32个

显示全部楼层 · 发表于 2008-4-19 15:42:27

IK
I:\virus\样本区\样本.rar:\OnlO0r.dll - Signature 'Trojan-PWS.Win32.OnLineGames.lpg' found
I:\virus\样本区\样本.rar:\mfchlp32.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\msosmhfp00.dll - Signature 'Virus.Win32.Agent.BQC' found
I:\virus\样本区\样本.rar:\sfnqpewv.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\1.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\样本区\样本.rar:\21.exe - Signature 'Virus.Win32.Agent.CNF' found
I:\virus\样本区\样本.rar:\22.exe - Signature 'Virus.Win32.OnLineGames.BCD' found
I:\virus\样本区\样本.rar:\23.exe - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\24.exe - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\25.exe - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\27.exe - Signature 'Trojan-PWS.Win32.OnLineGames.abbh' found
I:\virus\样本区\样本.rar:\29.exe - Signature 'Trojan-Dropper.Win32.Small.YY' found
I:\virus\样本区\样本.rar:\30.exe - Signature 'Trojan-PWS.Win32.OnLineGames.aant' found
I:\virus\样本区\样本.rar:\31.exe - Signature 'Virus.Win32.OnLineGames.BCD' found
I:\virus\样本区\样本.rar:\32.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\样本区\样本.rar:\33.exe - Suspect code-parts found (Level: 180)
I:\virus\样本区\样本.rar:\36.exe - Signature 'Virus.Win32.Onlinegames.CDA' found
I:\virus\样本区\样本.rar:\38.exe - Signature 'Trojan-PWS.Win32.Nilage.bga' found
I:\virus\样本区\样本.rar:\4.exe - Signature 'Virus.Win32.Agent.PQG' found
I:\virus\样本区\样本.rar:\DbgHlp32.dlL - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\huifitc.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\M1.exe - Signature 'Trojan-PWS.Win32.Delf.aky' found
I:\virus\样本区\样本.rar:\MsIMMs32.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\msosmnsf00.dll - Signature 'Generic.PWS.Games.3' found
I:\virus\样本区\样本.rar:\Nt_Sys32.Sys - Signature 'Trojan-PWS.Win32.Nilage.bga' found
I:\virus\样本区\样本.rar:\oKoK.exe - Signature 'Trojan-Dropper.Win32.Agent.ane' found
I:\virus\样本区\样本.rar:\PTSShell.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\Setup.exe
I:\virus\样本区\样本.rar:\svchost.exe - Signature 'Trojan-PWS.Win32.OnLineGames.nia' found
I:\virus\样本区\样本.rar:\ticisms.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\upxdnd.dll - Signature 'Trojan-PWS.OnlineGames.NVI' found
I:\virus\样本区\样本.rar:\WSockDrv32.dll - Signature 'Virus.Win32.Onlinegames.CDA' found
I:\virus\样本区\样本.rar

33 Files scanned
(1 Archiv with 32 files)
30 Signatures found
1 Suspect code-part found
Used time: 0:00.500

显示全部楼层 · 发表于 2008-4-19 15:43:27

江民杀毒软件报告文件
北京江民新科技术有限公司
扫描引擎 11.00.703
病毒库日期 2008-04-19
更新日期 2008-04-04
扫描目标 C:\Documents and Settings\Administrator\桌面\样本.rar
开始时间 2008-04-04 05:11:49
在 C:\Documents and Settings\Administrator\桌面\样本.rar->sfnqpewv.dll 中发现 Trojan/PSW.OnLineGames.acot 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->1.exe 中发现 Trojan/Vaklik.do 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->23.exe 中发现 Trojan/PSW.OnLineGames.tnf 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->25.exe 中发现 Trojan/PSW.OnLineGames.tnb 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->29.exe 中发现 Trojan/PSW.OnLineGames.accn 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->32.exe 中发现 Trojan/PSW.OnLineGames.aavi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->38.exe 中发现 Trojan/PSW.QQPass.tjq 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->DbgHlp32.dlL 中发现 Trojan/PSW.GameDLL2.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->M1.exe 中发现 Trojan/PSW.QQPass.thi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->MsIMMs32.dll 中发现 Trojan/PSW.GameDLL2.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->oKoK.exe 中发现 Backdoor/Agent.alwr 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->svchost.exe 中发现 Trojan/PSW.OnLineGames.pxm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->upxdnd.dll 中发现 Trojan/PSW.GameDLL2.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->WSockDrv32.dll 中发现 Trojan/PSW.OnLineGames.acqi 病毒, 已删除
正常结束。
扫描结果:
               文件数 :33                               病毒体 :14
               删除 :14                                  解毒 :0
扫描速度(千字节/秒) :163                            扫描时间 :00:00:14
扫描文件速度(个/秒) :2
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -    - - - - - - - - - - - -

显示全部楼层 · 发表于 2008-4-19 15:45:23

to kl

显示全部楼层 · 发表于 2008-4-19 15:46:27

EAV
发现三十个！
D:\新建文件夹 (2)\样本.rar > RAR > OnlO0r.dll - Win32/PSW.OnLineGames.NBR 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > mfchlp32.dll - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > msosmhfp00.dll - 可能是 Win32/PSW.OnLineGames.NMQ 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > sfnqpewv.dll - Win32/PSW.OnLineGames.HCV 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 1.exe - Win32/PSW.OnLineGames.NFN 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 21.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 22.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 23.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 24.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 25.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 27.exe - 可能是 Win32/PSW.OnLineGames.NMQ 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 29.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 30.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 31.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > 32.exe - 可能是 Win32/PSW.OnLineGames.NMQ 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 33.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 36.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > 38.exe - Win32/PSW.QQPass.NCZ 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > DbgHlp32.dlL - Win32/PSW.OnLineGames.NVW 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > huifitc.dll - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > M1.exe - Win32/PSW.OnLineGames.NBR 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > MsIMMs32.dll - Win32/PSW.OnLineGames.NVW 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > msosmnsf00.dll - Win32/PSW.OnLineGames.NVW 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > Nt_Sys32.Sys - Win32/PSW.QQPass.NCZ 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > oKoK.exe - Win32/Spy.Agent.NEN 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > PTSShell.dll - Win32/PSW.OnLineGames.NVW 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > svchost.exe - Win32/Spy.Agent.NEN 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > ticisms.dll - Win32/PSW.OnLineGames.NVW 特洛伊木马的变种
D:\新建文件夹 (2)\样本.rar > RAR > upxdnd.dll - Win32/PSW.OnLineGames.NVW 特洛伊木马
D:\新建文件夹 (2)\样本.rar > RAR > WSockDrv32.dll - Win32/PSW.OnLineGames.NVW 特洛伊木马的变种

显示全部楼层 · 发表于 2008-4-19 15:48:48

30个
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\样本'
C:\Documents and Settings\Administrator\My Documents\样本\
  1.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Click.121856
   [NOTE]    The file was deleted!
  21.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  22.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  23.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.25
   [NOTE]    The file was deleted!
  24.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4837a405.qua'!
  25.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
   [NOTE]    The file was deleted!
  27.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  29.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  30.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  31.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  32.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zkf
         [WARNING] Infected files in archives cannot be repaired!
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4837a403.qua'!
  33.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  36.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.27
   [NOTE]    The file was deleted!
  38.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
   [NOTE]    The file was deleted!
  4.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      --> Object
         [DETECTION] Is the Trojan horse TR/Dldr.Agent.mzm
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  DbgHlp32.dlL
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.24
   [NOTE]    The file was deleted!
  huifitc.dll
  M1.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Autorun.BK
   [NOTE]    The file was deleted!
  mfchlp32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  MsIMMs32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  msosmhfp00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  msosmnsf00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  Nt_Sys32.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '4868a445.qua'!
  oKoK.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: RSRC
      --> Object
      --> Object
      --> Object
      --> Object
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nia
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  OnlO0r.dll
   [DETECTION] Is the Trojan horse TR/PSW.Delf.ifd.15
   [NOTE]    The file was deleted!
  PTSShell.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  Setup.exe
[0] Archive type: RSRC
--> Object
--> Object
--> Object
--> Object
  sfnqpewv.dll
   [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
   [NOTE]    The file was deleted!
  svchost.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nia
   [NOTE]    The file was deleted!
  ticisms.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  upxdnd.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  WSockDrv32.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.22
   [NOTE]    The file was deleted!

End of the scan: 2008年4月19日  00:48
Used time: 00:05 min

The scan has been done completely.

   1 Scanning directories
   32 Files were scanned
   27 viruses and/or unwanted programs were found
   4 Files were classified as suspicious:
   27 files were deleted
   0 files were repaired
   3 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   5 Files not concerned
   0 Archives were scanned
   3 Warnings
   30 Notes

显示全部楼层 · 发表于 2008-4-19 15:49:20

Setup.exe CLEAN

The file 'Setup.exe' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

显示全部楼层 · 发表于 2008-4-19 15:49:50

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Packer.Win32.Upack.a
病毒： Trojan.PSW.Win32.GameOL.mzh
病毒： Trojan.Win32.Undef.bbw
病毒： Trojan.PSW.Win32.OnlineGames.dfd
病毒： Trojan.PSW.Win32.GameOL.mvg
病毒： Dropper.Win32.Agent.zce
病毒： Trojan.PSW.Win32.OnlineGames.dfd
病毒： Trojan.Win32.Undef.bge
病毒： Suspicious.Trojan.Win32.Thruav.a

用户来源：互联网

软件版本：20.40.50    瑞星16个

[扫描路径] C:\Documents and Settings\zh\桌面\样本.rar
>C:\Documents and Settings\zh\桌面\样本.rar\OnlO0r.dll - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\mfchlp32.dll - 确定
>>C:\Documents and Settings\zh\桌面\样本.rar\msosmhfp00.dll 已被病毒感染：  Trojan.PWS.Wsgame.4664
>C:\Documents and Settings\zh\桌面\样本.rar\sfnqpewv.dll 已被病毒感染：  Trojan.PWS.Wsgame.4668
>>>>C:\Documents and Settings\zh\桌面\样本.rar\1.exe 可能已被感染了：  BACKDOOR.Trojan
>>C:\Documents and Settings\zh\桌面\样本.rar\21.exe 已被病毒感染：  Trojan.PWS.Wsgame.4595
>>>C:\Documents and Settings\zh\桌面\样本.rar\22.exe 已被病毒感染：  Trojan.PWS.Wsgame.origin
>>C:\Documents and Settings\zh\桌面\样本.rar\23.exe 已被病毒感染：  Trojan.PWS.Wsgame.4604
>>>C:\Documents and Settings\zh\桌面\样本.rar\24.exe 已被病毒感染：  Trojan.PWS.Wsgame.origin
>>>C:\Documents and Settings\zh\桌面\样本.rar\25.exe 已被病毒感染：  Trojan.PWS.Wsgame.4668
>>C:\Documents and Settings\zh\桌面\样本.rar\27.exe 已被病毒感染：  Trojan.PWS.Wsgame.4673
>>C:\Documents and Settings\zh\桌面\样本.rar\29.exe 已被病毒感染：  Trojan.PWS.Wsgame.origin
>>>C:\Documents and Settings\zh\桌面\样本.rar\30.exe 已被病毒感染：  Trojan.PWS.Wsgame.origin
>>>C:\Documents and Settings\zh\桌面\样本.rar\31.exe 已被病毒感染：  Trojan.PWS.Wsgame.4660
>>C:\Documents and Settings\zh\桌面\样本.rar\32.exe 已被病毒感染：  Trojan.MulDrop.14478
>>>C:\Documents and Settings\zh\桌面\样本.rar\33.exe 已被病毒感染：  Trojan.PWS.Wsgame.origin
>>>C:\Documents and Settings\zh\桌面\样本.rar\36.exe 已被病毒感染：  Trojan.PWS.Wsgame.origin
>>C:\Documents and Settings\zh\桌面\样本.rar\38.exe 已被病毒感染：  Trojan.PWS.Lineage.4230
>>C:\Documents and Settings\zh\桌面\样本.rar\4.exe - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\DbgHlp32.dlL - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\huifitc.dll - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\M1.exe 已被病毒感染：  Trojan.PWS.Qqpass.1303
>C:\Documents and Settings\zh\桌面\样本.rar\MsIMMs32.dll - 确定
>>C:\Documents and Settings\zh\桌面\样本.rar\msosmnsf00.dll 可能已被感染了：  DLOADER.Trojan
>C:\Documents and Settings\zh\桌面\样本.rar\Nt_Sys32.Sys 已被病毒感染：  Trojan.PWS.Lineage.origin
>>C:\Documents and Settings\zh\桌面\样本.rar\oKoK.exe 已被病毒感染：  Trojan.MulDrop.10032
>C:\Documents and Settings\zh\桌面\样本.rar\PTSShell.dll 已被病毒感染：  Trojan.PWS.Wsgame.4662
>>C:\Documents and Settings\zh\桌面\样本.rar\Setup.exe\data001 - 确定
>>C:\Documents and Settings\zh\桌面\样本.rar\Setup.exe\data002 - 确定
>>C:\Documents and Settings\zh\桌面\样本.rar\Setup.exe\data003 - 确定
>>C:\Documents and Settings\zh\桌面\样本.rar\Setup.exe\data004 - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\Setup.exe - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\svchost.exe 已被病毒感染：  BackDoor.Pcap
>C:\Documents and Settings\zh\桌面\样本.rar\ticisms.dll - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\upxdnd.dll - 确定
>C:\Documents and Settings\zh\桌面\样本.rar\WSockDrv32.dll - 确定
C:\Documents and Settings\zh\桌面\样本.rar - 发现压缩文件中有被感染的对象

-----------------------------------------------------------------------------
扫描统计
-----------------------------------------------------------------------------
已扫描对象: 37
发现受感染对象: 20
发现受变种感染对象: 0
发现可疑对象: 2

显示全部楼层 · 发表于 2008-4-19 15:54:19

信息 2008-04-19  15:52:22 您此次查毒清除了21个病毒
信息 2008-04-19  15:52:22 您此次查毒共查出21个病毒以及危险代码
病毒 2008-04-19  15:52:21 \桌面\样本.rar\WSockDrv32.dll Win32.Troj.OnlineGameT.nf.30492 清除成功
病毒 2008-04-19  15:52:21 \桌面\样本.rar\upxdnd.dll Win32.Troj.OnlineGameT.nw.25872 清除成功
病毒 2008-04-19  15:52:21\桌面\样本.rar\svchost.exe Win32.Troj.Agent.49152 清除成功
病毒 2008-04-19  15:52:21 \桌面\样本.rar\PTSShell.dll Win32.Troj.OnlineGameT.nf.30492 清除成功
病毒 2008-04-19  15:52:20\桌面\样本.rar\oKoK.exe Win32.Troj.Agent.749568 清除成功
病毒 2008-04-19  15:52:20 \桌面\样本.rar\msosmnsf00.dll Win32.PSWTroj.GameOL.90112 清除成功
病毒 2008-04-19  15:52:20 \桌面\样本.rar\MsIMMs32.dll Win32.Troj.OnlineGamest.nf.34572 清除成功
病毒 2008-04-19  15:52:20 \桌面\样本.rar\M1.exe Win32.PSWTroj.OnLineGames.26867 清除成功
病毒 2008-04-19  15:52:19 \桌面\样本.rar\DbgHlp32.dlL Win32.Troj.OnlineGameT.nw.25872 清除成功
病毒 2008-04-19  15:52:19 \桌面\样本.rar\4.exe Win32.Troj.Unknown.139264 清除成功
病毒 2008-04-19  15:52:19\桌面\样本.rar\38.exe Win32.Troj.QQPswT.bs.116858 清除成功
病毒 2008-04-19  15:52:19 \桌面\样本.rar\36.exe Win32.Troj.OnlineGameT.bd.65697 清除成功
病毒 2008-04-19  15:52:18 \桌面\样本.rar\32.exe Win32.Hack.UpackT.a.15981 清除成功
病毒 2008-04-19  15:52:18 \桌面\样本.rar\30.exe Win32.Troj.OnlineGameT.bd.65697 清除成功
病毒 2008-04-19  15:52:18 \桌面\样本.rar\29.exe Win32.Hack.UpackT.a.15981 清除成功
病毒 2008-04-19  15:52:18 C\桌面\样本.rar\27.exe Win32.Troj.GameOnlineT.b.45320 清除成功
病毒 2008-04-19  15:52:17 \桌面\样本.rar\23.exe Win32.Troj.OnlineGameT.bd.65697 清除成功
病毒 2008-04-19  15:52:16 \桌面\样本.rar\21.exe Win32.Troj.OnlineGameT.bd.65697 清除成功
病毒 2008-04-19  15:52:16 \桌面\样本.rar\sfnqpewv.dll Win32.Troj.OnlineGameT.nf.30492 清除成功
病毒 2008-04-19  15:52:15 \桌面\样本.rar\mfchlp32.dll Win32.Troj.OnlineGameT.nf.25864 清除成功
病毒 2008-04-19  15:52:15 \桌面\样本.rar\OnlO0r.dll Win32.PSWTroj.OnLineGames.34851 清除成功

显示全部楼层 · 发表于 2008-4-19 16:05:19

E:\VIRUS\样本19\1.exe: PUA.Packed.UPack-2 FOUND
E:\VIRUS\样本19\27.exe: PUA.Packed.UPack FOUND
E:\VIRUS\样本19\30.exe: Trojan.OnLineGames-116 FOUND
E:\VIRUS\样本19\32.exe: PUA.Packed.UPack-3 FOUND
E:\VIRUS\样本19\4.exe: PUA.Packed.UPack-2 FOUND
E:\VIRUS\样本19\MsIMMs32.dll: Trojan.OnLineGames-136 FOUND
E:\VIRUS\样本19\msosmhfp00.dll: PUA.Packed.UPack FOUND
E:\VIRUS\样本19\msosmnsf00.dll: PUA.Packed.UPack FOUND
E:\VIRUS\样本19\oKoK.exe: PUA.Packed.UPack FOUND
E:\VIRUS\样本19\svchost.exe: Trojan.Spy-21329 FOUND
E:\VIRUS\样本19\upxdnd.dll: Trojan.OnLineGames-116 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 259149
Engine version: 0.92
Scanned directories: 1
Scanned files: 32
Skipped non-executable files: 0
Infected files: 11

[病毒样本] 32个

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源