[病毒样本] 31x

显示全部楼层 · 发表于 2008-3-16 18:13:47

真的来

,才杀病毒:10

显示全部楼层 · 发表于 2008-3-16 18:14:34

信息 2008-03-16  18:14:24 您此次查毒清除了20个病毒
信息 2008-03-16  18:14:24 您此次查毒共查出20个病毒以及危险代码
信息 2008-03-16  18:14:24 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件56个
信息 2008-03-16  18:14:24 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-3-16 18:17:45

27
C:\Documents and Settings\Administrator\桌面\31a.rar>>11.exe TrojanPSW.GameOL.GEN.meov 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>12.exe TrojanPSW.GameOL.GEN.mxeg 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>13.exe TrojanPSW.OnLineGames.tji.rlsn 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>14.exe PWSteal.LegMir.moov 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>15.exe TrojanPSW.GameOL.GEN.thxq 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>16.exe TrojanPSW.OnLineGames.tct.fhlz 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>17.exe TrojanPSW.GameOL.GEN.ixsr 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>17PHolmes.cmt TrojanDownloader.Mnless.xe.vbxf 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>18.exe TrojanPSW.OnLineGames.sem.nels 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>19.exe TrojanPSW.OnLineGames.uks.fivk 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>20.exe TrojanPSW.GameOL.GEN.dnyk 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>21.exe TrojanPSW.OnLineGames.tct.qmfp 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>22.exe TrojanPSW.OnLineGames.uch.lkuw 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>23.exe TrojanPSW.OnLineGames.ufj.skgk 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>24.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>96c1af50c8cea826.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>down.exe Trojan.Yaeesy.wsxp 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>down1.exe Trojan.Yaeesy.wsxp 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>down2.exe Trojan.Yaeesy.wsxp 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>down3.exe Trojan.Yaeesy.wsxp 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>hxxxzz.exe Worm.AutoRun.cyj.zcrv 病毒还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>my_70145.exe TrojanDownloader.QQHelper.aor.xhmw 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>my_701452.exe TrojanDownloader.Small.gmc.hwwq 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>server.exe Mantis 1.0b 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>shenji.exe TrojanPSW.GamePass.abch.npcj 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>sub.exe TrojanPSW.OnLineGames.tyg.dscs 木马还未处理
C:\Documents and Settings\Administrator\桌面\31a.rar>>yeSetup.exe Trojan.Delf.bgw.wozr 木马还未处理

显示全部楼层 · 发表于 2008-3-16 18:18:18

C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » admin6_ver0111.exe - a variant of Win32/TrojanDownloader.VB.CEJ trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 16.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 17.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 15.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 20.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 24.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 12.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 19.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 23.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 11.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 13.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 22.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » shenji.exe - a variant of Win32/TrojanDownloader.Flux trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » my_701452.exe - Win32/TrojanDownloader.Small.GMC trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » server.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » hxxxzz.exe - probably a variant of Win32/Delf.NDF worm
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 96c1af50c8cea826.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 17PHolmes.cmt - Win32/TrojanDownloader.Agent.BLS trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » sub.exe - Win32/PSW.OnLineGames.NNF trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » yeSetup.exe - a variant of Win32/TrojanDownloader.Delf.OBA trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » sadfsdf.exe - Win32/Agent.NRP trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » down1.exe - Win32/TrojanDownloader.Small.NZT trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » down2.exe - Win32/TrojanDownloader.Small.NZT trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » down3.exe - Win32/TrojanDownloader.Small.NZT trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » down.exe - Win32/TrojanDownloader.Small.NZT trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 21.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 18.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\31a.rar » RAR » 14.exe - Win32/PSW.OnLineGames.NMN trojan

显示全部楼层 · 发表于 2008-3-16 18:18:42

Begin scan in 'E:\VIRUS\31a.rar'
E:\VIRUS\31a.rar
  [0] Archive type: RAR
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.sie
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 20.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 24.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 23.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 22.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> my_70145.exe
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
  --> my_70320.exe
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
  --> shenji.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> my_701452.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.gmc
  --> server.exe
   [DETECTION] Is the Trojan horse TR/Agent.eok
  --> hxxxzz.exe
   [DETECTION] Contains detection pattern of the worm WORM/Autorun.cyj
  --> 96c1af50c8cea826.exe
   [DETECTION] Contains detection pattern of the worm WORM/Winko.I.67
  --> 17PHolmes.cmt
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> M.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> sub.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.48640
  --> yeSetup.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> sadfsdf.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> down1.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.8848
  --> down2.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.8848
  --> down3.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.8848
  --> down.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.8848
  --> 21.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLin.8918.A
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.ktw
   [WARNING] The file was ignored!

End of the scan: 2008年3月16日  18:18
Used time: 00:06 min

The scan has been done completely.

   0 Scanning directories
   32 Files were scanned
   30 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-16 19:26:45

C:\Test\0803\Data16\31a\11.exe(清理免疫)发现病毒Variant.Tr.Tracer.UZX
C:\Test\0803\Data16\31a\11.exe大小19897 特征VUZXNYPPMKRZX
此文件的备份：C:\VirusEliminator Base\backup.virus!\VUZXNYPPMKRZX.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\12.exe(清理免疫)发现病毒Variant.Tr.OnlineGames.RRM
C:\Test\0803\Data16\31a\12.exe大小19209 特征LRRMUYMKLZXYZ
此文件的备份：C:\VirusEliminator Base\backup.virus!\LRRMUYMKLZXYZ.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\13.exe(清理免疫)发现病毒Variant.Tr.MSender.ZOT
C:\Test\0803\Data16\31a\13.exe大小19971 特征UZOTVUXYMKUKL
此文件的备份：C:\VirusEliminator Base\backup.virus!\UZOTVUXYMKUKL.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\14.exe(清理免疫)发现病毒Variant.Tr.Downloader.KXT
C:\Test\0803\Data16\31a\14.exe大小17896 特征MKXTUZXYLYLZK
此文件的备份：C:\VirusEliminator Base\backup.virus!\MKXTUZXYLYLZK.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\15.exe(清理免疫)发现病毒Variant.Tr.SysHooker.OSL
C:\Test\0803\Data16\31a\15.exe大小18856 特征POSLSXLLZKVK
此文件的备份：C:\VirusEliminator Base\backup.virus!\POSLSXLLZKVK.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\16.exe(清理免疫)发现病毒Variant.Tr.Downloader.SNL
C:\Test\0803\Data16\31a\16.exe大小18720 特征MSNLKNQTLYYUQ
此文件的备份：C:\VirusEliminator Base\backup.virus!\MSNLKNQTLYYUQ.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\17.exe(清理免疫)发现病毒Variant.Tr.Agent.KQY
C:\Test\0803\Data16\31a\17.exe大小18834 特征RKQYQKNOLZKSW
此文件的备份：C:\VirusEliminator Base\backup.virus!\RKQYQKNOLZKSW.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\18.exe(清理免疫)发现病毒Variant.Tr.OnlineGames.SPQ
C:\Test\0803\Data16\31a\18.exe大小12708 特征LSPQXZUYLLZWK
此文件的备份：C:\VirusEliminator Base\backup.virus!\LSPQXZUYLLZWK.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\19.exe(清理免疫)发现病毒Variant.Tr.OnlineGames.UUW
C:\Test\0803\Data16\31a\19.exe大小19288 特征LUUWUSLXLZYUW
此文件的备份：C:\VirusEliminator Base\backup.virus!\LUUWUSLXLZYUW.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\20.exe(清理免疫)发现病毒Variant.Tr.Mnless.OOV
C:\Test\0803\Data16\31a\20.exe大小18876 特征TOOVNXWULZKYM
此文件的备份：C:\VirusEliminator Base\backup.virus!\TOOVNXWULZKYM.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\21.exe(清理免疫)发现病毒Variant.Tr.Delf.ZQM
C:\Test\0803\Data16\31a\21.exe大小12660 特征NZQMQPRWLLZOS
此文件的备份：C:\VirusEliminator Base\backup.virus!\NZQMQPRWLLZOS.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\22.exe(清理免疫)发现病毒Variant.Tr.Delf.TSS
C:\Test\0803\Data16\31a\22.exe大小20310 特征NTSSOLTSMKXZQ
此文件的备份：C:\VirusEliminator Base\backup.virus!\NTSSOLTSMKXZQ.!!!
事件发生时间：2008-3-16 19:23:44
事件发生操作者：QWX
C:\Test\0803\Data16\31a\23.exe(清理免疫)发现病毒Variant.Tr.BadCode.PLV
C:\Test\0803\Data16\31a\23.exe大小19312 特征OPLVWPVULZYXM
此文件的备份：C:\VirusEliminator Base\backup.virus!\OPLVWPVULZYXM.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\24.exe(清理免疫)发现病毒Variant.Tr.SysInjector.OVW
C:\Test\0803\Data16\31a\24.exe大小18915 特征QOVWWTWPLZLOV
此文件的备份：C:\VirusEliminator Base\backup.virus!\QOVWWTWPLZLOV.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\down.exe(清理免疫)发现病毒Tr.Agent.CTRO
C:\Test\0803\Data16\31a\down.exe大小8848 特征SYYTVWRWWSTK
此文件的备份：C:\VirusEliminator Base\backup.virus!\SYYTVWRWWSTK.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\down1.exe(清理免疫)发现病毒Tr.Agent.CTRO
C:\Test\0803\Data16\31a\down1.exe大小8848 特征SYYTVWRWWSTK
此文件的备份：C:\VirusEliminator Base\backup.virus!\SYYTVWRWWSTK.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\down2.exe(清理免疫)发现病毒Tr.Agent.CTRO
C:\Test\0803\Data16\31a\down2.exe大小8848 特征SYYTVWRWWSTK
此文件的备份：C:\VirusEliminator Base\backup.virus!\SYYTVWRWWSTK.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\down3.exe(清理免疫)发现病毒Tr.Agent.CTRO
C:\Test\0803\Data16\31a\down3.exe大小8848 特征SYYTVWRWWSTK
此文件的备份：C:\VirusEliminator Base\backup.virus!\SYYTVWRWWSTK.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\my_70145.exe(启发)启发判定机制发现了Dist/MicroDldr-01(Trj_GEN)
C:\Test\0803\Data16\31a\my_701452.exe(清理免疫)发现病毒Tr.BKDR.AYTN
C:\Test\0803\Data16\31a\my_701452.exe大小24576 特征NRKSLSSLMSPLO
此文件的备份：C:\VirusEliminator Base\backup.virus!\NRKSLSSLMSPLO.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX
C:\Test\0803\Data16\31a\shenji.exe(清理免疫)发现病毒Tr.Andefor.VUM
C:\Test\0803\Data16\31a\shenji.exe大小24071 特征LRROYOVUMQQOT
此文件的备份：C:\VirusEliminator Base\backup.virus!\LRROYOVUMQQOT.!!!
事件发生时间：2008-3-16 19:23:45
事件发生操作者：QWX

11/31

显示全部楼层 · 发表于 2008-3-16 19:33:34

ik
I:\virus\March\16\31a.rar:\admin6_ver0111.exe - Suspect code-parts found (Level: 150)
I:\virus\March\16\31a.rar:\16.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\March\16\31a.rar:\17.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\15.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\20.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\24.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\12.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\19.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\23.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\11.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\13.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\22.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\March\16\31a.rar:\my_70145.exe
I:\virus\March\16\31a.rar:\my_70320.exe
I:\virus\March\16\31a.rar:\shenji.exe - Signature 'Trojan-PWS.Win32.Agent.BU' found
I:\virus\March\16\31a.rar:\my_701452.exe - Signature 'Virus.Win32.Agent.IWX' found
I:\virus\March\16\31a.rar:\server.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\March\16\31a.rar:\hxxxzz.exe - Signature 'Backdoor.Win32.Delf.aka' found
I:\virus\March\16\31a.rar:\96c1af50c8cea826.exe - Signature 'Backdoor.Win32.Popwin.axi' found
I:\virus\March\16\31a.rar:\17PHolmes.cmt - Suspect code-parts found (Level: 20)
I:\virus\March\16\31a.rar:\M.exe - Signature 'Trojan-Downloader.Win32.Delf.TU' found
I:\virus\March\16\31a.rar:\sub.exe - Signature 'Virus.Win32.OnLineGames.BTI' found
I:\virus\March\16\31a.rar:\yeSetup.exe - Signature 'not-a-virus:AdWare.Win32.AdMoke.bx' found
I:\virus\March\16\31a.rar:\sadfsdf.exe - Suspect code-parts found (Level: 70)
I:\virus\March\16\31a.rar:\down1.exe - Signature 'Trojan-Downloader.Win32.Small.hsh' found
I:\virus\March\16\31a.rar:\down2.exe - Signature 'Trojan-Downloader.Win32.Small.hsh' found
I:\virus\March\16\31a.rar:\down3.exe - Signature 'Trojan-Downloader.Win32.Small.hsh' found
I:\virus\March\16\31a.rar:\down.exe - Signature 'Trojan-Downloader.Win32.Small.hsh' found
I:\virus\March\16\31a.rar:\21.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\March\16\31a.rar:\18.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\March\16\31a.rar:\14.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\virus\March\16\31a.rar

32 Files scanned
(1 Archiv with 31 files)
26 Signatures found
3 Suspect code-parts found
Used time: 0:04.094

显示全部楼层 · 发表于 2008-3-16 20:25:11

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:16.exe <- Trojan.Psw.Onlinegames.Tct : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:17.exe<UPack>:17.exe <- Trojan.Psw.Onlinegames.Sie : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:17.exe<UPack>:17.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Sie : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:20.exe<UPack>:20.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Tjz : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:shenji.exe <- Downloader.Flux.S : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:my_701452.exe <- Downloader.Small.Gmc : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:hxxxzz.exe <- Worm.Autorun.Cyj : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:hxxxzz.exe<FSG>:hxxxzz.exe <- Heur.RoundKick : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:96c1af50c8cea826.exe<UPack>:96c1af50c8cea826.exe <- Trojan.Popwin.Axi : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:17PHolmes.cmt <- Trojan.Downloader.Agent.Lbx : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down1.exe<UPX>:down1.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down1.exe<UPX>:down1.exe<DLLRES>:res0.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down1.exe<UPX>:down1.exe<DLLRES>:res1.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down2.exe<UPX>:down2.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down2.exe<UPX>:down2.exe<DLLRES>:res0.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down2.exe<UPX>:down2.exe<DLLRES>:res1.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down3.exe<UPX>:down3.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down3.exe<UPX>:down3.exe<DLLRES>:res0.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down3.exe<UPX>:down3.exe<DLLRES>:res1.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down.exe<UPX>:down.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down.exe<UPX>:down.exe<DLLRES>:res0.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:down.exe<UPX>:down.exe<DLLRES>:res1.exe <- Downloader.Small.Hsh : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:21.exe <- Trojan.Psw.Onlinegames.Tct : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:14.exe <- Trojan.Downloader.Agent.Ktw : No action
C:\Documents and Settings\All Users\Documents\Test\31a.rar<RAR>:14.exe<UPack>:14.exe<DLLRES>:L010.exe <- Trojan.Downloader.Agent.Kvf : No action

Scanned objects : 78

Infected objects : 25

显示全部楼层 · 发表于 2008-3-16 20:25:35

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->16.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->17.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->15.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->20.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->24.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->12.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->19.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->23.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->11.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->13.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->22.exe->(UPack)
[Found downloader] <W32/Downloader.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->my_70145.exe
[Found downloader] <W32/Downloader.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->my_70320.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->shenji.exe->(Klone.AF)
[Found downloader] <W32/Downloader.gen14 (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->my_701452.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->server.exe->(UPack)
[Found security risk] <W32/AutoRun.B.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->hxxxzz.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->96c1af50c8cea826.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->sub.exe->(Aspack)->(PE_Patch.MaskPE)
[Found downloader] <W32/Downldr2.AYKU (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->down1.exe->(UPX)
[Found downloader] <W32/Downldr2.AYKU (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->down2.exe->(UPX)
[Found downloader] <W32/Downldr2.AYKU (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->down3.exe->(UPX)
[Found downloader] <W32/Downldr2.AYKU (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->down.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->21.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->18.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\31a.rar->14.exe->(UPack)

---------------------------------------------------------------------
Scan ended: 2008-3-16, 20:25:22
Duration: 0:00:02

Scan result:

Scanned files:    6
Infected objects:    26
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

[病毒样本] 31x

本帖子中包含更多资源

28

30