avast报

显示全部楼层 · 发表于 2008-4-1 17:11:50

Starting the file scan:

Begin scan in 'E:\newad.exe'
E:\newad.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[INFO] The file was deleted!

显示全部楼层 · 发表于 2008-4-1 17:14:16

显示全部楼层 · 发表于 2008-4-1 17:15:29

[MAIN]
VERSION=2008-11-12

[URL]
1=http://60.190.118.112/soft00.exe
2=http://60.190.118.112/soft01.exe
3=http://60.190.118.112/soft02.exe
4=http://60.190.118.112/soft03.exe
5=http://60.190.118.112/soft04.exe
6=http://60.190.118.112/soft05.exe
7=http://60.190.118.112/soft06.exe
8=http://60.190.118.112/soft07.exe
9=http://60.190.118.112/soft08.exe
10=http://60.190.118.112/soft09.exe
11=http://60.190.118.112/soft10.exe
12=http://60.190.118.112/soft11.exe
13=http://60.190.118.112/soft12.exe
14=http://60.190.118.112/soft13.exe
15=http://60.190.118.112/soft14.exe
16=http://60.190.118.112/soft15.exe
17=http://60.190.118.112/soft16.exe
18=http://60.190.118.112/soft17.exe
19=http://60.190.118.112/soft18.exe
20=http://60.190.118.112/soft19.exe
21=http://60.190.118.112/soft20.exe
22=http://60.190.118.112/soft21.exe

[ 本帖最后由 EQ2 于 2008-4-1 17:20 编辑 ]

显示全部楼层 · 发表于 2008-4-1 17:25:36

ess扫描日志
病毒库版本: 2990 (20080401)
日期: 2008-4-1 时间: 17:29:25
已扫描的磁盘、文件夹和文件: G:\桌面.zip
G:\桌面.zip > ZIP > soft00.exe - 可能是 Win32/PSW.WOW.WU 特洛伊木马的变种
G:\桌面.zip > ZIP > soft01.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft02.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft03.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft04.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft05.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft06.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft07.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft08.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft09.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft10.exe - Win32/PSW.OnLineGames.NFN 特洛伊木马的变种
G:\桌面.zip > ZIP > soft11.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft12.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft13.exe - Win32/PSW.WOW.WU 特洛伊木马
G:\桌面.zip > ZIP > soft14.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft15.exe - 可能是 Win32/PSW.OnLineGames.NMQ 特洛伊木马的变种
G:\桌面.zip > ZIP > soft16.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft17.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft18.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
G:\桌面.zip > ZIP > soft19.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
G:\桌面.zip > ZIP > soft20.exe - Win32/PSW.QQPass.NCZ 特洛伊木马的变种
已扫描的对象数: 21
发现的威胁数: 21
完成时间: 17:29:40 总扫描时间: 15 秒 (00:00:15)

显示全部楼层 · 发表于 2008-4-1 17:28:06

Starting the file scan:

Begin scan in 'E:\soft00.exe'
E:\soft00.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft01.exe'
E:\soft01.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft02.exe'
E:\soft02.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft03.exe'
E:\soft03.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
Begin scan in 'E:\soft04.exe'
E:\soft04.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.xjl.3
   [INFO]    The file was deleted!
Begin scan in 'E:\soft05.exe'
E:\soft05.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
Begin scan in 'E:\soft06.exe'
E:\soft06.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [INFO]    The file was deleted!
Begin scan in 'E:\soft07.exe'
E:\soft07.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ymk.1
   [INFO]    The file was deleted!
Begin scan in 'E:\soft08.exe'
E:\soft08.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft09.exe'
E:\soft09.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.WMI.1
   [INFO]    The file was deleted!
Begin scan in 'E:\soft10.exe'
E:\soft10.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
   [INFO]    The file was deleted!
Begin scan in 'E:\soft11.exe'
E:\soft11.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft12.exe'
E:\soft12.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft13.exe'
E:\soft13.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
   [INFO]    The file was deleted!
Begin scan in 'E:\soft14.exe'
E:\soft14.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft15.exe'
E:\soft15.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
Begin scan in 'E:\soft16.exe'
E:\soft16.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft17.exe'
E:\soft17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.NSR
   [INFO]    The file was deleted!
Begin scan in 'E:\soft18.exe'
E:\soft18.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
Begin scan in 'E:\soft19.exe'
E:\soft19.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
Begin scan in 'E:\soft20.exe'
E:\soft20.exe
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.NCZ
   [INFO]    The file was deleted!

End of the scan: 2008年4月1日  17:28
Used time: 00:24 min

The scan has been done completely.

   0 Scanning directories
   21 Files were scanned
   21 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   21 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   0 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-1 19:31:26

deleted: adware not-a-virus:AdWare.Win32.Ejik.dj File: E:\ÏÂÔØ»ùµØ\virus\1500.exe//PE_Patch.PECompact//PecBundle//PECompact
deleted: Trojan program Trojan-Dropper.Win32.Agent.env File: E:\ÏÂÔØ»ùµØ\virus\newad.exe//NSPack
deleted: adware not-a-virus:AdWare.Win32.Ejik.dv File: E:\ÏÂÔØ»ùµØ\virus\1001.exe//PE_Patch.PECompact//PecBundle//PECompact
deleted: adware not-a-virus:AdWare.Win32.Ejik.dv File: E:\ÏÂÔØ»ùµØ\virus\1070.exe//PE_Patch.PECompact//PecBundle//PECompact

deleted: Trojan program Trojan-Downloader.Win32.Delf.axx File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft00.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vdr File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft01.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vwc File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft02.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ymj File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft03.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.xjl File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft04.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ypf File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft05.exe//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rxps File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft06.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ylu File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft07.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft08.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wmi File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft09.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.jnb File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft10.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vdr File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft11.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft12.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Lmir.bpv File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft13.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.yog File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft14.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ylv File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft15.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft16.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.woy File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft17.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.whs File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft18.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.xkp File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft19.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.bha File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ.zip/soft20.exe//UPX
灭

显示全部楼层 · 发表于 2008-4-1 19:35:01

全灭
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft03.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft04.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft05.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft07.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft09.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft17.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft19.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft14.exe TrojanPSW.OnLineGames.yog.uibj 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft18.exe TrojanPSW.OnLineGames.yog.uibj 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft08.exe TrojanPSW.OnLineGames.whs.sypt 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft12.exe TrojanPSW.OnLineGames.whs.nctw 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft16.exe TrojanPSW.OnLineGames.whs.froo 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft11.exe TrojanPSW.OnLineGames.vdr.nitr 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft06.exe TrojanPSW.OnLineGames.rxps.lgwf 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft15.exe TrojanPSW.OnLineGames.rri.fccq 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft10.exe TrojanPSW.OnLineGames.jnb.hggw 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft02.exe TrojanPSW.GameOL.mjf.cavu 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft00.exe TrojanDownloader.Delf.axx.nxca 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft20.exe Trojan.Nemqun.uazj 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft01.exe Trojan.Cap832223.oqvk 木马还未处理
C:\Documents and Settings\Administrator\桌面\桌面.zip>>soft13.exe PWSteal.Lemir.bpv.szqf 木马还未处理

显示全部楼层 · 发表于 2008-4-1 20:19:06

52/22

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.moq
病毒： Trojan.PSW.Win32.GameOL.mnj
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQSG.dg
病毒： Trojan.PSW.Win32.GameOL.min
病毒： Trojan.PSW.Win32.GameOL.mss
病毒： Trojan.PSW.Win32.GameOnline.zzy
病毒： Trojan.PSW.Win32.GamesOnline.fz
病毒： Trojan.PSW.Win32.GameOL.mtp
病毒： RootKit.Win32.Undef.ec
病毒： Trojan.PSW.Win32.GameOL.msj
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.QQPass.zfh

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.38.11

显示全部楼层 · 发表于 2008-4-1 20:21:48

未解到。

显示全部楼层 · 发表于 2008-4-1 21:17:43

病毒 2008-04-01 21:17:35 病毒在文件D:\Desktop\newad.exe.download中 Win32.Troj.Downloader.ex.23552 处理成功（操作：删除）

[已鉴定] avast报

回复 10楼 EQ2 的帖子

回复 13楼 EQ2 的帖子

http://www.222428.cn/down/1070.exe和http://the.microgood.net/newad.exe

回复 10楼 EQ2 的帖子