某毒网的(22x)

显示全部楼层 · 发表于 2007-11-4 17:15:17

老
22
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/10.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/11.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/12.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/13.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/14.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gih File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/15.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gqn File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/16.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gqo File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/17.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/18.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/19.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gmw File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/1.exe
detected: Trojan program Trojan-PSW.Win32.QQRob.lp File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/1x.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/2.exe
detected: Trojan program Trojan-Downloader.Win32.Delf.bki File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/2x.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/3.exe
detected: Trojan program Trojan-PSW.Win32.QQRob.lp File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/3x.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gpx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/4.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gtd File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/5.exe//UPack
detected: Trojan program Trojan-PSW.Win32.Lmir.bnx File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/6.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gis File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/7.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.fhz File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/8.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.gqb File: C:\Documents and Settings\Owner\×ÀÃæ\1104.rar/9.exe//UPack

显示全部楼层 · 发表于 2007-11-4 17:19:13

已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/10.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/11.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/12.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/13.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/14.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gih 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/15.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gqn 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/16.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gux 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/17.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/18.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/19.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gmw 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/1.exe
已删除: 木马程序 Trojan-PSW.Win32.QQRob.lp 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/1x.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/2.exe
已删除: 木马程序 Trojan-Downloader.Win32.Delf.bki 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/2x.exe//PE_Patch.UPX//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/3.exe
已删除: 木马程序 Trojan-PSW.Win32.QQRob.lp 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/3x.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gpx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/4.exe
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gtd 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/5.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.Lmir.bnx 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/6.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gis 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/7.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.fhz 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/8.exe//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.gqb 文件: C:\Documents and Settings\Administrator\桌面\1104.rar/9.exe//UPack

显示全部楼层 · 发表于 2007-11-4 17:27:32

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.XYOnline.qe
病毒： Trojan.PSW.Win32.GameOnline.sc
病毒： Trojan.PSW.Win32.DJOnline.am
病毒： Trojan.PSW.Win32.QQPass.ywq
病毒： Trojan.PSW.Win32.GameOnline.nj
病毒： Trojan.PSW.Win32.TLOnline.jjh
病毒： Trojan.PSW.Win32.XYOnline.qg
病毒： Dropper.Win32.XYOnline.t
病毒： Trojan.Win32.Agent.ipb
病毒： Trojan.DL.Multi.wjc
病毒： Trojan.Win32.Agent.zri

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.16.61

显示全部楼层 · 发表于 2007-11-4 17:46:44

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\1104.rar'
C:\Documents and Settings\Administrator\桌面\1104.rar
  [0] Archive type: RAR
  --> 10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gqj
  --> 11.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.grj
  --> 12.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.grh
  --> 13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gri
  --> 14.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 15.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gie
  --> 16.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gqn
  --> 17.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gqo
  --> 18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.grg
  --> 19.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.21346
  --> 1.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> 1x.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> 2.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gqg
  --> 2x.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 3.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.23906
  --> 3x.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> 4.exe
   [DETECTION] Is the Trojan horse TR/FWDisable.20842
  --> 5.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 6.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 7.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gis
  --> 8.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> 9.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.gqb
   [INFO]    The file was deleted!

End of the scan: 星期日 2007年11月4日  17:46
Used time: 00:10 min

The scan has been done completely.

   0 Scanning directories
   24 Files were scanned
   22 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted

显示全部楼层 · 发表于 2007-11-4 17:46:49

C:\Documents and Settings\Uhthn\Desktop\1104\15.exe : infected Trojan-PSW.Win32.OnLineGames.gih
C:\Documents and Settings\Uhthn\Desktop\1104\1.exe : is suspected of Malware.Agent.108 (paranoid heuristics)
C:\Documents and Settings\Uhthn\Desktop\1104\1.exe : backup copy created
C:\Documents and Settings\Uhthn\Desktop\1104\1x.exe : infected BackDoor.Klj
C:\Documents and Settings\Uhthn\Desktop\1104\2x.exe : infected Trojan-Downloader.Win32.Delf.bki
C:\Documents and Settings\Uhthn\Desktop\1104\3x.exe : infected BackDoor.Klj
C:\Documents and Settings\Uhthn\Desktop\1104\6.exe : infected MalwareScope.Trojan-PSW.Game.16
C:\Documents and Settings\Uhthn\Desktop\1104\7.exe : infected MalwareScope.Trojan-PSW.Game.16
C:\Documents and Settings\Uhthn\Desktop\1104\8.exe : infected MalwareScope.Trojan-PSW.Game.16

Directories    : 0    Files in archives:    Files on disks:
Archives:                - total    : 0    - total    : 22
- scanned       : 0    -  scanned : 0    - scanned    : 22
- contain viruses : 0    -  infected : 0    - infected : 7
- deleted       : 0    -  suspicious : 0    - suspicious  : 1

显示全部楼层 · 发表于 2007-11-4 17:47:20

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 803
Paranoia Database - 48490
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\1104

C:\Documents and Settings\Uhthn\Desktop\1104\10.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\11.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\12.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\13.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\14.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\15.exe - Infected GENERIC.MALWARE.9DD.3B29 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1104\16.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\17.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\18.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\19.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\1.exe - Infected TROJAN-PSW.ONLINEGAMES.U - Deleted
C:\Documents and Settings\Uhthn\Desktop\1104\1x.exe - Suspected WIN32.TROJAN-DOWNLOADER (HTTP://...)
C:\Documents and Settings\Uhthn\Desktop\1104\2.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\2x.exe - Infected WIN32.TROJAN-DOWNLOADER.DELF.5 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1104\3.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\3x.exe - Suspected WIN32.TROJAN-DOWNLOADER (HTTP://...)
C:\Documents and Settings\Uhthn\Desktop\1104\4.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\5.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\1104\6.exe - Infected GENERIC.MALWARE.761.78F6 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1104\7.exe - Infected TROJAN-PSW.ONLINEGAMES.77 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1104\8.exe - Infected TROJAN-PSW.ONLINEGAMES.62 - Deleted
C:\Documents and Settings\Uhthn\Desktop\1104\9.exe - Suspected MaliciousScope:GENERIC.MALWARE.3

22 Files scanned
6 Infected files found
16 Suspected files found
0 Files disinfected
6 Files deleted

显示全部楼层 · 发表于 2007-11-4 18:35:57

NAV全灭
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 10.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 11.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 12.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 13.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 14.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 15.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 16.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 17.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 18.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 19.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 1.exe - Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 1x.exe - a variant of Win32/PSW.QQRob.NAQ trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 2.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 2x.exe - Win32/TrojanDownloader.Delf.NUM trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 3.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 3x.exe - a variant of Win32/PSW.QQRob.NAQ trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 4.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 5.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 6.exe - Win32/PSW.WOW.WU trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 7.exe - Win32/PSW.WOW.WU trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 8.exe - Win32/PSW.WOW.WU trojan
C:\Documents and Settings\David\Desktop\1104.rar » RAR » 9.exe - Win32/PSW.OnLineGames.FDY trojan

显示全部楼层 · 发表于 2007-11-4 19:38:55

日期： 4.11.2007 时间：19:39:53
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\Documents and Settings\zh\桌面\1104.rar
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>10.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>11.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>12.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>13.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>14.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>15.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>16.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>17.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>18.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>19.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>1.exe - Win32/PSW.Agent.NEC 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>1x.exe - Win32/PSW.QQRob.NAQ 木马的变种
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>2.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>2x.exe - Win32/TrojanDownloader.Delf.NUM 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>3.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>3x.exe - Win32/PSW.QQRob.NAQ 木马的变种
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>4.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>5.exe - Win32/PSW.OnLineGames.FDY 木马的变种
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>6.exe - Win32/PSW.WOW.WU 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>7.exe - Win32/PSW.WOW.WU 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>8.exe - Win32/PSW.WOW.WU 木马
C:\Documents and Settings\zh\桌面\1104.rar >>RAR >>9.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\zh\桌面\1104.rar - 多重感染 - 已删除
已扫描的文件数目：23
已发现的病毒数目：22
已清除病毒的文件数目：1
完成时间： 19:39:55 总扫描时间：2 秒 (00:00:02)

显示全部楼层 · 发表于 2007-11-4 20:45:01

检测到病毒: Trojan-PSW.Win32.OnLineGames.gpx。。。
文件: 1104[1].rar

[病毒样本] 某毒网的(22x)

本帖子中包含更多资源

43/22（全杀）

vba32