最近非常流行的mm那个下载者下来的

显示全部楼层 · 发表于 2008-2-12 20:51:16

扫描系统区域...
扫描所选择的目录和文件...
对象: mm\aa1.exe
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:OnLineGames-SR [Trj] (AVAST! 引擎)
对象: mm\aa12.exe
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:OnLineGames-BPY [Trj] (AVAST! 引擎)
对象: mm\aa16.exe\[Upack]
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:Agent-CNF [Trj] (AVAST! 引擎)
对象: mm\aa20.exe\[Upack]
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:OnLineGames-BGD [Trj] (AVAST! 引擎)
对象: mm\aa23.exe
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:OnLineGames-BPY [Trj] (AVAST! 引擎)
对象: mm\aa25.exe
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:OnLineGames-BPY [Trj] (AVAST! 引擎)
对象: mm\aa3.exe\[Upack]
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:Onlinegames-CDA [Trj] (AVAST! 引擎)
对象: mm\aa6.exe
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:Pakes-AJD [Trj] (AVAST! 引擎)
对象: mm\aa7.exe
在压缩档案里: C:\Documents and Settings\Administrato\桌面\mm.rar
状态: 已发现病毒
病毒: Win32:OnLineGames-BPY [Trj] (AVAST! 引擎)
对象: mm.rar
路径: C:\Documents and Settings\Administrato\桌面
状态: 已发现病毒
病毒: Win32:OnLineGames-SR [Trj], Win32:OnLineGames-BPY [Trj] (4x), Win32:Agent-CNF [Trj], Win32:OnLineGames-BGD [Trj], Win32:Onlinegames-CDA [Trj], Win32:Pakes-AJD [Trj] (AVAST! 引擎)
分析完成: 2/12/2008 20:51
已扫描 1 个文件
已发现 1 个染毒文件
发现 0 个可疑文件

显示全部楼层 · 发表于 2008-2-12 20:51:51

记得没错的话以前vba32可以准确报出下载什么的但最近不怎么见了..
还有现在下载者形式单一..
先脱壳再hex一看就看到那个单子了..连密也不加...

显示全部楼层 · 发表于 2008-2-12 20:54:03

现在FreShow的目标是 make hunter easy...
哈哈～

显示全部楼层 · 发表于 2008-2-12 20:54:12

Begin scan in 'C:\MxDownload\mm\mm'
C:\MxDownload\mm\mm\aa1.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.x
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa10.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qjk
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa11.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.prw.4
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa12.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa13.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.8
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa15.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qxo
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa16.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ozu.8
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa17.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa18.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa19.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12211
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa20.exe
   [DETECTION] Is the Trojan horse TR/WuDisable.B
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa21.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qiv
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa22.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.12343
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa23.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa24.exe
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa25.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa26.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '47e39737.qua'!
C:\MxDownload\mm\mm\aa3.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa4.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.1
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa5.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.292
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa6.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa7.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qjj
   [INFO]    The file was deleted!
C:\MxDownload\mm\mm\aa9.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.6
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2008-2-12 20:54:26

扫描进行于：2008-02-12 20:53:36
扫描日志
NOD32版本 2867 (20080212) NT
命令行： C:\Documents and Settings\Administrator\桌面\mm.rar

日期： 12.2.2008 时间：20:53:38
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\Documents and Settings\Administrator\桌面\mm.rar
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa1.exe - Win32/PSW.Agent.NGZ 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa10.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa11.exe - Win32/PSW.OnLineGames.MUG 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa12.exe - Win32/PSW.OnLineGames.GJV 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa13.exe - Win32/PSW.OnLineGames.MUG 木马的变种
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa14.exe - Win32/PSW.OnLineGames.MUG 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa15.exe - Win32/PSW.OnLineGames.MUG 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa16.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa17.exe - Win32/PSW.OnLineGames.NFL 木马的变种
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa18.exe - Win32/PSW.OnLineGames.MUG 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa19.exe - Win32/PSW.OnLineGames.PBQ 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa20.exe - Win32/PSW.OnLineGames.FDY 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa21.exe - Win32/PSW.OnLineGames.MUG 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa22.exe - Win32/PSW.OnLineGames.PBQ 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa23.exe - Win32/PSW.OnLineGames.GJV 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa24.exe - Win32/Agent.NIW 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa25.exe - Win32/PSW.OnLineGames.GJV 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa26.exe - Win32/PSW.OnLineGames.NML 木马的变种
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa3.exe - Win32/PSW.OnLineGames.YA 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa4.exe - Win32/PSW.OnLineGames.MUG 木马的变种
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa5.exe - Win32/PSW.OnLineGames.NFL 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa6.exe - Win32/PSW.OnLineGames.GJV 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa7.exe - Win32/PSW.OnLineGames.GJV 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa8.exe - Win32/PSW.OnLineGames.NLY 木马
C:\Documents and Settings\Administrator\桌面\mm.rar >>RAR >>mm\aa9.exe - Win32/PSW.OnLineGames.MUG 木马
已扫描的文件数目：25
已发现的病毒数目：25
完成时间： 20:53:39 总扫描时间：1 秒 (00:00:01)

显示全部楼层 · 发表于 2008-2-12 21:04:31

FS 扫描23+沙盘2，全kill
沙盘：
在文件 C:\DOCUMENTS AND SETTINGS\GUNDAM\桌面\MM\MM\AA26.EXE 中发现恶意代码。
感染: W32/Suspicious_U.gen.dropper
操作: 无.
在文件 C:\DOCUMENTS AND SETTINGS\GUNDAM\桌面\MM\MM\AA17.EXE 中发现恶意代码。
感染: W32/Viking.EQ
操作: 无.

扫描：
结果: 发现23个恶意软件
Trojan-PSW.Win32.OnLineGames.pup (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa1.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qjl (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa10.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.pvm (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa11.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qna (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa12.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qoz (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa13.exe 操作: 删除
C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa15.exe 操作: 删除
C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa18.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.pzl (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa14.exe 操作: 删除
C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa4.exe 操作: 删除
C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa9.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.ozu (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa16.exe 操作: 删除

Trojan-Dropper.Win32.Agent.ebc (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa19.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.oee (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa20.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qiv (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa21.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qpf (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa22.exe 操作: 删除

Trojan-PSW.Win32.WOW.ald (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa23.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qnd (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa24.exe 操作: 删除

Trojan-PSW.Win32.Nilage.byx (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa25.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qnc (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa3.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qfw (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa5.exe 操作: 删除

Trojan.Win32.Pakes.bzp (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa6.exe 操作: 删除

Trojan-PSW.Win32.Nilage.byy (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa7.exe 操作: 删除

Trojan-PSW.Win32.OnLineGames.qjj (病毒)

C:\Documents and Settings\GUNDAM\桌面\mm\mm\aa8.exe 操作: 删除

显示全部楼层 · 发表于 2008-2-12 21:04:33

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pup 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa1.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qjl 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa10.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pvm 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa11.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qna 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa12.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qoz 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa13.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pzl 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa14.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qoz 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa15.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ozu 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa16.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qoz 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa18.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Agent.ebc 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa19.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.oee 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa20.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qiv 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa21.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qpf 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa22.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.WOW.ald 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa23.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qnd 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa24.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Nilage.byx 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa25.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qnc 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa3.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pzl 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa4.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Pakes.bzp 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa6.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Nilage.byy 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa7.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qjj 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa8.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pzl 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa9.exe//PE_Patch//UPack

卡巴３个不报，上报

显示全部楼层 · 发表于 2008-2-12 21:09:29

原帖由 kato9096 于 2008-2-12 21:04 发表
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.pup 檔案: C:\Documents and Settings\kato9096\桌面\201699.rar/mm\aa1.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.qjl 檔案: C:\Documents ...

我FS扫描漏两个，都是卡巴引擎报的，你卡巴怎么会漏3个...

显示全部楼层 · 发表于 2008-2-12 21:17:33

24
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pup File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa1.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qjl File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa10.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pvm File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa11.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qna File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa12.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa13.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa14.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa15.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ozu File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa16.exe//UPack
detected: virus Heur.Trojan.Generic File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa17.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa18.exe//PE_Patch//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.ebc File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa19.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.oee File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa20.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa21.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qpf File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa22.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.ald File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa23.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qnd File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa24.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.Nilage.byx File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa25.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qnc File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa3.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa4.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qfw File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa5.exe//UPack
detected: Trojan program Trojan.Win32.Pakes.bzp File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa6.exe
detected: Trojan program Trojan-PSW.Win32.Nilage.byy File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa7.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qjj File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa8.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: C:\Documents and Settings\Owner\×ÀÃæ\mm1.rar/mm\aa9.exe//PE_Patch//UPack

显示全部楼层 · 发表于 2008-2-12 21:20:43

沒有启发

[病毒样本] 最近非常流行的mm那个下载者下来的

回复 18楼 leonfg 的帖子