下载者下的一包… 30只…

will

貌似比较老了~  

woai_jolin

mofunzone

漏掉1个。。
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\Sample'
C:\Documents and Settings\Administrator\My Documents\Sample\
  Trj_080203_aaa1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.x
      [INFO]      The file was deleted!
  Trj_080203_aaa10.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa11.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.4
      [INFO]      The file was deleted!
  Trj_080203_aaa12.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa13.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qds
      [INFO]      The file was deleted!
  Trj_080203_aaa14.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa15.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa16.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ozu.8
      [INFO]      The file was deleted!
  Trj_080203_aaa17.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa18.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa19.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.12211
      [INFO]      The file was deleted!
  Trj_080203_aaa2.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa20.exe
      [DETECTION] Is the Trojan horse TR/WuDisable.B
      [INFO]      The file was deleted!
  Trj_080203_aaa21.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa22.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '480eb774.qua'!
  Trj_080203_aaa23.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa24.exe
      [DETECTION] Is the Trojan horse TR/PSW.Lmir.31860
      [INFO]      The file was deleted!
  Trj_080203_aaa25.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '49acc4e5.qua'!
  Trj_080203_aaa26.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa3.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa4.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.42528
      [INFO]      The file was deleted!
  Trj_080203_aaa5.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa7.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  Trj_080203_aaa8.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '480eb776.qua'!
  Trj_080203_aaa9.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [INFO]      The file was deleted!
  Trj_080203_aati32srv.sys
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.iaj.1
      [INFO]      The file was deleted!
  Trj_080203_amm.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  Trj_080203_apcihdd2.sys
  Trj_080203_auserinit.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.iaj.2
      [INFO]      The file was deleted!


End of the scan: 2008年2月2日  10:31
Used time: 00:04 min

The scan has been done completely.

      1 Scanning directories
     30 Files were scanned
     26 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
     26 files were deleted
      0 files were repaired
      3 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      4 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes

mofunzone

卡巴那记数问题可大了。。

woai_jolin

原帖由 mofunzone 于 2008-2-3 02:32 发表
卡巴那记数问题可大了。。

有同感

mofunzone

我感觉我现在能理解为什么wangjay同学的卡巴20分钟11w了
靠的就是这个30个文件扫成180多个，整整多了6倍。。。

冷冷

IK
I:\virus\test\Sample\Trj_080203_aaa1.exe - Signature 'Virus.Win32.OnLineGames.SR' found
I:\virus\test\Sample\Trj_080203_aaa10.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Sample\Trj_080203_aaa11.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\Sample\Trj_080203_aaa12.exe - Signature 'Trojan-PWS.Win32.Delf.ix' found
I:\virus\test\Sample\Trj_080203_aaa13.exe - Signature 'Trojan-PWS.Win32.OnLineGames.qds' found
I:\virus\test\Sample\Trj_080203_aaa14.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\Sample\Trj_080203_aaa15.exe - Signature 'Trojan-PWS.Win32.Agent.jp' found
I:\virus\test\Sample\Trj_080203_aaa16.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Sample\Trj_080203_aaa17.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\Sample\Trj_080203_aaa18.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\Sample\Trj_080203_aaa19.exe - Suspect code-parts found (Level: 25)
I:\virus\test\Sample\Trj_080203_aaa2.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Sample\Trj_080203_aaa20.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\Sample\Trj_080203_aaa21.exe - Signature 'Trojan-PWS.Win32.Agent.jp' found
I:\virus\test\Sample\Trj_080203_aaa22.exe - Suspect code-parts found (Level: 25)
I:\virus\test\Sample\Trj_080203_aaa23.exe - Signature 'Trojan-PWS.Win32.QQPass.hq' found
I:\virus\test\Sample\Trj_080203_aaa24.exe - Suspect code-parts found (Level: 25)
I:\virus\test\Sample\Trj_080203_aaa25.exe - Suspect code-parts found (Level: 5)
I:\virus\test\Sample\Trj_080203_aaa26.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\Sample\Trj_080203_aaa3.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Sample\Trj_080203_aaa4.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\Sample\Trj_080203_aaa5.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Sample\Trj_080203_aaa6.exe - Signature 'Trojan-PWS.Win32.Delf.ix' found
I:\virus\test\Sample\Trj_080203_aaa7.exe - Signature 'Trojan-PWS.Win32.Agent.jp' found
I:\virus\test\Sample\Trj_080203_aaa8.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Sample\Trj_080203_aaa9.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\Sample\Trj_080203_aati32srv.sys - Signature 'Trojan-Downloader.Win32.Agent.iaj' found
I:\virus\test\Sample\Trj_080203_amm.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\test\Sample\Trj_080203_apcihdd2.sys
I:\virus\test\Sample\Trj_080203_auserinit.exe - Signature 'Trojan-Downloader.Win32.Agent.iaj' found
30 Files scanned
   (0 Archives with 0 files)
25 Signatures found
4 Suspect code-parts found
Used time: 0:01.547

[ 本帖最后由 冷_冷 于 2008-2-3 02:45 编辑 ]

leonfg

ESET 28
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa1.exe - Win32/PSW.Agent.NGZ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa10.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa11.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa12.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa13.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa14.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa15.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa16.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa17.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa18.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa19.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa2.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa20.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa21.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa22.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa23.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa24.exe - Win32/TrojanDropper.VB.NCQ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa25.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa26.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa3.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa4.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa5.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa6.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa7.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa8.exe - a variant of Win32/PSW.OnLineGames.NLY trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aaa9.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_aati32srv.sys - Win32/TrojanDownloader.Agent.IAJ trojan
C:\Documents and Settings\GUNDAM\桌面\Sample\Sample\Trj_080203_auserinit.exe - Win32/TrojanDownloader.Agent.IAJ trojan

蜘蛛 19

碧水寒潭

Start of the scan: 2008年2月3日  08:58

Starting the file scan:

Begin scan in 'I:\样本'
I:\样本\Sample[1].part1.rar
  [0] Archive type: RAR
  --> Sample\Trj_080203_aaa1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.x
  --> Sample\Trj_080203_aaa10.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Sample\Trj_080203_aaa11.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.4
  --> Sample\Trj_080203_aaa12.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Sample\Trj_080203_aaa13.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qds
  --> Sample\Trj_080203_aaa14.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> Sample\Trj_080203_aaa15.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Sample\Trj_080203_aaa16.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ozu.8
  --> Sample\Trj_080203_aaa17.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> Sample\Trj_080203_aaa18.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> Sample\Trj_080203_aaa19.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.12211
  --> Sample\Trj_080203_aaa2.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Sample\Trj_080203_aaa20.exe
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> Sample\Trj_080203_aaa21.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Sample\Trj_080203_aaa22.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Sample\Trj_080203_aaa23.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Sample\Trj_080203_aaa24.exe
      [DETECTION] Is the Trojan horse TR/PSW.Lmir.31860
  --> Sample\Trj_080203_aaa25.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Sample\Trj_080203_aaa26.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> Sample\Trj_080203_aaa3.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Sample\Trj_080203_aaa4.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.42528
  --> Sample\Trj_080203_aaa5.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Sample\Trj_080203_aaa6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Sample\Trj_080203_aaa7.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> Sample\Trj_080203_aaa8.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!
I:\样本\Sample[1].part2.rar
  [0] Archive type: RAR
  --> Sample\Trj_080203_aati32srv.sys
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.iaj.1
  --> Sample\Trj_080203_amm.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Sample\Trj_080203_auserinit.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.iaj.2
      [INFO]      The file was deleted!


End of the scan: 2008年2月3日  08:58
Used time: 00:25 min

The scan has been done completely.

      1 Scanning directories
     31 Files were scanned
     25 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
      2 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      6 Files not concerned
      2 Archives were scanned
      0 Warnings
      0 Notes

wangjay1980

原帖由 mofunzone 于 2008-2-3 02:38 发表
我感觉我现在能理解为什么wangjay同学的卡巴20分钟11w了
靠的就是这个30个文件扫成180多个，整整多了6倍。。。

呵呵，小孩就是小孩，挺好玩的

detected: Trojan program Trojan-PSW.Win32.OnLineGames.pup File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa1.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qjl File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa10.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pvm File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa11.exe//PE_Patch//UPack
detected: Trojan program Trojan.Win32.Pakes.bzp File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa12.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qds File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa13.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa14.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.Nilage.byx File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa15.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ozu File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa16.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa17.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa18.exe//PE_Patch//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.ebc File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa19.exe//PE_Patch//UPack
detected: virus Heur.Trojan.Generic File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa2.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.oee File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa20.exe//UPack
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa21.exe//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qhd File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa22.exe//PE_Patch//UPack//data0000.bin//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.ald File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa23.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Dropper.Win32.VB.yf File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa24.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qjn File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa25.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa26.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.php File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa3.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.odx File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa4.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qfw File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa5.exe//UPack
detected: Trojan program Trojan.Win32.Pakes.bzp File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa6.exe
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa7.exe//PE_Patch.UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qjj File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa8.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aaa9.exe//PE_Patch//UPack
detected: Trojan program Trojan-Downloader.Win32.Agent.iaj File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_aati32srv.sys
detected: Trojan program Trojan-Downloader.Win32.Agent.ibm File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_amm.exe//PE_Patch//UPack
detected: Trojan program Trojan-Downloader.Win32.Agent.iaj File: C:\Documents and Settings\Owner\×ÀÃæ\Sample\Trj_080203_auserinit.exe//PE_Patch//UPack

[ 本帖最后由 wangjay1980 于 2008-2-3 11:17 编辑 ]