来个大毒包

1993yixin

新鲜出炉，大家来看看吧，绝对爽

无尽藏海

Scan Log
Version of virus signature database: 2879 (20080215)
Date: 2008-2-15  Time: 23:51:42
Scanned disks, folders and files: F:\virus\windows[1]
F:\virus\windows[1]\windows\mpfuszccp.exe - a variant of Win32/PSW.OnLineGames.NLY trojan
F:\virus\windows[1]\windows\dxygzwdk.exe - a variant of Win32/PSW.OnLineGames.NLY trojan
F:\virus\windows[1]\windows\ldzxwymg.dll - a variant of Win32/PSW.OnLineGames.NLY trojan
F:\virus\windows[1]\windows\WinForm.exE - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\windows[1]\windows\upxdnd.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\windows[1]\windows\SHAProc.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\windows[1]\windows\LotusHlp.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
F:\virus\windows[1]\windows\system32\lssass.exe - Win32/TrojanDownloader.Agent.IAJ trojan
F:\virus\windows[1]\windows\system32\oqnauhc.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\ogejqrswm.dll - probably a variant of Win32/PSW.OnLineGames.GJV trojan
F:\virus\windows[1]\windows\system32\mswmkkk32.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
F:\virus\windows[1]\windows\system32\kiluw.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\zadnew.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\xjxr.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\KABKAB1032.exe - Win32/PSW.OnLineGames.PBQ trojan
F:\virus\windows[1]\windows\system32\WinForm.dll - probably a variant of Win32/PSW.OnLineGames.HCV trojan
F:\virus\windows[1]\windows\system32\BAABAA1025.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
F:\virus\windows[1]\windows\system32\KABKAB1032.dll - Win32/PSW.OnLineGames.PBQ trojan
F:\virus\windows[1]\windows\system32\ptfsgqcwow.dll - Win32/PSW.OnLineGames.GJV trojan
F:\virus\windows[1]\windows\system32\HHHCompress.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
F:\virus\windows[1]\windows\system32\BAABAA1025.dll - probably a variant of Win32/Genetik trojan
F:\virus\windows[1]\windows\system32\sve.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\kqylalszyzj.dll - Win32/PSW.OnLineGames.GJV trojan
F:\virus\windows[1]\windows\system32\mstfhncn32.dll - a variant of Win32/PSW.OnLineGames.GJV trojan
F:\virus\windows[1]\windows\system32\xhqq.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\cuhad.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\upxdnd.dll - Win32/PSW.OnLineGames.HCV trojan
F:\virus\windows[1]\windows\system32\hjiq.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\sauhad.dll - a variant of Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\msepion.sys - Win32/PSW.OnLineGames.NFC trojan
F:\virus\windows[1]\windows\system32\SHAProc.dll - a variant of Win32/PSW.OnLineGames.HCV trojan
F:\virus\windows[1]\windows\system32\LotusHlp.dll - Win32/PSW.OnLineGames.HCV trojan
F:\virus\windows[1]\windows\system32\HACHAC1035.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
F:\virus\windows[1]\windows\system32\pahzij.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\HACHAC1035.dll - probably a variant of Win32/Genetik trojan
F:\virus\windows[1]\windows\system32\iemnaw.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\hz.dll - Win32/PSW.OnLineGames.NLH trojan
F:\virus\windows[1]\windows\system32\QAB_QAB_1011.exe - Win32/PSW.OnLineGames.PBQ trojan
F:\virus\windows[1]\windows\system32\QAB_QAB_1011.dll - Win32/PSW.OnLineGames.QHD trojan
F:\virus\windows[1]\windows\system32\scvhost.exe - Win32/NetTool.Agent.NAA application
F:\virus\windows[1]\windows\system32\HDDGuard.dll - Win32/TrojanDownloader.Agent.IAJ trojan
F:\virus\windows[1]\windows\system32\drivers\ati32srv.sys - Win32/TrojanDownloader.Agent.IAJ trojan
F:\virus\windows[1]\windows\system32\drivers\pcihdd2.sys - Win32/TrojanDownloader.Agent.NVH trojan
F:\virus\windows[1]\windows\system32\drivers\pop.sys - Win32/TrojanDownloader.Small.NZS trojan
F:\virus\windows[1]\windows\system32\drivers\svchost.exe - Win32/NetTool.Agent.NAA application
F:\virus\windows[1]\windows\Fonts\gjcsdzc.exe - Win32/PSW.OnLineGames.FDY trojan
F:\virus\windows[1]\windows\Fonts\gjcsdyc.dll - Win32/PSW.OnLineGames.FDY trojan
Number of scanned objects: 69
Number of threats found: 47
Time of completion: 23:52:04  Total scanning time: 22 sec (00:00:22)

wangjay1980

42

detected: Trojan program Trojan-PSW.Win32.OnLineGames.rdf        File: E:\Ñù±¾\windows\mpfuszccp.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rdf        File: E:\Ñù±¾\windows\dxygzwdk.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rep        File: E:\Ñù±¾\windows\WinForm.exE//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qfw        File: E:\Ñù±¾\windows\upxdnd.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qyt        File: E:\Ñù±¾\windows\SHAProc.exe//UPack//PE_Patch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qnl        File: E:\Ñù±¾\windows\LotusHlp.exe//UPack
detected: Trojan program Trojan.Win32.Small.abu        File: E:\Ñù±¾\windows\system32\lssass.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rch        File: E:\Ñù±¾\windows\system32\oqnauhc.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qzh        File: E:\Ñù±¾\windows\system32\ogejqrswm.dll//UPack//PE_Patch.MaskPE
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qzh        File: E:\Ñù±¾\windows\system32\mswmkkk32.dll//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qoz        File: E:\Ñù±¾\windows\system32\kiluw.dll//UPack//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qza        File: E:\Ñù±¾\windows\system32\xjxr.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rdx        File: E:\Ñù±¾\windows\system32\KABKAB1032.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rep        File: E:\Ñù±¾\windows\system32\WinForm.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.req        File: E:\Ñù±¾\windows\system32\BAABAA1025.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.Nilage.bxy        File: E:\Ñù±¾\windows\system32\ptfsgqcwow.dll//UPack//PE_Patch.MaskPE
detected: Trojan program Trojan-PSW.Win32.Nilage.bya        File: E:\Ñù±¾\windows\system32\HHHCompress.dll//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.req        File: E:\Ñù±¾\windows\system32\BAABAA1025.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rcv        File: E:\Ñù±¾\windows\system32\sve.dll//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.alc        File: E:\Ñù±¾\windows\system32\kqylalszyzj.dll//UPack//PE_Patch.MaskPE
detected: Trojan program Trojan-PSW.Win32.WOW.ald        File: E:\Ñù±¾\windows\system32\mstfhncn32.dll//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qmj        File: E:\Ñù±¾\windows\system32\xhqq.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rbz        File: E:\Ñù±¾\windows\system32\cuhad.dll//UPack//#
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qmk        File: E:\Ñù±¾\windows\system32\upxdnd.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qiw        File: E:\Ñù±¾\windows\system32\hjiq.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rcg        File: E:\Ñù±¾\windows\system32\sauhad.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.rfd        File: E:\Ñù±¾\windows\system32\msepion.sys
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qyu        File: E:\Ñù±¾\windows\system32\SHAProc.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qno        File: E:\Ñù±¾\windows\system32\LotusHlp.dll
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qjz        File: E:\Ñù±¾\windows\system32\HACHAC1035.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qzf        File: E:\Ñù±¾\windows\system32\pahzij.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.pmi        File: E:\Ñù±¾\windows\system32\iemnaw.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.oyl        File: E:\Ñù±¾\windows\system32\hz.dll//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qpf        File: E:\Ñù±¾\windows\system32\QAB_QAB_1011.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.qhd        File: E:\Ñù±¾\windows\system32\QAB_QAB_1011.dll//UPack
detected: Trojan program Backdoor.Win32.Delf.cwq        File: E:\Ñù±¾\windows\system32\scvhost.exe//PE_Patch//UPack
detected: Trojan program Trojan-Downloader.Win32.Agent.ikc        File: E:\Ñù±¾\windows\system32\HDDGuard.dll
detected: Trojan program Trojan-Downloader.Win32.Agent.iaj        File: E:\Ñù±¾\windows\system32\drivers\ati32srv.sys
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ppu        File: E:\Ñù±¾\windows\system32\drivers\pop.sys
detected: Trojan program Backdoor.Win32.Delf.cwq        File: E:\Ñù±¾\windows\system32\drivers\svchost.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.oee        File: E:\Ñù±¾\windows\Fonts\gjcsdzc.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.oec        File: E:\Ñù±¾\windows\Fonts\gjcsdyc.dll


有7个可疑  TO  KL  明天杀

睡觉了

来晚了

Hello,

ldzxwymg.dll - Trojan-PSW.Win32.OnLineGames.rga,
cuhad.dll - Trojan-PSW.Win32.OnLineGames.rgb,
HACHAC1035.dll - Trojan-PSW.Win32.OnLineGames.rge,
KABKAB1032.dll - Trojan-PSW.Win32.OnLineGames.rgd,
kiluw.dll - Trojan-PSW.Win32.OnLineGames.rgc

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

npf.sys, pcihdd2.sys

No malicious code were found in these files.

Please quote all when answering.

--
Best regards, Ermilov Maxim
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.



[ 本帖最后由 wangjay1980 于 2008-2-16 15:25 编辑 ]

kidaaaa

Start of the scan: 2008年2月15日  23:54

Starting the file scan:

Begin scan in 'H:\Download\毒样\windows0215.rar'
H:\Download\毒样\
  windows0215.rar
    [0] Archive type: RAR
    --> windows0215\dsocjwzj.dat
    --> windows0215\dxygzwdk.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rdf.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\Fonts\gjcsdss.dll
    --> windows0215\Fonts\gjcsdyc.dll
        [DETECTION] Is the Trojan horse TR/WuDisable.B
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\Fonts\gjcsdzc.exe
        [DETECTION] Is the Trojan horse TR/WuDisable.B
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\Fonts\gjcubxw.fon
    --> windows0215\ldzxwymg.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QYJ
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\LotusHlp.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.308
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\mpfuszccp.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rdf.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\mpfuszccp.exe.hiv
    --> windows0215\SHAProc.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.314
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\BAABAA1025.dll
        [DETECTION] Is the Trojan horse TR/Agent.7586
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\BAABAA1025.exe
        [DETECTION] Is the Trojan horse TR/Hook.Shell.519
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\cuhad.cfg
    --> windows0215\system32\cuhad.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qze
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\drivers\ati32srv.sys
        [DETECTION] Is the Trojan horse TR/Dldr.Agent.iaj.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\drivers\etc\hosts
    --> windows0215\system32\drivers\npf.sys
    --> windows0215\system32\drivers\pcihdd2.sys
    --> windows0215\system32\drivers\pop.sys
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ppu.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\drivers\svchost.exe
        [DETECTION] Is the Trojan horse TR/Agent.114688.C
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\HACHAC1035.dll
        [DETECTION] Is the Trojan horse TR/Agent.7387.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\HACHAC1035.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qjz.3
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\HDDGuard.dll
        [DETECTION] Is the Trojan horse TR/Dldr.Agent.ikc
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\HHHCompress.dll
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\hjiq.cfg
    --> windows0215\system32\hjiq.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qiv
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\hz.cfg
    --> windows0215\system32\hz.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.owx
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\iemnaw.cfg
    --> windows0215\system32\iemnaw.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.pmi.4
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\KABKAB1032.dll
        [DETECTION] Is the Trojan horse TR/Agent.7139
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\KABKAB1032.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rdx
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\kiluw.cfg
    --> windows0215\system32\kiluw.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.qoz.7
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\kqylalszyzj.dll
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\LotusHlp.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.308
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\lssass.exe
        [DETECTION] Is the Trojan horse TR/Small.abu.5
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\msepion.sys
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\mstfhncn32.dll
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\mswmkkk32.dll
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\ogejqrswm.dll
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\oqnauhc.cfg
    --> windows0215\system32\oqnauhc.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QYF.3
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\Packet.dll
    --> windows0215\system32\pahzij.cfg
    --> windows0215\system32\pahzij.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.QXX
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\ptfsgqcwow.dll
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\QAB_QAB_1011.dll
        [DETECTION] Is the Trojan horse TR/Agent.7447
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\QAB_QAB_1011.exe
        [DETECTION] Is the Trojan horse TR/Drop.Agent.12343
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\sauhad.cfg
    --> windows0215\system32\sauhad.dll
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\scvhost.exe
        [DETECTION] Is the Trojan horse TR/Agent.114688.C
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\SHAProc.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.314
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\sve.cfg
    --> windows0215\system32\sve.dll
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\upxdnd.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.305
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\WanPacket.dll
    --> windows0215\system32\WinForm.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.330
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\wpcap.dll
    --> windows0215\system32\xhqq.cfg
    --> windows0215\system32\xhqq.dll
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.Qha.12
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\xjxr.cfg
    --> windows0215\system32\xjxr.dll
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\system32\zadnew.cfg
    --> windows0215\system32\zadnew.dll
        [DETECTION] Is the Trojan horse TR/Rootkit.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\upxdnd.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.305
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\WinForm.exE
        [DETECTION] Is the Trojan horse TR/PSW.Online.aav.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> windows0215\ywwdkxzk.dat
        [WARNING]   The file was ignored!


End of the scan: 2008年2月15日  23:54
Used time: 00:03 min

The scan has been done completely.

      0 Scanning directories
     70 Files were scanned
     46 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     24 Files not concerned
      1 Archives were scanned
     47 Warnings
      0 Notes

醉一生爱妍

127.0.0.1  picon.chinaren.com
127.0.0.1  a.topxxxx.cn
127.0.0.1  588.star-google.com
127.0.0.1  mm.tt1890.com
127.0.0.1  ppp.buyaoni.com
127.0.0.1  ppp.749571.com
127.0.0.1  dd.749571.com
127.0.0.1  niu.xinniankl.com
127.0.0.1  xxx.haoqq1680.com
127.0.0.1  exe.xinniankl.com
127.0.0.1  iii.wzxyq.com
127.0.0.1  mm.sqmnoopt.com
127.0.0.1  ppp.buyaoni.com
127.0.0.1  keeppure.cn
127.0.0.1  aaa.1l1l1l.com
127.0.0.1  www.cfjs119.cn
127.0.0.1  cool.e0shop.cn
127.0.0.1  yun.yun878.com
127.0.0.1  web.47255.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.exiao01.com
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  up.22x44.com

这些

貌似是360的防护机器狗的HOST的文件？- -

怎么这都发啊。。

醉一生爱妍

其余都是一大堆的DLL文件 貌似没什么用

1993yixin

原帖由 garyyan456 于 2008-2-15 23:58 发表

这些

貌似是360的防护机器狗的HOST的文件？- -

怎么这都发啊。。

用sandbox抓的，好像修改了360，虚拟机上正好装了

醉一生爱妍

其实抓毒用得着虚拟机吗？？

spaceplane

NOD 47

wolffshen

结果: 找到 40 恶意软件
Trojan-PSW.Win32.OnLineGames.rdf (病毒)
D:\Virus\Test\dxygzwdk.exe
D:\Virus\Test\mpfuszccp.exe
Trojan-PSW.Win32.OnLineGames.qnl (病毒)
D:\Virus\Test\LotusHlp.exe
Trojan-PSW.Win32.OnLineGames.qyt (病毒)
D:\Virus\Test\SHAProc.exe
Trojan-PSW.Win32.OnLineGames.qfw (病毒)
D:\Virus\Test\upxdnd.exe
Trojan-PSW.Win32.OnLineGames.rep (病毒)
D:\Virus\Test\WinForm.exE
D:\Virus\Test\system32\WinForm.dll
Trojan-PSW.Win32.OnLineGames.req (病毒)
D:\Virus\Test\system32\BAABAA1025.dll
D:\Virus\Test\system32\BAABAA1025.exe
Trojan-PSW.Win32.OnLineGames.qjz (病毒)
D:\Virus\Test\system32\HACHAC1035.exe
Trojan-Downloader.Win32.Agent.ikc (病毒)
D:\Virus\Test\system32\HDDGuard.dll
Trojan-PSW.Win32.Nilage.bya (病毒)
D:\Virus\Test\system32\HHHCompress.dll
Trojan-PSW.Win32.OnLineGames.qiw (病毒)
D:\Virus\Test\system32\hjiq.dll
Trojan-PSW.Win32.OnLineGames.oyl (病毒)
D:\Virus\Test\system32\hz.dll
Trojan-PSW.Win32.OnLineGames.pmi (病毒)
D:\Virus\Test\system32\iemnaw.dll
Trojan-PSW.Win32.OnLineGames.rdx (病毒)
D:\Virus\Test\system32\KABKAB1032.exe
Trojan-PSW.Win32.WOW.alc (病毒)
D:\Virus\Test\system32\kqylalszyzj.dll
Trojan-PSW.Win32.OnLineGames.qno (病毒)
D:\Virus\Test\system32\LotusHlp.dll
Trojan.Win32.Small.abu (病毒)
D:\Virus\Test\system32\lssass.exe
Trojan-PSW.Win32.OnLineGames.rfd (病毒)
D:\Virus\Test\system32\msepion.sys
Trojan-PSW.Win32.WOW.ald (病毒)
D:\Virus\Test\system32\mstfhncn32.dll
Trojan-PSW.Win32.OnLineGames.qzh (病毒)
D:\Virus\Test\system32\mswmkkk32.dll
D:\Virus\Test\system32\ogejqrswm.dll
Trojan-PSW.Win32.OnLineGames.rch (病毒)
D:\Virus\Test\system32\oqnauhc.dll
Trojan-PSW.Win32.OnLineGames.qzf (病毒)
D:\Virus\Test\system32\pahzij.dll
Trojan-PSW.Win32.Nilage.bxy (病毒)
D:\Virus\Test\system32\ptfsgqcwow.dll
Trojan-PSW.Win32.OnLineGames.qhd (病毒)
D:\Virus\Test\system32\QAB_QAB_1011.dll
Trojan-PSW.Win32.OnLineGames.qpf (病毒)
D:\Virus\Test\system32\QAB_QAB_1011.exe
Trojan-PSW.Win32.OnLineGames.rcg (病毒)
D:\Virus\Test\system32\sauhad.dll
Backdoor.Win32.Delf.cwq (病毒)
D:\Virus\Test\system32\scvhost.exe
D:\Virus\Test\system32\drivers\svchost.exe
Trojan-PSW.Win32.OnLineGames.qyu (病毒)
D:\Virus\Test\system32\SHAProc.dll
Trojan-PSW.Win32.OnLineGames.rcv (病毒)
D:\Virus\Test\system32\sve.dll
Trojan-PSW.Win32.OnLineGames.qmk (病毒)
D:\Virus\Test\system32\upxdnd.dll
Trojan-PSW.Win32.OnLineGames.qmj (病毒)
D:\Virus\Test\system32\xhqq.dll
Trojan-PSW.Win32.OnLineGames.qza (病毒)
D:\Virus\Test\system32\xjxr.dll
Trojan-Downloader.Win32.Agent.iaj (病毒)
D:\Virus\Test\system32\drivers\ati32srv.sys
Trojan-PSW.Win32.OnLineGames.ppu (病毒)
D:\Virus\Test\system32\drivers\pop.sys
Trojan-PSW.Win32.OnLineGames.oec (病毒)
D:\Virus\Test\Fonts\gjcsdyc.dll
Trojan-PSW.Win32.OnLineGames.oee (病毒)
D:\Virus\Test\Fonts\gjcsdzc.exe