[病毒样本] 54

显示全部楼层 · 发表于 2008-1-30 17:05:16

CAV

I:\virus\test/cmdbcs.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/DbgHlp32.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/Fonts/avzxomn.dll: Trojan.Spy-20428 FOUND
I:\virus\test/Fonts/avzxost.exe: PUA.Packed.UPack FOUND
I:\virus\test/Fonts/gjcsdyc.dll: Trojan.Spy-20427 FOUND
I:\virus\test/Fonts/gjcsdzc.exe: PUA.Packed.UPack FOUND
I:\virus\test/LotusHlp.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/PTSShell.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/system32/cmdbcs.dll: Trojan.Spy-16284 FOUND
I:\virus\test/system32/drivers/1.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/system32/drivers/10.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/11.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/12.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/system32/drivers/13.exe: PUA.Packed.UPack FOUND
I:\virus\test/system32/drivers/14.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/15.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/16.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/17.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/system32/drivers/18.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/system32/drivers/19.exe: Trojan.QQPass-493 FOUND
I:\virus\test/system32/drivers/2.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/system32/drivers/4.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/5.exe: PUA.Packed.UPack FOUND
I:\virus\test/system32/drivers/6.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/7.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/system32/drivers/8.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/system32/drivers/9.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/system32/gnolnait.dll: PUA.Packed.UPack FOUND
I:\virus\test/system32/IGB_WD_1026.dll: PUA.Packed.UPack FOUND
I:\virus\test/system32/IGB_WD_1026.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/system32/ijiq.dll: PUA.Packed.UPack FOUND
I:\virus\test/system32/ijougiemnaw.dll: PUA.Packed.UPack FOUND
I:\virus\test/system32/iqnauhc.dll: PUA.Packed.UPack FOUND
I:\virus\test/system32/PTSShell.dll: Trojan.Spy-20736 FOUND
I:\virus\test/system32/utgnehz.dll: PUA.Packed.UPack FOUND
I:\virus\test/system32/wbem/csrss.exe: Trojan.Downloader-18725 FOUND
I:\virus\test/system32/XSXCompress.dll: PUA.Packed.UPack FOUND
I:\virus\test/temp/~FaB.tmp: Broken.Executable FOUND
I:\virus\test/temp/~FaC.tmp: Broken.Executable FOUND
----------- SCAN SUMMARY -----------
Known viruses: 198580
Engine version: 0.92
Scanned directories: 8
Scanned files: 54
Infected files: 39
Data scanned: 8.28 MB
Time: 12.203 sec (0 m 12 s)

IK
I:\virus\test\cmdbcs.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\test\DbgHlp32.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\LotusHlp.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\PTSShell.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\Fonts\avzxomn.dll - Signature 'Virus.Win32.OnLineGames.BGD' found
I:\virus\test\Fonts\avzxost.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\Fonts\gjcsdyc.dll - Signature 'Virus.Win32.OnLineGames.BGD' found
I:\virus\test\Fonts\gjcsdzc.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\system32\cifmon.exe
I:\virus\test\system32\cmdbcs.dll
I:\virus\test\system32\DbgHlp32.dll - Signature 'Virus.Win32.OnLineGames.BHW' found
I:\virus\test\system32\gnolnait.dll - Signature 'Trojan-PWS.Win32.Small.br' found
I:\virus\test\system32\IGB_WD_1026.dll - Signature 'Trojan-PWS.Win32.Small.br' found
I:\virus\test\system32\IGB_WD_1026.exe - Signature 'Trojan-PWS.Win32.OnLineGames.pou' found
I:\virus\test\system32\ijiq.dll - Signature 'Trojan-PWS.Win32.Small.br' found
I:\virus\test\system32\ijougiemnaw.dll - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\system32\iqnauhc.dll - Signature 'Trojan-PWS.Win32.Small.br' found
I:\virus\test\system32\LotusHlp.dll - Signature 'Virus.Win32.OnLineGames.BHW' found
I:\virus\test\system32\PTSShell.dll - Signature 'Virus.Win32.Agent.CNF' found
I:\virus\test\system32\shelrav.exe
I:\virus\test\system32\ssdt.sys
I:\virus\test\system32\suchost.exe
I:\virus\test\system32\sychost.exe
I:\virus\test\system32\url1.exe
I:\virus\test\system32\utgnehz.dll - Signature 'Trojan-PWS.Win32.Small.br' found
I:\virus\test\system32\XSXCompress.dll - Signature 'Trojan-PWS.Win32.Delf.ix' found
I:\virus\test\system32\drivers\1.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\system32\drivers\10.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\11.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\12.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\system32\drivers\13.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\system32\drivers\14.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\15.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\16.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\17.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\test\system32\drivers\18.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\system32\drivers\19.exe - Signature 'Trojan-Proxy.Win32.Delf.AN' found
I:\virus\test\system32\drivers\2.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\system32\drivers\21.exe - Signature 'Backdoor.Win32.Beastdoor.l' found
I:\virus\test\system32\drivers\22.exe
I:\virus\test\system32\drivers\4.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\5.exe - Signature 'Trojan-Spy.Win32.Delf.uv' found
I:\virus\test\system32\drivers\6.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\7.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\system32\drivers\8.exe - Signature 'Trojan-PWS.Win32.OnLineGames.pou' found
I:\virus\test\system32\drivers\9.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\system32\drivers\puid.sys - Signature 'Trojan-Downloader.Win32.Agent.hif' found
I:\virus\test\system32\wbem\csrss.exe - Suspect code-parts found (Level: 150)
I:\virus\test\temp\~FaB.tmp
I:\virus\test\temp\~FaC.tmp
I:\virus\test\temp\IXP000.TMP\kavjs.exe - Signature 'not-a-virus:RiskTool.Win32.HideProc.c' found
I:\virus\test\temp\IXP000.TMP\spec.fne
I:\virus\test\Web\explor0er.exe - Suspect code-parts found (Level: 160)
I:\virus\test\Web\syst1m.exe - Signature 'not-a-virus:RiskTool.Win32.HideProc.c' found
54 Files scanned
(0 Archives with 0 files)
41 Signatures found
2 Suspect code-parts found
Used time: 0:01.907

[ 本帖最后由冷_冷于 2008-1-30 17:07 编辑 ]

显示全部楼层 · 发表于 2008-1-30 17:05:36

费尔45，刚才看错了

[ 本帖最后由鱼是一只我于 2008-1-30 17:13 编辑 ]

显示全部楼层 · 发表于 2008-1-30 17:19:35

ESET 40
C:\Documents and Settings\GUNDAM\桌面\windows\cmdbcs.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\GUNDAM\桌面\windows\DbgHlp32.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\LotusHlp.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\PTSShell.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\Fonts\avzxomn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\windows\Fonts\avzxost.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\windows\Fonts\gjcsdyc.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\windows\Fonts\gjcsdzc.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\cmdbcs.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\DbgHlp32.dll - Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\gnolnait.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\IGB_WD_1026.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\ijiq.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\ijougiemnaw.dll - Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\iqnauhc.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\LotusHlp.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\PTSShell.dll - Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\url1.exe » NSIS - archive damaged
C:\Documents and Settings\GUNDAM\桌面\windows\system32\utgnehz.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\XSXCompress.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\1.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\10.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\11.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\12.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\13.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\14.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\15.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\16.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\17.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\18.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\19.exe - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\2.exe - Win32/PSW.OnLineGames.NMF trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\4.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\5.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\6.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\7.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\8.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\9.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\drivers\puid.sys - a variant of Win32/TrojanDownloader.Small.HLV trojan
C:\Documents and Settings\GUNDAM\桌面\windows\system32\wbem\csrss.exe - Win32/Agent.NNA trojan
C:\Documents and Settings\GUNDAM\桌面\windows\Web\explor0er.exe - probably unknown NewHeur_PE virus

显示全部楼层 · 发表于 2008-1-30 17:19:36

江民40个

显示全部楼层 · 发表于 2008-1-30 18:27:28

Scanning Report
30 January 2008 18:27:02 - 18:27:05
Computer name: PUMA-PC
Scanning type: Scan target
Target: C:\Users\Administrator\Desktop\windows.part2.rar C:\Users\Administrator\Desktop\windows.part1.rar

--------------------------------------------------------------------------------

Result: 43 malware found
Trojan-PSW.Win32.OnLineGames.ppj (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\system32\utgnehz.dll
Trojan-Downloader.Win32.Agent.gbh (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\system32\wbem\csrss.exe
Trojan.Win32.Pakes.bzp (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\system32\XSXCompress.dll
Trojan-Downloader.Win32.Agent.ibh (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\temp\~FaB.tmp
C:\Users\Administrator\Desktop\windows.part2.rar\temp\~FaC.tmp
Trojan-PSW.Win32.OnLineGames.isb (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\cmdbcs.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\17.exe
Trojan.Win32.Vaklik.gg (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\DbgHlp32.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\12.exe
Trojan-PSW.Win32.OnLineGames.prg (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\LotusHlp.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\18.exe
Trojan-PSW.Win32.OnLineGames.nfz (virus)
C:\Users\Administrator\Desktop\windows.part2.rar\PTSShell.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\9.exe
Trojan-PSW.Win32.OnLineGames.oiu (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\Fonts\avzxomn.dll
Trojan-PSW.Win32.OnLineGames.odx (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\Fonts\avzxost.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\5.exe
Trojan-PSW.Win32.OnLineGames.oec (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\Fonts\gjcsdyc.dll
Trojan-PSW.Win32.OnLineGames.oee (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\Fonts\gjcsdzc.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\13.exe
Trojan-PSW.Win32.OnLineGames.pmg (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\DbgHlp32.dll
Trojan-PSW.Win32.OnLineGames.ptd (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\1.exe
Trojan-PSW.Win32.OnLineGames.odb (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\10.exe
Trojan-PSW.Win32.OnLineGames.pbp (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\11.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\15.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\4.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\6.exe
Trojan-Downloader.Win32.Zlob.gef (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\14.exe
Trojan-PSW.Win32.OnLineGames.pry (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\16.exe
Trojan-PSW.Win32.QQPass.asf (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\19.exe
Trojan-PSW.Win32.OnLineGames.pcn (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\2.exe
Trojan-PSW.Win32.OnLineGames.prw (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\7.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\ijougiemnaw.dll
Trojan-PSW.Win32.OnLineGames.pou (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\8.exe
C:\Users\Administrator\Desktop\windows.part1.rar\system32\IGB_WD_1026.exe
Trojan-Downloader.Win32.Agent.ibk (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\drivers\puid.sys
Trojan-PSW.Win32.OnLineGames.pps (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\gnolnait.dll
Trojan-PSW.Win32.OnLineGames.pop (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\IGB_WD_1026.dll
Trojan-PSW.Win32.OnLineGames.pvt (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\ijiq.dll
Trojan-PSW.Win32.OnLineGames.psx (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\iqnauhc.dll
Trojan-PSW.Win32.OnLineGames.prh (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\LotusHlp.dll
Trojan-PSW.Win32.OnLineGames.nfy (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\PTSShell.dll
Trojan-Clicker.Win32.Agent.qw (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\shelrav.exe
Trojan-Clicker.Win32.Agent.qm (virus)
C:\Users\Administrator\Desktop\windows.part1.rar\system32\sychost.exe

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 55
Not scanned: 0
Result:
Viruses: 43
Spyware: 0
Suspicious items: 0
Riskware: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspicious items: 0
Disinfected: 0

--------------------------------------------------------------------------------

Options
Definitions version:
Viruses: 2008-01-30_06
Spyware: 2008-01-30_05
Scanning Engines:
F-Secure AVP: 7.00.171, 2008-01-30
F-Secure Libra: 2.04.01, 2008-01-29
F-Secure Orion: 1.02.37, 2008-01-30
F-Secure Draco: 1.00.35, 2008-01-28
Scanning options:
Scan all files
Scan inside archives
Actions:
Viruses: Delete infected files
Spyware: Delete infected files

显示全部楼层 · 发表于 2008-1-30 18:33:10

扫描报告
2008年1月30日 18:32:31 - 18:32:39
计算机名称: CN-89FF4B9EA4D6
扫描类型: 扫描目标
目标: I:\hanxiaojun\windows.part2.rar I:\hanxiaojun\windows.part1.rar

--------------------------------------------------------------------------------

结果: 找到 41 恶意软件
Trojan-PSW.Win32.OnLineGames.ppj (病毒)
I:\hanxiaojun\windows.part2.rar\system32\utgnehz.dll
Trojan-Downloader.Win32.Agent.gbh (病毒)
I:\hanxiaojun\windows.part2.rar\system32\wbem\csrss.exe
Trojan.Win32.Pakes.bzp (病毒)
I:\hanxiaojun\windows.part2.rar\system32\XSXCompress.dll
Trojan-PSW.Win32.OnLineGames.isb (病毒)
I:\hanxiaojun\windows.part2.rar\cmdbcs.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\17.exe
Trojan.Win32.Vaklik.gg (病毒)
I:\hanxiaojun\windows.part2.rar\DbgHlp32.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\12.exe
Trojan-PSW.Win32.OnLineGames.prg (病毒)
I:\hanxiaojun\windows.part2.rar\LotusHlp.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\18.exe
Trojan-PSW.Win32.OnLineGames.nfz (病毒)
I:\hanxiaojun\windows.part2.rar\PTSShell.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\9.exe
Trojan-PSW.Win32.OnLineGames.oiu (病毒)
I:\hanxiaojun\windows.part1.rar\Fonts\avzxomn.dll
Trojan-PSW.Win32.OnLineGames.odx (病毒)
I:\hanxiaojun\windows.part1.rar\Fonts\avzxost.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\5.exe
Trojan-PSW.Win32.OnLineGames.oec (病毒)
I:\hanxiaojun\windows.part1.rar\Fonts\gjcsdyc.dll
Trojan-PSW.Win32.OnLineGames.oee (病毒)
I:\hanxiaojun\windows.part1.rar\Fonts\gjcsdzc.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\13.exe
Trojan-PSW.Win32.OnLineGames.pmg (病毒)
I:\hanxiaojun\windows.part1.rar\system32\DbgHlp32.dll
Trojan-PSW.Win32.OnLineGames.ptd (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\1.exe
Trojan-PSW.Win32.OnLineGames.odb (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\10.exe
Trojan-PSW.Win32.OnLineGames.pbp (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\11.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\15.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\4.exe
I:\hanxiaojun\windows.part1.rar\system32\drivers\6.exe
Trojan-Downloader.Win32.Zlob.gef (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\14.exe
Trojan-PSW.Win32.OnLineGames.pry (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\16.exe
Trojan-PSW.Win32.QQPass.asf (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\19.exe
Trojan-PSW.Win32.OnLineGames.pcn (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\2.exe
Trojan-PSW.Win32.OnLineGames.prw (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\7.exe
I:\hanxiaojun\windows.part1.rar\system32\ijougiemnaw.dll
Trojan-PSW.Win32.OnLineGames.pou (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\8.exe
I:\hanxiaojun\windows.part1.rar\system32\IGB_WD_1026.exe
Trojan-Downloader.Win32.Agent.ibk (病毒)
I:\hanxiaojun\windows.part1.rar\system32\drivers\puid.sys
Trojan-PSW.Win32.OnLineGames.pps (病毒)
I:\hanxiaojun\windows.part1.rar\system32\gnolnait.dll
Trojan-PSW.Win32.OnLineGames.pop (病毒)
I:\hanxiaojun\windows.part1.rar\system32\IGB_WD_1026.dll
Trojan-PSW.Win32.OnLineGames.pvt (病毒)
I:\hanxiaojun\windows.part1.rar\system32\ijiq.dll
Trojan-PSW.Win32.OnLineGames.psx (病毒)
I:\hanxiaojun\windows.part1.rar\system32\iqnauhc.dll
Trojan-PSW.Win32.OnLineGames.prh (病毒)
I:\hanxiaojun\windows.part1.rar\system32\LotusHlp.dll
Trojan-PSW.Win32.OnLineGames.nfy (病毒)
I:\hanxiaojun\windows.part1.rar\system32\PTSShell.dll
Trojan-Clicker.Win32.Agent.qw (病毒)
I:\hanxiaojun\windows.part1.rar\system32\shelrav.exe
Trojan-Clicker.Win32.Agent.qm (病毒)
I:\hanxiaojun\windows.part1.rar\system32\sychost.exe

--------------------------------------------------------------------------------

统计信息
已扫描:
文件: 52
未扫描: 0
结果:
病毒: 41
间谍软件: 0
可疑项目: 0
危险软件: 0
操作:
已杀毒: 0
已重命名: 0
删除: 0
已隔离: 0
失败: 0
启动扇区:
已扫描: 0
受感染: 0
可疑项目: 0
已杀毒: 0

显示全部楼层 · 发表于 2008-1-30 18:45:51

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.ZhengTu.ymq
病毒： Trojan.Win32.Undef.bfe
病毒： Trojan.PSW.Win32.GameOL.lmf
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.lhw
病毒： Trojan.PSW.Win32.GameOL.lhu
病毒： AdWare.Win32.Agent.zqf
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQHX.tvo
病毒： Trojan.PSW.Win32.QQHX.tvu
病毒： Trojan.PSW.Win32.GamesOnline.ir
病毒： Trojan.PSW.Win32.XYOnline.abc
病毒： Worm.Win32.PaBug.gs
病毒： Trojan.Win32.Undef.bxt
病毒： AdWare.Win32.Agent.zqf
病毒： AdWare.Win32.Agent.zqf
病毒： AdWare.Win32.Agent.zqf
病毒： Trojan.PSW.Win32.GameOL.lst
病毒： Trojan.PSW.Win32.GameOL.lrr
病毒： Trojan.PSW.Win32.GameOL.lqx
病毒： Trojan.PSW.Win32.GamesOnline.kw
病毒： Trojan.PSW.Win32.GameOL.lsd
病毒： Trojan.Win32.GameOL.b

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.29.21

显示全部楼层 · 发表于 2008-1-30 19:00:03

Begin scan in 'C:\Documents and Settings\Administrator\桌面\windows[1].part2.rar'
C:\Documents and Settings\Administrator\桌面\windows[1].part2.rar
  [0] Archive type: RAR
  --> system32\utgnehz.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.1
  --> system32\wbem\csrss.exe
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
  --> system32\XSXCompress.dll
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxo
  --> temp\IXP000.TMP\kavjs.exe
   [DETECTION] Is the Trojan horse TR/Qhost.LY.56
  --> temp\~FaB.tmp
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.dyd
  --> temp\~FaC.tmp
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.dyd
  --> Web\syst1m.exe
   [DETECTION] Is the Trojan horse TR/Qhost.LY.55
  --> cmdbcs.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> DbgHlp32.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.PMG.5
  --> LotusHlp.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prh.1
  --> PTSShell.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NFY.4
   [INFO]    The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\windows[1].part1.rar'
C:\Documents and Settings\Administrator\桌面\windows[1].part1.rar
  [0] Archive type: RAR
  --> Fonts\avzxomn.dll
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> Fonts\avzxost.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> Fonts\gjcsdyc.dll
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> Fonts\gjcsdzc.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> system32\cmdbcs.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> system32\DbgHlp32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.PMG.5
  --> system32\drivers\1.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.aav.1
  --> system32\drivers\10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nzv.1
  --> system32\drivers\11.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.26
  --> system32\drivers\12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.PMG.5
  --> system32\drivers\13.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> system32\drivers\14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.omf
  --> system32\drivers\15.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.1
  --> system32\drivers\16.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> system32\drivers\17.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> system32\drivers\18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prh.1
  --> system32\drivers\19.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.ase
  --> system32\drivers\2.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pcn.3
  --> system32\drivers\22.exe
   [DETECTION] Is the Trojan horse TR/Click.Agent.QM
  --> system32\drivers\4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.22
  --> system32\drivers\5.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> system32\drivers\6.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.23
  --> system32\drivers\7.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> system32\drivers\8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pou.1
  --> system32\drivers\9.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NFY.4
  --> system32\drivers\puid.sys
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> system32\gnolnait.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.22
  --> system32\IGB_WD_1026.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pop
  --> system32\IGB_WD_1026.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pou.1
  --> system32\ijiq.dll
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> system32\ijougiemnaw.dll
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> system32\iqnauhc.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.23
  --> system32\LotusHlp.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prh.1
  --> system32\PTSShell.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NFY.4
  --> system32\suchost.exe
   [DETECTION] Is the Trojan horse TR/Click.Agent.QM
  --> system32\sychost.exe
   [DETECTION] Is the Trojan horse TR/Click.Agent.QM
   [INFO]    The file was deleted!

End of the scan: 2008年1月30日  18:59
Used time: 00:29 min

The scan has been done completely.

   0 Scanning directories
   55 Files were scanned
   46 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   2 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   9 Files not concerned
   2 Archives were scanned
   0 Warnings
   0 Notes

55？

[病毒样本] 54

本帖子中包含更多资源

102/51

浏览过的版块