又见盗号木马群33只

promised

残缺的唯美

deleted: Trojan program Trojan-PSW.Win32.OnLineGames.grq        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/vahnvafkqw.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fnn        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/wlatl.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gof        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/zhjtrx.dll//UPack
deleted: Trojan program Trojan-Downloader.Win32.Delf.aas        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e1.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.Lmir.boq        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e10.exe//ASPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.grr        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e11.exe//PE_Patch//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.grq        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e13.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giv        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e14.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.QQPass.ajt        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e15.exe//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fxk        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e16.exe//ASPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fei        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e17.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fnn        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e18.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ghb        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e19.exe//UPack
deleted: Trojan program Backdoor.Win32.Delf.awy        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e20.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.grp        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e2.exe//PE_Patch//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gnz        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e3.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giv        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e4.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fyn        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e5.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gny        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e6.exe//PE_Patch.UPX//UPX//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ghq        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e7.exe//PE_Patch.UPX//UPX//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fbm        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e8.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gro        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/e9.exe//PE_Patch//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.QQPass.ajt        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/NvSys74.Sys
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ggo        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/608769WL.DLL
deleted: Trojan program Trojan-PSW.Win32.Lmir.boq        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/608769MM.DLL
deleted: Trojan program Backdoor.Win32.Delf.awy        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/scvhost.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.gro        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/AVPSrv.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giy        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/avwgemn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.giz        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/avzxemn.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.feg        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/djatl.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.grr        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/NVDispDrv.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.fnm        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/sqmapi32.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.grn        File: C:\Users\Administrator\Desktop\Ñù±¾1.rar/upxdnd.dll

全杀

nosferatu

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\样本1.rar'
C:\Documents and Settings\Administrator\桌面\样本1.rar
  [0] Archive type: RAR
  --> vahnvafkqw.dll
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> wlatl.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fnn
  --> zhjtrx.dll
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> e1.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> e10.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> e11.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> e13.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> e14.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giy
  --> e15.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> e16.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ggo
  --> e17.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fei
  --> e18.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.fnn
  --> e19.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ghb
  --> e20.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> e2.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> e3.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> e4.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giz
  --> e5.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> e6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> e7.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> e8.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> e9.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> NvSys74.Sys
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 608769WL.DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ggo
  --> 608769MM.DLL
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> scvhost.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
  --> AVPSrv.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> avwgemn.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giy
  --> avzxemn.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.giz
  --> djatl.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.feg
  --> NVDispDrv.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> sqmapi32.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGa.dmj
  --> upxdnd.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!


End of the scan: 星期五 2007年11月2日  20:49
Used time: 00:09 min

The scan has been done completely.

      0 Scanning directories
     35 Files were scanned
     30 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
      1 files were deleted

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOnline.fg
病毒： Trojan.PSW.Win32.GameOnline.no
病毒： Trojan.DL.Delf.xxb      
病毒： Trojan.PSW.Win32.GameOnline.np
病毒： Trojan.PSW.Win32.GameOnline.jf
病毒： Trojan.PSW.Win32.DJOnline.x
病毒： Trojan.PSW.Win32.GameOnline.fa
病毒： Trojan.PSW.Win32.GameOnline.no
病毒： Trojan.Mnless.lpi        
病毒： Trojan.PSW.Win32.XYOnline.qc
病毒： Trojan.PSW.Win32.GameOnline.px
病毒： Trojan.PSW.Win32.OnlineGame.ylz
病毒： Trojan.PSW.Win32.SunOnline.fe
病毒： Trojan.PSW.Win32.OnlineGames.zzp
病毒： Trojan.PSW.Win32.LMir.yyb
病毒： Backdoor.Win32.Agent.yff
病毒： Trojan.PSW.Win32.GameOnline.np
病毒： Trojan.PSW.Win32.WorldOnline.ly
病毒： Trojan.PSW.Win32.DJOnline.w
病毒： Trojan.PSW.Win32.GameOnline.ey

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.16.42

傻猪猪米走鸡

F:\virus\��1.rar » RAR » vahnvafkqw.dll - probably a variant of Win32/Genetik trojan
F:\virus\��1.rar » RAR » wlatl.dll - Win32/PSW.OnLineGames.NHF trojan
F:\virus\��1.rar » RAR » zhjtrx.dll - is OK
F:\virus\��1.rar » RAR » e1.exe - Win32/TrojanDownloader.SMW.A trojan
F:\virus\��1.rar » RAR » e10.exe - probably unknown NewHeur_PE virus
F:\virus\��1.rar » RAR » e11.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » e13.exe - probably a variant of Win32/Genetik trojan
F:\virus\��1.rar » RAR » e14.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
F:\virus\��1.rar » RAR » e15.exe - probably a variant of Win32/Genetik trojan
F:\virus\��1.rar » RAR » e16.exe - Win32/PSW.WOW.WU trojan
F:\virus\��1.rar » RAR » e17.exe - Win32/PSW.OnLineGames.NGU trojan
F:\virus\��1.rar » RAR » e18.exe - Win32/PSW.OnLineGames.NGU trojan
F:\virus\��1.rar » RAR » e19.exe - is OK
F:\virus\��1.rar » RAR » e20.exe - probably unknown NewHeur_PE virus
F:\virus\��1.rar » RAR » e2.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » e3.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » e4.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
F:\virus\��1.rar » RAR » e5.exe - a variant of Win32/PSW.OnLineGames.YA trojan
F:\virus\��1.rar » RAR » e6.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » e7.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » e8.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » e9.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » NvSys74.Sys - is OK
F:\virus\��1.rar » RAR » 608769WL.DLL - Win32/PSW.OnLineGames.GGO trojan
F:\virus\��1.rar » RAR » 608769MM.DLL - a variant of Win32/PSW.Legendmir.NFF trojan
F:\virus\��1.rar » RAR » scvhost.exe - Win32/Delf.AWY trojan
F:\virus\��1.rar » RAR » AVPSrv.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\��1.rar » RAR » avwgemn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
F:\virus\��1.rar » RAR » avzxemn.dll - a variant of Win32/PSW.OnLineGames.FDY trojan
F:\virus\��1.rar » RAR » djatl.dll - Win32/PSW.OnLineGames.FEG trojan
F:\virus\��1.rar » RAR » NVDispDrv.dll - is OK
F:\virus\��1.rar » RAR » sqmapi32.dll - Win32/PSW.OnLineGames.NHF trojan
F:\virus\��1.rar » RAR » upxdnd.dll - probably a variant of Win32/Genetik trojan

2007zxf1

卡巴和红伞都是33个

残缺的唯美

咖啡很帅气的18个

The EQs

C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » vahnvafkqw.dll - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » wlatl.dll - Win32/PSW.OnLineGames.NHF trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » zhjtrx.dll - Win32/Delf.NHW trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e1.exe - Win32/TrojanDownloader.SMW.A trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e10.exe - Win32/PSW.Legendmir.BOQ trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e11.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e13.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e14.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e15.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e16.exe - Win32/PSW.WOW.WU trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e17.exe - Win32/PSW.OnLineGames.NGU trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e18.exe - Win32/PSW.OnLineGames.NGU trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e19.exe - Win32/Delf.NHW trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e20.exe - Win32/Delf.NFD trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e2.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e3.exe - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e4.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e5.exe - Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e6.exe - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e7.exe - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e8.exe - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » e9.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » 608769WL.DLL - Win32/PSW.OnLineGames.GGO trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » 608769MM.DLL - Win32/PSW.Legendmir.NFF trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » scvhost.exe - Win32/Delf.AWY trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » AVPSrv.dll - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » avwgemn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » avzxemn.dll - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » djatl.dll - Win32/PSW.OnLineGames.FEG trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » NVDispDrv.dll - Win32/PSW.OnLineGames.GRR trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » sqmapi32.dll - Win32/PSW.OnLineGames.NHF trojan
C:\Documents and Settings\Don johnson\桌面\样本1.rar » RAR » upxdnd.dll - probably a variant of Win32/Genetik trojan

平淡

残缺的唯美

换了咖啡的超级病毒库  20个=。=