[病毒样本] 19x

显示全部楼层 · 发表于 2008-3-22 13:37:40

htt p://jx.llzjz.cn/logo.jpg 这个列表里面的

显示全部楼层 · 发表于 2008-3-22 13:41:22

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tmj 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__5D280.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vje 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__5F021.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tco 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__6F043.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rxps 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__7A832.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uir 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__80710.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.sem 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__8497C.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tmm 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__85AE2.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rhu 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__8A759.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Pakes.bzp 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__A24B2.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vpj 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__B3A6B.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rwl 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__B7D9C.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tea 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__C7001.exe//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Vaklik.qc 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__D8FA3.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tmj 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__DCBDD.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rxps 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__E5300.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tct 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__EDBC2.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Agent.env 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/bottom.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tis 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__4222A.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rxps 檔案: C:\Documents and Settings\kato9096\桌面\Down.rar/2008-3-22__4484.exe//PE_Patch//UPack

19

显示全部楼层 · 发表于 2008-3-22 13:52:43

ESET全砍....

显示全部楼层 · 发表于 2008-3-22 13:52:58

Starting the file scan:

Begin scan in 'E:\AVIRA\Down.rar'
E:\AVIRA\Down.rar
  [0] Archive type: RAR
  --> 2008-3-22__5D280.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.tmj
  --> 2008-3-22__5F021.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> 2008-3-22__6F043.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ufv
  --> 2008-3-22__7A832.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.olm.2
  --> 2008-3-22__80710.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> 2008-3-22__8497C.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLin.8918.A
  --> 2008-3-22__85AE2.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.TLP.6
  --> 2008-3-22__8A759.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.rjh.2
  --> 2008-3-22__A24B2.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2008-3-22__B3A6B.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
  --> 2008-3-22__B7D9C.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.seu.6
  --> 2008-3-22__C7001.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
  --> 2008-3-22__D8FA3.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ufw
  --> 2008-3-22__DCBDD.exe
   [DETECTION] Is the Trojan horse TR/Small.6910
  --> 2008-3-22__E5300.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.olm.2
  --> 2008-3-22__EDBC2.exe
   [DETECTION] Is the Trojan horse TR/Small.QG
  --> bottom.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 2008-3-22__4222A.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.tis.2
  --> 2008-3-22__4484.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.olm.2
   [INFO]    The file was deleted!

End of the scan: 2008年3月22日  13:54
Used time: 00:30 min

The scan has been done completely.

   0 Scanning directories
   20 Files were scanned
   19 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-22 14:03:50

扫描系统区域...
扫描所选择的目录和文件...
对象: 2008-3-22__5D280.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__6F043.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.NSR (BD 引擎)
对象: 2008-3-22__7A832.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__80710.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__8497C.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__85AE2.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.NSR (BD 引擎)
对象: 2008-3-22__8A759.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__A24B2.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 可疑病毒
病毒: Dropped:Generic.Malware.Fdld.57829FCF (BD 引擎)
对象: 2008-3-22__B7D9C.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__C7001.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Generic.PWS.Games.4.55DAEA20 (BD 引擎)
对象: 2008-3-22__D8FA3.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.NSR (BD 引擎)
对象: 2008-3-22__DCBDD.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__E5300.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: 2008-3-22__EDBC2.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)
对象: bottom.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: DeepScan:Generic.Malware.Bdld!!.89DB836E (BD 引擎)
对象: 2008-3-22__4222A.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.NSR (BD 引擎)
对象: 2008-3-22__4484.exe
在压缩档案里: C:\Documents and Settings\wangcheng\桌面\Down.rar
Status: 已发现病毒
病毒: Trojan.PWS.OnLineGames.SQL (BD 引擎)

显示全部楼层 · 发表于 2008-3-22 14:45:18

-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2008-3-21, 5:02

Scan name: virus scan
Path to scan: C:\virus\08-03-22\|

Thorough scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2008-3-22, 14:45:11
---------------------------------------------------------------------

[Clean] Boot sector on drive F:
[Clean] Boot sector on drive E:
[Clean] Boot sector on drive D:
[Clean] Boot sector on drive C:
[Clean] Master Boot Record on disk 0
[Found possible downloader] <W32/Heuristic-217!Eldorado (not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__5D280.exe->(embedded)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__5F021.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__6F043.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__7A832.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__80710.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__8497C.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__85AE2.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__8A759.exe->(UPack)
[Found Trojan] <W32/Trojan2.ACZZ (exact, damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__A24B2.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__B3A6B.exe->(embedded)->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__B7D9C.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__C7001.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__D8FA3.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__DCBDD.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__E5300.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__EDBC2.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->bottom.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__4222A.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\virus\08-03-22\Down.rar->2008-3-22__4484.exe->(UPack)

---------------------------------------------------------------------
Scan ended: 2008-3-22, 14:45:13
Duration: 0:00:02

Scan result:

Scanned files:    6
Infected objects:    19
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-3-22 15:30:25

E:\VIRUS\Down22.rar » RAR » 2008-3-22__5D280.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__5F021.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__6F043.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__7A832.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__80710.exe - Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__8497C.exe - Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__85AE2.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__8A759.exe - Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__A24B2.exe - a variant of Win32/PSW.OnLineGames.GJV trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__B3A6B.exe - a variant of Win32/PSW.Agent.NGZ trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__B7D9C.exe - Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__C7001.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__D8FA3.exe - a variant of Win32/PSW.OnLineGames.YA trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__DCBDD.exe - Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__E5300.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__EDBC2.exe - Win32/PSW.OnLineGames.MUG trojan
E:\VIRUS\Down22.rar » RAR » bottom.exe - Win32/TrojanDownloader.Agent.NVM trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__4222A.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
E:\VIRUS\Down22.rar » RAR » 2008-3-22__4484.exe - a variant of Win32/PSW.OnLineGames.MUG trojan

显示全部楼层 · 发表于 2008-3-22 15:31:37

诺顿15个

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.DL.Win32.Mnless.zcn
病毒： Trojan.PSW.Win32.GameOL.mnl
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.min
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GamesOnline.oz
病毒： Trojan.PSW.Win32.GameOL.mau
病毒： Trojan.PSW.Win32.GameOL.lxg
病毒： Trojan.PSW.Win32.GameOL.moq
病毒： Trojan.PSW.Win32.GameOL.moq
病毒： Trojan.PSW.Win32.OnlineGames.eop
病毒： Trojan.DL.Win32.Small.tpr
病毒： Trojan.PSW.Win32.QQGame.GEN

用户来源：互联网

软件版本：20.36.50

全杀

显示全部楼层 · 发表于 2008-3-22 15:54:39

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.DL.Win32.Mnless.zcn
病毒： Trojan.PSW.Win32.GameOL.mnl
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GameOL.min
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GamesOnline.oz
病毒： Trojan.PSW.Win32.GameOL.mau
病毒： Trojan.PSW.Win32.GameOL.lxg
病毒： Trojan.PSW.Win32.GameOL.moq
病毒： Trojan.PSW.Win32.GameOL.moq
病毒： Trojan.PSW.Win32.OnlineGames.eop
病毒： Trojan.DL.Win32.Small.tpr
病毒： Trojan.PSW.Win32.QQGame.GEN

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.36.50

显示全部楼层 · 发表于 2008-3-23 08:32:56

---------------------------------------------------------
AVG Anti-Spyware - 扫描报告
---------------------------------------------------------

+ 创建时间: 8:33:40 2008-3-23

+ 扫描结果:

E:\AVIRA\Down.rar/2008-3-22__A24B2.exe -> Downloader.Agent.bhc : 未进行操作.
E:\AVIRA\Down.rar/bottom.exe -> Dropper.Agent.env : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__8A759.exe -> Trojan.OnLineGames.rhu : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__4484.exe -> Trojan.OnLineGames.rxps : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__7A832.exe -> Trojan.OnLineGames.rxps : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__E5300.exe -> Trojan.OnLineGames.rxps : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__8497C.exe -> Trojan.OnLineGames.sem : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__6F043.exe -> Trojan.OnLineGames.tco : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__EDBC2.exe -> Trojan.OnLineGames.tct : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__C7001.exe -> Trojan.OnLineGames.tea : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__4222A.exe -> Trojan.OnLineGames.tis : 未进行操作.
E:\AVIRA\Down.rar/2008-3-22__85AE2.exe -> Trojan.OnLineGames.tmm : 未进行操作.

::报告结束

[病毒样本] 19x

本帖子中包含更多资源

19

19

51/20

12

浏览过的版块