邮箱里找出来的07年4月的病毒，还有漏的

ccfish

N久前的病毒　其中一个竟然过了微点．．．．好像是f11.exe不过由于是实机，没敢进一步试．．．．

是邮箱里找出来的，07年4月的病毒

2008-11-08 16:22:08 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DRIVERS\NPF.SYS D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:22:08 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SYSTEMT.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:22:08 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WPCAP.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:56 C:\WINDOWS\SYSTEM32\SYSTEMT.EXE C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F11.EXE

时间 处理结果 木马名称 木马进程名 木马文件创建者
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.amin C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ZTSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.WOW.nbz C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WOSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.aiem C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WMSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.afnu C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WLSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.aicq C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WGSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.gqb C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\QQSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.aihg C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\MYSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.gqk C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\FYSO0.DLL D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.cjk C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F9.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.cir C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F8.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.chp C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F7.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.civ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F6.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:09 处理成功 Trojan-PSW.Win32.OnLineGames.cip C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F5.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:06 处理成功 Trojan-PSW.Win32.GamePass.aih C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F4.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:03 处理成功 Trojan-PSW.Win32.OnLineGames.clt C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F3.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:21:01 处理成功 Trojan-PSW.Win32.WOW.aph C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F1.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:20:58 处理成功 Trojan-PSW.Win32.OnLineGames.cio C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F10.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:20:54 处理成功 Trojan-PSW.Win32.OnLineGames.cjd C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F2.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE
2008-11-08 16:20:40 处理成功 Backdoor.Win32.Agent.dcr C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\病毒ESET\ESET\1EXPLORE.EXE D:\PROGRAM FILES\WINRAR\WINRAR.EXE

jack518

小红伞飘过

[ 本帖最后由 jack518 于 2008-11-8 17:31 编辑 ]

ccfish

我汗，我加密了你也直接扫？

太强悍了～　雷死人不偿命

fzz8848

全灭
Begin scan in 'E:\Download\Virus\病毒f11'
E:\Download\Virus\病毒f11\病毒system_tempTemp.rar
    [0] Archive type: RAR
    --> f2.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f10.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f11.exe
      [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
      --> f11.exe
        [1] Archive type: RAR SFX (self extracting)
        --> wpcap.dll
          [DETECTION] Is the TR/Crypt.NSPM.AD Trojan
        --> systemt.exe
          [DETECTION] Is the TR/Crypt.NSPI.Gen Trojan
    --> f1.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f3.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f4.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f5.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f6.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f7.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f8.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> f9.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> fyso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> jtso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> mhso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> myso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> qqso0.dll
      [DETECTION] Is the TR/PSW.Onlineg.ox.6 Trojan
    --> wgso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wlso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wmso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> woso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> ztso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\病毒f11\病毒user_temp.rar
    [0] Archive type: RAR
    --> wmso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wgso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wlso.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wlso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wmso.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> wgso.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> woso.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> woso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> ztso.exe
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    --> ztso0.dll
      [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\病毒f11\病毒Eset.rar
    [0] Archive type: RAR
    --> Eset\1explore.exe
      [DETECTION] Is the TR/Crypt.NSAnti.Gen Trojan
    [NOTE]      The file was deleted!

[ 本帖最后由 fzz8848 于 2008-11-8 17:37 编辑 ]

syfwxmh

kaspersky kill all

zwl2828

C:\Users\Wesley\Downloads\病毒f11\病毒Eset.rar » RAR » Eset\1explore.exe - Win32/Pacex.Gen virus
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f2.exe - Win32/PSW.Agent.NEB trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f10.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f11.exe » RAR » systemt.exe - probably a variant of Win32/Agent trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f11.exe » RAR » Packet.dll - archive damaged - the file could not be extracted.
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f1.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f3.exe - Win32/PSW.Agent.NEA trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f4.exe - Win32/PSW.Agent.NEB trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f5.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f6.exe - Win32/PSW.Agent.NEB trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f7.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f8.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » f9.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » fyso0.dll - probably a variant of Win32/PSW.OnLineGames trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » jtso0.dll - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » mhso0.dll - Win32/PSW.Agent.NFK trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » myso0.dll - probably a variant of Win32/PSW.OnLineGames trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » qqso0.dll - probably a variant of Win32/PSW.OnLineGames trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » wgso0.dll - a variant of Win32/PSW.OnLineGames.NDV trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » wlso0.dll - a variant of Win32/PSW.OnLineGames.NDV trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » wmso0.dll - a variant of Win32/PSW.OnLineGames.NDV trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » woso0.dll - Win32/PSW.Agent.NFI trojan
C:\Users\Wesley\Downloads\病毒f11\病毒system_tempTemp.rar » RAR » ztso0.dll - probably a variant of Win32/Genetik trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » wmso0.dll - a variant of Win32/PSW.OnLineGames.NDV trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » wgso0.dll - a variant of Win32/PSW.OnLineGames.NDV trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » wlso.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » wlso0.dll - a variant of Win32/PSW.OnLineGames.NDV trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » wmso.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » wgso.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » woso.exe - Win32/PSW.Agent.NDZ trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » woso0.dll - Win32/PSW.Agent.NFI trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » ztso.exe - Win32/PSW.Agent.NEB trojan
C:\Users\Wesley\Downloads\病毒f11\病毒user_temp.rar » RAR » ztso0.dll - probably a variant of Win32/Genetik trojan

jack518

原帖由 ccfish 于 2008-11-8 17:34 发表
我汗，我加密了你也直接扫？

太强悍了～　雷死人不偿命

你不说,谁晓得

[ 本帖最后由 jack518 于 2008-11-8 17:42 编辑 ]

daojian

avast  全歼！

kingmuro

老病毒过杀软很正常，不稀奇！