40个

promised

读取http://url.hao365.org/downlist.txt
C:\ABC\样本.rar:\WinSys8k.Sys - 特征码 'Trojan-Proxy.Win32.Delf.AN' 被发现
C:\ABC\样本.rar:\a1.exe - 特征码 'Virus.Win32.QQRob.AS' 被发现
C:\ABC\样本.rar:\a2.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\a3.exe - 特征码 'Virus.Win32.OnLineGames.SR' 被发现
C:\ABC\样本.rar:\a4.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\a5.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\a6.exe - 特征码 'Trojan-Downloader.6165' 被发现
C:\ABC\样本.rar:\ijougiemnaw.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\a9.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\a11.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\a12.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\a13.exe - 特征码 'Trojan-PWS.Win32.Lmir.bpv' 被发现
C:\ABC\样本.rar:\a14.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\a16.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.ish' 被发现
C:\ABC\样本.rar:\a17.exe - 特征码 'Packed.Win32.Klone.af' 被发现
C:\ABC\样本.rar:\a18.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\a19.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\a20.exe - 特征码 'Trojan-Proxy.Delf.CA' 被发现
C:\ABC\样本.rar:\a22.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\a23.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\a24.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\a25.exe - 特征码 'Virus.Win32.GrayBird.KM' 被发现
C:\ABC\样本.rar:\608769MM.DLL - 特征码 'Trojan-PWS.Win32.OnLineGames.jcr' 被发现
C:\ABC\样本.rar:\kiluw.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\yekqchmzyzj.dll - 特征码 'Trojan-PWS.Win32.Agent.jp' 被发现
C:\ABC\样本.rar:\Kvsc3.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\样本.rar:\LotusHlp.dll - 特征码 'Virus.Win32.OnLineGames.BHW' 被发现
C:\ABC\样本.rar:\LYLOADER.EXE - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\LYMANGR.DLL - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\MSDEG32.DLL - 特征码 'Generic.PWS.Games.3' 被发现
C:\ABC\样本.rar:\msepion.sys - 特征码 'Trojan.Win32.Agent.anj' 被发现
C:\ABC\样本.rar:\naixuhz.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\NVDispDrv.dll - 特征码 'Virus.Win32.OnLineGames.BHW' 被发现
C:\ABC\样本.rar:\sauhad.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\SHAProc.dll - 特征码 'Trojan-PWS.Win32.OnLineGames.es' 被发现
C:\ABC\样本.rar:\upxdnd.dll - 特征码 'Trojan-PWS.OnlineGames.NSR' 被发现
C:\ABC\样本.rar:\uyom.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\wbiobgmzyzj.dll - 特征码 'Trojan-PWS.Win32.Agent.jp' 被发现
C:\ABC\样本.rar:\scvhost.exe - 特征码 'Backdoor.Win32.Delf.awy' 被发现
C:\ABC\样本.rar:\jsqxcyc.dll - 特征码 'Virus.Win32.OnLineGames.BGD' 被发现
C:\ABC\样本.rar

[ 本帖最后由 promised 于 2008-2-16 13:30 编辑 ]

woai_jolin

Scan Log
Version of virus signature database: 2880 (20080215)
Date: 2008/2/16  Time: 13:17:37
Scanned disks, folders and files: G:\v\样本.rar
G:\v\样本.rar » RAR » WinSys8k.Sys - Win32/PSW.QQPass.AUQ trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a1.exe » FSG v2.0 - is OK
G:\v\样本.rar » RAR » a2.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a3.exe - Win32/PSW.Agent.NGZ trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a4.exe - a variant of Win32/PSW.OnLineGames.NMN trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a5.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a6.exe - Win32/PSW.QQPass.AUQ trojan - was a part of the deleted object
G:\v\样本.rar » RAR » ijougiemnaw.dll - a variant of Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a9.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a11.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a12.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a13.exe - Win32/PSW.WOW.WU trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a14.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a16.exe - a variant of Win32/PSW.OnLineGames.GJV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a17.exe - is OK
G:\v\样本.rar » RAR » a18.exe - Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a19.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a20.exe - Win32/Delf.CSN trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a22.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a23.exe - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a24.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\样本.rar » RAR » a25.exe » FSG v2.0 - is OK
G:\v\样本.rar » RAR » 608769MM.DLL - Win32/PSW.Legendmir.NFF trojan - was a part of the deleted object
G:\v\样本.rar » RAR » kiluw.dll - a variant of Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » yekqchmzyzj.dll - probably a variant of Win32/PSW.OnLineGames.GJV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » Kvsc3.dll - Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » LotusHlp.dll - a variant of Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan - was a part of the deleted object
G:\v\样本.rar » RAR » LYMANGR.DLL - Win32/PSW.OnLineGames.DTR trojan - was a part of the deleted object
G:\v\样本.rar » RAR » MSDEG32.DLL - a variant of Win32/PSW.OnLineGames.DVV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » msepion.sys - Win32/PSW.OnLineGames.NFC trojan - was a part of the deleted object
G:\v\样本.rar » RAR » naixuhz.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » NVDispDrv.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » sauhad.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » SHAProc.dll - a variant of Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » upxdnd.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » uyom.dll - a variant of Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » wbiobgmzyzj.dll - probably a variant of Win32/PSW.OnLineGames.GJV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » scvhost.exe - Win32/Delf.AWY trojan - was a part of the deleted object
G:\v\样本.rar » RAR » jsqxcyc.dll - Win32/PSW.OnLineGames.FDY trojan - was a part of the deleted object
Number of scanned objects: 41
Number of threats found: 37
Time of completion: 13:17:43  Total scanning time: 6 sec (00:00:06)

Joker

40
deleted: Trojan program Trojan-PSW.Win32.QQPass.auq        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/WinSys8k.Sys
deleted: Trojan program Backdoor.Win32.Hupigon.aqur        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a1.exe//FSG//PEPatch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ozk        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a2.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pwt        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a3.exe
deleted: Trojan program Trojan-PSW.Win32.Delf.anb        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a4.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qgw        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a5.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.auq        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a6.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rfs        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/ijougiemnaw.dll//UPack
deleted: Trojan program Trojan.Win32.Vaklik.gi        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a9.exe//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rbf        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a11.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rbf        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a12.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Lmir.bpv        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a13.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rbf        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a14.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pef        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a16.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pem        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a17.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.obo        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a18.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a19.exe//PE_Patch//UPack
deleted: Trojan program Backdoor.Win32.Delf.csn        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a20.exe//FSG//PEPatch
deleted: Trojan program Trojan.Win32.Vaklik.if        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a22.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.oed        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a23.exe//UPack
deleted: Trojan program Trojan.Win32.Vaklik.gk        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a24.exe//UPack
deleted: Trojan program Trojan.Win32.StartPage.avr        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/a25.exe//FSG//PEPatch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.oqu        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/608769MM.DLL
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rfw        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/kiluw.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.WOW.ajn        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/yekqchmzyzj.dll//UPack//PE_Patch.MaskPE
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.obo        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/Kvsc3.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rev        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/LotusHlp.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvw        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/LYLOADER.EXE//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pum        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/LYMANGR.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pul        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/MSDEG32.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rfd        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/msepion.sys
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvt        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/naixuhz.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ppm        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/NVDispDrv.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rcg        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/sauhad.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pew        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/SHAProc.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.oxo        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/upxdnd.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qau        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/uyom.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.WOW.ajn        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/wbiobgmzyzj.dll//UPack//PE_Patch.MaskPE
deleted: Trojan program Backdoor.Win32.Delf.awy        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/scvhost.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.oeh        File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/jsqxcyc.dll

spatra

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\��.rar'
C:\Documents and Settings\Administrator\桌面\��.rar
  [0] Archive type: RAR
  --> WinSys8k.Sys
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.auq.1
  --> a1.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.aqur Backdoor server programs
  --> a2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qau
  --> a3.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.x
  --> a4.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.anb.1
  --> a5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.175
  --> a6.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.auq
  --> ijougiemnaw.dll
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> a9.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ppm.1
  --> a11.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QYF.1
  --> a12.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QYF.4
  --> a13.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> a14.exe
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> a16.exe
      [DETECTION] Is the Trojan horse TR/PSW.Wow.ajn
  --> a17.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> a18.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.116
  --> a19.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.3
  --> a20.exe
      [DETECTION] Is the Trojan horse TR/Proxy.Delf.CA
  --> a22.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.157
  --> a23.exe
      [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> a24.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.256
  --> a25.exe
      [DETECTION] Is the Trojan horse TR/Proxy.Delf.CA
  --> 608769MM.DLL
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> kiluw.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QYF.1
  --> yekqchmzyzj.dll
      [DETECTION] Is the Trojan horse TR/PSW.Wow.ajn
  --> Kvsc3.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.116
  --> LotusHlp.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.256
  --> LYLOADER.EXE
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> LYMANGR.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> MSDEG32.DLL
      [DETECTION] Is the Trojan horse TR/PSW.Online.gyo.2
  --> msepion.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> naixuhz.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.3
  --> NVDispDrv.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ppm.1
  --> sauhad.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QYF.4
  --> SHAProc.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.157
  --> upxdnd.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.175
  --> uyom.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qau
  --> wbiobgmzyzj.dll
      [DETECTION] Is the Trojan horse TR/PSW.Wow.ajn
  --> scvhost.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> jsqxcyc.dll
      [DETECTION] Is the Trojan horse TR/WuDisable.B
      [INFO]      The file was deleted!


End of the scan: 2008年2月16日  13:25
Used time: 00:50 min

The scan has been done completely.

      0 Scanning directories
     41 Files were scanned
     40 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

hshhua01

40 红伞

[ 本帖最后由 hshhua01 于 2008-2-16 13:28 编辑 ]

gho

卡巴40个，咖啡隔离

beyondcloud

卡巴全部消灭

su-tt

样本.rar\WinSys8k.Sys;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Lineage.origin;;
样本.rar\a1.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.BadDate;;
样本.rar\a2.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3013;;
样本.rar\a3.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.MulDrop.10903;;
样本.rar\a4.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.6951;;
样本.rar\a5.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2986;;
样本.rar\a6.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Qqpass.885;;
ijougiemnaw.dll\data001;C:\Documents and Settings\Administrator\桌面\样本.rar\ijougiemnaw.dll;Trojan.PWS.Gamania.7505;;
ijougiemnaw.dll\data002;C:\Documents and Settings\Administrator\桌面\样本.rar\ijougiemnaw.dll;Trojan.PWS.Gamania.7505;;
ijougiemnaw.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;发现档案文件中有受感染的对象;;
样本.rar\a9.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3149;;
样本.rar\a11.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.7505;;
样本.rar\a12.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.7505;;
样本.rar\a13.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Legmir;;
样本.rar\a14.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.7505;;
样本.rar\a16.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.MulDrop.10524;;
样本.rar\a17.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2984;;
样本.rar\a18.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2787;;
样本.rar\a19.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3196;;
a20.exe\data001;C:\Documents and Settings\Administrator\桌面\样本.rar\a20.exe;Trojan.Sniff;;
a20.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;发现档案文件中有受感染的对象;;
样本.rar\a22.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2968;;
样本.rar\a23.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.6950;;
样本.rar\a24.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3147;;
样本.rar\608769MM.DLL;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.6736;;
kiluw.dll\data001;C:\Documents and Settings\Administrator\桌面\样本.rar\kiluw.dll;Trojan.PWS.Gamania.7505;;
kiluw.dll\data002;C:\Documents and Settings\Administrator\桌面\样本.rar\kiluw.dll;Trojan.PWS.Gamania.7505;;
kiluw.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;发现档案文件中有受感染的对象;;
样本.rar\yekqchmzyzj.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.7122;;
样本.rar\Kvsc3.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2804;;
样本.rar\LotusHlp.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.origin;;
样本.rar\LYLOADER.EXE;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.MulDrop.10904;;
样本.rar\LYMANGR.DLL;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3282;;
样本.rar\MSDEG32.DLL;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3283;;
样本.rar\naixuhz.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.3193;;
样本.rar\NVDispDrv.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.origin;;
样本.rar\sauhad.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.7509;;
样本.rar\SHAProc.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2969;;
样本.rar\upxdnd.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Wsgame.2986;;
uyom.dll\data001;C:\Documents and Settings\Administrator\桌面\样本.rar\uyom.dll;Trojan.PWS.Wsgame.3022;;
uyom.dll\data002;C:\Documents and Settings\Administrator\桌面\样本.rar\uyom.dll;Trojan.PWS.Wsgame.3023;;
uyom.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;发现档案文件中有受感染的对象;;
样本.rar\wbiobgmzyzj.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.7122;;
样本.rar\scvhost.exe;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.Sniff;;
样本.rar\jsqxcyc.dll;C:\Documents and Settings\Administrator\桌面\样本.rar;Trojan.PWS.Gamania.6950;;
样本.rar;C:\Documents and Settings\Administrator\桌面;发现档案文件中有受感染的对象;;

无尽藏海

F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2008-2-16, 4:21

Scan name: [Custom Scan]
Path to scan: F:\virus\样本3.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2008-2-16, 14:24:20
---------------------------------------------------------------------

[Found virus]         <W32/InfoStealer!Generic (not disinfectable)>        F:\virus\样本3.rar->WinSys8k.Sys
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a2.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        F:\virus\样本3.rar->a3.exe->(embedded)->(UPack)
[Found virus]         <W32/InfoStealer!Generic (not disinfectable)>        F:\virus\样本3.rar->a4.exe->(embedded)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a5.exe
[Found security risk]         <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a6.exe->(UPX)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->ijougiemnaw.dll->(UPack)
[Found security risk]         <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)>        F:\virus\样本3.rar->a9.exe->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a11.exe->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a12.exe->(UPack)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a13.exe
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a14.exe->(UPack)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a17.exe->(NSPack)->(PE_Patch)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a18.exe
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a19.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        F:\virus\样本3.rar->a20.exe->(FSG)
[Found security risk]         <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)>        F:\virus\样本3.rar->a22.exe->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->a23.exe
[Found security risk]         <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)>        F:\virus\样本3.rar->a24.exe->(UPack)
[Found password stealer]         <W32/Legendmir.A.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->608769MM.DLL
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->kiluw.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        F:\virus\样本3.rar->yekqchmzyzj.dll->(UPack)->(PE_Patch.MaskPE)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        F:\virus\样本3.rar->LYLOADER.EXE->(UPack)
[Found possible virus]         <W32/Downloader-SmlInject-based!Maximus (not disinfectable)>        F:\virus\样本3.rar->LYMANGR.DLL->(UPack)
[Found security risk]         <W32/Agent.M.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->MSDEG32.DLL
[Found security risk]         <W32/OnlineGames.L.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->msepion.sys
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->naixuhz.dll->(UPack)
[Found security risk]         <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)>        F:\virus\样本3.rar->NVDispDrv.dll
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->sauhad.dll->(UPack)
[Found security risk]         <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)>        F:\virus\样本3.rar->upxdnd.dll
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        F:\virus\样本3.rar->uyom.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        F:\virus\样本3.rar->wbiobgmzyzj.dll->(UPack)->(PE_Patch.MaskPE)
[Found backdoor]         <W32/Backdoor.BGBT (exact, not disinfectable)>        F:\virus\样本3.rar->scvhost.exe
[Contains infected objects]        F:\virus\样本3.rar
[Quarantined]        F:\virus\样本3.rar->scvhost.exe

---------------------------------------------------------------------
Scan ended:        2008-2-16, 14:24:41
Duration:        0:00:21

Scan result:

Scanned files:                 1
Infected objects:         33
Disinfected objects:         0
Quarantined files:         1

挪威的冬天

太逊啦

信息        2008-02-16  14:37:37        您此次查毒共查出34个病毒以及危险代码                       
信息        2008-02-16  14:37:37        您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件66个                       
信息        2008-02-16  14:37:37        金山毒霸主程序查毒过程结束，查毒方式：命令行查毒                       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\jsqxcyc.dll        Win32.Troj.OnlineGamesT.yy.26978        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\scvhost.exe        Win32.Troj.Delf.11081        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\wbiobgmzyzj.dll        Win32.PSWTroj.WowT.my.17831        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\uyom.dll        Win32.Troj.OnlineGamesT.zy.90112        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\upxdnd.dll        Win32.Troj.OnlineGamesT.uy.31744        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\SHAProc.dll        Win32.Troj.OnlineGamesT.uy.31744        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\sauhad.dll        Win32.Troj.OnlineGamesT.ty.90112        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\NVDispDrv.dll        Win32.Troj.OnlineGamesT.uy.31744        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\naixuhz.dll        Win32.Troj.OnlineGamesT.zy.90112        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\MSDEG32.DLL        Win32.Troj.OnlineGamesT.ty.135168        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\LYMANGR.DLL        Win32.PSWTroj.OnLineGames.61440        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\LYLOADER.EXE        Win32.Troj.OnlineGamesT.ty.86016        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\LotusHlp.dll        Win32.Troj.OnlineGamesT.uy.31744        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\Kvsc3.dll        Win32.Troj.OnlineGamesT.uy.31744        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\yekqchmzyzj.dll        Win32.PSWTroj.WowT.my.17831        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\kiluw.dll        Win32.Troj.OnlineGamesT.ty.90112        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\608769MM.DLL        Win32.Troj.MirT.md.48433        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a25.exe        Win32.Packed.MaskPE        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a24.exe        Win32.Troj.OnlineGamesT.ty.98304        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a23.exe        Win32.Troj.AgentT.fm.14452        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a22.exe        Win32.Troj.OnlineGamesT.ky.151552        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a20.exe        Win32.Hack.MaskPET.a.36864        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a19.exe        Win32.Troj.OnlineGamesT.nr.37008        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a18.exe        Win32.Troj.OnlineGamesT.bo.11680        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a17.exe        Win32.PSWTroj.GameOL.126976        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a16.exe        Win32.PSWTroj.Agent.81920        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a13.exe        Win32.Troj.LmirT.by.9900        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a9.exe        Win32.Troj.OnlineGamesT.ty.98304        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\ijougiemnaw.dll        Win32.Troj.OnlineGamesT.ty.90112        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a5.exe        Win32.Troj.OnlineGamesT.ky.151552        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a4.exe        Win32.PSWTroj.Delf.110592        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a3.exe        Win32.PSWTroj.Agent.4055        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a2.exe        Win32.Troj.OnlineGamesT.nr.37008        跳过，未处理       
病毒        2008-02-16  14:37:37        C:\Users\挪威的冬天\Desktop\样本.rar\a1.exe        Win32.Packed.MaskPE        跳过，未处理