[病毒样本] 22

显示全部楼层 · 发表于 2008-4-1 22:19:36

C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__10907.exe TrojanPSW.GameOL.GEN.ajzj 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__1AE96.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__2C034.exe TrojanPSW.OnLineGames.rri.fccq 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__359DE.exe W32.Warezov.p 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__3F0F3.exe TrojanPSW.GameOL.mss.apru 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__4F077.exe W32.Warezov.p 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__686.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__748B2.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__850B9.exe TrojanPSW.OnLineGames.lhc.rpld 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__97105.exe W32.Warezov.p 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__ACAD7.exe TrojanDownloader.Agent.bxw.qecb 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__C59EF.exe TrojanDownloader.Direct.me.riyl 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__CC2F9.exe TrojanPSW.OnLineGames.yog.uibj 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>2008-3-31__DD99A.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>a8da234k8asdf.exe Backdoor.DKA.zshd 后门还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>DRPAK2.exe Heuri.Possible/Packed 启发式扫描还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>ecard.exe>>S-1-5-21-3252328098-71414409-2463015037-501\csrss.exe IRC.Flood.mirc.evvz 病毒还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>ecard.exe>>S-1-5-21-3252328098-71414409-2463015037-501\hex.exe Trojan.HideWindows.a.hcz 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>ecard.exe>>S-1-5-21-3252328098-71414409-2463015037-501\wget.exe Packed.UPX.a 带壳程序还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>install_1356_M3w0fHx8fHx8fA_.exe TrojanDownloader.BHS.dmgs 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>keygen.exe TrojanDownloader.BDH.rvku 木马还未处理
C:\Documents and Settings\Administrator\桌面\DRPAK2.rar>>lin.exe TrojanPSW.Magania.bre.sxdp 木马还未处理

显示全部楼层 · 发表于 2008-4-2 00:06:37

DRPAK2.rar
[0] Archive type: RAR
--> DRPAK2.exe
--> install.exe
--> install_717_MHw1fHx8fHx8fA_.exe
--> install_1356_M3w0fHx8fHx8fA_.exe
--> keygen.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Small.iwh
      [WARNING] Infected files in archives cannot be repaired!
--> lin.exe
      [DETECTION] Is the Trojan horse TR/PSW.Magania.bre
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__1AE96.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__2C034.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__3F0F3.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__4F077.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.12134
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__359DE.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.12495
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__686.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__748B2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.658
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__850B9.exe
      [DETECTION] Is the Trojan horse TR/WuDisable.E
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__10907.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__97105.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.12107
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__ACAD7.exe
      [DETECTION] Is the Trojan horse TR/Drop.Age.51042.B
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__C59EF.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Delf.epw.1
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__CC2F9.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> 2008-3-31__DD99A.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.596
      [WARNING] Infected files in archives cannot be repaired!
--> a8da234k8asdf.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> ecard.exe
      [DETECTION] Contains detection pattern of the dropper DR/Agent.GVP
      [WARNING] Infected files in archives cannot be repaired!
      [1] Archive type: RAR SFX (self extracting)
      --> S-1-5-21-3252328098-71414409-2463015037-501\aliases.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\control.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\csrss.exe
         [DETECTION] Is the Trojan horse TR/Mirchack.A.13
         [WARNING] Infected files in archives cannot be repaired!
      --> S-1-5-21-3252328098-71414409-2463015037-501\desktop.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\hex.exe
      --> S-1-5-21-3252328098-71414409-2463015037-501\hstart.exe
      --> S-1-5-21-3252328098-71414409-2463015037-501\mirc.ico
      --> S-1-5-21-3252328098-71414409-2463015037-501\mirc.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\remote.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\script.ini
         [DETECTION] Is the Trojan horse TR/IRC.Zapchast
         [WARNING] Infected files in archives cannot be repaired!
      --> S-1-5-21-3252328098-71414409-2463015037-501\servers.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\svchost.exe
      --> S-1-5-21-3252328098-71414409-2463015037-501\Thumbs.db
      --> S-1-5-21-3252328098-71414409-2463015037-501\users.ini
      --> S-1-5-21-3252328098-71414409-2463015037-501\wget.exe
      [INFO]    The file was moved to '48425dce.qua'!

显示全部楼层 · 发表于 2008-4-2 18:04:00

Begin scan in 'C:\Documents and Settings\haha\桌面\DRPAK2.rar'
C:\Documents and Settings\haha\桌面\DRPAK2.rar
  [0] Archive type: RAR
  --> DRPAK2.exe
   [DETECTION] Is the Trojan horse TR/Agent.hgg
  --> install_717_MHw1fHx8fHx8fA_.exe
   [DETECTION] Is the Trojan horse TR/Dldr.WinFixer.AD
  --> install_1356_M3w0fHx8fHx8fA_.exe
   [DETECTION] Is the Trojan horse TR/Hoax.Renos.bfn
  --> keygen.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.iwh
  --> lin.exe
   [DETECTION] Is the Trojan horse TR/PSW.Magania.bre
  --> 2008-3-31__1AE96.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2008-3-31__2C034.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 2008-3-31__3F0F3.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> 2008-3-31__4F077.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12134
  --> 2008-3-31__359DE.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12495
  --> 2008-3-31__686.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2008-3-31__748B2.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.658
  --> 2008-3-31__850B9.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.E
  --> 2008-3-31__10907.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2008-3-31__97105.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12107
  --> 2008-3-31__ACAD7.exe
   [DETECTION] Is the Trojan horse TR/Drop.Age.51042.B
  --> 2008-3-31__C59EF.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delf.epw.1
  --> 2008-3-31__CC2F9.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> 2008-3-31__DD99A.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.596
  --> a8da234k8asdf.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> ecard.exe
   [DETECTION] Contains detection pattern of the dropper DR/Agent.GVP
   [1] Archive type: RAR SFX (self extracting)
   --> S-1-5-21-3252328098-71414409-2463015037-501\csrss.exe
      [DETECTION] Is the Trojan horse TR/Mirchack.A.13
   --> S-1-5-21-3252328098-71414409-2463015037-501\hex.exe
      [DETECTION] Contains detection pattern of the SPR/HideWindow.B program
   --> S-1-5-21-3252328098-71414409-2463015037-501\script.ini
      [DETECTION] Is the Trojan horse TR/IRC.Zapchast
   [INFO]    A backup was created as '48435a58.qua'  ( QUARANTINE )

End of the scan: 2008年4月2日  18:03
Used time: 00:03 min

The scan has been done completely.

   0 Scanning directories
   39 Files were scanned
  24 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   15 Files not concerned
   2 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-2 20:35:01

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Undef.ada
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.ZhuXian.hf
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.SunOnline.nh
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.glf
病毒： Trojan.DL.Win32.Agent.bxw
病毒： Trojan.DL.Win32.Direct.me
病毒： Worm.Win32.Autorun.jul
病毒： Trojan.HideWindows.a

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.38.21

显示全部楼层 · 发表于 2008-4-3 12:07:58

信息 2008-04-03 12:08:02 您此次查毒清除了17个病毒
信息 2008-04-03 12:08:02 您此次查毒共查出20个病毒以及危险代码
信息 2008-04-03 12:08:02 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件59个
信息 2008-04-03 12:08:02 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
风险程序 2008-04-03 12:08:02 C:\Documents and Settings\Administrator\桌面\22.rar\install_1356_M3w0fHx8fHx8fA_.exe Win32.NotVirus.Renos.31232 跳过，未处理
风险程序 2008-04-03 12:08:02 C:\Documents and Settings\Administrator\桌面\22.rar\install_1356_M3w0fHx8fHx8fA_.exe Win32.NotVirus.Renos.31232 跳过，未处理
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\a8da234k8asdf.exe Worm.AutoRun.122880 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__DD99A.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__CC2F9.exe Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__C59EF.exe Win32.TrojDownloader.Direct.me.110592 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__ACAD7.exe Win32.Hack.Delf.m.221184 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__97105.exe Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__10907.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__850B9.exe Win32.Troj.AgentT.fm.14452 清除成功
病毒 2008-04-03 12:07:47 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__748B2.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__686.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__359DE.exe Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__4F077.exe Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__3F0F3.exe Win32.Troj.GamesHackT.gu.94304 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__2C034.exe Win32.Troj.GamesHackT.gu.94304 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\2008-3-31__1AE96.exe Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\lin.exe Win32.Troj.Magania.be.38400 清除成功
病毒 2008-04-03 12:07:46 C:\Documents and Settings\Administrator\桌面\22.rar\keygen.exe Win32.TrojDownloader.Small.28672 清除成功
信息 2008-04-03 12:07:11 金山毒霸主程序启动查毒过程，查毒方式：命令行查毒
信息 2008-04-03 12:07:11 金山毒霸主程序启动
信息 2008-04-03 11:38:52 金山毒霸主程序退出

[病毒样本] 22

22

63/17