猪猪乐园搞到的10只

显示全部楼层 · 发表于 2007-12-31 16:34:51

C:\ABC\1\10.rar:\update.exe - 特征码 'Trojan-Spy.Win32.Delf.rx' 被发现
C:\ABC\1\10.rar:\sms8s.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\1\10.rar:\sms6s.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\1\10.rar:\sms3s.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\1\10.rar:\sms0s.exe - 特征码 'Trojan.Delf.NEB' 被发现
C:\ABC\1\10.rar:\WinSy_8z.Sys - 特征码 'Trojan-PWS.Win32.Nilage.bga' 被发现
C:\ABC\1\10.rar:\gdqqsgi32.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\1\10.rar:\gddji32.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\1\10.rar:\rarjetl.exe - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\1\10.rar:\rarjepi.dll - 特征码 'Virus.Win32.OnLineGames.BGD' 被发现

[ 本帖最后由 promised 于 2007-12-31 16:49 编辑 ]

显示全部楼层 · 发表于 2007-12-31 16:37:11

10个江民K9个！！！！

显示全部楼层 · 发表于 2007-12-31 16:37:22

Starting the file scan:

Begin scan in 'E:\10.rar'
E:\10.rar
  [0] Archive type: RAR
  --> sms8s.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> sms6s.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> sms3s.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.lpr
  --> sms0s.exe
   [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
  --> WinSy_8z.Sys
   [DETECTION] Contains suspicious code HEUR/Malware
  --> gdqqsgi32.dll
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> gddji32.dll
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> rarjetl.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.lpr
  --> rarjepi.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.lpr
   [WARNING] The file was ignored!

End of the scan: 2007年12月31日  16:38
Used time: 00:15 min

The scan has been done completely.

   0 Scanning directories
   11 Files were scanned
   8 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   1 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-12-31 16:38:58

detected: Trojan program Trojan-Downloader.Win32.Dirat.au File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/update.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.mpj File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/sms8s.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.kwh File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/sms6s.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.lrc File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/sms3s.exe//UPack
detected: Trojan program Trojan-Dropper.Win32.Microjoin.gc File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/sms0s.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.mpj File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/gdqqsgi32.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.lmw File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/gddji32.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.lrc File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/rarjetl.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.lpr File: C:\Documents and Settings\Owner\×ÀÃæ\10.rar/rarjepi.dll

显示全部楼层 · 发表于 2007-12-31 16:44:33

FP漏一个
-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2007-12-31, 5:54

Scan name: 12.31
Path to scan: C:\样本 yangpizhi\12.31\|

Thorough scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-12-31, 16:43:57
---------------------------------------------------------------------

[Clean] Boot sector on drive F:
[Clean] Boot sector on drive E:
[Clean] Boot sector on drive D:
[Clean] Boot sector on drive C:
[Clean] Master Boot Record on disk 0
[Clean] C:\样本 yangpizhi\12.31\10.rar->update.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->sms8s.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->sms6s.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->sms3s.exe->(UPack)
[Clean] C:\样本 yangpizhi\12.31\10.rar->sms0s.exe->(UPX)
[Found possible virus] <W32/Document-disguised-based!Maximus (not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->sms0s.exe
[Found virus] <W32/InfoStealer!Generic (not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->WinSy_8z.Sys
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->gdqqsgi32.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->gddji32.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\样本 yangpizhi\12.31\10.rar->rarjetl.exe->(UPack)
[Found password stealer] <W32/OnlineGames.A.gen!Eldorado (not disinfectable, generic)> C:\样本 yangpizhi\12.31\10.rar->rarjepi.dll
[Contains infected objects] C:\样本 yangpizhi\12.31\10.rar
[Quarantined] C:\样本 yangpizhi\12.31\10.rar->rarjepi.dll

---------------------------------------------------------------------
Scan ended: 2007-12-31, 16:44:02
Duration: 0:00:04

Scan result:

Scanned files:    6
Infected objects:    9
Disinfected objects:    0
Quarantined files:    1
---------------------------------------------------------------------

显示全部楼层 · 发表于 2007-12-31 16:47:19

nod32 9
10.rar » RAR » sms8s.exe - a variant of Win32/PSW.OnLineGames.JOJ trojan
10.rar » RAR » sms6s.exe - Win32/PSW.OnLineGames.KWH trojan
10.rar » RAR » sms3s.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
10.rar » RAR » sms0s.exe - probably a variant of Win32/AutoRun.Q worm
10.rar » RAR » WinSy_8z.Sys - probably a variant of Win32/AutoRun.Q worm
10.rar » RAR » gdqqsgi32.dll - a variant of Win32/PSW.OnLineGames.JOJ trojan
10.rar » RAR » gddji32.dll - probably a variant of Win32/PSW.OnLineGames.NHF trojan
10.rar » RAR » rarjetl.exe - a variant of Win32/PSW.OnLineGames.FDY trojan
10.rar » RAR » rarjepi.dll - a variant of Win32/PSW.OnLineGames.FDY trojan

显示全部楼层 · 发表于 2007-12-31 16:55:34

Win32:Delf-HBE [Trj]                                  update.exe
Win32:OnLineGames-BKU [Trj]                sms8s.exe
Win32:OnLineGames-BBH [Trj]                sms6s.exe
Win32:OnLineGames-BGD [Trj]                sms3s.exe
Win32:Delf-FZG [Trj]                                     sms0s.exe
Win32:Delf-FZG [Trj]                                     WinSy_8z.Sys
Win32:OnLineGames-BKU [Trj]                gdqqsgi32.dll
Win32:OnLineGames-BBH [Trj]                gddji32.dll
Win32:OnLineGames-BGD [Trj]                rarjetl.exe
Win32:OnLineGames-BGD [Trj]                rarjepi.dll

显示全部楼层 · 发表于 2007-12-31 16:59:55

AVG Anti-Spyware - 扫描报告
---------------------------------------------------------

+ 创建时间: 17:03:05 2007-12-31

+ 扫描结果:

C:\Documents and Settings\zh\桌面\10.rar/update.exe -> Downloader.Dirat.au : 未进行操作.
C:\Documents and Settings\zh\桌面\10.rar/sms0s.exe -> Dropper.Microjoin.gc : 未进行操作.
C:\Documents and Settings\zh\桌面\10.rar/sms6s.exe -> Trojan.OnLineGames.kvw : 未进行操作.
C:\Documents and Settings\zh\桌面\10.rar/rarjetl.exe -> Trojan.OnLineGames.lrb : 未进行操作.
C:\Documents and Settings\zh\桌面\10.rar/sms3s.exe -> Trojan.OnLineGames.lrb : 未进行操作.

::报告结束

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.DL.Win32.Mnless.jm
病毒： Trojan.PSW.Win32.GameOL.gmv
病毒： Trojan.PSW.Win32.GameOL.ggg
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Worm.Win32.PaBug.fi
病毒： Worm.Win32.PaBug.fi
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.GEN

用户来源：互联网

软件版本：20.25

显示全部楼层 · 发表于 2007-12-31 17:36:31

WinSy_8z.Sys - Trojan-PSW.Win32.QQPass.aqm

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

显示全部楼层 · 发表于 2007-12-31 17:37:14

最爱那个猪头标志

[病毒样本] 猪猪乐园搞到的10只

本帖子中包含更多资源

avast! 10

浏览过的版块