18只

显示全部楼层 · 发表于 2007-9-21 20:51:31

扫描开始时间: 2007-9-21 20:50:31
扫描日志
NOD32 版本 2543 (20070921) NT
命令行: C:\Documents and Settings\Martin\桌面\19.rar
C:\Program Files\Eset\nod32.exe<病毒 - 正常>
系统内存<病毒 - >
物理磁盘 1 的 MBR 扇区，<病毒 - 正常>
物理磁盘 1 的活动引导扇区，<病毒 - 正常>

日期: 2007年9月21日时间: 20:50:50
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: C:\Documents and Settings\Martin\桌面\19.rar
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\1.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\10.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\11.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\12.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\13.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NDV 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\14.exe<病毒 - 可能是 Win32/Mumawow.A 病毒(NewHeur_PE) 变种 [7]>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\15.exe<病毒 - 可能是 Win32/Mumawow.A 病毒(NewHeur_PE) 变种 [7]>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\16.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\17.exe<病毒 - Win32/PSW.OnLineGames.NBR 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\18.exe<病毒 - 正常>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\19.exe<病毒 - 正常>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\2.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\3.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\5.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NDV 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\6.exe<病毒 - 可能是 Win32/PSW.OnLineGames.NDV 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\7.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\8.exe<病毒 - 可能是 Win32/Genetik 木马变种>
C:\Documents and Settings\Martin\桌面\19.rar ?RAR ?19\9.exe<病毒 - 可能是 Win32/Genetik 木马变种>
已扫描文件数量: 19
已发现病毒数量: 16
已清除病毒的文件数量: 1
完成时间: 20:50:56 总共扫描时间: 6 秒 (00:00:06)

注意:
[7] 文件可能感染了未知病毒。

显示全部楼层 · 发表于 2007-9-21 20:54:15

18个
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\1.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.cpk File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\10.exe//#
detected: Trojan program Trojan-PSW.Win32.Nilage.bps File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\11.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ckr File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\12.exe//#
detected: Trojan program Trojan-Downloader.Win32.Agent.dcn File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\13.exe//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.arv File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\14.exe//#
detected: Trojan program Trojan-Downloader.Win32.Agent.dco File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\15.exe//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dat File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\16.exe//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.deu File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\17.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ard File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\18.exe//UPack//#//PE_Patch//UPack
detected: Trojan program Trojan-Downloader.Win32.Agent.dmu File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\19.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.afz File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\2.exe//#
detected: Trojan program Trojan-Downloader.Win32.Agent.ccc File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\3.exe//#
detected: Trojan program Trojan-Downloader.Win32.Agent.ccc File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\5.exe//#
detected: Trojan program Trojan-Downloader.Win32.Agent.dcl File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\6.exe//#
detected: Trojan program Trojan-Downloader.Win32.Agent.ccc File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\7.exe//#
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\8.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.cxf File: C:\Documents and Settings\Owner\×ÀÃæ\19.rar/19\9.exe//#

显示全部楼层 · 发表于 2007-9-21 21:24:33

已删除：木马程序 Trojan-Downloader.Win32.Agent.cpk 文件　: G:\9.21\19.rar/19\10.exe//#
已删除：木马程序 Trojan-PSW.Win32.Nilage.bps 文件　: G:\9.21\19.rar/19\11.exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ckr 文件　: G:\9.21\19.rar/19\12.exe//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.dcn 文件　: G:\9.21\19.rar/19\13.exe//#
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.arv 文件　: G:\9.21\19.rar/19\14.exe//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.dco 文件　: G:\9.21\19.rar/19\15.exe//#
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.deu 文件　: G:\9.21\19.rar/19\17.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.cne 文件　: G:\9.21\19.rar/19\18.exe//UPack//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.dmu 文件　: G:\9.21\19.rar/19\19.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.afz 文件　: G:\9.21\19.rar/19\2.exe//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.ccc 文件　: G:\9.21\19.rar/19\3.exe//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.ccc 文件　: G:\9.21\19.rar/19\5.exe//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.dcl 文件　: G:\9.21\19.rar/19\6.exe//#
已删除：木马程序 Trojan-Downloader.Win32.Agent.ccc 文件　: G:\9.21\19.rar/19\7.exe//#
已隔离：病毒 Heur.Invader (修改) 文件　: G:\9.21\19.rar/19\8.exe

显示全部楼层 · 发表于 2007-9-21 22:57:36

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\19.rar'
C:\Documents and Settings\Administrator\My Documents\
  19.rar
[0] Archive type: RAR
--> 19\1.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\10.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\11.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\12.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\13.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\14.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\15.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\16.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\17.exe
      [DETECTION] Is the Trojan horse TR/Autorun.BK
      [WARNING] Infected files in archives cannot be repaired!
--> 19\18.exe
      [DETECTION] Is the Trojan horse TR/Onlinegames.FQ
      [WARNING] Infected files in archives cannot be repaired!
--> 19\19.exe
      [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
      [WARNING] Infected files in archives cannot be repaired!
--> 19\2.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\5.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\6.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\7.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\8.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 19\9.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [WARNING] Infected files in archives cannot be repaired!
      [WARNING] The file was ignored!

End of the scan: 2007年9月21日  07:57
Used time: 00:06 min

The scan has been done completely.

   0 Scanning directories
   19 Files were scanned
   18 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   19 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-22 00:37:44

Scanned files summary Scanned : 20
Infected : 15

J:\virus\19.rar DeepScan:Generic.Onlinegames.3.00820596 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.2A331961 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.31FE5B7F Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.329BC923 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.3F733EC7 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.4B450189 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.63274D16 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.83CEA5C1 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.B394FF34 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.BFE9FC88 Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.CF0B2B4D Infected
J:\virus\19.rar DeepScan:Generic.Onlinegames.3.E1DC89D6 Infected
J:\virus\19.rar DeepScan:Generic.PWS.Games.1.A80198CD Infected
J:\virus\19.rar DeepScan:Generic.PWS.Games.2.669CE7FC Infected
J:\virus\19.rar Trojan.Peed.Gen Infected

显示全部楼层 · 发表于 2007-9-22 05:17:14

2007-9-22 5:16:30 1190409391 Administrator 680 Sign of "Win32:Onlinegames-ASU [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\1.exe\[UPX]\[Embedded#1470]" file.
2007-9-22 5:16:35 1190409395 Administrator 680 Sign of "Win32:Onlinegames-ARI [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\10.exe\[UPX]\[Embedded#1470]" file.
2007-9-22 5:16:35 1190409395 Administrator 680 Sign of "Win32:Onlinegames-ALL [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\12.exe\[UPX]\[Embedded#1470]" file.
2007-9-22 5:16:35 1190409395 Administrator 680 Sign of "Win32:Autorun-U" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\17.exe\[UPX]\[Embedded#70f0]" file.
2007-9-22 5:16:36 1190409396 Administrator 680 Sign of "Win32:Onlinegames-ARO [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\18.exe\[Upack]" file.
2007-9-22 5:16:36 1190409396 Administrator 680 Sign of "Win32:Agent-KGX [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\2.exe\[UPX]\[Embedded#1470]" file.
2007-9-22 5:16:36 1190409396 Administrator 680 Sign of "Win32:OnLineGames-FN [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\5.exe\[UPX]\[Embedded#1470]" file.
2007-9-22 5:16:36 1190409396 Administrator 680 Sign of "Win32:Onlinegames-ALM [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\6.exe\[UPX]\[Embedded#1470]" file.
2007-9-22 5:16:36 1190409396 Administrator 680 Sign of "Win32:Agent-INA [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\19.rar\19\7.exe\[UPX]\[Embedded#1470]" file.

[病毒样本] 18只

NOD32 16个