53只

显示全部楼层 · 发表于 2008-3-9 19:15:23

信息 1984-03-09  19:15:10 您此次查毒清除了45个病毒
信息 1984-03-09  19:15:10 您此次查毒共查出45个病毒以及危险代码
信息 1984-03-09  19:15:10 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件90个
信息 1984-03-09  19:15:10 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-3-9 19:32:00

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.mgh
病毒： Trojan.PSW.Win32.GamesOnline.qc
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Worm.Win32.PaBug.gew
病毒： Trojan.PSW.Win32.SunOnline.mr
病毒： Trojan.PSW.Win32.SunOnline.mq
病毒： Trojan.PSW.Win32.GamesOnline.pt
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.GameOL.min
病毒： Worm.Win32.PaBug.gew
病毒： Trojan.PSW.Win32.GamesOnline.oz
病毒： Trojan.PSW.Win32.GamesOnline.pc
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GamesOnline.pr
病毒： Trojan.PSW.Win32.LMir.yzr
病毒： Trojan.PSW.Win32.SO2Game.n
病毒： Trojan.PSW.Win32.SO2Game.k
病毒： Trojan.PSW.Win32.GameOL.mge
病毒： Trojan.PSW.Win32.SO2Game.o
病毒： Trojan.PSW.Win32.SunOnline.mr
病毒： Trojan.PSW.Win32.SunOnline.mq
病毒： Trojan.PSW.Win32.SO2Game.i
病毒： Trojan.PSW.Win32.SO2Game.m

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.34.62

显示全部楼层 · 发表于 2008-3-9 22:04:20

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa1.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa2.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa3.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa5.exe<UPX>:aa5.exe<DLLRES>:DATEINFO0.exe <- Trojan.Spy.Agent.Blw : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa7.exe<UPX>:aa7.exe<DLLRES>:DATEINFO0.exe <- Trojan.Psw.Onlinegames.Rxpr : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa8.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa10.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa11.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa13.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa14.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa15.exe <- Trojan.Psw.Qqpass.Bbs : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa17.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa18.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa19.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa20.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa22.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa23.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa24.exe <- Heur.Win32.I : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:oubhpuywow.dll <- Trojan.Spy.Agent.Blw : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:pahzij.dll <- Trojan.Psw.Onlinegames.Sus : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:rwdkwchzx.dll <- Trojan.Psw.Onlinegames.Rxpr : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:tsqc.dll <- Trojan.Psw.Onlinegames.Rxoy : No action

Scanned objects : 114

Infected objects : 22

显示全部楼层 · 发表于 2008-3-9 22:05:54

[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa1.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa2.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa3.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa4.exe
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->Ns_Sys55.Sys
[Found security risk] <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa6.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa9.exe
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa11.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa12.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa13.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa14.exe->(UPack)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa15.exe->(UPX)
[Found security risk] <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa16.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa17.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa19.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa21.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa22.exe->(UPack)
[Found security risk] <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa26.exe->(UPack)
[Found password stealer] <W32/Legendmir.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->608769MM.DLL
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->duygnef.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->ijougiemnaw.dll->(UPack)
[Found possible virus] <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->jouantydj.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->kiluw.dll->(UPack)
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->MsIMMs32.dll
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->msosdohs00.dll
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->msosmhfp00.dll
[Found possible virus] <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->oubhpuywow.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->pahzij.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->r2.dll->(UPack)
[Found possible virus] <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->rwdkwchzx.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->tsqc.dll->(UPack)
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->upxdnd.dll
[Warning] <Could not open file> C:\Documents and Settings\All Users\Documents\Test\样本.rar.part

---------------------------------------------------------------------
Scan ended: 2008-3-9, 22:05:05
Duration: 0:00:26

Scan result:

Scanned files:    6
Infected objects:    32
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-3-9 22:29:29

FS 52个

显示全部楼层 · 发表于 2008-3-9 23:40:28

sophos全殺

显示全部楼层 · 发表于 2008-3-10 00:15:30

已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.gzv 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/zjydcx.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tde 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa1.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tde 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa2.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tlt 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa3.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tea 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa4.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.bcg 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/Ns_Sys55.Sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rkf 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa5.exe
已刪除: 特洛伊木馬程式 Trojan.Win32.Vaklik.qc 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa6.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rkf 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa7.exe
已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.bai 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa8.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.teb 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa9.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tad 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa10.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Lmir.bpv 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa11.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tgb 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa12.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rxps 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa13.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tct 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa14.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.bbs 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa15.exe//UPX
已刪除: 特洛伊木馬程式 Trojan.Win32.KillAV.pg 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa16.exe//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.sem 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa17.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.azw 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa18.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tct 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa19.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tik 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa20.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tim 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa21.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.sem 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa22.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tad 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa23.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.bai 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa24.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rkf 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa25.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tcr 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/aa26.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tdd 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/608769MM.DLL
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tcq 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/AVPSrv.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tho 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/cedafb.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tlu 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/cmdbcs.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tjr 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/DbgHlp32.dlL
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rxpg 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/duygnef.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tad 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/hfrdzx.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.svi 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/hhrdxd.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tlv 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/ijougiemnaw.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Nilage.ccw 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/jouantydj.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tfy 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/kiluw.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tim 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/Kvsc3.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tip 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/MsIMMs32.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Agent.jxv 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/msosdohs00.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tjq 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/msosmhfp00.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Agent.blw 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/oubhpuywow.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.sus 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/pahzij.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tlw 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/r2.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rxpr 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/rwdkwchzx.dll//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.hkh 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/sgrefg.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.stm 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/tsqc.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tlp 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/upxdnd.dll
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tgb 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/WSockDrv32.dll
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.hki 檔案: C:\Documents and Settings\kato9096\桌面\215586.rar/wyrsdj.dll//UPack

52，已上报？？不上报了．．

显示全部楼层 · 发表于 2008-3-10 02:46:33

antivir v8

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\样本'
C:\Documents and Settings\Administrator\My Documents\样本\
  608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [NOTE]    The file was deleted!
  aa1.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '480530c7.qua'!
  aa10.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa11.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [NOTE]    The file was deleted!
  aa12.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa13.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rxqe
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa14.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  aa15.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.Steal.44653
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa16.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa17.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnLin.8918.A
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa18.exe
   [DETECTION] Is the Trojan horse TR/BHO.azw.21
   [NOTE]    The file was deleted!
  aa19.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
         [3] Archive type: RSRC
         --> Object
         --> Object
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    The file was deleted!
  aa2.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '480630c7.qua'!
  aa20.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa21.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa22.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnLin.8918.A
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa23.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa24.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa25.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
   [NOTE]    The file was deleted!
  aa26.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa3.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  aa4.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
   [NOTE]    The file was deleted!
  aa5.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
   [NOTE]    The file was deleted!
  aa6.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Onlinegames.NSR
   [NOTE]    The file was deleted!
  aa7.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
   [NOTE]    The file was deleted!
  aa8.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa9.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  AVPSrv.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '482430bd.qua'!
  cedafb.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  cmdbcs.dll
   [DETECTION] Is the Trojan horse TR/Onlinegames.NSR
   [NOTE]    The file was deleted!
  DbgHlp32.dlL
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '483b30c9.qua'!
  duygnef.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnLin.8918.A
   [NOTE]    The file was deleted!
  hfrdzx.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  hhrdxd.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  ijougiemnaw.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  jouantydj.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  kiluw.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  Kvsc3.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '484730dd.qua'!
  MsIMMs32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '481d30da.qua'!
  msosdohs00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  msosmhfp00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  Ns_Sys55.Sys
   [DETECTION] Is the Trojan horse TR/PSW.Steal.44653
   [NOTE]    The file was deleted!
  Nv_Win3s.Jmp
  oubhpuywow.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  pahzij.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rxqe
   [NOTE]    The file was deleted!
  r2.dll
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      --> Object
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    The file was deleted!
  rwdkwchzx.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  sgrefg.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  tsqc.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnLin.8918.A
   [NOTE]    The file was deleted!
  upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
   [NOTE]    The file was deleted!
  WSockDrv32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '484330bb.qua'!
  wyrsdj.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  zjydcx.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!

End of the scan: 2008年3月9日  10:46
Used time: 00:06 min

The scan has been done completely.

   1 Scanning directories
   53 Files were scanned
   38 viruses and/or unwanted programs were found
   14 Files were classified as suspicious:
   45 files were deleted
   0 files were repaired
   7 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   15 Files not concerned
   0 Archives were scanned
   4 Warnings
   52 Notes

显示全部楼层 · 发表于 2008-3-10 07:17:41

小红伞干掉52个

显示全部楼层 · 发表于 2008-3-10 08:53:31

红伞 35个。呵呵呵。

[病毒样本] 53只

109/43

浏览过的版块