29(List)

显示全部楼层 · 发表于 2008-9-9 00:52:35

http://8886663.com/1.exe
.
http://8886663.com/35.exe

已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tdog 檔案: C:\Documents and Settings\kato9096\桌面\145\10.exe6//PE_Patch//UPack//data0000//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcya 檔案: C:\Documents and Settings\kato9096\桌面\145\11.exe6
未發現: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tdog 檔案: c:\documents and settings\kato9096\桌面\145\10.exe6//PE_Patch//UPack//data0000//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcnt 檔案: C:\Documents and Settings\kato9096\桌面\145\12.exe6//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcqi 檔案: C:\Documents and Settings\kato9096\桌面\145\13.exe6//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.Magania.abmz 檔案: C:\Documents and Settings\kato9096\桌面\145\15.exe6//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcye 檔案: C:\Documents and Settings\kato9096\桌面\145\19.exe6
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.WOW.bye 檔案: C:\Documents and Settings\kato9096\桌面\145\2.exe6//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tdrl 檔案: C:\Documents and Settings\kato9096\桌面\145\22.exe6
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tdrk 檔案: C:\Documents and Settings\kato9096\桌面\145\23.exe6
已刪除: 特洛伊木馬程式 Trojan.Win32.Kilva.ew 檔案: C:\Documents and Settings\kato9096\桌面\145\26.exe6
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.sxae 檔案: C:\Documents and Settings\kato9096\桌面\145\27.exe6//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tddu 檔案: C:\Documents and Settings\kato9096\桌面\145\29.exe6//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tctl 檔案: C:\Documents and Settings\kato9096\桌面\145\3.exe6
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tddu 檔案: C:\Documents and Settings\kato9096\桌面\145\31.exe6//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tapu 檔案: C:\Documents and Settings\kato9096\桌面\145\6.exe6//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcyh 檔案: C:\Documents and Settings\kato9096\桌面\145\8.exe6
已刪除: 特洛伊木馬程式 Trojan-GameThief.Win32.OnLineGames.tcyb 檔案: C:\Documents and Settings\kato9096\桌面\145\9.exe6

报１８，上报１２

Hello.
New malicious software was found in the attached file ().
It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

-----------------
Regards, Kirill Erakhtin
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com http://www.viruslist.com

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-9-10 00:20 编辑 ]

显示全部楼层 · 发表于 2008-9-9 00:59:02

2008/9/9 0:57:34 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\1.exe6
2008/9/9 0:57:34 已删除: Trojan-GameThief.Win32.OnLineGames.tdog C:\Users\sltgr\Downloads\145.rar/145\10.exe6
2008/9/9 0:57:34 已删除: Trojan-GameThief.Win32.OnLineGames.tcya C:\Users\sltgr\Downloads\145.rar/145\11.exe6
2008/9/9 0:57:34 已删除: Trojan-GameThief.Win32.OnLineGames.tcnt C:\Users\sltgr\Downloads\145.rar/145\12.exe6
2008/9/9 0:57:34 已删除: Trojan-GameThief.Win32.OnLineGames.tcqi C:\Users\sltgr\Downloads\145.rar/145\13.exe6
2008/9/9 0:57:34 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\14.exe6
2008/9/9 0:57:34 已删除: Trojan-GameThief.Win32.Magania.abmz C:\Users\sltgr\Downloads\145.rar/145\15.exe6
2008/9/9 0:57:34 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\16.exe6
2008/9/9 0:57:35 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\17.exe6
2008/9/9 0:57:37 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\18.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.tcye C:\Users\sltgr\Downloads\145.rar/145\19.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.WOW.bye C:\Users\sltgr\Downloads\145.rar/145\2.exe6
2008/9/9 0:57:37 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\21.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.tdrl C:\Users\sltgr\Downloads\145.rar/145\22.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.tdrk C:\Users\sltgr\Downloads\145.rar/145\23.exe6
2008/9/9 0:57:37 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\24.exe6
2008/9/9 0:57:37 已删除: Trojan.Win32.Kilva.ew C:\Users\sltgr\Downloads\145.rar/145\26.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.sxae C:\Users\sltgr\Downloads\145.rar/145\27.exe6
2008/9/9 0:57:37 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\28.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.tddu C:\Users\sltgr\Downloads\145.rar/145\29.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.tctl C:\Users\sltgr\Downloads\145.rar/145\3.exe6
2008/9/9 0:57:37 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\30.exe6
2008/9/9 0:57:37 已删除: Trojan-GameThief.Win32.OnLineGames.tddu C:\Users\sltgr\Downloads\145.rar/145\31.exe6
2008/9/9 0:57:38 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\4.exe6
2008/9/9 0:57:38 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\5.exe6
2008/9/9 0:57:38 已删除: Trojan-GameThief.Win32.OnLineGames.tapu C:\Users\sltgr\Downloads\145.rar/145\6.exe6
2008/9/9 0:57:38 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\145.rar/145\7.exe6
2008/9/9 0:57:38 已删除: Trojan-GameThief.Win32.OnLineGames.tcyh C:\Users\sltgr\Downloads\145.rar/145\8.exe6
2008/9/9 0:57:38 已删除: Trojan-GameThief.Win32.OnLineGames.tcyb C:\Users\sltgr\Downloads\145.rar/145\9.exe6

全灭

显示全部楼层 · 发表于 2008-9-9 01:00:14

清空
Starting the file scan:

Begin scan in 'D:\Virus\145'
D:\Virus\145\145\1.exe6
[DETECTION] Is the TR/Onlinegames.tbof Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\10.exe6
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Onlinegames.tdeh Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\11.exe6
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.OnlineGames.ZQO.62 Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\12.exe6
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\13.exe6
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\14.exe6
[DETECTION] Is the TR/PSW.Lmir.UMQ Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\15.exe6
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\16.exe6
[DETECTION] Is the TR/Onlinegames.tbof Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\17.exe6
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Onlinegames.tdsi Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\18.exe6
[DETECTION] Is the TR/Onlinegames.tboi Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\19.exe6
[DETECTION] Is the TR/PSW.Online.aklq Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\2.exe6
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.42564.5 Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\21.exe6
[DETECTION] Is the TR/PSW.Lmir.UMT Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\22.exe6
   [DETECTION] Is the TR/PSW.OnLin.aklo.2 Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\23.exe6
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/PSW.OnlineGames.ZQO.63 Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\24.exe6
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\26.exe6
[DETECTION] Is the TR/Crypt.FSPM.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\27.exe6
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Onlinegames.swbm Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\28.exe6
[DETECTION] Is the TR/Onlinegames.tboi Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\29.exe6
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Onlinegames.tdeh Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\3.exe6
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\30.exe6
[DETECTION] Is the TR/PSW.Lmir.UMT Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\31.exe6
[0] Archive type: OVL
   --> Object
      [1] Archive type: RSRC
      --> Object
      [DETECTION] Is the TR/Onlinegames.tdeh Trojan
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\4.exe6
   [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\5.exe6
[DETECTION] Is the TR/Onlinegames.tboc Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\6.exe6
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\7.exe6
[DETECTION] Is the TR/Onlinegames.tbod Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\8.exe6
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    The file was deleted!
D:\Virus\145\145\9.exe6
[DETECTION] Is the TR/PSW.Lmir.UMT Trojan
[NOTE]    The file was deleted!

End of the scan: 2008年9月9日  00:58
Used time: 00:07 Minute(s)

The scan has been done completely.

   2 Scanning directories
   29 Files were scanned
   32 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   29 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -3 Files not concerned
   0 Archives were scanned
   0 Warnings
   29 Notes

显示全部楼层 · 发表于 2008-9-9 08:52:21

费尔全部pass，没得玩儿了。

显示全部楼层 · 发表于 2008-9-9 09:01:05

金山才26

显示全部楼层 · 发表于 2008-9-9 09:13:50

质量不高啊，连咖啡都能全灭，用的还是昨天的库

显示全部楼层 · 发表于 2008-9-9 09:26:44

不明白啊。30个文件，怎么有32个病毒。。。难道一个文件有2个病毒？

显示全部楼层 · 发表于 2008-9-9 09:48:46

Virenprüfung mit G DATA AntiVirus
Version 19.0.0.49 (22.08.2008)
Virensignaturen vom 09.09.2008
Startzeit: 09.09.2008 09:46
Engine(s): Engine A (AVA 19.346), Engine B (AVB 19.21)
Heuristik: Ein
Archive: Aus
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung folgender Verzeichnisse und Dateien:
D:\145\

Objekt: 1.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 11.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.OnlineGames.ZAY (Engine A)
Objekt: 12.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.OnlineGames.ZAY (Engine A)
Objekt: 13.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Onlinegames.6 (Engine A)
Objekt: 14.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 15.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Onlinegames.ZTR (Engine A)
Objekt: 16.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 17.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.OnlineGames.ZAY (Engine A)
Objekt: 18.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 19.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 21.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 2.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Generic.PWS.WoW.D024D1E9 (Engine A)
Objekt: 22.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.OnlineGames.ZAY (Engine A)
Objekt: 23.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.OnlineGames.ZAY (Engine A)
Objekt: 24.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 27.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.Generic.657880 (Engine A)
Objekt: 28.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 26.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: GenPack:Trojan.PWS.Onlinegames.6 (Engine A)
Objekt: 3.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.Generic.692218 (Engine A)
Objekt: 30.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 5.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 4.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Dropped:Generic.Malware.SFdldg.38A5C820 (Engine A)
Objekt: 7.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 8.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.OnlineGames.ZAY (Engine A)
Objekt: 9.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Trojan.PWS.Lmir.UMH (Engine A)
Objekt: 6.exe6
Pfad: D:\145
Status: Datei in Quarantäne verschoben
Virus: Win32:Spyware-gen [Trj] (Engine B)

Analyse vollständig durchgeführt: 09.09.2008 09:46
29 Dateien überprüft
26 infizierte Dateien gefunden
0 verdächtige Dateien gefunden

显示全部楼层 · 发表于 2008-9-9 13:09:40

avast只干掉17个

oh mog..........

显示全部楼层 · 发表于 2008-9-9 15:32:58

很正常~~

[病毒样本] 29(List)

回复 7楼 hzyw 的帖子