貌似是机器狗

显示全部楼层 · 发表于 2008-6-26 16:01:41

这个就是传说中的疯狗？

显示全部楼层 · 发表于 2008-6-26 16:02:32

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\DOWNLOADER'
C:\Documents and Settings\morgan\My Documents\DOWNLOADER\
  4561.swf
[0] Archive type: SWC
--> Object
  4562.swf
[0] Archive type: SWC
--> Object
  a3.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  b11.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
   [NOTE]    The file was deleted!
  b25.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  b31.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  c19.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  c32.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  e1.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  e26.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  f34.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/ATRAPS.Gen
   [NOTE]    The file was deleted!
  g16.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  google.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
      [2] Archive type: OVL
      --> Object
         [3] Archive type: Runtime Packed
         --> Object
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
   [NOTE]    The file was deleted!
  h30.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  i8.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  j17.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  j4.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  l10.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  l18.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  m13.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  m23.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  m28.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  m6.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  n14.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  o15.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  o24.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  p21.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  r2.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  r7.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  t20.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  u29.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  u33.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Popwin.bfu Backdoor server programs
   [NOTE]    The file was deleted!
  UUSeeMediaCenter.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  v27.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  x22.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  x9.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  y5.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  z12.exe
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!

End of the scan: 2008年6月26日  01:02
Used time: 00:05 min

The scan has been done completely.

   1 Scanning directories
   38 Files were scanned
   36 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   36 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   2 Files not concerned
   0 Archives were scanned
   0 Warnings
   36 Notes

显示全部楼层 · 发表于 2008-6-26 16:05:19

2008-6-26 16:04:57 http://bbs.kafan.cn/attachment.p ... OADER/e1.exe//UPack Thunder 已检测到: Trojan-PSW.Win32.OnLineGames.aphm
2008-6-26 16:04:57 http://bbs.kafan.cn/attachment.p ... OADER/e1.exe//UPack Thunder 拒绝: Trojan-PSW.Win32.OnLineGames.aphm

显示全部楼层 · 发表于 2008-6-26 16:05:28

费尔38

显示全部楼层 · 发表于 2008-6-26 18:20:49

显示全部楼层 · 发表于 2008-6-26 18:50:28

rs miss 4

显示全部楼层 · 发表于 2008-6-26 18:56:07

小红伞报了

显示全部楼层 · 发表于 2008-6-26 20:18:09

D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\e1.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\r2.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\a3.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\j4.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\y5.exe - probably a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\m6.exe - probably a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\r7.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\i8.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\x9.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\l10.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\b11.exe - a variant of Win32/PSW.OnLineGames.ZJK trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\z12.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\m13.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\n14.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\o15.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\g16.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\j17.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\l18.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\c19.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\t20.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\x22.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\o24.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\b25.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\p21.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\e26.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\m23.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\v27.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\m28.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\u29.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\h30.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\c32.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\u33.exe - Win32/TrojanDownloader.Flux trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\b31.exe - a variant of Win32/PSW.OnLineGames.OAF trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\f34.exe - a variant of Win32/PSW.QQPass.NCZ trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\google.exe - probably a variant of Win32/Genetik trojan
D:\Users\ekincheng\Desktop\DOWNLOADER.rar » RAR » DOWNLOADER\UUSeeMediaCenter.exe - probably a variant of Win32/Jalous worm

显示全部楼层 · 发表于 2008-6-26 20:32:10

D:\download\DOWNLOADER.rar>>DOWNLOADER\e1.exe TrojanPSW.OnLineGames.urs.bbpl 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\r2.exe TrojanPSW.OnLineGames.ascd.qtck 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\a3.exe TrojanPSW.OnLineGames.apms.dsel 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\j4.exe TrojanPSW.GameOL.odt.scch 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\y5.exe Trojan.Cap86250.zepz 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\m6.exe TrojanPSW.OnLineGames.Gen.kapt 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\r7.exe Trojan.Cap86130.xgax 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\i8.exe TrojanPSW.OnLineGames.urs.zzzv 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\x9.exe TrojanPSW.GameOL.odt.nimj 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\l10.exe TrojanPSW.OnLineGames.urs.xjnk 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\b11.exe TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\z12.exe Trojan.Cap861416.cnsi 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\m13.exe TrojanPSW.GameOL.odt.atyh 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\n14.exe Trojan.Cap861220.arsb 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\o15.exe TrojanPSW.OnLineGames.aiee.sjje 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\g16.exe TrojanPSW.OnLineGames.urs.adgq 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\j17.exe TrojanPSW.GameOL.odt.njmh 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\l18.exe TrojanPSW.OnLineGames.urs.rivp 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\c19.exe TrojanPSW.OnLineGames.urs.ggxu 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\t20.exe TrojanSpy.Gen.oili 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\x22.exe TrojanPSW.GameOL.odt.jwiz 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\o24.exe TrojanPSW.OnLineGames.urs.jsva 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\b25.exe Trojan.Cap86250.zaex 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\p21.exe TrojanPSW.OnLineGames.urs.wkrk 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\e26.exe Trojan.Cap86144.hbow 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\m23.exe TrojanPSW.GameOL.odt.xzjz 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\v27.exe Trojan.Cap86150.mbiz 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\m28.exe Trojan.Cap862122.aeng 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\u29.exe TrojanPSW.OnLineGames.apnd.lfwv 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\h30.exe Trojan.Cap862122.tlas 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\c32.exe TrojanPSW.OnlineGames.Gen.bzlg 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\u33.exe Backdoor.Popwin.bfu.imiw 后门还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\b31.exe TrojanPSW.OnLineGames.apnd.vniu 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\f34.exe Trojan.Delphi.Gen.bnik 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\4561.swf Exploit.SWF.Downloader.ci.gen 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\google.exe TrojanPSW.GamePass.Gen.rlnh 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\UUSeeMediaCenter.exe TrojanDownloader.Nurech.bd.bmqk 木马还未处理
D:\download\DOWNLOADER.rar>>DOWNLOADER\4562.swf Exploit.SWF.Downloader.ci.gen 木马还未处理

显示全部楼层 · 发表于 2008-6-26 20:51:26

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Undef.iko
病毒： Trojan.PSW.Win32.GameOL.odt
病毒： Trojan.PSW.Win32.ZhuXian.hx
病毒： Trojan.PSW.Win32.GameOL.ogc
病毒： Trojan.PSW.Win32.ZhengTu.ynv
病毒： Trojan.PSW.Win32.ZeroOnline.dv
病毒： Trojan.PSW.Win32.GameOL.oci
病毒： Trojan.PSW.Win32.RocOnline.lf
病毒： Trojan.PSW.Win32.GameOL.odw
病毒： Trojan.IMMSG.Win32.TBMSG.lj
病毒： Trojan.PSW.Win32.QQPass.doa
病毒： Trojan.Win32.AvKiller.cl

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.50.32

[已鉴定] 貌似是机器狗

80/34