[病毒样本] 32

显示全部楼层 · 发表于 2008-4-8 00:34:21

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ywa       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/7.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zeb       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/8.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yse       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/9.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yvm       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/10.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zkv       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/11.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zle       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/12.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.vlp       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/13.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yvk       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/14.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zmp       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/15.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zfe       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/16.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yvw       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/17.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zkl       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/18.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.ayr       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/20.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zjo       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/21.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zkz       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/25.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zaw       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/26.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zkp       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/27.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zkx       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/28.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.hko       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/29.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yip       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/31.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zez       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/32.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yuy       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/34.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Spy.Win32.Pophot.ana       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/080329.exe
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zmi       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/1.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zkz       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/2.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zmk       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/3.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yzt       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/4.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zjk       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/5.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.zaw       檔案: C:\Documents and Settings\kato9096\桌面\edfffer\32.zip/6.exe//PE_Patch//UPack

29，上报

Hello,

24.exe_ - Backdoor.Win32.Popwin.bdl,

30.exe_ - Trojan-PSW.Win32.OnLineGames.xml,

33.exe_ - Trojan-PSW.Win32.OnLineGames.xmp

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Mikhail Bulgakov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-4-8 11:04 编辑 ]

显示全部楼层 · 发表于 2008-4-8 00:35:21

C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 7.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 8.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 9.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 10.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 11.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 12.exe - a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 13.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 14.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 15.exe - a variant of Win32/PSW.Legendmir.NFR trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 16.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 17.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 18.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 20.exe - a variant of Win32/PSW.QQPass.NCZ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 21.exe - a variant of Win32/PSW.OnLineGames.NML trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 24.exe - probably a variant of Win32/TrojanDownloader.Flux trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 25.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 26.exe - a variant of Win32/PSW.OnLineGames.NML trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 27.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 28.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 29.exe - a variant of Win32/PSW.OnLineGames.NML trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 30.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 31.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 32.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 33.exe - a variant of Win32/PSW.OnLineGames.NML trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 34.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 080329.exe - a variant of Win32/Spy.Delf.NHF trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 1.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 2.exe - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 3.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 4.exe - a variant of Win32/PSW.OnLineGames.MUG trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 5.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\32.zip » ZIP » 6.exe - a variant of Win32/PSW.OnLineGames.NML trojan

显示全部楼层 · 发表于 2008-4-8 00:48:15

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\32.zip'
C:\Documents and Settings\Administrator\桌面\32.zip
  [0] Archive type: ZIP
  --> 7.exe3
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.666
  --> 8.exe3
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 9.exe2
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.661
  --> 10.exe2
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 11.exe2
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 12.exe2
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zle
  --> 13.exe2
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.609
  --> 14.exe2
   [DETECTION] Is the Trojan horse TR/PSW.Online.cfb
  --> 15.exe2
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 16.exe2
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zfe
  --> 17.exe6
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 18.exe1
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 20.exe2
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.boc
  --> 21.exe2
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 24.exe2
   [DETECTION] Contains suspicious code HEUR/Malware
  --> 25.exe2
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zky
  --> 26.exe2
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 27.exe1
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 28.exe2
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 29.exe2
   [DETECTION] Is the Trojan horse TR/Agent.hko.9
  --> 30.exe3
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 31.exe3
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 32.exe3
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zcn
  --> 33.exe3
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> 34.exe3
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.yxr
  --> 080329.exe2
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> 1.exe3
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 2.exe2
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zkf
  --> 3.exe3
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 4.exe3
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
  --> 5.exe2
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> 6.exe2
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!

End of the scan: 星期二 2008年4月8日  00:47
Used time: 00:08 min

The scan has been done completely.

   0 Scanning directories
   33 Files were scanned
   31 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-8 01:58:14

卡巴30个。已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ywa 文件: F:\Download\32.zip/7.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zeb 文件: F:\Download\32.zip/8.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yse 文件: F:\Download\32.zip/9.exe2//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yvm 文件: F:\Download\32.zip/10.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zkv 文件: F:\Download\32.zip/11.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zle 文件: F:\Download\32.zip/12.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.vlp 文件: F:\Download\32.zip/13.exe2//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yvk 文件: F:\Download\32.zip/14.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zmp 文件: F:\Download\32.zip/15.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zfe 文件: F:\Download\32.zip/16.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yvw 文件: F:\Download\32.zip/17.exe6//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zkl 文件: F:\Download\32.zip/18.exe1//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.QQPass.ayr 文件: F:\Download\32.zip/20.exe2//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zjo 文件: F:\Download\32.zip/21.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zkz 文件: F:\Download\32.zip/25.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zaw 文件: F:\Download\32.zip/26.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zkp 文件: F:\Download\32.zip/27.exe1//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zkx 文件: F:\Download\32.zip/28.exe2//PE_Patch//UPack
已删除：木马程序 Trojan.Win32.Agent.hko 文件: F:\Download\32.zip/29.exe2//PE_Patch//UPack
已删除：病毒 Heur.Trojan.Generic (修改) 文件: F:\Download\32.zip/30.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yip 文件: F:\Download\32.zip/31.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zez 文件: F:\Download\32.zip/32.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yuy 文件: F:\Download\32.zip/34.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-Spy.Win32.Pophot.ana 文件: F:\Download\32.zip/080329.exe2
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zmi 文件: F:\Download\32.zip/1.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zkz 文件: F:\Download\32.zip/2.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zmk 文件: F:\Download\32.zip/3.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\32.zip/4.exe3//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zjk 文件: F:\Download\32.zip/5.exe2//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.zaw 文件: F:\Download\32.zip/6.exe2//PE_Patch//UPack
咖啡，6个木马。

显示全部楼层 · 发表于 2008-4-8 11:04:57

Hello,

24.exe_ - Backdoor.Win32.Popwin.bdl,

30.exe_ - Trojan-PSW.Win32.OnLineGames.xml,

33.exe_ - Trojan-PSW.Win32.OnLineGames.xmp

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Mikhail Bulgakov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

显示全部楼层 · 发表于 2008-4-8 11:14:17

小红伞C版的灭31个

显示全部楼层 · 发表于 2008-4-8 11:52:27

时间处理结果木马名称木马进程名木马文件创建者
2008-04-08 11:51:34 处理成功 Trojan-PSW.Win32.OL-Game.ahx C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\6.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:34 处理成功 Trojan-PSW.Win32.OL-Game.brf C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\5.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bre C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\4.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Backdoor.Win32.GreyPigeon.lbr C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\3.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bqw C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\2.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.axq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\1.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-Downloader.Win32.Small.nyj C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\080329.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.wv C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\34.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bhf C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\32.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OLGame.yth C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\31.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan.Win32.Agent.lhq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\29.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.biq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\28.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.big C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\27.EXE1 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bqn C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\26.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bqy C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\25.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bqo C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\21.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.QQPass.itq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\20.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bqv C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\18.EXE1 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.xg C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\17.EXE6 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.bgu C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\16.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OL-Game.xi C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\14.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:33 处理成功 Trojan-PSW.Win32.OLGame.gwt C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\13.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:32 处理成功 Trojan-PSW.Win32.OL-Game.bqt C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\12.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:32 处理成功 Trojan-PSW.Win32.OL-Game.bir C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\11.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:32 处理成功 Trojan-PSW.Win32.OL-Game.wx C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\10.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:32 处理成功 Backdoor.Win32.GreyPigeon.pxh C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\9.EXE2 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:31 处理成功 Trojan-PSW.Win32.OL-Game.bqq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\8.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-08 11:51:31 处理成功 Trojan-PSW.Win32.OL-Game.aio C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIR\7.EXE3 C:\PROGRAM FILES\WINRAR\WINRAR.EXE

显示全部楼层 · 发表于 2008-4-8 11:58:50

病毒库日期08.04.06

信息 2008-04-08 11:55:34 您此次查毒清除了14个病毒
信息 2008-04-08 11:55:34 您此次查毒共查出12个病毒以及危险代码
信息 2008-04-08 11:55:34 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件75个
信息 2008-04-08 11:55:34 金山毒霸主程序查毒过程结束，查毒方式：全面杀毒
病毒 2008-04-08 11:55:34 C:\Documents and Settings\Administrator\My Documents\新建 WinRAR 压缩文件.rar VirusInRar 清除成功
病毒 2008-04-08 11:55:34 C:\Documents and Settings\Administrator\My Documents\新建 WinRAR 压缩文件.rar\PegeFile.pif Packes.MaskPE.a 清除成功
病毒 2008-04-08 11:55:34 C:\Documents and Settings\Administrator\My Documents\新建 WinRAR 压缩文件.rar\GameSetup.exe Worm.Hoby.a.37376 清除成功
病毒 2008-04-08 11:55:34 C:\Documents and Settings\Administrator\My Documents\新建 WinRAR 压缩文件.rar\auto.exe Win32.PSWTroj.AutoRun.yz 清除成功
病毒 2008-04-08 11:55:34 C:\Documents and Settings\Administrator\My Documents\32.zip VirusInZip 清除成功
病毒 2008-04-08 11:55:34 C:\Documents and Settings\Administrator\My Documents\32.zip\4.exe3 Win32.Troj.OnlineGameT.am.107664 清除成功
病毒 2008-04-08 11:55:33 C:\Documents and Settings\Administrator\My Documents\32.zip\1.exe3 Win32.Troj.OnLineGames.fe.33280 清除成功
病毒 2008-04-08 11:55:33 C:\Documents and Settings\Administrator\My Documents\32.zip\31.exe3 Win32.Troj.OnlineGamesT.af.57344 清除成功
病毒 2008-04-08 11:55:33 C:\Documents and Settings\Administrator\My Documents\32.zip\29.exe2 Win32.Troj.OnlineGamesT.oy.61440 清除成功
病毒 2008-04-08 11:55:32 C:\Documents and Settings\Administrator\My Documents\32.zip\24.exe2 Win32.TrojDownloader.Flux.139264 清除成功
病毒 2008-04-08 11:55:32 C:\Documents and Settings\Administrator\My Documents\32.zip\20.exe2 Win32.Troj.QQPswT.bs.116858 清除成功
病毒 2008-04-08 11:55:31 C:\Documents and Settings\Administrator\My Documents\32.zip\15.exe2 Win32.Troj.OnLineGamesT.gr.2637 清除成功
病毒 2008-04-08 11:55:31 C:\Documents and Settings\Administrator\My Documents\32.zip\13.exe2 Win32.PSWTroj.OnLineGames.102400 清除成功
病毒 2008-04-08 11:55:31 C:\Documents and Settings\Administrator\My Documents\32.zip\9.exe2 Win32.Troj.OnlineGamesT.yy.102400 清除成功
信息 2008-04-08 11:55:25 金山毒霸主程序启动查毒过程，查毒方式：全面杀毒
信息 2008-04-08 11:55:13 金山毒霸主程序启动

显示全部楼层 · 发表于 2008-4-8 12:14:54

Check system areas...
Check selected directories and files...
Object: 080329.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-Spy.Win32.Pophot.ana (Engine A), GenPack:Generic.Malware.SBdldspg.BBF4E72E (Engine B)
Object: 1.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zmi (Engine A), Generic.PWS.Games.4.BF5A4FF7 (Engine B)
Object: 10.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.yvm (Engine A), Trojan.PWS.OnLineGames.NVI (Engine B)
Object: 11.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zkv (Engine A), Generic.PWS.Games.4.4F680832 (Engine B)
Object: 12.exe2
Path: C:\Documents and Settings\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zle (Engine A), Dropped:Rootkit.OnlineGames.C (Engine B)
Object: 13.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.vlp (Engine A), Trojan.PWS.OnLineGames.NVI (Engine B)
Object: 14.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.yvk (Engine A), Generic.PWS.Games.4.6EEA131A (Engine B)
Object: 15.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zmp (Engine A)
Object: 16.exe2
Path: C:\Documents and Settings\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zfe (Engine A), Dropped:Generic.Malware.SBdld.74E23FDC (Engine B)
Object: 17.exe6
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.yvw (Engine A), Generic.PWS.Games.4.F7F60765 (Engine B)
Object: 18.exe1
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zkl (Engine A), Generic.PWS.Games.4.C47E81A8 (Engine B)
Object: 2.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zkz (Engine A), Dropped:Generic.PWS.Games.1.B820822D (Engine B)
Object: 20.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.QQPass.ayr (Engine A), Generic.PWStealer.D2BAF495 (Engine B)
Object: 21.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zjo (Engine A)
Object: 24.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Backdoor.Win32.Popwin.bdl (Engine A), Generic.Popwin.2BDA806F (Engine B)
Object: 25.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zkz (Engine A), Dropped:Rootkit.OnlineGames.C (Engine B)
Object: 26.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zaw (Engine A)
Object: 27.exe1
Path: C:\Documents and Settings\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zkp (Engine A), Generic.PWS.Games.4.2F6C6091 (Engine B)
Object: 28.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zkx (Engine A), Generic.PWS.Games.4.38CB5396 (Engine B)
Object: 29.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Virus removed
Virus: Trojan.Win32.Agent.hko (Engine A), Trojan.Generic.133317 (Engine B)
Object: 3.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zmk (Engine A), Trojan.PWS.OnLineGames.NVI (Engine B)
Object: 30.exe3
Path: C:\Documents and Settings\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.xml (Engine A), Generic.PWS.Games.4.3643D75E (Engine B)
Object: 31.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.yip (Engine A), Dropped:Generic.Malware.SBdld.AEB376D3 (Engine B)
Object: 32.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zez (Engine A), Dropped:Rootkit.OnlineGames.C (Engine B)
Object: 33.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.xmp (Engine A)
Object: 34.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.yuy (Engine A), Dropped:Rootkit.OnlineGames.C (Engine B)
Object: 4.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Virus removed
Virus: Trojan-PSW.Win32.OnLineGames.yzt (Engine A), Trojan.PWS.OnLineGames.WGF (Engine B)
Object: 5.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zjk (Engine A)
Object: 6.exe2
Path: C:\Documents and Settings\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zaw (Engine A)
Object: 7.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.ywa (Engine A), Trojan.PWS.OnLineGames.NVI (Engine B)
Object: 8.exe3
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.zeb (Engine A), Generic.PWS.Games.4.F0B50207 (Engine B)
Object: 9.exe2
Path: C:\Documents and Settings\\HERO\Test\32
Status: Move file into quarantine
Virus: Trojan-PSW.Win32.OnLineGames.yse (Engine A), Generic.PWS.Games.4.03E7B54C (Engine B)
Analysis complete: 4/8/2008 12:13
32 files checked
32 infected files detected
0 suspected files detected

显示全部楼层 · 发表于 2008-4-8 12:58:37

4.8.11

信息 2008-04-08  12:58:07 您此次查毒清除了29个病毒
信息 2008-04-08  12:58:07 您此次查毒共查出29个病毒以及危险代码
信息 2008-04-08  12:58:07 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件66个
信息 2008-04-08  12:58:07 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

[病毒样本] 32

本帖子中包含更多资源

全灭

Micropoint 28

回复 8楼小白鼠的帖子

浏览过的版块

[病毒样本] 32

本帖子中包含更多资源

全灭

Micropoint 28

回复 8楼 小白鼠 的帖子

浏览过的版块

回复 8楼小白鼠的帖子