[病毒样本] 32

显示全部楼层 · 发表于 2008-10-7 22:30:10

e1005ac29614dc6df5037cb758ef0136  1.ex1e
9041b4c84aae531bf184c1694b80030b  1045.exe3
a63e62affd8ac26916a987ef729b6a6b  131937
450a81c27b6dee8fea41d44fb06032ac  226445
968287f9cbb00231de4bbd7574b5f2e5  8.ex3e
43b1aef222adc84a9bd4abf07ac3bb2f  ADDR.DLL3
725ef6d81766e837131030941ac6a98b  china.exe3
7a22602cd63d0e6fbb5700353927c943  DDG.exe3
978fc09b942b920139c59645122dc739  debug.exe1
bd5cf8786c2cf9c95b47c7efcbf40afd  dl1host.ex3e
1d0a609823bc6e9bfa6a992a719eae2e  doc.e3xe
ababfb4fdbd7b0332dbeeb5c374078ea  dzh_2008v5.exe2
dfa6285e5356f9c9297d8d9c3a3812d6  gamebak.gpb
f1036c92a307669d6010e7a1cb641e5c  GrapeDou9D28.dll3
db7b7e557a06faed62db1bbfab864668  hider.exe.bak
860ba1462350c69495974a95d16888d4  iSCSIMonitor.exe3
ca538872d1900e719c558aad40dda387  jiqigoubingduyangben.e3xe
c6575ce594242f8b920b25e28804e2fb  Lconfig.ini3
9c39a88c68c688b0a923646b0072deb5  Login_Box.exe3
1e4ee9986b2299f747210f8f278c2a60  mem.exe3
69a64df261bacfe707e6317249fbaa63  rwsj.exe3
a22d7b3594c381efb3395a072725fe95  Setup.exe0
9bb79051d01cbecf8f9da928fec1885b  Setup708.exe3
e37da1867c5b9c1a90b6903feae70d79  Sex2.exe3
2285464ca045dfbb3c170f8487a22a12  smss.exe3
cd03b87304efd01a4d0e819d6c18d624  TBSetup(-33554350).exe3
9cbc6fc9fb4522282fbaa350853e359f  tebiekuaidi.chm3
f0cd111fbf3647a46dffdb829e416349  tree.co3m
5d0bc917f75876070c317aca7a545149  weiai.exe3
d60a9a605969a7e9daa2e53350c3a064  windowus32.exe3
e64761e7dbd2d0a017f2fe5e90856770  天下DNF私服登陆器.exe3
418a7d804c7fe4750bfbb4a19fda6f8c  需要采购清单和说明.chm

已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Small.abst 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\1.ex1e//PE_Patch//UPack
已刪除: 病毒 Worm.Win32.AutoRun.qhe 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\1045.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.srrh 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\131937
已刪除: 特洛伊木馬程式 Backdoor.Win32.Frauder.el 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\DDG.exe3
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Small.zfn 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\debug.exe1//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Goldun.bbg 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\doc.e3xe
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.afht 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\dzh_2008v5.exe2//stream//data0004//stream//data0001
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.afht 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\dzh_2008v5.exe2//stream//data0004//stream//data0002//PE_Patch.UPX//UPX/mnwsock.dll
已刪除: 病毒 Worm.Win32.AutoRun.qhe 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\dzh_2008v5.exe2//stream//data0008//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Small.byp 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\dzh_2008v5.exe2//stream//data0009//UPX
已刪除: 病毒 Email-Worm.Win32.Zhelatin.ahm 檔案: C:\Documents and Settings\kato9096\桌面\35100ccc\=dzh_2008v5\weiai.exe3//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Agent.kxq 檔案: C:\Documents and Settings\kato9096\獢\35100ccc\=dzh_2008v5\?€閬?韐剜??訫?霂湔?.chm//helpchm.exe/msqeip40.dll
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Delf.ehx 檔案: C:\Documents and Settings\kato9096\獢\35100ccc\=dzh_2008v5\?€閬?韐剜??訫?霂湔?.chm//helpchm.exe/SERVICESS32.exe//PE_Patch.UPX//UPX

卡巴只报13,不报的已上报卡巴~~

显示全部楼层 · 发表于 2008-10-7 22:39:36

2008-10-7 JAY22:36:39 Detected Trojan program Trojan-Downloader.Win32.Small.abst High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\1.ex1e/PE_Patch/UPack
2008-10-7 JAY22:36:39 Detected Virus Worm.Win32.AutoRun.qhe High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\1045.exe3/PE_Patch/UPack
2008-10-7 JAY22:36:39 Detected Trojan program Trojan-GameThief.Win32.OnLineGames.srrh High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\131937
2008-10-7 JAY22:36:40 Detected Trojan program Trojan-PSW.Win32.Agent.kxq High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\需要采购清单和说明.chm/helpchm.exe/msqeip40.dll
2008-10-7 JAY22:36:40 Detected Trojan program Backdoor.Win32.Frauder.el High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\DDG.exe3
2008-10-7 JAY22:36:41 Detected Trojan program Trojan-Spy.Win32.Delf.ehx High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\需要采购清单和说明.chm/helpchm.exe/SERVICESS32.exe/PE_Patch.UPX/UPX
2008-10-7 JAY22:36:41 Detected Trojan program Trojan-Downloader.Win32.Small.zfn High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\debug.exe1/PE_Patch/UPack
2008-10-7 JAY22:36:44 Detected Trojan program Trojan-Spy.Win32.Goldun.bbg High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\doc.e3xe
2008-10-7 JAY22:36:49 Detected Trojan program Heur.Invader High Heuristic analysis C:\Documents and Settings\Owner\桌面\=dzh_2008v5\dzh_2008v5.exe2/stream/data0002/PE_Patch.PECompact/PecBundle/PECompact
2008-10-7 JAY22:36:51 Detected Trojan program Trojan.Win32.Agent.afht High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\dzh_2008v5.exe2/stream/data0004/stream/data0001
2008-10-7 JAY22:36:51 Detected Trojan program Trojan.Win32.Agent.afht High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\dzh_2008v5.exe2/stream/data0004/stream/data0002/PE_Patch.UPX/UPX/mnwsock.dll
2008-10-7 JAY22:36:52 Detected Trojan program Heur.Invader High Heuristic analysis C:\Documents and Settings\Owner\桌面\=dzh_2008v5\Sex2.exe3/PE_Patch.PECompact/PecBundle/PECompact
2008-10-7 JAY22:36:53 Detected Virus Email-Worm.Win32.Zhelatin.ahm High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\weiai.exe3/UPack
2008-10-7 JAY22:36:53 Detected Trojan program Heur.AntiAV High Heuristic analysis C:\Documents and Settings\Owner\桌面\=dzh_2008v5\天下DNF私服登陆器.exe3
2008-10-7 JAY22:36:55 Detected Virus Worm.Win32.AutoRun.qhe High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\dzh_2008v5.exe2/stream/data0008/PE_Patch/UPack
2008-10-7 JAY22:36:55 Detected Trojan program Trojan-Dropper.Win32.Small.byp High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\dzh_2008v5.exe2/stream/data0009/UPX
2008-10-7 JAY22:37:10 Detected Trojan program Trojan-PSW.Win32.Agent.kxq High Exact C:\Documents and Settings\Owner\桌面\=dzh_2008v5\需要采购清单和说明.chm/helpchm.exe/msqeip40.dll

显示全部楼层 · 发表于 2008-10-7 23:13:02

2008-10-7 23:12:19 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\1.ex1e Downloader.gen.a (特洛伊)
2008-10-7 23:12:25 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\131937 PWS-OnlineGames.ce (特洛伊)
2008-10-7 23:12:32 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\DDG.exe3 Generic BackDoor (特洛伊)
2008-10-7 23:12:32 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\debug.exe1 Downloader.gen.a (特洛伊)
2008-10-7 23:12:33 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\doc.e3xe Generic Downloader.ab (特洛伊)
2008-10-7 23:12:33 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\hider.exe.bak AdClicker-GH (特洛伊)
2008-10-7 23:12:34 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\iSCSIMonitor.exe3 New Malware.n (特洛伊)
2008-10-7 23:12:34 未扫描（文件已加密） F:\病毒\=dzh_2008v5\=dzh_2008v5\jiqigoubingduyangben.e3xe
2008-10-7 23:12:37 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\smss.exe3 W32/Autorun.worm.i.gen (病毒)
2008-10-7 23:12:38 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\weiai.exe3 New Malware.n (特洛伊)
2008-10-7 23:12:38 未采取操作曲中求 ODS F:\病毒\=dzh_2008v5\=dzh_2008v5\天下DNF私服登陆器.exe3 Generic.dx (特洛伊)

显示全部楼层 · 发表于 2008-10-8 08:49:57

使用 G DATA AntiVirus 进行病毒检测
版本 19.0.0.49 (22.08.2008)
病毒特征库日期 07.10.2008
开始时间: 08.10.2008 08:45
引擎: 引擎 A - BitDefender (AVA 19.695), 引擎 B - Avast! (AVB 19.55)
高启发: 开启
文件: 开启
系统区域: 开启
RootKits 检测: 开启

检测系统区域
检测选中目录和文件:
C:\=dzh_2008v5\

项目: 1045.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Generic.Malware.Sdldspg.CAB289AD (引擎 A)
项目: 1.ex1e
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Generic.Malware.dld!!.4E788BE8 (引擎 A)
项目: 8.ex3e
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 疑为病毒
病毒: Generic.Malware.Sdldg.A0698E7D (引擎 A)
项目: 131937
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Trojan.PWS.Lmir.UMH (引擎 A)
项目: DDG.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: MemScan:Trojan.Downloader.Agent.ZPL (引擎 A)
项目: debug.exe1
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Trojan.Downloader.JKJD (引擎 A)
项目: doc.e3xe
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Trojan.Spy.Goldun.NDO (引擎 A)
项目: SETUP.MSI
检查档案: C:\=dzh_2008v5\=dzh_2008v5\china.exe3
状态: 发现病毒
病毒: Win32:Trojan-gen {Other} (引擎 B) (引擎 B)
项目: china.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Win32:Trojan-gen {Other} (引擎 B) (引擎 B)
项目: hider.exe.bak
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: DeepScan:Generic.Malware.SFMb.8DD6DE4F (引擎 A)
项目: iSCSIMonitor.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Trojan.Crypt.ED (引擎 A)
项目: [PECompact]\[Embedded#05000]
检查档案: C:\=dzh_2008v5\=dzh_2008v5\Sex2.exe3
状态: 发现病毒
病毒: Win32:Agent-TAI [Trj] (引擎 B) (引擎 B)
项目: Sex2.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Win32:Agent-TAI [Trj] (引擎 B) (引擎 B)
项目: smss.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Trojan.Agent.VB.AZN (引擎 A)
项目: weiai.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Generic.Malware.SFBprng.B780EB37 (引擎 A)
项目: windowus32.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Win32:Murlo-BN [Trj] (引擎 B)
项目: 天下DNF私服登陆器.exe3
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Win32:Trojan-gen {Other} (引擎 B)
项目: helpchm.exe\msqeip40.dll
检查档案: C:\=dzh_2008v5\=dzh_2008v5\需要采购清单和说明.chm
状态: 发现病毒
病毒: Win32:Spyware-gen [Trj] (引擎 B) (引擎 B)
项目: helpchm.exe\SERVICESS32.exe
检查档案: C:\=dzh_2008v5\=dzh_2008v5\需要采购清单和说明.chm
状态: 发现病毒
病毒: Win32:Trojan-gen {Other} (引擎 B) (引擎 B)
项目: helpchm.exe\windowus32.exe
检查档案: C:\=dzh_2008v5\=dzh_2008v5\需要采购清单和说明.chm
状态: 发现病毒
病毒: Win32:Murlo-BN [Trj] (引擎 B) (引擎 B)
项目: 需要采购清单和说明.chm
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Win32:Spyware-gen [Trj] (引擎 B), Win32:Trojan-gen {Other} (引擎 B), Win32:Murlo-BN [Trj] (引擎 B) (引擎 B)
项目: (NSIS o)=>lzma_solid_nsis0001
检查档案: C:\=dzh_2008v5\=dzh_2008v5\dzh_2008v5.exe2
状态: 发现病毒
病毒: Trojan.Agent.AKEH (引擎 A)
项目: (NSIS o)=>lzma_solid_nsis0005
检查档案: C:\=dzh_2008v5\=dzh_2008v5\dzh_2008v5.exe2
状态: 疑为病毒
病毒: Generic.Malware.Sdldg.A0698E7D (引擎 A)
项目: (NSIS o)=>lzma_solid_nsis0008
检查档案: C:\=dzh_2008v5\=dzh_2008v5\dzh_2008v5.exe2
状态: 发现病毒
病毒: Generic.Malware.Sdldspg.CAB289AD (引擎 A)
项目: dzh_2008v5.exe2
路径: C:\=dzh_2008v5\=dzh_2008v5
状态: 移至隔离区
病毒: Trojan.Agent.AKEH, Generic.Malware.Sdldg.A0698E7D, Generic.Malware.Sdldspg.CAB289AD (引擎 A)

检测执行时间: 08.10.2008 08:46
已检测 32 个文件
已发现 16 个病毒文件
已发现 1 个可疑文件

杀了25个文件，怎么只报16个病毒文件啊

显示全部楼层 · 发表于 2008-10-8 11:57:19

Start of the scan: 2008年10月8日  11:42
Starting the file scan:
Begin scan in 'C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5'
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\1.ex1e
   [DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    A backup was created as '49512c6b.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\1045.exe3
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49202c6d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\131937
[DETECTION] Is the TR/PWS.Lmir.UMH Trojan
[NOTE]    A backup was created as '491d2c71.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\8.ex3e
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49512c6c.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\DDG.exe3
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Frauder.bu back-door program
[NOTE]    A backup was created as '49332c83.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\debug.exe1
[DETECTION] Is the TR/Dldr.Small.zfn Trojan
[NOTE]    A backup was created as '494e2ca4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\dl1host.ex3e
   [DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    A backup was created as '491d2cab.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\doc.e3xe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '494f2cae.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\hider.exe.bak
[DETECTION] Is the TR/Dldr.VB.fqt Trojan
[NOTE]    A backup was created as '49502ca9.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\iSCSIMonitor.exe3
[DETECTION] Is the TR/PSW.Delf.KH.1 Trojan
[NOTE]    A backup was created as '492f2c93.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\Setup708.exe3
   [DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    A backup was created as '49602ca6.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\Sex2.exe3
[DETECTION] Is the TR/Hijacker.Gen Trojan
[NOTE]    A backup was created as '49642ca6.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\smss.exe3
[DETECTION] Is the TR/Agent.VB.AZN Trojan
[NOTE]    A backup was created as '495f2cae.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\weiai.exe3
   [DETECTION] Is the TR/Drop.Cattivo.A Trojan
[NOTE]    A backup was created as '49552ca7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\windowus32.exe3
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE]    A backup was created as '495a2cab.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\天下DNF私服登陆器.exe3
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49307a4d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\桌面\新建文件夹\=dzh_2008v5\需要采购清单和说明.chm
[0] Archive type: CHM
   --> /helpchm.exe
      --> msqeip40.dll
         [DETECTION] Is the TR/Spy.Banker.mfh.1 Trojan
      [DETECTION] Is the TR/Crypt.FKM.Gen Trojan
      [DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE]    A backup was created as 'dab3b5c4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2008年10月8日  11:42
Used time: 00:11 Minute(s)
----------------------------------------------------------------------
红伞Pass15个，上报提交分析。

[ 本帖最后由 08红伞威点于 2008-10-8 12:04 编辑 ]

显示全部楼层 · 发表于 2008-10-8 13:13:21

费尔只杀10个

微点特征码杀8个

显示全部楼层 · 发表于 2008-10-8 13:18:38

这个是大智慧里的病毒啊？

显示全部楼层 · 发表于 2008-10-8 13:34:03

Scan Stats:
  Scan Time: 5 seconds
  Scan Options:
  Scan Targets: D:\Virus\=dzh_2008v5\=dzh_2008v5.zip
  Counts:
Total items scanned: 37
- Files & Directories: 37
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0
- Trusted Files: 0
- Skipped Files: 0

Total security risks detected: 11
Total items resolved: 11
Total items that require attention: 0

Resolved Threats:
Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[1.ex1e] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

W32.SillyDC
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[1045.exe3] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Infostealer.Gampass
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[131937] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

W32.Gammima
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[8.ex3e] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Suspicious.AH.1
Type: Compressed
Risk: Medium (Medium Stealth, Medium Removal, Medium Performance, Medium Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
[ddg.exe3] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[debug.exe1] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Trojan.Fakeavalert
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[doc.e3xe] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[dzh_2008v5.exe2] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[hider.exe.bak] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

Suspicious.AH.6
Type: Compressed
Risk: Medium (Medium Stealth, Medium Removal, Medium Performance, Medium Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
[iscsimonitor.exe3] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

W32.SillyDC
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[weiai.exe3] inside of [d:\virus\=dzh_2008v5\=dzh_2008v5.zip] - Deleted

显示全部楼层 · 发表于 2008-10-8 13:37:22

诺顿10.1

显示全部楼层 · 发表于 2008-10-8 14:15:20

蜘蛛24

[病毒样本] 32

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源