happy，昨天我又中毒了

snoopy2004

窘迫，还是用ps的时候调成学习模式玩注入，一不小心就被雷到了
全部四个文件夹

电影结束了

扫描系统区域...
扫描所选择的目录和文件...
对象: 22535468
        路径: F:\virus\vir\01563604
        Status: 已发现病毒
        病毒: Trojan-PSW.Win32.Agent.amb (KAV 引擎), Trojan.PWS.OnlineGames.WPJ (BD 引擎)
对象: 22661234
        路径: F:\virus\vir\01563604
        Status: 已发现病毒
        病毒: Trojan.Win32.Delf.dek (KAV 引擎), BehavesLike:Trojan.UserStartup (BD 引擎)
对象: 22708250
        路径: F:\virus\vir\01563604
        Status: 已发现病毒
        病毒: Trojan-PSW.Win32.Agent.amb (KAV 引擎), Trojan.PWS.OnlineGames.WPJ (BD 引擎)
对象: 23273546
        路径: F:\virus\vir\01563604
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.rxvq (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 23297375
        路径: F:\virus\vir\01563604
        Status: 已发现病毒
        病毒: Trojan-PSW.Win32.Agent.amb (KAV 引擎), Trojan.PWS.OnlineGames.WPJ (BD 引擎)
对象: 197656
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.sftq (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 217281
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.shau (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 237046
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.sgie (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 256750
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-PSW.Win32.Agent.amb (KAV 引擎), Trojan.PWS.OnlineGames.WPJ (BD 引擎)
对象: 276187
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.shau (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 295578
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.sfzz (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 314968
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.sgow (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 334093
        路径: F:\virus\vir\00006A43
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.sgow (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
对象: 306078
        路径: F:\virus\vir\00006A52
        Status: 已发现病毒
        病毒: Trojan-GameThief.Win32.OnLineGames.sftq (KAV 引擎), Trojan.PWS.OnlineGames.YZL (BD 引擎)
扫描完成: 2008-7-19 12:06
    已检查 16 个文件
    已发现 14 个染毒文件

醉一生爱妍

卡巴剩下两个。。

tcgg1983

费尔秒杀14个

yunhan123

信息        2008-07-19  12:08:43        您此次查毒清除了14个病毒                       
信息        2008-07-19  12:08:43        您此次查毒共查出14个病毒以及危险代码                       
信息        2008-07-19  12:08:43        您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件31个                       
信息        2008-07-19  12:08:43        金山毒霸主程序查毒过程结束，查毒方式：命令行查毒                       
病毒        2008-07-19  12:08:43        C:\Documents and Settings\Administrator\桌面\00006A43.rar\01563604\23297375        Win32.Troj.Encode.a.114688        清除成功       
病毒        2008-07-19  12:08:43        C:\Documents and Settings\Administrator\桌面\00006A43.rar\01563604\23273546        Win32.Troj.OnlineGamesT.wi.110635        清除成功       
病毒        2008-07-19  12:08:43        C:\Documents and Settings\Administrator\桌面\00006A43.rar\01563604\22708250        Win32.Troj.OnlineGamesT.xe.106496        清除成功       
病毒        2008-07-19  12:08:43        C:\Documents and Settings\Administrator\桌面\00006A43.rar\01563604\22661234        Win32.Troj.Delf.45056        清除成功       
病毒        2008-07-19  12:08:42        C:\Documents and Settings\Administrator\桌面\00006A43.rar\01563604\22535468        Win32.PSWTroj.Agent.118784        清除成功       
病毒        2008-07-19  12:08:42        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A52\306078        Win32.Troj.OnlineGames.sw.119087        清除成功       
病毒        2008-07-19  12:08:42        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\334093        Win32.Troj.OnlineGameT.ww.118887        清除成功       
病毒        2008-07-19  12:08:42        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\314968        Win32.Troj.OnlineGameT.ww.118887        清除成功       
病毒        2008-07-19  12:08:42        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\295578        Win32.Troj.OnlineGames.sw.119087        清除成功       
病毒        2008-07-19  12:08:42        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\276187        Win32.Troj.OnlineGameT.ww.118887        清除成功       
病毒        2008-07-19  12:08:41        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\256750        Win32.PSWTroj.Agent.118784        清除成功       
病毒        2008-07-19  12:08:41        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\237046        Win32.Troj.OnlineGames.sw.119087        清除成功       
病毒        2008-07-19  12:08:41        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\217281        Win32.Troj.OnlineGameT.ww.118887        清除成功       
病毒        2008-07-19  12:08:41        C:\Documents and Settings\Administrator\桌面\00006A43.rar\00006A43\197656        Win32.Troj.OnlineGames.sw.119087        清除成功       
毒霸剩2

电影结束了

应该是剩2个2KB的...
不知道是啥东西...~

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.ote
病毒： Trojan.PSW.Win32.GameOL.orn
病毒： Trojan.PSW.Win32.SunOnline.pi
病毒： Trojan.Win32.Undef.iyi   
病毒： Trojan.PSW.Win32.GameOL.ooa

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.53.42

ssy275

[ 本帖最后由 ssy275 于 2008-7-19 17:19 编辑 ]

Kitman

14
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\00006A43'
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\197656
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b881c5.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\217281
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b881bd.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\237046
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b881bf.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\256750
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      A backup was created as '48b781c1.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\276187
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b781c4.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\295578
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b681c6.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\314968
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b581be.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A43\334093
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b581c0.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\00006A52\306078
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b781bd.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\01563604\22535468
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      A backup was created as '48b681bf.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\01563604\22661234
    [DETECTION] Is the TR/Delf.dek.1 Trojan
    [NOTE]      A backup was created as '48b781bf.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\01563604\22708250
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    [DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
    [NOTE]      A backup was created as '49a4f108.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\01563604\23273546
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      A backup was created as '48b381c1.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Documents and Settings\Administrator\桌面\00006A43\01563604\23297375
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    [DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
    [NOTE]      A backup was created as '49aff10a.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!


End of the scan: 2008年7月19日  13:54
Used time: 00:05 Minute(s)

The scan has been done completely.

      5 Scanning directories
     16 Files were scanned
     18 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     14 files were deleted
      0 files were repaired
     14 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -2 Files not concerned
      0 Archives were scanned
      0 Warnings
     14 Notes
The file '27242' has been determined to be 'UNDER ANALYSIS'.

残缺的唯美

Starting the file scan:

Begin scan in 'D:\Users\ekincheng\Desktop\00006A43.rar'
D:\Users\ekincheng\Desktop\00006A43.rar
    [0] Archive type: RAR
    --> 00006A43\197656
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 00006A43\217281
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 00006A43\237046
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 00006A43\256750
        --> Object
          [2] Archive type: RSRC
          --> Object
            [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    --> 00006A43\276187
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 00006A43\295578
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 00006A43\314968
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 00006A43\334093
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> 00006A52\306078
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 01563604\22535468
        --> Object
          [2] Archive type: RSRC
          --> Object
            [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    --> 01563604\22661234
      [DETECTION] Is the TR/Delf.dek.1 Trojan
      --> 01563604\22708250
        --> Object
          [2] Archive type: RSRC
          --> Object
            [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    --> 01563604\23273546
      [DETECTION] Is the TR/Dropper.Gen Trojan
      --> 01563604\23297375
        --> Object
          [2] Archive type: RSRC
          --> Object
            [DETECTION] Contains recognition pattern of the RKIT/Agent.YC.21 root kit
    [NOTE]      A backup was created as '48b181ef.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!