33x - [金山江民卡巴打了很多酱油]

will

金山、江民、卡巴打了很多酱油。。。


[ 本帖最后由 will 于 2008-11-22 12:38 编辑 ]

syfwxmh

TO KL

luxiao200888

C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/cb.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/cqsj.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/cqwz.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/dh3.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/dj.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/dxc.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/fh.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/hx2.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/hxmf.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/jr.exe - probably a variant of Win32/PSW.OnLineGames.NXI trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/jxsj.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/jz.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/kdxy.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/mh.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/my.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/qq.exe - Win32/PSW.Delf.NLZ trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/qqhuaxia.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/qqhx.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/qqsg.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/qqzyhx.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/rxcq.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/rxjh.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/services.exe - Win32/TrojanDownloader.Agent.OMQ trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/tl.exe - Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/tx2.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/wd.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/wl.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/wmgj.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/wow.exe - Win32/PSW.WOW.NFW trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/xx.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/zt.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/zx.exe - a variant of Win32/PSW.OnLineGames.NRD trojan
C:\Documents and Settings\Owner\桌面\MCLS.zip.zip » ZIP » MCLS/Nskhelper2.sys - Win32/TrojanDownloader.Agent.OMQ trojan

兵者

小a 还没下载就给拦了

挪威的冬天

信息        2008-11-22  12:18:26        您此次查毒隔离了12个文件                       
信息        2008-11-22  12:18:26        您此次查毒共查出12个病毒以及危险代码                       
信息        2008-11-22  12:18:26        您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件66个                       
信息        2008-11-22  12:18:26        金山毒霸主程序查毒过程结束，查毒方式：命令行查毒                       

金山毒霸可信认证技术查询结果如下

cb.exe     -----------     未知
cqsj.exe     -----------     未知
cqwz.exe     -----------     未知
dh3.exe     -----------     未知
dj.exe     -----------     未知
dxc.exe     -----------     未知
fh.exe     -----------     未知
hx2.exe     -----------     未知
hxmf.exe     -----------     未知
jr.exe     -----------     未知
jxsj.exe     -----------     未知
jz.exe     -----------     未知
kdxy.exe     -----------     未知
mh.exe     -----------     病毒
my.exe     -----------     未知
Nskhelper2.sys     -----------     分析中
qq.exe     -----------     未知
qqhuaxia.exe     -----------     未知
qqhx.exe     -----------     未知
qqsg.exe     -----------     病毒
qqzyhx.exe     -----------     未知
rxcq.exe     -----------     未知
rxjh.exe     -----------     未知
services.exe     -----------     未知
tl.exe     -----------     病毒
tx2.exe     -----------     未知
wd.exe     -----------     未知
wl.exe     -----------     未知
wmgj.exe     -----------     未知
wow.exe     -----------     未知
xx.exe     -----------     未知
zt.exe     -----------     未知

order110

下来测试，也要15的阅读权限啊，没天理

will

修改了下  主要是为了屏蔽一些机器人

kavfans99

共33文件，小红伞删了32只，miss 1 (Nskhelper2.sys)

Z:\MCLS\cb.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\cqsj.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\cqwz.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.evb root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\dh3.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Is the TR/PSW.OnlineGames.ZWI.6 Trojan
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\dj.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\dxc.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\fh.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\hx2.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\hxmf.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\jr.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\jxsj.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\jz.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\kdxy.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\mh.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.euu root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\my.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\qq.exe
    [DETECTION] Is the TR/ATRAPS.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\qqhuaxia.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\qqhx.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\qqsg.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.euu root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\qqzyhx.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.evb root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\rxcq.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\rxjh.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\services.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\tl.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.euu root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\tx2.exe
    [0] Archive type: OVL
      --> Object
        [1] Archive type: RSRC
        --> Object
          [DETECTION] Contains recognition pattern of the RKIT/Agent.evb root kit
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\wd.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\wl.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\wmgj.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\wow.exe
    [DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
    [NOTE]      The file was deleted!
Z:\MCLS\xx.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\zt.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
Z:\MCLS\zx.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!


      1 Scanning directories
     33 Files were scanned
     39 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     32 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -6 Files not concerned
      0 Archives were scanned
      0 Warnings
     32 Notes

嘁。不稀罕~

CA29

tanlimo

还好nod32没打酱油

全灭

J:\MCLS.zip > ZIP > MCLS/cb.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/cqsj.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/cqwz.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/dh3.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/dj.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/dxc.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/fh.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/hx2.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/hxmf.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/jr.exe - 可能是 Win32/PSW.OnLineGames.NXI 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/jxsj.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/jz.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/kdxy.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/mh.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/my.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/qq.exe - Win32/PSW.Delf.NLZ 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/qqhuaxia.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/qqhx.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/qqsg.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/qqzyhx.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/rxcq.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/rxjh.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/services.exe - Win32/TrojanDownloader.Agent.OMQ 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/tl.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/tx2.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/wd.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/wl.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/wmgj.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/wow.exe - Win32/PSW.WOW.NFW 特洛伊木马
J:\MCLS.zip > ZIP > MCLS/xx.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/zt.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/zx.exe - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种
J:\MCLS.zip > ZIP > MCLS/Nskhelper2.sys - Win32/TrojanDownloader.Agent.OMQ 特洛伊木马