一个老毒＋变种转AVP CLUB

显示全部楼层 · 发表于 2007-2-11 12:07:19

先用已知库杀
处理成功 Trojan.Win32.Agent.cdl I:\TEST\070210\14\TEMP10\TEMP[5].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan.Win32.Agent.cdm I:\TEST\070210\14\TEMP10\TEMP[4].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.Lmir.cwy I:\TEST\070210\14\TEMP10\TEMP[3].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.aag I:\TEST\070210\14\TEMP10\TEMP[2].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.zi I:\TEST\070210\14\TEMP10\TEMP[1].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-Downloader.Win32.Small.ggw I:\TEST\070210\14\TEMP10\IDRIVERS.PIF C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.zi I:\TEST\070210\14\TEMP10\WSVS.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.aag I:\TEST\070210\14\TEMP10\WSTTRS.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.ws I:\TEST\070210\14\TEMP10\MSCCRT.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.aaj I:\TEST\070210\14\TEMP10\CMDBCS.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.aaj I:\TEST\070210\14\TEMP10\TEMP[7].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
处理成功 Trojan-PSW.Win32.OnLineGames.ws I:\TEST\070210\14\TEMP10\TEMP[6].EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE

还有一个是通过行为判断有微点我放心

显示全部楼层 · 发表于 2007-2-11 13:38:57

avast! 2个,

,得换杀软了

显示全部楼层 · 发表于 2007-2-11 15:31:43

费尔杀掉17个，果然强

显示全部楼层 · 发表于 2007-2-11 15:38:40

Begin scan in 'I:\temp10.rar'
I:\temp10.rar
  [0] Archive type: RAR
  --> temp[6].exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.ALO.2
  --> temp[7].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.416
  --> temp[8].exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> cmdbcs.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.416
  --> msccrt.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.ALO.2
  --> wsttrs.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.417
  --> wsvs.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.423
  --> cmdbcs.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> msccrt.dll
   [DETECTION] Is the Trojan horse TR/PSW.WOW.CT
  --> wsvs.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.A.3
  --> IDrivers.pif
   [DETECTION] Is the Trojan horse TR/Dldr.Small.ege.2
  --> temp[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.423
  --> temp[2].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.417
  --> temp[3].exe
   [DETECTION] Is the Trojan horse TR/PSW.Lmir.bio
  --> temp[4].exe
   [DETECTION] Is the Trojan horse TR/Agent.abf.430
  --> temp[5].exe
   [DETECTION] Is the Trojan horse TR/Agent.abf.438
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-2-12 21:32:35

kis6.0307 报17个毒草。。。。。。

显示全部楼层 · 发表于 2007-2-12 21:39:07

江民
17

显示全部楼层 · 发表于 2007-2-12 22:01:12

瑞星16个……

显示全部楼层 · 发表于 2007-2-12 23:19:41

AVG捉16个，hohoho

显示全部楼层 · 发表于 2007-2-12 23:37:38

卡巴１７个

[病毒样本] 一个老毒＋变种转AVP CLUB

综合体现微点强

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

[病毒样本] 一个老毒＋变种 转AVP CLUB

综合体现微点强

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

[病毒样本] 一个老毒＋变种转AVP CLUB