小礼一份，查收，30个。

显示全部楼层 · 发表于 2007-8-16 19:02:25

BitDefender

This web page has been blocked by BitDefender Antivirus Real-time Protection!

The blocked web page included objects that were either infected or likely to be infected with a virus. Your system has NOT been infected.
http://www.bitdefender.com/vfind ... WS.Games.1.71BA411A
http://www.bitdefender.com/vfind ... e.dld!!PWS.CFE114E5
http://www.bitdefender.com/vfind/?q=Generic.PWStealer.FC8576D8
http://www.bitdefender.com/vfind/?q=Generic.PWS.Games.4.DC2E4A6C
http://www.bitdefender.com/vfind ... inegames.2.D08047EF
http://www.bitdefender.com/vfind ... in32.ExplorerHijack
http://www.bitdefender.com/vfind ... e.dld!!PWS.99F437ED
http://www.bitdefender.com/vfind ... alware.PWS.DD2E70E5
http://www.bitdefender.com/vfind/?q=Generic.Malware.PWS.DD2E70E5
http://www.bitdefender.com/vfind ... alware.PWS.5F3DD260
http://www.bitdefender.com/vfind/?q=Generic.Malware.PWS.5F3DD260
http://www.bitdefender.com/vfind/?q=Trojan.PWS.Agent.NEO
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\LYLOADER.EXE\[Upack]\[Embedded#5158]\[Upack] [L] Win32:OnLineGames-ST [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\LYMANGR.DLL\[Upack] [L] Win32:OnLineGames-ST [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\msdebug.dll\[PECompact] [L] Win32:Agent-HJW [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\MSDEG32.DLL\[Upack] [L] Win32:Onlinegames-ALF [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\RAV00A0.DAT\[Upack] [L] Win32:Onlinegames-ATD [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\RAV00A0.exe\[Upack]\[Embedded#5060]\[Upack] [L] Win32:Onlinegames-ATD [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\systemm.exe\[Upack] [L] Win32:Agent-GRV [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\wddins.exe\[Upack]\[Embedded#MAIN] [L] Win32:Small-HHY [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\winow.dll [L] Win32:Delf-DTT [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\winow.exe\[Upack]\[Embedded#DOWN] [L] Win32:Delf-DTT [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\WinSrv32.EXE [L] Win32:Delf-CSK [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\WinSrvGunVrs.EXE [L] Win32:Delf-CSK [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\wmsj.exe\[Upack] [L] Win32:Delf-EQW [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\RAVDHMON.DAT\[Upack] [L] Win32:Hupigon-CYX [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\WINDOWS\TEMP\httproxy_srv038720181187262004\RAVDHMON.exe\[Upack]\[Embedded#5060]\[Upack] [L] Win32:Hupigon-CYX [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...

显示全部楼层 · 发表于 2007-8-16 19:05:38

Start of the scan: 2007年8月16日  19:04

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\30virus0816.rar
  [0] Archive type: RAR
  --> file1.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> file10.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> LYMANGR.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
  --> MSDEG32.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> RAV00A0.DAT
   [DETECTION] Is the Trojan horse TR/PSW.Agent.rwa
  --> RAV00A0.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.rwa
  --> RAVWDMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.MQ.54
  --> RAVWDMON.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.MQ.54
  --> RAVWLMON.DAT
   [DETECTION] Is the Trojan horse TR/Agent.5906
  --> RAVWLMON.exe
   [DETECTION] Is the Trojan horse TR/Agent.5906
  --> RAVZTMON.DAT
   [DETECTION] Is the Trojan horse TR/Agent.7613
  --> RAVZTMON.exe
   [DETECTION] Is the Trojan horse TR/Agent.7613
  --> systemm.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.7 Backdoor server programs
  --> TIMHost.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> TIMHost.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> video.dll
   [DETECTION] Is the Trojan horse TR/PSW.Steal.35840.7
  --> wddins.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> winow.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> winow.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> WinSrv32.EXE
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> WinSrvGunVrs.EXE
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> wmsj.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> RAVDHMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
  --> RAVDHMON.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
  --> RAVJZMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
  --> RAVZXMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
   [INFO]    The file was deleted!

End of the scan: 2007年8月16日  19:04
Used time: 00:15 min

The scan has been done completely.

   1 Scanning directories
   31 Files were scanned
   27 viruses and/or unwanted programs were found
   6 classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -2 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-8-16 19:21:22

显示全部楼层 · 发表于 2007-8-16 19:37:08

Scan performed at: 2007/8/16 19:36:14
Scanning Log
NOD32 version 2465 (20070816) NT
Command line: G:\v\30virus0816.rar

Date: 16.8.2007 Time: 19:36:20
Anti-Stealth technology is enabled.
Scanned disks, folders and files: G:\v\30virus0816.rar
G:\v\30virus0816.rar ?RAR ?LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan
G:\v\30virus0816.rar ?RAR ?msdebug.dll - a variant of Win32/Agent.NIK trojan
G:\v\30virus0816.rar ?RAR ?RAV00A0.DAT - a variant of Win32/PSW.OnLineGames.NCU trojan
G:\v\30virus0816.rar ?RAR ?RAV00A0.exe - probably a variant of Win32/Genetik trojan
G:\v\30virus0816.rar ?RAR ?RAVWDMON.exe - probably a variant of Win32/Genetik trojan
G:\v\30virus0816.rar ?RAR ?RAVWLMON.exe - probably a variant of Win32/Genetik trojan
G:\v\30virus0816.rar ?RAR ?RAVZTMON.DAT - a variant of Win32/PSW.OnLineGames.NCU trojan
G:\v\30virus0816.rar ?RAR ?RAVZTMON.exe - probably a variant of Win32/Genetik trojan
G:\v\30virus0816.rar ?RAR ?systemm.exe - Win32/Agent.NEM trojan - was a part of the deleted object
G:\v\30virus0816.rar ?RAR ?TIMHost.dll - probably a variant of Win32/PSW.OnLineGames.NBZ trojan
G:\v\30virus0816.rar ?RAR ?TIMHost.exe - a variant of Win32/PSW.OnLineGames.YA trojan
G:\v\30virus0816.rar ?RAR ?wddins.exe - a variant of Win32/PSW.OnLineGames.NEN trojan
G:\v\30virus0816.rar ?RAR ?winow.exe - probably unknown NewHeur_PE virus [7]
G:\v\30virus0816.rar ?RAR ?WinSrv32.EXE - probably unknown NewHeur_PE virus [7]
G:\v\30virus0816.rar ?RAR ?WinSrvGunVrs.EXE - probably unknown NewHeur_PE virus [7]
G:\v\30virus0816.rar ?RAR ?wmsj.exe - probably unknown NewHeur_PE virus [7]
G:\v\30virus0816.rar ?RAR ?RAVDHMON.DAT - a variant of Win32/PSW.OnLineGames.NCU trojan
G:\v\30virus0816.rar ?RAR ?RAVDHMON.exe - a variant of Win32/PSW.OnLineGames.NEP trojan
G:\v\30virus0816.rar ?RAR ?RAVJZMON.DAT - a variant of Win32/PSW.OnLineGames.NCU trojan
G:\v\30virus0816.rar ?RAR ?RAVZXMON.DAT - a variant of Win32/PSW.OnLineGames.NCU trojan
Number of scanned files: 31
Number of threats found: 20
Number of files cleaned: 1
Time of completion: 19:36:26 Total scanning time: 6 sec (00:00:06)

Notes:
[7] File is probably infected with an unknown virus.

显示全部楼层 · 发表于 2007-8-16 19:43:52

asquared全飘看来asquared这玩意只是个摆设..

显示全部楼层 · 发表于 2007-8-16 19:44:12

detected: Trojan program Trojan-PSW.Win32.OnLineGames.agb File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/LYLOADER.EXE//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.agb File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/LYMANGR.DLL//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.agb File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/MSDEG32.DLL//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/RAV00A0.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.mq File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/RAVWDMON.DAT//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.mq File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/RAVWDMON.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.aci File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/RAVWLMON.exe//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.aci File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/RAVZTMON.exe//PE_Patch
detected: Trojan program Backdoor.Win32.Agent.alh File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/systemm.exe//PE_Patch//UPack
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/TIMHost.exe//PE_Patch//UPack
detected: Trojan program Trojan-Spy.Win32.Delf.uv File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/wddins.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/WinSrv32.EXE//FSG
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/WinSrvGunVrs.EXE//FSG
detected: Trojan program Trojan-PSW.Win32.OnLineGames.afx File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/wmsj.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\30virus0816.rar/RAVDHMON.exe//PE_Patch//UPack

显示全部楼层 · 发表于 2007-8-16 19:47:26

显示全部楼层 · 发表于 2007-8-16 20:43:54

Result: 9 malware found
Trojan-PSW.Win32.OnLineGames.agb (virus)
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\LYLOADER.EXE
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\LYMANGR.DLL
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\MSDEG32.DLL
Trojan-PSW.Win32.OnLineGames.mq (virus)
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\RAVWDMON.DAT
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\RAVWDMON.exe
Trojan-PSW.Win32.OnLineGames.aci (virus)
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\RAVWLMON.exe
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\RAVZTMON.exe
Backdoor.Win32.Agent.alh (virus)
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\systemm.exe
Trojan-PSW.Win32.OnLineGames.afx (virus)
C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾\30virus0816.rar\wmsj.exe

显示全部楼层 · 发表于 2007-8-16 21:09:17

微点：
木马名称:Trojan.Win32.Genetik.bmj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\RAV00A0.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.ibu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\RAVWDMON.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.bhq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\RAVWLMON.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Agent.dlk

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\SYSTEMM.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.iim

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\TIMHOST.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.iel

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WMSJ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\LYLOADER.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\LYLOADER.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYMANGR.DLL
3) C:\WINDOWS.0\SYSTEM32\LYMANGR.DLL
4) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\MSDEG32.DLL
5) C:\WINDOWS.0\SYSTEM32\MSDEG32.DLL
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\MSDEG32.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\RAVZTMON.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\RAVZTMON.EXE
2) C:\WINDOWS.0\SYSTEM32\RAVZTMON.DAT
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\LYMANGR.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WDDINS.EXE
1) C:\DFD1831078.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WDDINS.EXE
1) C:\DFD1831078.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WINOW.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\WINOW.EXE
2) C:\WINDOWS.0\WINOW.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WINSRVGUNVRS.EXE
是可疑程序!
试图修改系统时间!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WINSRVGUNVRS.EXE
是否删除病毒程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WINSRV32.EXE
是可疑程序!
试图修改系统时间!
是否阻止该进程继续运行?
程序:
C:\WINDOWS.0\SYSTEM32\DRIVERS\SAFEMON.SYS
是否删除RootKit程序?
要删除此类病毒需要重启系统,您是否需要重启机器?程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\30VIRUS0816\WINSRV32.EXE
是否删除病毒程序及其衍生物?

能运行的都杀了

显示全部楼层 · 发表于 2007-8-16 21:11:03

小红伞P版  27个
AntiVir PersonalEdition Premium
Report file date: 2007年8月16日  21:10
Scanning for 1024756 virus strains and unwanted programs.
Licensed to:    ? ?
Serial number: 1100619299-PEPWE-0001
Platform:       Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:       Owner
Computer name: FOUNDERT-F84B2A
Version information:
BUILD.DAT : 287          15691 Bytes 2007-5-10 12:16:00
AVSCAN.EXE : 7.0.4.15    282664 Bytes 2007-4-20 05:37:16
AVSCAN.DLL : 7.0.4.4    33832 Bytes 2007-3-27 05:31:56
LUKE.DLL    : 7.0.4.11    143400 Bytes 2007-3-27 05:26:06
LUKERES.DLL  : 7.0.4.0    10280 Bytes 2007-3-19 05:19:00
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 2006-5-31 07:08:58
ANTIVIR1.VDF : 6.39.0.129  7251968 Bytes 2007-7-10 04:42:44
ANTIVIR2.VDF : 6.39.0.226  1223680 Bytes 2007-8-10 04:42:44
ANTIVIR3.VDF : 6.39.1.8    220160 Bytes 2007-8-16 09:07:02
AVEWIN32.DLL : 7.4.1.62 2724352 Bytes 2007-8-14 23:29:38
AVWINLL.DLL  : 1.0.0.7    14376 Bytes 2007-2-26 03:36:28
AVPREF.DLL : 7.0.2.1    24616 Bytes 2007-3-27 05:31:52
AVREP.DLL : 7.0.0.1    155688 Bytes 2007-4-16 06:16:24
AVPACK32.DLL : 7.3.0.15    360488 Bytes 2007-8-14 04:42:44
AVREG.DLL : 7.0.1.2    31784 Bytes 2007-3-15 02:05:10
AVEVTLOG.DLL : 7.0.0.18    86056 Bytes 2007-3-27 05:16:06
AVARKT.DLL : 1.0.0.17    278568 Bytes 2007-5-2 04:32:28
NETNT.DLL : 7.0.0.0       7720 Bytes 2007-3-8 04:09:44
RCIMAGE.DLL  : 7.0.1.15 2461736 Bytes 2007-3-13 04:07:54
RCTEXT.DLL : 7.0.45.0    86056 Bytes 2007-3-19 06:02:46
Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\Owner\LOCALS~1\Temp\6b6c17c5.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 2007年8月16日  21:10
Starting the file scan:
Begin scan in 'C:\Documents and Settings\Owner\桌面\30virus0816.rar'
C:\Documents and Settings\Owner\桌面\30virus0816.rar
  [0] Archive type: RAR
  --> file1.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> file10.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> LYMANGR.DLL
   [DETECTION] Contains suspicious code HEUR/Malware
  --> MSDEG32.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> RAV00A0.DAT
   [DETECTION] Is the Trojan horse TR/PSW.Agent.rwa
  --> RAV00A0.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.rwa
  --> RAVWDMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.MQ.54
  --> RAVWDMON.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.MQ.54
  --> RAVWLMON.DAT
   [DETECTION] Is the Trojan horse TR/Agent.5906
  --> RAVWLMON.exe
   [DETECTION] Is the Trojan horse TR/Agent.5906
  --> RAVZTMON.DAT
   [DETECTION] Is the Trojan horse TR/Agent.7613
  --> RAVZTMON.exe
   [DETECTION] Is the Trojan horse TR/Agent.7613
  --> systemm.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.7 Backdoor server programs
  --> TIMHost.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> TIMHost.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> video.dll
   [DETECTION] Is the Trojan horse TR/PSW.Steal.35840.7
  --> wddins.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> winow.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> winow.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> WinSrv32.EXE
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> WinSrvGunVrs.EXE
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> wmsj.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> RAVDHMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
  --> RAVDHMON.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
  --> RAVJZMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
  --> RAVZXMON.DAT
   [DETECTION] Is the Trojan horse TR/PSW.OnLineG.MI.1
   [INFO]    The file was moved to '473a4cf6.qua'!

End of the scan: 2007年8月16日  21:10
Used time: 00:30 min
The scan has been done completely.
   0 Scanning directories
   31 Files were scanned
   27 viruses and/or unwanted programs were found
   6 classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -2 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

[病毒样本] 小礼一份，查收，30个。

27个!

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块