[病毒样本] 20x

显示全部楼层 · 发表于 2009-1-6 11:52:17

笑的很XE.。。。。。。。。。。。。。

显示全部楼层 · 发表于 2009-1-6 11:56:16

Scanned file: 20.rar - Infected

20.rar/4d1f4739c815eccb99499d777c5718f2.exe - infected by Trojan-PSW.Win32.OnLineGames.alox
20.rar/4ed17d42353a53d0b9e6170cec1ff1be.exe - infected by Trojan-PSW.Win32.OnLineGames.ajti
20.rar/5a9917e3d8d491881005ed3b65ff4c93.exe - infected by Trojan-PSW.Win32.QQPass.jd
20.rar/5fc8ddc434a6c0bc55b07b2d3bd0735e.exe - infected by Trojan-GameThief.Win32.OnLineGames.alme
20.rar/94b29eae12e0bef22ba50838458ef3f1.exe - infected by Trojan-PSW.Win32.OnLineGames.amsc
20.rar/467c6b096343998a0b58504542a7b786.exe - infected by Trojan-GameThief.Win32.OnLineGames.aloc
20.rar/869b858870ca9e0395f588655ed0824c.exe - infected by Trojan-PSW.Win32.OnLineGames.alni
20.rar/37483cb553d7265489bb0e2cd80b0201.exe - infected by Trojan-GameThief.Win32.OnLineGames.almh
20.rar/43065854a04e7cfc8c7da442469013b7.exe - infected by Trojan-PSW.Win32.OnLineGames.ahnr
20.rar/bab4f4cdd38cf52b7904064bbda748cc.exE - infected by Trojan-GameThief.Win32.OnLineGames.almd
20.rar/bad882454aa6b343af579211b959c916.exe - infected by Trojan-PSW.Win32.OnLineGames.ajsz
20.rar/c66bbe1a1d21848d944991db4da7454d.exe - infected by Trojan.Win32.StartPage.beo
20.rar/c2167113a9b6e116e152e7d324ea32e9.exe - infected by Trojan-PSW.Win32.Lmir.bvh
20.rar/cc1d71c8f90e583cbf64961a81c81558.exe - infected by Trojan-GameThief.Win32.OnLineGames.amog
20.rar/ce1d863b0f9e8ee3f77f9eae82b0a095.exe - infected by Trojan.Win32.Pakes.dax
20.rar/d51d2fde64e96baf4e7d82fb19cbfad4.exe - infected by Trojan-PSW.Win32.OnLineGames.allu
20.rar/f788ff29cbc95440bca11a42d4816578.exe - infected by Trojan-PSW.Win32.OnLineGames.alor
20.rar/f02592d7ae7fd693d5ada25ba23eecfe.exe - infected by Trojan-GameThief.Win32.OnLineGames.almz
20.rar/2c1d6da2a645c14750d15259ab16c460.exe - infected by Trojan-GameThief.Win32.OnLineGames.amoh
20.rar/2c80efed683873a3fe6e7153317bfd69.exe - infected by Trojan-PSW.Win32.OnLineGames.aqqw

Statistics:

Known viruses:	1567766	Updated:	06-01-2009
File size (Kb):	418	Virus bodies:	20
Files:	20	Warnings:	0
Archives:	1	Suspicious:	0

显示全部楼层 · 发表于 2009-1-6 12:18:33

Starting the file scan:

Begin scan in 'C:\Users\Kitman\Desktop\20'
C:\Users\Kitman\Desktop\20\2c1d6da2a645c14750d15259ab16c460.exe
[DETECTION] Is the TR/PSW.21504.6 Trojan
[NOTE]    A backup was created as '4993dbe4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\2c80efed683873a3fe6e7153317bfd69.exe
   [DETECTION] Is the TR/PSW.Online.alo Trojan
[NOTE]    A backup was created as '499adbe4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\37483cb553d7265489bb0e2cd80b0201.exe
[DETECTION] Is the TR/PSW.OnlineGames.almh.1 Trojan
[NOTE]    A backup was created as '4996dbb8.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\43065854a04e7cfc8c7da442469013b7.exe
[DETECTION] Is the TR/PSW.OnlineGames.ahnr Trojan
[NOTE]    A backup was created as '4992dbb4.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\467c6b096343998a0b58504542a7b786.exe
[DETECTION] Is the TR/PSW.16493 Trojan
[NOTE]    A backup was created as '4999dbb7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\4d1f4739c815eccb99499d777c5718f2.exe
[DETECTION] Is the TR/PSW.18417.1 Trojan
[NOTE]    A backup was created as '4993dbe5.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\4ed17d42353a53d0b9e6170cec1ff1be.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49c6dbe6.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\5a9917e3d8d491881005ed3b65ff4c93.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    A backup was created as '499bdbe2.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\5fc8ddc434a6c0bc55b07b2d3bd0735e.exe
[DETECTION] Is the TR/PSW.OnlineGames.alme.1 Trojan
[NOTE]    A backup was created as '49c5dbe7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\869b858870ca9e0395f588655ed0824c.exe
[DETECTION] Is the TR/PSW.OnlineGames.alni Trojan
[NOTE]    A backup was created as '499bdbb7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\94b29eae12e0bef22ba50838458ef3f1.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.OnlineGames.NVI.274 Trojan
[NOTE]    A backup was created as '49c4dbb5.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\bab4f4cdd38cf52b7904064bbda748cc.exE
[DETECTION] Is the TR/PSW.OnlineGames.almd Trojan
[NOTE]    A backup was created as '49c4dbe2.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\bad882454aa6b343af579211b959c916.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49c6dbe2.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\c2167113a9b6e116e152e7d324ea32e9.exe
[DETECTION] Contains HEUR/Crypted suspicious code
[NOTE]    The detection was classified as suspicious.
[NOTE]    A backup was created as '4993dbb3.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\c66bbe1a1d21848d944991db4da7454d.exe
[DETECTION] Is the TR/Agent.43569 Trojan
[NOTE]    A backup was created as '4998dbb7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\cc1d71c8f90e583cbf64961a81c81558.exe
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.OnlineGames.NVI.263 Trojan
[NOTE]    A backup was created as '4a41474d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\ce1d863b0f9e8ee3f77f9eae82b0a095.exe
[DETECTION] Is the TR/Proxy.Delf.CA Trojan
[NOTE]    A backup was created as '4993dbe6.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\d51d2fde64e96baf4e7d82fb19cbfad4.exe
   [DETECTION] Is the TR/PSW.Online.alq Trojan
[NOTE]    A backup was created as '4993dbb7.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\f02592d7ae7fd693d5ada25ba23eecfe.exe
[DETECTION] Is the TR/PSW.OnlineGames.almz Trojan
[NOTE]    A backup was created as '4994dbb2.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\Kitman\Desktop\20\f788ff29cbc95440bca11a42d4816578.exe
[DETECTION] Is the TR/PSW.OnlineGames.alor.1 Trojan
[NOTE]    A backup was created as '499adbb9.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2009年1月6日  12:18
Used time: 00:02 Minute(s)

The scan has been done completely.

   1 Scanning directories
   20 Files were scanned
   19 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   20 files were deleted
   0 files were repaired
   20 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   0 Archives were scanned
   0 Warnings
   20 Notes

显示全部楼层 · 发表于 2009-1-6 12:19:39

刚回来,挺快啊

显示全部楼层 · 发表于 2009-1-6 12:31:41

显示全部楼层 · 发表于 2009-1-6 12:42:19

C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 4d1f4739c815eccb99499d777c5718f2.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 4ed17d42353a53d0b9e6170cec1ff1be.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 5a9917e3d8d491881005ed3b65ff4c93.exe - 可能是 Win32/PSW.Delf.NLZ 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 5fc8ddc434a6c0bc55b07b2d3bd0735e.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 94b29eae12e0bef22ba50838458ef3f1.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 467c6b096343998a0b58504542a7b786.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 869b858870ca9e0395f588655ed0824c.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 37483cb553d7265489bb0e2cd80b0201.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 43065854a04e7cfc8c7da442469013b7.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > bab4f4cdd38cf52b7904064bbda748cc.exE - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > bad882454aa6b343af579211b959c916.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > c66bbe1a1d21848d944991db4da7454d.exe - 未查明的 NewHeur_PE 病毒 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > c2167113a9b6e116e152e7d324ea32e9.exe - Win32/Kryptik.AE 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > cc1d71c8f90e583cbf64961a81c81558.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > ce1d863b0f9e8ee3f77f9eae82b0a095.exe - Win32/Delf.NMC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > d51d2fde64e96baf4e7d82fb19cbfad4.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > f788ff29cbc95440bca11a42d4816578.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > f02592d7ae7fd693d5ada25ba23eecfe.exe - Win32/PSW.OnLineGames.NWC 特洛伊木马 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 2c1d6da2a645c14750d15259ab16c460.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分
C:\Documents and Settings\Administrator\桌面\20.rar > RAR > 2c80efed683873a3fe6e7153317bfd69.exe - 可能是 Win32/PSW.OnLineGames.NWC 特洛伊木马的变种 - 是已删除对象的一部分

显示全部楼层 · 发表于 2009-1-6 12:51:58

显示全部楼层 · 发表于 2009-1-6 15:07:24

瑞星19个

显示全部楼层 · 发表于 2009-1-6 15:24:05

mfcs 19

[病毒样本] 20x

本帖子中包含更多资源

本帖子中包含更多资源

厉害的伞全kill

本帖子中包含更多资源

[病毒样本] 20x

本帖子中包含更多资源

本帖子中包含更多资源

厉害的伞 全kill

本帖子中包含更多资源

厉害的伞全kill