20个

显示全部楼层 · 发表于 2008-3-29 13:47:13

[ver]
ver=1
1=http://c1.aishangai.net/1.exe
2=http://c1.aishangai.net/2.exe
3=http://c1.aishangai.net/3.exe
4=http://c1.aishangai.net/4.exe
5=http://c1.aishangai.net/5.exe
6=http://c1.aishangai.net/6.exe
7=http://c1.aishangai.net/7.exe
8=http://c1.aishangai.net/8.exe
9=http://c1.aishangai.net/9.exe
10=http://c2.aishangai.net/10.exe
11=http://c2.aishangai.net/11.exe
12=http://c2.aishangai.net/12.exe
13=http://c2.aishangai.net/13.exe
14=http://c2.aishangai.net/14.exe
15=http://c2.aishangai.net/15.exe
16=http://c2.aishangai.net/16.exe
17=http://c2.aishangai.net/17.exe
18=http://c2.aishangai.net/18.exe
19=http://c2.aishangai.net/19.exe
20=http://c2.aishangai.net/20.exe
21=http://c3.aishangai.net/21.exe
22=http://c3.aishangai.net/22.exe
23=http://c3.aishangai.net/23.exe
24=http://c3.aishangai.net/24.exe
25=http://c3.aishangai.net/25.exe
26=http://c3.aishangai.net/26.exe
27=http://c3.aishangai.net/27.exe
28=http://c3.aishangai.net/28.exe
29=http://c3.aishangai.net/29.exe
30=http://c3.aishangai.net/30.exe
31=http://c3.aishangai.net/31.exe
32=http://c3.aishangai.net/32.exe
33=http://c3.aishangai.net/33.exe
34=http://c3.aishangai.net/34.exe
35=http://c3.aishangai.net/35.exe
36=http://c3.aishangai.net/36.exe
37=http://c3.aishangai.net/37.exe
38=http://c3.aishangai.net/38.exe

复制代码

[ 本帖最后由 promised 于 2008-3-29 14:04 编辑 ]

显示全部楼层 · 发表于 2008-3-29 13:50:34

18
C:\Documents and Settings\Administrator\桌面\3.rar>>1.exe TrojanDownloader.Nurech.bd.bmqk 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>2.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>3.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>4.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>5.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>6.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>7.exe TrojanPSW.OnLineGames.rri.fccq 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>8.exe TrojanPSW.QQPass.zfd.vmcc 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>9.exe TrojanPSW.OnLineGames.rri.fccq 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>AVPSrv.dll TrojanPSW.OnLineGames.wiy.dyxp.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>bak.css TrojanDownloader.Nurech.bd.bmqk 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>mppds.dll TrojanPSW.SO2Online.bo.rdgz.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>MsIMMs32.dll TrojanPSW.SO2Online.bm.zjje.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>msosdohs00.dll TrojanPSW.GameOL.msv.kcnv.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>msosmhfp00.dll TrojanPSW.GameOL.mnq.vgon.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>NewSys55.Sys PWSteal.QQGame.efpq.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>upxdnd.dll TrojanPSW.GameOL.mrv.ecug.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\3.rar>>win.dll Trojan.KillAV.qe.hlnr.dll 木马还未处理

显示全部楼层 · 发表于 2008-3-29 13:51:03

试试去
顺便抢个沙发

显示全部楼层 · 发表于 2008-3-29 13:52:48

费尔18，还剩两个dll....

E:\病毒\3.rar>>1.exe       TrojanDownloader.Nurech.bd.bmqk       木马       还未处理
E:\病毒\3.rar>>2.exe       W32.Viking.k       病毒       还未处理
E:\病毒\3.rar>>3.exe       W32.Viking.k       病毒       还未处理
E:\病毒\3.rar>>4.exe       W32.Viking.k       病毒       还未处理
E:\病毒\3.rar>>5.exe       W32.Viking.k       病毒       还未处理
E:\病毒\3.rar>>6.exe       W32.Viking.k       病毒       还未处理
E:\病毒\3.rar>>7.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
E:\病毒\3.rar>>8.exe       TrojanPSW.QQPass.zfd.vmcc       木马       还未处理
E:\病毒\3.rar>>9.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
E:\病毒\3.rar>>AVPSrv.dll       TrojanPSW.OnLineGames.wiy.dyxp.dll       木马       还未处理
E:\病毒\3.rar>>bak.css       TrojanDownloader.Nurech.bd.bmqk       木马       还未处理
E:\病毒\3.rar>>mppds.dll       TrojanPSW.SO2Online.bo.rdgz.dll       木马       还未处理
E:\病毒\3.rar>>MsIMMs32.dll       TrojanPSW.SO2Online.bm.zjje.dll       木马       还未处理
E:\病毒\3.rar>>msosdohs00.dll       TrojanPSW.GameOL.msv.kcnv.dll       木马       还未处理
E:\病毒\3.rar>>msosmhfp00.dll       TrojanPSW.GameOL.mnq.vgon.dll       木马       还未处理
E:\病毒\3.rar>>NewSys55.Sys       PWSteal.QQGame.efpq.dll       木马       还未处理
E:\病毒\3.rar>>upxdnd.dll       TrojanPSW.GameOL.mrv.ecug.dll       木马       还未处理
E:\病毒\3.rar>>win.dll       Trojan.KillAV.qe.hlnr.dll       木马       还未处理

[ 本帖最后由曲中求于 2008-3-29 13:54 编辑 ]

显示全部楼层 · 发表于 2008-3-29 13:54:20

20
C:\3.rar » RAR » msosdohs00.dll - a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\3.rar » RAR » msosmhfp00.dll - a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\3.rar » RAR » upxdnd.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » WSockDrv32.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\3.rar » RAR » NewSys55.Sys - a variant of Win32/PSW.QQPass.NCZ trojan
C:\3.rar » RAR » 1.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\3.rar » RAR » 2.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » 3.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » 4.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » 5.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » 6.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » 7.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\3.rar » RAR » 8.exe - a variant of Win32/PSW.QQPass.NCZ trojan
C:\3.rar » RAR » 9.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\3.rar » RAR » bak.css - a variant of Win32/TrojanDownloader.Agent.NXA trojan
C:\3.rar » RAR » win.dll - Win32/TrojanDownloader.Agent.NXA trojan
C:\3.rar » RAR » AVPSrv.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » mppds.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » MsIMMs32.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\3.rar » RAR » msoscqit00.dll - probably a variant of Win32/PSW.OnLineGames.NMQ trojan

显示全部楼层 · 发表于 2008-3-29 13:57:02

12.

显示全部楼层 · 发表于 2008-3-29 13:57:32

avg75扫描后，只检测出一个，靠！
郁闷ing～～～

显示全部楼层 · 发表于 2008-3-29 13:59:11

信息 2008-03-29  13:56:25 您此次查毒清除了12个病毒
信息 2008-03-29  13:56:25 您此次查毒共查出12个病毒以及危险代码
信息 2008-03-29  13:56:25 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件35个
信息 2008-03-29  13:56:25 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-03-29  13:56:25 D:\Desktop\3.rar\msoscqit00.dll Win32.Troj.OnlineGames.yk.73728 清除成功
病毒 2008-03-29  13:56:25 D:\Desktop\3.rar\MsIMMs32.dll Win32.Troj.OnlineGamesT.FL.32768 清除成功
病毒 2008-03-29  13:56:25 D:\Desktop\3.rar\AVPSrv.dll Win32.Troj.OnlineGamesT.FL.32768 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\bak.css Win32.Troj.DownloadT.iv.69632 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\8.exe Win32.PSWTroj.QQPass.106616 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\6.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\5.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\3.exe Win32.Troj.OnlineGamesT.ee.94208 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\2.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\1.exe Win32.Troj.OnlineGameT.lf.94208 清除成功
病毒 2008-03-29  13:56:24 D:\Desktop\3.rar\NewSys55.Sys Win32.PSWTroj.OnLineGames.44138 清除成功
病毒 2008-03-29  13:56:23 D:\Desktop\3.rar\msosmhfp00.dll Win32.PSWTroj.OnLineGames.94208 清除成功

显示全部楼层 · 发表于 2008-3-29 14:04:21

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\msosdohs00.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\msosmhfp00.dll->(UPack)
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> c:\test\3\upxdnd.dll
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\3\WSockDrv32.dll
[Found virus] <W32/InfoStealer!Generic> c:\test\3\NewSys55.Sys
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\1.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\2.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\3.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\4.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\5.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\6.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\7.exe->(UPack)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> c:\test\3\8.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\9.exe->(UPack)
[Found security risk] <W32/OnlineGames.H.gen!Eldorado (not disinfectable, generic)> c:\test\3\bak.css
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\win.dll->(UPack)
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> c:\test\3\MsIMMs32.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\3\msoscqit00.dll->(UPack)

显示全部楼层 · 发表于 2008-3-29 14:25:00

全灭
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\3'
C:\Documents and Settings\Administrator\My Documents\3\
  1.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.usl
   [NOTE]    The file was deleted!
  2.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  3.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.641
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  4.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  5.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.637
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  6.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  7.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnLi.NMQ.1.A
   [NOTE]    The file was deleted!
  8.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wel
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  9.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4852eeeb.qua'!
  AVPSrv.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.637
   [NOTE]    The file was deleted!
  bak.css
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
         [3] Archive type: RSRC
         --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  mppds.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '485def2d.qua'!
  MsIMMs32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.641
   [NOTE]    The file was deleted!
  msoscqit00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  msosdohs00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLi.NMQ.1.A
   [NOTE]    The file was deleted!
  msosmhfp00.dll
   [DETECTION] Is the Trojan horse TR/PSW.15209
   [NOTE]    The file was deleted!
  NewSys55.Sys
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wel
   [NOTE]    The file was deleted!
  upxdnd.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4865ef2d.qua'!
  win.dll
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  WSockDrv32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '485cef10.qua'!

End of the scan: 2008年3月28日  23:24
Used time: 00:05 min

The scan has been done completely.

   1 Scanning directories
   20 Files were scanned
   15 viruses and/or unwanted programs were found
   5 Files were classified as suspicious:
   16 files were deleted
   0 files were repaired
   4 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   5 Files not concerned
   0 Archives were scanned
   3 Warnings
   20 Notes

[病毒样本] 20个

本帖子中包含更多资源

本帖子中包含更多资源

18