69个

显示全部楼层 · 发表于 2008-3-28 20:44:56

[ver]
ver=1
1=http://122.224.6.70/aO.exe
2=http://122.224.6.70/a1.exe
3=http://122.224.6.70/a2.exe
4=http://122.224.6.70/a3.exe
5=http://122.224.6.70/a4.exe
6=http://122.224.6.70/a5.exe
7=http://122.224.6.70/a6.exe
8=http://122.224.6.70/a7.exe
9=http://122.224.6.70/a8.exe
10=http://122.224.6.70/a9.exe
11=http://122.224.6.70/a10.exe
12=http://122.224.6.70/a11.exe
13=http://122.224.6.70/a12.exe
14=http://122.224.6.70/a13.exe
15=http://122.224.6.70/a14.exe
16=http://122.224.6.70/a15.exe
17=http://122.224.6.70/a16.exe
18=http://122.224.6.70/a17.exe
19=http://122.224.6.70/a18.exe
20=http://122.224.6.70/a19.exe
21=http://122.224.6.70/a20.exe
22=http://122.224.6.70/a21.exe
23=http://122.224.6.70/a22.exe
24=http://122.224.6.70/a23.exe
25=http://122.224.6.70/a24.exe
26=http://122.224.6.70/a25.exe
27=http://122.224.6.70/a26.exe
28=http://122.224.6.70/a27.exe
29=http://122.224.6.70/a28.exe
30=http://122.224.6.70/a29.exe
31=http://122.224.6.70/a30.exe
32=http://122.224.6.70/a31.exe
33=http://122.224.6.70/avp.exe

复制代码

[ 本帖最后由 promised 于 2008-3-28 20:46 编辑 ]

显示全部楼层 · 发表于 2008-3-28 20:46:45

promised还有多少?

显示全部楼层 · 发表于 2008-3-28 20:47:35

Starting the file scan:
Begin scan in 'C:\Documents and Settings\Administrator\桌面\样本.rar'
C:\Documents and Settings\Administrator\桌面\样本.rar
  [0] Archive type: RAR
  --> tciocp32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> WSockDrv32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> xfgnxfn.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> xgnfn.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> 608769M.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> 608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> AVPSrv.exE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> cmdbcs.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> DbgHlp32.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.602
  --> jaqfsvhx.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> Kvsc3.exE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> LotusHlp.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uff.2
  --> mfchlp32.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> msccrt.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uqy
  --> MsIMMs32.exE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> PTSShell.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> tciocp32.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> WSockDrv32.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> NTDUBECT.EXE
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uvg
  --> WinSys8v.Sys
   [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.36
  --> a0.exe
   [DETECTION] Is the Trojan horse TR/Agent.iqz
  --> a1.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.usl
  --> a5.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.SQL
  --> a6.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a7.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a9.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.SQL
  --> a12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.usl.4
  --> a17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.vxf
  --> a18.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a19.exe
   [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.36
  --> a20.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a21.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a22.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a24.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a25.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> a27.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.sas.1
  --> a28.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> a31.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> ok.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.ivu
  --> mseion.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> msepbe.dll
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
  --> 74552.dat
   [DETECTION] Is the Trojan horse TR/Agent.iqz.1
  --> AVPSrv.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> cmdbcs.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> crugd.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> DbgHlp32.dlL
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.602
  --> dnteh.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> eohsom.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> gnolnait.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.sas.1
  --> hfjg.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> ijougiemnaw.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> Kvsc3.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> lariytrz.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> LotusHlp.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uff.2
  --> mfchlp32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> msccrt.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uqy
  --> MsIMMs32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> msoscqit00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.vxf
  --> msosdohs00.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> msosiocp.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> msosmhfp00.dll
   [DETECTION] Is the Trojan horse TR/PSW.15209
  --> oqnauhc.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> PTSShell.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> rgfjj.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> sfnqpewv.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was deleted!

End of the scan: 星期五 2008年3月28日  20:52
Used time: 00:12 min
The scan has been done completely.
   0 Scanning directories
   71 Files were scanned
   65 viruses and/or unwanted programs were found
   2 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

[ 本帖最后由 nosferatu 于 2008-3-28 20:51 编辑 ]

显示全部楼层 · 发表于 2008-3-28 20:51:06

[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> C:\test\样本\upxdnd.dll
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> C:\test\样本\WSockDrv32.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\xfgnxfn.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\test\样本\xgnfn.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\608769M.exe->(UPack)
[Found password stealer] <W32/Legendmir.A.gen!Eldorado (not disinfectable, generic)> C:\test\样本\608769MM.DLL
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\AVPSrv.exE->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\cmdbcs.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\DbgHlp32.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\jaqfsvhx.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\Kvsc3.exE->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\LotusHlp.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\mfchlp32.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\msccrt.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\MsIMMs32.exE->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\PTSShell.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\tciocp32.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\upxdnd.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\WSockDrv32.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\NTDUBECT.EXE->(UPack)
[Found virus] <W32/InfoStealer!Generic> C:\test\样本\WinSys8v.Sys
[Found possible security risk] <W32/Heuristic-224!Eldorado (not disinfectable)> C:\test\样本\a0.exe->(NSPack)->(PE_Patch)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a1.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a5.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a6.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a7.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a9.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a12.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a17.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a18.exe->(UPack)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> C:\test\样本\a19.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a20.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a21.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a22.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a24.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a25.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a27.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a28.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\a31.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\ok.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\msepbe.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\crugd.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\dnteh.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\test\样本\eohsom.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\test\样本\gnolnait.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\hfjg.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\test\样本\ijougiemnaw.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> C:\test\样本\Kvsc3.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\lariytrz.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> C:\test\样本\LotusHlp.dll
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> C:\test\样本\MsIMMs32.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\msoscqit00.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\msosdohs00.dll->(UPack)
[Found downloader] <W32/Downloader.C.gen!Eldorado (not disinfectable, generic)> C:\test\样本\msosiocp.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\样本\msosmhfp00.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\test\样本\oqnauhc.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> C:\test\样本\PTSShell.dll
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> C:\test\样本\rgfjj.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> C:\test\样本\sfnqpewv.dll

显示全部楼层 · 发表于 2008-3-28 20:51:11

C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » tciocp32.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » upxdnd.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » WSockDrv32.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » xfgnxfn.dll - probably a variant of Win32/PSW.OnLineGames.NHF trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » xgnfn.dll - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 608769M.exe - probably a variant of Win32/PSW.WOW.WU trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 608769MM.DLL - Win32/PSW.Legendmir.NFF trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » AVPSrv.exE - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » cmdbcs.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » DbgHlp32.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » jaqfsvhx.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » Kvsc3.exE - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » LotusHlp.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » mfchlp32.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » msccrt.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » MsIMMs32.exE - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » PTSShell.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » tciocp32.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » upxdnd.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » WSockDrv32.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » NTDUBECT.EXE - a variant of Win32/PSW.OnLineGames.NMO trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » WinSys8v.Sys - Win32/PSW.QQPass.NCZ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a0.exe - Win32/Agent.NOS trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a1.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a5.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a6.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a7.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a9.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a12.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a17.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a18.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a19.exe - Win32/PSW.QQPass.BMD trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a20.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a21.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a22.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a24.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a25.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a27.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a28.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » a31.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » ok.exe - Win32/TrojanDownloader.Agent.NWS trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » mseion.sys - Win32/PSW.OnLineGames.NFC trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » 74552.dat - Win32/Agent.NQM trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » AVPSrv.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » cmdbcs.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » crugd.dll - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » DbgHlp32.dlL - Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » dnteh.dll - probably a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » eohsom.dll - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » gnolnait.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » hfjg.dll - probably a variant of Win32/PSW.OnLineGames.NHF trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » ijougiemnaw.dll - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » Kvsc3.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » lariytrz.dll - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » LotusHlp.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » mfchlp32.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » msccrt.dll - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » MsIMMs32.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » msoscqit00.dll - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » msosdohs00.dll - a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » msosiocp.dll - Win32/TrojanDownloader.Agent.NWS trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » msosmhfp00.dll - a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » oqnauhc.dll - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » PTSShell.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » rgfjj.dll - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\样本.rar » RAR » sfnqpewv.dll - a variant of Win32/PSW.OnLineGames.HCV trojan

显示全部楼层 · 发表于 2008-3-28 20:51:14

显示全部楼层 · 发表于 2008-3-28 21:00:21

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.mru
病毒： Trojan.PSW.Win32.GameOL.mrv
病毒： Trojan.PSW.Win32.GamesOnline.sd
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： Trojan.PSW.Win32.GameOL.miq
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.LMir.yzr
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mta
病毒： Trojan.Win32.Undef.efx
病毒： Trojan.PSW.Win32.QQPass.zfa
病毒： Trojan.PSW.Win32.GameOL.mnp
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： RootKit.Win32.Mnless.km
病毒： Trojan.PSW.Win32.GameOL.mpv
病毒： Trojan.PSW.Win32.GameOL.mnj
病毒： Trojan.PSW.Win32.GameOL.msv
病毒： Trojan.Win32.Undef.eab
病毒： RootKit.Win32.Mnless.jz
病毒： Trojan.PSW.Win32.GameOL.msk
病毒： Trojan.PSW.Win32.SO2Online.bc
病毒： Trojan.PSW.Win32.GamesOnline.ry
病毒： Trojan.PSW.Win32.SunOnline.nf
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mlm
病毒： Trojan.PSW.Win32.SO2Online.bm
病毒： Trojan.PSW.Win32.GameOL.mnq
病毒： Trojan.PSW.Win32.QQGame.gey
病毒： Trojan.PSW.Win32.GameOL.moy

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.37.42

显示全部楼层 · 发表于 2008-3-28 22:10:51

66 to kl

detected: Trojan program Trojan-PSW.Win32.OnLineGames.wjo File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/tciocp32.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wmi File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/upxdnd.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xjm File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/WSockDrv32.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wlp File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/xgnfn.dll//UPack
detected: Trojan program Trojan-PSW.Win32.Lmir.bpv File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/608769M.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rnh File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/608769MM.DLL
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wjm File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/AVPSrv.exE//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wpa File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/cmdbcs.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.vlp File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/DbgHlp32.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xjl File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/jaqfsvhx.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wfb File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Kvsc3.exE//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uff File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/LotusHlp.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xjn File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/mfchlp32.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ucj File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/msccrt.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wek File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/MsIMMs32.exE//UPack//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wjf File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/PTSShell.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wjo File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/tciocp32.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wmi File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/upxdnd.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xjm File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/WSockDrv32.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uvg File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/NTDUBECT.EXE//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.QQPass.bmd File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/WinSys8v.Sys
detected: Trojan program Trojan.Win32.Agent.iqz File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a0.exe//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.usl File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a1.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uir File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a5.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a6.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a7.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uir File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a9.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.usl File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a12.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.vww File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a17.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a18.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.QQPass.bmd File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a19.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uir File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a20.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a21.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.vdr File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a22.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a24.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.vdr File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a25.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rri File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a27.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wpc File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a28.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/a31.exe//PE_Patch//UPack
detected: Trojan program Trojan-Downloader.Win32.Small.ivu File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/ok.exe//PE_Patch//UPack
detected: Trojan program Trojan.Win32.Agent.iqz File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/74552.dat//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.unx File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/eohsom.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rua File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/gnolnait.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uny File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/ijougiemnaw.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wfb File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/Kvsc3.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uff File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/LotusHlp.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xjn File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/mfchlp32.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.uqy File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/msccrt.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.vxf File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/msoscqit00.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wct File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/oqnauhc.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wpn File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/PTSShell.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xjl File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾.rar/sfnqpewv.dll

显示全部楼层 · 发表于 2008-3-29 00:14:23

信息 2008-03-29  00:14:21 您此次查毒清除了55个病毒
信息 2008-03-29  00:14:21 您此次查毒共查出55个病毒以及危险代码
信息 2008-03-29  00:14:21 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件120个
信息 2008-03-29  00:14:21 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-3-29 00:37:24

费尔66个！

[病毒样本] 69个

本帖子中包含更多资源

59

66个，其余的TO EVL

本帖子中包含更多资源

141/63