downloads下来的。。。。

曲中求

MD5：

c1b7bc9bf6e4ca0be4885bdbc157ea15   3.exe
8d4b560bee1e6cf07e3c205729cc18a7   2.exe
ba95b5fd35c2cafeb266698981e977d3   1.exe
6bcf9260f3fec1071a1012e99ffbfafa   14.exe
cd54807a700f8e044d8410741d587670   13.exe
50f3abe9483f2ac2b53b69325e1df772   12.exe
a9d7c80db8554ded8b79962afde218f1   11.exe
e65910665c04883520893b8a9db31c03   10.exe
908842e5e498e404e4e09f6db294e443   9.exe
9794711ea4134eeac74c0e8efacd816f   8.exe
f0f03f112be30d84def9069f0a6e0601   7.exe
fc80caf06cfd9706ab6e9e39a0763c43   6.exe
5cb0fbe81feb8aed4c45fc1514413eb8   5.exe
01393d643c919277a74ae346014c0478   4.exe


NOD 32：

Time Module Object Name Threat Action User Information
2007-7-23 9:12:23 IMON file http://ck1.in/Sex/14.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:12:11 IMON file http://ck1.in/Sex/13.exe probably a variant of Win32/PSW.Agent.NDP trojan  
2007-7-23 9:11:27 IMON file http://ck1.in/Sex/12.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:11:15 IMON file http://ck1.in/Sex/11.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:11:04 IMON file http://ck1.in/Sex/10.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:10:50 IMON file http://ck1.in/Sex/9.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:10:37 IMON file http://ck1.in/Sex/8.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:10:25 IMON file http://ck1.in/Sex/7.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:10:17 IMON file http://ck1.in/Sex/6.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:10:08 IMON file http://ck1.in/Sex/5.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:09:53 IMON file http://ck1.in/Sex/4.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:09:40 IMON file http://ck1.in/Sex/3.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:09:31 IMON file http://ck1.in/Sex/2.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:09:16 IMON file http://ck1.in/Sex/1.exe probably a variant of Win32/PSW.Agent.NDP trojan   
2007-7-23 9:08:12 IMON file http://ck1.in/Sex/13.exe probably a variant of Win32/PSW.Agent.NDP trojan

[ 本帖最后由 曲中求 于 2007-7-23 09:25 编辑 ]

zengmingwh

Begin scan in 'F:\bingdu\14.rar'
F:\bingdu\14.rar
  [0] Archive type: RAR
  --> 14\1.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\10.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\11.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\12.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\13.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\14.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\2.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\3.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\4.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\5.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\7.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\8.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 14\9.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!


End of the scan: 2007年7月23日  09:30
Used time: 00:39 min

The scan has been done completely.

      0 Scanning directories
     15 Files were scanned
     14 viruses and/or unwanted programs were found
      0 classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found

yashoo

漏了一个  

wangjay1980

detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\1.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\10.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\11.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\12.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\13.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\14.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\2.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\3.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\4.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\5.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\6.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\7.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\8.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.acz        File: C:\Documents and Settings\Owner\×ÀÃæ\14.rar/14\9.exe//PE_Patch//UPack

yashoo

Thank you for your submission.                                             

Analysis ID: 3919532

File Name            Findings                       Detection                    Type         Extra
--------------------|------------------------------|----------------------------|------------|-----
1.exe               |heuristic detection           |new malware.n               |Trojan      |no

heuristic detection [1.exe]

yym1988520

nis 4

bjfhj

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.OnlineGames.dna
病毒： Trojan.PSW.Win32.WoWar.sr
病毒： Trojan.PSW.Win32.OnlineGames.dnf
病毒： Trojan.PSW.Win32.AskTao.ah
病毒： Trojan.PSW.Win32.OnlineGames.dng
病毒： Trojan.PSW.Win32.OnlineGames.dnh
病毒： Trojan.PSW.Win32.OnlineGames.dnb
病毒： Trojan.PSW.Win32.XYOnline.bw
病毒： Trojan.PSW.Win32.OnlineGames.dnd

MAC地址：00:14:2A:AF:EF:4C

用户来源：互联网

软件版本：19.32.62

pluto1313

原帖由 bjfhj 于 2007-7-23 10:21 发表
瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.OnlineGames.dna
病毒： Trojan.PSW.Win32.WoWar.sr
病毒： Trojan.PSW.Win32.OnlineGames.dnf
病毒： Trojan.PSW.Win32.AskTao.a ...

号称虚拟脱壳的瑞*，居然把这么些简单东西报成不同的变种，大跌眼镜

一派胡言

kv2007全灭。

        北京江民新科技术有限公司

        扫描引擎 10.00.650
        病毒库日期 2007-07-22
        更新日期 2007-07-23

扫描目标 C:\Documents and Settings\Administrator\桌面\14.rar

开始时间 2007-07-23 10:36:25

在 C:\Documents and Settings\Administrator\桌面\14.rar->14\1.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\10.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\11.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\12.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\13.exe 中发现 TrojanDownloader.Small.jyp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\14.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\2.exe 中发现 TrojanDownloader.Small.jyp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\3.exe 中发现 TrojanDownloader.Small.jyp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\4.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\5.exe 中发现 TrojanDownloader.Small.jyp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\6.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\7.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\8.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\14.rar->14\9.exe 中发现 TrojanDownloader.Adload.lp 病毒, 已删除

wangjay1980

宣传，营销而已，哪有什么实际的技术