上个大礼包，md5内详，实在是多。

显示全部楼层 · 发表于 2007-6-28 23:22:32

24 ..exe都解决了

Scan performed at: 2007-6-28 22:46:33
Scanning Log
NOD32 version 2361 (20070628) NT
Command line: F:\LYLOADER[1]\LYLOADER
Operating memory - is OK
Date: 28.6.2007 Time: 22:46:38
Anti-Stealth technology is enabled.
Scanned disks, folders and files: F:\LYLOADER[1]\LYLOADER\
F:\LYLOADER[1]\LYLOADER\dh2104.dll - Win32/PSW.OnLineGames.NCJ trojan
F:\LYLOADER[1]\LYLOADER\gdi32.exe - probably a variant of Win32/Genetik trojan
F:\LYLOADER[1]\LYLOADER\jh.exe - a variant of Win32/Agent.NIK trojan
F:\LYLOADER[1]\LYLOADER\LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan
F:\LYLOADER[1]\LYLOADER\mm[1].exe - a variant of Win32/PSW.Delf.NHI trojan
F:\LYLOADER[1]\LYLOADER\msdebug.dll - a variant of Win32/Agent.NIK trojan
F:\LYLOADER[1]\LYLOADER\MSDEG32.DLL - probably a variant of Win32/PSW.Agent.NEC trojan
F:\LYLOADER[1]\LYLOADER\netsrvcs.dll - a variant of Win32/Agent.NIK trojan
F:\LYLOADER[1]\LYLOADER\nwizAsktao.dll - Win32/PSW.OnLineGames.QL trojan
F:\LYLOADER[1]\LYLOADER\nwizAsktao.exe - a variant of Win32/PSW.Agent.NEW trojan
F:\LYLOADER[1]\LYLOADER\nwizdh.exe - a variant of Win32/PSW.OnLineGames.RC trojan
F:\LYLOADER[1]\LYLOADER\nwiztlbu.exe - a variant of Win32/PSW.Agent.NEW trojan
F:\LYLOADER[1]\LYLOADER\nwizwlwzs.exe - a variant of Win32/PSW.Agent.NEW trojan
F:\LYLOADER[1]\LYLOADER\qq.exe - probably a variant of Win32/PSW.QQPass.VD trojan
F:\LYLOADER[1]\LYLOADER\RAVWM.EXE - probably a variant of Win32/PSW.OnLineGames.NAV trojan
F:\LYLOADER[1]\LYLOADER\RAVWM624.dll - a variant of Win32/PSW.OnLineGames.NAV trojan
F:\LYLOADER[1]\LYLOADER\systemm.exe - Win32/Agent.NEM trojan - quarantined - unable to clean - deleted
F:\LYLOADER[1]\LYLOADER\visin.exe - probably unknown NewHeur_PE virus [7]
F:\LYLOADER[1]\LYLOADER\WinDebug.exe - probably a variant of Win32/Genetik trojan
F:\LYLOADER[1]\LYLOADER\windhcp.ocx - a variant of Win32/Agent.NIK trojan
F:\LYLOADER[1]\LYLOADER\wm.exe - probably a variant of Win32/PSW.OnLineGames.NAV trojan
F:\LYLOADER[1]\LYLOADER\WMIApiSrv.dll - a variant of Win32/Agent.NIK trojan
F:\LYLOADER[1]\LYLOADER\ztinetzt.dll - Win32/PSW.OnLineGames.NBP trojan
F:\LYLOADER[1]\LYLOADER\ztinetzt.exe - probably a variant of Win32/PSW.OnLineGames.RC trojan
Number of scanned files: 42
Number of threats found: 24
Number of files cleaned: 24
Time of completion: 22:46:49 Total scanning time: 11 sec (00:00:11)
Notes:
[7] File is probably infected with an unknown virus.

显示全部楼层 · 发表于 2007-6-28 23:44:12

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.XYOnline.p
病毒： Trojan.DL.Win32.Multi.n
病毒： Trojan.DL.Win32.Multi.n
病毒： Trojan.PSW.Agent.kat
病毒： Trojan.PSW.AskTao.u
病毒： Trojan.PSW.AskTao.u
病毒： Trojan.PSW.Win32.XYOnline.l
病毒： Trojan.PSW.Win32.QQHX.b
病毒： Trojan.PSW.Win32.QQHX.b
病毒： Trojan.PSW.Win32.WorldOnline.ii
病毒： Trojan.PSW.Win32.WorldOnline.ii
病毒： Trojan.PSW.QQPass.tkv
病毒： Trojan.DL.Win32.Agent.wgh
病毒： Trojan.MnLess.kks
病毒： Trojan.PSW.Win32.RocOnline.c
病毒： Trojan.PSW.OnlineGames.cew
病毒： Trojan.PSW.OnlineGames.chc
病毒： Trojan.PSW.Win32.ZhengTu.b

用户来源：互联网

软件版本：19.29.32

显示全部楼层 · 发表于 2007-6-29 01:22:58

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\LYLOADER'
C:\Documents and Settings\Administrator\My Documents\LYLOADER\
  dh2104.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  gdi32.exe
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
   [WARNING] The file was ignored!
  GdiSPidGen.dll
  GetsFile.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  GetsFiles.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  hjtdx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  jh.exe
   [DETECTION] Is the Trojan horse TR/Agent.abf.1057
   [WARNING] The file was ignored!
  LYLOADER.EXE
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  LYMANGR.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  mm[1].exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.40
   [WARNING] The file was ignored!
  msdebug.dll
   [DETECTION] Is the Trojan horse TR/PSW.Onlinegames.AYD.173
   [WARNING] The file was ignored!
  MSDEG32.DLL
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
   [WARNING] The file was ignored!
  netsrvcs.dll
  nwizAsktao.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [WARNING] The file was ignored!
  nwizAsktao.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
   [WARNING] The file was ignored!
  nwizdh.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
   [WARNING] The file was ignored!
  nwiztlbb.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  nwiztlbu.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
   [WARNING] The file was ignored!
  nwizwlwzs.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [WARNING] The file was ignored!
  nwizwlwzs.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
   [WARNING] The file was ignored!
  Packet.dll
  qq.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQPass.WM.14
   [WARNING] The file was ignored!
  RAVWM.EXE
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [WARNING] The file was ignored!
  RAVWM624.dll
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [WARNING] The file was ignored!
  SvTime.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  systemm.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.7 Backdoor server programs
   [WARNING] The file was ignored!
  tfsaa.ccr
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  TIMHost.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  visin.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
   [WARNING] The file was ignored!
  WanPacket.dll
  wgfdl.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  whgdm.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  WinDebug.exe
   [DETECTION] Contains signature of the dropper DR/Delphi.Gen
   [WARNING] The file was ignored!
  windhcp.ocx
  wkjbj.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  wkufd.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  wm.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [WARNING] The file was ignored!
  WMIApiSrv.dll
   [DETECTION] Is the Trojan horse TR/PSW.Onlinegames.AYD.41
   [WARNING] The file was ignored!
  wpcap.dll
  zerwx.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [WARNING] The file was ignored!
  ztinetzt.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.QW.162
   [WARNING] The file was ignored!
  ztinetzt.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
   [WARNING] The file was ignored!

End of the scan: 2007年6月28日  10:22
Used time: 00:16 min

The scan has been done completely.

   1 Scanning directories
   42 Files were scanned
   36 viruses and/or unwanted programs were found
   15 classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -9 Files not concerned
   0 Archives were scanned
   36 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-6-29 09:33:51

一共39个

显示全部楼层 · 发表于 2007-7-4 03:21:21

*** E:\病毒库\LYLOADER[1]\LYLOADER\gdi32.exe -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\GdiSPidGen.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\GetsFile.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\GetsFiles.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\hjtdx.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\jh.exe -> Trojan W32/Agent.BUEE ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\LYLOADER.EXE -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\LYMANGR.DLL -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\mm[1].exe -> Trojan W32/Delf.AHTZ ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\MSDEG32.DLL -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\netsrvcs.dll -> Trojan W32/Smalltroj.dam ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\nwizAsktao.exe -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\nwizdh.exe -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\nwiztlbb.dll -> Trojan W32/OnLineGames.HPY ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\nwiztlbu.exe -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\nwizwlwzs.dll -> Trojan W32/OnLineGames.HPZ ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\qq.exe -> Trojan W32/Malware.USD ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\RAVWM.EXE -> Security Risk Suspicious_F.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\RAVWM624.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\SvTime.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\systemm.exe -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\tfsaa.ccr -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\TIMHost.dll -> Trojan W32/OnLineGames.HQA ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\wgfdl.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\whgdm.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\WinDebug.exe -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\windhcp.ocx -> Trojan W32/Smalltroj.dam ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\wkjbj.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\wkufd.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\wm.exe -> Security Risk Suspicious_F.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\zerwx.dll -> Security Risk W32/Suspicious_U.gen ()
*** E:\病毒库\LYLOADER[1]\LYLOADER\ztinetzt.exe -> Security Risk W32/Suspicious_U.gen ()

===================================================================================================

The scanning started: 2007/07/04 03:18:18
            ended: 2007/07/04 03:18:46
Logged on as       : Administrator
on hostname       : 7ABD02ECF7AB498

Scanning results:
Total number of files found..............................:    42
Number of files scanned..................................:    42
Number of files/directories skipped due to exclude list..:    0
Number of files that could not be opened.................:    0
Number of archive files unpacked.........................:    0
Number of archive files not unpacked.....................:    0
Number of infections.....................................:    32

[病毒样本] 上个大礼包，md5内详，实在是多。

本帖子中包含更多资源