收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 一群病毒及其衍生物
123下一页
返回列表 发新帖
楼主: gxynx
 收起左侧

[病毒样本] 一群病毒及其衍生物

[复制链接]
winxp0286
发表于 2008-3-24 10:28:13 | 显示全部楼层
費爾41            紅傘41
回复

举报

aerbeisi
发表于 2008-3-24 10:42:47 | 显示全部楼层
[Found password stealer]         <W32/Legendmir.A.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\684745MM.DLL
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\atgnehz.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\AtiSrvn.exe->(UPack)->(PecBundle)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\awf.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\ayKAEKAE1050.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\ayPATPAT1019.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\aySADSAD1026.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\ayVUFVUF1008.exe->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\cuhad.dll->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\en_1072.bin->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\fCBDCBD1033.exe->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\laixuhz.dll->(UPack)
[Found security risk]         <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\mian11.exe->(UPX)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\mian17.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\mian23.exe->(UPack)->(PecBundle)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\mian7.exe
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\msosiocp.dll->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\msosmhfp00.dll
[Found password stealer]         <W32/Pws.AANX (exact, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\mswmgog32.dll
[Found possible virus]         <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)>        C:\新建文件夹.rar->新建文件夹\qvdjryewow.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\rhs.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\sauhad.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\新建文件夹.rar->新建文件夹\sss0.exe->(UPack)->(PecBundle)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\sve.dll->(UPack)
[Found possible virus]         <W32/Downloader-WebExe-based!Maximus (not disinfectable)>        C:\新建文件夹.rar->新建文件夹\sysave.exe
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\tsqc.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\tzm.dll->(UPack)
[Found virus]         <W32/InfoStealer!Generic (not disinfectable)>        C:\新建文件夹.rar->新建文件夹\WinSys8v.Sys
[Found possible virus]         <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)>        C:\新建文件夹.rar->新建文件夹\xdkrcipwm.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\新建文件夹.rar->新建文件夹\zadnew.dll->(UPack)
[Contains infected objects]        C:\新建文件夹.rar
[Quarantined]        C:\新建文件夹.rar->新建文件夹\~DFF873.tmp

---------------------------------------------------------------------
Scan ended:        2008-3-24, 10:42:12
Duration:        00:00:23

Scan result:

Scanned files:                 1
Infected objects:         30
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------
回复

举报

傻猪猪米走鸡
发表于 2008-3-24 12:42:31 | 显示全部楼层

40

D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\684745MM.DLL - Win32/PSW.Legendmir.NFF 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\atgnehz.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\AtiSrvn.exe - Win32/TrojanDownloader.Agent.NWE 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\awf.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\ayKAEKAE1050.dll - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\ayKAEKAE1050.exe - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\ayPATPAT1019.dll - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\ayPATPAT1019.exe - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\aySADSAD1026.dll - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\aySADSAD1026.exe - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\ayVUFVUF1008.dll - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\ayVUFVUF1008.exe - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\cuhad.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\fCBDCBD1033.dll - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\fCBDCBD1033.exe - Win32/PSW.OnLineGames.PBQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\HHHCompress.dll - Win32/PSW.OnLineGames.GJV 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\inetin.exe - 未查明的 NewHeur_PE 病毒
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\laixuhz.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\Mess.exe - 未查明的 NewHeur_PE 病毒
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mian11.exe - Win32/PSW.QQPass.NCZ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mian17.exe - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mian18.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mian25.exe - Win32/VB.NMD 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mian7.exe - 可能是 Win32/PSW.WOW.WU 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mseion.sys - Win32/PSW.OnLineGames.NFC 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\msosfpids32.sys - Win32/PSW.OnLineGames.NNE 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\msosmhfp00.dll - Win32/PSW.OnLineGames.NMQ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\mswmgog32.dll - Win32/PSW.OnLineGames.GJV 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\qoq.exe - Win32/NetTool.Portscan.I 应用程序
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\qvdjryewow.dll - Win32/PSW.OnLineGames.GJV 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\rhs.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\sauhad.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\sss0.exe - Win32/TrojanDownloader.Small.OAL 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\sve.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\sysave.exe - Win32/TrojanDownloader.Small.OAL 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\tsqc.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\tzm.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\WinSys8v.Sys - Win32/PSW.QQPass.NCZ 特洛伊木马 的变种
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\xdkrcipwm.dll - Win32/PSW.OnLineGames.GJV 特洛伊木马
D:\firefox download\新建文件夹.rar > RAR > 新建文件夹\zadnew.dll - Win32/PSW.OnLineGames.MUG 特洛伊木马
回复

举报

Palkia
发表于 2008-3-24 13:15:54 | 显示全部楼层

26

在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\684745MM.DLL 中发现 Trojan/PSW.OnLineGames.tkc 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\awf.dll 中发现 Trojan/PSW.OnLineGames.ygo 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\ayKAEKAE1050.dll 中发现 Trojan/PSW.OnLineGames.xwq 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\ayKAEKAE1050.exe 中发现 Trojan/PSW.OnLineGames.xwa 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\ayPATPAT1019.dll 中发现 Trojan/PSW.OnLineGames.yiz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\ayPATPAT1019.exe 中发现 Trojan/PSW.OnLineGames.tal 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\bai.VBS 中发现 TrojanDownloader.VBS.Agent.ct 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\cuhad.dll 中发现 Trojan/PSW.Moshou.baw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\fCBDCBD1033.dll 中发现 Trojan/PSW.OnLineGames.sfq 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\fCBDCBD1033.exe 中发现 Trojan/PSW.OnLineGames.sgu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\HHHCompress.dll 中发现 Trojan/PSW.OnLineGames.vkc 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\laixuhz.dll 中发现 Trojan/PSW.OnLineGames.xav 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mian11.exe 中发现 Trojan/Delf.nz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mian17.exe 中发现 Trojan/PSW.OnLineGames.xvd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mian23.exe 中发现 Trojan/PSW.OnLineGames.wvh 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mian25.exe 中发现 Trojan/VB.Small.ael 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mian7.exe 中发现 Trojan/PSW.Lmir.cst 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mseion.sys 中发现 Trojan/PSW.OnLineGames.yiy 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\mswmgog32.dll 中发现 Trojan/PSW.OnLineGames.vck 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\qoq.exe 中发现 TrojanDropper.Agent.fes 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\qvdjryewow.dll 中发现 TrojanSpy.Agent.dvk 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\sysave.exe 中发现 TrojanDownloader.Agent.adfq 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\tsqc.dll 中发现 Trojan/PSW.OnLineGames.ycd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\tzm.dll 中发现 Trojan/PSW.OnLineGames.ycg 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\xdkrcipwm.dll 中发现 Trojan/PSW.OnLineGames.woq 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\新建文件夹.rar->新建文件夹\zadnew.dll 中发现 Trojan/PSW.OnLineGames.ygs 病毒, 已删除
回复

举报

Joker
发表于 2008-3-24 17:00:57 | 显示全部楼层
38
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rnh        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\684745MM.DLL
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.weq        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\atgnehz.dll//UPack
deleted: Trojan program Trojan-Downloader.Win32.Small.suu        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\AtiSrvn.exe//PE_Patch//UPack//PE_Patch.PECompact//PecBundle//PECompact
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uwh        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\awf.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uut        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\ayKAEKAE1050.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uxs        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\ayKAEKAE1050.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.urz        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\ayPATPAT1019.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.urz        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\ayPATPAT1019.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wch        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\aySADSAD1026.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wff        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\ayVUFVUF1008.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wch        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\ayVUFVUF1008.exe//PE_Patch//UPack
deleted: Trojan program Trojan.BAT.Runner.m        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\bai.BAT
deleted: Trojan program Trojan-PSW.Win32.WOW.aoy        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\cuhad.dll//UPack
deleted: Trojan program Trojan.Win32.AntiAV.g        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\en_1072.bin//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.sen        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\fCBDCBD1033.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.ryp        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\fCBDCBD1033.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rkf        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\HHHCompress.dll
deleted: virus Worm.Win32.AutoRun.dbm        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\inetin.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uil        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\laixuhz.dll//UPack
deleted: Trojan program Trojan-Downloader.Win32.VB.dgw        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\Mess.exe//FSG
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vdr        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\mian17.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vwo        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\mian18.exe//PE_Patch//UPack
deleted: Trojan program Trojan-Downloader.Win32.VB.dgg        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\mian25.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.Lmir.bpv        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\mian7.exe//PE_Patch//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.uoa        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\mseion.sys
deleted: Trojan program Trojan.Win32.VB.cjq        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\msosfpids32.sys
deleted: Trojan program Trojan.Win32.AntiAV.g        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\msosiocp.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.wem        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\msosmhfp00.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.rkf        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\mswmgog32.dll
deleted: riskware not-a-virus:NetTool.Win32.Portscan.i        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\qoq.exe
deleted: Trojan program Trojan-Spy.Win32.Agent.blw        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\qvdjryewow.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vvu        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\sauhad.dll//UPack//#
deleted: Trojan program Trojan-Downloader.Win32.Agent.lrm        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\sss0.exe//PE_Patch//UPack//PE_Patch.PECompact//PecBundle//PECompact
deleted: Trojan program Trojan-Downloader.Win32.Agent.llv        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\sysave.exe
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.upy        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\tsqc.dll//UPack
deleted: Trojan program Trojan-Spy.Win32.Agent.bsz        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\tzm.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.tch        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\xdkrcipwm.dll//UPack
deleted: Trojan program Trojan-PSW.Win32.OnLineGames.vot        File: C:\Documents and Settings\Administrator\×&Agrave;&Atilde;&aelig;\&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;.rar/&ETH;&Acirc;&frac12;¨&Icirc;&Auml;&frac14;&thorn;&frac14;&ETH;\zadnew.dll//UPack
回复

举报

sam.to
发表于 2008-3-24 17:04:31 | 显示全部楼层
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rnh        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭684745MM.DLL
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.weq        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭atgnehz.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Small.suu        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭AtiSrvn.exe//PE_Patch//UPack//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uwh        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭awf.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uut        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭ayKAEKAE1050.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uxs        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭ayKAEKAE1050.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.urz        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭ayPATPAT1019.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.urz        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭ayPATPAT1019.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wch        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭aySADSAD1026.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wff        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭ayVUFVUF1008.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wch        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭ayVUFVUF1008.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.BAT.Runner.m        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭bai.BAT
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.WOW.aoy        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭cuhad.dll//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.AntiAV.g        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭en_1072.bin//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.sen        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭fCBDCBD1033.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ryp        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭fCBDCBD1033.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rkf        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭HHHCompress.dll
已刪除: 病毒 Worm.Win32.AutoRun.dbm        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭inetin.exe//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uil        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭laixuhz.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.VB.dgw        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭Mess.exe//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vdr        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭mian17.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vwo        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭mian18.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.VB.dgg        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭mian25.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Lmir.bpv        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭mian7.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.uoa        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭mseion.sys
已刪除: 特洛伊木馬程式 Trojan.Win32.VB.cjq        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭msosfpids32.sys
已刪除: 特洛伊木馬程式 Trojan.Win32.AntiAV.g        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭msosiocp.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wem        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭msosmhfp00.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.rkf        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭mswmgog32.dll
已刪除: Riskware not-a-virus:NetTool.Win32.Portscan.i        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭qoq.exe
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Agent.blw        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭qvdjryewow.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vvu        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭sauhad.dll//UPack//#
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.lrm        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭sss0.exe//PE_Patch//UPack//PE_Patch.PECompact//PecBundle//PECompact
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.llv        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭sysave.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.upy        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭tsqc.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Agent.bsz        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭tzm.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tch        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭xdkrcipwm.dll//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vot        檔案: C:\Documents and Settings\kato9096\獢\?啣遣?辣憭?rar/?磰???璅糭zadnew.dll//UPack

38,上报31
回复

举报

gaojun7206
发表于 2008-3-24 17:54:22 | 显示全部楼层
84745MM.DLL
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [INFO]      The file was moved to '481b7a4e.qua'!
  atgnehz.cfg
  atgnehz.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '484e7a8a.qua'!
  AtiSrvn.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
      [INFO]      The file was moved to '48507a8b.qua'!
  AutoRuns.exe
  awf.cfg
  awf.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '484d7a8e.qua'!
  ayKAEKAE1050.dll
      [DETECTION] Is the Trojan horse TR/Drop.Agent.jue.1
      [INFO]      The file was moved to '48327a90.qua'!
  ayKAEKAE1050.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.jue.1
      [INFO]      The file was moved to '48327a91.qua'!
  ayPATPAT1019.dll
      [DETECTION] Is the Trojan horse TR/Agent.9124
      [INFO]      The file was moved to '48377a91.qua'!
  ayPATPAT1019.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.13988
      [INFO]      The file was moved to '4995004a.qua'!
  aySADSAD1026.dll
      [DETECTION] Is the Trojan horse TR/Drop.Agent.jue.1
      [INFO]      The file was moved to '483a7a91.qua'!
  aySADSAD1026.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.jue.1
      [INFO]      The file was moved to '483a7a92.qua'!
  ayVUFVUF1008.dll
      [DETECTION] Is the Trojan horse TR/Drop.Agent.jue.1
      [INFO]      The file was moved to '483d7a92.qua'!
  ayVUFVUF1008.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.jue.1
      [INFO]      The file was moved to '499f004b.qua'!
  bai.bat
  bai.vbs
  comr3260.dll
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [INFO]      The file was moved to '48547a89.qua'!
  cuhad.cfg
  cuhad.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '484f7a8f.qua'!
  en_1072.bin
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was moved to '48467a88.qua'!
  fCBDCBD1033.dll
      [DETECTION] Is the Trojan horse TR/Agent.7399
      [INFO]      The file was moved to '48297a5e.qua'!
  fCBDCBD1033.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ryp.2
      [INFO]      The file was moved to '498be677.qua'!
  HHHCompress.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
      [INFO]      The file was moved to '482f7a63.qua'!
  inetin.exe
      [DETECTION] Contains detection pattern of the worm WORM/Autorun.dbm
      [INFO]      The file was moved to '484c7a89.qua'!
  ip.txt
  laixuhz.cfg
  laixuhz.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.uil
      [INFO]      The file was moved to '48507a7d.qua'!
  Mess.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '485a7a81.qua'!
  mian11.exe
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
      [INFO]      The file was moved to '48487a85.qua'!
  mian17.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '48487a86.qua'!
  mian18.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.vwo.12
      [INFO]      The file was moved to '49eae6af.qua'!
  mian23.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
      [INFO]      The file was moved to '48487a98.qua'!
  mian25.exe
      [DETECTION] Is the Trojan horse TR/Agent.4584.1
      [INFO]      The file was moved to '48487a87.qua'!
  mian7.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [INFO]      The file was moved to '49eae6a0.qua'!
  mseion.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
      [INFO]      The file was moved to '484c7a92.qua'!
  msosdohs.dat
  msosfpids32.sys
      [DETECTION] Is the Trojan horse TR/VB.cjq
      [INFO]      The file was moved to '48567a92.qua'!
  msosiocp.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was moved to '49f4e6bb.qua'!
  msosmhfp.dat
  msosmhfp00.dll
      [DETECTION] Is the Trojan horse TR/PSW.15225
      [INFO]      The file was moved to '48567a94.qua'!
  mswmgog32.dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
      [INFO]      The file was moved to '485e7a93.qua'!
  por.aed
  qoq.exe
  qvdjryewow.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was moved to '484b7a96.qua'!
  rhs.cfg
  rhs.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '485a7a88.qua'!
  sauhad.cfg
  sauhad.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '485c7a82.qua'!
  sss0.exe
      [DETECTION] Is the Trojan horse TR/Agent.23192
      [INFO]      The file was moved to '485a7a94.qua'!
  sve.cfg
  sve.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '484c7a97.qua'!
  sys.bat
  sysave.exe
      [DETECTION] Is the Trojan horse TR/Hijack.Explor.3503
      [INFO]      The file was moved to '485a7a9a.qua'!
  SysWin7s.jmp
  tsqc.cfg
  tsqc.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '48587a95.qua'!
  ttjj1.ini
  tzm.cfg
  tzm.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '48547a9c.qua'!
  userinit.exe
  WinSys8v.Sys
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '48557a8b.qua'!
  xdfntt.cfg
  xdkrcipwm.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was moved to '48527a87.qua'!
  xfgnxfn.cfg
  zadnew.cfg
  zadnew.dll
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was moved to '484b7a84.qua'!
  _uninsep.bat
  ~DFF873.tmp
40个
回复

举报

sam.to
发表于 2008-3-24 17:58:10 | 显示全部楼层
Hello,

atgnehz.cfg, AutoRuns.exe_, awf.cfg, cuhad.cfg, ip.txt, laixuhz.cfg, msosdohs.dat, msosmhfp.dat, por.aed, rhs.cfg, sauhad.cfg, sve.cfg, sys.bat_, tsqc.cfg, ttjj1.ini, tzm.cfg, uninsep.bat_, userinit.exe_, xdfntt.cfg, xfgnxfn.cfg, zadnew.cfg, ~DFF873.tmp_

No malicious code were found in these files.

aySADSAD1026.dll - Trojan-PSW.Win32.OnLineGames.wgg,
bai.vbs_ - Trojan-Downloader.VBS.Agent.lg,
comr3260.dll - Trojan-PSW.Win32.OnLineGames.wgh,
mian11.exe_, SysWin7s.Jmp, WinSys8v.Sys - Trojan-PSW.Win32.QQPass.bmd,
mian23.exe_ - Trojan-Downloader.Win32.Agent.lyp,
rhs.dll - Trojan-PSW.Win32.OnLineGames.wge,
sve.dll - Trojan-PSW.Win32.OnLineGames.wgf

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Yury Nesmachny
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.
回复

举报

allinwonderi
发表于 2008-3-24 20:31:13 | 显示全部楼层
[Scanning : C:\Documents and Settings\All Users\Documents\Test]


C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:684745MM.DLL <- Trojan.Psw.Onlinegames.Rnh : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:ayKAEKAE1050.dll <- Trojan.Psw.Onlinegames.Uut : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:ayKAEKAE1050.exe <- Trojan.Psw.Onlinegames.Uxs : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:ayPATPAT1019.dll <- Trojan.Psw.Onlinegames.Urz : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:ayPATPAT1019.exe <- Trojan.Psw.Onlinegames.Urz : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:comr3260.dll <- Trojan.Psw.Onlinegames.Wbe : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:cuhad.dll<UPack>:cuhad.dll<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Uoa : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:en_1072.bin<UPack>:en_1072.bin <- Heur.RoundKick : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:fCBDCBD1033.dll<UPack>:fCBDCBD1033.dll <- Trojan.Psw.Onlinegames.Sen : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:fCBDCBD1033.exe<UPack>:fCBDCBD1033.exe <- Trojan.Psw.Onlinegames.Ryp : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:HHHCompress.dll<UPX>:HHHCompress.dll<DLLRES>:DATEINFO0.exe <- Trojan.Spy.Agent.Blw : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:mian25.exe<UPack>:mian25.exe<DLLRES>:res1.exe <- Trojan.Downloader.Vb.Dgg : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:mian7.exe<UPack>:mian7.exe <- Trojan.Psw.Lmir.Bpc : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:mian7.exe<UPack>:mian7.exe<DLLRES>:J9996660.exe <- Trojan.Psw.Onlinegames.Rnh : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:mseion.sys <- Trojan.Psw.Onlinegames.Uoa : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:msosiocp.dll<UPack>:msosiocp.dll <- Heur.RoundKick : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:mswmgog32.dll <- Trojan.Psw.Onlinegames.Rkf : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:qvdjryewow.dll <- Trojan.Spy.Agent.Blw : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:sauhad.dll<UPack>:sauhad.dll<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Uoa : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:sysave.exe <- Trojan.Downloader.Agent.Llv : No action
C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar<RAR>:xdkrcipwm.dll <- Trojan.Psw.Onlinegames.Tch : No action



Scanned objects : 121

Infected objects : 21
回复

举报

allinwonderi
发表于 2008-3-24 20:32:41 | 显示全部楼层
-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2008-3-24, 3:30

Scan name: Virus Tester
Path to scan: C:\Documents and Settings\All Users\Documents\Test\|

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2008-3-24, 20:31:28
---------------------------------------------------------------------
[Found password stealer]         <W32/Legendmir.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\684745MM.DLL
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\atgnehz.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\AtiSrvn.exe->(UPack)->(PecBundle)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\awf.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\ayKAEKAE1050.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\ayPATPAT1019.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\aySADSAD1026.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\ayVUFVUF1008.exe->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\cuhad.dll->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\en_1072.bin->(UPack)
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\fCBDCBD1033.exe->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\laixuhz.dll->(UPack)
[Found security risk]         <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\mian11.exe->(UPX)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\mian17.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\mian23.exe->(UPack)->(PecBundle)
[Found security risk]         <W32/Injector.A.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\mian7.exe
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\msosiocp.dll->(UPack)
[Found security risk]         <W32/Agent.L.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\msosmhfp00.dll
[Found password stealer]         <W32/Pws.AANX (exact, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\mswmgog32.dll
[Found possible virus]         <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\qvdjryewow.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\rhs.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\sauhad.dll->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\sss0.exe->(UPack)->(PecBundle)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\sve.dll->(UPack)
[Found possible virus]         <W32/Downloader-WebExe-based!Maximus (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\sysave.exe
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\tsqc.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\tzm.dll->(UPack)
[Found virus]         <W32/InfoStealer!Generic (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\WinSys8v.Sys
[Found possible virus]         <W32/Threat-SysVenFakU-based!Maximus (not disinfectable)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\xdkrcipwm.dll->(UPack)
[Found security risk]         <W32/OnlineGames.Q.gen!Eldorado (not disinfectable, generic)>        C:\Documents and Settings\All Users\Documents\Test\新建文件夹.rar->新建文件夹\zadnew.dll->(UPack)

---------------------------------------------------------------------
Scan ended:        2008-3-24, 20:31:57
Duration:        0:00:29

Scan result:

Scanned files:                 6
Infected objects:         30
Disinfected objects:         0
Quarantined files:         0
---------------------------------------------------------------------
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-5 19:59 , Processed in 0.102608 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表