给你们大开杀戒:21

显示全部楼层 · 发表于 2008-1-29 20:31:27

来源:
http://bbs.kafan.cn/viewthread.php?tid=195370
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ptd 檔案: C:\Documents and Settings\kato9096\桌面\21\1.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.odb 檔案: C:\Documents and Settings\kato9096\桌面\21\10.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pbp 檔案: C:\Documents and Settings\kato9096\桌面\21\11.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Vaklik.gg 檔案: C:\Documents and Settings\kato9096\桌面\21\12.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.oee 檔案: C:\Documents and Settings\kato9096\桌面\21\13.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Zlob.gef 檔案: C:\Documents and Settings\kato9096\桌面\21\14.exe//PE_Patch
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pbp 檔案: C:\Documents and Settings\kato9096\桌面\21\15.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pry 檔案: C:\Documents and Settings\kato9096\桌面\21\16.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.isb 檔案: C:\Documents and Settings\kato9096\桌面\21\17.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.prg 檔案: C:\Documents and Settings\kato9096\桌面\21\18.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.asf 檔案: C:\Documents and Settings\kato9096\桌面\21\19.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pcn 檔案: C:\Documents and Settings\kato9096\桌面\21\2.exe//UPack
已刪除: 病毒 Worm.Win32.AutoRun.bnt 檔案: C:\Documents and Settings\kato9096\桌面\21\21.exe//FSG
已刪除: 特洛伊木馬程式 Trojan.Win32.Pakes.bzp 檔案: C:\Documents and Settings\kato9096\桌面\21\3.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pbp 檔案: C:\Documents and Settings\kato9096\桌面\21\4.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.odx 檔案: C:\Documents and Settings\kato9096\桌面\21\5.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pbp 檔案: C:\Documents and Settings\kato9096\桌面\21\6.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.prw 檔案: C:\Documents and Settings\kato9096\桌面\21\7.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pou 檔案: C:\Documents and Settings\kato9096\桌面\21\8.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.nfz 檔案: C:\Documents and Settings\kato9096\桌面\21\9.exe//UPack
已刪除: 病毒 Worm.Win32.AutoRun.bnt 檔案: C:\Documents and Settings\kato9096\桌面\21\21.exe//FSG

http://qqq.llsj123.com/wm/wm/1.exe
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
http://qqq.llsj123.com/wm/wm/21.exe

Hello,

20.exe_ - Worm.Win32.AutoRun.cfu

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Ermilov Maxim
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

卡巴一个不报，上报

[ 本帖最后由 kato9096 于 2008-1-29 22:39 编辑 ]

显示全部楼层 · 发表于 2008-1-29 20:33:44

Scanning Report
29 January 2008 20:33:14 - 20:33:18
Computer name: PUMA-PC
Scanning type: Scan target
Target: C:\Users\Administrator\Desktop\21.rar

--------------------------------------------------------------------------------

Result: 20 malware found
Trojan-PSW.Win32.OnLineGames.ptd (virus)
C:\Users\Administrator\Desktop\21.rar\21\1.exe
Trojan-PSW.Win32.OnLineGames.odb (virus)
C:\Users\Administrator\Desktop\21.rar\21\10.exe
Trojan-PSW.Win32.OnLineGames.pbp (virus)
C:\Users\Administrator\Desktop\21.rar\21\11.exe
C:\Users\Administrator\Desktop\21.rar\21\15.exe
C:\Users\Administrator\Desktop\21.rar\21\4.exe
C:\Users\Administrator\Desktop\21.rar\21\6.exe
Trojan.Win32.Vaklik.gg (virus)
C:\Users\Administrator\Desktop\21.rar\21\12.exe
Trojan-PSW.Win32.OnLineGames.oee (virus)
C:\Users\Administrator\Desktop\21.rar\21\13.exe
Trojan-Downloader.Win32.Zlob.gef (virus)
C:\Users\Administrator\Desktop\21.rar\21\14.exe
Trojan-PSW.Win32.OnLineGames.pry (virus)
C:\Users\Administrator\Desktop\21.rar\21\16.exe
Trojan-PSW.Win32.OnLineGames.isb (virus)
C:\Users\Administrator\Desktop\21.rar\21\17.exe
Trojan-PSW.Win32.OnLineGames.prg (virus)
C:\Users\Administrator\Desktop\21.rar\21\18.exe
Trojan-PSW.Win32.QQPass.asf (virus)
C:\Users\Administrator\Desktop\21.rar\21\19.exe
Trojan-PSW.Win32.OnLineGames.pcn (virus)
C:\Users\Administrator\Desktop\21.rar\21\2.exe
Worm.Win32.AutoRun.bnt (virus)
C:\Users\Administrator\Desktop\21.rar\21\21.exe
Trojan.Win32.Pakes.bzp (virus)
C:\Users\Administrator\Desktop\21.rar\21\3.exe
Trojan-PSW.Win32.OnLineGames.odx (virus)
C:\Users\Administrator\Desktop\21.rar\21\5.exe
Trojan-PSW.Win32.OnLineGames.prw (virus)
C:\Users\Administrator\Desktop\21.rar\21\7.exe
Trojan-PSW.Win32.OnLineGames.pou (virus)
C:\Users\Administrator\Desktop\21.rar\21\8.exe
Trojan-PSW.Win32.OnLineGames.nfz (virus)
C:\Users\Administrator\Desktop\21.rar\21\9.exe

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 22
Not scanned: 0
Result:
Viruses: 20
Spyware: 0
Suspicious items: 0
Riskware: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Quarantined: 0
Failed: 0
Boot Sectors:
Scanned: 0
Infected: 0
Suspicious items: 0
Disinfected: 0

--------------------------------------------------------------------------------

Options
Definitions version:
Viruses: 2008-01-29_01
Spyware: 2008-01-29_01
Scanning Engines:
F-Secure AVP: 7.00.171, 2008-01-29
F-Secure Libra: 2.04.01, 2008-01-28
F-Secure Orion: 1.02.37, 2008-01-29
F-Secure Draco: 1.00.35, 2008-01-14
Scanning options:
Scan all files
Scan inside archives
Actions:
Viruses: Delete infected files
Spyware: Delete infected files
SF!!!

显示全部楼层 · 发表于 2008-1-29 20:34:29

FS果然和卡巴关系非同一般呐!

显示全部楼层 · 发表于 2008-1-29 20:36:48

ESET20
D:\病毒测试\未解压样本\21.rar » RAR » 21\1.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\10.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\11.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\12.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\13.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\14.exe - Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\15.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\16.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\17.exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\18.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\19.exe - probably a variant of Win32/AutoRun.Q worm
D:\病毒测试\未解压样本\21.rar » RAR » 21\2.exe - Win32/PSW.OnLineGames.NMF trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\20.exe - a variant of Win32/Mypis virus
D:\病毒测试\未解压样本\21.rar » RAR » 21\21.exe - probably a variant of Win32/AutoRun.ED worm
D:\病毒测试\未解压样本\21.rar » RAR » 21\3.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\4.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\5.exe - Win32/PSW.OnLineGames.FDY trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\6.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\7.exe - Win32/PSW.OnLineGames.MUG trojan
D:\病毒测试\未解压样本\21.rar » RAR » 21\9.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan

显示全部楼层 · 发表于 2008-1-29 20:39:47

2008-1-29 20:38:24 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\10.exe New Malware.aj (Trojan)
2008-1-29 20:38:24 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\11.exe New Malware.aj (Trojan)
2008-1-29 20:38:25 Deleted WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\13.exe PWS-OnlineGames.q.dll (Trojan)
2008-1-29 20:38:25 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\14.exe New Malware.aj (Trojan)
2008-1-29 20:38:25 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\15.exe New Malware.aj (Trojan)
2008-1-29 20:38:25 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\16.exe New Malware.aj (Trojan)
2008-1-29 20:38:25 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\17.exe New Malware.aj (Trojan)
2008-1-29 20:38:26 Deleted WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\19.exe PWS-QQGame (Trojan)
2008-1-29 20:38:26 Deleted WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\20.exe W32/MumaWow.b (Virus)
2008-1-29 20:38:27 Deleted WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\21.exe Generic.dx (Trojan)
2008-1-29 20:38:27 Deleted WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\3.exe PWS-Mmorpg.gen (Trojan)
2008-1-29 20:38:27 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\4.exe New Malware.aj (Trojan)
2008-1-29 20:38:27 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\5.exe New Malware.n (Trojan)
2008-1-29 20:38:27 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\6.exe New Malware.aj (Trojan)
2008-1-29 20:38:27 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\7.exe New Malware.aj (Trojan)
2008-1-29 20:38:28 Moved (Clean failed because the file isn't cleanable) WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\8.exe New Malware.aj (Trojan)
2008-1-29 20:38:28 Deleted WHUT-D9193C067E\gho WinRAR.exe C:\Documents and Settings\gho\桌面\21\9.exe PWS-Mmorpg.gen (Trojan)

显示全部楼层 · 发表于 2008-1-29 20:40:51

kingsoft2008全灭

显示全部楼层 · 发表于 2008-1-29 20:44:26

AVAST 13个
大蜘蛛 17个

金山这回无语

显示全部楼层 · 发表于 2008-1-29 20:44:40

大蜘蛛杀17个

21.rar\21\1.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.origin;;
21.rar\21\10.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.2814;;
21.rar\21\11.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.3104;;
21.rar\21\12.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.origin;;
21.rar\21\13.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Gamania.6848;;
21.rar\21\14.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.2957;;
21.rar\21\15.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.3104;;
21.rar\21\17.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.2250;;
21.rar\21\18.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.origin;;
21.rar\21\19.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Lineage.origin;;
21.rar\21\2.exe;C:\Documents and Settings\77\My Documents\21.rar;可能 BACKDOOR.Trojan;;
21.rar\21\20.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.DownLoader.origin;;
21.rar\21\3.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Gamania.7118;;
21.rar\21\4.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.3104;;
21.rar\21\5.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Gamania.6771;;
21.rar\21\6.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.3104;;
21.rar\21\9.exe;C:\Documents and Settings\77\My Documents\21.rar;Trojan.PWS.Wsgame.origin;;
21.rar;C:\Documents and Settings\77\My Documents;发现档案文件中有受感染的对象;;

显示全部楼层 · 发表于 2008-1-29 20:46:32

不要小看金山

显示全部楼层 · 发表于 2008-1-29 20:47:25

费尔全灭

C:\Documents and Settings\77\My Documents\21.rar>>21\1.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\10.exe TrojanPSW.OnLineGames.odb.ldgm 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\11.exe TrojanPSW.QQHX.tvu.fmwx 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\12.exe W32.Viking.k 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\13.exe TrojanPSW.OnLineGames.lhc.fgfs 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\14.exe TrojanPSW.OnLineGames.oml.llxs 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\17.EXE TrojanDownloader.Nurech.bd.bmqk 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\17.EXE TrojanDownloader.Nurech.bd.bmqk 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\18.EXE W32.Viking.k 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\18.EXE W32.Viking.k 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\19.EXE W32.Gammima.figd 病毒还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\19.EXE W32.Gammima.figd 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\2.EXE W32.Viking.k 病毒还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\2.EXE W32.Viking.k 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\20.EXE Malicious Code.vkjj 病毒还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\20.EXE Malicious Code.vkjj 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\21.EXE Worm.AutoRun.bnt.byde 病毒还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\21.EXE Worm.AutoRun.bnt.byde 病毒还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\4.EXE TrojanPSW.OnLineGames.pbp.navg 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\3.EXE Trojan.Pakes.bzp.yatu 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\3.EXE Trojan.Pakes.bzp.yatu 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\4.EXE TrojanPSW.OnLineGames.pbp.navg 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\5.EXE TrojanPSW.OnLineGames.odx.jrkz 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\5.EXE TrojanPSW.OnLineGames.odx.jrkz 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\6.EXE TrojanPSW.OnLineGames.pbp.ovcn 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\6.EXE TrojanPSW.OnLineGames.pbp.ovcn 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\7.EXE Trojan.Yruuji.tmiq 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\7.EXE Trojan.Yruuji.tmiq 木马还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\8.EXE W32.Warezov.p 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\8.EXE W32.Warezov.p 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\15.exe TrojanPSW.OnLineGames.pbp.zipb 木马还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\9.EXE W32.Viking.k 病毒还未处理
C:\DOCUMENTS AND SETTINGS\77\LOCAL SETTINGS\TEMP\TWIEX1\21\9.EXE W32.Viking.k 病毒还未处理
C:\Documents and Settings\77\My Documents\21.rar>>21\16.exe TrojanPSW.OnLineGames.pry.icqj 木马还未处理

[病毒样本] 给你们大开杀戒:21

本帖子中包含更多资源

本帖子中包含更多资源

回复 7楼 spaceplane 的帖子

浏览过的版块