下载者...

显示全部楼层 · 发表于 2008-5-7 16:29:07

http://picon.chinaren.com/dx/ia/dxiaoj8.jpg

[CONTROL]
VERSION=2008-2-28

[DOWN]
NEWVERSION=http://cc.78797987898.com/mm2/up.exe
1=http://facaizhifuok.cn/hb/1.exe
2=http://facaizhifuok.cn/hb/2.exe
3=http://facaizhifuok.cn/hb/3.exe
4=http://facaizhifuok.cn/hb/4.exe
5=http://facaizhifuok.cn/hb/5.exe
6=http://facaizhifuok.cn/hb/6.exe
7=http://facaizhifuok.cn/hb/7.exe
8=http://facaizhifuok.cn/hb/8.exe
9=http://facaizhifuok.cn/hb/9.exe
10=http://facaizhifuok.cn/hb/10.exe
11=http://facaizhifuok.cn/hb/11.exe
12=http://facaizhifuok.cn/hb/12.exe
13=http://facaizhifuok.cn/hb/13.exe
14=http://facaizhifuok.cn/hb/14.exe
16=http://facaizhifuok.cn/hb/16.exe
17=http://facaizhifuok.cn/hb/17.exe
18=http://facaizhifuok.cn/hb/18.exe
19=http://facaizhifuok.cn/hb/19.exe
20=http://facaizhifuok.cn/hb/20.exe
21=http://facaizhifuok.cn/hb/21.exe
22=http://facaizhifuok.cn/hb/22.exe
23=http://facaizhifuok.cn/hb/23.exe
24=http://facaizhifuok.cn/hb/25.exe
25=http://facaizhifuok.cn/hb/26.exe

显示全部楼层 · 发表于 2008-5-7 19:57:56

之前见过，嘿嘿。

显示全部楼层 · 发表于 2008-5-7 20:17:12

显示全部楼层 · 发表于 2008-5-7 20:18:55

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adre 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\1.exe2//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.addc 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\10.exe2//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.QQPass.btj 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\11.exe2//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adpt 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\12.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adox 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\13.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ablh 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\14.exe2//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.acld 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\15.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adqo 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\16.exe2//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adox 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\17.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adrh 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\18.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adkl 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\19.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adrq 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\2.exe2//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.acvz 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\21.exe3//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.acta 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\22.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.actb 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\23.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Nilage.cfp 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\24.exe3//FSG
已刪除: 特洛伊木馬程式 Trojan.Win32.Agent.kuw 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\25.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.VB.dgg 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\26.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adrh 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\3.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.yzt 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\4.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adqv 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\6.exe3//FSG
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.Lmir.bvh 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\7.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.adpt 檔案: C:\Documents and Settings\kato9096\桌面\vvvvvvvvvvvvv.rar/vvvvvvvvvvvvv\9.exe3//PE_Patch//UPack

上报1个

显示全部楼层 · 发表于 2008-5-7 20:19:24

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GameOL.ja
病毒： Worm.Win32.PaBug.gz
病毒： Trojan.PSW.Win32.GameOL.gbf
病毒： Trojan.PSW.Win32.GameOL.nbr
病毒： Suspicious.Trojan.Win32.DelSelf.a
病毒： Trojan.PSW.Win32.GameOL.gbh
病毒： Trojan.PSW.Win32.GameOL.gau
病毒： Trojan.PSW.Win32.GameOL.gav
病毒： Trojan.PSW.Win32.GameOL.ih
病毒： RootKit.Win32.XNGAnti.a
病毒： RootKit.Win32.XNGAnti.a
病毒： Trojan.Win32.VB.zst
病毒： Trojan.PSW.Win32.GameOL.nhx
病毒： Backdoor.Win32.DownLoader.h
病毒： Backdoor.Win32.Undef.t
病毒： Backdoor.Win32.Scan.a
病毒： Backdoor.Win32.Undef.t
病毒： Packer.Win32.Upack.a
病毒： Trojan.PSW.Win32.LMir.bpj

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.43.22

显示全部楼层 · 发表于 2008-5-7 20:27:00

24个

显示全部楼层 · 发表于 2008-5-7 21:27:05

E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\1.exe2 - probably a variant of Win32/PSW.OnLineGames.NMQ trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\10.exe2 - a variant of Win32/PSW.OnLineGames.MUG trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\11.exe2 - a variant of Win32/PSW.QQPass.NCZ trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\12.exe2 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\13.exe2 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\14.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\15.exe2 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\16.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\17.exe2 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\18.exe2 - probably a variant of Win32/PSW.OnLineGames.NML trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\19.exe2 - a variant of Win32/PSW.OnLineGames.NML trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\2.exe2 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\21.exe3 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\22.exe3 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\23.exe3 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\24.exe3 - Win32/VB.NMH trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\25.exe3 - a variant of Win32/PSW.OnLineGames.NML trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\26.exe3 - Win32/VB.NMD trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\3.exe3 - probably a variant of Win32/PSW.OnLineGames.NML trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\4.exe3 - Win32/PSW.OnLineGames.MUG trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\6.exe3 - probably a variant of Win32/PSW.OnLineGames.NFL trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\7.exe3 - probably a variant of Win32/PSW.WOW.WU trojan
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\8.exe3 » UPX v12_m2 - is OK
E:\virus\vvvvvvvvvvvvv.rar » RAR » vvvvvvvvvvvvv\9.exe3 - a variant of Win32/PSW.OnLineGames.XZN trojan
E:\virus\vvvvvvvvvvvvv.rar:Zone.Identifier - is OK

显示全部楼层 · 发表于 2008-5-8 06:57:03

清空
Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\vvvvvvvvvvvvv'
C:\Documents and Settings\morgan\My Documents\vvvvvvvvvvvvv\
  1.exe2
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddo
   [NOTE]    The file was deleted!
  10.exe2
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: RSRC
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.adda
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  11.exe2
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.42
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  12.exe2
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.adlo
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  13.exe2
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/Agent.10517
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  14.exe2
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  15.exe2
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.acrj
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.acqi.1
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  16.exe2
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  17.exe2
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.adow
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  18.exe2
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  19.exe2
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  2.exe2
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  21.exe3
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  22.exe3
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.acsy
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.acqi.1
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  23.exe3
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.acxx
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.acqi.1
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  24.exe3
   [DETECTION] Is the Trojan horse TR/PSW.Nilage.cfp
   [NOTE]    The file was deleted!
  25.exe3
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  26.exe3
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      --> Object
         [DETECTION] Is the Trojan horse TR/Agent.4584.1
         [WARNING] Infected files in archives cannot be repaired!
   [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
   [NOTE]    The file was deleted!
  3.exe3
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  4.exe3
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
            [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
            [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  6.exe3
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  7.exe3
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
   [NOTE]    The file was deleted!
  8.exe3
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '488733cd.qua'!
  9.exe3
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/Agent.10680
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akt
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!

End of the scan: 2008年5月7日  15:56
Used time: 00:06 min

The scan has been done completely.

   1 Scanning directories
   24 Files were scanned
   31 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   23 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -7 Files not concerned
   0 Archives were scanned
   11 Warnings
   24 Notes

[病毒样本] 下载者...

本帖子中包含更多资源

回复 3楼 kato9096 的帖子

69/25

本帖子中包含更多资源

第8是活的么？