下载者及产物32个

显示全部楼层 · 发表于 2008-3-9 14:07:29

毒霸报sta和产物中的15个。

显示全部楼层 · 发表于 2008-3-9 14:14:59

上面有沒有上报卡巴？？？？

显示全部楼层 · 发表于 2008-3-9 14:33:35

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\STA.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ALL USERS\「开始」菜单\程序\启动\ATISRV.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\USBCAMS3.SYS
是否删除木马程序及其衍生物?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\AVPSRV.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\AVPSRV.EXE
2) C:\WINDOWS.0\SYSTEM32\AVPSRV.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\CMDBCS.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\CMDBCS.EXE
2) C:\WINDOWS.0\SYSTEM32\CMDBCS.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DBGHLP32.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\DBGHLP32.EXE
2) C:\WINDOWS.0\SYSTEM32\DBGHLP32.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\JAQFSVHX.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\KCWRKNHI.EXE
2) C:\WINDOWS.0\SYSTEM32\UNOWIDFN.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\KVSC3.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\KVSC3.EXE
2) C:\WINDOWS.0\SYSTEM32\KVSC3.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\LOTUSHLP.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\LOTUSHLP.EXE
2) C:\WINDOWS.0\SYSTEM32\LOTUSHLP.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\MPPDS.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MPPDS.EXE
2) C:\WINDOWS.0\SYSTEM32\MPPDS.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\MSIMMS32.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MSIMMS32.EXE
2) C:\WINDOWS.0\SYSTEM32\MSIMMS32.DLL
是否删除木马程序及其衍生物?
木马名称:Trojan-PSW.Win32.OnLineGame.irj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TMP21.TMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\A1.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TMP21.TMP
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\A6.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TMP23.TMP
2) C:\WINDOWS.0\SYSTEM32\MSOSDOHS00.DLL
是否删除木马程序及其衍生物?
木马名称:Trojan-PSW.Win32.OnLineGame.irj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TMP25.TMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\A12.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\A16.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SHAPROC.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SHAPROC.EXE
2) C:\WINDOWS.0\SYSTEM32\SHAPROC.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WSOCKDRV32.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\WSOCKDRV32.EXE
2) C:\WINDOWS.0\SYSTEM32\WSOCKDRV32.DLL
是否删除木马程序及其衍生物?

显示全部楼层 · 发表于 2008-3-9 14:34:29

===================================================================================================
On-demand scanner 7.0.0.10

NSE revision 5.91.10
nvcbin.def revision 5.90.00 of 2008/03/07 16:10:27 (1356064 variants)
nvcmacro.def revision 5.90.00 of 2008/02/04 16:47:24 (20430 variants)
Total number of variants: 1376494
===================================================================================================

   Time  Filename                                                    Virus name
---------------------------------------------------------------------------------------------------

- Scanning drive: G:\
- Scanning system areas of drive: G:\
- Scanning files matching: G:\v\sta.rar
   16 ms G:\v\sta.rar : sta.exe                                     Security Risk W32/Suspicious_U.gen ()
- File G:\v\sta.rar quarantined.
      0 ms G:\v\sta.rar
      0 ms G:\v\sta.rar:Zone.Identifier

===================================================================================================

The scanning started: 2008/03/09 14:34:07
            ended: 2008/03/09 14:34:07
Logged on as       : Jason
on hostname       : JASON-PC

Scanning results:
Total number of files found..............................:    3
Number of files scanned..................................:    3
Number of files/directories skipped due to exclude list..:    0
Number of files that could not be opened.................:    0
Number of archive files unpacked.........................:    1
Number of archive files not unpacked.....................:    0
Number of infections.....................................:    1

Copyright (c) 1993-2007 Norman ASA.

显示全部楼层 · 发表于 2008-3-9 14:35:18

===================================================================================================
On-demand scanner 7.0.0.10

NSE revision 5.91.10
nvcbin.def revision 5.90.00 of 2008/03/07 16:10:27 (1356064 variants)
nvcmacro.def revision 5.90.00 of 2008/02/04 16:47:24 (20430 variants)
Total number of variants: 1376494
===================================================================================================

   Time  Filename                                                    Virus name
---------------------------------------------------------------------------------------------------

- Scanning drive: G:\
- Scanning system areas of drive: G:\
- Scanning files matching: G:\v\a.rar
   22 ms G:\v\a.rar : SHAProc.dll                                  Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      2 ms G:\v\a.rar : upxdnd.dll                                     Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : WSockDrv32.dll                               Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
   10 ms G:\v\a.rar : AVPSrv.exE                                     Trojan W32/OnLineGames.ALWP ()
- File G:\v\a.rar quarantined.
   48 ms G:\v\a.rar : cmdbcs.exe                                     Security Risk W32/Suspicious_U.dam ()
- File G:\v\a.rar quarantined.
      5 ms G:\v\a.rar : DbgHlp32.exe                                  Security Risk W32/Suspicious_U.dam ()
- File G:\v\a.rar quarantined.
   16 ms G:\v\a.rar : jaqfsvhx.exe                                  Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      4 ms G:\v\a.rar : Kvsc3.exE                                     Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : LotusHlp.exe                                  Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : mppds.exe                                     Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : MsIMMs32.exE                                  Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : PTSShell.exe                                  Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      4 ms G:\v\a.rar : SHAProc.exe                                  Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      4 ms G:\v\a.rar : upxdnd.exe                                     Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : WSockDrv32.exe                               Virus W32/Viking.EQ ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : a1.exe                                        Security Risk W32/Suspicious_U.gen ()
- File G:\v\a.rar quarantined.
      4 ms G:\v\a.rar : a6.exe                                        Security Risk W32/Suspicious_U.gen ()
- File G:\v\a.rar quarantined.
      2 ms G:\v\a.rar : a12.exe                                        Security Risk W32/Suspicious_U.gen ()
- File G:\v\a.rar quarantined.
   346 ms G:\v\a.rar : msosfpids32.sys
      3 ms G:\v\a.rar : a16.exe                                        Security Risk W32/Suspicious_U.gen ()
- File G:\v\a.rar quarantined.
      4 ms G:\v\a.rar : AVPSrv.dll                                     Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : cmdbcs.dll
      3 ms G:\v\a.rar : DbgHlp32.dlL                                  Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : Kvsc3.dll
      5 ms G:\v\a.rar : LotusHlp.dll                                  Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      4 ms G:\v\a.rar : mppds.dll
      4 ms G:\v\a.rar : MsIMMs32.dll                                  Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : msosdohs00.dll                               Security Risk W32/Suspicious_U.gen ()
- File G:\v\a.rar quarantined.
      2 ms G:\v\a.rar : msosmhfp00.dll                               Security Risk W32/Suspicious_U.gen ()
- File G:\v\a.rar quarantined.
      1 ms G:\v\a.rar : PTSShell.dll                                  Trojan OnLineGames.gen45 ()
- File G:\v\a.rar quarantined.
      3 ms G:\v\a.rar : sfnqpewv.dll
      0 ms G:\v\a.rar
      2 ms G:\v\a.rar:Zone.Identifier

===================================================================================================

The scanning started: 2008/03/09 14:35:01
            ended: 2008/03/09 14:35:03
Logged on as       : Jason
on hostname       : JASON-PC

Scanning results:
Total number of files found..............................:    33
Number of files scanned..................................:    33
Number of files/directories skipped due to exclude list..:    0
Number of files that could not be opened.................:    0
Number of archive files unpacked.........................:    1
Number of archive files not unpacked.....................:    0
Number of infections.....................................:    26

Copyright (c) 1993-2007 Norman ASA.

显示全部楼层 · 发表于 2008-3-9 15:11:52

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.SO2Game.k
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.PSW.Win32.SO2Game.o
病毒： Trojan.PSW.Win32.GameOL.mfk
病毒： Trojan.PSW.Win32.SO2Game.l
病毒： Trojan.PSW.Win32.SO2Game.i
病毒： Trojan.PSW.Win32.SO2Game.m

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.34.60

显示全部楼层 · 发表于 2008-3-9 15:12:15

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.DL.Win32.Mnless.zan

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.34.60

显示全部楼层 · 发表于 2008-3-9 15:19:58

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.SO2Game.l
病毒： Trojan.PSW.Win32.SO2Game.i
病毒： Trojan.PSW.Win32.SO2Game.m
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQGame.GEN
病毒： Trojan.PSW.Win32.SO2Game.k
病毒： Trojan.PSW.Win32.SO2Game.o
病毒： Trojan.PSW.Win32.GameOL.mfk

用户来源：互联网

软件版本：20.34.60
18个
诺顿9个

显示全部楼层 · 发表于 2008-3-9 15:21:37

15+1

信息 2008-03-09  15:20:58 您此次查毒清除了16个病毒
信息 2008-03-09  15:20:58 您此次查毒共查出16个病毒以及危险代码
信息 2008-03-09  15:20:58 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件53个
信息 2008-03-09  15:20:58 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-03-09  15:20:58 D:\Desktop\产物.rar\PTSShell.dll Win32.Troj.OnlineGameT.136192 清除成功
病毒 2008-03-09  15:20:57 D:\Desktop\产物.rar\MsIMMs32.dll Win32.Troj.OnlineGameT.33792 清除成功
病毒 2008-03-09  15:20:57 D:\Desktop\产物.rar\Kvsc3.dll Win32.Troj.OnlineGameT.33792 清除成功
病毒 2008-03-09  15:20:56 D:\Desktop\产物.rar\DbgHlp32.dlL Win32.Troj.OnlineGameT.33792 清除成功
病毒 2008-03-09  15:20:56 D:\Desktop\产物.rar\AVPSrv.dll Win32.Troj.OnlineGameT.33792 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\WSockDrv32.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\upxdnd.exe Win32.Troj.OnlineGamesT.ty.98304 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\PTSShell.exe Win32.Troj.OnlineGamesT.ty.98304 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\MsIMMs32.exE Win32.Troj.OnlineGamesT.kf.106496 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\LotusHlp.exe Win32.Troj.OnlineGamesT.ty.98304 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\Kvsc3.exE Win32.Troj.OnlineGamesT.ty.98304 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\DbgHlp32.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\cmdbcs.exe Win32.Troj.OnlineGamesT.ty.98304 清除成功
病毒 2008-03-09  15:20:55 D:\Desktop\产物.rar\AVPSrv.exE Win32.Troj.OnlineGamesT.ty.98304 清除成功
病毒 2008-03-09  15:20:54 D:\Desktop\产物.rar\SHAProc.dll Win32.Troj.OnlineGameT.33792 清除成功
病毒 2008-03-09  15:20:54 D:\Desktop\sta.rar\sta.exe Win32.PSWTroj.OnLineGames.90112 清除成功

[病毒样本] 下载者及产物32个

59/17

3/1