57个

显示全部楼层 · 发表于 2008-3-29 14:08:17

[CONTROL]
VERSION=2008-2-3
[DOWN]
NEWVERSION=http://cc.fockfock.com/gx.exe
1=http://cc.fockfock.com/mm2/aa1.exe
2=http://cc.fockfock.com/mm2/aa2.exe
3=http://cc.fockfock.com/mm2/aa3.exe
4=http://cc.fockfock.com/mm2/aa4.exe
5=http://cc.fockfock.com/mm2/aa5.exe
6=http://cc.fockfock.com/mm2/aa6.exe
7=http://cc.fockfock.com/mm2/aa7.exe
8=http://cc.fockfock.com/mm2/aa8.exe
9=http://cc.fockfock.com/mm2/aa9.exe
10=http://cc.fockfock.com/mm2/aa10.exe
11=http://cc.fockfock.com/mm2/aa11.exe
12=http://cc.fockfock.com/mm2/aa12.exe
13=http://cc.fockfock.com/mm2/aa13.exe
14=http://cc.fockfock.com/mm2/aa14.exe
15=http://cc.fockfock.com/mm2/aa15.exe
16=http://cc.fockfock.com/mm2/aa16.exe
17=http://cc.fockfock.com/mm2/aa17.exe
18=http://cc.fockfock.com/mm2/aa18.exe
19=http://cc.fockfock.com/mm2/aa19.exe
20=http://cc.fockfock.com/mm2/aa20.exe
21=http://cc.fockfock.com/mm2/aa21.exe
22=http://cc.fockfock.com/mm2/aa22.exe
23=http://cc.fockfock.com/mm2/aa23.exe
24=http://cc.fockfock.com/mm2/aa24.exe
25=http://cc.fockfock.com/mm2/aa25.exe
26=http://cc.fockfock.com/mm2/aa26.exe
27=http://cc.fockfock.com/mm2/aa27.exe
28=http://cc.fockfock.com/mm2/aa28.exe
29=http://cc.fockfock.com/mm2/aa29.exe
30=http://cc.fockfock.com/mm2/aa30.exe
31=http://cc.fockfock.com/mm2/aa31.exe
32=http://cc.fockfock.com/mm2/aa32.exe
33=http://cc.fockfock.com/mm2/aa33.exe
34=http://cc.fockfock.com/mm2/aa34.exe
35=http://cc.fockfock.com/mm2/aa35.exe

复制代码

显示全部楼层 · 发表于 2008-3-29 14:10:49

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\zjydcx.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa1.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa2.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa3.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa4.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa5.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa6.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa7.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa8.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa9.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa10.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa11.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa12.exe->exefile->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa13.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa14.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa15.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa16.exe->(UPack)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> c:\test\样本\aa17.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa18.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa20.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa22.exe->exefile->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa23.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa24.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa25.exe->exefile->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa26.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa27.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa28.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\aa29.exe->(UPack)
[Found possible security risk] <W32/Heuristic-114!Eldorado (damaged, not disinfectable)> c:\test\样本\mm.exe->(NSPack)->(PE_Patch)
[Found virus] <W32/InfoStealer!Generic> c:\test\样本\NewSys55.Sys
[Found password stealer] <W32/Legendmir.A.gen!Eldorado (not disinfectable, generic)> c:\test\样本\608769MM.DLL
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\ayDABDAB1056.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\ayHADHAD1057.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\ayNNBNNB1045.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\cedafb.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\crugd.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\dnteh.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\ektvm.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\fjyjy.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> c:\test\样本\hgfhk.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\hhrdxd.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\jfrwdh.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\jzijj.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\样本\Kvsc3.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\msepbe.dll->(UPack)
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> c:\test\样本\MsIMMs32.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\msosmhfp00.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\msosmnsf00.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\sgrefg.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\wrqszl.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\样本\WSockDrv32.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\wyrsdj.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\样本\zgfdet.dll->(UPack)

显示全部楼层 · 发表于 2008-3-29 14:11:49

信息 2008-03-29  14:11:42 您此次查毒清除了47个病毒
信息 2008-03-29  14:11:42 您此次查毒共查出47个病毒以及危险代码
信息 2008-03-29  14:11:42 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件97个
信息 2008-03-29  14:11:42 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-03-29  14:11:42 D:\Desktop\Ñù±¾.rar\zgfdet.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:42 D:\Desktop\Ñù±¾.rar\wyrsdj.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:41 D:\Desktop\Ñù±¾.rar\wrqszl.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:41 D:\Desktop\Ñù±¾.rar\sgrefg.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:41 D:\Desktop\Ñù±¾.rar\msosmhfp00.dll Win32.PSWTroj.OnLineGames.94208 清除成功
病毒 2008-03-29  14:11:41 D:\Desktop\Ñù±¾.rar\MsIMMs32.dll Win32.Troj.OnlineGamesT.FL.32768 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\mseion.sys Win32.Hack.Mnless.jz.8320 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\Kvsc3.dll Win32.Troj.OnlineGamesT.FL.32768 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\jzijj.dll Win32.Troj.OnlineGames.yf.73728 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\jfrwdh.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\hhrdxd.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\hgfhk.dll Win32.Troj.OnlineGameT.82153 清除成功
病毒 2008-03-29  14:11:40 D:\Desktop\Ñù±¾.rar\fjyjy.dll Win32.Troj.OnlineGameT.82153 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\ektvm.dll Win32.Troj.OnlineGames.yf.73728 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\dnteh.dll Win32.Troj.OnlineGameT.82153 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\DbgHlp32.dlL Win32.PSWTroj.OnLineGames.32256 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\crugd.dll Win32.Troj.OnlineGameT.82153 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\cedafb.dll Win32.Troj.GameonlineT.lf.162536 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\ayNNBNNB1045.dll Win32.Troj.OnlineGameT.69632 清除成功
病毒 2008-03-29  14:11:39 D:\Desktop\Ñù±¾.rar\ayHADHAD1057.dll Win32.Troj.OnlineGameT.69632 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\ayDABDAB1056.dll Win32.Troj.OnlineGameT.69632 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\608769MM.DLL Win32.Troj.MirT.md.48433 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\NewSys55.Sys Win32.PSWTroj.QQPass.44140 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\mm.exe Win32.Troj.OnlineGamesT.90112 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\aa29.exe Win32.Troj.GamesHackT.gu.94304 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\aa28.exe Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\aa27.exe Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\aa26.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\aa25.exe Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-03-29  14:11:38 D:\Desktop\Ñù±¾.rar\aa24.exe Win32.Troj.OnlineGameT.lf.36864 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa22.exe Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa18.exe Win32.Troj.OnlineGameT.lf.36864 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa17.exe Win32.Troj.QQPswT.bs.116858 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa16.exe Win32.Troj.OnlineGamesT.ee.94208 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa15.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa13.exe Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa12.exe Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa11.exe Win32.Troj.LmirT.by.9900 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa10.exe Win32.Troj.OnlineGameT.lf.36864 清除成功
病毒 2008-03-29  14:11:37 D:\Desktop\Ñù±¾.rar\aa9.exe Win32.PSWTroj.OnLineGames.102400 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\aa6.exe Win32.Troj.OnlineGameT.lf.36864 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\aa5.exe Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\aa4.exe Win32.Troj.OnlineGameT.lf.36864 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\aa3.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\aa2.exe Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\aa1.exe Win32.PSWTroj.OnLineGames.94208 清除成功
病毒 2008-03-29  14:11:36 D:\Desktop\Ñù±¾.rar\zjydcx.dll Win32.Troj.GameonlineT.lf.162536 清除成功

显示全部楼层 · 发表于 2008-3-29 14:11:58

看图说话

显示全部楼层 · 发表于 2008-3-29 14:31:48

EAV再差1

2008-3-29 14:25:03 R:\样本.rar 57 56 0 Completed

显示全部楼层 · 发表于 2008-3-29 14:33:27

全灭清空
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\样本'
C:\Documents and Settings\Administrator\My Documents\样本\
  608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [NOTE]    The file was deleted!
  aa1.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.15225
         [WARNING] Infected files in archives cannot be repaired!
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wdi
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa10.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa11.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [NOTE]    The file was deleted!
  aa12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wkm.4
   [NOTE]    The file was deleted!
  aa13.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa14.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa15.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa16.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa17.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
   [NOTE]    The file was deleted!
  aa18.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa2.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa20.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa22.exe
[0] Archive type: OVL
--> Object
--> Object
   [NOTE]    The file was deleted!
  aa23.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '481ff117.qua'!
  aa24.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa25.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12107
   [NOTE]    The file was deleted!
  aa26.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa27.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa28.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa29.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa3.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa4.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa5.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  aa6.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa7.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  aa8.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  aa9.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  AVPSrv.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '483df10d.qua'!
  ayDABDAB1056.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  ayHADHAD1057.dll
   [DETECTION] Is the Trojan horse TR/Agent.7211.1
   [NOTE]    The file was deleted!
  ayNNBNNB1045.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  cedafb.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  crugd.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [NOTE]    The file was deleted!
  DbgHlp32.dlL
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4854f119.qua'!
  dnteh.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [NOTE]    The file was deleted!
  ektvm.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [NOTE]    The file was deleted!
  fjyjy.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [NOTE]    The file was deleted!
  hgfhk.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [NOTE]    The file was deleted!
  hhrdxd.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  jfrwdh.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  jzijj.dll
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [NOTE]    The file was deleted!
  Kvsc3.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4860f12d.qua'!
  mm.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Contains detection pattern of the rootkit RKIT/HideProcess.B
   [NOTE]    The file was deleted!
  mseion.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    The file was deleted!
  msepbe.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  MsIMMs32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4836f12a.qua'!
  msosmhfp00.dll
   [DETECTION] Is the Trojan horse TR/PSW.15225
   [NOTE]    The file was deleted!
  msosmnsf00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  NewSys55.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4864f11c.qua'!
  sgrefg.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  tciocp32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4856f11a.qua'!
  wrqszl.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  WSockDrv32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '485cf10a.qua'!
  wyrsdj.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  zgfdet.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
  zjydcx.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!

End of the scan: 2008年3月28日  23:33
Used time: 00:06 min

The scan has been done completely.

   1 Scanning directories
   57 Files were scanned
   38 viruses and/or unwanted programs were found
   20 Files were classified as suspicious:
   49 files were deleted
   0 files were repaired
   8 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   19 Files not concerned
   0 Archives were scanned
   8 Warnings
   57 Notes

显示全部楼层 · 发表于 2008-3-29 14:34:10

Starting the file scan:

Begin scan in 'D:\样本.rar'
D:\样本.rar
  [0] Archive type: RAR
  --> zjydcx.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> aa1.exe
   [DETECTION] Is the Trojan horse TR/PSW.15225
  --> aa2.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> aa3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa4.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa5.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> aa6.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa7.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa8.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa9.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa10.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa11.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> aa12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wkm.4
  --> aa13.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> aa14.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa15.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa16.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa17.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> aa18.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa20.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa22.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> aa23.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa24.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> aa25.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12107
  --> aa26.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> aa27.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> aa28.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> aa29.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> mm.exe
   [DETECTION] Contains detection pattern of the rootkit RKIT/HideProcess.B
  --> NewSys55.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 608769MM.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> AVPSrv.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ayDABDAB1056.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> ayHADHAD1057.dll
   [DETECTION] Is the Trojan horse TR/Agent.7211.1
  --> ayNNBNNB1045.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> cedafb.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> crugd.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> DbgHlp32.dlL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> dnteh.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> ektvm.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> fjyjy.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> hgfhk.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> hhrdxd.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> jfrwdh.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> jzijj.dll
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> Kvsc3.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> mseion.sys
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> msepbe.dll
   [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/UPACK). Please verify the origin of the file
  --> MsIMMs32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> msosmhfp00.dll
   [DETECTION] Is the Trojan horse TR/PSW.15225
  --> msosmnsf00.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> sgrefg.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> tciocp32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> wrqszl.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> WSockDrv32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> wyrsdj.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> zgfdet.dll
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [WARNING] The file was ignored!

End of the scan: 2008年3月29日  14:35
Used time: 00:20 min

The scan has been done completely.

   0 Scanning directories
   58 Files were scanned
   52 viruses and/or unwanted programs were found
   5 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-29 14:39:17

d:\个人重要资料(勿删)\administrator\桌面\样本.rar->zjydcx.dll                trojan/agent.awsd       2008-3-29 14:37:48 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa1.exe                   trojandropper.agent.kgo 2008-3-29 14:37:48 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa4.exe                   trojan/psw.onlinegames.zlv 2008-3-29 14:37:48 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa5.exe                   trojan/psw.onlinegames.wve 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa6.exe                   trojan/psw.onlinegames.zlv 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa9.exe                   trojan/psw.onlinegames.yzo 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa10.exe                   trojan/psw.onlinegames.tda 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa11.exe                   trojan/psw.lmir.cst       2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa12.exe                   trojan/psw.onlinegames.zrt 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa13.exe                   trojan/psw.onlinegames.zas 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa15.exe                   trojan/psw.onlinegames.yxk 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa16.exe                   trojan/psw.onlinegames.ype 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa18.exe                   trojan/psw.onlinegames.tby 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa23.exe                   trojandropper.agent.kgm 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa24.exe                   trojan/psw.onlinegames.zsd 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa25.exe                   trojan/psw.onlinegames.zve 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa27.exe                   trojan/psw.onlinegames.ztt 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa28.exe                   trojan/agent.aufz       2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aa29.exe                   trojan/agent.aufz       2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->mm.exe                      trojandownloader.small.abqm2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->608769mm.dll                trojan/psw.onlinegames.sjy 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aydabdab1056.dll          trojan/psw.onlinegames.tdo 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->ayhadhad1057.dll          trojan/agent.awqt       2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->aynnbnnb1045.dll          trojan/psw.onlinegames.zuf 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->dbghlp32.dll                trojan/psw.onlinegames.yrr 2008-3-29 14:37:49 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->dnteh.dll                   trojan/psw.gamepass.agzg 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->fjyjy.dll                   trojan/psw.gamepass.agzg 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->hgfhk.dll                   trojan/psw.gamepass.agzg 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->hhrdxd.dll                trojan/agent.awsf       2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->kvsc3.dll                   trojan/psw.onlinegames.yxj 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->mseion.sys                trojan/psw.onlinegames.yiy 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->msimms32.dll                trojan/psw.onlinegames.yxl 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->msosmhfp00.dll             trojan/psw.onlinegames.ysv 2008-3-29 14:37:50 已删除
d:\个人重要资料(勿删)\administrator\桌面\样本.rar->wyrsdj.dll                trojan/agent.awsc       2008-3-29 14:37:50 已删除

显示全部楼层 · 发表于 2008-3-29 14:49:30

诺顿24个

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.mrz
病毒： RootKit.Win32.Mnless.km
病毒： Trojan.PSW.Win32.GameOL.mpx
病毒： RootKit.Win32.Mnless.jz
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.msg
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.SunOnline.nh
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQPass.zfh
病毒： Trojan.PSW.Win32.GameOL.msj
病毒： Trojan.PSW.Win32.GameOL.mqn
病毒： Trojan.PSW.Win32.GameOL.lvx
病毒： Trojan.DL.Win32.Mnless.zbh
病毒： Trojan.PSW.Win32.LMir.yzr
病毒： Trojan.PSW.Win32.GameOL.mqh
病毒： Trojan.PSW.Win32.SO2Online.bc
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： Trojan.PSW.Win32.SunOnline.nf
病毒： Trojan.PSW.Win32.SO2Online.bm
病毒： Trojan.PSW.Win32.GamesOnline.se
病毒： Trojan.PSW.Win32.GameOL.mma

用户来源：互联网

软件版本：20.37.50

46个

显示全部楼层 · 发表于 2008-3-29 19:00:17

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.mrz
病毒： RootKit.Win32.Mnless.km
病毒： Trojan.PSW.Win32.GameOL.mpx
病毒： RootKit.Win32.Mnless.jz
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.msg
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.SunOnline.nh
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQPass.zfh
病毒： RootKit.Win32.Undef.ec
病毒： Trojan.PSW.Win32.GameOL.msj
病毒： Trojan.PSW.Win32.GameOL.mqn
病毒： Trojan.PSW.Win32.GameOL.lvx
病毒： Trojan.DL.Win32.Mnless.zbh
病毒： Trojan.PSW.Win32.LMir.yzr
病毒： Trojan.PSW.Win32.GameOL.mqh
病毒： Trojan.PSW.Win32.GameOL.mtd
病毒： Trojan.PSW.Win32.SO2Online.bc
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： Trojan.PSW.Win32.SunOnline.nf
病毒： Trojan.PSW.Win32.SO2Online.bm
病毒： Trojan.PSW.Win32.GamesOnline.se
病毒： Trojan.PSW.Win32.SO2Game.u
病毒： Trojan.PSW.Win32.GameOL.mma

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.37.51

[病毒样本] 57个

本帖子中包含更多资源

53

本帖子中包含更多资源

全灭

132/49