[病毒样本] 13

显示全部楼层 · 发表于 2008-5-4 13:36:42

Roboon

显示全部楼层 · 发表于 2008-5-4 19:24:07

卡巴:
tppoll.exe_

No malicious code were found in these files.

WINSvr64.dll - Trojan-Downloader.Win32.Agent.obt

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

显示全部楼层 · 发表于 2008-5-4 19:32:17

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.hz
病毒： Trojan.PSW.Win32.GameOL.nfd
病毒： Trojan.PSW.Win32.GamesOnline.vp
病毒： Trojan.PSW.Win32.QQSG.dr

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.42.62

显示全部楼层 · 发表于 2008-5-4 21:44:09

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:dionpis.exe2 <- Trojan.Psw.Onlinegames.Acqz : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:dionpis.exe2<FSG>:dionpis.exe2<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Acqe : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:fmsiocps.exe2<FSG>:fmsiocps.exe2 <- Trojan.Psw.Onlinegames.Abus : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:fmsiocps.exe2<FSG>:fmsiocps.exe2<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Abut : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:anistio.dll <- Trojan.Psw.Onlinegames.Accg : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:anistio.exE2 <- Trojan.Psw.Onlinegames.Acch : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:anistio.exE2<FSG>:anistio.exE2<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Accg : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:uqgqodbh.exe2 <- Trojan.Psw.Onlinegames.Acai : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:uqgqodbh.exe2<FSG>:uqgqodbh.exe2<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Ycl : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:dbhlp32.dlL <- Trojan.Psw.Onlinegames.Acpy : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:dbhlp32.exe2 <- Trojan.Psw.Onlinegames.Acpy : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:dbhlp32.exe2<FSG>:dbhlp32.exe2<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Acpy : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:dionpis.dll <- Trojan.Psw.Onlinegames.Acqe : No action
C:\Documents and Settings\All Users\Documents\Test\13.rar<RAR>:fmsiocps.dll <- Trojan.Psw.Onlinegames.Abut : No action

Scanned objects : 28

Infected objects : 14

显示全部楼层 · 发表于 2008-5-4 21:44:34

[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->dionpis.exe2->(FSG)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->fmsiocps.exe2->(FSG)
[Found password stealer] <W32/OnlineGames.AD.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->anistio.dll
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->anistio.exE2->(FSG)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->uqgqodbh.exe2->(FSG)
[Found password stealer] <W32/OnlineGames.AD.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->dbhlp32.dlL
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->dbhlp32.exe2->(FSG)
[Found password stealer] <W32/OnlineGames.AD.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->WINSvr64.dll
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->WINSvr64.exe2->(FSG)
[Found password stealer] <W32/OnlineGames.AD.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->dionpis.dll
[Found password stealer] <W32/OnlineGames.AD.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\13.rar->fmsiocps.dll
[Found virus] <W32/Downloader.gen10 (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\13.rar->systemoo.exe2->exefile

---------------------------------------------------------------------
Scan ended: 2008-5-4, 21:44:24
Duration: 0:00:01

Scan result:

Scanned files:    6
Infected objects:    12
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-5-4 23:33:53

开始,已完成,计算机,状态,文件总计,受感染,记录来自
2008-5-4 23:33:01,2008-5-4 23:33:05,F62163FF9F884AD,扫描完成,14,4,手动扫描
2008-5-4 23:31:31,2008-5-4 23:31:39,F62163FF9F884AD,扫描完成,38,22,手动扫描
2008-5-4 23:22:36,2008-5-4 23:22:46,F62163FF9F884AD,扫描完成,36,8,手动扫描
2008-5-4 23:21:37,2008-5-4 23:21:43,F62163FF9F884AD,扫描完成,3,2,手动扫描
2008-5-4 23:20:24,2008-5-4 23:20:29,F62163FF9F884AD,扫描完成,17,16,手动扫描
2008-5-4 23:19:26,2008-5-4 23:19:29,F62163FF9F884AD,扫描完成,3,1,手动扫描
2008-5-4 23:18:40,2008-5-4 23:18:51,F62163FF9F884AD,扫描完成,36,0,手动扫描
2008-5-4 23:16:24,2008-5-4 23:16:43,F62163FF9F884AD,扫描已终止,187,0,手动扫描
2008-5-4 23:11:09,2008-5-4 23:11:24,F62163FF9F884AD,扫描已终止,331,0,手动扫描

显示全部楼层 · 发表于 2008-5-5 01:56:40

SEP11

显示全部楼层 · 发表于 2008-5-5 15:05:32

信息 2008-05-05 15:05:59 您此次查毒清除了6个病毒
信息 2008-05-05 15:05:59 您此次查毒共查出5个病毒以及危险代码
信息 2008-05-05 15:05:59 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件30个
信息 2008-05-05 15:05:59 金山毒霸主程序查毒过程结束，查毒方式：全面杀毒
病毒 2008-05-05 15:05:59 C:\Documents and Settings\Administrator\My Documents\13.rar VirusInRar 清除成功
病毒 2008-05-05 15:05:59 C:\Documents and Settings\Administrator\My Documents\13.rar\systemoo.exe2 Win32.TrojDownloader.Agent.26462 清除成功
病毒 2008-05-05 15:05:58 C:\Documents and Settings\Administrator\My Documents\13.rar\dionpis.dll Win32.PSWTroj.OnLineGames.31004 清除成功
病毒 2008-05-05 15:05:56 C:\Documents and Settings\Administrator\My Documents\13.rar\anistio.exE2 Win32.PSWTroj.OnLineGames.61681 清除成功
病毒 2008-05-05 15:05:56 C:\Documents and Settings\Administrator\My Documents\13.rar\anistio.dll Win32.PSWTroj.OnlineGames.24860 清除成功
病毒 2008-05-05 15:05:54 C:\Documents and Settings\Administrator\My Documents\13.rar\dionpis.exe2 Win32.PSWTroj.OnLineGames.69653 清除成功
信息 2008-05-05 15:05:42 金山毒霸主程序启动查毒过程，查毒方式：全面杀毒
信息 2008-05-05 15:03:08 您此次查毒共查出0个病毒以及危险代码
信息 2008-05-05 15:03:08 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件34个
信息 2008-05-05 15:03:08 金山毒霸主程序查毒过程结束，查毒方式：全面杀毒

[病毒样本] 13

27/11

ArcaVir2008

F-Prot 6.0.9.0

本帖子中包含更多资源

浏览过的版块