amazing的教育网

显示全部楼层 · 发表于 2008-3-5 16:53:55

deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ryh File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\1.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.sem File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\10.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxpq File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\11.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ryp File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\13.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxps File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\14.exe//PE_Patch//UPack
deleted: Trojan program Trojan.Win32.Vaklik.ot File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\15.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxps File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\16.exe//PE_Patch//UPack
deleted: Trojan program Trojan.Win32.BHO.bai File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\17.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rwl File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\18.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxs File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\2.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxps File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\20.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxqc File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\21.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxps File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\22.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ssq File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\23.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.sss File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\24.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.sem File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\25.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Dropper.Win32.Mudrop.eo File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\26.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxps File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\3.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.sqz File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\4.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rwl File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\5.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Lmir.bpv File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\7.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rwu File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\8.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pnd File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\9.exe//UPack
deleted: virus Heur.Invader (modification) File: C:\Documents and Settings\swans\×ÀÃæ\0305.rar/0305\sysupdate.exe//FSG

显示全部楼层 · 发表于 2008-3-5 17:02:04

AntiVir PersonalEdition Premium
Report file date: 2008年3月5日  16:59

Scanning for 1132684 virus strains and unwanted programs.

Licensed to:
Serial number:
Platform:       Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:
Computer name:

Version information:
BUILD.DAT : 308          17199 Bytes 2007-9-19 13:44:00
AVSCAN.EXE : 7.0.6.1    290856 Bytes 2007-8-23 06:16:29
AVSCAN.DLL : 7.0.6.0    49192 Bytes 2007-8-16 05:23:51
LUKE.DLL    : 7.0.5.3    147496 Bytes 2007-8-14 08:32:47
LUKERES.DLL  : 7.0.6.1    10280 Bytes 2007-8-21 05:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-7-18 07:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes  2007-12-14 07:38:59
ANTIVIR2.VDF : 7.0.2.181 1993728 Bytes 2008-2-24 07:38:59
ANTIVIR3.VDF : 7.0.2.231 167424 Bytes 2008-3-4 07:35:26
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 2008-3-2 07:39:00
AVWINLL.DLL  : 1.0.0.7    14376 Bytes 2007-2-26 03:36:26
AVPREF.DLL : 7.0.2.2    25640 Bytes 2007-7-18 00:39:17
AVREP.DLL : 7.0.0.1    155688 Bytes 2007-4-16 06:16:24
AVPACK32.DLL : 7.6.0.3    360488 Bytes 2008-3-2 07:39:00
AVREG.DLL : 7.0.1.6    30760 Bytes 2007-7-18 00:17:06
AVARKT.DLL : 1.0.0.20    278568 Bytes 2007-8-28 05:26:33
AVEVTLOG.DLL : 7.0.0.20    86056 Bytes 2007-7-18 00:10:18
NETNT.DLL : 7.0.0.0       7720 Bytes 2007-3-8 04:09:42
RCIMAGE.DLL  : 7.0.1.30 2576424 Bytes 2007-8-7 05:51:06
RCTEXT.DLL : 7.0.62.0    86056 Bytes 2007-8-21 06:03:18
SQLITE3.DLL  : 3.3.17.1    339968 Bytes 2007-7-23 02:37:21

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\Entropy\LOCALS~1\Temp\3d8868b9.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: 2008年3月5日  16:59

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Entropy\桌面\0305.rar'
C:\Documents and Settings\Entropy\桌面\0305.rar
  [0] Archive type: RAR
  --> 0305\1.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.djg.1
  --> 0305\10.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 0305\11.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 0305\12.exe
   [DETECTION] Is the Trojan horse TR/CrashSystem.C
  --> 0305\13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ryp.2
  --> 0305\14.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 0305\15.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.442
  --> 0305\16.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 0305\17.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 0305\18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.seu.2
  --> 0305\2.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
  --> 0305\20.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 0305\21.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 0305\22.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 0305\23.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12342.2
  --> 0305\24.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12143
  --> 0305\25.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.sqb
  --> 0305\26.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Adload.MG.8
  --> 0305\4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.sqz.3
  --> 0305\5.exe
   [DETECTION] Is the Trojan horse TR/PSW.Wow.acd
  --> 0305\7.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 0305\8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rwu.2
  --> 0305\9.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pne.8
  --> 0305\sysupdate.exe
   [DETECTION] Is the Trojan horse TR/Agent.2433
   [WARNING] The file was ignored!

End of the scan: 2008年3月5日  17:00
Used time: 00:13 min

The scan has been done completely.

   0 Scanning directories
   26 Files were scanned
   23 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-5 17:38:55

一点击下载，8.0.0.268报毒，文件包含特洛伊程序。

显示全部楼层 · 发表于 2008-3-5 17:39:46

扫描报告
2008年3月5日 17:38:08 - 17:38:10
计算机名称: CCW-PC
扫描类型: 扫描指定目标
目标: E:\Downloads\0305.rar

--------------------------------------------------------------------------------

结果: 发现23个恶意软件
Trojan-PSW.Win32.OnLineGames.ryh (病毒)
E:\Downloads\0305.rar\0305\1.exe
Trojan-PSW.Win32.OnLineGames.sem (病毒)
E:\Downloads\0305.rar\0305\10.exe
E:\Downloads\0305.rar\0305\25.exe
Trojan-PSW.Win32.OnLineGames.rxpq (病毒)
E:\Downloads\0305.rar\0305\11.exe
Trojan-PSW.Win32.OnLineGames.ryp (病毒)
E:\Downloads\0305.rar\0305\13.exe
Trojan-PSW.Win32.OnLineGames.rxps (病毒)
E:\Downloads\0305.rar\0305\14.exe
E:\Downloads\0305.rar\0305\16.exe
E:\Downloads\0305.rar\0305\20.exe
E:\Downloads\0305.rar\0305\22.exe
E:\Downloads\0305.rar\0305\3.exe
Trojan.Win32.Vaklik.ot (病毒)
E:\Downloads\0305.rar\0305\15.exe
Trojan.Win32.BHO.bai (病毒)
E:\Downloads\0305.rar\0305\17.exe
Trojan-PSW.Win32.OnLineGames.rwl (病毒)
E:\Downloads\0305.rar\0305\18.exe
E:\Downloads\0305.rar\0305\5.exe
Trojan-PSW.Win32.OnLineGames.rxs (病毒)
E:\Downloads\0305.rar\0305\2.exe
Trojan-PSW.Win32.OnLineGames.rxqc (病毒)
E:\Downloads\0305.rar\0305\21.exe
Trojan-PSW.Win32.OnLineGames.ssq (病毒)
E:\Downloads\0305.rar\0305\23.exe
Trojan-PSW.Win32.OnLineGames.sss (病毒)
E:\Downloads\0305.rar\0305\24.exe
Trojan-Dropper.Win32.Mudrop.eo (病毒)
E:\Downloads\0305.rar\0305\26.exe
Trojan-PSW.Win32.OnLineGames.sqz (病毒)
E:\Downloads\0305.rar\0305\4.exe
Trojan-PSW.Win32.Lmir.bpv (病毒)
E:\Downloads\0305.rar\0305\7.exe
Trojan-PSW.Win32.OnLineGames.rwu (病毒)
E:\Downloads\0305.rar\0305\8.exe
Trojan-PSW.Win32.OnLineGames.pnd (病毒)
E:\Downloads\0305.rar\0305\9.exe

--------------------------------------------------------------------------------

统计信息
已扫描:
文件: 26
未扫描: 0
结果:
病毒: 23
间谍软件: 0
可疑对象: 0
危险软件: 0
操作:
已杀毒: 0
已重命名: 0
删除: 0
已隔离: 0
失败: 0
引导区:
已扫描: 0
受感染: 0
可疑对象: 0
已杀毒: 0

显示全部楼层 · 发表于 2008-3-5 17:46:13

我就是教育网

显示全部楼层 · 发表于 2008-3-5 20:05:12

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GamesOnline.oe
病毒： Trojan.PSW.Win32.GamesOnline.oz
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.GameOL.mgn
病毒： Trojan.PSW.Win32.GameOL.min
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mda
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.Win32.VB.yrb
病毒： Trojan.Win32.VB.yra
病毒： Trojan.Win32.VB.yrc
病毒： Trojan.PSW.Win32.XYOnline.acb
病毒： Trojan.PSW.Win32.WoWar.ait
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.GameOL.mdj
病毒： Trojan.DL.Win32.Mnless.zbm

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.34.22

显示全部楼层 · 发表于 2008-3-5 20:11:41

25个

[病毒样本] amazing的教育网

62/22