收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 20~~~
返回列表 发新帖
查看: 2737|回复: 9
收起左侧

[病毒样本] 20~~~

[复制链接]
Joker
发表于 2008-3-29 14:01:22 | 显示全部楼层 |阅读模式
http://bbs.kafan.cn/viewthread.php?tid=225587&extra=page%3D1挖的。。
费尔全灭
C:\Documents and Settings\Administrator\桌面\20.rar>>20\10.exe TrojanPSW.OnLineGames.whs.zvid 木马 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\11.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\12.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\13.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\14.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\15.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\16.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\17.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\18.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\19.exe TrojanPSW.OnLineGames.rri.fccq 木马 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\20.exe Heuri.Suspicious.ERNM 启发式扫描 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\21.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\22.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\24.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\25.exe Heuri.Suspicious.ERNM 启发式扫描 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\27.exe W32.Viking.k 病毒 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\30.exe TrojanPSW.OnLineGames.rri.fccq 木马 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\32.exe TrojanPSW.GameOL.mpw.flfw 木马 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\33.exe RootKit.Mnless.km.tshb 木马 还未处理
C:\Documents and Settings\Administrator\桌面\20.rar>>20\34.exe TrojanPSW.OnLineGames.rri.fccq 木马 还未处理

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

testhawk
发表于 2008-3-29 14:04:02 | 显示全部楼层
20
C:\20.rar » RAR » 20\10.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\20.rar » RAR » 20\11.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\12.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\13.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\14.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\15.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\16.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\17.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\18.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\19.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\20.rar » RAR » 20\20.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\20.rar » RAR » 20\21.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\22.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\24.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\25.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\20.rar » RAR » 20\27.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\20.rar » RAR » 20\30.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\20.rar » RAR » 20\32.exe - a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\20.rar » RAR » 20\33.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\20.rar » RAR » 20\34.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
回复

举报

aerbeisi
发表于 2008-3-29 14:08:37 | 显示全部楼层

20

[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\10.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\11.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\12.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\13.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\14.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\15.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\16.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\17.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\18.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\19.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\20.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\21.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\22.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\24.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\25.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\27.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\30.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\32.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\33.exe->(UPack)
[Found possible security risk]         <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>        c:\test\20\34.exe->(UPack)
回复

举报

mofunzone
发表于 2008-3-29 14:26:44 | 显示全部楼层
全灭
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\20'
C:\Documents and Settings\Administrator\My Documents\20\20\
  10.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
              [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  11.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wjo.2
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  12.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
  13.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.whk.2
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  14.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.640
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  15.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.whi
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  16.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
  17.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wen.2
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  18.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wef.1
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  19.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '481bef5c.qua'!
  20.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
              [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  21.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.655
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  22.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
  24.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
  25.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
              [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
              [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  27.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [NOTE]      The file was deleted!
  30.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '481bef54.qua'!
  32.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
            [DETECTION] Is the Trojan horse TR/VB.cjq
            [WARNING]   Infected files in archives cannot be repaired!
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '481bef56.qua'!
  33.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.12986
            [WARNING]   Infected files in archives cannot be repaired!
        --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.wdi
            [WARNING]   Infected files in archives cannot be repaired!
      [NOTE]      The file was deleted!
  34.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: Runtime Packed
          --> Object
        --> Object
      [DETECTION] Contains suspicious code HEUR/Malware
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '481bef58.qua'!


End of the scan: 2008年3月28日  23:26
Used time: 00:04 min

The scan has been done completely.

      2 Scanning directories
     20 Files were scanned
     18 viruses and/or unwanted programs were found
      4 Files were classified as suspicious:
     16 files were deleted
      0 files were repaired
      4 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      0 Archives were scanned
     13 Warnings
     20 Notes
回复

举报

挪威的冬天
发表于 2008-3-29 14:27:24 | 显示全部楼层


信息        2008-03-29  14:27:14        您此次查毒清除了14个病毒                       
信息        2008-03-29  14:27:14        您此次查毒共查出14个病毒以及危险代码                       
信息        2008-03-29  14:27:14        您此次查毒共查了内存模块0个,磁盘引导扇区0个,文件41个                       
信息        2008-03-29  14:27:14        金山毒霸主程序查毒过程结束,查毒方式:命令行查毒                       
病毒        2008-03-29  14:27:14        D:\Desktop\20.rar\20\34.exe        Win32.Troj.OnlineGamesT.ur.90112        清除成功       
病毒        2008-03-29  14:27:14        D:\Desktop\20.rar\20\32.exe        Win32.Troj.OnlineGameT.lf.94208        清除成功       
病毒        2008-03-29  14:27:14        D:\Desktop\20.rar\20\27.exe        Win32.Troj.OnlineGamesT.ee.94208        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\25.exe        Win32.Troj.OnlineGameT.am.107664        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\22.exe        Win32.Troj.OnlineGamesT.e.94315        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\21.exe        Win32.Troj.OnlineGames.rr.106496        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\20.exe        Win32.Troj.OnlineGameT.am.107664        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\18.exe        Win32.Troj.OnlineGamesT.e.94315        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\17.exe        Win32.Troj.OnlineGamesT.e.94315        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\15.exe        Win32.Troj.OnlineGamesT.e.94315        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\14.exe        Win32.PSWTroj.OnLineGames.102400        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\13.exe        Win32.Troj.OnlineGamesT.e.94315        清除成功       
病毒        2008-03-29  14:27:13        D:\Desktop\20.rar\20\11.exe        Win32.Troj.OnlineGames.df.102400        清除成功       
病毒        2008-03-29  14:27:12        D:\Desktop\20.rar\20\10.exe        Win32.Troj.OnlineGameT.am.107664        清除成功
回复

举报

kkgh
发表于 2008-3-29 15:03:44 | 显示全部楼层
诺顿11个

瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.GameOL.mss
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.QQSG.dg
病毒: Trojan.PSW.Win32.GameOL.mta
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.GameOL.msj
病毒: Trojan.PSW.Win32.GameOL.mrs
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: RootKit.Win32.Mnless.kl  
病毒: Trojan.PSW.Win32.GameOL.mpw
病毒: RootKit.Win32.Mnless.km  
病毒: Trojan.PSW.Win32.GameOL.msu

用户来源:互联网

软件版本:20.37.50
20个
回复

举报

qigang
发表于 2008-3-29 18:55:20 | 显示全部楼层

58/24

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.PSW.Win32.GameOL.mss
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: Trojan.PSW.Win32.QQSG.dg
病毒: Trojan.PSW.Win32.GameOL.mta
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: RootKit.Win32.Undef.ec   
病毒: Trojan.PSW.Win32.GameOL.msj
病毒: Trojan.PSW.Win32.GameOL.mrs
病毒: Trojan.PSW.Win32.GameOL.GEN
病毒: RootKit.Win32.Undef.ec   
病毒: RootKit.Win32.Mnless.kl  
病毒: Trojan.PSW.Win32.GameOL.mpw
病毒: RootKit.Win32.Mnless.km  
病毒: Trojan.PSW.Win32.GameOL.msu

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.37.51
回复

举报

红心王子
发表于 2008-3-29 18:59:27 | 显示全部楼层
木马名称:Trojan-PSW.Win32.OLGame.ven

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\11.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.yqq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\12.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.rlq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\13.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.rma

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.rlu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\15.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.xxw

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\16.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.rlz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\17.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.rlv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\18.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?


广告软件名称:AdWare.Win32.MoKeAD.nh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\19.EXE
是广告软件!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.woe

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\21.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.wqd

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\22.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?


木马名称:Trojan-PSW.Win32.OLGame.xxu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\24.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.VB.cqp

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGame.tiu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\33.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Dadobra.vf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\20\34.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
回复

举报

allinwonderi
发表于 2008-3-29 20:32:38 | 显示全部楼层
[Scanning : C:\Documents and Settings\All Users\Documents\Test]


C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:11.exe<UPack>:11.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Wjo : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:13.exe <- Trojan.Psw.Onlinegames.Whl : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:13.exe<UPack>:13.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Whk : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:14.exe <- Trojan.Psw.Onlinegames.Vlp : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:15.exe <- Trojan.Psw.Onlinegames.Whj : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:15.exe<UPack>:15.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Whi : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:17.exe <- Trojan.Psw.Onlinegames.Wen : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:17.exe<UPack>:17.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Wen : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:18.exe <- Trojan.Psw.Onlinegames.Wef : No action
C:\Documents and Settings\All Users\Documents\Test\20.rar<RAR>:18.exe<UPack>:18.exe<DLLRES>:res0.exe <- Trojan.Psw.Onlinegames.Wef : No action



Scanned objects : 45

Infected objects : 10
回复

举报

wangjay1980
发表于 2008-3-29 20:38:55 | 显示全部楼层
Hello,

12.exe_ - Trojan-PSW.Win32.OnLineGames.ylu,
19.exe_, 30.exe_, aa23.exe_ - Trojan-PSW.Win32.OnLineGames.ylv,
2.exe_, aa3.exe_ - Trojan-PSW.Win32.OnLineGames.ymj,
27.exe_ - Trojan-PSW.Win32.OnLineGames.ymm,
34.exe_ - Trojan-PSW.Win32.OnLineGames.ylw,
4.exe_ - Trojan-PSW.Win32.OnLineGames.ymo,
9.exe_ - Trojan-PSW.Win32.OnLineGames.ymq,
aa14.exe_, aa20.exe_, aa8.exe_ - Trojan-PSW.Win32.OnLineGames.ylx,
aa2.exe_ - Trojan-PSW.Win32.OnLineGames.ymr,
aa28.exe_ - Trojan-PSW.Win32.OnLineGames.yms,
aa29.exe_ - Trojan-PSW.Win32.OnLineGames.ymt,
aa5.exe_ - Trojan-PSW.Win32.OnLineGames.ymu,
aa7.exe_ - Trojan-PSW.Win32.OnLineGames.ymv,
AVPSrv.dll - Trojan-PSW.Win32.OnLineGames.ymx,
ayNNBNNB1045.dll - Trojan-PSW.Win32.OnLineGames.yly,
CAPWSJHL.htm_ - Trojan-Downloader.VBS.Psyme.np,
cedafb.dll - Trojan-PSW.Win32.OnLineGames.ylz,
crugd.dll - Trojan-PSW.Win32.Lmir.bue,
DbgHlp32(1).dlL - Trojan-PSW.Win32.OnLineGames.ymy,
DbgHlp32.dlL - Trojan-PSW.Win32.OnLineGames.ymz,
dnteh.dll - Trojan-PSW.Win32.OnLineGames.yna,
ektvm.dll - Trojan-PSW.Win32.WOW.arq,
fjyjy.dll - Trojan-PSW.Win32.OnLineGames.ynb,
fmsbbqi.dll - Trojan-PSW.Win32.OnLineGames.ymk,
hhrdxd.dll - Trojan-PSW.Win32.OnLineGames.ymb,
interne.exe_ - Trojan-PSW.Win32.OnLineGames.ymc,
jfrwdh.dll - Trojan-PSW.Win32.OnLineGames.ymd,
jwlah.dll - Trojan-PSW.Win32.OnLineGames.ync,
jzijj.dll - Trojan-PSW.Win32.OnLineGames.ynd,
kg.cmd_ - Trojan-PSW.Win32.Magania.imw,
Kvsc3.dll - Trojan-PSW.Win32.OnLineGames.yne,
mppds.dll - Trojan-PSW.Win32.OnLineGames.ymp,
mseion.sys - Trojan-PSW.Win32.OnLineGames.yma,
msepbe(1).dll - Trojan-PSW.Win32.OnLineGames.xkv,
msepbe.dll - Trojan-PSW.Win32.OnLineGames.xku,
MsIMMs32(1).dll, MsIMMs32.dll - Trojan-PSW.Win32.OnLineGames.ynf,
msoscqit00.dll - Trojan-PSW.Win32.OnLineGames.ynl,
msosjtio00.dll - Trojan.Win32.Agent.jbx,
msosmhfp00.dll - Trojan-PSW.Win32.OnLineGames.yng,
msosping00.dll - Trojan-PSW.Win32.OnLineGames.ynk,
sehhter.dll - Trojan-PSW.Win32.OnLineGames.ynh,
sgrefg.dll - Trojan-PSW.Win32.OnLineGames.yme,
SHAProc.dat - Trojan-PSW.Win32.OnLineGames.yni,
SoundMan.exe_ - Trojan-PSW.Win32.OnLineGames.ymf,
tciocp32.dll - Trojan-PSW.Win32.OnLineGames.ymw,
WINSvr32.dll - Trojan-PSW.Win32.OnLineGames.ymn,
wrqszl.dll - Trojan-PSW.Win32.OnLineGames.ymg,
WSockDrv32(1).dll, WSockDrv32.dll - Trojan-PSW.Win32.OnLineGames.yml,
wyrsdj.dll - Trojan-PSW.Win32.OnLineGames.ymh,
xgnfn.dll - Trojan-PSW.Win32.OnLineGames.ynj,
zgfdet.dll - Trojan-PSW.Win32.OnLineGames.ymi,
zjydcx.dll - Trojan.Win32.Agent.jbw

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Namestnikov Yury
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.
[:1:]
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-9-17 17:41 , Processed in 0.154361 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表