[病毒样本] 3

显示全部楼层 · 发表于 2008-7-18 19:34:58

已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.Magania.xdb 檔案: C:\Documents and Settings\kato9096\桌面\3.rar/居然有這個地名.jar3/居然有這個地名.cmd/3.exe
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.Magania.wyf 檔案: C:\Documents and Settings\kato9096\桌面\3.rar/WishesCard.scr/3.exe

卡巴报2,有个不报,上报到卡巴.

Hello.
This file is already detected. Please update your bases.

Sincerely yours,
Andrey Bezborodov,
Virus Analyst.
_____________________
Kaspersky Lab Ltd
Moscow, Russia
Tel/Fax : +7 (095) 797-8700
E-mail : newvirus@kaspersky.com
Internet: http://www.kaspersky.com, http://www.viruslist.com

[ 本帖最后由 kato9096 于 2008-7-18 23:08 编辑 ]

显示全部楼层 · 发表于 2008-7-18 19:39:04

2008-7-18 19:38:34 1216381114 Nerazzurri 3848 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\Nerazzurri\桌面\3.RAR\程尺舧?搂??.cmd3" file.
2008-7-18 19:38:37 1216381117 Nerazzurri 3848 Sign of "Win32:Monga [Trj]" has been found in "C:\Documents and Settings\Nerazzurri\桌面\3.RAR\WishesCard.scr\3.exe" file.
2008-7-18 19:38:37 1216381117 Nerazzurri 3848 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\Nerazzurri\桌面\3.RAR\WishesCard.scr" file.

显示全部楼层 · 发表于 2008-7-18 19:40:05

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Nerazzurri\桌面\3.RAR'
C:\Documents and Settings\Nerazzurri\桌面\3.RAR
[0] Archive type: RAR
   --> ﾩ~ﾵMﾦﾳﾳoﾭￓﾦaﾦW.jar3
      [1] Archive type: ZIP
      --> ﾩ~ﾵMﾦﾳﾳoﾭￓﾦaﾦW.cmd
      [2] Archive type: RAR SFX (self extracting)
      --> 3.exe
         [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
发表帖子[完成后可按 C    --> ﾳￌﾳ￟ￅwﾣ{ￂﾧﾪﾫﾭ?.cmd3
      [1] Archive type: RAR SFX (self extracting)
      --> 16.exe
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> WishesCard.scr
   [DETECTION] Is the TR/Drop.Agen.313409 Trojan
   --> WishesCard.scr
      [1] Archive type: RAR SFX (self extracting)
      --> 3.exe
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-7-18 19:41:10

Begin scan in 'C:\Documents and Settings\Administrator\桌面\WishesCard.scr'
C:\Documents and Settings\Administrator\桌面\WishesCard.scr
[0] Archive type: RAR SFX (self extracting)
--> 3.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[DETECTION] Is the TR/Drop.Agen.313409 Trojan
[NOTE]    A backup was created as '48f38192.qua'  ( QUARANTINE )
[NOTE]    Attempting to perform action using the ARK lib.
[NOTE]    A backup was created as '48f38193.qua'  ( QUARANTINE )
Begin scan in 'C:\Documents and Settings\Administrator\桌面\居然有這個地名.jar3'
C:\Documents and Settings\Administrator\桌面\居然有這個地名.jar3
[0] Archive type: ZIP
   --> ﾩ~ﾵMﾦﾳﾳoﾭￓﾦaﾦW.cmd
      [1] Archive type: RAR SFX (self extracting)
      --> 3.exe
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as 'af89f260.qua'  ( QUARANTINE )
[NOTE]    Attempting to perform action using the ARK lib.
[NOTE]    A backup was created as 'ad3fb9d9.qua'  ( QUARANTINE )
Begin scan in 'C:\Documents and Settings\Administrator\桌面\最喜歡ㄌ禮物唷.cmd3'
C:\Documents and Settings\Administrator\桌面\最喜歡ㄌ禮物唷.cmd3
[0] Archive type: RAR SFX (self extracting)
--> 16.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as 'b3e1d6c6.qua'  ( QUARANTINE )
[NOTE]    Attempting to perform action using the ARK lib.
[NOTE]    A backup was created as 'b1579d7f.qua'  ( QUARANTINE )

End of the scan: 2008年7月18日  19:40
Used time: 00:03 Minute(s)

The scan has been done completely.

   0 Scanning directories
   13 Files were scanned
   4 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   6 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   9 Files not concerned
   7 Archives were scanned
   0 Warnings
   3 Notes

显示全部楼层 · 发表于 2008-7-18 19:42:42

80分

显示全部楼层 · 发表于 2008-7-18 19:51:05

File _____________________.jar3 received on 07.18.2008 13:52:31 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 13/33 (39.4%)

Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___
.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.

Compact
Print results

Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position:
) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.

Email:

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.7.17.0	2008.07.18	-
AntiVir	7.8.0.68	2008.07.18	DR/Turk.A
Authentium	5.1.0.4	2008.07.18	-
Avast	4.8.1195.0	2008.07.18	-
AVG	8.0.0.130	2008.07.18	Win32/Heur
BitDefender	7.2	2008.07.18	-
CAT-QuickHeal	9.50	2008.07.17	-
ClamAV	0.93.1	2008.07.18	-
DrWeb	4.44.0.09170	2008.07.18	-
eSafe	7.0.17.0	2008.07.17	Suspicious File
eTrust-Vet	31.6.5965	2008.07.18	-
Ewido	4.0	2008.07.18	-
F-Prot	4.4.4.56	2008.07.18	-
F-Secure	7.60.13501.0	2008.07.18	-
Fortinet	3.14.0.0	2008.07.18	-
GData	2.0.7306.1023	2008.07.18	Trojan-GameThief.Win32.Magania.xdb
Ikarus	T3.1.1.34.0	2008.07.18	Trojan.Win32.Helpud.A
Kaspersky	7.0.0.125	2008.07.18	Trojan-GameThief.Win32.Magania.xdb
McAfee	5341	2008.07.18	PWS-LegMir.gen.k
Microsoft	1.3704	2008.07.18	TrojanSpy:Win32/OnLineGames.ZDR
NOD32v2	3278	2008.07.18	-
Norman	5.80.02	2008.07.18	-
Panda	9.0.0.4	2008.07.17	Suspicious file
Prevx1	V2	2008.07.18	-
Rising	20.53.42.00	2008.07.18	-
Sophos	4.31.0	2008.07.18	Mal/EncPk-CE
Sunbelt	3.1.1536.1	2008.07.17	-
Symantec	10	2008.07.18	-
TheHacker	6.2.96.381	2008.07.16	-
TrendMicro	8.700.0.1004	2008.07.18	PAK_Generic.005
VBA32	3.12.8.0	2008.07.17	-
VirusBuster	4.5.11.0	2008.07.17	Trojan.Lineage.Gen!Pac.3
Webwasher-Gateway	6.6.2	2008.07.18	Trojan.Crypt.XPACK.Gen

Additional information

File size: 234124 bytes

MD5...: 0c6a5e3c5e5b7c14c5e896be6befee58

SHA1..: 1efd734573b12f09a72fdca668a571e68b7e31ba

SHA256: e83f1a01959ead97bb0d163d76fe3ba18dcc7f5a810a86f566e7162312d6fd82

SHA512: 40a1d3f78eb18def24103b1bd65cc056f13ec7948d117dd6b4c5b9f6143013eb
e2122d1c4051d74cb91458109d60c8611e51049868054a80711f5e057ba72be6

PEiD..: -

PEInfo: -

packers (F-Prot): RAR

[ 本帖最后由傻猪猪米走鸡于 2008-7-18 20:08 编辑 ]

显示全部楼层 · 发表于 2008-7-18 19:52:36

McAfee报了。。。

显示全部楼层 · 发表于 2008-7-18 19:56:16

显示全部楼层 · 发表于 2008-7-18 20:00:54

显示全部楼层 · 发表于 2008-7-18 23:07:53

Hello.
This file is already detected. Please update your bases.

Sincerely yours,
Andrey Bezborodov,
Virus Analyst.
_____________________
Kaspersky Lab Ltd
Moscow, Russia
Tel/Fax : +7 (095) 797-8700
E-mail : newvirus@kaspersky.com
Internet: http://www.kaspersky.com, http://www.viruslist.com

[病毒样本] 3

本帖子中包含更多资源

3

本帖子中包含更多资源

地名

本帖子中包含更多资源

Norman Virus Control 5.99 1

本帖子中包含更多资源

本帖子中包含更多资源