大小: 30720 字节
qa^,�:KF�H 修改时间: 2007年9月13日, 9:47:16
�e���W:0�� MD5: 119C2D7E9B941D19F13391E9730231FE
*}�J�]|HZ� SHA1: 06453033C1964D213B9973E1EB73BEED1DFD7CB0
#��=�f�,. CRC32: 6675DD20
nf%&w�F8=! h)c��W�:�L 病毒发作过程:
NYP�Wsd� � 创建文件项
*�\;R$X)�� C:\WINNT\mppds.exe
N��_u��]�� C:\WINNT\system32\mppds.dll
u\�B:%z#rR ]VV;M�il�� 注册表动作
\���E�`��K HKLM\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\RUN
�7R��AsW*8 _w_Ar 3t`G 简单清除方法:
c4=\@�g�.� 删除病毒创建在系统盘的病毒文件mppds.exe,mppds.dll
Yk�8+E/3h� 请在安全模式下操作。开机按F8进入安全模式
Cr]:C�YV�b 最后删除病毒注册表动作,即可。
5tn6i#��!\ �6gWu6�>/� File: mppds.exe
C)& "<#^8� Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's
_,vf:BvI;M }_$>^�g.ct scan results will not be stored in the database)
S))EaXXZ�b MD5: 119c2d7e9b941d19f13391e9730231fe
i�Vj�R6.,r Packers detected: -
79C�::�Uz) Bit9 reports: Not analyzed yet (more info)
b�`7'L(.�O JHe^<t;<oB Scanner results
.Q;kFb,;-g Scan taken on 05 Oct 2007 14:45:31 (GMT)
[iXT@�][q1 A-Squared Found nothing
/1euL�$TF AntiVir Found TR/OnLineGames.23552.1
!�Ao
M��v� ArcaVir Found nothing
RAC;/\\
(M Avast Found Win32:Onlinegames-AUJ
��{*M}Dv�� AVG Antivirus Found Generic7.KYW
F�pzpW�2�: BitDefender Found DeepScan:Generic.PWS.Games.1.A20C0005
S>BX[i�5je ClamAV Found Trojan.Spy-12790
��C��l@h�� CPsecure Found Troj.PSW.W32.OnLineGames.cur
Iyxuo�E">b Dr.Web Found Trojan.PWS.Gamania.3990
gz_T&i<4tW F-Prot Antivirus Found nothing
t�R 7Gn5g\ F-Secure Anti-Virus Found Trojan-PSW.Win32.OnLineGames.cur
J^�'�uu�^) Fortinet Found W32/Dropper.CUR!tr.pws
[�`G$�7MGQ Kaspersky Anti-Virus Found Trojan-PSW.Win32.OnLineGames.cur
^wq`FQ0l�F NOD32 Found a variant of Win32/PSW.OnLineGames.NFL
��
V�a`�y- Norman Virus Control Found W32/OnLineGames.MNK
�su+@pZ�b@ Panda Antivirus Found Trj/Lineage.FJU
�q2�#GgEUf Rising Antivirus Found Trojan.PSW.Win32.OnlineGames.ypz
d�R5fqGH`> Sophos Antivirus Found Mal/Gampass-A, Mal/Dropper-P
�>m,-|<>�j VirusBuster Found Trojan.OnlineGames.Gen.43
��X�6i�=lT VBA32 Found MalwareScope.Trojan-PSW.Game.12
%E'�L�X^�� 4G�bU(9N3� 病毒样本位置:
�VW�9&m�) http://avfbbs.80port.net/read-htm-tid-18373.html
