Chơi hai acc boom trên 1 máy(Crazymulti.exe)Có virus!!!!!!!!!!!!!!!!!!Nguy Hiểm

[hoabinh_a20]

Tên Virus:C:\WINDOWS\system32\qqqr.exe


C:\WINDOWS\system32\qqq.exe


C:\WINDOWS\system32\qqqhk.dll


C:\WINDOWS\system32\qqqwb.dll


Ngày phát hiện:19/7/2011


Chủng tộcR/Perflogger.AH dropper


SPR/Tool.PerfectKeylogger.412


TR/Spy.Perfloger.AB.31 Trojan


SPR/Tool.PerfectKeylogger.410


Người phát hiện:sieusystem


Cách diệt:delete qqqwb.dll,qqqhk.dll,qqq.exe,qqqr.exe bằng unlocker


Xóa regedit:HKEY_LOCAL_MACHINE\Software\Microsoft\Wind ows\CurrentVersion\Explorer\Browser Helper Objects\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A



File log của Avira 10 premium:




Premium Security Suite


Report file date: Tuesday, July 19, 2011 14:47



Scanning for 2985992 virus strains and unwanted programs.



The program is running as an unrestricted full version.


Online services are available:



Licensee : Sieu Vuong Kha


Serial number : 2214948847-ISECE-0000001


Platform : Windows XP


Windows phiên bản : (Service Pack 2) [5.1.2600]


Boot mode : Normally booted


Username : AAAA


Computer name : AAAA-9ECF542063



Version information:


BUILD.DAT : 10.2.0.659 43195 Bytes 6/22/2011 16:02:00


AVSCAN.EXE : 10.3.0.7 484008 Bytes 7/18/2011 10:08:22


AVSCAN.DLL : 10.0.5.0 47464 Bytes 7/18/2011 10:08:22


LUKE.DLL : 10.3.0.5 45416 Bytes 7/18/2011 10:08:23


LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 16:40:44


AVSCPLR.DLL : 10.3.0.7 119656 Bytes 7/18/2011 10:08:24


AVREG.DLL : 10.3.0.9 88833 Bytes 7/18/2011 10:08:24


VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 02:05:36


VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 07:28:52


VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 07:28:54


VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 04:53:20


VBASE004.VDF : 7.11.8.178 2354176 Bytes 5/31/2011 04:53:30


VBASE005.VDF : 7.11.10.251 1788416 Bytes 7/7/2011 04:53:37


VBASE006.VDF : 7.11.10.252 2048 Bytes 7/7/2011 04:53:38


VBASE007.VDF : 7.11.10.253 2048 Bytes 7/7/2011 04:53:38


VBASE008.VDF : 7.11.10.254 2048 Bytes 7/7/2011 04:53:38


VBASE009.VDF : 7.11.10.255 2048 Bytes 7/7/2011 04:53:38


VBASE010.VDF : 7.11.11.0 2048 Bytes 7/7/2011 04:53:39


VBASE011.VDF : 7.11.11.1 2048 Bytes 7/7/2011 04:53:39


VBASE012.VDF : 7.11.11.2 2048 Bytes 7/7/2011 04:53:39


VBASE013.VDF : 7.11.11.75 688128 Bytes 7/12/2011 04:53:43


VBASE014.VDF : 7.11.11.104 978944 Bytes 7/13/2011 04:53:47


VBASE015.VDF : 7.11.11.137 655360 Bytes 7/14/2011 04:53:51


VBASE016.VDF : 7.11.11.138 2048 Bytes 7/14/2011 04:53:51


VBASE017.VDF : 7.11.11.139 2048 Bytes 7/14/2011 04:53:51


VBASE018.VDF : 7.11.11.140 2048 Bytes 7/14/2011 04:53:52


VBASE019.VDF : 7.11.11.141 2048 Bytes 7/14/2011 04:53:52


VBASE020.VDF : 7.11.11.142 2048 Bytes 7/14/2011 04:53:52


VBASE021.VDF : 7.11.11.143 2048 Bytes 7/14/2011 04:53:52


VBASE022.VDF : 7.11.11.144 2048 Bytes 7/14/2011 04:53:53


VBASE023.VDF : 7.11.11.145 2048 Bytes 7/14/2011 04:53:53


VBASE024.VDF : 7.11.11.146 2048 Bytes 7/14/2011 04:53:53


VBASE025.VDF : 7.11.11.147 2048 Bytes 7/14/2011 04:53:54


VBASE026.VDF : 7.11.11.148 2048 Bytes 7/14/2011 04:53:54


VBASE027.VDF : 7.11.11.149 2048 Bytes 7/14/2011 04:53:54


VBASE028.VDF : 7.11.11.150 2048 Bytes 7/14/2011 04:53:55


VBASE029.VDF : 7.11.11.151 2048 Bytes 7/14/2011 04:53:55


VBASE030.VDF : 7.11.11.152 2048 Bytes 7/14/2011 04:53:55


VBASE031.VDF : 7.11.11.179 164864 Bytes 7/18/2011 10:08:22


Engineversion : 8.2.6.16


AEVDF.DLL : 8.1.2.1 106868 Bytes 3/4/2011 07:28:28


AESCRIPT.DLL : 8.1.3.73 1622395 Bytes 7/18/2011 04:54:15


AESCN.DLL : 8.1.7.2 127349 Bytes 3/4/2011 07:28:27


AESBX.DLL : 8.2.1.34 323957 Bytes 7/18/2011 04:54:16


AERDL.DLL : 8.1.9.13 639349 Bytes 7/18/2011 04:54:13


AEPACK.DLL : 8.2.9.5 676214 Bytes 7/18/2011 04:54:11


AEOFFICE.DLL : 8.1.2.12 201083 Bytes 7/18/2011 04:54:09


AEHEUR.DLL : 8.1.2.144 3621240 Bytes 7/18/2011 04:54:08


AEHELP.DLL : 8.1.17.5 246135 Bytes 7/18/2011 04:54:01


AEGEN.DLL : 8.1.5.6 401780 Bytes 7/18/2011 04:54:00


AEEMU.DLL : 8.1.3.0 393589 Bytes 3/4/2011 07:28:19


AECORE.DLL : 8.1.22.4 196983 Bytes 7/18/2011 04:53:59


AEBB.DLL : 8.1.1.0 53618 Bytes 3/4/2011 07:28:19


AVWINLL.DLL : 10.0.0.0 19304 Bytes 3/4/2011 07:28:34


AVPREF.DLL : 10.0.3.2 44904 Bytes 7/18/2011 10:08:22


AVREP.DLL : 10.0.0.10 174120 Bytes 7/18/2011 10:08:24


AVARKT.DLL : 10.0.26.1 255336 Bytes 7/18/2011 10:08:22


AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 7/18/2011 10:08:22


SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 07:23:04


AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/4/2011 07:28:33


NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 07:23:03


RCIMAGE.DLL : 10.0.0.33 2901352 Bytes 7/18/2011 10:08:22


RCTEXT.DLL : 10.0.63.0 97640 Bytes 7/18/2011 10:08:22



Configuration settings for the scan:


Jobname.............................: ShlExt


Configuration file..................: C:\DOCUME~1\AAAA\LOCALS~1\Temp\3a3a2232.avp


Logging.............................: Default


Primary action......................: delete


Secondary action....................: ignore


Scan master boot sector.............: on


Scan boot sector....................: on


Boot sectors........................: C:,


Process scan........................: off


Scan registry.......................: off


Search for rootkits.................: off


Integrity checking of system files..: off


Scan all files......................: All files


Scan archives.......................: on


Recursion depth.....................: 20


Smart extensions....................: on


Deviating archive types.............: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, +ISO,


Macro heuristic.....................: on


File heuristic......................: Complete


Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,



Start of the scan: Tuesday, July 19, 2011 14:47



Starting the file scan:



Begin scan in 'C:\WINDOWS\system32'


C:\WINDOWS\system32\qqq.exe


[DETECTION] Contains recognition pattern of the DR/Perflogger.AH dropper


[NOTE] The file was deleted!


C:\WINDOWS\system32\qqqhk.dll


[DETECTION] Contains recognition pattern of the SPR/Tool.PerfectKeylogger.412 program


[NOTE] The file was deleted!


C:\WINDOWS\system32\qqqr.exe


[DETECTION] Is the TR/Spy.Perfloger.AB.31 Trojan


[NOTE] A backup was created as '0f14eccd.qua' ( QUARANTINE )


[NOTE] The file was deleted!


C:\WINDOWS\system32\qqqwb.dll


[DETECTION] Contains recognition pattern of the SPR/Tool.PerfectKeylogger.410 program


[NOTE] The registration entry was successfully repaired.


[NOTE] A backup was created as '6923a338.qua' ( QUARANTINE )


[NOTE] The file was deleted!




End of the scan: Tuesday, July 19, 2011 14:49


Used time: 02:38 Minute(s)



The scan has been done completely.



244 Scanned directories


6782 Files were scanned


4 Viruses and/or unwanted programs were found


0 Files were classified as suspicious


4 files were deleted


0 Viruses and unwanted programs were repaired


4 Files were moved to quarantine


0 Files were renamed


0 Files cannot be scanned


6778 Files not concerned


7 Archives were scanned


0 Warnings


4 Notes



Link down:

You must be registered for see links