下载物x20

显示全部楼层 · 发表于 2008-7-27 15:02:53

卡巴16
检测到：木马程序 Trojan-Downloader.Win32.Zlob.iqj 文件: C:\Sandbox\Administrator\DefaultBox\user\all\Favorites\hfdf.hlp//RLPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.nlq 文件: C:\Sandbox\Administrator\DefaultBox\user\all\Favorites\OSPEHTAE.EXE//RLPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.nlq 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\19820524.exe//RLPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.cnd 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\55566677.exe//MPRESS
检测到：木马程序 Trojan-GameThief.Win32.Lmir.cdx 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\go.sys
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.cnd 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\AFEF4706E4C5.dll//MPRESS
检测到：木马程序 Backdoor.Win32.Agent.njx 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\csrs.exe
检测到：木马程序 Trojan-PSW.Win32.Delf.alw 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\dll.dll
检测到：木马程序 Rootkit.Win32.Agent.azl 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\ftsrch.exe//UPX
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.cnd 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\lintu.exe//#//MPRESS
检测到：木马程序 Backdoor.Win32.IRCBot.ekt 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\mdgn.exe
检测到：木马程序 Trojan-GameThief.Win32.OnLineGames.skie 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\Rtluds.exe
检测到：木马程序 Trojan-PSW.Win32.Delf.alw 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\SVCH0ST.EXE
检测到：木马程序 Backdoor.Win32.Hupigon.cunl 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\drivers\suchost.exe//UPX
检测到：木马程序 Trojan.Win32.Qhost.aei 文件: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\drivers\etc\hosts
检测到：木马程序 Backdoor.Win32.Hupigon.cunl 文件: C:\Sandbox\Administrator\DefaultBox\drive\F\　　　.exe//UPX

UG 18

显示全部楼层 · 发表于 2008-7-27 15:05:09

扫描系统区域...
扫描所选择的目录和文件...
对象: 19820524.exe
路径: F:\virus\vir\Maker\drive\C
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.nlq (KAV 引擎), Packer.RLPack.D (BD 引擎)
对象: 55566677.exe
路径: F:\virus\vir\Maker\drive\C
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.cnd (KAV 引擎), GenPack:Trojan.PWS.OnlineGames.QZJ (BD 引擎)
对象: go.sys
路径: F:\virus\vir\Maker\drive\C
Status: 已发现病毒
病毒: Trojan-GameThief.Win32.Lmir.cdx (KAV 引擎), Worm.Autorun.VEM (BD 引擎)
对象: AFEF4706E4C5.dll
路径: F:\virus\vir\Maker\drive\C\WINDOWS
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.cnd (KAV 引擎), Trojan.Generic.322539 (BD 引擎)
对象: csrs.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Backdoor.Win32.Agent.njx (KAV 引擎), Packer.RLPack.D (BD 引擎)
对象: dll.dll
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Trojan-PSW.Win32.Delf.alw (KAV 引擎)
对象: hosts
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32\drivers\etc
Status: 已发现病毒
病毒: Trojan.Qhosts.B (BD 引擎)
对象: suchost.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32\drivers
Status: 已发现病毒
病毒: Backdoor.Win32.Hupigon.cunl (KAV 引擎), Trojan.Generic.367949 (BD 引擎)
对象: ftsrch.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Rootkit.Win32.Agent.azl (KAV 引擎), Dropped:Backdoor.Generic.56771 (BD 引擎)
对象: lintu.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Trojan.Crypt.Delf.AA (BD 引擎)
对象: mdgn.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Backdoor.Win32.IRCBot.ekt (KAV 引擎), Packer.Krunchy.B (BD 引擎)
对象: Realone.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Trojan.Crypt.Delf.C (BD 引擎)
对象: Rtluds.exe
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Trojan-GameThief.Win32.OnLineGames.skie (KAV 引擎), Packer.RLPack.D (BD 引擎)
对象: SVCH0ST.EXE
路径: F:\virus\vir\Maker\drive\C\WINDOWS\system32
Status: 已发现病毒
病毒: Trojan-PSW.Win32.Delf.alw (KAV 引擎), Backdoor.Hupigon.AAEA (BD 引擎)
对象: 　　　.exe
路径: F:\virus\vir\Maker\drive\F
Status: 已发现病毒
病毒: Backdoor.Win32.Hupigon.cunl (KAV 引擎), Trojan.Generic.367949 (BD 引擎)
对象: hfdf.hlp
路径: F:\virus\vir\Maker\user\all\Favorites
Status: 已发现病毒
病毒: Trojan-Downloader.Win32.Zlob.iqj (KAV 引擎), Packer.RLPack.D (BD 引擎)
对象: OSPEHTAE.EXE
路径: F:\virus\vir\Maker\user\all\Favorites
Status: 已发现病毒
病毒: Trojan-PSW.Win32.OnLineGames.nlq (KAV 引擎), Packer.RLPack.D (BD 引擎)
扫描完成: 2008-7-27 15:03
已检查 20 个文件
已发现 17 个染毒文件

这让我想起了昨天去修那台下载者的毒机时的情景...
rising很帅...
miss纯exe=55~

显示全部楼层 · 发表于 2008-7-27 15:06:06

C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\msagent\VLyc8XRI0B2.exe Trojan.Cap872616.bplg 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\csrs.exe Trojan.Agent.bgiq.tizd 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\dll.dll TrojanPSW.Delf.alw.yfmr.dll 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\drivers\etc\hosts Qhost.Trojan.a 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\drivers\suchost.exe Suspicious.Trojan.Downldr.a.lfdz 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\ftsrch.exe Rootkit.Agent.azl.knjt 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\lintu.exe Trojan.Delphi.Gen.qcot 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\mdgn.exe Trojan.Cap872520.wrwn 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\Realone.exe TrojanDropper.Cattivo.A.uzav 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\Rtluds.exe TrojanGameThief.OnLineGames.skie.emjq 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\C\WINDOWS\system32\SVCH0ST.EXE TrojanPSW.Delf.alw.bwkl 木马还未处理
C:\Documents and Settings\Administrator\桌面\Maker.rar>>drive\F\　　　.exe Suspicious.Trojan.Downldr.a.lfdz 木马还未处理

显示全部楼层 · 发表于 2008-7-27 15:06:47

kv 9个成绩不佳啊

显示全部楼层 · 发表于 2008-7-27 15:08:09

还是很强的说

显示全部楼层 · 发表于 2008-7-27 15:09:22

信息 2008-07-27  15:09:00 您此次查毒清除了7个病毒
信息 2008-07-27  15:09:00 您此次查毒共查出7个病毒以及危险代码
信息 2008-07-27  15:09:00 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件33个
信息 2008-07-27  15:09:00 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-07-27  15:09:00 D:\Desktop\Maker.rar\drive\C\WINDOWS\system32\drivers\etc\hosts BAT.Qhost.ev.15789 清除成功
病毒 2008-07-27  15:09:00 D:\Desktop\Maker.rar\drive\C\go.sys Win32.PSWTroj.Lmir.2464 清除成功
病毒 2008-07-27  15:09:00 D:\Desktop\Maker.rar\drive\C\WINDOWS\AFEF4706E4C5.dll Win32.PSWTroj.OnLineGames.25600 清除成功
病毒 2008-07-27  15:09:00 D:\Desktop\Maker.rar\drive\C\WINDOWS\system32\drivers\suchost.exe Worm.vking.cb.307200 清除成功
病毒 2008-07-27  15:08:59 D:\Desktop\Maker.rar\drive\C\WINDOWS\system32\ftsrch.exe Win32.Troj.OnLineGamesT.or.258048 清除成功
病毒 2008-07-27  15:08:59 D:\Desktop\Maker.rar\drive\C\55566677.exe Win32.PSWTroj.OnLineGames.40448 清除成功
病毒 2008-07-27  15:08:59 D:\Desktop\Maker.rar\drive\F\　　　.exe Worm.vking.cb.307200 清除成功

显示全部楼层 · 发表于 2008-7-27 15:15:05

Scan Log
Version of virus signature database: 3300 (20080725)
Date: 2008-7-27 Time: 15:14:25
Scanned disks, folders and files: G:\v\Maker.rar
G:\v\Maker.rar » RAR » user\all\Favorites\hfdf.hlp - a variant of Win32/PSW.OnLineGames.NNL trojan
G:\v\Maker.rar » RAR » drive\F\　　　.exe - a variant of Win32/Fujacks virus
G:\v\Maker.rar » RAR » drive\C\19820524.exe - a variant of Win32/PSW.OnLineGames.NNL trojan
G:\v\Maker.rar » RAR » drive\C\55566677.exe - a variant of Win32/PSW.OnLineGames.NNS trojan
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\csrs.exe - is OK
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\ftsrch.exe - probably a variant of Win32/Genetik trojan
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\lintu.exe - a variant of Win32/PSW.OnLineGames.NNS trojan
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\mdgn.exe - is OK
G:\v\Maker.rar » RAR » user\all\Favorites\OSPEHTAE.EXE - a variant of Win32/PSW.OnLineGames.NNL trojan
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\Realone.exe - probably a variant of Win32/Genetik trojan
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\Rtluds.exe - is OK
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\drivers\suchost.exe - a variant of Win32/Fujacks virus
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\SVCH0ST.EXE - probably unknown NewHeur_PE virus [7]
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\SVCH0ST1.EXE - is OK
G:\v\Maker.rar » RAR » drive\C\WINDOWS\msagent\VLyc8XRI0B2.exe - is OK
G:\v\Maker.rar » RAR » drive\C\WINDOWS\AFEF4706E4C5.dll - probably a variant of Win32/PSW.Lineage.DN trojan
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\dll.dll - is OK
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\drivers\Beep.sys - is OK
G:\v\Maker.rar » RAR » drive\C\go.sys - is OK
G:\v\Maker.rar » RAR » drive\C\WINDOWS\system32\drivers\etc\hosts - Win32/Qhost trojan
G:\v\Maker.rar:Zone.Identifier - is OK
Number of scanned objects: 21
Number of threats found: 12
Number of cleaned objects: 0
Time of completion: 15:14:50 Total scanning time: 25 sec (00:00:25)

Notes:
[7] Object is probably infected with an unknown virus.

显示全部楼层 · 发表于 2008-7-27 15:22:46

1个0字节，beep.sys好像是微软的文件。。。。。所以准确的说是只有18个

[ 本帖最后由 EQ2 于 2008-7-27 15:57 编辑 ]

显示全部楼层 · 发表于 2008-7-27 15:40:50

显示全部楼层 · 发表于 2008-7-27 15:50:18

Begin scan in 'C:\Documents and Settings\Administrator\桌面\Maker'
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\19820524.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '48c428e7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\55566677.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '48c128e3.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\go.sys
[DETECTION] Contains recognition pattern of the WORM/Autorun.VEM worm
[NOTE]    A backup was created as '48ba291d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\AFEF4706E4C5.dll
[DETECTION] Is the TR/PSW.OnlineGames.cnd.46 Trojan
[NOTE]    A backup was created as '48d128f4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\msagent\VLyc8XRI0B2.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '490528fa.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\csrs.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '48fe2921.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\dll.dll
[DETECTION] Is the TR/PSW.OnLinGame.auv Trojan
[NOTE]    A backup was created as '48f8291a.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\ftsrch.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '48ff2923.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\lintu.exe
   [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
[NOTE]    A backup was created as '48fa2918.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\mdgn.exe
[DETECTION] Contains recognition pattern of the WORM/IrcBot.9216.2 worm
[NOTE]    A backup was created as '48f32913.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\Realone.exe
   [DETECTION] Is the TR/Drop.Cattivo.A Trojan
[NOTE]    A backup was created as '48ed2914.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\Rtluds.exe
   [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
[NOTE]    A backup was created as '48f82923.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\SVCH0ST.EXE
[DETECTION] Is the TR/PSW.OnLinGame.auv Trojan
[NOTE]    A backup was created as '48cf2906.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\drivers\suchost.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[NOTE]    A backup was created as '48ef2925.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\C\WINDOWS\system32\drivers\etc\hosts
[DETECTION] Is the TR/Qhost.AA Trojan
[NOTE]    A backup was created as '48ff291f.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\drive\F\　　　.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[NOTE]    A backup was created as '788c58b0.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\user\all\Favorites\hfdf.hlp
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '48f02916.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Maker\user\all\Favorites\OSPEHTAE.EXE
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '48dc2903.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2008年7月27日  15:50
Used time: 00:04 Minute(s)

The scan has been done completely.

   12 Scanning directories
   20 Files were scanned
   18 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   18 files were deleted
   0 files were repaired
   18 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   0 Archives were scanned
   0 Warnings
   18 Notes

[病毒样本] 下载物x20

本帖子中包含更多资源

12

本帖子中包含更多资源

本帖子中包含更多资源