26个

显示全部楼层 · 发表于 2008-3-9 16:48:36

miss 8
C:\ABC\样本.rar:\taskmon.sys - 特征码 'Trojan-Proxy.Win32.Agent.xo' 被发现
C:\ABC\样本.rar:\17PHolmes.exe - 特征码 'Virus.Win32.Agent.RUQ' 被发现
C:\ABC\样本.rar:\b152.exe
C:\ABC\样本.rar:\gdnOT3256.exe - 特征码 'not-a-virus:Porn-Dialer.Win32.GBDialer.j' 被发现
C:\ABC\样本.rar:\Installeur.exe - 特征码 'Trojan.Matcash.DLN' 被发现
C:\ABC\样本.rar:\Installeur.exe.lzma
C:\ABC\样本.rar:\shift.exe - 特征码 'Trojan.Peed.IWV' 被发现
C:\ABC\样本.rar:\unknown250.exe - 特征码 'Trojan.Crypt.XPACK' 被发现
C:\ABC\样本.rar:\zgame1.exe - 特征码 'Trojan-Downloader.Win32.Tibs.M' 被发现
C:\ABC\样本.rar:\zgame2.exe - 特征码 'Trojan-Downloader.Win32.VB.cop' 被发现
C:\ABC\样本.rar:\zgame3.exe - 特征码 'Virus.Win32.Small.JMH' 被发现
C:\ABC\样本.rar:\zgame4.exe - 特征码 'Trojan-Downloader.Win32.Tibs.wc' 被发现
C:\ABC\样本.rar:\zgame5.exe - 特征码 'Trojan.Peed.JAZ' 被发现
C:\ABC\样本.rar:\ztool1.exe
C:\ABC\样本.rar:\ztool21.exe
C:\ABC\样本.rar:\ztool31.exe - 特征码 'Trojan.Peed.IYS' 被发现
C:\ABC\样本.rar:\ztool41.exe - 特征码 'Trojan-Spy' 被发现
C:\ABC\样本.rar:\b153.exe - 特征码 'Trojan.Win32.Agent.bnd' 被发现
C:\ABC\样本.rar:\NoDNS.exe - 特征码 'Trojan.Agent.AHBF' 被发现
C:\ABC\样本.rar:\NoDNS.exe.lzma
C:\ABC\样本.rar:\UnInstall.exe
C:\ABC\样本.rar:\UnInstall.exe.lzma
C:\ABC\样本.rar:\b154.exe - 特征码 'Trojan.Matcash.DLN' 被发现
C:\ABC\样本.rar:\b154.exe.bin\b154.exe - 特征码 'Trojan.Matcash.DLN' 被发现
C:\ABC\样本.rar:\b154.exe.bin
C:\ABC\样本.rar:\diperto21d4-5263.sys - 特征码 'Trojan.Peed.IWZ' 被发现
C:\ABC\样本.rar:\m1ax1d121322116143v.exe
C:\ABC\样本.rar

[ 本帖最后由 promised 于 2008-3-9 16:50 编辑 ]

显示全部楼层 · 发表于 2008-3-9 16:49:54

Quick Scanning

C:\ABC\样本\17PHolmes.exe
>>> Virus 'Mal/Behav-191' found in file C:\ABC\样本\17PHolmes.exe
>>> File "C:\ABC\样本\17PHolmes.exe" has been identified as suspicious 'Sus/Behav-192'.
C:\ABC\样本\b152.exe
C:\ABC\样本\b153.exe
C:\ABC\样本\b154.exe
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\b154.exe
C:\ABC\样本\b154.exe.bin
C:\ABC\样本\b154.exe.bin\b154.exe
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\b154.exe.bin\b154.exe
C:\ABC\样本\diperto21d4-5263.sys
>>> Virus 'Troj/NtRootK-CW' found in file C:\ABC\样本\diperto21d4-5263.sys
C:\ABC\样本\gdnOT3256.exe
>>> Virus 'Mal/Dial-E' found in file C:\ABC\样本\gdnOT3256.exe
C:\ABC\样本\Installeur.exe
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\Installeur.exe
C:\ABC\样本\Installeur.exe.lzma
C:\ABC\样本\m1ax1d121322116143v.exe
>>> File "C:\ABC\样本\m1ax1d121322116143v.exe" has been identified as suspicious 'Sus/UnkPacker'.
C:\ABC\样本\NoDNS.exe
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\NoDNS.exe
C:\ABC\样本\NoDNS.exe.lzma
C:\ABC\样本\shift.exe
>>> Virus 'W32/Dorf-AX' found in file C:\ABC\样本\shift.exe
C:\ABC\样本\taskmon.sys
>>> Virus 'Troj/Tibs-TX' found in file C:\ABC\样本\taskmon.sys
C:\ABC\样本\UnInstall.exe
>>> Virus 'Mal/Behav-116' found in file C:\ABC\样本\UnInstall.exe
C:\ABC\样本\UnInstall.exe.lzma
C:\ABC\样本\unknown250.exe
>>> Virus 'Mal/Generic-A' found in file C:\ABC\样本\unknown250.exe
C:\ABC\样本\zgame1.exe
>>> Virus 'Troj/Small-BBP' found in file C:\ABC\样本\zgame1.exe
C:\ABC\样本\zgame2.exe
>>> Virus 'Mal/Heuri-E' found in file C:\ABC\样本\zgame2.exe
C:\ABC\样本\zgame3.exe
>>> Virus 'Mal/DownLdr-O' found in file C:\ABC\样本\zgame3.exe
C:\ABC\样本\zgame4.exe
>>> Virus 'Mal/Dorf-E' found in file C:\ABC\样本\zgame4.exe
C:\ABC\样本\zgame5.exe
>>> File "C:\ABC\样本\zgame5.exe" has been identified as suspicious 'Sus/UnkPacker'.
C:\ABC\样本\ztool1.exe
>>> Virus 'Mal/Dorf-E' found in file C:\ABC\样本\ztool1.exe
C:\ABC\样本\ztool21.exe
C:\ABC\样本\ztool31.exe
>>> Virus 'Mal/Heuri-E' found in file C:\ABC\样本\ztool31.exe
C:\ABC\样本\ztool41.exe
>>> Virus 'Mal/Heuri-E' found in file C:\ABC\样本\ztool41.exe

26 files swept in 7 seconds.
18 viruses were discovered.
3 suspicious files were discovered.
20 files out of 26 were infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support@sophos.com
or telephone +44 1235 559933
Ending Sophos Anti-Virus.

显示全部楼层 · 发表于 2008-3-9 16:52:26

BD 17

显示全部楼层 · 发表于 2008-3-9 16:56:01

Starting the file scan:

Begin scan in 'C:\Documents and Settings\FXZ\桌面\��.rar'
C:\Documents and Settings\FXZ\桌面\��.rar
  [0] Archive type: RAR
  --> taskmon.sys
   [DETECTION] Is the Trojan horse TR/Proxy.Agent.XO
  --> 17PHolmes.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> b152.exe
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Insider.C
  --> gdnOT3256.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> Installeur.exe
   [DETECTION] Is the Trojan horse TR/Matcash.DLN.1
  --> shift.exe
   [DETECTION] Contains detection pattern of the worm WORM/Zhelatin.pc
  --> unknown250.exe
   [DETECTION] Is the Trojan horse TR/Drop.Small.bfg
  --> zgame1.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> zgame2.exe
   [DETECTION] Is the Trojan horse TR/Dldr.VB.cop.2
  --> zgame3.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> zgame4.exe
   [DETECTION] Contains detection pattern of the worm WORM/Zhelatin.Gen
  --> zgame5.exe
   [DETECTION] Contains detection pattern of the worm WORM/Zhelatin.Gen
  --> ztool1.exe
   [DETECTION] Contains detection pattern of the worm WORM/Zhelatin.Gen
  --> ztool31.exe
   [DETECTION] Contains detection pattern of the worm WORM/Zhelatin.Gen
  --> ztool41.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> b153.exe
   [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Insider.D
  --> NoDNS.exe
   [DETECTION] Is the Trojan horse TR/Agent.AHBF
  --> b154.exe
   [DETECTION] Is the Trojan horse TR/Matcash.DLN
--> b154.exe.bin
   [1] Archive type: ZIP
   --> b154.exe
      [DETECTION] Is the Trojan horse TR/Matcash.DLN
  --> diperto21d4-5263.sys
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> m1ax1d121322116143v.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!

End of the scan: 2008年3月9日  16:56
Used time: 00:05 min

The scan has been done completely.

   0 Scanning directories
   28 Files were scanned
   20 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   8 Files not concerned
   2 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-9 16:56:14

MISS 7
Avira Personal Edition 18+1个

[ 本帖最后由 youthfire 于 2008-3-9 16:58 编辑 ]

显示全部楼层 · 发表于 2008-3-9 16:57:54

Scan Log
Version of virus signature database: 2932 (20080309)
Date: 2008-3-9 Time: 16:56:17
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\样本.rar
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » taskmon.sys - Win32/TrojanProxy.Agent.XH trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 17PHolmes.exe - a variant of Win32/TrojanDownloader.Agent.BLS trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » gdnOT3256.exe - Win32/Dialer.NAD trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » shift.exe - probably a variant of Win32/Nuwar.Gen worm
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » unknown250.exe - Win32/Agent.NRD trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » zgame1.exe - Win32/TrojanDownloader.Small.AWA trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » zgame2.exe - Win32/TrojanDownloader.VB.CGA trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » zgame3.exe - a variant of Win32/TrojanDownloader.Small.IAW trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » ztool31.exe - Win32/Nulprot trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » ztool41.exe - Win32/TrojanProxy.Agent.NDJ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » diperto21d4-5263.sys - Win32/Nuwar.BW worm
Number of scanned objects: 26
Number of threats found: 11
Time of completion: 16:56:18 Total scanning time: 1 sec (00:00:01)

显示全部楼层 · 发表于 2008-3-9 16:58:27

NOD2.7 11个

显示全部楼层 · 发表于 2008-3-9 17:53:18

C:\Documents and Settings\Administrator\桌面\样本.rar>>17PHolmes.exe TrojanDownloader.Mnless.xe.ivwq 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>b152.exe Adware.Insider.c.fkpg 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>b153.exe Adware.Insider.d.elrr 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>b154.exe TrojanDownloader.BCF.txyu 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>b154.exe.bin>>b154.exe TrojanDownloader.BCF.txyu 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>diperto21d4-5263.sys W32.Zhelatin.vd.rxai 病毒还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>gdnOT3256.exe PornDialer.GBDialer.j.bwxk 黑客工具还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>NoDNS.exe TrojanDownloader.Agent.kji.gnuw 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>taskmon.sys TrojanProxy.Agent.xo.pliv 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>unknown250.exe TrojanDropper.Small.bfg.xggj 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>zgame1.exe TrojanDownloader.Small.cxx.lrj 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>zgame2.exe TrojanDownloader.VB.cop.suhn 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>zgame3.exe TrojanDownloader.Small.irm.ozit 木马还未处理
C:\Documents and Settings\Administrator\桌面\样本.rar>>ztool41.exe TrojanProxy.Agent.zd.lywu 木马还未处理

显示全部楼层 · 发表于 2008-3-9 17:54:03

小红伞P版
20

显示全部楼层 · 发表于 2008-3-9 18:00:40

21，启发了一个

[病毒样本] 26个

本帖子中包含更多资源

miss 6

11

.................14

本帖子中包含更多资源

回复 9楼 wang34143252 的帖子