由go引出的~[md5内详]

显示全部楼层 · 发表于 2007-7-27 10:10:35

金山15个,费尔13个

微点:
木马名称:Trojan-PSW.Win32.OnLineGames.gxz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\3.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.gob

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\4.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.gwx

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\5.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.gwu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\6.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.gyn

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\7.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Legendmir.yp

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\8.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Agent.ear

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\9.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.guq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\10.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.gww

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\11.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Vikings.fqf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SYSTEM22.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.gzm

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\12.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.gvq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.gym

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\1.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\2.EXE
1) C:\DELETEFILEDOS.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\2.EXE
1) C:\DELETEFILEDOS.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\13.EXE
1) C:\DELETEFILEDOS.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\13.EXE
1) C:\DELETEFILEDOS.BAT
是否删除可疑程序?

微点全杀了

那位MM的报告太笼统了,都不写具体点的

显示全部楼层 · 发表于 2007-7-27 10:43:57

Scan performed at: 2007-7-27 10:42:54
Scanning Log
NOD32 version 2424 (20070726) NT
Command line: C:\Documents and Settings\Administrator\桌面\Ignore.rar

Date: 27.7.2007 Time: 10:42:55
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Administrator\桌面\Ignore.rar
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?2.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?3.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?4.exe - probably a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?5.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?6.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?7.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?8.exe - a variant of Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?9.exe - Win32/PSW.Agent.NDP trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?10.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?11.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?system22.exe - probably a variant of Win32/Viking virus
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?12.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?13.exe - Win32/PSW.OnLineGames.NDA trojan - was a part of the deleted object
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?14.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\Administrator\桌面\Ignore.rar ?RAR ?1.exe - a variant of Win32/PSW.OnLineGames.NDA trojan
Number of scanned files: 16
Number of threats found: 15
Number of files cleaned: 1
Time of completion: 10:43:00 Total scanning time: 5 sec (00:00:05)

显示全部楼层 · 发表于 2007-7-27 11:24:38

Ignore.rar
  [0] Archive type: RAR
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/ShellHook.2.A
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/ShellHook.3.A
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/PSW.Agent.20480
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Hook.Shell.192
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UP.8
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.ewc.33
  --> 8.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.LY.17
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UO.55
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/Hook.Shell.189
  --> system22.exe
   [DETECTION] Is the Trojan horse TR/Spy.Viking.Gen
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/Hook.Shell.190
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/SHellHook.1.A
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/Hook.Shell.181
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/Hook.Shell.202
   [WARNING] The file was ignored!

End of the scan: 2007年7月27日  11:24
Used time: 00:14 min

The scan has been done completely.

   0 Scanning directories
   16 Files were scanned
   15 viruses and/or unwanted programs were found
   0 classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-7-27 11:42:19

=。= 卡吧弹了n多框

[ 本帖最后由 dragonkf 于 2007-7-27 11:50 编辑 ]

显示全部楼层 · 发表于 2007-7-27 12:56:17

挺全的，OnLineGames，PSW.Legendmir，PSW.Agent，Viking都到齐了。。

显示全部楼层 · 发表于 2007-7-27 12:59:00

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.RocOnline.av
病毒： Trojan.PSW.Win32.XYOnline.ca
病毒： Trojan.PSW.Win32.OnlineGames.dho
病毒： Trojan.PSW.Win32.AskTao.aj
病毒： Trojan.PSW.Win32.TLOnline.o
病毒： Trojan.PSW.Win32.OnlineGames.dli
病毒： Trojan.PSW.Win32.Shanda.o
病毒： Trojan.PSW.ZhengTu.jzd
病毒： Trojan.PSW.Win32.OnlineGames.dnj
病毒： Trojan.PSW.Win32.OnlineGames.dod
病毒： Worm.Win32.Viking.a
病毒： Trojan.PSW.Win32.OnlineGames.doc
病毒： Trojan.PSW.Win32.ZeroOnline.g
病毒： Trojan.PSW.Win32.XYOnline.bt
病毒： Trojan.PSW.Win32.XYOnline.cc

MAC地址：00:D0:F8:38:4B:7A

用户来源：局域网

软件版本：19.33.40
15个

显示全部楼层 · 发表于 2007-7-27 20:07:03

BitDefender

This web page has been blocked by BitDefender Antivirus Real-time Protection!

The blocked web page included objects that were either infected or likely to be infected with a virus. Your system has NOT been infected.
http://www.bitdefender.com/vfind/?q=BehavesLike:Trojan.ShellHook
http://www.bitdefender.com/vfind/?q=Trojan.Spy.Delf.NGP
http://www.bitdefender.com/vfind/?q=BehavesLike:Trojan.ShellHook
http://www.bitdefender.com/vfind/?q=Win32.Worm.Viking.NCO
http://www.bitdefender.com/vfind/?q=BehavesLike:Trojan.ShellHook
http://www.bitdefender.com/vfind/?q=DeepScan:Generic.Onlinegames.3.964B748A
http://www.bitdefender.com/vfind/?q=Generic.Onlinegames9.7CDCAC9B
http://www.bitdefender.com/vfind/?q=BehavesLike:Trojan.ShellHook
http://www.bitdefender.com/vfind/?q=Trojan.ShellHook.B
http://www.bitdefender.com/vfind/?q=DeepScan:Generic.PWS.Games.1C7B0108
http://www.bitdefender.com/vfind/?q=BehavesLike:Trojan.ShellHook

显示全部楼层 · 发表于 2007-7-27 20:12:34

原帖由 红心王子 于 2007-7-27 12:59 发表
瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.RocOnline.av
病毒： Trojan.PSW.Win32.XYOnline.ca
病毒： Trojan.PSW.Win32.OnlineGames.dho
病毒： Trojan.PSW.Win32.AskTao.a ...

瑞星这次厉害了嘛

显示全部楼层 · 发表于 2007-7-27 20:16:27

[病毒样本] 由go引出的~[md5内详]

本帖子中包含更多资源

回复 #10 tracydk 的帖子

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块