某贴机器狗挖的49个

显示全部楼层 · 发表于 2008-2-16 14:15:35

http://bbs.kafan.cn/viewthread.php?tid=203821&extra=page%3D1
http://dd.749571.com/bb/bb.exe
貌似不是最新的那种机器狗

http
Unpacker:00402E10 3A 2F 2F 35 30 2E 62 75 79 61 6F 6E 69 2E 63 6F ://50.buyaoni.co
Unpacker:00402E20 6D 2F 72 69 2E 74 78 74 00 00 00 00 00 00 00 00 m/ri.txt.....

复制代码

显示全部楼层 · 发表于 2008-2-16 14:15:43

C:\ABC\样本.rar:\xhtd.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\zadnew.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\binks.exe - 特征码 'Trojan-PWS.Lmir.AII' 被发现
C:\ABC\样本.rar:\1.exe - 特征码 'Virus.Win32.OnLineGames.SR' 被发现
C:\ABC\样本.rar:\10.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\11.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\14.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\2.exe - 特征码 'Trojan-Spy.Win32.Agent.hz' 被发现
C:\ABC\样本.rar:\3.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\4.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\5.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\6.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.ish' 被发现
C:\ABC\样本.rar:\7.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\8.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\SHAProc.exe - 特征码 'Trojan.Win32.Vaklik.ig' 被发现
C:\ABC\样本.rar:\kswyzxjp.dll - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\15.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\16.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\18.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\19.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\20.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\21.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\24.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\25.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\26.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\27.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\30.exe - 特征码 'Trojan-Spy.Win32.Delf.PD' 被发现
C:\ABC\样本.rar:\atgnehz.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\auhad.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\duygnef.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\gnolnait.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\hjxr.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\ijougiemnaw.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\kiluw.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\knaixnauhuoyizqq.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\LYLOADER.EXE - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar:\LYMANGR.DLL - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\样本.rar:\MSDEG32.DLL - 特征码 'Generic.PWS.Games.3' 被发现
C:\ABC\样本.rar:\msepion.sys - 特征码 'Trojan.Win32.Agent.anj' 被发现
C:\ABC\样本.rar:\nahzij.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\naijihzeuyouhz.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\naixuhz.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\REGKEY.hiv - 特征码 'Trojan-PWS.OnlineGames.AVH' 被发现
C:\ABC\样本.rar:\rxdjqwbwow.dll - 特征码 'Trojan-PWS.Win32.Agent.jp' 被发现
C:\ABC\样本.rar:\sauhad.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\SHAProc.dll - 特征码 'Trojan-PWS.OnlineGames.NSR' 被发现
C:\ABC\样本.rar:\sve.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar:\tsqc.dll - 特征码 'Trojan-Spy.Win32.Delf.uv' 被发现
C:\ABC\样本.rar:\vhqq.dll - 特征码 'Trojan-PWS.Win32.Small.br' 被发现
C:\ABC\样本.rar

显示全部楼层 · 发表于 2008-2-16 14:17:28

48 红伞

显示全部楼层 · 发表于 2008-2-16 14:18:34

NOD 48

E:\pic\_PICtemp\样本.rar >>RAR >>xhtd.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>zadnew.dll - Win32/PSW.OnLineGames.NLH 木马的变种
E:\pic\_PICtemp\样本.rar >>RAR >>binks.exe - Win32/Agent.NIS 木马
E:\pic\_PICtemp\样本.rar >>RAR >>1.exe - Win32/PSW.Agent.NGZ 木马
E:\pic\_PICtemp\样本.rar >>RAR >>10.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>11.exe - Win32/PSW.OnLineGames.MUG 木马的变种
E:\pic\_PICtemp\样本.rar >>RAR >>14.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>2.exe - Win32/PSW.OnLineGames.NMF 木马
E:\pic\_PICtemp\样本.rar >>RAR >>3.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>4.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>5.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>6.exe - Win32/PSW.OnLineGames.GJV 木马
E:\pic\_PICtemp\样本.rar >>RAR >>7.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>8.exe - Win32/PSW.WOW.WU 木马
E:\pic\_PICtemp\样本.rar >>RAR >>SHAProc.exe - Win32/PSW.OnLineGames.NFL 木马
E:\pic\_PICtemp\样本.rar >>RAR >>kswyzxjp.dll - Win32/PSW.OnLineGames.NMF 木马
E:\pic\_PICtemp\样本.rar >>RAR >>15.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>16.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>18.exe - Win32/PSW.OnLineGames.MUG 木马的变种
E:\pic\_PICtemp\样本.rar >>RAR >>19.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>20.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>21.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>24.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>25.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>26.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>27.exe - Win32/PSW.OnLineGames.MUG 木马的变种
E:\pic\_PICtemp\样本.rar >>RAR >>30.exe - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>atgnehz.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>auhad.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>duygnef.dll - Win32/PSW.OnLineGames.NLH 木马的变种
E:\pic\_PICtemp\样本.rar >>RAR >>gnolnait.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>hjxr.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>ijougiemnaw.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>kiluw.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>knaixnauhuoyizqq.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>LYLOADER.EXE - Win32/PSW.Agent.NEC 木马
E:\pic\_PICtemp\样本.rar >>RAR >>LYMANGR.DLL - Win32/PSW.OnLineGames.DTR 木马
E:\pic\_PICtemp\样本.rar >>RAR >>MSDEG32.DLL - Win32/PSW.OnLineGames.DVV 木马
E:\pic\_PICtemp\样本.rar >>RAR >>msepion.sys - Win32/PSW.OnLineGames.NFC 木马
E:\pic\_PICtemp\样本.rar >>RAR >>nahzij.dll - Win32/PSW.OnLineGames.MUG 木马
E:\pic\_PICtemp\样本.rar >>RAR >>naijihzeuyouhz.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>naixuhz.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>rxdjqwbwow.dll - Win32/PSW.OnLineGames.GJV 木马
E:\pic\_PICtemp\样本.rar >>RAR >>sauhad.dll - Win32/PSW.OnLineGames.NLH 木马的变种
E:\pic\_PICtemp\样本.rar >>RAR >>SHAProc.dll - Win32/PSW.OnLineGames.HCV 木马
E:\pic\_PICtemp\样本.rar >>RAR >>sve.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>tsqc.dll - Win32/PSW.OnLineGames.NLH 木马
E:\pic\_PICtemp\样本.rar >>RAR >>vhqq.dll - Win32/PSW.OnLineGames.NLH 木马
已扫描的文件数目：49
已发现的病毒数目：48
完成时间： 14:24:07 总扫描时间：7 秒 (00:00:07)

显示全部楼层 · 发表于 2008-2-16 14:20:31

48 个...E

显示全部楼层 · 发表于 2008-2-16 14:20:38

BD，37

显示全部楼层 · 发表于 2008-2-16 14:20:58

F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2008-2-16, 4:21

Scan name: [Custom Scan]
Path to scan: F:\virus\样本2.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2008-2-16, 14:18:58
---------------------------------------------------------------------

[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->xhtd.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->zadnew.dll->(UPack)
[Found possible virus] <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)> F:\virus\样本2.rar->binks.exe
[Found possible security risk] <W32/Heuristic-114!Eldorado (damaged, not disinfectable)> F:\virus\样本2.rar->1.exe->(embedded)->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->10.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->11.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->14.exe->(UPack)
[Found possible security risk] <W32/Heuristic-114!Eldorado (damaged, not disinfectable)> F:\virus\样本2.rar->2.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->3.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->4.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->5.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->7.exe->(UPack)
[Found possible virus] <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)> F:\virus\样本2.rar->8.exe->(embedded)
[Found security risk] <W32/OnlineGames.F.gen!GSA (not disinfectable, generic)> F:\virus\样本2.rar->SHAProc.exe->(UPack)
[Found security risk] <W32/Agent.M.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->kswyzxjp.dll
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->15.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->16.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->18.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->19.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->20.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->21.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->24.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->25.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->26.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->27.exe->(UPack)
[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->30.exe->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->atgnehz.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->auhad.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->duygnef.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->gnolnait.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->hjxr.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->ijougiemnaw.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->kiluw.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->knaixnauhuoyizqq.dll->(UPack)
[Found possible security risk] <W32/Heuristic-114!Eldorado (damaged, not disinfectable)> F:\virus\样本2.rar->LYLOADER.EXE->(UPack)
[Found possible virus] <W32/Downloader-SmlInject-based!Maximus (not disinfectable)> F:\virus\样本2.rar->LYMANGR.DLL->(UPack)
[Found security risk] <W32/Agent.M.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->MSDEG32.DLL
[Found security risk] <W32/OnlineGames.L.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->msepion.sys
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->nahzij.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->naijihzeuyouhz.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->naixuhz.dll->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> F:\virus\样本2.rar->rxdjqwbwow.dll->(UPack)->(PE_Patch.MaskPE)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->sauhad.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->sve.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->tsqc.dll->(UPack)
[Found security risk] <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)> F:\virus\样本2.rar->vhqq.dll->(UPack)
[Contains infected objects] F:\virus\样本2.rar
[Quarantined] F:\virus\样本2.rar->vhqq.dll->(UPack)

---------------------------------------------------------------------
Scan ended: 2008-2-16, 14:19:40
Duration: 0:00:42

Scan result:

Scanned files:    1
Infected objects:    46
Disinfected objects:    0
Quarantined files:    1

显示全部楼层 · 发表于 2008-2-16 14:21:37

REGKEY.hiv又是注册表的..

显示全部楼层 · 发表于 2008-2-16 14:21:37

47
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qps File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/xhtd.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rfr File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/zadnew.dll//UPack
deleted: Trojan program Trojan.Win32.Inject.uz File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/binks.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Dropper.Win32.Agent.dxz File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/1.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pud File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/10.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rbf File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/11.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/14.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pcn File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/2.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/3.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvm File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/4.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/5.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Nilage.bya File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/6.exe//PE_Patch.UPX//UPX
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qnk File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/7.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.Delf.axx File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/8.exe//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.isb File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/SHAProc.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.oyd File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/kswyzxjp.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/15.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qoz File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/16.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rbf File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/18.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/19.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/20.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pzl File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/21.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/24.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pbp File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/25.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pbp File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/26.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rbf File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/27.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvm File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/30.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qyf File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/atgnehz.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pue File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/auhad.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qij File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/gnolnait.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qmm File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/hjxr.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/ijougiemnaw.dll//UPack//#
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qiv File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/kiluw.dll//UPack//#
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qos File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/knaixnauhuoyizqq.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvw File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/LYLOADER.EXE//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pum File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/LYMANGR.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pul File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/MSDEG32.DLL//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qcm File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/msepion.sys
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pqr File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/nahzij.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.pvf File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/naijihzeuyouhz.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qha File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/naixuhz.dll//UPack//#
deleted: Trojan program Trojan-PSW.Win32.Nilage.bxy File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/rxdjqwbwow.dll//UPack//PE_Patch.MaskPE
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rcg File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/sauhad.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qjg File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/SHAProc.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qoy File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/sve.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qxu File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/tsqc.dll
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rby File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/vhqq.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qpp File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/ijougiemnaw.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qpk File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/kiluw.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.qpr File: C:\Documents and Settings\Administrator\×ÀÃæ\Ñù±¾.rar/naixuhz.dll//UPack

显示全部楼层 · 发表于 2008-2-16 14:23:12

Scan Log
Version of virus signature database: 2880 (20080215)
Date: 2008/2/16 Time: 14:20:39
Scanned disks, folders and files: G:\v\样本.rar
G:\v\样本.rar » RAR » xhtd.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » zadnew.dll - a variant of Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » binks.exe - Win32/Agent.NIS trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 1.exe - Win32/PSW.Agent.NGZ trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 10.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 11.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 14.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 2.exe - Win32/PSW.OnLineGames.NMF trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 3.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 4.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 5.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 6.exe - Win32/PSW.OnLineGames.GJV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 7.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 8.exe - Win32/PSW.WOW.WU trojan - was a part of the deleted object
G:\v\样本.rar » RAR » SHAProc.exe - Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\样本.rar » RAR » kswyzxjp.dll - Win32/PSW.OnLineGames.NMF trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 15.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 16.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 18.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 19.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 20.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 21.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 24.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 25.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 26.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 27.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » 30.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » atgnehz.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » auhad.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » duygnef.dll - a variant of Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » gnolnait.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » hjxr.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » ijougiemnaw.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » kiluw.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » knaixnauhuoyizqq.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » LYLOADER.EXE - Win32/PSW.Agent.NEC trojan - was a part of the deleted object
G:\v\样本.rar » RAR » LYMANGR.DLL - Win32/PSW.OnLineGames.DTR trojan - was a part of the deleted object
G:\v\样本.rar » RAR » MSDEG32.DLL - Win32/PSW.OnLineGames.DVV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » msepion.sys - Win32/PSW.OnLineGames.NFC trojan - was a part of the deleted object
G:\v\样本.rar » RAR » nahzij.dll - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\样本.rar » RAR » naijihzeuyouhz.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » naixuhz.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » REGKEY.hiv - is OK
G:\v\样本.rar » RAR » rxdjqwbwow.dll - Win32/PSW.OnLineGames.GJV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » sauhad.dll - a variant of Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » SHAProc.dll - Win32/PSW.OnLineGames.HCV trojan - was a part of the deleted object
G:\v\样本.rar » RAR » sve.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » tsqc.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
G:\v\样本.rar » RAR » vhqq.dll - Win32/PSW.OnLineGames.NLH trojan - was a part of the deleted object
Number of scanned objects: 50
Number of threats found: 48
Time of completion: 14:20:42 Total scanning time: 3 sec (00:00:03)

[病毒样本] 某贴机器狗挖的49个

本帖子中包含更多资源

本帖子中包含更多资源