毒8个

troika

呵呵

天灰

大蜘蛛报2个

新建文件夹(5).rar\01.exe;C:\Documents and Settings\77\My Documents\新建文件夹(5).rar;Trojan.PWS.Wsgame.3104;;
新建文件夹(5).rar\08.exe;C:\Documents and Settings\77\My Documents\新建文件夹(5).rar;可能 MULDROP.Trojan;;
新建文件夹(5).rar;C:\Documents and Settings\77\My Documents;发现档案文件中有受感染的对象;;

天灰

费尔8个全杀

C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>01.exe        TrojanPSW.OnLineGames.pbp.aito        木马        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>02.exe        Heuri.Suspicious.ERNM        启发式扫描        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>03.exe        TrojanPSW.OnLineGames.prw.zitu        木马        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>04.exe        TrojanPSW.OnLineGames.pry.npcp        木马        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\02.EXE        Heuri.Suspicious.ERNM        启发式扫描        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\03.EXE        TrojanPSW.OnLineGames.prw.zitu        木马        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\04.EXE        TrojanPSW.OnLineGames.pry.npcp        木马        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>05.EXE        TrojanPSW.XYOnline.aay.takw        木马        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\05.EXE        TrojanPSW.XYOnline.aay.takw        木马        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>06.EXE        Heuri.Suspicious.ERNM        启发式扫描        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\06.EXE        Heuri.Suspicious.ERNM        启发式扫描        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>07.EXE        Heuri.Suspicious.ERNM        启发式扫描        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\07.EXE        Heuri.Suspicious.ERNM        启发式扫描        还未处理
C:\Documents and Settings\77\My Documents\新建文件夹(5).rar>>08.EXE        TrojanDownloader.Nurech.bd.bmqk        木马        还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX0\08.EXE        TrojanDownloader.Nurech.bd.bmqk        木马        还未处理

冷冷

I:\virus\test\01.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\02.exe - Suspect code-parts found (Level: 55)
I:\virus\test\03.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\04.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\05.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\06.exe - Suspect code-parts found (Level: 5)
I:\virus\test\07.exe - Suspect code-parts found (Level: 5)
I:\virus\test\08.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
8 Files scanned
   (0 Archives with 0 files)
5 Signatures found
3 Suspect code-parts found
Used time: 0:00.078


I:\virus\test/01.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/02.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/03.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/04.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/05.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/06.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/07.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/08.exe: PUA.Packed.UPack-2 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 198503
Engine version: 0.92
Scanned directories: 1
Scanned files: 8
Infected files: 8
Data scanned: 0.13 MB
Time: 6.453 sec (0 m 6 s)

woai_jolin

2008-1-29 19:20:53        Real-time file system protection        file        G:\v\05.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 19:20:52        Real-time file system protection        file        G:\v\04.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 19:20:51        Real-time file system protection        file        G:\v\03.exe        Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 19:20:49        Real-time file system protection        file        G:\v\01.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.QQHX.tvu
病毒： Trojan.PSW.Win32.ZhengTu.ymw
病毒： Trojan.PSW.Win32.ZhuXian.gi
病毒： Trojan.PSW.Win32.XYOnline.abc
病毒： Trojan.PSW.Win32.XYOnline.aay

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.29.12

傻猪猪米走鸡

2008-1-29 19:34:02        Kernel        File  'E:\virus\新建文件夹1.29.rar' was sent to ESET for analysis.

Graybird

Starting the file scan:

Begin scan in 'D:\新建文件夹.rar'
D:\新建文件夹.rar
  [0] Archive type: RAR
  --> 01.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.18
  --> 02.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> 03.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 04.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 05.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 06.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> 07.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> 08.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING]   The file was ignored!


End of the scan: 2008年1月29日  19:36
Used time: 00:21 min

The scan has been done completely.

      0 Scanning directories
      9 Files were scanned
      5 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      4 Files not concerned
      1 Archives were scanned
      1 Warnings
      0 Notes

Joker

5
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pbp        File: C:\Documents and Settings\Administrator\×ÀÃæ\н¨Îļþ¼Ð.rar/01.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Administrator\×ÀÃæ\н¨Îļþ¼Ð.rar/03.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Administrator\×ÀÃæ\н¨Îļþ¼Ð.rar/04.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pri        File: C:\Documents and Settings\Administrator\×ÀÃæ\н¨Îļþ¼Ð.rar/05.exe//PE_Patch//UPack//#
deleted: Trojan program Trojan-Downloader.Win32.Agent.iak        File: C:\Documents and Settings\Administrator\×ÀÃæ\н¨Îļþ¼Ð.rar/08.exe//PE_Patch//UPack

ballakay

Scanning Report
29 January 2008 19:48:01 - 19:48:02
Computer name: PUMA-PC
Scanning type: Scan target
Target: C:\Users\Administrator\Desktop\н¨Îļþ¼Ð.rar


--------------------------------------------------------------------------------

Result: 4 malware found
Trojan-PSW.Win32.OnLineGames.pbp (virus)
C:\Users\Administrator\Desktop\н¨Îļþ¼Ð.rar\01.exe
Trojan-PSW.Win32.OnLineGames.prw (virus)
C:\Users\Administrator\Desktop\н¨Îļþ¼Ð.rar\03.exe
Trojan-PSW.Win32.OnLineGames.pry (virus)
C:\Users\Administrator\Desktop\н¨Îļþ¼Ð.rar\04.exe
Trojan-Downloader.Win32.Agent.iak (virus)
C:\Users\Administrator\Desktop\н¨Îļþ¼Ð.rar\08.exe




--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 9
Not scanned: 0
Result:
Viruses: 4
Spyware: 0
Suspicious items: 0
Riskware: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspicious items: 0
Disinfected: 0