再来10个[MD5: 17DD94 4372F3 等

显示全部楼层 · 发表于 2007-9-9 19:50:00

[MD5: 17DD94 4372F3 4C8B26 F77C53 88DF3E 15393C 3027AD 672840 9414C9 883304]

显示全部楼层 · 发表于 2007-9-9 19:52:02

显示全部楼层 · 发表于 2007-9-9 19:53:28

Scan performed at: 2007-9-9 19:53:08
Scanning Log
NOD32 version 2515 (20070909) NT
Command line: C:\Documents and Settings\Don johnson\桌面\桌.rar
Operating memory - is OK

Date: 9.9.2007 Time: 19:53:12
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\桌.rar
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?mh0618.exe - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?qj0617.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?tl0619.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?wow0617.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?wd0618.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?jh0619.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?dh3.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?zt0616.exe - probably a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?dh0616.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌.rar ?RAR ?my0616.exe - a variant of Win32/PSW.OnLineGames.YA trojan
Number of scanned files: 11
Number of threats found: 10
Number of files cleaned: 1
Time of completion: 19:53:13 Total scanning time: 1 sec (00:00:01)

显示全部楼层 · 发表于 2007-9-9 19:54:54

卡巴 7.0.0.125 高启发

10个（和上10个一样也是4个启发

）

已隔离: 病毒 Heur.Invader (变种) 文件: F:\病毒样本\桌.rar/mh0618.exe
已隔离: 病毒 Heur.Invader (变种) 文件: F:\病毒样本\桌.rar/jh0619.exe//PE_Patch.UPX
已隔离: 病毒 Heur.Invader (变种) 文件: F:\病毒样本\桌.rar/zt0616.exe
已隔离: 病毒 Heur.Invader (变种) 文件: F:\病毒样本\桌.rar/wd0618.exe//PE_Patch.UPX
已删除: 木马程序 Trojan-Dropper.Win32.Killav.f 文件: F:\病毒样本\桌.rar/dh0616.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.cer 文件: F:\病毒样本\桌.rar/dh3.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ceu 文件: F:\病毒样本\桌.rar/qj0617.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.cev 文件: F:\病毒样本\桌.rar/tl0619.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.cfe 文件: F:\病毒样本\桌.rar/my0616.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.cff 文件: F:\病毒样本\桌.rar/wow0617.exe

显示全部楼层 · 发表于 2007-9-9 19:55:37

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.SunOnline.bz
病毒： Trojan.PSW.Win32.OnlineGames.yjf
病毒： Trojan.PSW.Win32.OnlineGames.ykk
病毒： Trojan.PSW.Win32.OnlineGames.yki
病毒： Trojan.PSW.Win32.RocOnline.di
病毒： Trojan.PSW.Win32.OnlineGames.yka
病毒： Trojan.PSW.Win32.OnlineGames.yjk

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.39.62

显示全部楼层 · 发表于 2007-9-9 20:00:56

微点：
木马名称:Trojan-PSW.Win32.OnLineGames.kam

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\QJ0617.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kei

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\TL0619.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kkg

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\JH0619.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Dropper.Win32.Killav.c

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\DH0616.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kjx

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\MY0616.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\DH3.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\DBGHLP32.EXE
2) C:\WINDOWS.0\SYSTEM32\DBGHLP32.DLL
是否删除木马程序及其衍生物?
木马名称:Trojan-PSW.Win32.Agent.eqy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\MH0618.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\WD0618.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MSIMMS32.EXE
2) C:\WINDOWS.0\SYSTEM32\MSIMMS32.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\WOW0617.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MPPDS.EXE
2) C:\WINDOWS.0\SYSTEM32\MPPDS.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌\ZT0616.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\UPXDND.EXE
2) C:\WINDOWS.0\SYSTEM32\UPXDND.DLL
是否删除木马程序及其衍生物?
OK

显示全部楼层 · 发表于 2007-9-9 20:03:04

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Paranoia Database - 4069
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\mh0618.exe - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\qj0617.exe - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder\tl0619.exe - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder\wow0617.exe - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\wd0618.exe - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\jh0619.exe - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\dh3.exe - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\zt0616.exe - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\dh0616.exe - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\my0616.exe - Infected with PDB-3074 Malware program - Deleted

10 Files scanned
1 Infected files found
9 Suspicious files found
0 Files cured
1 Files deleted

显示全部楼层 · 发表于 2007-9-9 20:11:55

金山3个，汗

显示全部楼层 · 发表于 2007-9-9 20:12:02

卡巴7 7个还启发2个

显示全部楼层 · 发表于 2007-9-9 20:20:19

小A用的静寂模式，直接拦截，TRJ字样

[病毒样本] 再来10个[MD5: 17DD94 4372F3 等

本帖子中包含更多资源

本帖子中包含更多资源