病毒样本来了

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： RootKit.Win32.Undef.hh   
病毒： Trojan.Win32.Undef.hdp   
病毒： AdWare.Win32.Undef.dga   
病毒： AdWare.Win32.Cpush.ap   
病毒： Trojan.DL.Win32.Mnless.acf
病毒： Trojan.Win32.Undef.gjv   
病毒： Trojan.Win32.AvKiller.az

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.48.62

28654621

是机器狗么？ 要运行IE 和QQGAME的Update.exe

对 D:\Program Files\QQGame\Update\Update.exe 的访问被您的管理员根据位置用路径 D:\Program Files\QQGame\Update\update.exe 上的策略规则 {ea9817e4-4d86-4941-a2e9-ee076f123d23} 限制了

对 C:\Program Files\Internet Explorer\iexplore.exe 的访问被您的管理员根据位置用路径 C:\Program Files\Internet Explorer\Iexplore.exe 上的策略规则 {49ca436e-05aa-4863-aa76-dffb25d4f8c9} 限制了

生成物                2008-6-15 20:12:08        TrojanPSW.OnLineGames.wlu.kjdk        木马        Administrator        D:\Sandbox\Administrator\Virus\user\current\Local Settings\Temp\Rar$EX00.719\20086665944894\orz.exe        Realtime scan

sam.to

Hello,

#TMPPLS.DAT

No malicious code was found in this file.

4nvh.sys, ceeqjze2.sys - Trojan-Downloader.Win32.Hmir.dgq,
8xbw.dll, a4x5j9vn.dll - Trojan-Downloader.Win32.Agent.toz,
an006.exe_ - Trojan-Downloader.Win32.Agent.tpa,
jxsjwg.exe_ - Trojan.Win32.Agent.rsm

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

sam.to

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.alsf        檔案: C:\Documents and Settings\kato9096\桌面\orz.rar/orz.exe//PE_Patch//UPack

风野胤

原帖由 jimmyleo 于 2008-6-15 15:28 发表
阿胤的脑袋没了==

重新上传下吧

正在喝水呢
差点喷电脑上
嘛
弄头像去
都不知道弄什么头像好

maxutao

我还没下下来，就被小a的网络监控给咔嚓了

sam.to

Filename         Result
f91.bmp          MALWARE

The file 'f91.bmp' has been determined to be 'MALWARE'. Our analysts named the threat ADSPY/BDSearch.CVA. The term "ADSPY/" denotes adware or spyware. This type of malware is able to change browser settings for example by manipulating registry settings or by using of NTFS-streams. Very often IEexploits are used to manipulate the browserhelp.dll.Detection is added to our virus definition file (VDF) starting with version 7.00.04.01.
Filename         Result
B791.DLL          MALWARE

The file 'B791.DLL' has been determined to be 'MALWARE'. Our analysts named the threat ADSPY/Bho.bcx. The term "ADSPY/" denotes adware or spyware. This type of malware is able to change browser settings for example by manipulating registry settings or by using of NTFS-streams. Very often IEexploits are used to manipulate the browserhelp.dll.Detection is added to our virus definition file (VDF) starting with version 7.00.04.55.
Filename         Result
~TMPPLS.DAT          CLEAN

The file '~TMPPLS.DAT' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.