50个样本(测试有效期截止6月24日12：00)

显示全部楼层 · 发表于 2008-6-23 20:45:01

mcafee8.7全杀的50个样本

显示全部楼层 · 发表于 2008-6-23 20:48:06

直接解压，红伞监控漏42.exe。后用红伞扫描（开高启），发现病毒，提示手工清除。结论：红伞全认。

[ 本帖最后由 hellobaby 于 2008-6-23 20:50 编辑 ]

显示全部楼层 · 发表于 2008-6-23 20:52:39

avast
VPS 080623-0, 2008-06-23
44

显示全部楼层 · 发表于 2008-6-23 21:01:32

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.QQPass.dmb
病毒： Trojan.DL.Delf.ylq
病毒： Trojan.IMMSG.Win32.TBMSG.yme
病毒： Worm.Win32.Autorun.jvr
病毒： Trojan.DL.Win32.VB.dyg
病毒： Worm.Win32.Autorun.eai
病毒： Packer.Win32.Upack.a
病毒： Backdoor.Win32.Loader.a
病毒： Trojan.Clicker.Win32.PopHot.dtb
病毒： Trojan.Win32.Undef.fsh
病毒： Trojan.Win32.Undef.efq
病毒： Trojan.PSW.Win32.GameOnline.p
病毒： Backdoor.Win32.PcClient.ekf
病毒： Trojan.DL.Win32.Undef.bb
病毒： Trojan.Win32.Undef.dnc
病毒： Trojan.PSW.Win32.GameOL.odt
病毒： Trojan.PSW.Win32.GameOL.oci
病毒： Trojan.PSW.Win32.GameOL.odw
病毒： Trojan.PSW.Win32.ZhuXian.hx
病毒： Trojan.PSW.Win32.ZhengTu.ynv
病毒： Trojan.PSW.Win32.ZeroOnline.dv
病毒： Trojan.PSW.Win32.QQPass.doa

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.50.02

显示全部楼层 · 发表于 2008-6-23 21:08:47

[Found downloader] <W32/Banload.B.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\1.EXE->rsrcPE->(UPack)->(PE_Patch.MaskPE)
[Found possible security risk] <W32/Heuristic-210!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\2.EXE->(Nakedpack)->(PECRC)
[Found downloader] <W32/Banload.B.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\3.EXE
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\4.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\5.exe->(UPack)
[Found possible virus] <W32/VB-Wird-based!Maximus (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\6.EXE->(UPX)
[Found security risk] <W32/Agent.S.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\7.PIF
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\8.exe->(UPack)
[Found backdoor] <W32/Backdoor2.AUCH (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\9.EXE
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\10.exe->(UPack)
[Found Trojan] <W32/Trojan2.AIBF (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\11.EXE
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\12.EXE->(NSPack)->(PE_Patch)->(PE_Patch.MaskPE)
[Found security risk] <W32/AutoRun.B.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\14.exe
[Found security risk] <W32/Agent.G.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\15.EXE->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\17.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\18.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\19.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\20.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\21.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\22.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\23.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\24.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\25.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\26.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\27.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\28.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\29.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\30.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\31.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\32.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\33.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\34.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\35.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\36.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\37.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\38.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\39.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\40.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\41.EXE->(UPack)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\43.exe->(UPX)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\44.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\45.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\46.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\47.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\48.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\49.EXE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\50.rar->50\50.EXE->(UPack)

---------------------------------------------------------------------
Scan ended: 2008-6-23, 21:08:24
Duration: 0:00:29

Scan result:

Scanned files:    6
Infected objects:    47
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-6-23 21:11:31

EAVC:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\1.EXE - 可能是 Win32/PSW.QQPass.NDF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\3.EXE - Win32/TrojanDownloader.Delf.BHO 特洛伊木马
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\4.exe - Win32/TrojanDownloader.Flux 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\5.exe - Win32/TrojanDownloader.Flux.AB 特洛伊木马
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\6.EXE - 可能是 Win32/TrojanDownloader.VB 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\7.PIF - 可能是 Win32/Genetik 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\8.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\9.EXE - Win32/PcClient 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\10.exe - Win32/Spy.Delf.NIL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\11.EXE - Win32/Inject.AED 特洛伊木马
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\12.EXE - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\14.exe - 可能是 Win32/Delf.NDF 蠕虫的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\15.EXE - Win32/Poison 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\16.EXE - Win32/Small.NO 特洛伊木马
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\17.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\18.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\19.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\20.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\21.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\22.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\23.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\24.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\25.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\26.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\27.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\28.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\29.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\30.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\31.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\32.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\33.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\34.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\35.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\36.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\37.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\38.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\39.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\40.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\41.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\43.exe - Win32/PSW.QQPass.NCZ 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\44.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\45.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\46.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\47.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\48.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\49.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\50.rar > RAR > 50\50.EXE - Win32/PSW.OnLineGames.OAF 特洛伊木马的变种

miss 3

[ 本帖最后由 garyyan456 于 2008-6-23 21:14 编辑 ]

显示全部楼层 · 发表于 2008-6-23 21:12:13

IKARUS 全灭

I:\June\24\50.rar:\50\1.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\2.EXE - Signature 'Backdoor.Win32.Rbot.bpb' found
I:\June\24\50.rar:\50\3.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\4.exe - Signature 'Trojan-Downloader.Win32.Flux.ep' found
I:\June\24\50.rar:\50\5.exe - Signature 'Trojan-Downloader.Win32.Flux.fm' found
I:\June\24\50.rar:\50\6.EXE - Signature 'Trojan-Downloader.Win32.VB.bvx' found
I:\June\24\50.rar:\50\7.PIF - Signature 'Backdoor.Win32.Agent.ahj' found
I:\June\24\50.rar:\50\8.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\June\24\50.rar:\50\9.EXE - Signature 'Backdoor.Win32.PcClient.df' found
I:\June\24\50.rar:\50\10.exe - Signature 'Backdoor.Win32.Rbot.aeu' found
I:\June\24\50.rar:\50\11.EXE - Signature 'Trojan-Downloader.Agent.hax' found
I:\June\24\50.rar:\50\12.EXE - Signature 'Packed.Win32.Klone.af' found
I:\June\24\50.rar:\50\13.EXE - Signature 'Backdoor.Win32.PcClient.yw' found
I:\June\24\50.rar:\50\14.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\15.EXE - Signature 'Virus.Trojan.Win32.Buzus.fjh' found
I:\June\24\50.rar:\50\16.EXE - Signature 'Trojan.Win32.Agent.jtr' found
I:\June\24\50.rar:\50\17.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\18.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\19.EXE - Signature 'Trojan-PWS.OnlineGames.YZJ' found
I:\June\24\50.rar:\50\20.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\21.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\22.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\23.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\24.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\25.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\26.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\27.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\28.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\29.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\30.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\31.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\32.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\33.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\34.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\35.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\36.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\37.EXE - Signature 'Trojan-PWS.OnlineGames.YZJ' found
I:\June\24\50.rar:\50\38.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\39.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\40.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\41.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\42.exe - Suspect code-parts found (Level: 120)
I:\June\24\50.rar:\50\43.exe - Signature 'Trojan-PWS.Win32.Gamec.aa' found
I:\June\24\50.rar:\50\44.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\45.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\46.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\47.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\48.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\49.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar:\50\50.EXE - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\June\24\50.rar
51 Files scanned
(1 Archiv with 50 files)
49 Signatures found
1 Suspect code-part found
Used time: 0:01.750

[ 本帖最后由冷冷于 2008-6-23 21:14 编辑 ]

显示全部楼层 · 发表于 2008-6-23 21:13:10

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\50\50\1.EXE <- Variant:Trojan.Psw.Onlinegames.Adtv : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\10.exe<UPack>:10.exe <- Variant:Downloader.Small.Jt : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\11.EXE <- Trojan.Inject.Aed : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\12.EXE <- Trojan.Psw.Onlinegames.Ajpn : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\14.exe<UPack>:14.exe <- Downloader.Todon.am : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\15.EXE <- Variant:Trojan.Poison.K : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\18.EXE <- Trojan.Psw.Onlinegames.Aphm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\19.EXE <- Trojan.Psw.Onlinegames.Aqeh : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\20.EXE <- Trojan.Psw.Onlinegames.Aqgp : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\22.EXE <- Trojan.Psw.Onlinegames.Aqgp : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\26.exe<UPack>:26.exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Apke : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\27.EXE <- Trojan.Psw.Onlinegames.Aphm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\28.EXE <- Trojan.Psw.Onlinegames.Apry : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\29.EXE <- Trojan.Psw.Onlinegames.Aphm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\3.EXE <- Worm.Delf.Bs : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\30.EXE <- Trojan.Psw.Onlinegames.Arpj : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\32.EXE<UPack>:32.EXE <- Trojan.Psw.Onlinegames.Apil : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\33.EXE <- Trojan.Psw.Onlinegames.Apms : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\34.EXE <- Trojan.Psw.Onlinegames.Apry : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\35.exe<UPack>:35.exe<DLLRES>:MAIN0.exe <- Trojan.Psw.Onlinegames.Apke : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\36.EXE <- Trojan.Psw.Onlinegames.Aphm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\37.EXE <- Trojan.Psw.Onlinegames.Aqeh : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\38.EXE <- Trojan.Psw.Onlinegames.Aphm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\39.EXE <- Trojan.Psw.Onlinegames.Arpj : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\40.exe <- Trojan.Psw.Onlinegames.Aqmr : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\41.EXE <- Trojan.Psw.Onlinegames.Aqgp : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\44.EXE <- Trojan.Psw.Onlinegames.Aphm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\45.EXE <- Trojan.Psw.Onlinegames.Aqfs : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\47.EXE <- Trojan.Psw.Onlinegames.Aplq : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\48.exe <- Trojan.Psw.Onlinegames.Aqmr : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\49.EXE <- Trojan.Psw.Onlinegames.Apms : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\5.exe<UPack>:5.exe <- Downloader.Flux.Fm : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\50.EXE<UPack>:50.EXE <- Trojan.Psw.Onlinegames.Apil : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\6.EXE<UPX>:6.EXE <- Downloader.Vb.Bvx : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\8.exe <- Trojan.Psw.Onlinegames.Abfv : Delete
C:\Documents and Settings\All Users\Documents\Test\50\50\9.EXE <- Trojan.Pcclient.Bwe : Delete

Scanned objects : 77

Infected objects : 36

显示全部楼层 · 发表于 2008-6-23 21:14:59

K

45特征码+2个启发=47

[ 本帖最后由 allinwonderi 于 2008-6-23 21:18 编辑 ]

显示全部楼层 · 发表于 2008-6-23 21:15:10

AVK08 48

[病毒样本] 50个样本(测试有效期截止6月24日12：00)

本帖子中包含更多资源

100/48

F-Prot 4.4.4

本帖子中包含更多资源

ArcaVir2008

Virus Chaser 5.0a

本帖子中包含更多资源

本帖子中包含更多资源