自动上门的

显示全部楼层 · 发表于 2008-3-25 19:01:04

Hello,

11.exe6 - Trojan-PSW.Win32.OnLineGames.wjo,
21.exe6 - Trojan-PSW.Win32.OnLineGames.wjn,
27.exe3 - Trojan-PSW.Win32.OnLineGames.wjp,
31.exe2 - Trojan-PSW.Win32.OnLineGames.wjq,
32.exe2 - Trojan-Downloader.Win32.Tibs.xk,
5.exe9 - Trojan-PSW.Win32.OnLineGames.wjm

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

显示全部楼层 · 发表于 2008-3-25 20:02:40

Programs.rar
[0] Archive type: RAR
--> Programs\1.exe
      [DETECTION] Is the Trojan horse TR/Onlinegames.usl
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\10.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\11.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\12.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\13.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.whk.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\14.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.640
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\15.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.whi
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\16.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wdj
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\17.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wen.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\18.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wef.1
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\19.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.weg.1
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\2.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\20.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\21.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.whm.1
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\22.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wfb.1
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\23.exe
      [DETECTION] Is the Trojan horse TR/Small.6910
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\24.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\25.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\26.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\27.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.638
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\28.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\29.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\3.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.641
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\30.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\31.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\32.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\33.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Delf.crp.3
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\4.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.XO
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.637
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.whn
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\7.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.aef
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\8.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wel
      [WARNING] Infected files in archives cannot be repaired!
--> Programs\9.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.vxf
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    The file was moved to '4857ea2a.qua'!

End of the scan: 2008年3月25日  20:02
Used time: 00:19 min

The scan has been done completely.

   0 Scanning directories
   34 Files were scanned
   32 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   33 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-25 20:05:50

在 C:\Documents and Settings\Administrator\桌面\virus.rar->a3.exe 中发现 Trojan/PSW.OnLineGames.yhx 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a1.exe 中发现 Trojan/PSW.OnLineGames.xxg 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a2.exe 中发现 Trojan/PSW.OnLineGames.ynx 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->aO.exe 中发现 Trojan/Agent.auks 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a4.exe 中发现 Trojan/PSW.OnLineGames.wpa 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a5.exe 中发现 Trojan/PSW.OnLineGames.xnd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a6.exe 中发现 Trojan/PSW.OnLineGames.xnd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a9.exe 中发现 Trojan/PSW.OnLineGames.xnd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a11.exe 中发现 Trojan/PSW.OnLineGames.xgs 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a12.exe 中发现 Trojan/PSW.OnLineGames.xxg 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a13.exe 中发现 Trojan/PSW.OnLineGames.ype 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a14.exe 中发现 Trojan/PSW.OnLineGames.yco 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a18.exe 中发现 Trojan/PSW.OnLineGames.wsu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a19.exe 中发现 Trojan/Delf.nz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a20.exe 中发现 Trojan/PSW.OnLineGames.xnd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a21.exe 中发现 Trojan/PSW.OnLineGames.xvd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a22.exe 中发现 Trojan/PSW.OnLineGames.xvd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a24.exe 中发现 Trojan/PSW.OnLineGames.xvd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a25.exe 中发现 Trojan/PSW.OnLineGames.xvd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a26.exe 中发现 Trojan/PSW.Lmir.cst 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a27.exe 中发现 Trojan/PSW.OnLineGames.seo 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a28.exe 中发现 Trojan/PSW.OnLineGames.xxg 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->a29.exe 中发现 Trojan/PSW.OnLineGames.upw 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\virus.rar->avp.exe 中发现 Trojan/PSW.OnLineGames.yhl 病毒, 已删除

显示全部楼层 · 发表于 2008-3-25 20:05:58

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.mnp
病毒： Trojan.PSW.Win32.GameOL.mnj
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.SunOnline.mu
病毒： Trojan.PSW.Win32.GameOL.mpz
病毒： Trojan.PSW.Win32.GameOL.mot
病毒： Trojan.PSW.Win32.GameOL.mqg
病毒： Trojan.PSW.Win32.SunOnline.mz
病毒： Trojan.PSW.Win32.GameOL.mqp
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.OnlineGames.eop
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GameOL.mqu
病毒： Trojan.PSW.Win32.SunOnline.mr
病毒： RootKit.Win32.Mnless.km
病毒： Trojan.PSW.Win32.GameOL.mpt
病毒： Trojan.PSW.Win32.QQPass.zfd
病毒： Trojan.PSW.Win32.GameOL.mpv

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.37.12

显示全部楼层 · 发表于 2008-3-25 21:04:43

原帖由 kato9096 于 2008-3-25 19:01 发表
Hello,

11.exe6 - Trojan-PSW.Win32.OnLineGames.wjo,
21.exe6 - Trojan-PSW.Win32.OnLineGames.wjn,
27.exe3 - Trojan-PSW.Win32.OnLineGames.wjp,
31.exe2 - Trojan-PSW.Win32.OnLineGames.wjq,
32.ex ...

你太帅了

显示全部楼层 · 发表于 2008-3-25 21:09:48

D:\download\Programs.rar>>Programs\1.exe TrojanDownloader.Nurech.bd.bmqk 木马还未处理
D:\download\Programs.rar>>Programs\10.exe TrojanPSW.GameOL.mnj.icvu 木马还未处理
D:\download\Programs.rar>>Programs\11.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\12.exe TrojanPSW.OnLineGames.rkf.skmg 木马还未处理
D:\download\Programs.rar>>Programs\13.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\14.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\15.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\16.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\17.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\18.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\19.exe TrojanPSW.OnLineGames.weg.bbyg 木马还未处理
D:\download\Programs.rar>>Programs\2.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\20.exe TrojanPSW.OnLineGames.rkf.daak 木马还未处理
D:\download\Programs.rar>>Programs\21.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\22.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\23.exe TrojanPSW.OnLineGames.tmj.jhey 木马还未处理
D:\download\Programs.rar>>Programs\24.exe TrojanPSW.OnLineGames.vdr.ulsl 木马还未处理
D:\download\Programs.rar>>Programs\25.exe TrojanPSW.OnLineGames.vdr.jjah 木马还未处理
D:\download\Programs.rar>>Programs\26.exe TrojanPSW.OnLineGames.uir.ylgw 木马还未处理
D:\download\Programs.rar>>Programs\27.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\28.exe TrojanPSW.OnLineGames.vdr.zxzo 木马还未处理
D:\download\Programs.rar>>Programs\29.exe W32.Generic.worm.jhho 病毒还未处理
D:\download\Programs.rar>>Programs\3.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\30.exe TrojanPSW.GameOL.mnj.fcby 木马还未处理
D:\download\Programs.rar>>Programs\33.exe TrojanDownloader.Delf.fxb.ncmj 木马还未处理
D:\download\Programs.rar>>Programs\4.exe TrojanPSW.OnLineGames.rkf.ohuo 木马还未处理
D:\download\Programs.rar>>Programs\5.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\6.exe W32.Viking.k 病毒还未处理
D:\download\Programs.rar>>Programs\7.exe TrojanPSW.OnLineGames.wdh.aitd 木马还未处理
D:\download\Programs.rar>>Programs\8.exe TrojanPSW.QQPass.zfd.vmcc 木马还未处理
D:\download\Programs.rar>>Programs\9.exe TrojanPSW.OnLineGames.vww.xyge 木马还未处理

[病毒样本] 自动上门的

82/31