收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 88X
12下一页
返回列表 发新帖
查看: 5239|回复: 11
收起左侧

[病毒样本] 88X

[复制链接]
电影结束了
发表于 2008-6-18 09:53:11 | 显示全部楼层 |阅读模式
[oo]
t0=20080318
e0=http://111.gmwo07.com/cao/aa1.exe
t1=20080319
e1=http://111.gmwo07.com/cao/aa2.exe
t2=20080320
e2=http://111.gmwo07.com/cao/aa3.exe
t3=20080321
e3=http://111.gmwo07.com/cao/aa4.exe
t4=20080322
e4=http://111.gmwo07.com/cao/aa5.exe
t5=20080323
e5=http://111.gmwo07.com/cao/aa6.exe
t6=20080324
e6=http://111.gmwo07.com/cao/aa7.exe
t7=20080325
e7=http://222.gmwo07.com/cao/aa8.exe
t8=20080326
e8=http://222.gmwo07.com/cao/aa9.exe
t9=20080327
e9=http://222.gmwo07.com/cao/aa10.exe
t10=20080328
e10=http://222.gmwo07.com/cao/aa11.exe
t11=20080329
e11=http://222.gmwo07.com/cao/aa12.exe
t12=20080330
e12=http://222.gmwo07.com/cao/aa13.exe
t13=20080331
e13=http://222.gmwo07.com/cao/aa14.exe
t14=20080332
e14=http://333.gmwo07.com/cao/aa15.exe
t15=20080333
e15=http://333.gmwo07.com/cao/aa16.exe
t16=20080334
e16=http://333.gmwo07.com/cao/aa17.exe
t17=20080335
e17=http://333.gmwo07.com/cao/aa18.exe
t18=20080336
e18=http://333.gmwo07.com/cao/aa19.exe
t19=20080337
e19=http://333.gmwo07.com/cao/aa20.exe
t20=20080338
e20=http://333.gmwo07.com/cao/aa21.exe
t21=20080339
e21=http://444.gmwo07.com/cao/aa22.exe
t22=20080340
e22=http://444.gmwo07.com/cao/aa23.exe
t23=20080341
e23=http://444.gmwo07.com/cao/aa24.exe
t24=20080342
e24=http://444.gmwo07.com/cao/aa25.exe
t25=20080343
e25=http://444.gmwo07.com/cao/aa26.exe
t26=20080344
e26=http://444.gmwo07.com/cao/aa27.exe
t27=20080345
e27=http://444.gmwo07.com/cao/aa28.exe
原地址....
http://aaa.gmwo09.com/aaa.exe

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hahacomcn
发表于 2008-6-18 09:54:49 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\haha\桌面\aaa.rar'
C:\Documents and Settings\haha\桌面\aaa.rar
  [0] Archive type: RAR
    --> aaa.exe
      --> Object
        [2] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/Inject.HN.1
      [NOTE]      A backup was created as '48b96b36.qua'  ( QUARANTINE )
回复

举报

lan
发表于 2008-6-18 09:55:02 | 显示全部楼层

ca

已扫描的文件数: 91
受感染的文件数: 77
回复

举报

hahacomcn
发表于 2008-6-18 09:57:03 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\haha\桌面\virus'
C:\Documents and Settings\haha\桌面\virus\aa10[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48896b99.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa11[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0265aa.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa13[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48896b9b.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa14[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0265ac.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa15[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48896b9d.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa16[1].exe
      [DETECTION] Contains detection pattern of the Windows virus W32/Hllp.Alcaul.e
      [NOTE]      A backup was created as '48896b9a.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa17[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0265ab.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa18[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48896b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa19[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0265ad.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa1[1].exe
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.Agent.aok.4
      [NOTE]      A backup was created as '48896b9e.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa20[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '488a6b9a.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa21[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0165ab.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa22[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '488a6b9b.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa23[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0165ac.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa24[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '488a6b9d.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa25[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e0165ae.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa26[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '488a6b9f.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa27[1].exe
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apth
      [DETECTION] Is the Trojan horse TR/Downloader.Gen
      [NOTE]      A backup was created as '488a6b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa28[1].exe
  [0] Archive type: RSRC
  --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
      [NOTE]      A backup was created as '4e0165ad.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa2[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '488a6b9e.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa3[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '488b6b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa4[1].exe
      [DETECTION] Is the Trojan horse TR/Onlinegames.apwc
      [NOTE]      A backup was created as '488c6b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa5[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '488d6b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa7[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '488f6b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa8[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48906b9c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\aa9[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48916b9d.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\cdwqfs.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aqgi.1
      [NOTE]      A backup was created as '48cf6ba0.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\cedafb.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aofg.12
      [NOTE]      A backup was created as '48bc6ba1.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\ddserh.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apmc.7
      [NOTE]      A backup was created as '48cb6ba0.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\dfqnabib.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48c96ba2.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\fmcvxy.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aqih.1
      [NOTE]      A backup was created as '48bb6ba9.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\HBKernel.sys
      [DETECTION] Is the Trojan horse TR/PSW.Agent.aok.4
      [NOTE]      A backup was created as '48a36b7e.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\HBmhly.exe
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.Agent.aok.4
      [NOTE]      A backup was created as '48c56b7e.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\hhrdxd.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48ca6ba4.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\isdsasrv.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48bc6baf.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\jfdses.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aqlu.3
      [NOTE]      A backup was created as '48bc6ba2.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\jfrwdh.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aqcg.9
      [NOTE]      A backup was created as '48ca6ba2.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\jggtsr.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apln.9
      [NOTE]      A backup was created as '48bf6ba3.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\lpmxajkl.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48c56bac.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\midimapmy.dll
      [DETECTION] Is the Trojan horse TR/Onlinegames.apwc
      [NOTE]      A backup was created as '48bc6ba5.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\mndsgsrv.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48bc6baa.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\nhmxcjkl.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48c56ba4.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\pedadt.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '4e376592.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\sgrefg.dll
      [DETECTION] Is the Trojan horse TR/Agent.rpb.4
      [NOTE]      A backup was created as '48ca6ba3.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\skqncbib.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48c96ba7.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\SysDaJcHv.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
      [NOTE]      A backup was created as '48cb6bb5.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\SysWmCvC.dll
      [DETECTION] Is the Trojan horse TR/Downloader.Gen
      [NOTE]      A backup was created as '4e406586.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tdffdl.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48be6ba0.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tdggrz.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apdt.3
      [NOTE]      A backup was created as '48bf6ba0.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp11.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86baa.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp12.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e43659b.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp14.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86bac.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp15.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e43659d.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp17.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86bae.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp18.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86bab.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp1A.tmp
      [DETECTION] Contains detection pattern of the Windows virus W32/Hllp.Alcaul.e
      [NOTE]      A backup was created as '4e43659c.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp1B.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86bad.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp1D.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e43659e.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp1F.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86baf.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp21.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e43659f.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp22.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86b90.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp23.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e4365a1.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp24.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86b92.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp25.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e4365a3.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp26.tmp
    --> Object
      [1] Archive type: RSRC
      --> Object
          [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apth
      [DETECTION] Is the Trojan horse TR/Downloader.Gen
      [NOTE]      A backup was created as '4e436580.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp27.tmp
  [0] Archive type: RSRC
  --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
      [NOTE]      A backup was created as '48c86bb1.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp4.tmp
      [DETECTION] Is the Trojan horse TR/Inject.HN.1
      [NOTE]      A backup was created as '4e436582.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmp5.tmp
      [DETECTION] Is the Trojan horse TR/Inject.HN.1
      [NOTE]      A backup was created as '48c86bb3.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmpB.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e436584.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmpC.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '48c86bb5.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\tmpE.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      A backup was created as '4e436586.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\wrqszl.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apmu.6
      [NOTE]      A backup was created as '48c96bb2.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\wyrsdj.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apuc.4
      [NOTE]      A backup was created as '48ca6bb9.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\wzcfsw.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aqii.1
      [NOTE]      A backup was created as '48bb6bba.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\zdesfx.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aqee.8
      [NOTE]      A backup was created as '48bd6ba4.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\zefdst.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apsh.7
      [NOTE]      A backup was created as '48be6ba5.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\zgxfdx.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.apln.12
      [NOTE]      A backup was created as '48d06ba7.qua'  ( QUARANTINE )
C:\Documents and Settings\haha\桌面\virus\zscqahlp.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [NOTE]      A backup was created as '48bb6bb3.qua'  ( QUARANTINE )


End of the scan: 2008年6月18日  09:56
Used time: 00:10 min

The scan has been done completely.

      1 Scanning directories
     88 Files were scanned
     82 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
     78 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      6 Files not concerned
      0 Archives were scanned
      0 Warnings
回复

举报

醉一生爱妍
发表于 2008-6-18 10:19:35 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

傻猪猪米走鸡
发表于 2008-6-18 12:06:53 | 显示全部楼层
D:\firefox download\aaa.rar » RAR » aaa.exe - probably a variant of Win32/TrojanDownloader.Small.NZK trojan - was a part of the deleted object
回复

举报

尽在不言中
发表于 2008-6-18 12:41:36 | 显示全部楼层

回复 1楼 电影结束了 的帖子

无法识别的..都已上传卡巴...~~!
回复

举报

kkgh
发表于 2008-6-18 17:29:36 | 显示全部楼层
费尔79个

        瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.GameOL.ocu
病毒: RootKit.Win32.Agent.bcj  
病毒: RootKit.Win32.Agent.bcj  
病毒: Trojan.PSW.Win32.GameOL.ocv
病毒: Trojan.PSW.Win32.GameOL.nxf
病毒: Trojan.PSW.Win32.SunOnline.oy
病毒: Trojan.PSW.Win32.GameOL.obe
病毒: Trojan.PSW.Win32.GameOL.obr
病毒: Trojan.PSW.Win32.GameOL.obn
病毒: RootKit.Win32.RESSDT.bf  
病毒: Trojan.PSW.Win32.GameOL.nwu
病毒: Trojan.PSW.Win32.SunGame.u
病毒: RootKit.Win32.Agent.bcc  
病毒: Trojan.PSW.Win32.Mapdimp.c
病毒: Trojan.PSW.Win32.GameOL.oci
病毒: Trojan.PSW.Win32.ZhengTu.ynv

用户来源:互联网

软件版本:20.49.21

75个
回复

举报

ctx0705
发表于 2008-6-18 19:20:21 | 显示全部楼层
扫描进行于:2008-6-18 19:18:04
扫描日志
NOD32版本 3196 (20080618) NT
命令行: C:\Documents and Settings\Administrator\桌面\新建文件夹

日期: 18.6.2008  时间:19:18:05
已开启反隐藏功能.
已扫描的磁盘,文件夹及文件:C:\Documents and Settings\Administrator\桌面\新建文件夹\
C:\Documents and Settings\Administrator\桌面\新建文件夹\nhmxcjkl.dll - Win32/PSW.OnLineGames.FDY 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\pedadt.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\sgrefg.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\skqncbib.dll - 可能是 Win32/PSW.OnLineGames.FDY 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\SysDaJcHv.dll - Win32/PSW.OnLineGames.GJV 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\SysWmCvC.dll - Win32/PSW.OnLineGames.GJV 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tdffdl.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tdggrz.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp1A.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp1B.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp1D.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp1F.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp4.tmp - 可能是 Win32/TrojanDownloader.Small.NZK 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp5.tmp - 可能是 Win32/TrojanDownloader.Small.NZK 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp11.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp12.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp14.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp15.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp17.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp18.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp21.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp22.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp23.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp24.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp25.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp26.tmp - Win32/PSW.OnLineGames.ZJK 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmp27.tmp - Win32/PSW.OnLineGames.ZJK 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmpB.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmpC.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\tmpE.tmp - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\wrqszl.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\wyrsdj.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\wzcfsw.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\zdesfx.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\zefdst.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\zgxfdx.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\zscqahlp.exe - Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa1[1].exe - Win32/PSW.OnLineGames.OBM 木马
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa2[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa3[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa4[1].exe - Win32/PSW.Agent.NHQ 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa5[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa7[1].exe - Win32/PSW.OnLineGames.OAF 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa8[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa9[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa10[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa11[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa13[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa14[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa15[1].exe - Win32/PSW.OnLineGames.OAF 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa16[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa17[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa18[1].exe - Win32/PSW.OnLineGames.OAF 木马
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa19[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa20[1].exe - Win32/PSW.OnLineGames.OAF 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa21[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa22[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa23[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa24[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa25[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa26[1].exe - 可能是 Win32/PSW.OnLineGames.NML 木马 的一个变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa27[1].exe - Win32/PSW.OnLineGames.ZJK 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\aa28[1].exe - Win32/PSW.OnLineGames.ZJK 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\cdwqfs.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\cedafb.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\ddserh.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\dfqnabib.exe - Win32/PSW.OnLineGames.OAF 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\fmcvxy.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\HBKernel.sys - Win32/PSW.OnLineGames.OBM 木马
C:\Documents and Settings\Administrator\桌面\新建文件夹\HBmhly.exe - Win32/PSW.OnLineGames.OBM 木马
C:\Documents and Settings\Administrator\桌面\新建文件夹\hhrdxd.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\isdsasrv.exe - Win32/PSW.OnLineGames.OAF 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\jfdses.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\jfrwdh.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\jggtsr.dll - Win32/PSW.OnLineGames.NOA 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\lpmxajkl.exe - Win32/PSW.OnLineGames.OAF 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\midimapmy.dll - Win32/PSW.Agent.NHQ 木马的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\mndsgsrv.dll - 可能是 Win32/PSW.OnLineGames.FDY 木马 的一个变种
已扫描的文件数目:88
已发现的病毒数目:78
完成时间: 19:18:21 总扫描时间:16 秒 (00:00:16)
回复

举报

qigang
发表于 2008-6-18 19:55:01 | 显示全部楼层

5/2(aaa)

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: RootKit.Win32.Agent.bcj  
病毒: RootKit.Win32.Agent.bcj  

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.49.22
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-12-22 18:45 , Processed in 0.081998 second(s), 2 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表