Encounter Trojan-PSW.Win32.WOW, Trojan. psw. win32.onlinegames, Trojan. mnless. kks, etc. 2

Encounter Trojan-PSW.Win32.WOW, Trojan. psw. win32.onlinegames, Trojan. mnless. kks, etc. 2 EndurerOriginal
1It's okay that the version is not o20, so you don't have to worry about it ~ Download bat_do, freedll, fileinfo to the http://purpleendurer.ys168.com. I first uninstalled the producer of the Injection Process with freedll and exited with an error. Then I unloaded one. I don't remember which one caused the blue screen: Hard error. It seems that this stuff has Driver Protection ~ Force restart to the secure mode with network connection. Use fileinfo to extract file information, use bat_do to pack the backup, delete the backup in a delayed manner, generate a command to remove the attribute and delete the backup, and execute the command, execute the command at the next startup. The file 4 in o24 is not found ~ Start Kaka Security Assistant, select [advanced functions], and unmount o24 items in [Agent Management and uninstallation]. In [system startup Item Management, right-click the project corresponding to "O4" and "o23" and choose "delete" from the pop-up menu. Use WinRAR to delete windows temporary folders, ie temporary folders, and files that can be deleted in D:/Windows/prefetch. I picked up a few files and didn't want to use Kaspersky or rising star for scanning. There were quite a few files that could not be identified. I knew I would have taken all the file notes back: C:/Windows/winform.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:29
Access time: 13:36:40
Size: 12800 bytes, 12.512 KB
MD5: db27271f85143fbfe01f56769a59d17e report: Trojan. psw. win32.onlinegames. txe> Upx_c

Subject:	Re: winform.exe [KLAB-2569190]
Sender:	"" <Newvirus@kaspersky.com>	Sent:

Hello,
Winform.exe _- Trojan-PSW.Win32.OnLineGames.acf
New malicious software was found in this file. It's detection will be added in the next update. Thank you for your help.
Please quote all when answering.
--
Best regards, Alexander romanenko
Virus analyst, Kaspersky Lab. File description: C:/Windows/system32/winform. dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:33
Access time: 13:22:58
Size: 15872 bytes, 15.512 KB
MD5: 9b17354d7e44f1b654cff8ec29da3a13 file description: C:/Windows/cmdbcs.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:37:43
Size: 17408 bytes, 17.0 KB
MD5: 5e102a7a0b3e44e40787b32bf1bee06a file description: C:/Windows/system32/cmdbcs. dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:14:56
Access time: 13:23:13
Size: 22528 bytes, 22.0 KB
MD5: f30dbc1edad127cc302f0d6f7666eaeb file description: C:/Windows/msimms32.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:37:43
Size: 14336 bytes, 14.0 KB
MD5: 55b680df45eb4aecsc393eb6c95ee4c2 file description: C:/Windows/system32/msimms32.dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:14:56
Access time: 13:23:19
Size: 16896 bytes, 16.512 KB
MD5: 71d434552efd32f89e4b3ff1797421c7 file description: C:/Windows/mppds.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:31
Access time: 13:36:41
Size: 26112 bytes, 25.512 KB
MD5: c617a09a73f0cf9146d8819f60b16b56
Kaspersky reports Trojan-PSW.Win32.WOW.rsFile description: C:/Windows/system32/mptp.dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:34
Access time: 13:23:29
Size: 17920 bytes, 17.512 KB
MD5: f2164c9326e2b90400dfc9e829e6108ekaspersky: Trojan-PSW.Win32.WOW.rs 

Subject:	Virus report email analysis result-flow Ticket No.: 20070806143741461441
Sender:	"" <Send@rising.net.cn>	Sent:

Dear customer!
Your email has been received. Thank you for your support for rising.

We have analyzed your problems and files in detail. The following are the analysis results of the files you uploaded:
1. File Name: mppd.dll
Virus Name:Trojan. psw. win32.onlinegames. UBT

2. File Name: mppds.exe
Virus Name:Trojan. psw. win32.onlinegames. UBTFile description:C:/Windows/avpsrv.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:34
Access time: 13:36:42
Size: 14336 bytes, 14.0 KB
MD5: 4c29283cd8ff6d533b4b5b4939b213fe file description:C:/Windows/system32/avpsrv. dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:36
Access time: 13:23:35
Size: 17408 bytes, 17.0 KB
MD5: 4cf0e6ff35ff072f417c21fc083f21a file description:C:/Windows/kvsc3.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:30
Access time: 13:36:41
Size: 13824 bytes, 13.512 KB
MD5: a064a144ea8cb3740433a07d5896de72 file description:C:/Windows/system32/kvsc3.dll
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time: 13:15:33
Access time: 13:23:41
Size: 16896 bytes, 16.512 KB
MD5: 514f485d069fde7dce46c7349bc61599

Subject:	Virus report email analysis result-flow Ticket No.: 20070806143056621833
Sender:	"" Send@rising.net.cn	Sent :,

Dear customer!
Your email has been received. Thank you for your support for rising.

We have analyzed your problems and files in detail. The following are the analysis results of the files you uploaded:
1. File Name: kvsc3.dll
Virus Name:Trojan. psw. win32.shanda. t

2. File Name: kvsc3.exe
Virus Name:Trojan. psw. win32.shanda. t

The virus file you reported will be processed in version 19.35.11.

File description: C:/Windows/system32/af0d0e8e. dll
Attribute: ---
Language: English (USA)
File version:
Note:
Copyright: (c) Microsoft Corporation. All rights reserved.
Note:
Product Version:
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal Name:
Source File Name:
Creation Time:
Modification time: 12:40:11
Access time:
Size: 11888 bytes, 11.624 KB
MD5: 69ad1bb495599dd9f4d94224a17cd7a3 file description: C:/Windows/system32/a815a0f7. dll
Attribute: ---
Language: English (USA)
File version:
Note:
Copyright: (c) Microsoft Corporation. All rights reserved.
Note:
Product Version:
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 12:43:12
Modification time: 13:14:35
Access time: 13:24:15
Size: 57344 bytes, 56.0 KB
MD5: 637ba6675530238bc566df7f663e78b7kaspersky: Backdoor. win32.agent. ahj 

Subject:	Virus report email analysis result-flow Ticket No.: 20070806141902404133
Sender:	"" <Send@rising.net.cn>	Sent:

Dear customer!
Your email has been received. Thank you for your support for rising.

We have analyzed your problems and files in detail. The following are the analysis results of the files you uploaded:
1. File Name: a815a0f7. dll
Virus Name:Trojan. immsg. win32.tbmsg. jm

The virus file you reported will be processed in version 19.35.10. File description:C:/Windows/system32/6bd3f1dc.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 12:43:12
Modification time: 13:14:35
Access time: 13:24:30
Size: 11278 bytes, 11.14 KB
MD5: 67a1c0fe87bb4a941e48914ccb8f05d6 file description:C:/Windows/system32/nslookupi.exe
Property: ash-
An error occurred while obtaining the file version information!
Creation Time: 12:44:30
Modification time: 12:44:30
Access time: 13:24:34
Size: 25920 bytes, 25.320 KB
MD5: cca1bc3ce545bd909d8e6bb7031564ebkaspersky:Backdoor. win32.agent. ALHThe rising report isTrojan. mnless. kks> Upack0.39 file description:C:/Windows/system32/1f944ec3. exe
Attribute: ---
Language: English (USA)
File version:
Note:
Copyright: (c) Microsoft Corporation. All rights reserved.
Note:
Product Version:
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 12:43:12
Modification time: 12:43:11
Access time: 13:24:50
Size: 29859 bytes, 29.163 KB
MD5: 39cd83e15ee10967c48c9afd8ab61ba8kaspersky:Backdoor. win32.agent. ahj

Subject:	Virus report email analysis result-flow Ticket No.: 20070806140909527858
Sender:	"" <Send@rising.net.cn>	Sent:

Dear customer!
Your email has been received. Thank you for your support for rising.

We have analyzed your problems and files in detail. The following are the analysis results of the files you uploaded:
1. File Name: 1f944ec3. exe
Virus Name:Trojan. immsg. win32.tbmsg. jm

The virus file you reported will be processed in version 19.35.10.

File description: C:/auto.exe
Property: -- h-
Language: English (USA)
File version:
Note:
Copyright: (c) Microsoft Corporation. All rights reserved.
Note:
Product Version:
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 12:40:12
Modification time: 23:41:30
Access time: 13:30:10
Size: 18215 bytes, 17.807 KB
MD5: f21c33d66bccde144a41ccabd32c2606 Kaspersky: Virus. win32.autorun. ECThe rising report is Trojan. immsg. win32.tbmsg. HH> Nspack C:/Windows/system32/542de44. exe, D:/auto.exe, E:/auto.exe, F:/auto.exeSame as C:/auto.exe. File description: C:/Windows/system32/Drivers/bnhoenni. sys
Attribute: ---
Language: English (USA)
File version: 1.1.0.1015
Note:
Copyright:
Note:
Product Version: 1.1.0.1015
Product Name:
Company Name:
Legal trademark:
Internal Name:
Source File Name:
Creation Time: 9:59:26
Modification time: 9:59:26
Access time: 13:25:17
Size: 8192 bytes, 8.0 KB
MD5: 7ccad9cd0c8d7efbc37f0d4476ad55f7

Subject:	Re: bnhoenni. sys [KLAB-2569145]
Sender:	"" <Newvirus@kaspersky.com>	Sent:

Hello,
Bnhoenni. sys- Rootkit. win32.agent. Do
New malicious software was found in this file. It's detection will be added in the next update. Thank you for your help.
Please quote all when answering.
--
Best regards, Alexander romanenko
Virus analyst, Kaspersky Lab.

Subject:	Virus report email analysis result-flow Ticket No.: 20070806142515513036
Sender:	"" Send@rising.net.cn	Sent:

Dear customer!
Your email has been received. Thank you for your support for rising.

We have analyzed your problems and files in detail. The following are the analysis results of the files you uploaded:
1. File Name: bnhoenni. sys
It is not a description of the virus file:C:/Windows/system32/Drivers/kdlepi. sys
Attribute: ---
Language: Chinese (China)
File version: 1, 0, 1, 3
Description: SYS Application
Copyright: Copyright (c) 2006
Note:
Product Version: 1, 0, 1, 3
Product Name: SYS Application
Company Name: Beijing sanqi eryi Technology Co., Ltd.
Legal trademark:
Internal name: SYS
Source File Name: sys.exe
Creation Time: 21:36:45
Modification time: 21:36:45
Access time: 13:25:28
Size: 37376 bytes, 36.512 KB
MD5: 756dff7356a64e5c70120884f8985b59 file description:C:/Windows/system32/k11863644618.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:42:31
Size: 9880 bytes, 9.664 KB
MD5: f34f701f0000db6983b9e5f67e335fdce file description:C:/Windows/system32/k11863644596.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 12:42:10
Modification time: 12:42:12
Access time: 13:42:32
Size: 10360 bytes, 10.120 KB
MD5: 644c03db21c90ea2ce7f38eeaf70f490 file description:C:/Windows/system32/k118636446511.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:42:32
Size: 11256 bytes, 10.1016 KB
MD5: 24d6e5ab8c4f8133a2b19beb4383e1d0 file description:C:/Windows/system32/k118636446612.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:42:33
Size: 9648 bytes, 9.432 KB
MD5: 2a745e30ca881e1a7e4c333d0627d887 file description:C:/Windows/system32/k118636446310.exe
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:42:34
Size: 9832 bytes, 9.616 KB
MD5: cd4ca94d9573ecfa9f7fade9bae1a4e1 file description:C:/Windows/system32/k118636446310.dat
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:22:22
Size: 6430 bytes, 6.286 KB
MD5: 89091f4a4df7503f295dcb4e0ffd49f0 file description:C:/Windows/system32/k118636446612.dat
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:22:30
Size: 6253 bytes, 6.109 KB
MD5: 5bde6c52ae9f33f88f442e37e7c88f63 file description:C:/Windows/system32/k118636446511.dat
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:22:35
Size: 7805 bytes, 7.637 KB
MD5: b2a8ba4e2f2c5e718989ae315e971a21 file description:C:/Windows/system32/k11863644596.dat
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 12:42:12
Modification time: 12:42:12
Access time: 13:22:43
Size: 6898 bytes, 6.754 KB
MD5: 3d0fd9546a48b665067a21412cd84012 file description:C:/Windows/system32/k11863644596.dat
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 12:42:12
Modification time: 12:42:12
Access time: 13:22:48
Size: 6898 bytes, 6.754 KB
MD5: 3d0fd9546a48b665067a21412cd84012 file description:C:/Windows/system32/k11863644618.dat
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time:
Modification time:
Access time: 13:22:53
Size: 6465 bytes, 6.321 KB
MD5: 088c2f743a8ce238a0e677025e830992