中毒客服机子提取的病毒大包[19点更新完成！全部病毒包欢迎大家测试]

显示全部楼层 · 发表于 2008-6-11 18:29:17

Starting the file scan:

Begin scan in 'E:\Avira\24853375.exe'
Begin scan in 'E:\Avira\setup179.exe'
E:\Avira\setup179.exe
--> Object
   [1] Archive type: RSRC
   --> Object
         [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Cdn.B.1
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\clnt.exe'
E:\Avira\clnt.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Ieser.SAI
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\Setup1.exe'
Begin scan in 'E:\Avira\SET29.tmp'
Begin scan in 'E:\Avira\SET51.tmp'
Begin scan in 'E:\Avira\uneng.exe'

End of the scan: 2008年6月11日  18:31
Used time: 00:18 min

The scan has been done completely.

   0 Scanning directories
   7 Files were scanned
   2 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   2 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   5 Files not concerned
   0 Archives were scanned
   0 Warnings
   2 Notes

3601634    uneng.exe    56 KB    CLEAN
25030740    24853375.exe    3.58 KB    DAMAGED FILE (UNKNOWN)
209694    Setup1.exe    280 KB    CLEAN
25042930    SET29.tmp    13.17 KB    UNDER ANALYSIS
566909    SET51.tmp    1.05 MB    KNOWN CLEAN

[ 本帖最后由 Exia 于 2008-6-11 18:32 编辑 ]

显示全部楼层 · 发表于 2008-6-11 18:38:34

原帖由 电影结束了 于 2008-6-11 12:38 发表
无语的东西。。。
283835
这么多全死的。。。
饿。。
能运行的没有几个。。。
随便运行几个就知道。。。
283836
283837

34
http://png1.gacxz.net/softd.exe
http://png1.gacxz.net/soft0.exe
h ...

Starting the file scan:

Begin scan in 'E:\Avira\soft30.exe'
E:\Avira\soft30.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.308
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft31.exe'
E:\Avira\soft31.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anqf
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft32.exe'
E:\Avira\soft32.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aoaq
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft33.exe'
E:\Avira\soft33.exe
   [DETECTION] Is the Trojan horse TR/Agent.NBJ.1
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\softd.exe'
E:\Avira\softd.exe
   [DETECTION] Is the Trojan horse TR/Agent.nbl
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft0.exe'
E:\Avira\soft0.exe
   [DETECTION] Is the Trojan horse TR/Agent.nbj
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft1.exe'
E:\Avira\soft1.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anqv
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft2.exe'
E:\Avira\soft2.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.angp
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft3.exe'
E:\Avira\soft3.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.275
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft4.exe'
E:\Avira\soft4.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft5.exe'
E:\Avira\soft5.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ampm
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft6.exe'
E:\Avira\soft6.exe
   [DETECTION] Is the Trojan horse TR/Flood.PortFlooder.C
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft7.exe'
E:\Avira\soft7.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.almc
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft8.exe'
E:\Avira\soft8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anfz
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft9.exe'
E:\Avira\soft9.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ahnr
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft10.exe'
E:\Avira\soft10.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Dldr.Small.xba
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft11.exe'
E:\Avira\soft11.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.310
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft12.exe'
E:\Avira\soft12.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.307
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft13.exe'
E:\Avira\soft13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.almz
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft14.exe'
E:\Avira\soft14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.alna
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft15.exe'
E:\Avira\soft15.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anzc
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft16.exe'
E:\Avira\soft16.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft17.exe'
E:\Avira\soft17.exe
   [DETECTION] Is the Trojan horse TR/Agent.nbl
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft18.exe'
E:\Avira\soft18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ahsh
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft19.exe'
E:\Avira\soft19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anre
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft20.exe'
E:\Avira\soft20.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.37128
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft21.exe'
E:\Avira\soft21.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.309
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft22.exe'
E:\Avira\soft22.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anib
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amoc
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft23.exe'
E:\Avira\soft23.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.akjk
   --> Object
      [DETECTION] Is the Trojan horse TR/Agent.qqx
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft24.exe'
E:\Avira\soft24.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.289
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft25.exe'
E:\Avira\soft25.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anph
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.anrh
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft26.exe'
E:\Avira\soft26.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft27.exe'
E:\Avira\soft27.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.YYJ
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft28.exe'
E:\Avira\soft28.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.akxv
   [NOTE]    The file was deleted!
Begin scan in 'E:\Avira\soft29.exe'
E:\Avira\soft29.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.267
   [NOTE]    The file was deleted!

End of the scan: 2008年6月11日  18:40
Used time: 00:16 min

The scan has been done completely.

   0 Scanning directories
   35 Files were scanned
   40 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   35 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -5 Files not concerned
   0 Archives were scanned
   0 Warnings
   35 Notes

显示全部楼层 · 发表于 2008-6-11 18:42:05

The file 'setup_wm.exe' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content

显示全部楼层 · 发表于 2008-6-11 18:59:03

后面几包就3个

在 C:\Documents and Settings\Administrator\桌面\setup179.rar->setup179.exe 中发现 Trojan/PSW.Almat.ckw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\clnt.rar->clnt.exe 中发现 TrojanDownloader.Ieser.aq 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\orz.rar->orz.exe 中发现 TrojanDownloader.Agent.aiew 病毒, 已删除

显示全部楼层 · 发表于 2008-6-11 19:01:35

在 C:\Documents and Settings\Administrator\桌面\Avira\soft0.exe 中发现 Trojan/PSW.OnLineGames.jub 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft1.exe 中发现 Trojan/PSW.OnLineGames.uwf 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft13.exe 中发现 Trojan/PSW.OnLineGames.uei 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft14.exe 中发现 Trojan/PSW.OnLineGames.ajhf 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft16.exe 中发现 Trojan/PSW.OnLineGames.uav 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft17.exe 中发现 TrojanSpy.Banker.ias 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft18.exe 中发现 Trojan/PSW.OnLineGames.ajbu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft19.exe 中发现 Trojan/PSW.OnLineGames.ajnf 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft2.exe 中发现 Trojan/PSW.OnLineGames.vbo 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft20.exe 中发现 Trojan/PSW.OnLineGames.udl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft23.exe 中发现 Trojan/CallBeep.Gen 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft22.exe 中发现 Trojan/PSW.OnLineGames.uex 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft24.exe 中发现 Trojan/PSW.OnLineGames.uev 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft25.exe 中发现 Trojan/PSW.OnLineGames.ajoo 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft26.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft27.exe 中发现 Trojan/PSW.OnLineGames.ajpo 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft28.exe 中发现 TrojanDownloader.Small.aamk 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft3.exe 中发现 Trojan/PSW.OnLineGames.ajfi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft29.exe 中发现 Trojan/PSW.OnLineGames.udw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft33.exe 中发现 Trojan/PSW.OnLineGames.jub 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft5.exe 中发现 Trojan/PSW.OnLineGames.ajfl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft7.exe 中发现 Trojan/PSW.OnLineGames.uar 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft8.exe 中发现 Trojan/PSW.OnLineGames.ajgc 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft9.exe 中发现 Trojan/PSW.OnLineGames.uee 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\softd.exe 中发现 TrojanSpy.Banker.ias 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Avira\soft4.exe 中发现 Trojan/PSW.OnLineGames.sss 病毒, 已删除

显示全部楼层 · 发表于 2008-6-11 19:31:14

The scan has been done completely.

   4 Scanning directories
226 Files were scanned
116 viruses and/or unwanted programs were found
   21 Files were classified as suspicious:
116 files were deleted
   0 files were repaired
   21 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
110 Files not concerned
   0 Archives were scanned
   0 Warnings
137 Notes

显示全部楼层 · 发表于 2008-6-11 19:33:23

19点的我上报紅傘和卡巴

Start of the scan: Wednesday,11 June 2008  19:37

Starting the file scan:

Begin scan in 'C:\Documents and Settings\kato9096\桌面\874411\複製 -beep'
C:\Documents and Settings\kato9096\桌面\874411\複製 -beep\beep.sys
   [DETECTION] Is the Trojan horse TR/Agent.qxb
   [NOTE]    The file was deleted!
Begin scan in 'C:\Documents and Settings\kato9096\桌面\874411\複製 -dwwin'
Begin scan in 'C:\Documents and Settings\kato9096\桌面\874411\複製 -isndntio'
C:\Documents and Settings\kato9096\桌面\874411\複製 -isndntio\isndntio.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.252
   [NOTE]    The file was deleted!
Begin scan in 'C:\Documents and Settings\kato9096\桌面\874411\複製 -orz'
C:\Documents and Settings\kato9096\桌面\874411\複製 -orz\orz.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.rqj
   [NOTE]    The file was deleted!
Begin scan in 'C:\Documents and Settings\kato9096\桌面\874411\複製 -system32'

End of the scan: Wednesday,11 June 2008  19:37
Used time: 00:28 min

The scan has been done completely.

   5 Scanning directories
   11 Files were scanned
   3 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   3 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   8 Files not concerned
   0 Archives were scanned
   0 Warnings
   3 Notes
File ID    Filename    Size (Byte) Result
2230751    iewoptimem.exe    225.02 KB    CLEAN
25037282    wymxajkl.sys    24 Byte    CLEAN
25043012    oljjfc.exe    12.03 KB    UNDER ANALYSIS
25043013    wpa.dbl    2.15 KB    UNDER ANALYSIS
514045    dwwin.exe    176 KB    KNOWN CLEAN
2212099    wuauclt.exe    51.84 KB    KNOWN CLEAN

已上报!!

已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.rqj 檔案: C:\Documents and Settings\kato9096\桌面\874411\orz\orz.exe
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.qxb 檔案: C:\Documents and Settings\kato9096\桌面\874411\beep\beep.sys
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Agent.aob 檔案: C:\Documents and Settings\kato9096\桌面\874411\isndntio\isndntio.exe//PE_Patch.UPX//UPX

已上报!!

[ 本帖最后由 kato9096 于 2008-6-11 19:39 编辑 ]

显示全部楼层 · 发表于 2008-6-11 20:37:39

[Found downloader] <W32/Downldr2.AWZR (exact, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\clnt.rar->clnt.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8237312.exe
[Found possible security risk] <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8358250.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8466984.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8564765.exe
[Found possible security risk] <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8700984.exe
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8830187.exe->(embedded)
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8842593.exe
[Found possible security risk] <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->8940375.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9135937.exe
[Found possible security risk] <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9233718.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9344234.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9454968.exe
[Found possible security risk] <W32/Heuristic-CSU!Eldorado (damaged, not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9567921.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9665703.exe
[Found possible security risk] <W32/Heuristic-FSG!Eldorado (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Down_Temp.rar->9876359.exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\Temp.part02.rar->Temp\tmp79A.tmp
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\Temp.part02.rar->Temp\tmpB60.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part02.rar->Temp\~f17.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part03.rar->Temp\~f26.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part03.rar->Temp\~f31.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part05.rar->Temp\~f4C5.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part05.rar->Temp\~f4F.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part06.rar->Temp\~f5B.tmp
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\Documents and Settings\All Users\Documents\Test\Temp.part07.rar->Temp\~fF.tmp
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\WINDOWS.rar->fmsjhif.exe->(embedded)
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\WINDOWS.rar->gwsmhxuq.exe->(embedded)
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\WINDOWS.rar->hefcndy.exe->(embedded)
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\WINDOWS.rar->dbhlp32.exe->(embedded)
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\WINDOWS.rar->dionpis.exe->(embedded)
[Found security risk] <W32/OnlineGames.AK.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\WINDOWS.rar->anistio.exE->(embedded)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\cj[1].exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\ms[1].exe
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p10[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p11[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p12[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p13[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p14[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p15[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p16[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p17[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p18[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p19[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p1[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p20[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p21[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p22[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p23[1].exe
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part1.rar->桌面\p25[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p27[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p28[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p29[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p2[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p3[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p5[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p6[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p7[1].exe->(UPack)
[Found security risk] <W32/Nilage.gen!GSA (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p8[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\p9[1].exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\桌面.part2.rar->桌面\test[1].exe

---------------------------------------------------------------------
Scan ended: 2008-6-11, 20:37:10
Duration: 0:01:06

Scan result:

Scanned files:    26
Infected objects:    60
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-6-11 20:38:18

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Undef.gzb
病毒： Trojan.PSW.Win32.XYOnline.afi
病毒： Trojan.PSW.Win32.GameOL.nzj
病毒： Trojan.PSW.Win32.GameOL.nxl
病毒： Trojan.PSW.Win32.GameOL.nwk
病毒： RootKit.Win32.Mnless.sw
病毒： Trojan.PSW.Win32.GameOL.nyf
病毒： Trojan.PSW.Win32.GameOL.nvd
病毒： Trojan.PSW.Win32.GameOL.nyg
病毒： Trojan.PSW.Win32.GameOL.nvb
病毒： Trojan.PSW.Win32.GameOL.nsq
病毒： Trojan.PSW.Win32.GameOL.nxi
病毒： Trojan.PSW.Win32.GameOL.nyc
病毒： RootKit.Win32.RESSDT.bf
病毒： Trojan.PSW.Win32.GameOL.nxf
病毒： Trojan.PSW.Win32.RocOnline.lb

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.48.22

显示全部楼层 · 发表于 2008-6-11 20:39:07

Scanned objects : 686

Infected objects : 400

很多重复报壳

[病毒样本] 中毒客服机子提取的病毒大包[19点更新完成！全部病毒包欢迎大家测试]

本帖子中包含更多资源

回复 12楼 Exia 的帖子

F-Prot 4.4.4

83/33

ArcaVir2008

浏览过的版块