[病毒样本] 21

显示全部楼层 · 发表于 2008-2-3 12:58:22

ClamAV
I:\virus\test/pack/11.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/12.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/14.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/15.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/16.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/17.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/18.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/19.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/20.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/21.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/22.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/23.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/24.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/25.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/26.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/27.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/28.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/30.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/31.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/pack/32.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/pack/33.exe: PUA.Packed.UPack-3 FOUND

----------- SCAN SUMMARY -----------
Known viruses: 202764
Engine version: 0.92
Scanned directories: 2
Scanned files: 21
Infected files: 21
Data scanned: 0.34 MB
Time: 6.671 sec (0 m 6 s)

显示全部楼层 · 发表于 2008-2-3 14:57:02

Found [    Cryp_Upack]( 1) in D:\Download\S\pack\11.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\12.exe
Found [    Cryp_Upack]( 1) in D:\Download\S\pack\14.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\15.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\16.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\17.exe
Found [    Cryp_Upack]( 1) in D:\Download\S\pack\18.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\19.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\20.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\21.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\22.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\23.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\24.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\25.exe
Found [    Cryp_Upack]( 1) in D:\Download\S\pack\26.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\27.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\28.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\30.exe
Found [  PACKER-GEN.006]( 1) in D:\Download\S\pack\31.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\32.exe
Found [ TSPY_ONLINEG.WN]( 1) in D:\Download\S\pack\33.exe

21 玩报壳？clamav还嫩了点……

显示全部楼层 · 发表于 2008-2-3 15:23:44

IK
I:\virus\pack.rar:\pack\11.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\12.exe - Suspect code-parts found (Level: 5)
I:\virus\pack.rar:\pack\14.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\15.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\16.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\17.exe - Signature 'Trojan.Win32.Agent.eqz' found
I:\virus\pack.rar:\pack\18.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\19.exe - Signature 'Trojan.Win32.Agent.erz' found
I:\virus\pack.rar:\pack\20.exe - Signature 'Trojan.Win32.Agent.erz' found
I:\virus\pack.rar:\pack\21.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\22.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\23.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\24.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\25.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\26.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\27.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\28.exe - Signature 'Trojan.Win32.Agent.erz' found
I:\virus\pack.rar:\pack\30.exe - Suspect code-parts found (Level: 5)
I:\virus\pack.rar:\pack\31.exe - Signature 'Trojan.Win32.Agent.erz' found
I:\virus\pack.rar:\pack\32.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar:\pack\33.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\pack.rar

22 Files scanned
(1 Archiv with 21 files)
19 Signatures found
2 Suspect code-parts found
Used time: 0:00.172

显示全部楼层 · 发表于 2008-2-3 15:24:32

又有什么好的杀软介绍

显示全部楼层 · 发表于 2008-2-3 16:24:02

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.QQHX.tvu
病毒： Trojan.PSW.Win32.GameOL.lvt
病毒： Trojan.PSW.Win32.XYOnline.abi
病毒： Trojan.PSW.Win32.GamesOnline.ma
病毒： Trojan.PSW.Win32.ZhengTu.ymy
病毒： Trojan.Win32.Undef.cnw
病毒： Trojan.PSW.Win32.XYOnline.abc
病毒： Trojan.PSW.Win32.GamesOnline.mh
病毒： Trojan.PSW.Win32.GamesOnline.mn
病毒： Trojan.PSW.Win32.AskTao.gv

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.29.61

显示全部楼层 · 发表于 2008-2-3 16:48:34

江民19

显示全部楼层 · 发表于 2008-2-3 18:24:50

[F[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\11.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\12.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\14.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\15.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\16.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\17.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\18.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\19.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\20.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\21.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\22.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\23.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\24.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\25.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\26.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\27.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\28.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\30.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\31.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\32.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\pack.rar->pack\33.exe->(UPack)

f-prot 开了高启 21通杀

[ 本帖最后由 CZH 于 2008-2-3 22:11 编辑 ]

显示全部楼层 · 发表于 2008-2-3 19:26:04

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.QQHX.tvu
病毒： Trojan.PSW.Win32.GameOL.lvt
病毒： Trojan.PSW.Win32.XYOnline.abi
病毒： Trojan.PSW.Win32.GamesOnline.ma
病毒： Trojan.PSW.Win32.ZhengTu.ymy
病毒： Trojan.Win32.Undef.cnw
病毒： Trojan.PSW.Win32.XYOnline.abc
病毒： Trojan.PSW.Win32.GamesOnline.mh
病毒： Trojan.PSW.Win32.GamesOnline.mn
病毒： Trojan.PSW.Win32.AskTao.gv

用户来源：互联网

软件版本：20.29.62

全杀

显示全部楼层 · 发表于 2008-2-3 19:30:48

Scan Log
Version of virus signature database: 2845 (20080202)
Date: 2008-2-3 Time: 19:30:08
Scanned disks, folders and files: G:\v\pack.rar
G:\v\pack.rar » RAR » pack\11.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\12.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\14.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\15.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\16.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\17.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\18.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\19.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\20.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\21.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\22.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\23.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\24.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\25.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\26.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\27.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\28.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\30.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\31.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\32.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\pack.rar » RAR » pack\33.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
Number of scanned objects: 22
Number of threats found: 21
Time of completion: 19:30:13 Total scanning time: 5 sec (00:00:05)

显示全部楼层 · 发表于 2008-2-3 20:12:36

-Velim Virus Scanner Log-
C:\Test\0802\Data03\pack\pack\11.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\11.exe(跳过)发现病毒Variant.Tr.SysHijacker.ONS
C:\Test\0802\Data03\pack\pack\12.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\12.exe(跳过)发现病毒Variant.Tr.Lineage.ZXR
C:\Test\0802\Data03\pack\pack\14.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\14.exe(跳过)发现病毒Variant.Tr.OnlineGames.WMK
C:\Test\0802\Data03\pack\pack\15.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\15.exe(跳过)发现病毒Variant.Tr.BadCode.QZT
C:\Test\0802\Data03\pack\pack\16.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\16.exe(跳过)发现病毒Variant.Tr.Tracer.ZQL
C:\Test\0802\Data03\pack\pack\17.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\17.exe(跳过)发现病毒Variant.Tr.OnlineGames.VMZ
C:\Test\0802\Data03\pack\pack\18.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\18.exe(跳过)发现病毒Variant.Tr.Qhost.WVS
C:\Test\0802\Data03\pack\pack\19.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\19.exe(跳过)发现病毒Variant.Tr.OnlineGames.OXV
C:\Test\0802\Data03\pack\pack\20.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\20.exe(跳过)发现病毒Variant.Tr.QQPass.UMY
C:\Test\0802\Data03\pack\pack\21.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\21.exe(跳过)发现病毒Variant.Tr.Qhost.PQP
C:\Test\0802\Data03\pack\pack\22.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\22.exe(跳过)发现病毒Variant.Tr.SysHijacker.QSP
C:\Test\0802\Data03\pack\pack\23.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\23.exe(跳过)发现病毒Variant.Tr.Backdoor.XZS
C:\Test\0802\Data03\pack\pack\24.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\24.exe(跳过)发现病毒Variant.Tr.Mnless.NVV
C:\Test\0802\Data03\pack\pack\25.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\25.exe(跳过)发现病毒Variant.Tr.Delf.PUL
C:\Test\0802\Data03\pack\pack\26.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\26.exe(跳过)发现病毒Variant.Tr.QQPass.USU
C:\Test\0802\Data03\pack\pack\27.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\27.exe(跳过)发现病毒Variant.Tr.Mnless.XKU
C:\Test\0802\Data03\pack\pack\28.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\28.exe(跳过)发现病毒Variant.Tr.Mnless.ZZU
C:\Test\0802\Data03\pack\pack\30.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\30.exe(跳过)发现病毒Variant.Tr.QQPass.WUZ
C:\Test\0802\Data03\pack\pack\31.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\31.exe(跳过)发现病毒Variant.Tr.Downloader.SZV
C:\Test\0802\Data03\pack\pack\32.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\32.exe(跳过)发现病毒Variant.Tr.Delf.MUW
C:\Test\0802\Data03\pack\pack\33.exe(加壳)壳检测机制发现了Packed/uPacker(Attention)
C:\Test\0802\Data03\pack\pack\33.exe(跳过)发现病毒Variant.Tr.Lineage.WUX

现在的毒咋都这么喜欢UPACK。。

[病毒样本] 21

回复 12楼 jimmyleo 的帖子

43/21

浏览过的版块