14PCS

显示全部楼层 · 发表于 2008-3-23 22:25:15

14
14.rar » RAR » qq.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 2.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 7sa.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
14.rar » RAR » 19.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
14.rar » RAR » 29.exe - probably unknown NewHeur_PE virus
14.rar » RAR » 3.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 8.exe - a variant of Win32/PSW.QQPass.NCZ trojan
14.rar » RAR » 21.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » hh.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
14.rar » RAR » 12.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 6.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 18.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 22.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
14.rar » RAR » 33.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan

显示全部楼层 · 发表于 2008-3-23 22:25:33

Starting the file scan:

Begin scan in 'E:\AVIRA\14.rar'
E:\AVIRA\14.rar
  [0] Archive type: RAR
  --> qq.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 7sa.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 19.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 29.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 8.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 21.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> hh.exe
   [DETECTION] Is the Trojan horse TR/VB.cjq
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uyh
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 22.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 33.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.597
   [WARNING] The file was ignored!

End of the scan: 2008年3月23日  22:27
Used time: 00:33 min

The scan has been done completely.

   0 Scanning directories
   15 Files were scanned
   11 viruses and/or unwanted programs were found
   3 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   4 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-23 22:26:59

信息 2008-03-23  22:26:51 您此次查毒清除了12个病毒
信息 2008-03-23  22:26:51 您此次查毒共查出12个病毒以及危险代码
信息 2008-03-23  22:26:51 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件29个
信息 2008-03-23  22:26:51 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-03-23  22:26:51 D:\Desktop\14.rar\33.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-23  22:26:51 D:\Desktop\14.rar\22.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-23  22:26:51 D:\Desktop\14.rar\18.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\6.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\12.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\hh.exe Win32.Troj.OnlineGameT.lf.94208 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\8.exe Win32.PSWTroj.QQPass.106616 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\3.exe Win32.Troj.OnlineGamesT.ee.94208 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\19.exe Win32.Troj.OnlineGameT.lf.94208 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\7sa.exe Win32.Troj.OnlineGameT.lf.94208 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\2.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-23  22:26:50 D:\Desktop\14.rar\qq.exe Win32.Troj.OnlineGamesT.e.94315 清除成功

显示全部楼层 · 发表于 2008-3-23 22:37:01

显示全部楼层 · 发表于 2008-3-24 00:27:42

---------------------------------------------------------------------

[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->qq.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->2.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->7sa.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->19.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->3.exe->(UPack)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> C:\14.rar->8.exe->(UPX)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->21.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->hh.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->12.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->6.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->18.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->22.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\14.rar->33.exe
[Contains infected objects] C:\14.rar
[Quarantined] C:\14.rar->33.exe

---------------------------------------------------------------------
Scan ended: 2008-3-24, 00:27:02
Duration: 00:00:10

Scan result:

Scanned files:    1
Infected objects:    13
Disinfected objects:    0
Quarantined files:    1
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-3-24 13:06:04

E:\VIRUS\14.rar>>qq.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>2.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>7sa.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
E:\VIRUS\14.rar>>19.exe Heuri.Suspicious.ERNM 启发式扫描还未处理
E:\VIRUS\14.rar>>29.exe W32.Generic.worm.jhho 病毒还未处理
E:\VIRUS\14.rar>>3.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>8.exe TrojanPSW.QQPass.zfd.vmcc 木马还未处理
E:\VIRUS\14.rar>>21.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>hh.exe TrojanPSW.GameOL.mpc.larn 木马还未处理
E:\VIRUS\14.rar>>12.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>6.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>18.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>22.exe W32.Viking.k 病毒还未处理
E:\VIRUS\14.rar>>33.exe W32.Viking.k 病毒还未处理

显示全部楼层 · 发表于 2008-3-24 13:10:02

在 C:\Documents and Settings\Administrator\桌面\14.rar->33.exe 中发现 Trojan/PSW.OnLineGames.yhx 病毒, 已删除

显示全部楼层 · 发表于 2008-3-24 16:57:12

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wen 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/qq.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.weh 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/2.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wdh 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/7sa.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.weg 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/19.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wej 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/29.exe//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wek 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/3.exe//UPack//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wel 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/8.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wei 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/21.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wem 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/hh.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uyi 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/12.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vwr 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/6.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wef 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/18.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vpr 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/22.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uyw 檔案: C:\Documents and Settings\kato9096\桌面\14.rar/33.exe//UPack

14

显示全部楼层 · 发表于 2008-3-24 16:59:34

deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wen File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/qq.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.weh File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/2.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wdh File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/7sa.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.weg File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/19.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wej File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/29.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wek File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/3.exe//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wel File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/8.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wei File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/21.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wem File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/hh.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uyi File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/12.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vwr File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/6.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wef File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/18.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vpr File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/22.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uyw File: C:\Documents and Settings\Administrator\×ÀÃæ\14.rar/33.exe//UPack

[病毒样本] 14PCS

本帖子中包含更多资源

14

本帖子中包含更多资源

14

1