天龙八部网游脚本再一次出错，又一次挂上小马~~~见13楼！

allinwonderi

[发现可能为病毒：]        <W32/Onlinegames.gen (not disinfectable)>        C:\Download Files\打包.rar->打包\hai.exe->(NSPack)->(PE_Patch)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\01.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\01B.exe->(UPack)
[发现可能安全风险：]        <W32/Heuristic-210!Eldorado (损坏, not disinfectable)>        C:\Download Files\打包.rar->打包\04.exe->(UPack)
[发现安全风险： ]        <W32/Nilage.gen!GSA (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\04B.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\05.exe->(UPack)
[发现安全风险： ]        <W32/Nilage.gen!GSA (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\06.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\07.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\08.exe->(UPack)
[发现安全风险： ]        <W32/Nilage.gen!GSA (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\09.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\12.exe->(UPack)
[发现安全风险： ]        <W32/Nilage.gen!GSA (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\13.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\14.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\15.exe->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\16.exe
[发现可能安全风险：]        <W32/Heuristic-210!Eldorado (损坏, not disinfectable)>        C:\Download Files\打包.rar->打包\20.exe->(embedded)->(UPack)
[发现安全风险： ]        <W32/Agent.L.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\21.exe->(UPack)
[发现安全风险： ]        <W32/Nilage.gen!GSA (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\22.exe->(UPack)
[发现安全风险： ]        <W32/Nilage.gen!GSA (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\23.exe->(UPack)
[发现安全风险： ]        <W32/AutoRun.D.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\打包.rar->打包\27.exe->(UPX)

---------------------------------------------------------------------
扫描已结束:        2008-7-28, 20:19:22
用时:        0:00:32

扫描结果:

已扫描的文件:                 6
已感染的对象:         20
已清除的对象:         0
已隔离的文件:         0
---------------------------------------------------------------------

woai_jolin

2008-7-28 20:21:26        Real-time file system protection        file        G:\v\打包\打包\27.exe        a variant of Win32/PSW.QQPass.NCZ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:25        Real-time file system protection        file        G:\v\打包\打包\23.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:25        Real-time file system protection        file        G:\v\打包\打包\22.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:25        Real-time file system protection        file        G:\v\打包\打包\21.exe        Win32/PSW.Agent.NHZ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:24        Real-time file system protection        file        G:\v\打包\打包\19.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:24        Real-time file system protection        file        G:\v\打包\打包\18.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:24        Real-time file system protection        file        G:\v\打包\打包\17.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:23        Real-time file system protection        file        G:\v\打包\打包\16.exe        Win32/Spy.KeySpy.NAA trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:23        Real-time file system protection        file        G:\v\打包\打包\15.exe        probably a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:22        Real-time file system protection        file        G:\v\打包\打包\14.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:22        Real-time file system protection        file        G:\v\打包\打包\13.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:22        Real-time file system protection        file        G:\v\打包\打包\12.exe        probably a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:21        Real-time file system protection        file        G:\v\打包\打包\11.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:21        Real-time file system protection        file        G:\v\打包\打包\10.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:21        Real-time file system protection        file        G:\v\打包\打包\09.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:20        Real-time file system protection        file        G:\v\打包\打包\08.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:20        Real-time file system protection        file        G:\v\打包\打包\07.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:20        Real-time file system protection        file        G:\v\打包\打包\06.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:19        Real-time file system protection        file        G:\v\打包\打包\05.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:19        Real-time file system protection        file        G:\v\打包\打包\04B.exe        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:18        Real-time file system protection        file        G:\v\打包\打包\04.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:18        Real-time file system protection        file        G:\v\打包\打包\03.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:18        Real-time file system protection        file        G:\v\打包\打包\02.exe        a variant of Win32/PSW.OnLineGames.NXI trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:18        Real-time file system protection        file        G:\v\打包\打包\01B.exe        a variant of Win32/PSW.Agent.NHQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:17        Real-time file system protection        file        G:\v\打包\打包\01.exe        Win32/PSW.OnLineGames.NPR trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-7-28 20:21:17        Real-time file system protection        file        G:\v\打包\打包\hai.exe        a variant of Win32/Agent.NOS trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

小飞侠.net

搜狐的网游天龙八部又一次被挂上马儿


和前几天一样，提示脚本出错，不是搜狐的。

文件 2g.rar 接收于 2008.07.30 17:17:01 (CET)

反病毒引擎 版本 最后更新 扫描结果
AhnLab-V3 2008.7.29.1 2008.07.30 -
AntiVir 7.8.1.12 2008.07.30 HTML/Rce.Gen
Authentium 5.1.0.4 2008.07.30 -
Avast 4.8.1195.0 2008.07.30 VBS:Obfuscated-gen
AVG 8.0.0.130 2008.07.30 JS/Downloader.Agent
BitDefender 7.2 2008.07.30 Trojan.Downloader.VBS.CF
CAT-QuickHeal 9.50 2008.07.30 -
ClamAV 0.93.1 2008.07.30 JS.Psyme-36
DrWeb 4.44.0.09170 2008.07.30 -
eSafe 7.0.17.0 2008.07.29 -
eTrust-Vet 31.6.5995 2008.07.30 -
Ewido 4.0 2008.07.30 Downloader.AniLoad.nae
F-Prot 4.4.4.56 2008.07.30 -
F-Secure 7.60.13501.0 2008.07.30 VBS/Psyme.BF
Fortinet 3.14.0.0 2008.07.30 -
GData 2.0.7306.1023 2008.07.30 VBS:Obfuscated-gen
Ikarus T3.1.1.34.0 2008.07.30 Virus.VBS.Obfuscated
Kaspersky 7.0.0.125 2008.07.30 -
McAfee 5349 2008.07.29 -
Microsoft 1.3704 2008.07.28 TrojanDownloader:VBS/Psyme.gen!D
NOD32v2 3310 2008.07.30 -
Norman 5.80.02 2008.07.30 -
Panda 9.0.0.4 2008.07.29 -
PCTools 4.4.2.0 2008.07.30 HTML.Psyme.Gen
Prevx1 V2 2008.07.30 -
Rising 20.55.22.00 2008.07.30 -
Sophos 4.31.0 2008.07.30 -
Sunbelt 3.1.1537.1 2008.07.29 -
Symantec 10 2008.07.30 -
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.30 -
VBA32 3.12.8.1 2008.07.29 -
ViRobot 2008.7.30.1317 2008.07.30 -
VirusBuster 4.5.11.0 2008.07.30 HTML.Psyme.Gen
Webwasher-Gateway 6.6.2 2008.07.30 Script.Rce.Gen
附加信息
File size: 2056 bytes
MD5...: e3df8589eebf2f0e25a46300ea0c290b
SHA1..: 6281648320cbf310f2bfc2375ee95703d2272e44
SHA256: 3d42302458e1bb1a6d9d6358be69774ff8afff151d4c84c3a4c13aa36b673f0a
SHA512: b7af34e03a596ea36ad07d71565b55ee6142f25354e13661faa8a1a32913ab75
5820ea34baf8c4474d31e9e8fd64a40680247701f8328e236b70a40e99942535
PEiD..: -
PEInfo: -

VirSCAN.org Scanned Report :
Scanned time   : 2008/07/30 23:17:15 (CST)
Scanner results: 31%的杀软(11/36)报告发现病毒
File Name      : 2g.rar
File Size      : 2056 byte
File Type      : RAR archive data, v1d, os
MD5            : e3df8589eebf2f0e25a46300ea0c290b
SHA1           : 6281648320cbf310f2bfc2375ee95703d2272e44
Online report  : ht　tp://virscan.org/report/6f837be15da7a492c088576c18c40072.html

Scanner        Engine Ver      Sig Ver           Sig Date    Time   Scan result
a-squared      3.5.0.22        2008.07.29        2008-07-29  2.81   -
安博士V3       2008.07.30.01   2008.07.30        2008-07-30  0.90   -
AntiVir        7.8.1.12        7.0.5.193         2008-07-30  2.13   HTML/Rce.Gen
Arcavir        1.0.5           200807292345      2008-07-29  1.17   -
AVAST!         3.0.1           080729-1          2008-07-29  0.00   VBS:Obfuscated-gen [Trj]
AVG            7.5.51.442      270.5.7/1581      2008-07-30  1.49   -
BitDefender    7.60825.1410286 7.20260           2008-07-30  2.63   Trojan.Downloader.VBS.CF
CA (VET)       9.0.0.143       31.6.5995         2008-07-30  0.61   -
ClamAV         0.93.3          7891              2008-07-30  0.00   JS.Psyme-36
Comodo         2.11            2.0.0.601         2008-07-30  0.42   -
CP Secure      1.1.0.715       2008.07.30        2008-07-30  5.58   Troj.Downloader.JS.Psyme.aw
Dr.Web         4.44.0.9170     2008.07.30        2008-07-30  3.06   -
ewido          4.0.0.2         2008.07.30        2008-07-30  2.70   Downloader.AniLoad.nae
F-Prot         4.4.4.56        20080729          2008-07-29  0.97   -
F-Secure       5.51.6100       2008.07.30.04     2008-07-30  0.19   -
飞塔           2.81-3.11       9.367             2008-07-30  1.99   -
ViRobot        20080730        2008.07.30        2008-07-30  0.61   -
Ikarus         T3.1.01.34      2008.07.30.71187  2008-07-30  3.04   Virus.VBS.Obfuscated
江民杀毒       11.0.706        2008.07.30        2008-07-30  1.15   -
卡巴斯基       5.5.10          2008.07.30        2008-07-30  0.02   -
金山毒霸       2008.1.14.15    2008.7.30.18      2008-07-30  0.54   -
迈克菲         5.2.00          5349              2008-07-29  2.23   -
Microsoft      1.3806          2008.07.30        2008-07-30  4.54   TrojanDownloader:VBS/Psyme.gen!D
mks_vir        2.01            2008.07.28        2008-07-28  2.41   -
Norman         5.93.01         5.93.00           2008-07-28  4.59   VBS/Psyme.BF
熊猫卫士       9.05.01         2008.07.29        2008-07-29  2.16   -
趋势科技       8.700-1004      5.445.00          2008-07-30  0.02   -
Quick Heal     9.50            2008.07.30        2008-07-30  1.62   -
瑞星           20.0            20.55.22.00       2008-07-30  0.24   -
Sophos         2.75.4          4.31              2008-07-30  1.91   -
Sunbelt        3.1.1537.1      2169              2008-07-28  0.84   -
赛门铁克       1.3.0.24        20080729.005      2008-07-29  0.05   -
nProtect       2008-07-30.00   1736473           2008-07-30  3.20   Trojan.Downloader.VBS.CF
The Hacker     6.2.96          v00389            2008-07-24  0.48   -
VBA32          3.12.8.1        20080729.0746     2008-07-29  1.13   -
VirusBuster    4.5.11.10       10.82.26/596940   2008-07-29  0.78   HTML.Psyme.Gen

小邪邪

01.exe Generic PWS.y (特洛伊)
02.exe Generic PWS.y (特洛伊)
03.exe PWS-OnlineGames.bj (特洛伊)
08.exe PWS-Mmorpg.gen (特洛伊)
10.exe PWS-OnlineGames.bj (特洛伊)
11.exe PWS-OnlineGames.bj (特洛伊)
12.exe Generic PWS.y (特洛伊)
15.exe Generic PWS.y (特洛伊)
16.exe Generic PWS.y (特洛伊)
17.exe PWS-OnlineGames.bp (特洛伊)
18.exe PWS-OnlineGames.bj (特洛伊)
19.exe PWS-OnlineGames.bp (特洛伊)
20.exe Generic PWS.y (特洛伊)
27.exe PWS-Mmorpg.gen (特洛伊)
hai.exe New Malware.u (特洛伊)
m4.exe Downloader.gen.a (特洛伊)

千色幻想

扫描1楼和13楼的附件，KAV7都没报
扫描8 楼的打包的27个，
为什么1楼和13楼的附件，KAV都扫不出来呢？

小飞侠.net

原帖由 千色幻想 于 2008-7-31 01:09 发表
扫描1楼和13楼的附件，KAV7都没报
扫描8 楼的打包的27个，
为什么1楼和13楼的附件，KAV都扫不出来呢？

卡巴没入库，我上报过，不知是什么原因，没进卡巴的库。

电影结束了

MS还是那个东西。。。