收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 Hunter Work:酷狗音乐首页隐蔽挂马详细分析+72只马
123
返回列表 发新帖
楼主: ryota
 收起左侧

[病毒样本] Hunter Work:酷狗音乐首页隐蔽挂马详细分析+72只马

[复制链接]
swordlea
发表于 2008-6-23 13:47:05 | 显示全部楼层
原帖由 FBAV 于 2008-6-23 13:36 发表


的确是
我天天在黑盟转
找新壳……


常常看到一些恶意代码是以不加壳的姿态悍然出现,反而让人感觉有些虚实难辨。
回复

举报

aerbeisi
发表于 2008-6-23 14:35:40 | 显示全部楼层

NOD32 65个

回复

举报

kkgh
发表于 2008-6-23 17:04:40 | 显示全部楼层
费尔全杀

瑞星病毒查杀结果报告

清除病毒种类列表:
病毒: Trojan.PSW.Win32.ZhengTu.ynv
病毒: Trojan.PSW.Win32.GameOL.odt
病毒: Trojan.PSW.Win32.ZhuXian.hx
病毒: Trojan.PSW.Win32.GameOL.oci
病毒: Trojan.PSW.Win32.ZeroOnline.dv
病毒: Trojan.PSW.Win32.Mapdimp.a
病毒: Trojan.PSW.Win32.GameOL.nve
病毒: RootKit.Win32.RESSDT.bf  
病毒: Trojan.PSW.Win32.GameOL.nxf
病毒: Trojan.PSW.Win32.GameOL.nwk
病毒: Trojan.PSW.Win32.GameOL.nzp
病毒: Trojan.PSW.Win32.GameOL.ods
病毒: Trojan.PSW.Win32.GameOL.ocy
病毒: Trojan.PSW.Win32.GameOL.odw
病毒: Trojan.PSW.Win32.RocOnline.lf
病毒: Worm.Win32.PaBug.hq      
病毒: Trojan.PSW.Win32.GameOL.ofr
病毒: Trojan.PSW.Win32.GameOL.oek
病毒: Trojan.PSW.Win32.GameOL.nvl
病毒: Trojan.IMMSG.Win32.TBMSG.lj
病毒: Trojan.Win32.Undef.igu   
病毒: Trojan.Win32.AntiAV.aj   
病毒: RootKit.Win32.Agent.bcj  
病毒: RootKit.Win32.Agent.bcj  

用户来源:互联网

软件版本:20.50.01

68个
回复

举报

qigang
发表于 2008-6-23 21:33:19 | 显示全部楼层

158/70

瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.PSW.Win32.GameOL.ofr
病毒: Trojan.PSW.Win32.GameOL.oek
病毒: Trojan.PSW.Win32.GameOL.nvl
病毒: Trojan.PSW.Win32.ZhengTu.ynv
病毒: Trojan.PSW.Win32.GameOL.oci
病毒: Trojan.IMMSG.Win32.TBMSG.lj
病毒: Trojan.Win32.Undef.igu   
病毒: Trojan.Win32.AntiAV.aj   
病毒: Trojan.PSW.Win32.GameOL.odt
病毒: Trojan.PSW.Win32.ZhuXian.hx
病毒: RootKit.Win32.Agent.bcj  
病毒: RootKit.Win32.Agent.bcj  
病毒: Trojan.PSW.Win32.ZeroOnline.dv
病毒: Trojan.PSW.Win32.Mapdimp.a
病毒: Trojan.PSW.Win32.GameOL.nve
病毒: RootKit.Win32.RESSDT.bf  
病毒: Trojan.PSW.Win32.GameOL.nxf
病毒: Trojan.PSW.Win32.GameOL.nwk
病毒: Trojan.PSW.Win32.GameOL.nzp
病毒: Trojan.PSW.Win32.GameOL.ods
病毒: Trojan.PSW.Win32.GameOL.ocy
病毒: Trojan.PSW.Win32.GameOL.odw
病毒: Trojan.PSW.Win32.RocOnline.lf
病毒: Worm.Win32.PaBug.hq      

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.50.02
回复

举报

醉一生爱妍
发表于 2008-6-23 21:40:19 | 显示全部楼层
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\a3.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\b11.exe - Win32/PSW.OnLineGames.ZJK 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\b31.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\c32.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\e1.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\e26.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\f34.exe - Win32/TrojanDownloader.Flux 特洛伊木马
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\gd.exe - 未查明的 NewHeur_PE 病毒
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\google.exe - 可能是 Win32/Jalous 蠕虫 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\h30.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\i8.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\j17.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\j4.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\l10.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\l18.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\m13.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\m23.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\m28.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\m6.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max.exe - 可能是 Win32/TrojanDownloader.Small.NZK 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max1.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max10.exe - 可能是 Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max11.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max12.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max13.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max14.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max15.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max16.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max17.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max18.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max19.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max2.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max20.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max21.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max22.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max23.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max24.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max25.exe - Win32/PSW.Agent.NHQ 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max26.exe - Win32/PSW.Agent.NHQ 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max27.exe - Win32/PSW.Agent.NHQ 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max28.exe - Win32/PSW.Agent.NHQ 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max29.exe - Win32/PSW.OnLineGames.ZJK 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max3.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max30.exe - Win32/PSW.OnLineGames.ZJK 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max31.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max32.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max35.exe - Win32/PSW.QQPass.NCZ 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max4.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max5.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max6.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max7.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max8.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\max9.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\n14.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\o15.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\o24.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\p21.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\p35.exe - Win32/PSW.QQPass.NCZ 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\r2.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\r7.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\t20.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\v27.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\x9.exe - 可能是 Win32/PSW.OnLineGames.NML 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\y5.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\mm[1]\mm\z12.exe - Win32/PSW.OnLineGames.OAF 特洛伊木马 的变种
回复

举报

woai_jolin
发表于 2008-6-23 22:04:56 | 显示全部楼层
2008-6-23 22:04:57        Real-time file system protection        file        G:\v\mm\z12.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:55        Real-time file system protection        file        G:\v\mm\y5.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:54        Real-time file system protection        file        G:\v\mm\x9.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:52        Real-time file system protection        file        G:\v\mm\v27.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:50        Real-time file system protection        file        G:\v\mm\t20.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:49        Real-time file system protection        file        G:\v\mm\r7.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:47        Real-time file system protection        file        G:\v\mm\r2.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:46        Real-time file system protection        file        G:\v\mm\p35.exe        a variant of Win32/PSW.QQPass.NCZ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:44        Real-time file system protection        file        G:\v\mm\p21.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:42        Real-time file system protection        file        G:\v\mm\o24.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:41        Real-time file system protection        file        G:\v\mm\o15.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:39        Real-time file system protection        file        G:\v\mm\n14.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:38        Real-time file system protection        file        G:\v\mm\max9.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:36        Real-time file system protection        file        G:\v\mm\max8.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:34        Real-time file system protection        file        G:\v\mm\max7.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:33        Real-time file system protection        file        G:\v\mm\max6.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:31        Real-time file system protection        file        G:\v\mm\max5.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:30        Real-time file system protection        file        G:\v\mm\max4.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:28        Real-time file system protection        file        G:\v\mm\max35.exe        a variant of Win32/PSW.QQPass.NCZ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:27        Real-time file system protection        file        G:\v\mm\max32.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:25        Real-time file system protection        file        G:\v\mm\max31.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:24        Real-time file system protection        file        G:\v\mm\max30.exe        a variant of Win32/PSW.OnLineGames.ZJK trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:22        Real-time file system protection        file        G:\v\mm\max3.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:20        Real-time file system protection        file        G:\v\mm\max29.exe        a variant of Win32/PSW.OnLineGames.ZJK trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:18        Real-time file system protection        file        G:\v\mm\max28.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:17        Real-time file system protection        file        G:\v\mm\max27.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:15        Real-time file system protection        file        G:\v\mm\max26.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:13        Real-time file system protection        file        G:\v\mm\max25.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:12        Real-time file system protection        file        G:\v\mm\max24.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:10        Real-time file system protection        file        G:\v\mm\max23.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:09        Real-time file system protection        file        G:\v\mm\max22.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:07        Real-time file system protection        file        G:\v\mm\max21.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:05        Real-time file system protection        file        G:\v\mm\max20.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:04        Real-time file system protection        file        G:\v\mm\max2.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:02        Real-time file system protection        file        G:\v\mm\max19.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:04:00        Real-time file system protection        file        G:\v\mm\max18.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:59        Real-time file system protection        file        G:\v\mm\max17.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:57        Real-time file system protection        file        G:\v\mm\max16.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:55        Real-time file system protection        file        G:\v\mm\max15.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:54        Real-time file system protection        file        G:\v\mm\max14.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:52        Real-time file system protection        file        G:\v\mm\max13.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:51        Real-time file system protection        file        G:\v\mm\max12.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:49        Real-time file system protection        file        G:\v\mm\max11.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:47        Real-time file system protection        file        G:\v\mm\max10.exe        probably a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:46        Real-time file system protection        file        G:\v\mm\max1.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:44        Real-time file system protection        file        G:\v\mm\max.exe        probably a variant of Win32/TrojanDownloader.Small.NZK trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:42        Real-time file system protection        file        G:\v\mm\m6.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:41        Real-time file system protection        file        G:\v\mm\m28.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:39        Real-time file system protection        file        G:\v\mm\m23.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:38        Real-time file system protection        file        G:\v\mm\m13.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:36        Real-time file system protection        file        G:\v\mm\l18.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:34        Real-time file system protection        file        G:\v\mm\l10.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:33        Real-time file system protection        file        G:\v\mm\j4.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:31        Real-time file system protection        file        G:\v\mm\j17.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:29        Real-time file system protection        file        G:\v\mm\i8.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:28        Real-time file system protection        file        G:\v\mm\h30.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:26        Real-time file system protection        file        G:\v\mm\google.exe        probably a variant of Win32/Jalous worm        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:24        Real-time file system protection        file        G:\v\mm\gd.exe        probably unknown NewHeur_PE virus        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:23        Real-time file system protection        file        G:\v\mm\f34.exe        Win32/TrojanDownloader.Flux trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:22        Real-time file system protection        file        G:\v\mm\e26.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:20        Real-time file system protection        file        G:\v\mm\e1.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:19        Real-time file system protection        file        G:\v\mm\c32.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:17        Real-time file system protection        file        G:\v\mm\b31.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:15        Real-time file system protection        file        G:\v\mm\b11.exe        a variant of Win32/PSW.OnLineGames.ZJK trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-23 22:03:13        Real-time file system protection        file        G:\v\mm\a3.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
回复

举报

woai_jolin
发表于 2008-6-23 22:07:09 | 显示全部楼层
UUSEEM~1.EXE

2008-6-23 22:06:49        HTTP filter        file        http://jan1.fdsjan.cn/max1.exe        a variant of Win32/PSW.OnLineGames.OAF trojan        connection terminated - quarantined        10C3F72C72244B2\Administrator        Threat was detected upon access to web by the application: G:\v\mm\UUSEEM~1.EXE.

其余全是尸体
回复

举报

123
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-28 09:32 , Processed in 0.097096 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表