27个

显示全部楼层 · 发表于 2008-3-30 21:13:38

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.SO2Online.bs
病毒： RootKit.Win32.Undef.ec
病毒： Trojan.PSW.Win32.GameOL.msv
病毒： Trojan.PSW.Win32.GameOL.msj
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mta
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mrk
病毒： RootKit.Win32.Undef.ec
病毒： Trojan.PSW.Win32.GameOL.msu
病毒： Trojan.PSW.Win32.GamesOnline.sf
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.Win32.Undef.efz

MAC 地址：00:17:31:40:A3:57

用户来源：局域网

软件版本：20.37.62

显示全部楼层 · 发表于 2008-3-30 21:13:40

Starting the file scan:

Begin scan in 'D:\x.zip'
D:\x.zip
  [0] Archive type: ZIP
  --> x/1.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/2.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/3.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLi.NMQ.1.A
  --> x/5.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/8.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/9.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/92.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/93.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/95.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/96.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.19952
  --> x/97.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/98.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> x/99.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/cmdbcs.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/Kvsc3.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/LotusHlp.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/mppds.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/MsIMMs32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/PTSShell.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/SHAProc.dat
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/tciocp32.dll
   [DETECTION] Contains suspicious code HEUR/Malware
  --> x/upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/winboost.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/WSockDrv32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> x/x.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!

End of the scan: 2008年3月30日  21:15
Used time: 00:21 min

The scan has been done completely.

   0 Scanning directories
   28 Files were scanned
   26 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-30 21:14:53

你把那X下载的东西全弄下来了，哈哈！

显示全部楼层 · 发表于 2008-3-30 21:17:18

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.SO2Online.bs
病毒： RootKit.Win32.Undef.ec
病毒： Trojan.PSW.Win32.GameOL.msv
病毒： Trojan.PSW.Win32.GameOL.msj
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mta
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.mrk
病毒： RootKit.Win32.Undef.ec
病毒： Trojan.PSW.Win32.GameOL.msu
病毒： Trojan.PSW.Win32.GamesOnline.sf
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.Win32.Undef.efz

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.37.62

显示全部楼层 · 发表于 2008-3-30 21:17:57

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\1.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\2.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\3.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\4.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\5.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\7.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\8.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\9.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\92.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\93.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\95.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\96.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\97.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\98.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\99.exe->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\x\Kvsc3.dll
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\x\LotusHlp.dll
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> c:\test\x\MsIMMs32.dll
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\x\PTSShell.dll
[Found security risk] <W32/OnlineGames.C.gen!GSA (not disinfectable, generic)> c:\test\x\upxdnd.dll
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\x\winboost.dll->(UPack)
[Found possible security risk] <W32/Heuristic-KPP!Eldorado (not disinfectable)> c:\test\x\WSockDrv32.dll
[Found security risk] <W32/OnlineGames.H.gen!Eldorado (not disinfectable, generic)> c:\test\x\x.exe

显示全部楼层 · 发表于 2008-3-30 21:22:05

27
C:\x.zip » ZIP » x/1.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/2.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/3.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/4.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\x.zip » ZIP » x/5.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/7.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\x.zip » ZIP » x/8.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/9.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/92.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/93.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/95.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/96.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\x.zip » ZIP » x/97.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\x.zip » ZIP » x/98.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/99.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\x.zip » ZIP » x/cmdbcs.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/Kvsc3.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/LotusHlp.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\x.zip » ZIP » x/mppds.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/MsIMMs32.dll - Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/PTSShell.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\x.zip » ZIP » x/SHAProc.dat - Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/tciocp32.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/upxdnd.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\x.zip » ZIP » x/winboost.dll - a variant of Win32/TrojanDownloader.Agent.NXA trojan
C:\x.zip » ZIP » x/WSockDrv32.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
C:\x.zip » ZIP » x/x.exe - a variant of Win32/TrojanDownloader.Agent.NXA trojan

显示全部楼层 · 发表于 2008-3-30 21:24:24

C:\Documents and Settings\Administrator\桌面\x.zip>>x\1.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\2.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\3.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\4.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\5.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\7.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\8.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\9.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\92.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\93.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\95.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\96.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\97.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\98.exe       W32.Viking.k       病毒       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\99.exe       TrojanPSW.OnLineGames.rri.fccq       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\cmdbcs.dll       TrojanPSW.GamesOnline.sf.tcwt.dll       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\MsIMMs32.dll       PWSteal.OnLineGames.NFL.dnno.dll       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\PTSShell.dll       TrojanPSW.GameOL.GEN.rmms.dll       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\SHAProc.dat       TrojanPSW.OnLineGames.yjh.qred.dll       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\winboost.dll       Trojan.Undef.efz.klov.dll       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\WSockDrv32.dll       TrojanPSW.OnLineGames.yml.ypqm.dll       木马       还未处理
C:\Documents and Settings\Administrator\桌面\x.zip>>x\x.exe       TrojanDownloader.Nurech.bd.bmqk       木马       还未处理

显示全部楼层 · 发表于 2008-3-30 21:31:21

但去看了下，它好像不是下载者。

显示全部楼层 · 发表于 2008-3-30 21:34:17

19 TO KL
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/1.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.yjh File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/2.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ymj File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/3.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wpc File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/4.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ymo File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/5.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ylv File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/7.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.wpa File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/8.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/9.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/92.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/93.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/95.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.xii File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/96.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ymq File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/97.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ymv File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/98.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ylw File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/99.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.yjh File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/SHAProc.dat
detected: virus Heur.AntiAV (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/winboost.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.yml File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/WSockDrv32.dll
detected: virus Heur.Invader (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\x.zip/x/x.exe//PE_Patch//UPack

[病毒样本] 27个

本帖子中包含更多资源

63/26

27

63/26

23

22个

回复 4楼 qigang 的帖子