某贴下载者列表

显示全部楼层 · 发表于 2008-4-13 13:32:03

貌似更新了

ORZz........

[oo]
c0=http://219.129.239.130/soft00.exe
c1=http://219.129.239.130/soft01.exe
c2=http://219.129.239.130/soft02.exe
c3=http://219.129.239.130/soft03.exe
c4=http://219.129.239.130/soft04.exe
c5=http://219.129.239.130/soft05.exe
c6=http://219.129.239.130/soft06.exe
c7=http://219.129.239.130/soft07.exe
c8=http://219.129.239.130/soft08.exe
c9=http://219.129.239.130/soft09.exe
c10=http://219.129.239.130/soft10.exe
c11=http://219.129.239.130/soft11.exe
c12=http://219.129.239.130/soft12.exe
c13=http://219.129.239.130/soft12.exe
c14=http://219.129.239.130/soft13.exe
c15=http://219.129.239.130/soft14.exe
c16=http://219.129.239.130/soft15.exe
c17=http://219.129.239.130/soft16.exe
c18=http://219.129.239.130/soft17.exe
c19=http://219.129.239.130/soft18.exe
c20=http://219.129.239.130/soft19.exe
c21=http://219.129.239.130/soft20.exe
c22=http://219.129.239.130/soft21.exe

显示全部楼层 · 发表于 2008-4-13 13:33:19

找人打包上来~

显示全部楼层 · 发表于 2008-4-13 13:36:39

下到20个。。有两个吓不倒

显示全部楼层 · 发表于 2008-4-13 13:38:36

Starting the file scan:

Begin scan in 'E:\新建文件夹 (2)'
E:\新建文件夹 (2)\soft00.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft01.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft02.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft03.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft04.exe
   [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft05.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft06.exe
   [DETECTION] Is the Trojan horse TR/Rootkit.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft07.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft08.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft09.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft10.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddm.1
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft12.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft13.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft11.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft14.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft15.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft16.exe
   [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft17.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft19.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    The file was deleted!
E:\新建文件夹 (2)\soft21.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
   [INFO]    The file was deleted!

End of the scan: 2008年4月13日  13:40
Used time: 00:22 min

The scan has been done completely.

   1 Scanning directories
   20 Files were scanned
   20 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   20 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   0 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2008-4-13 13:41:02

江民杀毒软件报告文件

北京江民新科技术有限公司

扫描引擎 11.00.703
病毒库日期 2008-04-13
更新日期 2008-03-29

扫描目标 C:\Documents and Settings\Administrator\桌面\1.rar

开始时间 2008-03-29 05:39:29

在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft00.exe 中发现 TrojanDownloader.Delf.hdz 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft01.exe 中发现 Trojan/PSW.OnLineGames.wve 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft02.exe 中发现 Trojan/PSW.OnLineGames.aabd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft03.exe 中发现 TrojanSpy.Agent.ejr 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft05.exe 中发现 Trojan/PSW.OnLineGames.zzl 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft06.exe 中发现 Trojan/Agent.aylm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft07.exe 中发现 TrojanSpy.Agent.emp 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft08.exe 中发现 Trojan/Agent.aylm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft09.exe 中发现 TrojanSpy.Agent.emo 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft10.exe 中发现 Trojan/PSW.GamePass.advd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft11.exe 中发现 Trojan/Agent.aylm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft12.exe 中发现 Trojan/Agent.aylm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft13.exe 中发现 Trojan/PSW.Lmir.cst 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft14.exe 中发现 Trojan/Agent.aylm 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft15.exe 中发现 Trojan/PSW.OnLineGames.aabd 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft16.exe 中发现 Trojan/PSW.OnLineGames.wve 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft17.exe 中发现 Trojan/PSW.OnLineGames.abfe 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft19.exe 中发现 TrojanSpy.Agent.emr 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\1.rar->1\soft21.exe 中发现 Trojan/PSW.QQPass.tim 病毒, 已删除
正常结束。

扫描结果:
               文件数 :22                               病毒体 :19
               删除 :19                                  解毒 :0
扫描速度(千字节/秒) :60                               扫描时间 :00:00:12
扫描文件速度(个/秒) :1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -    - - - - - - - - - - - -

显示全部楼层 · 发表于 2008-4-13 13:43:16

时间处理结果木马名称木马进程名木马文件创建者
2008-04-13 13:42:45 处理成功 Trojan-PSW.Win32.OL-Game.ddc C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT17.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:45 处理成功 Trojan-PSW.Win32.OL-Game.dch C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT16.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:45 处理成功 Trojan-PSW.Win32.OL-Game.ddf C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT15.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:45 处理成功 Trojan-PSW.Win32.OL-Game.dbq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT14.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:45 处理成功 Trojan-PSW.Win32.OL-Game.agq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT12.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:44 处理成功 Trojan-PSW.Win32.OLGames.acl C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT10.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:38 处理成功 Trojan-PSW.Win32.OL-Game.brv C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT08.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:25 处理成功 Trojan-PSW.Win32.OL-Game.nj C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT05.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:18 处理成功 Trojan-PSW.Win32.OL-Game.dbx C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT03.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:07 处理成功 Trojan-PSW.Win32.OL-Game.brx C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT02.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:42:00 处理成功 Trojan-PSW.Win32.OL-Game.dbp C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT01.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-04-13 13:41:50 处理成功 Trojan-Downloader.Win32.Delf.juw C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\1\SOFT00.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE

显示全部楼层 · 发表于 2008-4-13 13:43:20

[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft00.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft01.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft02.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft03.exe->(UPack)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\test\1\soft04.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft05.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft06.exe->(UPack)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\test\1\soft07.exe
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft08.exe->(UPack)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\test\1\soft09.exe
[Found password stealer] <W32/OnlineGames.K.gen!Eldorado (not disinfectable, generic)> C:\test\1\soft10.exe->(UPX)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft11.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft12.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft13.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft14.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft15.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft16.exe->(UPack)
[Found possible security risk] <W32/Heuristic-162!Eldorado (damaged, not disinfectable)> C:\test\1\soft17.exe->(UPack)
[Found security risk] <W32/Injector.A.gen!Eldorado (not disinfectable, generic)> C:\test\1\soft19.exe->(FSG)
[Found security risk] <W32/AutoRun.D.gen!Eldorado (not disinfectable, generic)> C:\test\1\soft21.exe->(UPX)

显示全部楼层 · 发表于 2008-4-13 13:44:53

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.moq
病毒： Packer.Win32.Upack.a
病毒： Trojan.PSW.Win32.GameOL.mxr
病毒： Trojan.PSW.Win32.GameOL.myk
病毒： Trojan.PSW.Win32.GameOL.mxl
病毒： Trojan.PSW.Win32.GameOnline.zzy
病毒： Trojan.PSW.Win32.GamesOnline.fz

MAC 地址：00:17:31:40:A3:57

用户来源：局域网

软件版本：20.39.60

显示全部楼层 · 发表于 2008-4-13 14:10:13

卡巴20个。
检测到：木马程序 Trojan-Downloader.Win32.Delf.axx 文件: F:\Download\1.rar/1\soft00.exe//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\1.rar/1\soft01.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yog 文件: F:\Download\1.rar/1\soft02.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.zsn 文件: F:\Download\1.rar/1\soft03.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.aafk 文件: F:\Download\1.rar/1\soft04.exe//FSG
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.ypf 文件: F:\Download\1.rar/1\soft05.exe//UPack//PE_Patch
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\1.rar/1\soft06.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.aadz 文件: F:\Download\1.rar/1\soft07.exe//FSG
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\1.rar/1\soft08.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.aadv 文件: F:\Download\1.rar/1\soft09.exe//FSG
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.jnb 文件: F:\Download\1.rar/1\soft10.exe//UPX
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\1.rar/1\soft11.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\1.rar/1\soft12.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.Lmir.bpv 文件: F:\Download\1.rar/1\soft13.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yzt 文件: F:\Download\1.rar/1\soft14.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yvs 文件: F:\Download\1.rar/1\soft15.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.yog 文件: F:\Download\1.rar/1\soft16.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.zvb 文件: F:\Download\1.rar/1\soft17.exe//PE_Patch//UPack
检测到：木马程序 Trojan-PSW.Win32.OnLineGames.aafe 文件: F:\Download\1.rar/1\soft19.exe//FSG
检测到：木马程序 Trojan-PSW.Win32.QQPass.bqb 文件: F:\Download\1.rar/1\soft21.exe//UPX

显示全部楼层 · 发表于 2008-4-13 14:11:16

驱逐舰

[病毒样本] 某贴下载者列表

本帖子中包含更多资源

评分

20

20

37/19

本帖子中包含更多资源