOnline.gg
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.ldd
病毒： Trojan.PSW.Win32.GameOL.len
病毒： Trojan.PSW.Win32.GameOL.lgd
病毒： Trojan.PSW.Win32.Agent.vrj
病毒： Trojan.PSW.Win32.GamesOnline.gk
病毒： Trojan.PSW.Win32.GameOL.lfe
病毒： Trojan.PSW.Win32.JHOnline.fde
病毒： Worm.Win32.PaBug.gj
病毒： Trojan.PSW.Win32.QQSG.bx
病毒： Trojan.PSW.Win32.GameOL.ldc
病毒： Trojan.Win32.Undef.biq

用户来源：互联网

软件版本：20.26.60

[病毒样本] 25只

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源