[病毒样本] X33

显示全部楼层 · 发表于 2008-12-29 17:52:36

http://bbs.kafan.cn/thread-396298-1-1.html

下载物和原毒一起扔上~

显示全部楼层 · 发表于 2008-12-29 18:17:06

显示全部楼层 · 发表于 2008-12-29 18:21:07

读书空隙来上网？

显示全部楼层 · 发表于 2008-12-29 19:30:11

BitDefender ANtiVirus 2009
報23個
其餘10個上報

C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1734733.exe BehavesLike:Win32.ExplorerHijack Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1911340.exe DeepScan:Generic.PWS.WoW.7987E149 Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2169904.exe Dropped:Trojan.PWS.OnlineGames.ZWI Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___65259.exe Dropped:Trojan.PWS.OnlineGames.ZWI Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___81288.exe Dropped:Trojan.PWS.OnlineGames.ZWI Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___666534.exe MemScan:Exploit.MS08-067.D Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\ce.css Rootkit.Agent.AIWN Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1022393.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1521458.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1843191.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2005400.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2519833.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2710211.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___386400.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___652304.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___653134.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___951791.exe Trojan.PWS.Agent.SGC Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___153556.exe Trojan.PWS.OnlineGames.AAGG Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1545447.exe Trojan.PWS.OnlineGames.AAGG Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___1809659.exe Trojan.PWS.OnlineGames.AAGG Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2237594.exe Trojan.PWS.OnlineGames.AAGG Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2722981.exe Trojan.PWS.OnlineGames.AAGG Deleted
C:\Documents and Settings\Justice\My Documents\virus\KAFAN\新資料夾\2008-12-29___2753309.exe Trojan.PWS.OnlineGames.AAGG Deleted

显示全部楼层 · 发表于 2008-12-29 19:30:14

C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1022393.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1440850.exe Adware.BHO.euv.zhnb.arc 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1521458.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___153556.exe TrojanPSW.GameOL.tjx.bpjt 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1545447.exe Backdoor.Small.har.xpsf 后门还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1734733.exe TrojanDownloader.Nurech.bd.bmqk 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1752666.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1809659.exe Trojan.Cap8122918.tsut 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1843191.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___1911340.exe Trojan.Cap8122816.jbbc 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2005400.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2028558.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2119119.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2169904.exe Trojan.Maganic.gen 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2195975.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2237594.exe Trojan.Cap8122912.vsxv 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2407991.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2519833.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2710211.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2722981.exe Trojan.Inject.lzi.nazq 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2753309.exe Trojan.Cap812241.mopw 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___286168.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2896828.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___2939156.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___386400.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___652304.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___65259.exe Trojan.Undef.urj.vnpm 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___653134.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___666534.exe TrojanDropper.Agent.abxj.llnv 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___808231.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___81288.exe Trojan.Maganic.gen 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>2008-12-29___951791.exe Trojan.OnLineGames.gen.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\33.rar>>ce.css TrojanDropper.Agent.abku.voyg 木马还未处理

显示全部楼层 · 发表于 2008-12-29 20:24:33

瑞星09扫描到80个文件，病毒36个

显示全部楼层 · 发表于 2008-12-29 23:48:56

ESET 反正最后剩一个文件

Scan Log
Version of virus signature database: 3720 (20081229)
Date: 2008-12-29 Time: 23:46:26
Scanned disks, folders and files: C:\Documents and Settings\GUNDAM\桌面\33
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1022393.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1440850.exe » NSIS » 116.exe - a variant of Win32/Adware.Cinmus application
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1521458.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___153556.exe - a variant of Win32/TrojanDropper.Agent.NPO trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1545447.exe - a variant of Win32/TrojanDropper.Agent.NPO trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1734733.exe - a variant of Win32/PSW.Legendmir.NGG trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1752666.exe - probably a variant of Win32/PSW.OnLineGames.NST trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1809659.exe - a variant of Win32/TrojanDropper.Agent.NPO trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1843191.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2005400.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2028558.exe - probably a variant of Win32/Genetik trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2119119.exe - probably a variant of Win32/PSW.OnLineGames.NST trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2169904.exe - a variant of Win32/PSW.OnLineGames.NRD trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2195975.exe - a variant of Win32/PSW.Delf.NMX trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2237594.exe - a variant of Win32/TrojanDropper.Agent.NPO trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2407991.exe - probably a variant of Win32/Genetik trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2519833.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2710211.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2722981.exe - a variant of Win32/TrojanDropper.Agent.NPO trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2753309.exe - a variant of Win32/TrojanDropper.Agent.NPO trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___286168.exe - probably a variant of Win32/Genetik trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2896828.exe - probably a variant of Win32/PSW.OnLineGames.NST trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___2939156.exe - a variant of Win32/PSW.OnLineGames.NST trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___386400.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___652304.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___65259.exe - a variant of Win32/PSW.OnLineGames.NRD trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___653134.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___666534.exe - a variant of Win32/TrojanDownloader.Agent.OOB trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___808231.exe - probably a variant of Win32/Genetik trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___81288.exe - a variant of Win32/PSW.OnLineGames.NRD trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___951791.exe - probably a variant of Win32/PSW.OnLineGames.NRF trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\ce.css - probably a variant of Win32/TrojanDownloader.Agent.ONB trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\33\2008-12-29___1440850.exe » NSIS » 116.exe - a variant of Win32/Adware.Cinmus application - was a part of the deleted object
Number of scanned objects: 36
Number of threats found: 32
Number of cleaned objects: 32
Time of completion: 23:46:41 Total scanning time: 15 sec (00:00:15)

Notes:
[1] Object has been deleted as it only contained the virus body.

显示全部楼层 · 发表于 2008-12-29 23:51:35

2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___286168.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___386400.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___652304.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___653134.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-Dropper.Win32.Agent.abxj G:\Temp\Virus\33.rar/2008-12-29___666534.exe//FSG
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___808231.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___951791.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___1022393.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___1521458.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Backdoor.Win32.Small.har G:\Temp\Virus\33.rar/2008-12-29___1545447.exe//UPack
2008/12/29 23:49:07 已清除木马程序 Backdoor.Win32.Small.hay G:\Temp\Virus\33.rar/2008-12-29___1734733.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___1752666.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___1843191.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan.Win32.Agent.bayc G:\Temp\Virus\33.rar/2008-12-29___1911340.exe
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___2005400.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___2028558.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___2119119.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.aodn G:\Temp\Virus\33.rar/2008-12-29___2169904.exe//PE_Patch.UPX//UPX
2008/12/29 23:49:07 已清除木马程序 Trojan-PSW.Win32.QQPass.etn G:\Temp\Virus\33.rar/2008-12-29___2195975.exe
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___2407991.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___2519833.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.gen G:\Temp\Virus\33.rar/2008-12-29___2710211.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan.Win32.Inject.lzh G:\Temp\Virus\33.rar/2008-12-29___2722981.exe//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan.Win32.Inject.lzh G:\Temp\Virus\33.rar/2008-12-29___2753309.exe//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.OnLineGames.ubga G:\Temp\Virus\33.rar/2008-12-29___2896828.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-Dropper.Win32.Agent.acfg G:\Temp\Virus\33.rar/2008-12-29___2939156.exe//PE_Patch//UPack
2008/12/29 23:49:07 已清除木马程序 Trojan-Dropper.Win32.Agent.abku G:\Temp\Virus\33.rar/ce.css//PE_Patch.UPX//UPX
2008/12/29 23:49:07 已清除木马程序 Trojan-Dropper.Win32.Small.ceh G:\Temp\Virus\33.rar/2008-12-29___65259.exe//PE_Patch.UPX//UPX
2008/12/29 23:49:07 已清除木马程序 Trojan-GameThief.Win32.Magania.aodn G:\Temp\Virus\33.rar/2008-12-29___81288.exe//PE_Patch.UPX//UPX
2008/12/29 23:49:07 已清除广告软件 not-a-virus:AdWare.Win32.BHO.euv G:\Temp\Virus\33.rar/2008-12-29___1440850.exe//data0003

Miss 3 To KL

显示全部楼层 · 发表于 2008-12-30 17:47:57

Start of the scan: 2008年12月30日  17:45
Starting the file scan:

Begin scan in 'C:\Documents and Settings\***\桌面\样本'
C:\Documents and Settings\***\桌面\样本\2008-12-29___1022393.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.MultiFirst.AH Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4989edee.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1440850.exe
[0] Archive type: NSIS
--> ProgramFilesDir/116.exe
   [DETECTION] Contains recognition pattern of the ADSPY/Cin.FBT.53248 adware or spyware
[DETECTION] Contains recognition pattern of the DR/BHO.euv dropper
[NOTE]    A backup was created as '480ef187.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1521458.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.AC Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4989edef.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___153556.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef198.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1545447.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4989edf1.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1734733.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '4989edf0.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1752666.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '480ef199.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1809659.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4989edf2.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1843191.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.MultiFirst.AD Trojan
      --> Object
      [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.vzr back-door program
[NOTE]    A backup was created as '480ef19a.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___1911340.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '4989edf3.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2005400.exe
[DETECTION] Is the TR/Agent.BHQ Trojan
[NOTE]    A backup was created as '480ef19c.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2028558.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '480ef19b.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2119119.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '4989edf4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2169904.exe
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.Magania.aobb Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef19d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2195975.exe
   [DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    A backup was created as '4989edf5.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2237594.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef19e.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2407991.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '4989edf6.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2519833.exe
[DETECTION] Is the TR/Agent.BHQ Trojan
[NOTE]    A backup was created as '480ef19f.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2710211.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.AE Trojan
      --> Object
      [DETECTION] Is the TR/PSW.Magania.aoys.3 Trojan
[NOTE]    A backup was created as '4989edc8.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2722981.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4989edf7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2753309.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef190.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___286168.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '4989edf9.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2896828.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '480ef1a1.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___2939156.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '4989edca.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___386400.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.MultiFirst.AH Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef1a3.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___652304.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.MultiFirst.AH Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef192.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___65259.exe
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.Magania.annh Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4989edfb.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___653134.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.AF Trojan
      --> Object
      [DETECTION] Is the TR/Agent.avwc.20 Trojan
[NOTE]    A backup was created as '4989edf8.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___666534.exe
   [DETECTION] Is the TR/Drop.Agent.Zlo.1 Trojan
[NOTE]    A backup was created as '480ef191.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___808231.exe
   [DETECTION] Is the TR/Thief.Games.ubha Trojan
[NOTE]    A backup was created as '4989edfa.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___81288.exe
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.Magania.aobb Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '480ef194.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\2008-12-29___951791.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Thief.MultiFirst.AE Trojan
      --> Object
      [DETECTION] Is the TR/SmallGame.BF.11 Trojan
[NOTE]    A backup was created as '4989edfd.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\***\桌面\样本\ce.css
   [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
[NOTE]    A backup was created as '4987ee2e.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2008年12月30日  17:45
Used time: 00:15 Minute(s)

The scan has been done completely.

   1 Scanning directories
   35 Files were scanned
   45 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   33 files were deleted
   0 files were repaired
   33 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
-10 Files not concerned
   1 Archives were scanned
   0 Warnings
   33 Notes
--------------------------------------------------------------------
红伞S版库（V7.01.01.48）清空。

显示全部楼层 · 发表于 2008-12-30 17:51:13

信息 2008-12-30  17:49:47 您此次查毒隔离了31个文件
信息 2008-12-30  17:49:47 您此次查毒清除了1个病毒
信息 2008-12-30  17:49:47 您此次查毒共查出32个病毒以及危险代码
信息 2008-12-30  17:49:47 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件71个
信息 2008-12-30  17:49:47 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

金山毒霸可信认证查询结果如下:

报告生成于: 2008/12/30 17:49

2008-12-29___1545447.exe    --------    可疑的
2008-12-29___1734733.exe    --------    可疑的
2008-12-29___1752666.exe    --------    可疑的
2008-12-29___1809659.exe    --------    可疑的
2008-12-29___2028558.exe    --------    可疑的
2008-12-29___2119119.exe    --------    可疑的
2008-12-29___2237594.exe    --------    可疑的
2008-12-29___2407991.exe    --------    可疑的
2008-12-29___2722981.exe    --------    可疑的
2008-12-29___286168.exe    --------    可疑的
2008-12-29___2896828.exe    --------    可疑的
2008-12-29___2939156.exe    --------    可疑的
2008-12-29___808231.exe    --------    可疑的

2008-12-29___1022393.exe    --------    病毒
2008-12-29___1440850.exe    --------    病毒
2008-12-29___1521458.exe    --------    病毒
2008-12-29___1843191.exe    --------    病毒
2008-12-29___2005400.exe    --------    病毒
2008-12-29___2169904.exe    --------    病毒
2008-12-29___2519833.exe    --------    病毒
2008-12-29___2710211.exe    --------    病毒
2008-12-29___386400.exe    --------    病毒
2008-12-29___652304.exe    --------    病毒
2008-12-29___65259.exe    --------    病毒
2008-12-29___653134.exe    --------    病毒
2008-12-29___666534.exe    --------    病毒
2008-12-29___81288.exe    --------    病毒
2008-12-29___951791.exe    --------    病毒
ce.css    --------    病毒

2008-12-29___153556.exe    --------    分析中
2008-12-29___1911340.exe    --------    分析中
2008-12-29___2195975.exe    --------    分析中
2008-12-29___2753309.exe    --------    分析中

理论文件总数: 33
实际文件总数: 33

其中:

分析中: 4
可疑的: 13
病毒: 16

识别率为: 100%

[病毒样本] X33

本帖子中包含更多资源

本帖子中包含更多资源

33