21个

显示全部楼层 · 发表于 2008-1-25 21:54:35

附件那些文件是程序随机命名的..名字有点乱..

[oo]e0=http://1.111281.com/1.exee1=http://1.111281.com/2.exee2=http://1.111281.com/3.exee3=http://1.111281.com/4.exee4=http://1.111281.com/5.exee5=http://1.111281.com/6.exee6=http://1.111281.com/7.exee7=http://1.111281.com/8.exee8=http://1.111281.com/9.exee9=http://1.111281.com/10.exee10=http://1.111281.com/11.exee11=http://1.111281.com/12.exee12=http://1.111281.com/13.exee13=http://1.111281.com/14.exee14=http://1.111281.com/15.exee15=http://1.111281.com/16.exee16=http://1.111281.com/17.exee17=http://1.111281.com/18.exee18=http://1.111281.com/19.exee19=http://1.111281.com/20.exee20=http://1.111281.com/21.exe

显示全部楼层 · 发表于 2008-1-25 21:55:50

灭。。一启发
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pil File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.6054128.exe//UPack
deleted: Trojan program Trojan-Downloader.Win32.Zlob.gej File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.7474726.exe//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pfw File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.9184207.exe//PE_Patch//UPack
deleted: Trojan program Trojan.Win32.Pakes.bzp File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.977505.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.olj File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/11.370084E-02.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pjj File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/12.19059E-03.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.otu File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/16.287396E-02.exe//PE_Patch//UPack
deleted: Trojan program Trojan.Win32.Vaklik.fq File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/17.299352.exe//UPack
deleted: Trojan program Trojan-Downloader.Win32.Zlob.geh File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/17.3091046.exe//PE_Patch
deleted: Trojan program Trojan.Win32.Pakes.bzp File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/17.6241984.exe
deleted: Trojan program Trojan-PSW.Win32.Nilage.bxs File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/17.7751123.exe//PE_Patch.UPX//#//UPack//PE_Patch.MaskPE
deleted: Trojan program Trojan.Win32.Vaklik.eb File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/17.9894373.exe//UPack
deleted: Trojan program Trojan.Win32.Pakes.bzp File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/0.15568899.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.okn File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.1298072.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.Nilage.bxs File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.2038586.exe//PE_Patch.UPX//#//UPack//PE_Patch.MaskPE
deleted: Trojan program Trojan-PSW.Win32.QQPass.ast File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.4100863.exe//UPX
deleted: Trojan program Trojan.Win32.Vaklik.gi File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.423945.exe//UPack//PE_Patch
deleted: Trojan program Trojan.Win32.Vaklik.gf File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.5319987.exe//UPack//PE_Patch
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pgp File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.5508343.exe//UPack
deleted: virus Heur.Trojan.Generic File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.5619696.exe//UPack
deleted: Trojan program Trojan.Win32.Vaklik.fe File: C:\Documents and Settings\Administrator\×ÀÃæ\01258.rar/1.5799524.exe//UPack

显示全部楼层 · 发表于 2008-1-25 21:55:51

Scan Log
Version of virus signature database: 2822 (20080125)
Date: 2008-1-25 Time: 21:55:54
Scanned disks, folders and files: G:\v\01258.rar
Number of scanned objects: 22
Number of threats found: 21
Time of completion: 21:56:00 Total scanning time: 6 sec (00:00:06)

Notes:
[7] Object is probably infected with an unknown virus.

显示全部楼层 · 发表于 2008-1-25 21:56:32

Starting the file scan:

Begin scan in 'E:\01258.rar'
E:\01258.rar
  [0] Archive type: RAR
  --> 1.6054128.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pim
  --> 1.7474726.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oga.2
  --> 1.9184207.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.phh.3
  --> 1.977505.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxd
  --> 11.370084E-02.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 12.19059E-03.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 16.287396E-02.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 17.299352.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 17.3091046.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oku.1
  --> 17.6241984.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxe
  --> 17.7751123.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 17.9894373.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.205
  --> 0.15568899.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxe
  --> 1.1298072.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oiv.2
  --> 1.2038586.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1.4100863.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 1.423945.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1.5319987.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1.5508343.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pgp.2
  --> 1.5619696.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1.5799524.exe
   [DETECTION] Is the Trojan horse TR/Vaklik.FE.2
   [INFO]    The file was deleted!

End of the scan: 2008年1月25日  21:57
Used time: 00:17 min

The scan has been done completely.

   0 Scanning directories
   22 Files were scanned
   21 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-1-25 21:57:07

卡巴17~
ESET 21~

C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.6054128.exe - 未查明的 NewHeur_PE 病毒
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.7474726.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.9184207.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.977505.exe - Win32/PSW.OnLineGames.GJV 特洛伊木马
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?11.370084E-02.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?12.19059E-03.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?16.287396E-02.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?17.299352.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?17.3091046.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?17.6241984.exe - Win32/PSW.OnLineGames.GJV 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?17.7751123.exe - Win32/PSW.OnLineGames.GJV 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?17.9894373.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?0.15568899.exe - Win32/PSW.OnLineGames.GJV 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.1298072.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.2038586.exe - Win32/PSW.OnLineGames.GJV 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.4100863.exe - 可能是 Win32/AutoRun.Q 蠕虫的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.423945.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.5319987.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.5508343.exe - 未查明的 NewHeur_PE 病毒
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.5619696.exe - Win32/PSW.OnLineGames.YA 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\01258.rar ?RAR ?1.5799524.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种

显示全部楼层 · 发表于 2008-1-25 22:02:31

17个

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.loh
病毒： Trojan.PSW.Win32.ZhengTu.ymo
病毒： Trojan.PSW.Win32.GameOL.lna
病毒： Trojan.PSW.Win32.GameOL.ljg
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.GameOL.lpn
病毒： Trojan.PSW.Win32.LMir.zad
病毒： Trojan.PSW.Win32.GamesOnline.ju
病毒： Trojan.PSW.Win32.ZhengTu.ymm
病毒： Trojan.PSW.Win32.DJOnline.bp
病毒： Trojan.PSW.Win32.GameOL.lka
病毒： Trojan.PSW.Win32.GamesOnline.hr
病毒： Trojan.PSW.Win32.GamesOnline.ke
病毒： Trojan.PSW.Win32.GamesOnline.jz
病毒： Trojan.PSW.Win32.GameOL.lmu
病毒： Trojan.PSW.Win32.GameOL.lmq

MAC 地址：00:11:D8:2A:98:47

用户来源：局域网

软件版本：20.28.42

显示全部楼层 · 发表于 2008-1-25 22:08:55

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.loh
病毒： Trojan.PSW.Win32.ZhengTu.ymo
病毒： Trojan.PSW.Win32.GameOL.lna
病毒： Trojan.PSW.Win32.GameOL.ljg
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.GameOL.lpn
病毒： Trojan.PSW.Win32.LMir.zad
病毒： Trojan.PSW.Win32.GamesOnline.ju
病毒： Trojan.PSW.Win32.ZhengTu.ymm
病毒： Trojan.PSW.Win32.DJOnline.bp
病毒： Trojan.PSW.Win32.GameOL.lka
病毒： Trojan.PSW.Win32.GamesOnline.hr
病毒： Trojan.PSW.Win32.GamesOnline.ke
病毒： Trojan.PSW.Win32.GamesOnline.jz
病毒： Trojan.PSW.Win32.GameOL.lmu
病毒： Trojan.PSW.Win32.GameOL.lmq

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.28.42

显示全部楼层 · 发表于 2008-1-25 22:21:21

I:\virus\test\0.15568899.exe - Signature 'Trojan-PWS.Win32.Delf.ix' found
I:\virus\test\1.1298072.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.2038586.exe - Signature 'Trojan-PWS.Win32.Agent.jp' found
I:\virus\test\1.4100863.exe - Signature 'Trojan-Proxy.Win32.Delf.AN' found
I:\virus\test\1.423945.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.5319987.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.5508343.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.5619696.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.5799524.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.6054128.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\1.7474726.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\1.9184207.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\1.977505.exe - Signature 'Trojan-PWS.Win32.Delf.ix' found
I:\virus\test\11.370084E-02.exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
I:\virus\test\12.19059E-03.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\16.287396E-02.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\17.299352.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
I:\virus\test\17.3091046.exe - Signature 'Trojan-Spy.Win32.Delf.PD' found
I:\virus\test\17.6241984.exe - Signature 'Trojan-PWS.Win32.Delf.ix' found
I:\virus\test\17.7751123.exe - Signature 'Trojan-PWS.Win32.Agent.jp' found
I:\virus\test\17.9894373.exe - Signature 'Trojan-Spy.Win32.Agent.hz' found
21 Files scanned
(0 Archives with 0 files)
21 Signatures found
0 Suspect code-parts found
Used time: 0:00.547
-------------------------------------------------------------------------------

I:\virus\test/0.15568899.exe: PUA.Packed.UPack FOUND
I:\virus\test/1.1298072.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.2038586.exe: PUA.Packed.UPack FOUND
I:\virus\test/1.4100863.exe: Trojan.QQPass-493 FOUND
I:\virus\test/1.423945.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.5319987.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.5508343.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.5619696.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.5799524.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.6054128.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/1.7474726.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/1.9184207.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/1.977505.exe: PUA.Packed.UPack FOUND
I:\virus\test/11.370084E-02.exe: PUA.Packed.UPack-2 FOUND
I:\virus\test/12.19059E-03.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/16.287396E-02.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/17.299352.exe: PUA.Packed.UPack-1 FOUND
I:\virus\test/17.3091046.exe: PUA.Packed.UPack-3 FOUND
I:\virus\test/17.6241984.exe: PUA.Packed.UPack FOUND
I:\virus\test/17.7751123.exe: PUA.Packed.UPack FOUND
I:\virus\test/17.9894373.exe: PUA.Packed.UPack-1 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 195751
Engine version: 0.92
Scanned directories: 1
Scanned files: 21
Infected files: 21
Data scanned: 0.91 MB
Time: 7.843 sec (0 m 7 s)

显示全部楼层 · 发表于 2008-1-25 22:32:09

江民杀17个

显示全部楼层 · 发表于 2008-1-25 23:15:58

小红伞:

Begin scan in 'c:\netcfan\01258.rar'
c:\netcfan\01258.rar
  [0] Archive type: RAR
  --> 1.6054128.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pim
  --> 1.7474726.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oga.2
  --> 1.9184207.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.phh.3
  --> 1.977505.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxd
  --> 11.370084E-02.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 12.19059E-03.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 16.287396E-02.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> 17.299352.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 17.3091046.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oku.1
  --> 17.6241984.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxe
  --> 17.7751123.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 17.9894373.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.205
  --> 0.15568899.exe
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxe
  --> 1.1298072.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oiv.2
  --> 1.2038586.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 1.4100863.exe
   [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.25
  --> 1.423945.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1.5319987.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1.5508343.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pgp.2
  --> 1.5619696.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 1.5799524.exe
   [DETECTION] Is the Trojan horse TR/Vaklik.FE.2
   [INFO]    A backup was created as '47cbfd1c.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

[病毒样本] 21个

本帖子中包含更多资源

21

42/17

本帖子中包含更多资源

浏览过的版块