http://pk123.djdj4455.cn/pk/pk123.txt

显示全部楼层 · 发表于 2008-11-23 20:50:56

http://fuzai2.1949abab.cn/xiaoma/1.exe
http://fuzai2.1949abab.cn/xiaoma/2.exe
http://fuzai2.1949abab.cn/xiaoma/3.exe
http://fuzai2.1949abab.cn/xiaoma/4.exe
http://fuzai2.1949abab.cn/xiaoma/5.exe
http://fuzai2.1949abab.cn/xiaoma/6.exe
http://fuzai2.1949abab.cn/xiaoma/7.exe
http://fuzai2.1949abab.cn/xiaoma/8.exe
http://fuzai2.1949abab.cn/xiaoma/9.exe
http://fuzai2.1949abab.cn/xiaoma/11.exe
http://fuzai2.1949abab.cn/xiaoma/12.exe
http://fuzai2.1949abab.cn/xiaoma/13.exe
http://fuzai2.1949abab.cn/xiaoma/14.exe
http://fuzai2.1949abab.cn/xiaoma/15.exe
http://fuzai2.1949abab.cn/xiaoma/16.exe
http://fuzai2.1949abab.cn/xiaoma/17.exe
http://fuzai2.1949abab.cn/xiaoma/18.exe
http://fuzai2.1949abab.cn/xiaoma/19.exe
http://fuzai2.1949abab.cn/xiaoma/20.exe
http://fuzai2.1949abab.cn/xiaoma/21.exe
http://fuzai2.1949abab.cn/xiaoma/22.exe
http://fuzai2.1949abab.cn/xiaoma/23.exe
http://fuzai2.1949abab.cn/xiaoma/24.exe
http://fuzai2.1949abab.cn/xiaoma/25.exe
http://fuzai2.1949abab.cn/xiaoma/26.exe
http://fuzai2.1949abab.cn/xiaoma/27.exe
http://fuzai2.1949abab.cn/xiaoma/28.exe
http://fuzai2.1949abab.cn/xiaoma/29.exe
http://fuzai.1949abab.cn/xiaoma/30.exe
http://fuzai.1949abab.cn/xiaoma/31.exe
http://fuzai.1949abab.cn/xiaoma/32.exe
http://fuzai.1949abab.cn/xiaoma/33.exe
http://fuzai.1949abab.cn/xiaoma/34.exe
http://fuzai.1949abab.cn/xiaoma/35.exe
http://fuzai.1949abab.cn/xiaoma/36.exe
http://fuzai.1949abab.cn/xiaoma/37.exe
http://fuzai.1949abab.cn/xiaoma/38.exe
http://fuzai.1949abab.cn/xiaoma/39.exe
http://fuzai.1949abab.cn/xiaoma/40.exe
http://fuzai.1949abab.cn/xiaoma/41.exe
http://fuzai.1949abab.cn/xiaoma/42.exe
http://fuzai.1949abab.cn/xiaoma/43.exe
http://fuzai.1949abab.cn/xiaoma/44.exe
http://fuzai.1949abab.cn/xiaoma/45.exe
http://fuzai.1949abab.cn/xiaoma/46.exe
http://fuzai.1949abab.cn/xiaoma/47.exe
http://fuzai.1949abab.cn/xiaoma/48.exe
http://fuzai.1949abab.cn/xiaoma/49.exe
http://fuzai.1949abab.cn/xiaoma/50.exe
http://fuzai.1949abab.cn/xiaoma/51.exe
http://fuzai.1949abab.cn/xiaoma/52.exe

显示全部楼层 · 发表于 2008-11-23 20:55:46

EAV扫描日志
病毒库版本: 3632 (20081121)
日期: 2008-11-23 时间: 20:54:07
已扫描的磁盘、文件夹和文件: J:\virus.rar
J:\virus.rar > RAR > 19.exe - Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 20.exe - Win32/PSW.OnLineGames.NSG 特洛伊木马的变种
J:\virus.rar > RAR > 21.exe - Win32/PSW.OnLineGames.NSG 特洛伊木马的变种
J:\virus.rar > RAR > 22.exe - 可能是 Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 23.exe - Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 24.exe - 可能是 Win32/PSW.OnLineGames.MUG 特洛伊木马的变种
J:\virus.rar > RAR > 25.exe - Win32/PSW.OnLineGames.NSG 特洛伊木马的变种
J:\virus.rar > RAR > 26.exe - 可能是 Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 28(1).exe - Win32/PSW.OnLineGames.NSG 特洛伊木马的变种
J:\virus.rar > RAR > 30.exe - Win32/PSW.WOW.NFW 特洛伊木马
J:\virus.rar > RAR > 31.exe - Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
J:\virus.rar > RAR > 32.exe - Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
J:\virus.rar > RAR > 34.exe - Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
J:\virus.rar > RAR > 37.exe - Win32/PSW.OnLineGames.ODD 特洛伊木马的变种
J:\virus.rar > RAR > 7.exe - 可能是 Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 8.exe - Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 9.exe - Win32/PSW.OnLineGames.NXI 特洛伊木马的变种
J:\virus.rar > RAR > 38.exe - Win32/Agent.OLQ 特洛伊木马
J:\virus.rar > RAR > 46.exe - Win32/Agent.OCX 特洛伊木马的变种
J:\virus.rar > RAR > 47.exe > NSIS > Entries.bin - 正常
J:\virus.rar > RAR > 47.exe > NSIS > Strings.txt - 正常
J:\virus.rar > RAR > 47.exe > NSIS > System.dll - 正常
J:\virus.rar > RAR > 47.exe > NSIS > 36.exe > NSIS > Entries.bin - 正常
J:\virus.rar > RAR > 47.exe > NSIS > 36.exe > NSIS > Strings.txt - 正常
J:\virus.rar > RAR > 47.exe > NSIS > 36.exe > NSIS > System.dll - 正常
J:\virus.rar > RAR > 47.exe > NSIS > 36.exe > NSIS > 龏

显示全部楼层 · 发表于 2008-11-23 21:32:47

显示全部楼层 · 发表于 2008-11-23 21:34:13

ั上报9个到卡巴

显示全部楼层 · 发表于 2008-11-23 21:43:52

62 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 19.exe Trojan W32/OnLineGames.CFEP ()
   18266 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 20.exe Virus W32/Malware ()
      0 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 21.exe Trojan W32/OnLineGames.CEUO ()
   18187 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 22.exe Virus W32/Malware ()
   18406 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 23.exe Virus W32/Malware ()
   63 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 24.exe Trojan W32/Packed_Upack.A ()
   18328 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 25.exe Virus W32/Malware ()
   31 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 26.exe Trojan W32/OnLineGames.CFUC ()
   18219 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 28(1).exe Virus W32/Malware ()
   31 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 30.exe Trojan W32/OnLineGames.CDDA ()
   15 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 31.exe Trojan W32/Packed_Upack.A ()
   16 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 32.exe Trojan W32/Packed_Upack.A ()
   32 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 34.exe Trojan W32/Packed_Upack.A ()
   31 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 37.exe Trojan W32/Packed_Upack.A ()
      0 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 7.exe Trojan W32/OnLineGames.CEUW ()
      0 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 8.exe Trojan W32/OnLineGames.CFCJ ()
      0 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 9.exe Trojan W32/OnLineGames.CFDQ ()
   844 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 38.exe Virus W32/Malware ()
   1032 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 46.exe
   16 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 47.exe Aggressive commersial AdMedia.KF ()
   31 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 48.exe Trojan W32/Packed_Upack.A ()
   500 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 49.exe Trojan Dialer.dam ()
   32 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 50.exe Trojan W32/QQPass.LOZ ()
   265 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 52.exe
   18360 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 28.exe Virus W32/Malware ()
   16 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 11.exe Trojan W32/OnLineGames.CFMO ()
   32 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 6.exe Trojan W32/Packed_Nspack.A ()
   16 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 12.exe Trojan W32/Packed_Upack.A ()
   15 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 13.exe Trojan W32/OnLineGames.CFOT ()
   21047 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 14.exe Virus W32/Malware ()
   15 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 15.exe Trojan W32/Packed_Upack.A ()
   62 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 16.exe Trojan W32/OnLineGames.CFEZ ()
      0 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 17.exe Trojan W32/OnLineGames.CERS ()
   47 ms C:\Documents and Settings\Administrator\桌面\virus.rar : 18.exe Trojan W32/OnLineGames.CFDB ()

显示全部楼层 · 发表于 2008-11-23 22:27:54

费尔 MISS1

显示全部楼层 · 发表于 2008-11-23 22:32:11

木马名称:Trojan-PSW.Win32.OnLineGames.cyuf
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\20.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyne
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\21.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cysx
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\23.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyue
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\25.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cysp
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\26.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.Magania.cnm
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.Magania.eaz
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\37.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyhg
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\7.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyni
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\8.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyfi
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\9.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.Agent.ycd
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\38.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

广告软件名称:AdWare.Win32.AdMedia.du
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\47.EXE
是广告软件!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.QQPass.lsv
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\50.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Spy.Win32.Agent.vll
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\52.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cynr
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\11.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cysq
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\13.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyus
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.Magania.ebr
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\15.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyin
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\16.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyng
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\17.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.cyso
程序:
C:\DOCUMENTS AND SETTINGS\C\桌面\VIRUS\18.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

显示全部楼层 · 发表于 2008-11-23 22:38:04

Hello,

22.e3xe - Trojan-GameThief.Win32.Magania.alji,
24.ex3e - Trojan-GameThief.Win32.OnLineGames.tuhr

These files are already detected. Please update your antivirus bases.

28(1).ex2e, 28.ex3e - Trojan-GameThief.Win32.OnLineGames.tuis,
30.e2xe - Trojan-GameThief.Win32.WOW.cxq,
46.e2xe - Trojan.Win32.Agent.apui,
48.ex2e - Trojan-PSW.Win32.QQPass.ecy,
49.ex2e - Trojan-Dropper.Win32.Agent.aacr,
6.ex3e - Trojan.Win32.Agent.apup

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

显示全部楼层 · 发表于 2008-11-24 17:12:25

3a90402ff91a5f9be131d772e36576ec 17.exe
8dbd0051ae8dca3fe0c67be880334c9a 24.exe

to kl

17.exe_ - Trojan-GameThief.Win32.OnLineGames.tviq,
24.e3xe - Trojan-GameThief.Win32.OnLineGames.tvir,

[ 本帖最后由 sam.to 于 2008-11-30 00:45 编辑 ]

[已鉴定] http://pk123.djdj4455.cn/pk/pk123.txt

NORMAN 32个，8个沙盘发现！~