捡来的一个

显示全部楼层 · 发表于 2008-5-27 19:37:40

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.SunOnline.oq
病毒： Trojan.PSW.Win32.GameOL.nrv
病毒： RootKit.Win32.RESSDT.al
病毒： Trojan.PSW.Win32.SunOnline.og
病毒： Trojan.PSW.Win32.GamesOnline.wb
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GamesOnline.acu
病毒： Trojan.PSW.Win32.GamesOnline.acw
病毒： Win32.Downloader.aq
病毒： Trojan.PSW.Win32.GamesOnline.act
病毒： Trojan.PSW.Win32.SunOnline.op

MAC 地址：00:17:31:40:A3:57

用户来源：局域网

软件版本：20.46.12

显示全部楼层 · 发表于 2008-5-27 19:39:20

显示全部楼层 · 发表于 2008-5-27 19:40:00

[Scanning : C:\Documents and Settings\All Users\Documents\Test]

C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa9.exe<UPack>:aa9.exe <- Trojan.Psw.Onlinegames.Afql : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa9.exe<UPack>:aa9.exe<DLLRES>:res0.exe <- Variant:Trojan.Psw.Onlinegames.Afql : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa9.exe<UPack>:aa9.exe<DLLRES>:res1.exe <- Trojan.Psw.Onlinegames.Afqn : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa14.exe <- Trojan.Psw.Onlinegames.Adup : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa14.exe<UPack>:aa14.exe <- Trojan.Psw.Onlinegames.Adup : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa14.exe<UPack>:aa14.exe<DLLRES>:res0.exe <- Variant:Trojan.Psw.Onlinegames.Adup : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa14.exe<UPack>:aa14.exe<DLLRES>:res0.exe<UPack>:res0.exe <- Trojan.Psw.Wow.Azc : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa14.exe<UPack>:aa14.exe<DLLRES>:res1.exe <- Trojan.Psw.Onlinegames.Afqn : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa25.exe<FSG>:aa25.exe<DLLRES>:res1.exe <- Trojan.Proxy.Xorpix.Fc : No action
C:\Documents and Settings\All Users\Documents\Test\样本.rar<RAR>:aa32.exe<UPX>:aa32.exe <- W32.Dr.Agent.Bsv : No action

Scanned objects : 91

Infected objects : 10

显示全部楼层 · 发表于 2008-5-27 19:40:51

[Found possible security risk] <W32/Heuristic-210!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\11.rar->11.exe->rsrcPE->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa7.exe
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa8.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa9.exe
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa10.exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa11.exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa12.exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa13.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa14.exe
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa17.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa18.exe->(embedded)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa21.exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa22.exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa24.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa25.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa26.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa27.exe->(embedded)
[Found downloader] <W32/DelfDldr.C.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa32.exe->(UPX)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa1.exe->(embedded)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa2.exe->(embedded)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa4.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\样本.rar->aa5.exe

---------------------------------------------------------------------
Scan ended: 2008-5-27, 19:40:33
Duration: 0:00:25

Scan result:

Scanned files:    7
Infected objects:    22
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-5-27 19:42:08

Scan performed at: 2008/5/27 19:42:01
Scanning Log
NOD32 version 3134 (20080527) NT
Command line: G:\v\11.rar
C:\Program Files\Eset\nod32.exe - is OK

Date: 27.5.2008 Time: 19:42:03
Anti-Stealth technology is enabled.
Scanned disks, folders and files: G:\v\11.rar
G:\v\11.rar ?RAR ?11.exe - Win32/TrojanDownloader.Agent.NYX trojan
G:\v\11.rar:Zone.Identifier - is OK
Number of scanned files: 2
Number of threats found: 1
Time of completion: 19:42:03 Total scanning time: 0 sec (00:00:00)

显示全部楼层 · 发表于 2008-5-27 19:42:40

Scan performed at: 2008/5/27 19:42:48
Scanning Log
NOD32 version 3134 (20080527) NT
Command line: G:\v\样本.rar
C:\Program Files\Eset\nod32.exe - is OK

Date: 27.5.2008 Time: 19:42:49
Anti-Stealth technology is enabled.
Scanned disks, folders and files: G:\v\样本.rar
G:\v\样本.rar ?RAR ?aa7.exe - a variant of Win32/PSW.OnLineGames.ZJK trojan
G:\v\样本.rar ?RAR ?aa8.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa9.exe - a variant of Win32/PSW.OnLineGames.ZJK trojan
G:\v\样本.rar ?RAR ?aa10.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa11.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa12.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa13.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa14.exe - a variant of Win32/PSW.OnLineGames.ZJK trojan
G:\v\样本.rar ?RAR ?aa15.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar ?RAR ?aa16.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar ?RAR ?aa17.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa18.exe - a variant of Win32/PSW.OnLineGames.NMQ trojan
G:\v\样本.rar ?RAR ?aa19.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar ?RAR ?aa20.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar ?RAR ?aa21.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa22.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa23.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar ?RAR ?aa24.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa25.exe - a variant of Win32/PSW.OnLineGames.NWB trojan
G:\v\样本.rar ?RAR ?aa26.exe - a variant of Win32/PSW.OnLineGames.NWB trojan
G:\v\样本.rar ?RAR ?aa27.exe - a variant of Win32/PSW.OnLineGames.NWB trojan
G:\v\样本.rar ?RAR ?aa32.exe - a variant of Win32/Mypis virus
G:\v\样本.rar ?RAR ?aa1.exe - a variant of Win32/PSW.OnLineGames.NWB trojan
G:\v\样本.rar ?RAR ?aa2.exe - probably a variant of Win32/PSW.OnLineGames.NWB trojan
G:\v\样本.rar ?RAR ?aa3.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar ?RAR ?aa4.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\样本.rar ?RAR ?aa5.exe - a variant of Win32/PSW.OnLineGames.ZJK trojan
G:\v\样本.rar ?RAR ?aa6.exe - a variant of Win32/PSW.OnLineGames.NWC trojan
G:\v\样本.rar:Zone.Identifier - is OK
Number of scanned files: 29
Number of threats found: 28
Time of completion: 19:42:54 Total scanning time: 5 sec (00:00:05)

显示全部楼层 · 发表于 2008-5-27 20:59:32

RS20.46.12未杀！

显示全部楼层 · 发表于 2008-5-27 21:00:05

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.SunOnline.oq
病毒： Trojan.PSW.Win32.GameOL.nrv
病毒： RootKit.Win32.RESSDT.al
病毒： Trojan.PSW.Win32.SunOnline.og
病毒： Trojan.PSW.Win32.GamesOnline.wb
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GamesOnline.acu
病毒： Trojan.PSW.Win32.GamesOnline.acw
病毒： Win32.Downloader.aq
病毒： Trojan.PSW.Win32.GamesOnline.act
病毒： Trojan.PSW.Win32.SunOnline.op

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.46.12

显示全部楼层 · 发表于 2008-5-27 22:32:46

McAfee MISS

显示全部楼层 · 发表于 2008-5-27 23:52:40

江民杀毒软件报告文件

北京江民新科技术有限公司

扫描引擎 11.00.704
病毒库日期 2008-05-27
更新日期 2008-05-27

扫描目标 C:\Documents and Settings\Administrator\桌面\样本.rar

开始时间 2008-05-27 23:50:36

在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa7.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa8.exe 中发现 Trojan/PSW.OnLineGames.ubv 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa9.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa10.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa11.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa12.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa13.exe 中发现 Trojan/PSW.OnLineGames.ual 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa14.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa17.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa21.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa22.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa24.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa25.exe 中发现 TrojanDropper.Driver.a 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa32.exe 中发现 Win32/Downloader.NET 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa4.exe 中发现 Trojan/PSW.OnlineGames.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\样本.rar->aa5.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除
正常结束。

扫描结果:
               文件数 :30                               病毒体 :16
               删除 :16                                  解毒 :0
扫描速度(千字节/秒) :87                               扫描时间 :00:00:12
扫描文件速度(个/秒) :2

[已鉴定] 捡来的一个

59/26

ArcaVir2008

F-Prot 4.4.4

4/0

59/26