8个

显示全部楼层 · 发表于 2008-3-20 19:51:36

Win32:OnLineGames-BUV [Trj] 6.exe
Win32:Trojan-gen {Other} ravmon.exe
Win32:Apher-U [Trj] vip.exe
Win32:OnLineGames-BGD [Trj] jz.exe

显示全部楼层 · 发表于 2008-3-20 19:55:30

Starting the file scan:

Begin scan in 'D:\08.rar'
D:\08.rar
  [0] Archive type: RAR
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> ravmon.exe
   [DETECTION] Is the Trojan horse TR/Click.Agent.RU
  --> vip.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ppu
  --> installCodec.exe
   [DETECTION] Is the Trojan horse TR/Dldr.FraudLoad.AX.5
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> my.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.tct
  --> jz.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.F
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2008-3-20 19:58:39

Access to the data has been denied!
Warning: A virus or unwanted program has been found in the HTTP Data.

Requested URL: http://bbs.kafan.cn/attachment.php?aid=222640
Information: Is the Trojan horse TR/Rootkit.Gen

--------------------------------------------------------------------------------
Generated by AntiVir WebGuard 8.0.10.0, AVE 8.1.0.19, VDF 7.0.3.58

显示全部楼层 · 发表于 2008-3-20 20:06:36

信息 2008-03-20  20:06:30 您此次查毒清除了5个病毒
信息 2008-03-20  20:06:30 您此次查毒共查出5个病毒以及危险代码
信息 2008-03-20  20:06:30 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件11个
信息 2008-03-20  20:06:30 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-03-20  20:06:30 D:\Desktop\08.rar\jz.exe Win32.Troj.AgentT.fm.14452 清除成功
病毒 2008-03-20  20:06:30 D:\Desktop\08.rar\my.exe Win32.PSWTroj.OnLineGames.15467 清除成功
病毒 2008-03-20  20:06:30 D:\Desktop\08.rar\vip.exe Win32.PSWTroj.OnLineGames.98304 清除成功
病毒 2008-03-20  20:06:30 D:\Desktop\08.rar\ravmon.exe Win32.Troj.VcingDown.a.40960 清除成功
病毒 2008-03-20  20:06:30 D:\Desktop\08.rar\6.exe Win32.PSWTroj.OnLineGames.303104 清除成功

显示全部楼层 · 发表于 2008-3-20 20:14:35

病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.DL.Win32.Small.tnh
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.GameOL.mmt
病毒： Trojan.PSW.Win32.ZeroOnline.dc

显示全部楼层 · 发表于 2008-3-20 20:22:15

C:\Documents and Settings\Administrator\桌面\08.rar>>1.exe Heuri.Possible/Packed 启发式扫描还未处理
C:\Documents and Settings\Administrator\桌面\08.rar>>6.exe TrojanPSW.OnLineGames.khm.uais 木马还未处理
C:\Documents and Settings\Administrator\桌面\08.rar>>jz.exe TrojanPSW.OnLineGames.lhc.oahj 木马还未处理
C:\Documents and Settings\Administrator\桌面\08.rar>>my.exe TrojanPSW.OnLineGames.tct.ajjd 木马还未处理
C:\Documents and Settings\Administrator\桌面\08.rar>>ravmon.exe Adware.Clicker.gki.dumj 广告程序还未处理
C:\Documents and Settings\Administrator\桌面\08.rar>>vip.exe TrojanPSW.OnlineGames.GEN.gugq 木马还未处理

显示全部楼层 · 发表于 2008-3-20 20:38:44

D:\firefox download\08.rar » RAR » 6.exe - probably a variant of Win32/PSW.OnLineGames.MUG trojan
D:\firefox download\08.rar » RAR » ravmon.exe » FSG v2.0 - is OK
D:\firefox download\08.rar » RAR » log.exe - is OK
D:\firefox download\08.rar » RAR » vip.exe - Win32/TrojanDownloader.Small.NZS trojan
D:\firefox download\08.rar » RAR » installCodec.exe - is OK
D:\firefox download\08.rar » RAR » 1.exe - probably a variant of Win32/Genetik trojan
D:\firefox download\08.rar » RAR » my.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\firefox download\08.rar » RAR » jz.exe - Win32/PSW.OnLineGames.FDY trojan
D:\firefox download\08.rar:Zone.Identifier - is OK

显示全部楼层 · 发表于 2008-3-20 20:42:12

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.DL.Win32.Small.tnh
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.GameOL.mmt
病毒： Trojan.PSW.Win32.ZeroOnline.dc

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.36.32

显示全部楼层 · 发表于 2008-3-20 20:56:05

ArcaMicroScan - Scanning report [2008.03.20 20:55:27]
Base date : 2008.03.19 18:45:56

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:6.exe<UPack>:6.exe <- Trojan.Psw.Onlinegames.Isb : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:6.exe<UPack>:6.exe<DLLRES>:res0.exe<UPack>:res0.exe <- Trojan.Psw.Onlinegames.Kmb : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:ravmon.exe<FSG>:ravmon.exe <- Trojan.Clicker.Agent.Ru : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:vip.exe<UPack>:vip.exe <- Trojan.Psw.Onlinegames.Ppu : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:vip.exe<UPack>:vip.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Ppu : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:vip.exe<UPack>:vip.exe<DLLRES>:res1.exe <- Trojan.Downloader.Small.Hzk : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:installCodec.exe <- Trojan.Downloader.Fraudload.Ax : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:1.exe<UPack>:1.exe <- Trojan.Psw.Onlinegames.Dxr : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:my.exe <- Trojan.Psw.Onlinegames.Tct : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:jz.exe<UPack>:jz.exe <- Trojan.Psw.Onlinegames.Oeg : Cleaning -> No action
C:\Documents and Settings\All Users\Documents\Test\08.rar<RAR>:jz.exe<UPack>:jz.exe<DLLRES>:MUSIC0.exe <- Trojan.Psw.Onlinegames.Oef : Cleaning -> No action

Scanned objects : 22

Infected objects : 11

显示全部楼层 · 发表于 2008-3-20 20:56:58

Scan started: 2008-3-20, 20:56:17
---------------------------------------------------------------------
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\08.rar->6.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\08.rar->1.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\08.rar->my.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\08.rar->jz.exe

---------------------------------------------------------------------
Scan ended: 2008-3-20, 20:56:21
Duration: 0:00:03

[病毒样本] 8个

本帖子中包含更多资源

5

13/5

浏览过的版块