刚从别人U盘上抓的一个及其生成物,过的比较多

wangjay1980

Hello,

daso0.dll - Trojan-PSW.Win32.OnLineGames.nw,
mhso0.dll - Trojan-PSW.Win32.WOW.qn,

qqq000@qq.com

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)

       [凝逸.扫描病毒引擎-日志]       2007.7.19 15:28:40

文件:F:\070717\M1\jtso0.dll | 感染:Trojan.PWS.Wsgame [1579>20070716_3159f3.axx]2(1.1)
操作:删除文件
文件:F:\070717\M1\fyso0.dll | 感染:Trojan.PWS.Wsgame [201>20070716_3159f3.axx]3(1.1)
操作:删除文件
文件:F:\070717\M1\rxso0.dll | 感染:Trojan.PWS.Wsgame [1581>20070716_3159f3.axx]3(1.1)
操作:删除文件
文件:F:\070717\M1\qjso0.dll | 感染:Trojan.PWS.Gamania.2427 [582>20070716_3159f3.axx]3(1.1)
操作:删除文件
文件:F:\070717\M1\daso0.dll | 感染:Trojan.PWS.Wsgame [1470>20070716_3159f3.axx]2(1.1)
操作:删除文件

扫描完成|病毒:5 文件:7|耗时:2414
----------

微点卫士

微点
木马名称:Trojan-PSW.Win32.Delf.ejr

程序:
C:\PROGRAM FILES\INTERNET EXPLORER\MSVCRT.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?


程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.140\M1.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\INTERNET EXPLORER\MSVCRT.BAK
是否删除木马程序及其衍生物?

蓝色牛仔裤

漏两个dll 。。


[Scan path] C:\Documents and Settings\Administrator\桌面\生成物.rar
>C:\Documents and Settings\Administrator\桌面\生成物.rar\jtso0.dll - Ok
>C:\Documents and Settings\Administrator\桌面\生成物.rar\mhso0.dll infected with Trojan.PWS.Wsgame
>C:\Documents and Settings\Administrator\桌面\生成物.rar\fyso0.dll infected with Trojan.PWS.Wsgame
>C:\Documents and Settings\Administrator\桌面\生成物.rar\rxso0.dll infected with Trojan.PWS.Gamania.2924
>C:\Documents and Settings\Administrator\桌面\生成物.rar\qjso0.dll infected with Trojan.PWS.Gamania.2427
>C:\Documents and Settings\Administrator\桌面\生成物.rar\daso0.dll - Ok
C:\Documents and Settings\Administrator\桌面\生成物.rar - archive contains infected objects

[Scan path] C:\Documents and Settings\Administrator\桌面\M1.rar
>C:\Documents and Settings\Administrator\桌面\M1.rar\M1.exe infected with Win32.HLLW.Autoruner.175
C:\Documents and Settings\Administrator\桌面\M1.rar - archive contains infected objects

1688388728

探测到: 病毒 Virus.Win32.AutoRun.bk        文件: E:\病毒库\M1.rar/M1.exe//PE_Patch.UPX//UPX
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ui        文件: E:\病毒库\生成物.rar/jtso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.abi        文件: E:\病毒库\生成物.rar/fyso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.abv        文件: E:\病毒库\生成物.rar/rxso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.bs        文件: E:\病毒库\生成物.rar/qjso0.dll

tracydk

Starting the file scan:

Begin scan in 'F:\病毒样本\M1.rar'
F:\病毒样本\M1.rar
  [0] Archive type: RAR
  --> M1.exe
      [DETECTION] Is the Trojan horse TR/Autorun.BK
      [INFO]      The file was deleted!
Begin scan in 'F:\病毒样本\生成物.rar'
F:\病毒样本\生成物.rar
  [0] Archive type: RAR
  --> jtso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> mhso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> fyso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> rxso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> qjso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> daso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!

快乐男孩6

RS7个!

ljabchn

已刪除: 木馬程式 Trojan-PSW.Win32.OnLineGames.ui        網址: http://bbs.kafan.cn/attachment.php?aid=102602/jtso0.dll

hj5abc

dll..考验nod32的特征码识别率. dr也差不多了

liyukun97065

D:\TDdownload\复件 生成物.rar
  [0] Archive type: RAR
  --> jtso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> mhso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> fyso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> rxso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> qjso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> daso0.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      A backup was created as '471e176a.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!

kis7.0

探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.ui        文件: D:\TDdownload\生成物.rar/jtso0.dll
探测到: 木马程序 Trojan-PSW.Win32.WOW.qn        文件: D:\TDdownload\生成物.rar/mhso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.abi        文件: D:\TDdownload\生成物.rar/fyso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.abv        文件: D:\TDdownload\生成物.rar/rxso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.bs        文件: D:\TDdownload\生成物.rar/qjso0.dll
探测到: 木马程序 Trojan-PSW.Win32.OnLineGames.nw        文件: D:\TDdownload\生成物.rar/daso0.dll
探测到: 病毒 Virus.Win32.AutoRun.bk        文件: D:\TDdownload\M1.rar/M1.exe//PE_Patch.UPX//UPX