多个/15

显示全部楼层 · 发表于 2008-3-30 00:32:24

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ymo       檔案: C:\Documents and Settings\kato9096\桌面\0\1.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.tzc       檔案: C:\Documents and Settings\kato9096\桌面\0\2.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.Small.bjt       檔案: C:\Documents and Settings\kato9096\桌面\0\20.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ozk       檔案: C:\Documents and Settings\kato9096\桌面\0\22.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.whs       檔案: C:\Documents and Settings\kato9096\桌面\0\23.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.whs       檔案: C:\Documents and Settings\kato9096\桌面\0\24.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wmi       檔案: C:\Documents and Settings\kato9096\桌面\0\3.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wjo       檔案: C:\Documents and Settings\kato9096\桌面\0\4.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wpa       檔案: C:\Documents and Settings\kato9096\桌面\0\6.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.wjf       檔案: C:\Documents and Settings\kato9096\桌面\0\7.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.whs       檔案: C:\Documents and Settings\kato9096\桌面\0\8.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.whs       檔案: C:\Documents and Settings\kato9096\桌面\0\9.exe//PE_Patch//UPack

不报的上报

Hello,

####.ex3e - Trojan.Win32.StartPage.bap

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

svchost.exek, uohsom.cfg

No malicious code were found in these files.

Please quote all when answering.

--
Best regards, Vladimir Krylov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-3-31 10:48 编辑 ]

显示全部楼层 · 发表于 2008-3-30 00:33:41

C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\1.exe2 - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\2.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\20.exe2 - Win32/Agent.NSD trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\22.exe2 - Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\23.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\24.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\3.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\4.exe4 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\6.exe5 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\7.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\8.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\4p.zip » ZIP » 0.rar » RAR » 0\9.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan

显示全部楼层 · 发表于 2008-3-30 00:34:49

12
C:\4p.zip » ZIP » 0.rar » RAR » 0\1.exe2 - a variant of Win32/PSW.OnLineGames.NFL trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\2.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\20.exe2 - Win32/Agent.NSD trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\22.exe2 - Win32/PSW.OnLineGames.MUG trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\23.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\24.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\3.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\4.exe4 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\6.exe5 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\7.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\8.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\4p.zip » ZIP » 0.rar » RAR » 0\9.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan

显示全部楼层 · 发表于 2008-3-30 00:42:16

D:\Virus\4p.zip=]lli.rar=]?y?q???.ex3e BehavesLike:Trojan.StartPage Suspect
D:\Virus\4p.zip=]0.rar=]0\4.exe4 Generic.PWS.Games.4.1A1F548A Disinfect Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\3.exe2 Generic.PWS.Games.4.FA2FCA16 Disinfect Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\1.exe2 Trojan.PWS.OnLineGames.NSR Disinfect Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\2.exe2 Trojan.PWS.OnLineGames.NSR Disinfect Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\6.exe5 Trojan.PWS.OnLineGames.NSR Disinfect Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\7.exe2 Trojan.PWS.OnLineGames.NSR Disinfect Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\22.exe2 Trojan.PWS.OnLineGames.WGF Delete Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\23.exe2 Trojan.PWS.OnLineGames.WGF Delete Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\24.exe2 Trojan.PWS.OnLineGames.WGF Delete Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\8.exe2 Trojan.PWS.OnLineGames.WGF Delete Failed (file was in an archive)
D:\Virus\4p.zip=]0.rar=]0\9.exe2 Trojan.PWS.OnLineGames.WGF Delete Failed (file was in an archive)

显示全部楼层 · 发表于 2008-3-30 00:42:49

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\1.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\2.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\22.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\23.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\24.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\3.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\4.exe4->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\6.exe5->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\7.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\8.exe2->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> c:\test\a\0\0\9.exe2->(UPack)

显示全部楼层 · 发表于 2008-3-30 01:05:24

信息 2008-03-30  01:04:56 您此次查毒清除了10个病毒
信息 2008-03-30  01:04:56 您此次查毒共查出10个病毒以及危险代码
信息 2008-03-30  01:04:56 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件31个
信息 2008-03-30  01:04:56 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\9.exe2 Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\8.exe2 Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\7.exe2 Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\6.exe5 Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\4.exe4 Win32.Troj.OnlineGames.df.102400 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\3.exe2 Win32.Troj.OnlineGamesT.e.94315 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\24.exe2 Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\23.exe2 Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\22.exe2 Win32.Troj.OnlineGamesT.nr.37008 清除成功
病毒 2008-03-30  01:04:56 D:\Desktop\4p.zip\0.rar\0\2.exe2 Win32.Troj.OnlineGamesT.e.94315 清除成功

显示全部楼层 · 发表于 2008-3-30 01:16:44

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\4p.zip'
C:\Documents and Settings\Administrator\桌面\4p.zip
  [0] Archive type: ZIP
--> 0.rar
   [1] Archive type: RAR
   --> 0\1.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
   --> 0\2.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
   --> 0\20.exe2
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   --> 0\22.exe2
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.oxf.3
   --> 0\23.exe2
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   --> 0\24.exe2
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   --> 0\3.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
   --> 0\4.exe4
      [DETECTION] Is the Trojan horse TR/Spy.Gen
   --> 0\6.exe5
      [DETECTION] Is the Trojan horse TR/Spy.Gen
   --> 0\7.exe2
      [DETECTION] Is the Trojan horse TR/Spy.Gen
   --> 0\8.exe2
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   --> 0\9.exe2
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!

End of the scan: 星期日 2008年3月30日  01:16
Used time: 00:10 min

The scan has been done completely.

   0 Scanning directories
   21 Files were scanned
   12 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   9 Files not concerned
   5 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-3-30 01:23:17

费尔12

E:\病毒\4p.zip>>0.rar>>0\1.exe2 W32.Viking.k 病毒还未处理
E:\病毒\4p.zip>>0.rar>>0\2.exe2 W32.Viking.k 病毒还未处理
E:\病毒\4p.zip>>0.rar>>0\20.exe2 TrojanDropper.Small.bjt.jkkc 木马还未处理
E:\病毒\4p.zip>>0.rar>>0\22.exe2 TrojanPSW.OnLineGames.ozk.zfwl 木马还未处理
E:\病毒\4p.zip>>0.rar>>0\23.exe2 TrojanPSW.OnLineGames.whs.froo 木马还未处理
E:\病毒\4p.zip>>0.rar>>0\24.exe2 Heuri.Suspicious.ERNM 启发式扫描还未处理
E:\病毒\4p.zip>>0.rar>>0\3.exe2 W32.Viking.k 病毒还未处理
E:\病毒\4p.zip>>0.rar>>0\4.exe4 W32.Viking.k 病毒还未处理
E:\病毒\4p.zip>>0.rar>>0\6.exe5 W32.Viking.k 病毒还未处理
E:\病毒\4p.zip>>0.rar>>0\7.exe2 W32.Viking.k 病毒还未处理
E:\病毒\4p.zip>>0.rar>>0\8.exe2 Heuri.Suspicious.ERNM 启发式扫描还未处理
E:\病毒\4p.zip>>0.rar>>0\9.exe2 TrojanPSW.OnLineGames.whs.thca 木马还未处理

显示全部楼层 · 发表于 2008-3-30 08:06:15

江民杀毒软件报告文件

北京江民新科技术有限公司

扫描引擎 11.00.703
病毒库日期 2008-03-29
更新日期 2008-03-15

扫描目标 d:\我的文档\桌面\4p.zip

开始时间 2008-03-15 21:12:59

在 d:\我的文档\桌面\4p.zip->0.rar->0\2.exe2 中发现 Trojan/PSW.OnLineGames.xgq 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\22.exe2 中发现 Trojan/PSW.OnLineGames.rjm 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\23.exe2 中发现 Trojan/PSW.OnLineGames.wve 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\24.exe2 中发现 Trojan/PSW.OnLineGames.wve 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\3.exe2 中发现 Trojan/PSW.OnLineGames.zoo 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\4.exe4 中发现 Trojan/PSW.OnLineGames.zva 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\7.exe2 中发现 Trojan/PSW.OnLineGames.zod 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\8.exe2 中发现 Trojan/PSW.OnLineGames.zas 病毒, 已删除
在 d:\我的文档\桌面\4p.zip->0.rar->0\9.exe2 中发现 Trojan/PSW.OnLineGames.zas 病毒, 已删除
正常结束。

扫描结果:
               文件数 :21                               病毒体 :9
               删除 :9                                  解毒 :0
扫描速度(千字节/秒) :255                            扫描时间 :00:00:03
扫描文件速度(个/秒) :7

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -    - - - - - - - - - - - -

显示全部楼层 · 发表于 2008-3-30 08:47:21

时间处理结果木马名称木马进程名木马文件创建者
2008-03-30 08:46:14 处理成功 Trojan-PSW.Win32.OLGame.xyc C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\0\7.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-03-30 08:46:14 处理成功 Trojan-PSW.Win32.OLGame.xyb C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\0\6.EXE5 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-03-30 08:46:14 处理成功 Trojan-PSW.Win32.OLGame.wpf C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\0\4.EXE4 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-03-30 08:46:14 处理成功 Trojan-PSW.Win32.OLGame.wpe C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\0\3.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-03-30 08:46:14 处理成功 Trojan-PSW.Win32.OLGames.syr C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\0\22.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-03-30 08:46:14 处理成功 Trojan-PSW.Win32.OLGame.gwk C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\0\20.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE

[病毒样本] 多个/15

本帖子中包含更多资源

12

BD 12

11