39个不杀的 MD5[70A8FC...........

kurakimai

C:\个人简历\
C:\个人简历\不杀的[1].part1.rar:<RAR>\1FF1D7_ravasktao.dll : is suspected of Downloader.Small.160
C:\个人简历\不杀的[1].part1.rar:<RAR>\940286_88342c60.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part1.rar:<RAR>\BF3CA4_8eb70e70.dll : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part1.rar:<RAR>\C294A0_235c3f97.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part1.rar:<RAR>\C294A0_auto.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part1.rar:<RAR>\C294A0_oooo[1].exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part3.rar:<RAR>\70A8FC_1b43d60d.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part3.rar:<RAR>\70A8FC_756e5c4ccaa4b342[1].exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part3.rar:<RAR>\70A8FC_84a64f25.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part3.rar:<RAR>\7F79A7_risingup.exe : infected Trojan.Win32.StartPage.aok
C:\个人简历\不杀的[1].part3.rar:<RAR>\7F79A7_up.exe : infected Trojan.Win32.StartPage.aok
C:\个人简历\不杀的[1].part3.rar:<RAR>\813415_nwizqjsj.dll : is suspected of Downloader.Small.160
C:\个人简历\不杀的[1].part2.rar:<RAR>\E28F94_256728f2(1).exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part2.rar:<RAR>\E28F94_256728f2.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part2.rar:<RAR>\E28F94_复件auto.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part2.rar:<RAR>\FF83AE_54dcd80d.dll : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part2.rar:<RAR>\46A7C9_46bf8e6b.dll : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part2.rar:<RAR>\70A8FC_96f86b43.exe : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)
C:\个人简历\不杀的[1].part2.rar:<RAR>\96F86B43.EXE : is suspected of Trojan-PSW.Game.63 (paranoid heuristics)

一共19个

Whkroran

Hello,

288E9C_autochk.exe_, 338823_net.exe_, 59EDC9_ieaux.dll, 5F411F_autofmt.exe_, 63BED5_autoconv.exe_, AC09C2_6to4svc.dll, B44C21_auditusr.exe_, B819E8_twain_32.dll, B9A28D_net1.exe_, D6101C_fdeploy.dll, DF09D7_fltmc.exe_, E01BE4_autolfn.exe_, F8AAC2_1fj1ugwg.dll

No malicious code were found in these files.

47FDA2_0268bbf5.dll - Backdoor.Win32.Agent.ahj,
47FDA2_05a747af.dll - Backdoor.Win32.Agent.ahj,
D70C3D_msfeed.exe_ - HackTool.Win32.Agent.be,
FF83AE_54dcd80d.dll - Backdoor.Win32.Agent.ahj

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Roman Gavrilchenko
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.



> Attachment: 17virus.zip

>   hello, 17 new virus !!!

promised

C:/ABC/\不杀的\0DFC08_explroer.exe - Signature 'Trojan.Win32.Crypt.F' found
C:/ABC/\不杀的\1FF1D7_ravasktao.dll - Signature 'Trojan-PWS.Win32.OnLineGames.sl' found
C:/ABC/\不杀的\288E9C_autochk.exe
C:/ABC/\不杀的\338823_net.exe
C:/ABC/\不杀的\46A7C9_46bf8e6b.dll - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\47FDA2_0268bbf5.dll - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\47FDA2_05a747af.dll - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\59EDC9_ieaux.dll
C:/ABC/\不杀的\5F411F_autofmt.exe
C:/ABC/\不杀的\63BED5_autoconv.exe
C:/ABC/\不杀的\6AFB16_bind_50201.exe - Signature 'Trojan-Downloader.Win32.QQHelper.wk' found
C:/ABC/\不杀的\70A8FC_1b43d60d.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\70A8FC_756e5c4ccaa4b342[1].exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\70A8FC_84a64f25.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\70A8FC_96f86b43.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\7F79A7_risingup.exe - Signature 'Trojan.Win32.StartPage.aok' found
C:/ABC/\不杀的\7F79A7_up.exe - Signature 'Trojan.Win32.StartPage.aok' found
C:/ABC/\不杀的\813415_nwizqjsj.dll - Signature 'Trojan-PWS.Win32.OnLineGames.qw' found
C:/ABC/\不杀的\940286_88342c60.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\96F86B43.EXE - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\AC09C2_6to4svc.dll
C:/ABC/\不杀的\B44C21_auditusr.exe
C:/ABC/\不杀的\B819E8_twain_32.dll
C:/ABC/\不杀的\B9A28D_net1.exe
C:/ABC/\不杀的\BF3CA4_8eb70e70.dll - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\C294A0_235c3f97.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\C294A0_auto.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\C294A0_oooo[1].exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\D6101C_fdeploy.dll
C:/ABC/\不杀的\D61529_fd012.exe - Signature 'not-a-virus:AdWare.Win32.NewWeb.i' found
C:/ABC/\不杀的\D70C3D_msfeed.exe
C:/ABC/\不杀的\DF09D7_fltmc.exe
C:/ABC/\不杀的\E01BE4_autolfn.exe
C:/ABC/\不杀的\E28F94_256728f2(1).exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\E28F94_256728f2.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\E28F94_复件auto.exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\不杀的\E7D558_bind_50099.exe - Signature 'Trojan-Downloader.Win32.QQHelper.rb' found
C:/ABC/\不杀的\F8AAC2_1fj1ugwg.dll
C:/ABC/\不杀的\FF83AE_54dcd80d.dll - Signature 'Backdoor.Win32.Agent.ahj' found

        39 Files scanned
          (0 Archives with 0 files)
        25 Signatures found
        0 Suspect code-parts found
        Used time: 0:00.671

快乐男孩6

rs24

tracydk

Starting the file scan:

Begin scan in 'F:\病毒样本\不杀的.part1.rar'
F:\病毒样本\不杀的.part1.rar
  [0] Archive type: RAR
  --> 0DFC08_explroer.exe
      [DETECTION] Is the Trojan horse TR/Spy.Agent.NB.1
  --> 1FF1D7_ravasktao.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> 940286_88342c60.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.567 Backdoor server programs
  --> BF3CA4_8eb70e70.dll
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.572 Backdoor server programs
  --> C294A0_235c3f97.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.561 Backdoor server programs
  --> C294A0_auto.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.561 Backdoor server programs
  --> C294A0_oooo[1].exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.561 Backdoor server programs
      [INFO]      The file was deleted!
Begin scan in 'F:\病毒样本\不杀的.part2.rar'
F:\病毒样本\不杀的.part2.rar
  [0] Archive type: RAR
  --> D70C3D_msfeed.exe
      [DETECTION] Contains signature of the SPR/Agent.BE.7 program
  --> E28F94_256728f2(1).exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.560 Backdoor server programs
  --> E28F94_256728f2.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.560 Backdoor server programs
  --> E28F94_&cedil;&acute;&frac14;&thorn;auto.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.560 Backdoor server programs
  --> E7D558_bind_50099.exe
      [DETECTION] Is the Trojan horse TR/Dldr.QQHelper.RB.28
  --> FF83AE_54dcd80d.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 46A7C9_46bf8e6b.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 47FDA2_0268bbf5.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 47FDA2_05a747af.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> 70A8FC_96f86b43.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.565 Backdoor server programs
  --> 96F86B43.EXE
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.565 Backdoor server programs
      [INFO]      The file was deleted!
Begin scan in 'F:\病毒样本\不杀的.part3.rar'
F:\病毒样本\不杀的.part3.rar
  [0] Archive type: RAR
  --> 6AFB16_bind_50201.exe
      [DETECTION] Is the Trojan horse TR/Dldr.QQHelper.WK.7
  --> 70A8FC_1b43d60d.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.565 Backdoor server programs
  --> 70A8FC_756e5c4ccaa4b342[1].exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.565 Backdoor server programs
  --> 70A8FC_84a64f25.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.ahj.565 Backdoor server programs
  --> 7F79A7_risingup.exe
      [DETECTION] Is the Trojan horse TR/StartPage.aok
  --> 7F79A7_up.exe
      [DETECTION] Is the Trojan horse TR/StartPage.aok
  --> 813415_nwizqjsj.dll
      [DETECTION] Is the Trojan horse TR/Agent.16896.70
      [INFO]      The file was deleted!


End of the scan: 2007年6月28日  22:46
Used time: 00:10 min

The scan has been done completely.

      0 Scanning directories
     43 Files were scanned
     25 viruses and/or unwanted programs were found
      4 classified as suspicious:
      3 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     14 Files not concerned
      3 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found

小邪邪

AVK杀27，AVK+MCAFEE杀28

（3引擎的AVK）

tracydk

原帖由 Whkroran 于 2007-6-28 11:06 发表
Hello,

288E9C_autochk.exe_, 338823_net.exe_, 59EDC9_ieaux.dll, 5F411F_autofmt.exe_, 63BED5_autoconv.exe_, AC09C2_6to4svc.dll, B44C21_auditusr.exe_, B819E8_twain_32.dll, B9A28D_net1.exe_, D6101 ...

卡巴真是怪物啊!!