21个

qianwenxiang

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.DL.Win32.Agent.zgp
病毒： Trojan.Win32.Agent.yvq   
病毒： Trojan.PSW.Win32.XYOnline.jq
病毒： Trojan.PSW.Win32.RocOnline.fa
病毒： Trojan.PSW.Win32.XYOnline.ip
病毒： Trojan.PSW.Win32.OnlineGames.yue
病毒： Trojan.PSW.Win32.OnlineGames.yrp
病毒： Trojan.PSW.Win32.TLOnline.bb
病毒： Trojan.PSW.Win32.OnlineGames.ysz
病毒： Trojan.PSW.Win32.ZeroOnline.bb
病毒： Trojan.PSW.Win32.OnlineGames.yza
病毒： Trojan.PSW.Win32.XYOnline.ic
病毒： Trojan.PSW.Win32.QQPass.yru
病毒： Trojan.Win32.Agent.zbj   

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.42.42

sweeb

文件上传好像有些问题，有不少无法打开呀！！！

浪滔天

卡巴 7.0.0.125 高启发
17个

已隔离: 病毒 Heur.Invader (变种)        文件: F:\病毒样本\0928[1]\0928 (20).exe//PE_Patch//UPack
已删除: 病毒 Virus.Win32.AutoRun.pi        文件: F:\病毒样本\0928[1]\0928 (16).exe//UPX
已删除: 广告程序 not-a-virus:AdWare.Win32.Boran.bg        文件: F:\病毒样本\0928[1]\0928 (21).exe//stream//data0001
已删除: 木马程序 Trojan-Downloader.Win32.QQHelper.bae        文件: F:\病毒样本\0928[1]\0928 (1).exe
已删除: 木马程序 Trojan-PSW.Win32.Delf.bap        文件: F:\病毒样本\0928[1]\0928 (10).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.Lmir.bms        文件: F:\病毒样本\0928[1]\0928 (18).exe//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.czk        文件: F:\病毒样本\0928[1]\0928 (13).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dcz        文件: F:\病毒样本\0928[1]\0928 (8).exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ddw        文件: F:\病毒样本\0928[1]\0928 (7).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dfs        文件: F:\病毒样本\0928[1]\0928 (6).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dgn        文件: F:\病毒样本\0928[1]\0928 (11).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dpb        文件: F:\病毒样本\0928[1]\0928 (4).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dpd        文件: F:\病毒样本\0928[1]\0928 (12).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dqt        文件: F:\病毒样本\0928[1]\0928 (5).exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.dsh        文件: F:\病毒样本\0928[1]\0928 (17).exe//PE_Patch//UPack
已删除: 木马程序 Trojan-Spy.Win32.Delf.ajf        文件: F:\病毒样本\0928[1]\0928 (9).exe//UPack
已删除: 木马程序 Trojan.Win32.Delf.afz        文件: F:\病毒样本\0928[1]\0928 (3).exe//NSPack

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 270
Paranoia Database - 6142
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (1).exe - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (2).exe - Suspicious of Trojan-PSW.OnLineGames.3
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (3).exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (4).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (5).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (6).exe - Infected with SDB:Trojan-PSW.OnLineGames.t - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (7).exe - Infected with SDB:Trojan-PSW.OnLineGames.25 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (8).exe - Infected with SDB:Trojan-PSW.OnLineGames.8 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (9).exe - Infected with SDB:Trojan-Spy.Delf.1 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (10).exe - Infected with SDB:Trojan-PSW.Delf.d - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (11).exe - Infected with SDB:Trojan-PSW.OnLineGames.27 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (12).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (13).exe - Infected with SDB:Trojan-PSW.OnLineGames.r - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (14).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (15).exe - Infected with SDB:Trojan-Spy.Delf.2 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (16).exe - Infected with SDB:Win32.Trojan-PSW.QQPass.a - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (17).exe - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (18).exe - Infected with SDB:Trojan-PSW.OnLineGames.36 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (19).exe - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (20).exe - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\0928 (21).exe - Suspicious of Trojan-PSW.OnLineGames.3

21 Files scanned
11 Infected files found
10 Suspicious files found
0 Files cured
11 Files deleted

wangjay1980

21
detected: Trojan program Trojan-Downloader.Win32.QQHelper.bae        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (1).exe
detected: adware not-a-virus:AdWare.Win32.Cinmus.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (2).exe//stream//data0002//data0003
detected: adware not-a-virus:AdWare.Win32.Cinmus.acy        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (2).exe//stream//data0002//data0004
detected: Trojan program Trojan.Win32.Delf.afz        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (3).exe//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dpb        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (4).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dqt        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (5).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dfs        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (6).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ddw        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (7).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dcz        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (8).exe
detected: Trojan program Trojan-Spy.Win32.Delf.ajf        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (9).exe//UPack
detected: Trojan program Trojan-PSW.Win32.Delf.bap        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (10).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgn        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (11).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dpd        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (12).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.czk        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (13).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dta        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (14).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtd        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (15).exe//PE_Patch//UPack
detected: virus Virus.Win32.AutoRun.pi        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (16).exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dsh        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (17).exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.Lmir.bms        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (18).exe//PE_Patch//UPack
detected: virus Heur.Invader (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (20).exe//PE_Patch//UPack
detected: adware not-a-virus:AdWare.Win32.Boran.bg        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\0928 (21).exe//stream//data0001

碧水寒潭

Start of the scan: 2007年9月28日  21:50

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\0928[1].part1.rar
  [0] Archive type: RAR
  --> 0928 (3).exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> 0928 (4).exe
      [DETECTION] Is the Trojan horse TR/Agent.261930
  --> 0928 (5).exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.cal.83 Backdoor server programs
  --> 0928 (6).exe
      [DETECTION] Is the Trojan horse TR/Dldr.Bagle.DR.35
  --> 0928 (7).exe
      [DETECTION] Is the Trojan horse TR/PWS.Banker.350256
  --> 0928 (8).exe
      [DETECTION] Contains detection pattern of the dropper DR/Cinmus.RJ
  --> 0928 (9).exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.bde.155 Backdoor server programs
  --> 0928 (10).exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/VB.auz.3 Backdoor server programs
  --> 0928 (11).exe
      [DETECTION] Is the Trojan horse TR/Drop.Delf.aam.11
  --> 0928 (12).exe
      [DETECTION] Is the Trojan horse TR/Agent.238096
  --> 0928 (13).exe
      [DETECTION] Is the Trojan horse TR/Dldr.Bagle.DR.38
  --> 0928 (14).exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 0928 (15).exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 0928 (16).exe
      [DETECTION] Is the Trojan horse TR/PSW.QQGame.AB
  --> 0928 (17).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 0928 (18).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> 0928 (19).exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
      [INFO]      The file was deleted!
H:\AV-TEST\0928[1].part2.rar
  [0] Archive type: RAR
  --> 0928 (21).exe
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Agent.BS.63
      [INFO]      The file was deleted!


End of the scan: 2007年9月28日  21:50
Used time: 00:22 min

The scan has been done completely.

      1 Scanning directories
     22 Files were scanned
     16 viruses and/or unwanted programs were found
      2 Files were classified as suspicious:
      2 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      6 Files not concerned
      2 Archives were scanned
      0 Warnings
      0 Notes

The EQs

Scan performed at: 2007-9-28 21:55:21
Scanning Log
NOD32 version 2558 (20070928) NT
Command line: C:\Documents and Settings\Don johnson\桌面\0928
Operating memory - is OK

Date: 28.9.2007  Time: 21:55:24
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\0928\
C:\Documents and Settings\Don johnson\桌面\0928\0928 (10).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (11).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (12).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (13).exe - a variant of Win32/PSW.OnLineGames.NEN trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (14).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (16).exe - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\Don johnson\桌面\0928\0928 (19).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (2).exe ?NSIS ?2.exe ?NSIS ?acpidisk.sys - a variant of Win32/Adware.Cinmus application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\0928\0928 (3).exe - probably a variant of Win32/Agent.AAC trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (4).exe - probably a variant of Win32/PSW.OnLineGames.NEN trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (5).exe - probably a variant of Win32/PSW.OnLineGames.NEN trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (6).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (7).exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (8).exe - probably a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\0928\0928 (9).exe - probably a variant of Win32/Genetik trojan
Number of scanned files: 31
Number of threats found: 15
Number of files cleaned: 15
Time of completion: 21:55:30 Total scanning time: 6 sec (00:00:06)

欠妳緈諨

AVAST17

mofunzone

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\0928'
C:\Users\morgan\Documents\0928\
  0928 (1).exe
      [DETECTION] Is the Trojan horse TR/Dldr.QQHelper.BAE.1
      [INFO]      The file was deleted!
  0928 (10).exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.bap
      [INFO]      The file was deleted!
  0928 (11).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dgn.2
      [INFO]      The file was deleted!
  0928 (12).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dpd
      [INFO]      The file was deleted!
  0928 (13).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.czk
      [INFO]      The file was deleted!
  0928 (14).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '472f148c.qua'!
  0928 (15).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '457cd2d5.qua'!
  0928 (16).exe
      [DETECTION] Is the Trojan horse TR/PSW.QQGame.AB
      [INFO]      The file was deleted!
  0928 (17).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [INFO]      The file was deleted!
  0928 (18).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
      [INFO]      The file was deleted!
  0928 (19).exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
      [INFO]      The file was deleted!
  0928 (2).exe
  0928 (20).exe
      [DETECTION] Is the Trojan horse TR/Hook.Shell.28
      [INFO]      The file was deleted!
  0928 (21).exe
      [DETECTION] Contains detection pattern of the dropper DR/Boran.BG
      [INFO]      The file was deleted!
  0928 (3).exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [INFO]      The file was deleted!
  0928 (4).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dpb.1
      [INFO]      The file was deleted!
  0928 (5).exe
      [DETECTION] Is the Trojan horse TR/Agent.13361
      [INFO]      The file was deleted!
  0928 (6).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.dfs
      [INFO]      The file was deleted!
  0928 (7).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ddw
      [INFO]      The file was deleted!
  0928 (8).exe
      [DETECTION] Contains detection pattern of the dropper DR/Cinmus.RJ
      [INFO]      The file was deleted!
  0928 (9).exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.ajf.1
      [INFO]      The file was deleted!


End of the scan: 2007年9月28日  07:48
Used time: 00:06 min

The scan has been done completely.

      1 Scanning directories
     21 Files were scanned
     18 viruses and/or unwanted programs were found
      2 Files were classified as suspicious:
     18 files were deleted
      0 files were repaired
      2 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      3 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes