19个毒

显示全部楼层 · 发表于 2007-5-23 07:22:58

呵呵

显示全部楼层 · 发表于 2007-5-23 07:43:04

Starting the file scan:

Begin scan in 'F:\样本\Downloads.part1.rar'
F:\样本\Downloads.part1.rar
  [0] Archive type: RAR
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/Drop.QQPa.WP.1.A
  --> 1631[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.TZ.51
  --> 1632[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.Lmir.ava.1
  --> 1633[1].exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> 1634[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2419
  --> 1636[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2509
  --> 1637[1].exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 1638[1].exe
   [DETECTION] Contains signature of the HTML script virus HTML/Dldr.Small.4
  --> 1639[1].exe
   [DETECTION] Is the Trojan horse TR/Hijack.A.12800.A
  --> 163a[1].exe
   [DETECTION] Is the Trojan horse TR/Trenci.2
  --> 163b[1].exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.1 Backdoor server programs
  --> c0nime.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> crasos.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> iexp10re.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Agent.nma.1
  --> nslookupi.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.1 Backdoor server programs
   [INFO]    The file was deleted!
Begin scan in 'F:\样本\Downloads.part2.rar'
Begin scan in 'F:\样本\Downloads.part3.rar'

End of the scan: 2007年5月23日  07:42
Used time: 00:04 min

The scan has been done completely.

   0 Scanning directories
   22 Files were scanned
   16 viruses and/or unwanted programs were found
   1 classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   5 Files not concerned
   3 Archives were scanned
   0 Warnings
   1 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-5-23 08:05:28

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\Downloads'
C:\Documents and Settings\morgan\My Documents\Downloads\
  12.exe
   [DETECTION] Is the Trojan horse TR/Drop.QQPa.WP.1.A
   [WARNING] The file was ignored!
  1631[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.TZ.51
   [WARNING] The file was ignored!
  1632[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.Lmir.ava.1
   [WARNING] The file was ignored!
  1633[1].exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
   [WARNING] The file was ignored!
  1634[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2419
   [WARNING] The file was ignored!
  1636[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2509
   [WARNING] The file was ignored!
  1637[1].exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  1638[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UG.2
   [WARNING] The file was ignored!
  1639[1].exe
   [DETECTION] Is the Trojan horse TR/Hijack.A.12800.A
   [WARNING] The file was ignored!
  163a[1].exe
   [DETECTION] Is the Trojan horse TR/Trenci.2
   [WARNING] The file was ignored!
  163b[1].exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.1 Backdoor server programs
   [WARNING] The file was ignored!
  c0nime.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [WARNING] The file was ignored!
  crasos.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [WARNING] The file was ignored!
  iexp10re.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [WARNING] The file was ignored!
  LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Agent.nma.1
   [WARNING] The file was ignored!
  nslookupi.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.1 Backdoor server programs
   [WARNING] The file was ignored!
  onligame.exe
   [DETECTION] Is the Trojan horse TR/Drop.Lmir.D.3
   [WARNING] The file was ignored!
  rising972.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.AF.2
   [WARNING] The file was ignored!
  xie[1].exe
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
   [WARNING] The file was ignored!

End of the scan: 2007年5月22日  17:03
Used time: 00:12 min

The scan has been done completely.

   1 Scanning directories
   19 Files were scanned
   19 viruses and/or unwanted programs were found
   1 classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -1 Files not concerned
   0 Archives were scanned
   19 Warnings
   0 Notes
   0 Hidden objects were found

扫描日志
NOD32版本 2279 (20070521) NT
命令行： C:\Documents and Settings\morgan\My Documents\ ?
?Downloads
正在检查NOD32.EXE文件的CRC：状态正常
D:\Eset\nod32.exe - 是正常的
扫描系统内存中：没有进行 (选项已关闭)
扫描MBR及引导区中：没有进行 (选项已关闭)
日期： 22.5.2007  时间：17:04:15
已关闭反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\Documents and Settings\ ?
?morgan\My Documents\Downloads\
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?12.exe - 可能是 Win32/PSW.QQPass.VD 木马的一个变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1631[1].exe - 未查明的 NewHeur_PE 病毒 [7]
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1632[1].exe - Win32/PSW.Legendmir.NEP 木马的变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1633[1].exe - 未查明的 NewHeur_PE 病毒 [7]
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1634[1].exe - Win32/PSW.Agent.NCC 木马的变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1636[1].exe - Win32/PSW.Agent.NCC 木马的变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1637[1].exe - Win32/PSW.Agent.NEW 木马的变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1638[1].exe - Win32/PSW.Agent.NEW 木马的变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?1639[1].exe - Win32/Delf.NEY 木马
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?163a[1].exe - Win32/PSW.Agent.NEW 木马的变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?163b[1].exe - Win32/TrojanDropper.Delf.NEG 木马
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?c0nime.exe - 是正常的
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?crasos.exe - 是正常的
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?iexp10re.exe - 是正常的
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?LYLOADER.EXE - 可能是 Win32/PSW.Agent.NEC 木马的一个变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?nslookupi.exe - Win32/Agent.NEM 木马
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?onligame.exe - 是正常的
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?rising972.exe - 可能是 Win32/Viking 病毒的一个变种
C:\Documents and Settings\morgan\My Documents\Downloads\ ?
?xie[1].exe - Win32/PSW.Delf.NHI 木马的变种
已扫描的文件数目：19
已发现的病毒数目：15
活动的病毒数目：15
完成时间： 17:04:33 总扫描时间：18 秒 (00:00:18)
注意：
[7] 该文件可能感染上未知病毒。

[Scan path] C:\Documents and Settings\morgan\My Documents\Downloads
>>C:\Documents and Settings\morgan\My Documents\Downloads\12.exe infected with Trojan.PWS.Qqpass.672
C:\Documents and Settings\morgan\My Documents\Downloads\1631[1].exe infected with Trojan.PWS.Wsgame
>C:\Documents and Settings\morgan\My Documents\Downloads\1632[1].exe - Ok
>C:\Documents and Settings\morgan\My Documents\Downloads\1633[1].exe infected with BackDoor.Twin.origin
C:\Documents and Settings\morgan\My Documents\Downloads\1634[1].exe infected with Trojan.PWS.Wsgame
>C:\Documents and Settings\morgan\My Documents\Downloads\1636[1].exe infected with Trojan.PWS.Wsgame
>C:\Documents and Settings\morgan\My Documents\Downloads\1637[1].exe probably infected with MULDROP.Trojan
>C:\Documents and Settings\morgan\My Documents\Downloads\1638[1].exe probably infected with MULDROP.Trojan
C:\Documents and Settings\morgan\My Documents\Downloads\1639[1].exe infected with Trojan.Addurl
>C:\Documents and Settings\morgan\My Documents\Downloads\163a[1].exe probably infected with MULDROP.Trojan
>>C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe\data001 - Ok
>C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe\data002 - Ok
>C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe\data003 - Ok
>C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe\data004 - Ok
>>C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe\data005 infected with Trojan.Sniff
>C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe\data006 - Ok
C:\Documents and Settings\morgan\My Documents\Downloads\163b[1].exe - archive contains infected objects
C:\Documents and Settings\morgan\My Documents\Downloads\c0nime.exe - Ok
C:\Documents and Settings\morgan\My Documents\Downloads\crasos.exe - Ok
C:\Documents and Settings\morgan\My Documents\Downloads\iexp10re.exe - Ok
>C:\Documents and Settings\morgan\My Documents\Downloads\LYLOADER.EXE probably infected with MULDROP.Trojan
>C:\Documents and Settings\morgan\My Documents\Downloads\nslookupi.exe infected with Trojan.Sniff
>C:\Documents and Settings\morgan\My Documents\Downloads\onligame.exe - Ok
C:\Documents and Settings\morgan\My Documents\Downloads\rising972.exe infected with Win32.HLLW.Gavir.72
>>C:\Documents and Settings\morgan\My Documents\Downloads\xie[1].exe infected with Trojan.PWS.Gamania.origin

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 26
Infected objects found: 10
Objects with modifications found: 0
Suspicious objects found: 4
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 323 Kb/s
Scan time: 00:00:05

显示全部楼层 · 发表于 2007-5-23 08:54:16

detected: Trojan program Trojan-PSW.Win32.QQPass.wm File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\12.exe/UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.tz File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1631[1].exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.mk File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1632[1].exe/PE_Patch/UPack/PE_Patch
detected: Trojan program Trojan-Downloader.Win32.Small.czl File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1633[1].exe/NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.es File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1634[1].exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.es File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1636[1].exe/PE_Patch/UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uf File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1637[1].exe/PE_Patch/UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ug File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1638[1].exe/PE_Patch/UPack
detected: Trojan program Trojan.Win32.Agent.adr File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\1639[1].exe/PE_Patch.UPX/UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.sl File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\163a[1].exe/PE_Patch/UPack
detected: Trojan program Trojan-Dropper.Win32.Small.axi File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\163b[1].exe/UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qv File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\c0nime.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ox File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\crasos.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qo File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\iexp10re.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.nn File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\LYLOADER.EXE/PE_Patch/UPack
detected: Trojan program Backdoor.Win32.Agent.alh File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\nslookupi.exe/PE_Patch/UPack
detected: Trojan program Trojan-Clicker.Win32.Flyst.d File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\onligame.exe/PE_Patch/NSPack/FlySFX/script.fly
detected: virus Worm.Win32.Viking.lm File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\rising972.exe
detected: Trojan program Trojan-PSW.Win32.Delf.qc File: C:\Documents and Settings\huaxun\桌面\Downloads[1].part1.rar\xie[1].exe/UPX

显示全部楼层 · 发表于 2007-5-23 09:58:19

微点4个已知（解压缩报），剩下的1个运行提示出错，一个运行没动作（等了10分钟），其他微点都砍鸟

显示全部楼层 · 发表于 2007-5-23 12:00:34

NOD32杀15个

，

显示全部楼层 · 发表于 2007-5-23 12:22:04

显示全部楼层 · 发表于 2007-5-23 12:25:46

Dr.Web
12.exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.PWS.Qqpass.672;;
1631[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.PWS.Wsgame;;
1633[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;BackDoor.Twin.origin;;
1634[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.PWS.Wsgame;;
1636[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.PWS.Wsgame;;
1637[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.PWS.Soul;;
1638[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Probably MULDROP.Trojan;;
1639[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.Addurl;;
163a[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Probably MULDROP.Trojan;;
163b[1].exe\data005;C:\Documents and Settings\Mahaijun\桌面\Downloads\163b[1].exe;Trojan.Sniff;;
163b[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Archive contains infected objects;;
LYLOADER.EXE;C:\Documents and Settings\Mahaijun\桌面\Downloads;Probably MULDROP.Trojan;;
nslookupi.exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.Sniff;;
rising972.exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Win32.HLLW.Gavir.72;;
xie[1].exe;C:\Documents and Settings\Mahaijun\桌面\Downloads;Trojan.PWS.Gamania.origin;;

显示全部楼层 · 发表于 2007-5-23 12:37:48

费尔报了14个，两个启发式，有一个报了壳程序
卡吧7报了59个

显示全部楼层 · 发表于 2007-5-23 13:11:11

卡6 却报21个

[病毒样本] 19个毒

本帖子中包含更多资源

红伞16个

正好19个

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源