24

碧水寒潭

Start of the scan: 2007年11月16日  20:42

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\样本.rar
  [0] Archive type: RAR
  --> Ñù±¾\10.exe
      [DETECTION] Is the Trojan horse TR/PSW.Onlineg.KC.2
  --> Ñù±¾\5.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
  --> Ñù±¾\avwgemn.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\avwgest.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\avzxfmn.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hnm
  --> Ñù±¾\avzxfst.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hnm
  --> Ñù±¾\jh.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hpe
  --> Ñù±¾\kapjeaz.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hkl
  --> Ñù±¾\kapjezy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hkl
  --> Ñù±¾\kvdxiis.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hoc
  --> Ñù±¾\kvdxima.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hoc
  --> Ñù±¾\kvdxsiis.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\kvdxsima.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\kvmxhis.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.htv
  --> Ñù±¾\kvmxhma.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.htv
  --> Ñù±¾\my.exe
      [DETECTION] Is the Trojan horse TR/FWDisable.23372
  --> Ñù±¾\rarjepi.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hpe
  --> Ñù±¾\ratbjpi.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Ñù±¾\ratbjtl.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Ñù±¾\rsmyhpm.dll
      [DETECTION] Is the Trojan horse TR/FWDisable.23372
  --> Ñù±¾\rsztipm.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hws
  --> Ñù±¾\rsztisp.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hws
  --> Ñù±¾\sidjdaz.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hsy
  --> Ñù±¾\sidjdzy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.hsy
      [INFO]      The file was deleted!


End of the scan: 2007年11月16日  20:42
Used time: 00:16 min

The scan has been done completely.

      1 Scanning directories
     25 Files were scanned
     21 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      4 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

NobleT

Scan name: [Custom Scan]
Path to scan: F:\|

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-11-16, 21:19:42
---------------------------------------------------------------------

[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\avwgemn.dll
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\avwgest.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\avzxfst.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\jh.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\kapjeaz.exe->(UPack)
[Found password stealer]         <W32/Pws.XMH (exact, not disinfectable)>        F:\样本.rar->样本\kapjezy.dll
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\kvdxiis.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\kvdxsiis.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\kvmxhis.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\my.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\ratbjtl.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\rsmyhpm.dll
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\rsztisp.exe->(UPack)
[Found security risk]         <W32/OnlineGames.A.gen!GSA (not disinfectable, generic)>        F:\样本.rar->样本\sidjdaz.exe->(UPack)
[Contains infected objects]        F:\样本.rar
[Quarantined]        F:\样本.rar->样本\sidjdzy.dll

---------------------------------------------------------------------
Scan ended:        2007-11-16, 21:19:51
Duration:        0:00:08

Scan result:

Scanned files:                 41
Infected objects:         14
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------

398566384

kv 20个

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 878
Paranoia Database - 48756
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\1

C:\Documents and Settings\Uhthn\Desktop\1\10.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\5.exe - Infected TROJAN-PSW.ONLINEGAMES.54 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\avwgemn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\avwgest.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\avzxfmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\avzxfst.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\jh.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\kapjeaz.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\kapjezy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kvdxiis.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\kvdxima.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kvdxsiis.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\kvdxsima.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\kvmxhis.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\kvmxhma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\my.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\rarjepi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\ratbjpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\ratbjtl.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\rsmyhpm.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\rsztipm.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\1\rsztisp.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\sidjdaz.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1\sidjdzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted

24 Files scanned
13 Infected files found
11 Suspected files found
0 Files disinfected
13 Files deleted