9个................

zjsxsycj

点击下载样本
virus

尤金卡巴斯基

2008/10/14 20:29:15        已清除        木马程序 Trojan-Downloader.Win32.Agent.zdo        G:\Temp\Virus\9ge.rar               
2008/10/14 20:29:15        已清除        木马程序 Trojan.Win32.Shutdowner.wg        G:\Temp\Virus\9ge.rar/5.exe               
2008/10/14 20:29:15        已清除        木马程序 Trojan-Downloader.Win32.Agent.zdo        G:\Temp\Virus\9ge.rar/7.exe               
2008/10/14 20:29:15        已清除        广告软件 not-a-virus:AdWare.Win32.BHO.csq        G:\Temp\Virus\9ge.rar/3.exe//data0002               
2008/10/14 20:29:15        已清除        广告软件 not-a-virus:AdWare.Win32.Cinmus.pny        G:\Temp\Virus\9ge.rar/4.exe//stream//data0002//data0001               
2008/10/14 20:29:15        已清除        广告软件 not-a-virus:AdWare.Win32.Cinmus.khw        G:\Temp\Virus\9ge.rar/4.exe//stream//data0002//data0003               
2008/10/14 20:29:15        已清除        广告软件 not-a-virus:AdWare.Win32.BHO.dgq        G:\Temp\Virus\9ge.rar/ad7567.exe//data0002               

特征码漏杀的 To KL

fzz8848

Begin scan in 'E:\Download\Virus\9ge'
E:\Download\Virus\9ge\Setup707.exe
      [DETECTION] Is the TR/Downloader.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\9ge\2.exe
    [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\9ge\3.exe
    [DETECTION] Contains recognition pattern of the DR/BHO.csq.6 dropper
    [NOTE]      The file was deleted!
E:\Download\Virus\9ge\4.exe
    [DETECTION] Contains recognition pattern of the DR/Cinmus.iih dropper
    [NOTE]      The file was deleted!
E:\Download\Virus\9ge\5.exe
    [DETECTION] Contains recognition pattern of the DR/Agent.224372 dropper
    [NOTE]      The file was deleted!
E:\Download\Virus\9ge\6.exe
      --> CoolIE.exe
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains HEUR/Malware suspicious code
      --> wooaa.exe
          [DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\9ge\7.exe
    [DETECTION] Contains recognition pattern of the DR/Boran.AD dropper
    [NOTE]      The file was deleted!

BING126

McAfee  报了6个。。

2.exe                   generic.dx               
3.exe                   generic pup.x              
4.exe                   adware-cinmus             
5.exe                   generic.f                 
6.exe                   new malware-d             
7.exe                   adclicker-bj              
8.exe                   no  
ad7567.exe         no  
setup707.exe      no

Palkia

病毒        2008-10-14  20:52:51        病毒在文件C:\Documents and Settings\Administrator\桌面\9ge\7.exe中        Win32.Troj.Agent.lu.106270        处理成功（操作：删除）       
病毒        2008-10-14  20:52:51        病毒在文件C:\Documents and Settings\Administrator\桌面\9ge\2.exe中        Win32.TrojDownloader.Maya.c.81920        处理成功（操作：删除）       
风险程序        2008-10-14  20:53:23        C:\Documents and Settings\Administrator\桌面\9ge\8.exe        Win32.RiskWare.Agent.ac.151552        隔离成功       
风险程序        2008-10-14  20:53:23        C:\Documents and Settings\Administrator\桌面\9ge\5.exe        Win32.Adware.Cinmus.a.202240        隔离成功       
病毒        2008-10-14  20:53:21        C:\Documents and Settings\Administrator\桌面\9ge\4.exe        Win32.Troj.JunkUndefT.ha.126976        清除成功

无尽藏海

Scan Stats:
  Scan Time: 2 seconds
  Scan Options:
  Scan Targets: D:\Virus\9ge\9ge.zip
  Counts:
   Total items scanned: 12
   - Files & Directories: 12
   - Registry Entries: 0
   - Processes & Start-up Items: 0
   - Network & Browser Items: 0
   - Other: 0
   - Trusted Files: 0
   - Skipped Files: 0

   Total security risks detected: 6
   Total items resolved: 6
   Total items that require attention: 0

Resolved Threats:
Infostealer.Gampass
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
[2.exe] inside of [d:\virus\9ge\9ge.zip] - Deleted


Backdoor.Sdbot
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
[3.exe] inside of [d:\virus\9ge\9ge.zip] - Deleted


Trojan.Dropper
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
[4.exe] inside of [d:\virus\9ge\9ge.zip] - Deleted


Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
[5.exe] inside of [d:\virus\9ge\9ge.zip] - Deleted


Suspicious.AH.11
Type: Compressed
Risk: Medium (Medium Stealth, Medium Removal, Medium Performance, Medium Privacy)  
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
[wooaa.exe] inside of [6.exe] inside of [d:\virus\9ge\9ge.zip] - Deleted


Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
[setup707.exe] inside of [d:\virus\9ge\9ge.zip] - Deleted

kingmuro

2008-10-14 22:11:32        检测到威胁: Heur.AntiAV        D:\My Documents\桌面\9ge.rar/9ge\2.exe               
2008-10-14 22:11:32        未处理: Heur.AntiAV        D:\My Documents\桌面\9ge.rar/9ge\2.exe        延期       
2008-10-14 22:11:33        检测到威胁: Trojan.Win32.Shutdowner.wg        D:\My Documents\桌面\9ge.rar/9ge\5.exe               
2008-10-14 22:11:33        未处理: Trojan.Win32.Shutdowner.wg        D:\My Documents\桌面\9ge.rar/9ge\5.exe        延期       
2008-10-14 22:11:38        检测到威胁: Trojan-Downloader.Win32.Agent.zdo        D:\My Documents\桌面\9ge.rar/9ge\7.exe               
2008-10-14 22:11:38        未处理: Trojan-Downloader.Win32.Agent.zdo        D:\My Documents\桌面\9ge.rar/9ge\7.exe        延期       
2008-10-14 22:11:40        检测到威胁: Heur.AntiAV        D:\My Documents\桌面\9ge.rar/9ge\2.exe               
2008-10-14 22:11:40        检测到威胁: Trojan.Win32.Shutdowner.wg        D:\My Documents\桌面\9ge.rar/9ge\5.exe               
2008-10-14 22:11:40        检测到威胁: Trojan-Downloader.Win32.Agent.zdo        D:\My Documents\桌面\9ge.rar/9ge\7.exe

jiahsuan

AVG通杀！

[ 本帖最后由 jiahsuan 于 2008-10-14 22:44 编辑 ]

欠妳緈諨

D:\病毒测试\临时解压\9ge\2.exe - 特征码 'not-a-Virus.Hacktool.Keygen' 被发现
D:\病毒测试\临时解压\9ge\3.exe - 特征码 'Virus.Win32.Trojan' 被发现
D:\病毒测试\临时解压\9ge\4.exe - 特征码 'Virus.Win32.AdWare' 被发现
D:\病毒测试\临时解压\9ge\5.exe - 特征码 'Virus.Trojan.Win32.Shutdowner.wg' 被发现
D:\病毒测试\临时解压\9ge\6.exe - 特征码 'Backdoor.Win32.Delf.cir' 被发现
D:\病毒测试\临时解压\9ge\7.exe - 特征码 'Trojan-Downloader.Win32.Agent.zdo' 被发现
D:\病毒测试\临时解压\9ge\8.exe:\$PLUGINSDIR\System.dll
D:\病毒测试\临时解压\9ge\8.exe:\$[12]\09.exe - 特征码 'Virus.Win32.Cinmus.L' 被发现
D:\病毒测试\临时解压\9ge\8.exe
D:\病毒测试\临时解压\9ge\ad7567.exe
D:\病毒测试\临时解压\9ge\Setup707.exe

        11 文件被扫描
          (2 压缩档 2 文件)
        7 特征码被侦测
        0 可疑代码段被发现
        耗时: 0:03.054

欠妳緈諨

D:\病毒测试\临时解压\9ge\2.exe - Win32/TrojanClicker.Agent.NDJ 特洛伊木马 的变种
D:\病毒测试\临时解压\9ge\3.exe > NSIS > mscs24.exe - Win32/TrojanDownloader.QQHelper.NEZ 特洛伊木马
D:\病毒测试\临时解压\9ge\4.exe > NSIS > 19.exe > NSIS > 龏? - Win32/Adware.Cinmus 应用程序
D:\病毒测试\临时解压\9ge\5.exe > NSIS > HtmlPeek.dll - Win32/Agent.SAO 特洛伊木马
D:\病毒测试\临时解压\9ge\5.exe > NSIS > counter.exe - Win32/Agent.SAO 特洛伊木马
D:\病毒测试\临时解压\9ge\5.exe > NSIS > Senddata.dll - Win32/Agent.SAO 特洛伊木马
D:\病毒测试\临时解压\9ge\5.exe > NSIS > uninstall.exe - Win32/Agent.SAO 特洛伊木马
D:\病毒测试\临时解压\9ge\6.exe > ZIP > CoolIE.exe - 未查明的 NewHeur_PE 病毒
D:\病毒测试\临时解压\9ge\6.exe > ZIP > wooaa.exe - 可能是 Win32/Genetik 特洛伊木马 的变种
D:\病毒测试\临时解压\9ge\7.exe > NSIS > cpush.dll - Win32/Adware.Cinmus 应用程序
D:\病毒测试\临时解压\9ge\7.exe > NSIS > Uninst.exe - Win32/Adware.Cinmus 应用程序
D:\病毒测试\临时解压\9ge\8.exe > NSIS > 09.exe - Win32/Adware.Cinmus 应用程序 的变种
D:\病毒测试\临时解压\9ge\ad7567.exe > NSIS > cpush.dll - Win32/Adware.Cinmus 应用程序 的变种
D:\病毒测试\临时解压\9ge\ad7567.exe > NSIS > Uninst.exe - Win32/Adware.Cinmus 应用程序
D:\病毒测试\临时解压\9ge\Setup707.exe - Win32/TrojanDownloader.Delf.OHJ 特洛伊木马 的变种