某贴挖的下载者及产物共53个

显示全部楼层 · 发表于 2007-12-9 12:41:53

应该是avast内置的cls

显示全部楼层 · 发表于 2007-12-9 12:42:32

Hello,

13.exe_, avzxkmn.dll - Trojan-PSW.Win32.OnLineGames.kdf,
83288.dat, cotsus.exe_, custom.exe_, svcost.exe_ - Trojan.Win32.Agent.dfu,
down.exe_ - Worm.Win32.Downloader.cm,
gdmsi32.dll - Trojan-PSW.Win32.OnLineGames.kdh,
kawdfaz.exe_, kawdfzy.dll - Trojan-PSW.Win32.OnLineGames.kdg,
tempaq - Trojan-Downloader.Win32.Hmir.li

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

14.exe_, rsztmpm.dll - Trojan-PSW.Win32.OnLineGames.kdb,
18.exe_, gdqji32.dll - Trojan-PSW.Win32.OnLineGames.kcv,
a.exe_ - Virus.Win32.AutoRun.akp,
GenProtect.dll, GenProtect.exe_ - Trojan-PSW.Win32.OnLineGames.kcz

These files are already detected. Please update your antivirus bases.

fcvspif.dll, tmjgzwt.dll

No malicious code were found in these files.

Please quote all when answering.

显示全部楼层 · 发表于 2007-12-9 12:49:27

漏好多。。。

信息 2007-12-09  12:48:43 您此次查毒共查出40个病毒以及危险代码
信息 2007-12-09  12:48:43 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件78个
信息 2007-12-09  12:48:43 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdqqsgi32.dll Win32.Troj.OnlineGamesT.ty.102400 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdmsi32.dll Win32.Troj.OnlineGames.yf.73728 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\avwghmn.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\gddji32.dll Win32.Troj.OnlineGames.yf.73728 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\rsztmpm.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\kvdxskma.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdrxjhi32.dll Win32.Troj.OnLimeGamesT.gs.73779 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\gdqji32.dll Win32.Troj.OnLimeGamesT.gs.73779 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\avzxkmn.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\avwlgmn.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\getmac007.exe Win32.Troj.TpxDown.a.5250 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\19.exe Win32.Troj.QQThiefT.ty.112755 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\18.exe Win32.Troj.OnLineGamesT.or.258048 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\17.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\16.exe Win32.Troj.OnLineGamesT.gp.15597 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\15.exe Win32.Troj.OnLineGamesT.or.258048 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\14.exe Win32.Troj.OnLineGamesT.gp.15597 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\13.exe Win32.Troj.OnLineGamesT.gp.15597 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\12.exe Win32.Troj.OnLineGamesT.or.258048 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\11.exe Win32.Troj.OnLineGamesT.or.258048 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\10.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\8.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\4.exe Win32.Troj.OnLineGamesT.or.258048 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\1.exe Win32.PSWTroj.GameOnline.57344 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\ratbntl.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\ratbnpi.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\MSDEG32.DLL Win32.Troj.OnlineGamesT.ty.135168 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\LYMANGR.DLL Win32.Troj.OnlineGames.jx.61440 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\kvdxjma.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\kvdxjis.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\kawdfzy.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\kawdfaz.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\GenProtect.dll Win32.Troj.OnlineGamesT.ip.28160 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\swrcezc.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\swrceac.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\okmhazy.dll Win32.Troj.OnLimeGamesT.zf.21080 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\okmhaaz.exe Win32.Troj.AgentT.fm.14452 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\样本.rar\kaqhkzy.dll Win32.Troj.DelfT.lm.21580 跳过，未处理

病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\bd.rar\bd\svcos.exe Win32.Troj.DwonLoaderT.xy.133203 跳过，未处理
病毒 2007-12-09  12:48:43 C:\Documents and Settings\Norways Winter\桌面\bd.rar\bd\down.exe Win32.Troj.DwonLoaderT.xy.133203 跳过，未处理

显示全部楼层 · 发表于 2007-12-9 12:50:49

肯定是

显示全部楼层 · 发表于 2007-12-9 12:52:25

江民杀毒软件报告文件

北京江民新科技术有限公司

扫描引擎 11.00.702
病毒库日期 2007-12-08
更新日期 2007-12-09

扫描目标 C:\Documents and Settings\Administrator\桌面\样本.rar

开始时间 2007-12-09 12:34:59

在 C:\Documents and Settings\Administrator\桌面\样本.rar->okmhaaz.exe 中发现 TrojanSpy.Delf.aud 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->okmhazy.dll 中发现 Trojan/PSW.GamePass.adxy 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->swrceac.exe 中发现 Trojan/PSW.OnLineGames.hmt 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->swrcezc.dll 中发现 Trojan/PSW.GamePass.ytx 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->GenProtect.exE 中发现 Trojan/PSW.GamePass.adyt 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->kawdfaz.exe 中发现 Trojan/PSW.OnLineGames.hmt 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->kawdfzy.dll 中发现 Trojan/PSW.OnLineGames.jvr 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->kvdxjis.exe 中发现 TrojanSpy.Delf.aud 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->kvdxjma.dll 中发现 Trojan/PSW.OnLineGames.hxz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->LYLOADER.EXE 中发现 Trojan/PSW.OnLineGames.meb 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->LYMANGR.DLL 中发现 Trojan/PSW.OnLineGames.lzf 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->MSDEG32.DLL 中发现 Trojan/PSW.OnLineGames.mba 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->ratbnpi.dll 中发现 Trojan/PSW.OnLineGames.hir 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->ratbntl.exe 中发现 Trojan/PSW.OnLineGames.hmt 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->1.exe 中发现 Trojan/PSW.GamePass.adqu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->8.exe 中发现 TrojanSpy.Delf.aud 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->10.exe 中发现 Trojan/PSW.OnLineGames.hnz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->13.exe 中发现 Trojan/PSW.OnLineGames.hnz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->14.exe 中发现 Trojan/PSW.OnLineGames.hnz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->16.exe 中发现 Trojan/PSW.OnLineGames.hnz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->17.exe 中发现 Trojan/PSW.OnLineGames.hnz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->19.exe 中发现 Trojan/PSW.QQPass.ske 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->20.exe 中发现 TrojanDownloader.Cryptic.id 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->custom.exe 中发现 Trojan/Agent.aczi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->getmac007.exe 中发现 TrojanDownloader.TpxVip.b 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->Wn_Sys8x.Sys 中发现 Trojan/PSW.QQPass.skf 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->kvdxskma.dll 中发现 Trojan/PSW.OnLineGames.flu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->avwghmn.dll 中发现 Trojan/PSW.OnLineGames.mmb 病毒, 已删除
正常结束。

扫描结果:
               文件数 :52                               病毒体 :28
               删除 :28                                  解毒 :0
扫描速度(千字节/秒) :3360                            扫描时间 :00:00:02
扫描文件速度(个/秒) :26

显示全部楼层 · 发表于 2007-12-9 12:52:29

你们都是高手啊不敢试

显示全部楼层 · 发表于 2007-12-9 17:14:43

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Mnless.zyt
病毒： Trojan.PSW.Win32.QQHX.tsy
病毒： Trojan.PSW.Win32.XYOnline.vk
病毒： Trojan.PSW.Win32.XYOnline.vg
病毒： Trojan.PSW.Win32.XYOnline.vi
病毒： Trojan.PSW.Win32.GameOnline.aro
病毒： Trojan.PSW.Win32.GameOnline.aro
病毒： Trojan.PSW.Win32.GameOnline.aro
病毒： Trojan.PSW.Win32.TLOnline.jkh
病毒： Trojan.PSW.Win32.GamesOnline.e
病毒： Trojan.PSW.Win32.GameOnline.aro
病毒： Trojan.PSW.Win32.QQHX.tsy
病毒： Trojan.PSW.Win32.SunOnline.iv
病毒： Trojan.PSW.Win32.GameOnline.zzz
病毒： Worm.Win32.PaBug.eu
病毒： Trojan.Win32.VB.ysw
病毒： Trojan.Win32.Undef.aa
病毒： Trojan.DL.Win32.VB.ycx
病毒： Worm.Win32.PaBug.eu
病毒： Trojan.Win32.LessMn.h
病毒： Trojan.PSW.Win32.YBOnline.cl
病毒： RootKit.Win32.Mnless.bj
病毒： Trojan.PSW.Win32.XYOnline.vt
病毒： Trojan.PSW.Win32.SunOnline.iu

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.21.60

显示全部楼层 · 发表于 2007-12-9 17:15:10

下载扫毒不运行其中样本无事的。

显示全部楼层 · 发表于 2007-12-9 17:15:15

已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Small.bbz 檔案: C:\Documents and Settings\kato9096\桌面\168501\1.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jtw 檔案: C:\Documents and Settings\kato9096\桌面\168501\10.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jyt 檔案: C:\Documents and Settings\kato9096\桌面\168501\11.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jza 檔案: C:\Documents and Settings\kato9096\桌面\168501\12.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdf 檔案: C:\Documents and Settings\kato9096\桌面\168501\13.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdb 檔案: C:\Documents and Settings\kato9096\桌面\168501\14.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jyt 檔案: C:\Documents and Settings\kato9096\桌面\168501\15.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jtw 檔案: C:\Documents and Settings\kato9096\桌面\168501\16.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jpn 檔案: C:\Documents and Settings\kato9096\桌面\168501\17.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcv 檔案: C:\Documents and Settings\kato9096\桌面\168501\18.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.anv 檔案: C:\Documents and Settings\kato9096\桌面\168501\19.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Cryptic.ic 檔案: C:\Documents and Settings\kato9096\桌面\168501\20.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jza 檔案: C:\Documents and Settings\kato9096\桌面\168501\4.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcc 檔案: C:\Documents and Settings\kato9096\桌面\168501\8.exe//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.dfu 檔案: C:\Documents and Settings\kato9096\桌面\168501\83288.dat//NSPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jtg 檔案: C:\Documents and Settings\kato9096\桌面\168501\avwghmn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jsl 檔案: C:\Documents and Settings\kato9096\桌面\168501\avwlgmn.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdf 檔案: C:\Documents and Settings\kato9096\桌面\168501\avzxkmn.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.dfu 檔案: C:\Documents and Settings\kato9096\桌面\168501\cotsus.exe//NSPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.dfu 檔案: C:\Documents and Settings\kato9096\桌面\168501\custom.exe//NSPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kbm 檔案: C:\Documents and Settings\kato9096\桌面\168501\gddji32.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdh 檔案: C:\Documents and Settings\kato9096\桌面\168501\gdmsi32.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcv 檔案: C:\Documents and Settings\kato9096\桌面\168501\gdqji32.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jyt 檔案: C:\Documents and Settings\kato9096\桌面\168501\gdqqsgi32.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jzx 檔案: C:\Documents and Settings\kato9096\桌面\168501\gdrxjhi32.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcz 檔案: C:\Documents and Settings\kato9096\桌面\168501\GenProtect.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcz 檔案: C:\Documents and Settings\kato9096\桌面\168501\GenProtect.exE//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Cryptic.ie 檔案: C:\Documents and Settings\kato9096\桌面\168501\getmac007.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Agent.um 檔案: C:\Documents and Settings\kato9096\桌面\168501\HookHelp.sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jsj 檔案: C:\Documents and Settings\kato9096\桌面\168501\kaqhkzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdg 檔案: C:\Documents and Settings\kato9096\桌面\168501\kawdfaz.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdg 檔案: C:\Documents and Settings\kato9096\桌面\168501\kawdfzy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jop 檔案: C:\Documents and Settings\kato9096\桌面\168501\kvdxjis.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jop 檔案: C:\Documents and Settings\kato9096\桌面\168501\kvdxjma.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jts 檔案: C:\Documents and Settings\kato9096\桌面\168501\kvdxskma.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ixl 檔案: C:\Documents and Settings\kato9096\桌面\168501\LYLOADER.EXE//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ixj 檔案: C:\Documents and Settings\kato9096\桌面\168501\LYMANGR.DLL//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ixk 檔案: C:\Documents and Settings\kato9096\桌面\168501\MSDEG32.DLL//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kaf 檔案: C:\Documents and Settings\kato9096\桌面\168501\okmhaaz.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kae 檔案: C:\Documents and Settings\kato9096\桌面\168501\okmhazy.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jsh 檔案: C:\Documents and Settings\kato9096\桌面\168501\ratbnpi.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.jzu 檔案: C:\Documents and Settings\kato9096\桌面\168501\ratbntl.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kdb 檔案: C:\Documents and Settings\kato9096\桌面\168501\rsztmpm.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.dfu 檔案: C:\Documents and Settings\kato9096\桌面\168501\svcost.exe//NSPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcq 檔案: C:\Documents and Settings\kato9096\桌面\168501\swrceac.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.kcq 檔案: C:\Documents and Settings\kato9096\桌面\168501\swrcezc.dll
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Hmir.li 檔案: C:\Documents and Settings\kato9096\桌面\168501\tempaq
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.anv 檔案: C:\Documents and Settings\kato9096\桌面\168501\Wn_Sys8x.Sys
已刪除: 病毒 Worm.Win32.Downloader.cm 檔案: C:\Documents and Settings\kato9096\桌面\168501\bd\down.exe//PE_Patch//UPack
已刪除: 病毒 Worm.Win32.Downloader.bw 檔案: C:\Documents and Settings\kato9096\桌面\168501\bd\svcos.exe//PE_Patch//UPack
已刪除: 病毒 Worm.Win32.Downloader.ci 檔案: C:\Documents and Settings\kato9096\桌面\168501\bd\wxptdi.sys

51个

[ 本帖最后由 kato9096 于 2007-12-9 17:16 编辑 ]

显示全部楼层 · 发表于 2007-12-9 23:08:27

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 1056
Paranoia Database - 49948
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\New Folder (2)

C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\down.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\svcos.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\wxptdi.sys - Infected TROJAN-DOWNLOADER.AGENT.26 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kaqhkzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\okmhaaz.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\okmhazy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\swrceac.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\swrcezc.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\GenProtect.exE - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\GenProtect.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kawdfaz.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kawdfzy.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kvdxjis.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kvdxjma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\LYLOADER.EXE - Infected GENERIC.MALWARE.C51.2EF8 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\LYMANGR.DLL - Infected GENERIC.MALWARE.23A.DE8 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\MSDEG32.DLL - Infected GENERIC.MALWARE.10C.177E - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\ratbnpi.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\ratbntl.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\1.exe - Infected TROJAN-PSW.ONLINEGAMES.U - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\4.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\8.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\10.exe - Infected TROJAN-PSW.ONLINEGAMES.164 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\11.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\12.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\13.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\14.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\15.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\16.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\17.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\18.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\19.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\20.exe - Suspected TROJAN-DOWNLOADER (HTTP://{REMOVED}/...)
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\cotsus.exe - Infected MaliciousScope:TROJAN-DOWNLOADER.AGENT.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\custom.exe - Infected MaliciousScope:TROJAN-DOWNLOADER.AGENT.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\getmac007.exe - OK
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\tempaq - Suspected MaliciousScope:GENERIC.MALWARE.1
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\Wn_Sys8x.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\83288.dat - Infected MaliciousScope:TROJAN-DOWNLOADER.AGENT.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\avwlgmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\avzxkmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\fcvspif.dll - Infected WIN32.BACKDOOR.PCCLIENT.6 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\gdqji32.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\gdrxjhi32.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\HookHelp.sys - OK
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\kvdxskma.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\rsztmpm.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\gddji32.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\svcost.exe - Infected MaliciousScope:TROJAN-DOWNLOADER.AGENT.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\tmjgzwt.dll - Suspected WIN32.TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\avwghmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\gdmsi32.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\New Folder (2)\gdqqsgi32.dll - Suspected MaliciousScope:GENERIC.MALWARE.3

53 Files scanned
25 Infected files found
26 Suspected files found
0 Files disinfected
25 Files deleted

[病毒样本] 某贴挖的下载者及产物共53个

回复 11楼 promised 的帖子

88/27

回复 16楼 30497908 的帖子

浏览过的版块