一个马，PASS不少杀软

wangjay1980

Hello,

10.exe - Trojan-PSW.Win32.OnLineGames.rqs,
12.exe, 24.exe - Trojan.Win32.Agent.fvb,
16.exe - Trojan-PSW.Win32.OnLineGames.rqr,
27.exe - Trojan.Win32.Agent.fvg,
4.exe - Trojan.Win32.Agent.fvc,
GU.exe - Trojan-Downloader.Win32.Small.int

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.



> Attachment: GU.rar
> Attachment: list.rar

woai_jolin

Scan Log
Version of virus signature database: 2897 (20080222)
Date: 2008/2/23  Time: 19:38:55
Scanned disks, folders and files: G:\v\GU.rar
G:\v\GU.rar » RAR » GU.exe - probably a variant of Win32/TrojanDownloader.Dadobra.FX trojan - was a part of the deleted object
Number of scanned objects: 2
Number of threats found: 1
Time of completion: 19:38:55  Total scanning time: 0 sec (00:00:00)

woai_jolin

Scan Log
Version of virus signature database: 2897 (20080222)
Date: 2008/2/23  Time: 19:40:37
Scanned disks, folders and files: G:\v\list.rar
G:\v\list.rar » RAR » 1.exe - probably a variant of Win32/Genetik trojan - was a part of the deleted object
G:\v\list.rar » RAR » 10.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 11.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 12.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\list.rar » RAR » 13.exe - Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 14.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 15.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\list.rar » RAR » 16.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 17.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 18.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 19.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 2.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\list.rar » RAR » 20.exe - a variant of Win32/PSW.OnLineGames.NFL trojan - was a part of the deleted object
G:\v\list.rar » RAR » 21.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 22.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 23.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 24.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\list.rar » RAR » 25.exe - a variant of Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 26.exe - Win32/PSW.QQPass.AVG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 27.exe - Win32/Agent.NOS trojan - was a part of the deleted object
G:\v\list.rar » RAR » 3.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 4.exe - a variant of Win32/PSW.OnLineGames.NML trojan - was a part of the deleted object
G:\v\list.rar » RAR » 5.exe - a variant of Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 6.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 7.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » 8.exe - Win32/PSW.OnLineGames.PBQ trojan - was a part of the deleted object
G:\v\list.rar » RAR » 9.exe - Win32/PSW.OnLineGames.MUG trojan - was a part of the deleted object
G:\v\list.rar » RAR » down.exe - Win32/TrojanDownloader.Delf.EPW trojan - was a part of the deleted object
G:\v\list.rar » RAR » listtt.exe - Win32/TrojanDownloader.Agent.NVM trojan - was a part of the deleted object
Number of scanned objects: 30
Number of threats found: 29
Time of completion: 19:40:39  Total scanning time: 2 sec (00:00:02)

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.DL.Delf.ynr      

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.32.52

qigang

60/28

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.PSW.Win32.GamesOnline.oa
病毒： Trojan.PSW.Win32.GameOL.mau
病毒： Trojan.PSW.Win32.GameOL.mbn
病毒： Trojan.PSW.Win32.GameOL.lwf
病毒： Trojan.PSW.Win32.GameOL.GEN
病毒： Trojan.PSW.Win32.GamesOnline.mn
病毒： Trojan.PSW.Win32.GameOL.lzr
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.Agent.vsk
病毒： Trojan.Win32.Undef.dcv   
病毒： Trojan.PSW.Win32.ZeroOnline.dj
病毒： Trojan.DL.Win32.Undef.az
病毒： Trojan.DL.Win32.Small.tpr

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.32.52

allinwonderi

Scanning : C:\Test]


C:\Test\list.rar<RAR>:1.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:10.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:11.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:12.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:13.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:14.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:16.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:17.exe <- Trojan.Psw.Onlinegames.Qiv : No action
C:\Test\list.rar<RAR>:18.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:19.exe <- Trojan.Psw.Onlinegames.Rhu : No action
C:\Test\list.rar<RAR>:21.exe <- Trojan.Psw.Onlinegames.Rbf : No action
C:\Test\list.rar<RAR>:22.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:23.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:24.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:25.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:26.exe <- Trojan.Psw.Qqpass.Avg : No action
C:\Test\list.rar<RAR>:26.exe<UPX>:26.exe<DLLRES>:FILE0.exe <- Trojan.Psw.Qqpass.Avi : No action
C:\Test\list.rar<RAR>:3.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:4.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:5.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:6.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:7.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:8.exe <- Heur.Win32.I : No action
C:\Test\list.rar<RAR>:9.exe <- Trojan.Psw.Onlinegames.Rhu : No action
C:\Test\list.rar<RAR>:down.exe <- Trojan.Downloader.Delf.Epw : No action
C:\Test\list.rar<RAR>:down.exe<UPack>:down.exe<DLLRES>:IFTDLL0.exe <- Trojan.Downloader.Delf.Epw : No action
C:\Test\list.rar<RAR>:listtt.exe <- Heur.Win32.I : No action



Scanned objects : 54

Infected objects : 27

绅博周幸

ACCESS DENIED
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: http://bbs.kafan.cn/attachment.php?aid=206379

The folowing error was encountered:

The requested object is INFECTED. The following viruses Trojan-Downloader.Win32.Small.int were found

Please contact your service provider if you feel this is incorrect.



--------------------------------------------------------------------------------

Generated Sat Feb 23 11:42:00 2008 by Kaspersky Internet Security 7.0

╝憔悴｝男風

gh1234j

probably a variant of Win32/TrojanDownloader.Dadobra.FX