28个病毒样本包

chabosh

很恐怖哦


还有一个 忘了发

[ 本帖最后由 chabosh 于 2008-4-15 15:00 编辑 ]

Starting the file scan:

Begin scan in 'E:\du.rar'
E:\du.rar
  [0] Archive type: RAR
  --> du\3.exe
      [DETECTION] Is the Trojan horse TR/Small.6910
  --> du\1.exe
      [DETECTION] Is the Trojan horse TR/Small.6910
  --> du\2.exe
      [DETECTION] Is the Trojan horse TR/Small.6910
  --> du\e26.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e27.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e0.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e2.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e6.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e7.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e8.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> du\e10.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e12.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> du\e14.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> du\e16.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e17.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e29.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e4.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e9.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e13.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> du\e23.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
      [NOTE]      The file was deleted!


End of the scan: 2008年4月15日  14:46
Used time: 00:15 min

The scan has been done completely.

      0 Scanning directories
     28 Files were scanned
      4 viruses and/or unwanted programs were found
     16 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     24 Files not concerned
      1 Archives were scanned
      0 Warnings
      1 Notes

3819183  e11.exe  18.62 KB  DAMAGED FILE (UNKNOWN)
3819184  e12.exe  18.02 KB  DAMAGED FILE (MALWARE)
3819185  e13.exe  15.8 KB  DAMAGED FILE (MALWARE)
3819186  e0.exe  18.62 KB  DAMAGED FILE (MALWARE)
3819187  e1.exe  18.62 KB  DAMAGED FILE (UNKNOWN)
3819188  e2.exe  19.43 KB  DAMAGED FILE (MALWARE)
3819189  e4.exe  17.21 KB  DAMAGED FILE (MALWARE)
3819190  e6.exe  18.02 KB  DAMAGED FILE (MALWARE)
3819191  e7.exe  18.62 KB  DAMAGED FILE (MALWARE)
3819192  e8.exe  15.8 KB  DAMAGED FILE (MALWARE)
3819193  e9.exe  18.02 KB  DAMAGED FILE (MALWARE)
3819194  e10.exe  15.8 KB  DAMAGED FILE (MALWARE)
3819196  e14.exe  31.27 KB  DAMAGED FILE (MALWARE)
3819197  e16.exe  18.62 KB  MALWARE
3819198  e17.exe  18.02 KB  DAMAGED FILE (MALWARE)
3819199  e23.exe  13.8 KB  MALWARE
3819200  e24.exe  16.62 KB  MALWARE
3819201  e26.exe  18.62 KB  MALWARE
3819202  e27.exe  14.99 KB  DAMAGED FILE (MALWARE)
3819203  e29.exe  16.99 KB  DAMAGED FILE (MALWARE)
3819204  e31.exe  15.8 KB  DAMAGED FILE (UNKNOWN)
3819205  e33.exe  16.62 KB  DAMAGED FILE (UNKNOWN)
1044456  edlin.exe  12.49 KB  KNOWN CLEAN
502696  Upack.exe  21.63 KB  KNOWN CLEAN

The file 'explorer.exe' has been determined to be 'DAMAGED FILE (UNKNOWN)'. In particular this means that this file is damaged and not working properly. We could not find any malicious content. However the heuristic detection module may still detect this particular file even though it is damaged. In that case we will not adjust and remove detection for this damaged file.

[ 本帖最后由 Exia 于 2008-4-16 14:51 编辑 ]

HC303

0 Scanning directories
     29 Files were scanned
      4 viruses and/or unwanted programs were found
     16 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     25 Files not concerned
      1 Archives were scanned
      1 Warnings
      0 Notes
启发的上报。

挪威的冬天

信息        2008-04-15  14:54:56        您此次查毒清除了20个病毒                       
信息        2008-04-15  14:54:56        您此次查毒共查出20个病毒以及危险代码                       
信息        2008-04-15  14:54:56        您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件32个                       
信息        2008-04-15  14:54:56        金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

szaft

红伞 V8 ，查到4个，怀疑16个

chunnian

江民杀毒软件报告文件

        北京江民新科技术有限公司

        扫描引擎 11.00.703
        病毒库日期 2008-04-15
        更新日期 2008-04-15

扫描目标 F:\下载\du.rar

开始时间 2008-04-15 15:29:17

在 F:\下载\du.rar->du\3.exe 中发现 Trojan/PSW.OnLineGames.wsu 病毒, 已删除
在 F:\下载\du.rar->du\1.exe 中发现 Trojan/PSW.OnLineGames.wsu 病毒, 已删除
在 F:\下载\du.rar->du\2.exe 中发现 Trojan/PSW.OnLineGames.wsu 病毒, 已删除
在 F:\下载\du.rar->du\e24.exe 中发现 Trojan/PSW.OnLineGames.aali 病毒, 已删除
在 F:\下载\du.rar->du\e26.exe 中发现 Trojan/PSW.OnLineGames.aalk 病毒, 已删除
在 F:\下载\du.rar->du\e27.exe 中发现 Trojan/PSW.OnLineGames.aaqd 病毒, 已删除
在 F:\下载\du.rar->du\e0.exe 中发现 Trojan/PSW.OnLineGames.aalm 病毒, 已删除
在 F:\下载\du.rar->du\e1.exe 中发现 Trojan/PSW.OnLineGames.aali 病毒, 已删除
在 F:\下载\du.rar->du\e6.exe 中发现 Trojan/PSW.OnLineGames.aane 病毒, 已删除
在 F:\下载\du.rar->du\e7.exe 中发现 Trojan/Agent.aybv 病毒, 已删除
在 F:\下载\du.rar->du\e10.exe 中发现 Trojan/PSW.OnLineGames.aaqa 病毒, 已删除
在 F:\下载\du.rar->du\e16.exe 中发现 Trojan/PSW.OnLineGames.aalp 病毒, 已删除
在 F:\下载\du.rar->du\e17.exe 中发现 Trojan/PSW.OnLineGames.aalr 病毒, 已删除
在 F:\下载\du.rar->du\e31.exe 中发现 Trojan/PSW.OnLineGames.aauy 病毒, 已删除
在 F:\下载\du.rar->du\e33.exe 中发现 Trojan/PSW.OnLineGames.aali 病毒, 已删除
在 F:\下载\du.rar->du\e4.exe 中发现 TrojanSpy.Agent.egp 病毒, 已删除
在 F:\下载\du.rar->du\e9.exe 中发现 Trojan/PSW.OnLineGames.aalo 病毒, 已删除
在 F:\下载\du.rar->du\e13.exe 中发现 Trojan/PSW.OnLineGames.aalj 病毒, 已删除
在 F:\下载\du.rar->du\e23.exe 中发现 Backdoor/Popwin.ak 病毒, 已删除
在 F:\下载\du.rar->du\Upack.exe 中发现 Trojan/PSW.GamePass.pel 病毒, 已删除
正常结束。

扫描结果:
                 文件数 :29                                  病毒体 :20        
                   删除 :20                                    解毒 :0         
    扫描速度(千字节/秒) :933                               扫描时间 :00:00:01
    扫描文件速度(个/秒) :29

aerbeisi

[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\3.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\1.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\2.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e24.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e26.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e27.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e0.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e1.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e6.exe
[Found possible security risk]         <W32/Heuristic-NUP!Eldorado (not disinfectable)>        C:\test\gf\du.rar->du\e7.exe
[Found possible security risk]         <W32/Heuristic-NUP!Eldorado (not disinfectable)>        C:\test\gf\du.rar->du\e8.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e10.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e11.exe
[Found possible security risk]         <W32/Heuristic-NUP!Eldorado (not disinfectable)>        C:\test\gf\du.rar->du\e12.exe
[Found possible security risk]         <W32/Heuristic-MU2!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e14.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e16.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e17.exe
[Found possible security risk]         <W32/Heuristic-NUP!Eldorado (not disinfectable)>        C:\test\gf\du.rar->du\e29.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e31.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e33.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e4.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e9.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e13.exe
[Found possible security risk]         <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\e23.exe
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\test\gf\du.rar->du\Upack.exe->(UPack)

多少尸体。。。

shixinlong044

ESET一个都没扫描出来，真是出奇的失望

ls你运行下就知道为什么了