Avast报毒网.

显示全部楼层 · 发表于 2008-3-2 13:48:11

md5

文件: C:\Documents and Settings\Administrator\桌面\s\1.exe
大小: 19436 字节
修改时间: 2008年3月2日, 12:56:24
MD5: 0624AC730A5798FAE9EE0B59A5C0A3DC
SHA1: 2B5149BB09C7A6F154BC7D62E283A53C3AE2E6F1
CRC32: E96A3CA2

文件: C:\Documents and Settings\Administrator\桌面\s\2.exe
大小: 17830 字节
修改时间: 2008年3月2日, 12:56:44
MD5: 9B1037E05CABC5754EA82D8004365116
SHA1: 048E82B0906C04A950CFF8AE279037639A617CA9
CRC32: 3600804B

文件: C:\Documents and Settings\Administrator\桌面\s\3.exe
大小: 19556 字节
修改时间: 2008年3月2日, 12:56:52
MD5: FD44C59B803E9C7AFC0FEF5FDDE29822
SHA1: 60F666B589FEA201E7104F8D108BA11F412F9212
CRC32: FE5D933A

文件: C:\Documents and Settings\Administrator\桌面\s\4.exe
大小: 34304 字节
修改时间: 2008年3月2日, 12:57:00
MD5: 5B3239BE5D0245452F60F536EE0848B5
SHA1: 7B6160F603D9435BA9A04BCF8C2DB8E37937A3E5
CRC32: 80339C7C

文件: C:\Documents and Settings\Administrator\桌面\s\5.exe
大小: 19176 字节
修改时间: 2008年3月2日, 12:57:08
MD5: 89384276178F491A40EFA0D0A4B0A8D0
SHA1: 0EF8AF98421B1602E462F496153B613A7E25E44A
CRC32: 2B1105E3

文件: C:\Documents and Settings\Administrator\桌面\s\6.exe
大小: 17436 字节
修改时间: 2008年3月2日, 12:57:16
MD5: 0DCCD04529E57A8AE5851331FB796468
SHA1: A05C35A3CB03D0E68C1EADD0DAB1FD7DCA7C1E9C
CRC32: 19089746

文件: C:\Documents and Settings\Administrator\桌面\s\7.exe
大小: 23612 字节
修改时间: 2008年3月2日, 12:57:32
MD5: 2757BD6217B93DB44438E74410364D2C
SHA1: 92B6EADBB4CC9CC3977A503C73DC5B3B9D1945B8
CRC32: 26E08DF5

文件: C:\Documents and Settings\Administrator\桌面\s\8.exe
大小: 19116 字节
修改时间: 2008年3月2日, 12:57:42
MD5: 7692E6CA4B890460FBBB3DE222999877
SHA1: C3B0FFFB63F980A9741B58AB22039EA9779ABD65
CRC32: 3FB34D44

文件: C:\Documents and Settings\Administrator\桌面\s\9.exe
大小: 33935 字节
修改时间: 2008年3月2日, 12:57:50
MD5: 82AD0B365389B5AED036DC9C8493119C
SHA1: 8A244559CEB4221E6EA93C96D9EEDACB1BF0AC63
CRC32: 64CBDEF2

文件: C:\Documents and Settings\Administrator\桌面\s\10.exe
大小: 29617 字节
修改时间: 2008年3月2日, 12:54:42
MD5: 45918DC66CFB47E96EDED668F9966A60
SHA1: C61037F7ADB580C4959925A2755C6CF55FCACB33
CRC32: 0830DA7F

文件: C:\Documents and Settings\Administrator\桌面\s\11.exe
大小: 23448 字节
修改时间: 2008年3月2日, 12:54:43
MD5: EA4238AF35F370836AE20705FDAE709C
SHA1: 8860589F697D2CC73852CDB7EF770F8EF6A3C52E
CRC32: 667D77D6

文件: C:\Documents and Settings\Administrator\桌面\s\12.exe
大小: 17549 字节
修改时间: 2008年3月2日, 12:54:44
MD5: 98F0AF8EEEAC042FD8FB79BBEC5EB4E5
SHA1: 3AB6BF934D773670834789FBFA8A967332CD9B75
CRC32: 507A9FF7

文件: C:\Documents and Settings\Administrator\桌面\s\13.exe
大小: 12224 字节
修改时间: 2008年3月2日, 12:54:46
MD5: 80949849BA3E4AD723851D84C3BD07E7
SHA1: ACD2DF736A9C083F3D7518FA28E43A5CB1CB25C1
CRC32: 0C99F0AC

文件: C:\Documents and Settings\Administrator\桌面\s\14.exe
大小: 18408 字节
修改时间: 2008年3月2日, 12:54:45
MD5: 7FE94E772942E9487C4273EECBE63CD7
SHA1: 04F852239557ADC936A053612C667262D22C832D
CRC32: FC6A95C4

文件: C:\Documents and Settings\Administrator\桌面\s\15.exe
大小: 11528 字节
修改时间: 2008年3月2日, 12:54:45
MD5: 73C67FB999AF05D6D8B54D853D54F0F8
SHA1: 60AB3328A113C3040058D478F582D3AB72D53B65
CRC32: 7BD31CB0

文件: C:\Documents and Settings\Administrator\桌面\s\16.exe
大小: 18652 字节
修改时间: 2008年3月2日, 12:58:02
MD5: 1D6889DF59C7BD708E54A2AAD0243A7C
SHA1: 9392DA59A67F5AE758609F8794C973D2AAFB4E1A
CRC32: 57C9D6C0

文件: C:\Documents and Settings\Administrator\桌面\s\17.exe
大小: 20924 字节
修改时间: 2008年3月2日, 12:58:08
MD5: AF1B0AE9C3DB25032CA754CE9A902514
SHA1: 84A07D4968D4EC49DAE5308295A1A79AEC47CFE8
CRC32: CA204584

文件: C:\Documents and Settings\Administrator\桌面\s\18.exe
大小: 18256 字节
修改时间: 2008年3月2日, 12:58:18
MD5: 960A9B4BC926AA578C5290D4E5744C98
SHA1: DF2A6A2FA7ACDD504DCA8970DAF927CCDBBD12C7
CRC32: 7B4183CD

文件: C:\Documents and Settings\Administrator\桌面\s\19.exe
大小: 23292 字节
修改时间: 2008年3月2日, 12:58:26
MD5: CE4778AAE8B1D762DC4D52A7346C6A7A
SHA1: CD8FC9E4D3A08B20BF402C2972D30A9EC61729F5
CRC32: 08103BC6

文件: C:\Documents and Settings\Administrator\桌面\s\20.exe
大小: 19202 字节
修改时间: 2008年3月2日, 12:58:32
MD5: 54BF848CC3A4EC1BA227DD030DDE4214
SHA1: A2A782297D26B121463B4D85529EC1FCBE778414
CRC32: 2636D40F

文件: C:\Documents and Settings\Administrator\桌面\s\21.exe
大小: 31744 字节
修改时间: 2008年3月2日, 12:59:44
MD5: B716A6F288E84BB6D612FC162630F65F
SHA1: 7CB08102E6A58C324ADA6E82F001EDE19A1D6FCC
CRC32: 8C8514F0

文件: C:\Documents and Settings\Administrator\桌面\s\23.exe
大小: 16816 字节
修改时间: 2008年3月2日, 12:59:56
MD5: 2151A1365CA68BEDCFDD881C2F390885
SHA1: AD0CCA6AFD9F74BF77CB2AE0FE47F063DAA34163
CRC32: BC64847E

文件: C:\Documents and Settings\Administrator\桌面\s\24.exe
大小: 20052 字节
修改时间: 2008年3月2日, 13:00:06
MD5: 071BF82F1A3D7AF06F03D182E7480A6F
SHA1: D5AAEA71767574AE541D70C434E111841F28AEE9
CRC32: AD1643A5

文件: C:\Documents and Settings\Administrator\桌面\s\25.exe
大小: 12044 字节
修改时间: 2008年3月2日, 13:00:14
MD5: 6A55432037CC89A3ABC2C4BA1766C1FE
SHA1: A8E10F20A84417A56CCC5EF2BA9ED9EF10C3090F
CRC32: 61DD5682

文件: C:\Documents and Settings\Administrator\桌面\s\26.exe
大小: 33048 字节
修改时间: 2008年3月2日, 13:00:22
MD5: 7DFDEE44BDE7440CEA28F802F9D0A679
SHA1: 691209036EF916B598C991EFCA01D94844537D12
CRC32: FB3622E7

文件: C:\Documents and Settings\Administrator\桌面\s\27.exe
大小: 12832 字节
修改时间: 2008年3月2日, 13:00:28
MD5: D9093ED18890C30912ADFCB71D589E18
SHA1: E0007C7EEF0613917B7390B49D89BC2D4D3352F1
CRC32: AD0702A4

文件: C:\Documents and Settings\Administrator\桌面\s\28.exe
大小: 17721 字节
修改时间: 2008年3月2日, 13:00:36
MD5: E426A6397B9C3B7BA9A4166FE249E19B
SHA1: 068C875B04C8D14281ED683FA9EB0DFFE7E7DB36
CRC32: 8A902718

文件: C:\Documents and Settings\Administrator\桌面\s\29.exe
大小: 11364 字节
修改时间: 2008年3月2日, 13:00:42
MD5: 889B360007F75D1BAC846343A94FC774
SHA1: 59126635A76D0B3FD5FE85FEC7889CD7A62FDDC0
CRC32: 0F77FE1A

文件: C:\Documents and Settings\Administrator\桌面\s\31.exe
大小: 13192 字节
修改时间: 2008年3月2日, 13:01:10
MD5: 06FB3E4177567C7D73C38F935C055B0A
SHA1: B4B662B7CD0C11C5A604D479B5281A97D3D7B08B
CRC32: 0700F045

显示全部楼层 · 发表于 2008-3-2 14:11:15

linkscanner和红伞开进去一点反应都没有

显示全部楼层 · 发表于 2008-3-3 00:15:41

KV2008杀掉27个。

显示全部楼层 · 发表于 2008-3-3 12:08:10

mcafee23个

瑞星29个

显示全部楼层 · 发表于 2008-3-3 12:45:20

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GamesOnline.oe
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.SunOnline.ma
病毒： Trojan.PSW.Win32.GamesOnline.oz
病毒： Trojan.PSW.Win32.XYOnline.aay
病毒： RootKit.Win32.GameHack.GEN
病毒： Trojan.PSW.Win32.Agent.vsk
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.YBOnline.dk
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GamesOnline.mh
病毒： Trojan.PSW.Win32.GameOL.mcc
病毒： Trojan.PSW.Win32.GameOL.mau
病毒： Trojan.PSW.Win32.GameOL.lvx
病毒： Trojan.PSW.Win32.SunOnline.mk
病毒： Trojan.PSW.Win32.GameOL.lxd
病毒： Trojan.PSW.Win32.GameOL.mfi
病毒： Trojan.PSW.Win32.GameOL.mcv
病毒： Trojan.PSW.Win32.GameOL.mgc

MAC 地址：00:17:31:40:A3:57

用户来源：局域网

软件版本：20.34

显示全部楼层 · 发表于 2008-3-3 14:41:55

木马名称:Trojan-PSW.Win32.OLGames.pcu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\4.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.leg
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.pbi
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\15.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.BHO.ml
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\28.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\1.EXE
木马程序生成以下文件:
1) C:\WINDOWS\SYSTEM32\DRIVERS\MSOSFPIDS32.SYS
是否删除木马程序及其衍生物?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\2.EXE
木马程序生成以下文件:
1) C:\WINDOWS\WSOCKDRV32.EXE
2) C:\WINDOWS\SYSTEM32\WSOCKDRV32.DLL
是否删除木马程序及其衍生物?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\S\3.EXE
木马程序生成以下文件:
1) C:\WINDOWS\MSIMMS32.EXE
2) C:\WINDOWS\SYSTEM32\MSIMMS32.DLL
是否删除木马程序及其衍生物?

显示全部楼层 · 发表于 2008-3-3 15:39:14

毒霸2008 29个。
小红伞：
[0] Archive type: RAR
  --> 1.exe
   [DETECTION] Contains detection pattern of the dropper DR/PSW.OnLineGames.QZL.1
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 8.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.avg
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.406
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.8
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rjh.2
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rti.3
  --> 20.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 21.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
  --> 23.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 24.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 25.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 26.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 27.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 28.exe
   [DETECTION] Is the Trojan horse TR/BHO.aya.1
  --> 29.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 31.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [WARNING] The file was ignored!

显示全部楼层 · 发表于 2008-3-3 18:06:34

SEP MISS

显示全部楼层 · 发表于 2008-3-3 18:18:21

Begin scan in 'F:\s.rar'
F:\s.rar
  [0] Archive type: RAR
  --> 1.exe
   [DETECTION] Contains detection pattern of the dropper DR/PSW.OnLineGames.QZL.1
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 8.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.avg
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.406
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.8
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rjh.2
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rti.3
  --> 20.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 21.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
  --> 23.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 24.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 25.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 26.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 27.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 28.exe
   [DETECTION] Is the Trojan horse TR/BHO.aya.1
  --> 29.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 31.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    A backup was created as '483dd161.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

End of the scan: 2008年3月3日  18:21
Used time: 00:38 min

The scan has been done completely.

   0 Scanning directories
   31 Files were scanned
   28 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

[已鉴定] Avast报毒网.

72/29