给你们大开杀戒:21

spaceplane

原帖由 欠你幸福 于 2008-1-29 20:46 发表
不要小看金山

去年一年他给我漏了十来回，最后都是自己强行把病毒干掉的

wangjay1980

detected: Trojan program Trojan-PSW.Win32.OnLineGames.ptd        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\1.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.odb        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\10.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pbp        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\11.exe//PE_Patch//UPack
detected: Trojan program Trojan.Win32.Vaklik.gg        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\12.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.oee        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\13.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Zlob.gef        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\14.exe//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pbp        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\15.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pry        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\16.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.isb        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\17.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prg        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\18.exe//UPack
detected: Trojan program Trojan-PSW.Win32.QQPass.asf        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\19.exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pcn        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\2.exe//UPack
detected: virus Worm.Win32.AutoRun.bnt        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\21.exe//FSG
detected: Trojan program Trojan.Win32.Pakes.bzp        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\3.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pbp        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\4.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.odx        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\5.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pbp        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\6.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.prw        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\7.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pou        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\8.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.nfz        File: C:\Documents and Settings\Owner\×ÀÃæ\21.rar/21\9.exe//UPack

IllusionWing

all killed

leonfg

ESET 20
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\1.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\10.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\11.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\12.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\13.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\14.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\15.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\16.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\17.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\18.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\19.exe - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\2.exe - Win32/PSW.OnLineGames.NMF trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\20.exe - a variant of Win32/Mypis virus
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\21.exe - probably a variant of Win32/AutoRun.ED worm
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\3.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\4.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\5.exe - Win32/PSW.OnLineGames.FDY trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\6.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\7.exe - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\GUNDAM\桌面\attachment.php » RAR » 21\9.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan

liangxy

我发现费尔对论坛上的病毒反应迅速啊,费尔全灭```哈哈,不愧是合作伙伴啊````

liangxy

13楼的大哥,你用的什么软件,怎么这个界面我没见过啊??

[ 本帖最后由 liangxy 于 2008-1-29 21:33 编辑 ]

woai_jolin

2008-1-29 21:37:17        Real-time file system protection        file        G:\v\21\9.exe        probably a variant of Win32/PSW.OnLineGames.NFL trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:16        Real-time file system protection        file        G:\v\21\7.exe        Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:15        Real-time file system protection        file        G:\v\21\6.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:13        Real-time file system protection        file        G:\v\21\5.exe        Win32/PSW.OnLineGames.FDY trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:12        Real-time file system protection        file        G:\v\21\4.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:11        Real-time file system protection        file        G:\v\21\3.exe        a variant of Win32/PSW.OnLineGames.GJV trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:09        Real-time file system protection        file        G:\v\21\21.exe        probably a variant of Win32/AutoRun.ED worm        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:08        Real-time file system protection        file        G:\v\21\20.exe        a variant of Win32/Mypis virus        deleted - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:07        Real-time file system protection        file        G:\v\21\2.exe        Win32/PSW.OnLineGames.NMF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:05        Real-time file system protection        file        G:\v\21\19.exe        probably a variant of Win32/AutoRun.Q worm        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:04        Real-time file system protection        file        G:\v\21\18.exe        a variant of Win32/PSW.OnLineGames.NFL trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:03        Real-time file system protection        file        G:\v\21\17.exe        a variant of Win32/PSW.OnLineGames.YA trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:02        Real-time file system protection        file        G:\v\21\16.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:37:00        Real-time file system protection        file        G:\v\21\15.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:36:59        Real-time file system protection        file        G:\v\21\14.exe        Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:36:57        Real-time file system protection        file        G:\v\21\13.exe        Win32/PSW.OnLineGames.FDY trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:36:56        Real-time file system protection        file        G:\v\21\12.exe        a variant of Win32/PSW.OnLineGames.NFL trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:36:55        Real-time file system protection        file        G:\v\21\11.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:36:54        Real-time file system protection        file        G:\v\21\10.exe        a variant of Win32/PSW.OnLineGames.MUG trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-1-29 21:36:52        Real-time file system protection        file        G:\v\21\1.exe        a variant of Win32/PSW.OnLineGames.NFL trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

sam.to

Hello,

20.exe_ - Worm.Win32.AutoRun.cfu

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Ermilov Maxim
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

瑞星全灭，三个Gen，一个恶意代码

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\21.rar'
C:\Documents and Settings\Administrator\My Documents\
  21.rar
  21.rar:Zone.Identifier
    [0] Archive type: RAR
    --> 21\1.exe
        [DETECTION] Is the Trojan horse TR/PSW.Online.aav.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\10.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nzv.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\11.exe
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\12.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.PMG.5
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\13.exe
        [DETECTION] Is the Trojan horse TR/WuDisable.B
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\14.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.omf
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\15.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\16.exe
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\17.exe
        [DETECTION] Is the Trojan horse TR/Dropper.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\18.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prh.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\19.exe
        [DETECTION] Is the Trojan horse TR/PSW.QQpass.ase
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\2.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pcn.3
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\20.exe
        [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\21.exe
        [DETECTION] Contains detection pattern of the worm WORM/Autorun.bnt.3
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\3.exe
        [DETECTION] Is the Trojan horse TR/PSW.Nilage.bxo
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\4.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.22
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\5.exe
        [DETECTION] Is the Trojan horse TR/WuDisable.B
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\6.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.23
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\7.exe
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\8.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pou.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> 21\9.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NFY.4
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      The file was deleted!


End of the scan: 2008年1月29日  08:22
Used time: 00:04 min

The scan has been done completely.

      0 Scanning directories
     23 Files were scanned
     21 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
     21 Warnings
      0 Notes