Also New

显示全部楼层 · 发表于 2008-6-2 21:45:59

点击下载：http://a.down1314.com/do.exe

显示全部楼层 · 发表于 2008-6-2 21:48:16

显示全部楼层 · 发表于 2008-6-2 21:49:07

[Found security risk] <W32/Agent.L.gen!Eldorado (not disinfectable, generic)> C:\Documents and Settings\All Users\Documents\Test\do.rar->do.exe

---------------------------------------------------------------------
Scan ended: 2008-6-2, 21:48:58
Duration: 0:00:08

Scan result:

Scanned files:    6
Infected objects:    1
Disinfected objects:    0
Quarantined files:    0
---------------------------------------------------------------------

显示全部楼层 · 发表于 2008-6-2 21:50:12

AhnLab-V3	2008.5.30.1	2008.06.02	-
AntiVir	7.8.0.26	2008.06.02	TR/PSW.OnlineGames.alln.1
Authentium	5.1.0.4	2008.06.01	W32/Agent.L.gen!Eldorado
Avast	4.8.1195.0	2008.06.02	Win32:GaoBot-2437
AVG	7.5.0.516	2008.06.02	PSW.OnlineGames.ARUA
BitDefender	7.2	2008.06.02	Trojan.Crypt.Delf.D
CAT-QuickHeal	9.50	2008.05.31	(Suspicious) - DNAScan
ClamAV	0.92.1	2008.06.02	PUA.Packed.UPack-2
DrWeb	4.44.0.09170	2008.06.02	Trojan.MulDrop.origin
eSafe	7.0.15.0	2008.06.01	Suspicious File
eTrust-Vet	31.4.5842	2008.06.02	-
Ewido	4.0	2008.06.02	-
F-Prot	4.4.4.56	2008.06.01	W32/Agent.L.gen!Eldorado
F-Secure	6.70.13260.0	2008.06.02	Trojan-PSW.Win32.OnLineGames.alln
Fortinet	3.14.0.0	2008.06.02	-
GData	2.0.7306.1023	2008.06.02	Trojan-PSW.Win32.OnLineGames.alln
Ikarus	T3.1.1.26.0	2008.06.02	Trojan-Downloader.Win32.Zlob.and
Kaspersky	7.0.0.125	2008.06.02	Trojan-PSW.Win32.OnLineGames.alln
McAfee	5307	2008.05.30	New Malware.aj
Microsoft	1.3520	2008.06.02	PWS:Win32/OnLineGames.FKT
NOD32v2	3151	2008.06.02	-
Norman	5.80.02	2008.05.30	-
Panda	9.0.0.4	2008.06.02	Suspicious file
Prevx1	V2	2008.06.02	-
Rising	20.47.02.00	2008.06.02	-
Sophos	4.29.0	2008.06.02	Mal/Behav-156
Sunbelt	3.0.1139.1	2008.05.29	VIPRE.Suspicious
Symantec	10	2008.06.02	-
TheHacker	6.2.92.331	2008.06.02	W32/Behav-Heuristic-060
VBA32	3.12.6.6	2008.06.01	MalwareScope.Trojan-PSW.Game.13
VirusBuster	4.3.26:9	2008.06.01	Packed/Upack
Webwasher-Gateway	6.6.2	2008.06.02	Trojan.PSW.OnlineGames.alln.1

显示全部楼层 · 发表于 2008-6-2 21:55:49

http://a.1314down.com/do.txt

显示全部楼层 · 发表于 2008-6-2 21:56:48

病毒 2008-06-02 21:56:39 C:\Documents and Settings\Administrator\桌面\do.rar\do.exe Win32.Troj.Agent.cd.200704 跳过，未处理

显示全部楼层 · 发表于 2008-6-3 08:54:43

先报生成物。。。再隔离实体。。。

显示全部楼层 · 发表于 2008-6-3 09:36:50

原帖由 qigang 于 2008-6-2 21:55 发表
 http://a.1314down.com/do.txt

07,08,09下不到

Starting the file scan:

Begin scan in 'C:\Documents and Settings\kato9096\桌面\複製 -1420'
C:\Documents and Settings\kato9096\桌面\複製 -1420\01.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\02.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\03.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\04.exe
   [DETECTION] Is the Trojan horse TR/Agent.7680
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\05.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\06.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\11.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\12.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\13.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\14.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\15.exe
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was deleted!
C:\Documents and Settings\kato9096\桌面\複製 -1420\16.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!

12个,沒有不报

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ajom 檔案: C:\Documents and Settings\kato9096\桌面\1420\01.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.alpg 檔案: C:\Documents and Settings\kato9096\桌面\1420\02.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ajoo 檔案: C:\Documents and Settings\kato9096\桌面\1420\03.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.alvr 檔案: C:\Documents and Settings\kato9096\桌面\1420\04.exe//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ajod 檔案: C:\Documents and Settings\kato9096\桌面\1420\05.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.alvs 檔案: C:\Documents and Settings\kato9096\桌面\1420\06.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.akwe 檔案: C:\Documents and Settings\kato9096\桌面\1420\11.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ajom 檔案: C:\Documents and Settings\kato9096\桌面\1420\12.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ajpx 檔案: C:\Documents and Settings\kato9096\桌面\1420\13.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.akry 檔案: C:\Documents and Settings\kato9096\桌面\1420\14.exe//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.alpg 檔案: C:\Documents and Settings\kato9096\桌面\1420\15.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.ajpy 檔案: C:\Documents and Settings\kato9096\桌面\1420\16.exe//UPack

12个,都是沒有不报.

[ 本帖最后由 kato9096 于 2008-6-3 09:39 编辑 ]

显示全部楼层 · 发表于 2008-6-3 09:37:57

微点砍掉

[病毒样本] Also New

本帖子中包含更多资源

本帖子中包含更多资源

F-Prot 4.4.4

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块