毒22个

显示全部楼层 · 发表于 2008-2-4 19:23:45

杀不掉的麻烦上报

显示全部楼层 · 发表于 2008-2-4 19:24:54

IK
I:\virus\11.rar:\02.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\01.exe - Signature 'Virus.Win32.Delf.GXQ' found
I:\virus\11.rar:\03.exe - Signature 'Trojan-PWS.Win32.OnLineGames.pwl' found
I:\virus\11.rar:\04.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\05.exe - Suspect code-parts found (Level: 250)
I:\virus\11.rar:\06.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\07.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\08.exe - Signature 'BehavesLikeWin32.ExplorerHijack' found
I:\virus\11.rar:\09.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\10.exe
I:\virus\11.rar:\11.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\virus\11.rar:\12.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\virus\11.rar:\13.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\14.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\15.exe - Signature 'Win32.SuspectCrc' found
I:\virus\11.rar:\16.exe - Signature 'Trojan-Downloader.Win32.Agent.hif' found
I:\virus\11.rar:\17.exe
I:\virus\11.rar:\18.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\11.rar:\19.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\11.rar:\20.exe
I:\virus\11.rar:\21.dll - Signature 'Trojan-PWS.Win32.Delf.aoa' found
I:\virus\11.rar:\22.dll - Signature 'Trojan.Win32.Delf.RF' found
I:\virus\11.rar

      23 Files scanned
      (1 Archiv with 22 files)
      18 Signatures found
      1 Suspect code-part found
      Used time: 0:02.641

-------------------------------------------------------

ClamAV

I:\virus\test/02.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/03.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/04.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/06.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/07.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/09.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/11.exe: PUA.Packed.UPack FOUND
I:\virus\test/12.exe: PUA.Packed.UPack FOUND
I:\virus\test/13.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/14.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/15.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/16.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/17.exe: Broken.Executable FOUND
I:\virus\test/18.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/19.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/21.dll: Trojan.Spy-22726 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 204166
Engine version: 0.92
Scanned directories: 1
Scanned files: 22
Infected files: 16
Data scanned: 0.88 MB
Time: 6.937 sec (0 m 6 s)

[ 本帖最后由冷_冷于 2008-2-4 19:26 编辑 ]

显示全部楼层 · 发表于 2008-2-4 19:25:06

deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvn File: F:\ZHANGQIUREN\DESKTOP\11.rar/02.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.Delf.efx File: F:\ZHANGQIUREN\DESKTOP\11.rar/01.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pwl File: F:\ZHANGQIUREN\DESKTOP\11.rar/03.exe//PE_Patch//UPack//data0000.bin//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: F:\ZHANGQIUREN\DESKTOP\11.rar/04.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: F:\ZHANGQIUREN\DESKTOP\11.rar/06.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: F:\ZHANGQIUREN\DESKTOP\11.rar/07.exe//PE_Patch//UPack
deleted: virus Virus.Win32.Downloader.an File: F:\ZHANGQIUREN\DESKTOP\11.rar/08.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: F:\ZHANGQIUREN\DESKTOP\11.rar/09.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.att File: F:\ZHANGQIUREN\DESKTOP\11.rar/10.exe//ASPack
deleted: Trojan program Trojan-Downloader.Win32.Agent.inj File: F:\ZHANGQIUREN\DESKTOP\11.rar/11.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.Delf.aob File: F:\ZHANGQIUREN\DESKTOP\11.rar/12.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pry File: F:\ZHANGQIUREN\DESKTOP\11.rar/13.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: F:\ZHANGQIUREN\DESKTOP\11.rar/14.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pyw File: F:\ZHANGQIUREN\DESKTOP\11.rar/15.exe//PE_Patch//UPack//data0000.bin//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qlb File: F:\ZHANGQIUREN\DESKTOP\11.rar/16.exe//PE_Patch//UPack
deleted: Trojan program Trojan.Win32.Vaklik.gq File: F:\ZHANGQIUREN\DESKTOP\11.rar/18.exe//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pry File: F:\ZHANGQIUREN\DESKTOP\11.rar/19.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Delf.aoa File: F:\ZHANGQIUREN\DESKTOP\11.rar/21.dll
deleted: Trojan program Trojan-Downloader.Win32.Agent.ink File: F:\ZHANGQIUREN\DESKTOP\11.rar/22.dll//UPX
~~~~~~~~~~~~~~~~~~~·
卡巴不报的上报
3个

[ 本帖最后由 ALEXBLAIR 于 2008-2-4 19:28 编辑 ]

显示全部楼层 · 发表于 2008-2-4 19:25:11

Starting the file scan:

Begin scan in 'E:\11.rar'
E:\11.rar
  [0] Archive type: RAR
  --> 02.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.28
  --> 01.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> 03.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.11828
  --> 04.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.1
  --> 05.exe
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/Obsidium). Please verify the origin of the file
  --> 06.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.3
  --> 07.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 08.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 09.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qiv
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/Agent.31744.B.1
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.ink
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.aob
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.5
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12210
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.11776.12
  --> 17.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prj.4
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.3
  --> 20.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 21.dll
   [DETECTION] Is the Trojan horse TR/PSW.Delf.aoa
  --> 22.dll
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.ink
   [WARNING] The file was ignored!

End of the scan: 2008年2月4日  19:26
Used time: 00:30 min

The scan has been done completely.

   0 Scanning directories
   23 Files were scanned
   21 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-2-4 19:26:02

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.ZhengTu.ymy
病毒： Trojan.DL.Win32.Mnless.wn
病毒： Trojan.PSW.Win32.GameOL.ltx
病毒： Trojan.PSW.Win32.GamesOnline.mh
病毒： Trojan.PSW.Win32.GamesOnline.mn
病毒： Malicious Code
病毒： Trojan.PSW.Win32.AskTao.gw
病毒： Trojan.PSW.Win32.XYOnline.abc
病毒： Trojan.PSW.Win32.GameOL.lvs
病毒： Trojan.DL.Win32.Small.tpe
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.DL.Win32.Mnless.xg
病毒： Trojan.PSW.Win32.AskTao.gw

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.30

显示全部楼层 · 发表于 2008-2-4 19:26:22

ESET 19
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 02.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 01.exe - Win32/TrojanDownloader.Delf.NUM trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 03.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 04.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 06.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 07.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 08.exe - probably unknown NewHeur_PE virus
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 09.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 10.exe - probably a variant of Win32/AutoRun.FS worm
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 11.exe - a variant of Win32/PSW.OnLineGames.NMN trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 12.exe - a variant of Win32/PSW.OnLineGames.NMN trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 13.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 14.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 15.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 16.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 18.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 19.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 20.exe - a variant of Win32/AutoRun.FT worm
C:\Documents and Settings\GUNDAM\桌面\11.rar » RAR » 22.dll - probably a variant of Win32/Genetik trojan

蜘蛛15

显示全部楼层 · 发表于 2008-2-4 19:31:25

19~~~~~~~~~~~~```

显示全部楼层 · 发表于 2008-2-4 19:32:15

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->02.exe->(UPack)
[Found downloader] <W32/Downloader.C.gen!Eldorado (not disinfectable, generic)> D:\TDDownload\virus\11.rar->01.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->03.exe->exefile->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->04.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (not disinfectable)> D:\TDDownload\virus\11.rar->05.exe->(Obsidium)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->06.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->07.exe->(UPack)
[Found possible virus] <W32/Downloader-WebExe-based!Maximus (not disinfectable)> D:\TDDownload\virus\11.rar->08.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->09.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->11.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->12.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->13.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->14.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->15.exe->exefile->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->16.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->18.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> D:\TDDownload\virus\11.rar->19.exe->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> D:\TDDownload\virus\11.rar->20.exe->(UPX)
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> D:\TDDownload\virus\11.rar->21.dll

f-prot 高启 20

显示全部楼层 · 发表于 2008-2-4 19:32:46

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pvn 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/02.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Delf.efx 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/01.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pwl 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/03.exe//PE_Patch//UPack//data0000.bin//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pzl 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/04.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pzl 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/06.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qiv 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/07.exe//PE_Patch//UPack
已刪除: 病毒 Virus.Win32.Downloader.an 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/08.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qiv 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/09.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.att 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/10.exe//ASPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.inj 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/11.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Delf.aob 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/12.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pry 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/13.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pzl 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/14.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pyw 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/15.exe//PE_Patch//UPack//data0000.bin//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qlb 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/16.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Vaklik.gq 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/18.exe//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pry 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/19.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Delf.aoa 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/21.dll
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.ink 檔案: C:\Documents and Settings\kato9096\桌面\11.rar/22.dll//UPX

１９，３个不报，上报

[ 本帖最后由 kato9096 于 2008-2-4 19:34 编辑 ]

显示全部楼层 · 发表于 2008-2-4 19:39:43

木马名称:Trojan-PSW.Win32.OLGames.jxz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\02.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Delf.iui

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\01.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Small.lxa

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\03.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.kqo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

[病毒样本] 毒22个

本帖子中包含更多资源

本帖子中包含更多资源

22

47/17

本帖子中包含更多资源