收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 explorer.exe被感染了,几乎过全部杀软
123下一页
返回列表 发新帖
楼主: 树上的猫
 收起左侧

[病毒样本] explorer.exe被感染了,几乎过全部杀软

[复制链接]
醉一生爱妍
发表于 2008-1-29 15:32:14 | 显示全部楼层
费尔动态防御报。。



好猛的一个毒。。

无限制的启动1.EXE~15.EXE。。



还给了我们一个下载者木马:
002:http://qqq.521town.com/wm/1.exe
002:http://qqq.521town.com/wm/2.exe
002:http://qqq.521town.com/wm/3.exe
002:http://qqq.521town.com/wm/4.exe
002:http://qqq.521town.com/wm/5.exe
002:http://qqq.521town.com/wm/6.exe
002:http://qqq.521town.com/wm/7.exe
002:http://qqq.521town.com/wm/8.exe
002:http://qqq.521town.com/wm/9.exe
002:http://qqq.521town.com/wm/10.exe
002:http://qqq.521town.com/wm/11.exe
002:http://qqq.521town.com/wm/12.exe
002:http://qqq.521town.com/wm/13.exe
002:http://qqq.521town.com/wm/14.exe
002:http://qqq.521town.com/wm/15.exe
002:http://qqq.521town.com/wm/16.exe
002:http://qqq.521town.com/wm/17.exe
002:http://qqq.521town.com/wm/18.exe
002:http://qqq.521town.com/wm/19.exe
002:http://qqq.521town.com/wm/20.exe
002:http://qqq.521town.com/wm/21.exe

好强悍的病毒啊

[ 本帖最后由 garyyan456 于 2008-1-29 15:37 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

醉一生爱妍
发表于 2008-1-29 15:38:17 | 显示全部楼层
原帖由 mofunzone 于 2008-1-29 15:30 发表
下载了21个东西,antivir全灭,我就不发了,几个启发的上报了

又不把地址帖上來

算了,我帖
回复

举报

挪威的冬天
发表于 2008-1-29 15:38:50 | 显示全部楼层

金山漏了这些。。。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

啊弥陀佛
发表于 2008-1-29 15:39:23 | 显示全部楼层
微点砍掉

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

woai_jolin
发表于 2008-1-29 15:54:11 | 显示全部楼层
2008-1-29 15:57:41 Real-time file system protection file C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\drivers\21.exe Win32/Agent.NOS trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: G:\v\explorer.exe.
2008-1-29 15:57:39 HTTP filter file http://qqq.521town.com/wm/21.exe Win32/Agent.NOS trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:38 Real-time file system protection file C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\drivers\21.exe Win32/Agent.NOS trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: G:\v\explorer.exe.
2008-1-29 15:57:36 HTTP filter file http://qqq.521town.com/wm/21.exe Win32/Agent.NOS trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:34 Real-time file system protection file C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\drivers\21.exe Win32/Agent.NOS trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: G:\v\explorer.exe.
2008-1-29 15:57:32 HTTP filter file http://qqq.521town.com/wm/21.exe Win32/Agent.NOS trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:30 HTTP filter file http://qqq.521town.com/wm/20.exe Win32/PSW.QQPass.NCV trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:28 HTTP filter file http://qqq.521town.com/wm/20.exe Win32/PSW.QQPass.NCV trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:25 HTTP filter file http://qqq.521town.com/wm/20.exe Win32/PSW.QQPass.NCV trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:23 HTTP filter file http://qqq.521town.com/wm/19.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:21 HTTP filter file http://qqq.521town.com/wm/19.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:19 HTTP filter file http://qqq.521town.com/wm/19.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:17 HTTP filter file http://qqq.521town.com/wm/18.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:15 HTTP filter file http://qqq.521town.com/wm/18.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:10 HTTP filter file http://qqq.521town.com/wm/18.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:09 HTTP filter file http://qqq.521town.com/wm/17.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:07 HTTP filter file http://qqq.521town.com/wm/17.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:05 HTTP filter file http://qqq.521town.com/wm/17.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:03 HTTP filter file http://qqq.521town.com/wm/16.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:02 HTTP filter file http://qqq.521town.com/wm/16.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:57:00 HTTP filter file http://qqq.521town.com/wm/16.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:58 HTTP filter file http://qqq.521town.com/wm/15.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:56 HTTP filter file http://qqq.521town.com/wm/15.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:55 HTTP filter file http://qqq.521town.com/wm/15.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:53 HTTP filter file http://qqq.521town.com/wm/14.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:51 HTTP filter file http://qqq.521town.com/wm/14.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:49 HTTP filter file http://qqq.521town.com/wm/14.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:47 HTTP filter file http://qqq.521town.com/wm/13.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:43 HTTP filter file http://qqq.521town.com/wm/13.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:42 HTTP filter file http://qqq.521town.com/wm/13.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:39 HTTP filter file http://qqq.521town.com/wm/10.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:37 HTTP filter file http://qqq.521town.com/wm/10.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:35 HTTP filter file http://qqq.521town.com/wm/10.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:33 HTTP filter file http://qqq.521town.com/wm/9.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:32 HTTP filter file http://qqq.521town.com/wm/9.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:30 HTTP filter file http://qqq.521town.com/wm/9.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:29 HTTP filter file http://qqq.521town.com/wm/8.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:24 HTTP filter file http://qqq.521town.com/wm/8.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:22 HTTP filter file http://qqq.521town.com/wm/8.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:21 HTTP filter file http://qqq.521town.com/wm/7.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:19 HTTP filter file http://qqq.521town.com/wm/7.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:17 HTTP filter file http://qqq.521town.com/wm/7.exe a variant of Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:14 HTTP filter file http://qqq.521town.com/wm/6.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:12 HTTP filter file http://qqq.521town.com/wm/6.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:11 HTTP filter file http://qqq.521town.com/wm/6.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:09 HTTP filter file http://qqq.521town.com/wm/5.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:07 HTTP filter file http://qqq.521town.com/wm/5.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:06 HTTP filter file http://qqq.521town.com/wm/5.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:03 HTTP filter file http://qqq.521town.com/wm/3.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:02 HTTP filter file http://qqq.521town.com/wm/3.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:56:00 HTTP filter file http://qqq.521town.com/wm/3.exe Win32/PSW.OnLineGames.MUG trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:55:57 HTTP filter file http://qqq.521town.com/wm/2.exe Win32/PSW.OnLineGames.NLY trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:55:56 HTTP filter file http://qqq.521town.com/wm/2.exe Win32/PSW.OnLineGames.NLY trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:55:54 HTTP filter file http://qqq.521town.com/wm/2.exe Win32/PSW.OnLineGames.NLY trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:55:53 HTTP filter file http://qqq.521town.com/wm/1.exe Win32/PSW.OnLineGames.NFL trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:55:43 HTTP filter file http://qqq.521town.com/wm/1.exe Win32/PSW.OnLineGames.NFL trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.
2008-1-29 15:55:39 HTTP filter file http://qqq.521town.com/wm/1.exe Win32/PSW.OnLineGames.NFL trojan connection terminated - quarantined BA98EBFDBC7C489\Administrator Threat was detected upon access to web by the application: G:\v\explorer.exe.

[ 本帖最后由 woai_jolin 于 2008-1-29 15:58 编辑 ]
回复

举报

leonfg
发表于 2008-1-29 15:55:30 | 显示全部楼层
ESET
explorer过
windows报:
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\hohblqvv.dll - Win32/PSW.OnLineGames.NLY trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\obqvrusl.exe - Win32/PSW.OnLineGames.NLY trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\auhad.dll - Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\1.exe - Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\10.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\2.exe - Win32/PSW.OnLineGames.NLY trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\3.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\5.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\6.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\7.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\8.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\drivers\9.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\gnolnait.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\ijougiemnaw.dll - Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\iqnauhc.dll - Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\msepion.sys - Win32/PSW.OnLineGames.NFC trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\naijoad.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\oadnew.dll - Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\uohsom.dll - Win32/PSW.OnLineGames.NLH trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\system32\WinForm.dll - Win32/PSW.OnLineGames.HCV trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\verbmrjkt.exe - Win32/PSW.OnLineGames.NLY trojan
C:\Documents and Settings\GUNDAM\桌面\WINDOWS.rar » RAR » WINDOWS\WinForm.exE - Win32/PSW.OnLineGames.NFL trojan
回复

举报

wangjay1980
发表于 2008-1-29 17:47:19 | 显示全部楼层
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ptb        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\hohblqvv.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pgp        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\obqvrusl.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pte        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\auhad.dll//UPack
detected: Trojan program Trojan.Win32.Vaklik.fe        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\1.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\10.exe//PE_Patch//UPack
detected: Trojan program Trojan.Win32.Agent.emb        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\12.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pgp        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\2.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\3.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\5.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\6.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\7.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\8.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\drivers\9.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\gnolnait.dll//UPack//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\ijougiemnaw.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\iqnauhc.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pri        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\msepion.sys
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\naijoad.dll//UPack//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\oadnew.dll//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.akb        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\uohsom.dll//UPack
detected: Trojan program Trojan.Win32.Vaklik.fe        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\system32\WinForm.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pgp        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\verbmrjkt.exe//UPack
detected: Trojan program Trojan.Win32.Vaklik.fe        File: C:\Documents and Settings\Owner\×ÀÃæ\WINDOWS.rar/WINDOWS\WinForm.exE//UPack
回复

举报

spaceplane
发表于 2008-1-29 18:07:52 | 显示全部楼层
衍生物  AVAST  12个

大蜘蛛 6个
回复

举报

Palkia
发表于 2008-1-29 18:27:56 | 显示全部楼层
C:\Documents and Settings\Administrator\桌面\explorer\explorer.exe        TrojanDownloader.Agent.ibh.syjf        木马        还未处理
回复

举报

hj5abc
发表于 2008-1-29 18:44:23 | 显示全部楼层
file:///C:/DOCUME%7E1/ADMINI%7E1/LOCALS%7E1/Temp/moz-screenshot.jpg那个explorer .

Sign of "Win32:Agent-RHJ [Trj]" has been found in "http://bbs.kafan.cn/attachment.php?aid=192578\explorer.exe" file.


回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-26 02:43 , Processed in 0.090797 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表