18

HC303

毒霸KILL 16个。

HC303

我的红伞没有启发，18个全砍。
E:\virus test\Package.rar
  [0] Archive type: RAR
  --> zy.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> f2b4657b5568d072.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.gxb
  --> f2b4657b5568d073.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.gxb
  --> dh3.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.445
  --> mh.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.djg.2
  --> qqsg.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.som.1
  --> my.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> zyhx.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.suq
  --> dh2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.430
  --> wl.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> jh.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.spf
  --> qj.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.403
  --> huaxia.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.sol
  --> tl.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> fh.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> zt.exe
      [DETECTION] Is the Trojan horse TR/Onlinegames.rxt
  --> wow.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> wd.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [WARNING]   The file was ignored!
The scan has been done completely.

      0 Scanning directories
     20 Files were scanned
     18 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
      1 Warnings
      0 Notes

hj5abc

sam.to

Hello,

f2b4657b5568d072.exe2 - Trojan-Downloader.Win32.Flux.eg,
wd.exe3 - Trojan.Win32.KillAV.pg

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.



[ 本帖最后由 kato9096 于 2008-3-8 23:09 编辑 ]

wangjay1980

原帖由 kato9096 于 2008-3-8 23:08 发表
Hello,

f2b4657b5568d072.exe2 - Trojan-Downloader.Win32.Flux.eg,
wd.exe3 - Trojan.Win32.KillAV.pg

New malicious software was found in these files. Detection will be included in the next updat ...

怎么样，卡巴的效率又回来了吧，呵呵

rest1min

江民杀毒软件报告文件
北京江民新科技术有限公司
扫描引擎 11.00.703
病毒库日期 2008-03-08
更新日期 2008-03-08
扫描目标 C:\Documents and Settings\Administrator\桌面\Package.rar
开始时间 2008-03-08 23:20:00
在 C:\Documents and Settings\Administrator\桌面\Package.rar->zy.exe 中发现 Trojan/PSW.OnLineGames.upy 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->dh3.exe 中发现 Trojan/Small.eaj 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->mh.exe 中发现 Trojan/PSW.OnLineGames.uft 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->qqsg.exe 中发现 Trojan/PSW.OnLineGames.swk 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->my.exe 中发现 Trojan/PSW.OnLineGames.vjx 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->zyhx.exe 中发现 Trojan/PSW.OnLineGames.vgi 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->dh2.exe 中发现 Trojan/PSW.OnLineGames.mdu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->wl.exe 中发现 Trojan/Vaklik.by 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->jh.exe 中发现 TrojanDropper.Agent.ika 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->qj.exe 中发现 Trojan/Vaklik.bu 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->huaxia.exe 中发现 Trojan/PSW.OnLineGames.whh 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->tl.exe 中发现 Trojan/PSW.OnLineGames.uow 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->fh.exe 中发现 Trojan/Vaklik.bx 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->zt.exe 中发现 Trojan/PSW.OnLineGames.ugk 病毒, 已删除
在 C:\Documents and Settings\Administrator\桌面\Package.rar->wow.exe 中发现 Trojan/PSW.OnLineGames.upw 病毒, 已删除
正常结束。
扫描结果:
                 文件数 :792                                 病毒体 :15        
                   删除 :15                                    解毒 :0         
    扫描速度(千字节/秒) :11071                             扫描时间 :00:00:19

lcatxin

服气了，用大蜘蛛cureit一个也没查出来
nod32 3.0
Package.rar » RAR » zy.exe - Win32/PSW.OnLineGames.NFL trojan
\Package.rar » RAR » f2b4657b5568d072.exe - probably a variant of Win32/Genetik trojan
Package.rar » RAR » f2b4657b5568d073.exe - probably a variant of Win32/Genetik trojan
Package.rar » RAR » dh3.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » mh.exe - Win32/PSW.OnLineGames.NMQ trojan
Package.rar » RAR » qqsg.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » my.exe - probably a variant of Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » zyhx.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » dh2.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » wl.exe - Win32/PSW.OnLineGames.YA trojan
Package.rar » RAR » jh.exe - a variant of Win32/PSW.OnLineGames.YA trojan
Package.rar » RAR » qj.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » huaxia.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » tl.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » fh.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » zt.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » wow.exe - Win32/PSW.OnLineGames.NFL trojan
Package.rar » RAR » wd.exe - a variant of Win32/PSW.OnLineGames.NFL trojan
扫描19个文件，发现18个

[ 本帖最后由 lcatxin 于 2008-3-8 23:44 编辑 ]

woai_jolin

===================================================================================================
On-demand scanner 7.0.0.10

NSE revision 5.91.10
nvcbin.def revision 5.90.00 of 2008/03/07 16:10:27 (1356064 variants)
nvcmacro.def revision 5.90.00 of 2008/02/04 16:47:24 (20430 variants)
Total number of variants: 1376494
===================================================================================================


*** Possible virus found ***
*** G:\v\Package.rar : zy.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : f2b4657b5568d072.exe -> Security Risk W32/Suspicious_U.gen ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : f2b4657b5568d073.exe -> Security Risk W32/Suspicious_U.gen ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : dh3.exe -> Trojan W32/OnLineGames.ALJM ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : mh.exe -> Trojan W32/OnLineGames.ALHL ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : qqsg.exe -> Security Risk W32/Suspicious_U.dam ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : my.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : zyhx.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : dh2.exe -> Security Risk W32/Suspicious_U.dam ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : wl.exe -> Trojan W32/OnLineGames.ALFR ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : jh.exe -> Security Risk W32/Suspicious_U.dam ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : qj.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : huaxia.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : tl.exe -> Security Risk W32/Suspicious_U.dam ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : fh.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : zt.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : wow.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.
*** G:\v\Package.rar : wd.exe -> Virus W32/Viking.EQ ()
- File G:\v\Package.rar quarantined.

===================================================================================================

The scanning started: 2008/03/08 23:57:25
               ended: 2008/03/08 23:57:25
Logged on as        : Jason
on hostname         : JASON-PC

Scanning results:
   Total number of files found..............................:      20
   Number of files scanned..................................:      20
   Number of files/directories skipped due to exclude list..:       0
   Number of files that could not be opened.................:       0
   Number of archive files unpacked.........................:       1
   Number of archive files not unpacked.....................:       0
   Number of infections.....................................:      18

Copyright (c) 1993-2007 Norman ASA.

ywarmy

Access to the data has been denied!
Warning: A virus or unwanted program has been found in the HTTP Data.

Requested URL:         http://bbs.kafan.cn/attachment.php?aid=216322
Information:         Is the Trojan horse TR/Spy.Gen

微点卫士

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\F2B4657B5568D072.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\116F3413.EXE
2) C:\WINDOWS.0\SYSTEM32\D9A3BAF.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\WD.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\MSIMMS32.EXE
2) C:\WINDOWS.0\SYSTEM32\MSIMMS32.DLL
是否删除木马程序及其衍生物?

剩下一个