[病毒样本] 30x

显示全部楼层 · 发表于 2008-4-15 12:48:42

Starting the file scan:

Begin scan in 'E:\新建文件夹 (2)\病毒30个.rar'
E:\新建文件夹 (2)\病毒30个.rar
  [0] Archive type: RAR
  --> VMwareService.exe
   [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
  --> tmp7A.tmp
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> pcibus.sys
   [DETECTION] Is the Trojan horse TR/Drop.Agent.23552
  --> 8838283[1].htm
   [DETECTION] Is the Trojan horse TR/IFrame.AW
  --> XunLei[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/IFrame.gcc
  --> noani[2].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.ZY
  --> Ms06014[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/IFrame.gcc
  --> haha[1].htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.ED
  --> jh[1].htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Agent.afm
  --> kong[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.bcd
  --> htm[1].htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Agent.AS
  --> gm[1].htm
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.ala.10
  --> 6671697[1].htm
   [DETECTION] Is the Trojan horse TR/IFrame.AW
  --> Ajax[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/IFrame.gcc
  --> ani[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.ZY
  --> 11[1].js
   [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.CN
  --> rl[2].js
   [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.E
  --> realplayer[1].htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Agent.ES
  --> kaka[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/IFrame.gcc
  --> down1[1].txt
   [DETECTION] Contains detection pattern of the HTML script virus HTML/IFrame.gcc
  --> 2[1].htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Agent.bxf
  --> 1[1].js
   [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Agent.bxf
  --> realplay_071122_exp[1].htm
   [DETECTION] Contains detection pattern of the Java script virus JS/Agent.ES
  --> realplayer[2].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Dldr.Agent.ZY
  --> lz[1].htm
   [DETECTION] Contains detection pattern of the HTML script virus HTML/Shellcode.Gen
  --> gege[1].htm
   [DETECTION] Contains detection pattern of the exploits EXP/RealPlay.I
  --> ani[1].c
   [DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
  --> tmp7C.tmp
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> tmp77.tmp
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> tmp83.tmp
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [NOTE]    The file was deleted!

End of the scan: 2008年4月15日  12:50
Used time: 00:07 min

The scan has been done completely.

   0 Scanning directories
   31 Files were scanned
   30 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

显示全部楼层 · 发表于 2008-4-15 12:52:29

信息 2008-04-15  12:50:41 您此次查毒清除了10个病毒
信息 2008-04-15  12:50:41 您此次查毒共查出10个病毒以及危险代码
信息 2008-04-15  12:50:41 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件31个
信息 2008-04-15  12:50:41 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-4-15 13:00:35

正在扫描日志
病毒库版本: 3026 (20080414)
日期: 2008-4-15 时间: 12:58:23
已扫描的磁盘、文件夹和文件: E:\VIRUS\��30��.rar
E:\VIRUS\��30��.rar > RAR > VMwareService.exe - Win32/Mypis.H 病毒
E:\VIRUS\��30��.rar > RAR > tmp7A.tmp - Win32/PSW.OnLineGames.NJY 特洛伊木马
E:\VIRUS\��30��.rar > RAR > pcibus.sys - Win32/Jalous.Z 蠕虫
E:\VIRUS\��30��.rar > RAR > XunLei[1].htm - HTML/TrojanClicker.IFrame.GC 特洛伊木马
E:\VIRUS\��30��.rar > RAR > noani[2].htm - JS/TrojanDownloader.Agent.ALN 特洛伊木马
E:\VIRUS\��30��.rar > RAR > Ms06014[1].htm - HTML/TrojanClicker.IFrame.GC 特洛伊木马
E:\VIRUS\��30��.rar > RAR > haha[1].htm - JS/TrojanDownloader.Agent.ALJ 特洛伊木马
E:\VIRUS\��30��.rar > RAR > jh[1].htm - JS/Exploit.RealPlay.H 特洛伊木马
E:\VIRUS\��30��.rar > RAR > kong[1].htm - HTML/TrojanDownloader.IFrame 特洛伊木马
E:\VIRUS\��30��.rar > RAR > htm[1].htm - JS/TrojanDownloader.Agent.ALW 特洛伊木马
E:\VIRUS\��30��.rar > RAR > gm[1].htm - JS/TrojanDownloader.Agent.ALA 特洛伊木马
E:\VIRUS\��30��.rar > RAR > Ajax[1].htm - JS/TrojanDownloader.Psyme.NCR 特洛伊木马
E:\VIRUS\��30��.rar > RAR > ani[1].htm - JS/TrojanDownloader.Agent.ALN 特洛伊木马
E:\VIRUS\��30��.rar > RAR > 11[1].js - JS/TrojanDownloader.Agent.ALM 特洛伊木马
E:\VIRUS\��30��.rar > RAR > realplayer[1].htm - HTML/TrojanClicker.IFrame.GC 特洛伊木马
E:\VIRUS\��30��.rar > RAR > kaka[1].htm - HTML/TrojanClicker.IFrame.GC 特洛伊木马
E:\VIRUS\��30��.rar > RAR > 2[1].htm - JS/TrojanDownloader.Agent.AKD 特洛伊木马
E:\VIRUS\��30��.rar > RAR > 1[1].js - JS/TrojanDownloader.Agent.WK 特洛伊木马
E:\VIRUS\��30��.rar > RAR > realplay_071122_exp[1].htm - JS/Exploit.RealPlay.E 特洛伊木马
E:\VIRUS\��30��.rar > RAR > realplayer[2].htm - JS/Exploit.RealPlay.NAA 特洛伊木马
E:\VIRUS\��30��.rar > RAR > lz[1].htm - JS/TrojanDownloader.Agent.ALO 特洛伊木马
E:\VIRUS\��30��.rar > RAR > gege[1].htm - JS/Exploit.RealPlay.NAB 特洛伊木马
E:\VIRUS\��30��.rar > RAR > ani[1].c - Win32/TrojanDownloader.Ani.Gen 特洛伊木马的变种
E:\VIRUS\��30��.rar > RAR > tmp7C.tmp - Win32/PSW.OnLineGames.JOJ 特洛伊木马
E:\VIRUS\��30��.rar > RAR > tmp77.tmp - Win32/PSW.OnLineGames.JER 特洛伊木马
E:\VIRUS\��30��.rar > RAR > tmp83.tmp - Win32/PSW.OnLineGames.NKI 特洛伊木马
已扫描的对象数: 30
发现的威胁数: 26
已清除对象数:0
完成时间: 12:58:24 总扫描时间: 1 秒 (00:00:01)

显示全部楼层 · 发表于 2008-4-15 13:03:33

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Win32.Logogo.a
病毒： Trojan.PSW.Win32.SO2Online.x
病毒： Trojan.Win32.Mnless.zkb
病毒： Trojan.DL.Script.VBS.Agent.xnn
病毒： Trojan.DL.Script.JS.Agent.lwn
病毒： Trojan.DL.Win32.Iframe.a
病毒： Trojan.DL.Script.VBS.Agent.xnl
病毒： Trojan.Script.JS.Agent.ab
病毒： Trojan.DL.Script.JS.Agent.lwh
病毒： Trojan.DL.Script.VBS.Agent.xnm
病毒： Trojan.DL.Script.JS.Agent.lvm
病毒： Hack.Exploit.Script.JS.RealPlayer.b
病毒： Trojan.DL.Script.JS.Agent.lve
病毒： Trojan.DL.Script.HTML.Agent.x
病毒： Hack.Exploit.Script.HTML.IERPCtl.a
病毒： Hack.SuspiciousAni
病毒： RootKit.Win32.GameHack.GEN

MAC 地址：00:17:31:40:A3:57

用户来源：局域网

软件版本：20.40.02

显示全部楼层 · 发表于 2008-4-15 13:40:46

ESS 26个

显示全部楼层 · 发表于 2008-4-15 13:57:19

小红伞全干掉

显示全部楼层 · 发表于 2008-4-15 14:08:48

已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.xjn 文件: F:\Download\病毒22个.rar\25a[1].exe/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.vdr 文件: F:\Download\病毒22个.rar\26a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yvi 文件: F:\Download\病毒22个.rar\27a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yip 文件: F:\Download\病毒22个.rar\28a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ysl 文件: F:\Download\病毒22个.rar\29a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yog 文件: F:\Download\病毒22个.rar\30a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yux 文件: F:\Download\病毒22个.rar\3a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yzr 文件: F:\Download\病毒22个.rar\5a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.whs 文件: F:\Download\病毒22个.rar\8a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yip 文件: F:\Download\病毒22个.rar\11a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yog 文件: F:\Download\病毒22个.rar\13a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.whs 文件: F:\Download\病毒22个.rar\15a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.QQPass.bmw 文件: F:\Download\病毒22个.rar\16a[1].exe/UPX
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.vlp 文件: F:\Download\病毒22个.rar\17a[1].exe/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\病毒22个.rar\18a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yip 文件: F:\Download\病毒22个.rar\19a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yzu 文件: F:\Download\病毒22个.rar\20a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.vpj 文件: F:\Download\病毒22个.rar\21a[1].exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yog 文件: F:\Download\病毒22个.rar\22a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yuy 文件: F:\Download\病毒22个.rar\23a[1].exe/PE_Patch/UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.uso 文件: F:\Download\病毒22个.rar\24a[1].exe/UPack

显示全部楼层 · 发表于 2008-4-15 15:55:27

[Found virus] <W32/Cekar.A> C:\test\病毒30个\VMwareService.exe
[Quarantined] C:\test\病毒30个\VMwareService.exe
[Found security risk] <W32/OnlineGames.M.gen!Eldorado (not disinfectable, generic)> C:\test\病毒30个\tmp7A.tmp
[Quarantined] C:\test\病毒30个\tmp7A.tmp
[Found worm] <W32/Worm.LRO (exact)> C:\test\病毒30个\pcibus.sys
[Quarantined] C:\test\病毒30个\pcibus.sys
[Found exploit] <HTML/IFrame (exact)> C:\test\病毒30个\8838283[1].htm
[Quarantined] C:\test\病毒30个\8838283[1].htm
[Found Trojan] <JS/Agent.BE (exact)> C:\test\病毒30个\noani[2].htm
[Quarantined] C:\test\病毒30个\noani[2].htm
[Found Trojan] <JS/Agent.BL (exact)> C:\test\病毒30个\haha[1].htm
[Quarantined] C:\test\病毒30个\haha[1].htm
[Found exploit] <HTML/IFrame (exact)> C:\test\病毒30个\6671697[1].htm
[Quarantined] C:\test\病毒30个\6671697[1].htm
[Found Trojan] <JS/Agent.BE (exact)> C:\test\病毒30个\ani[1].htm
[Quarantined] C:\test\病毒30个\ani[1].htm
[Found Trojan] <JS/RealPlay.B (exact)> C:\test\病毒30个\realplayer[1].htm
[Quarantined] C:\test\病毒30个\realplayer[1].htm
[Found Trojan] <JS/RealPlay.B (exact)> C:\test\病毒30个\realplay_071122_exp[1].htm
[Quarantined] C:\test\病毒30个\realplay_071122_exp[1].htm
[Found Trojan] <JS/Agent.BE (exact)> C:\test\病毒30个\realplayer[2].htm
[Quarantined] C:\test\病毒30个\realplayer[2].htm
[Found Trojan] <JS/Agent.BN (exact)> C:\test\病毒30个\gege[1].htm
[Quarantined] C:\test\病毒30个\gege[1].htm
[Found possible exploit] <CVE-2007-1765 (not disinfectable)> C:\test\病毒30个\ani[1].c
[Quarantined] C:\test\病毒30个\ani[1].c
[Found security risk] <W32/OnlineGames.M.gen!Eldorado (not disinfectable, generic)> C:\test\病毒30个\tmp7C.tmp
[Quarantined] C:\test\病毒30个\tmp7C.tmp
[Found security risk] <W32/OnlineGames.M.gen!Eldorado (not disinfectable, generic)> C:\test\病毒30个\tmp77.tmp
[Quarantined] C:\test\病毒30个\tmp77.tmp
[Found password stealer] <W32/Pws.AAAO (exact)> C:\test\病毒30个\tmp83.tmp
[Quarantined] C:\test\病毒30个\tmp83.tmp

显示全部楼层 · 发表于 2008-4-15 20:00:25

TO KKL

[病毒样本] 30x

本帖子中包含更多资源

30

31/25

本帖子中包含更多资源

16