2008.10.29样本

happyboys_xp

2008年10月29采集样本9个
如果您的安全软件无法查杀
请及时上报.
谢谢.
点此下载:
2008.10.29.rar

fzz8848

Begin scan in 'E:\Download\Virus\29'
E:\Download\Virus\29\8182B0C7.exe
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\29\7B434436.exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\29\7D5C13D6.exe
    [DETECTION] Is the TR/Dldr.Small.usu.1 Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\29\7FFFECB8.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\29\8096D9FC.exe
    [DETECTION] Is the TR/Dldr.Delf.oyk.1 Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\29\8154B3CB.exe
    [DETECTION] Is the TR/Dldr.Delf.oyk.1 Trojan
    [NOTE]      The file was deleted!
E:\Download\Virus\29\75119BA4.exe
      [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
    [NOTE]      The file was deleted!
E:\Download\Virus\29\832DAD8F.exe
    [DETECTION] Is the TR/PSW.Online.bdn Trojan
    [NOTE]      The file was deleted!


End of the scan: 2008年10月29日星期三  13:53
Used time: 00:08 Minute(s)

The scan has been done completely.

      1 Scanning directories
      9 Files were scanned
      8 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      8 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      0 Archives were scanned
      0 Warnings
      8 Notes

08红伞威点

杀8个,1个正常文件.

Filename	Result
76714EA7.exe	CLEAN

The file '76714EA7.exe' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

[ 本帖最后由 08红伞威点 于 2008-10-29 13:58 编辑 ]

wangjay1980

2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan-GameThief.Win32.OnLineGames.tlzm        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/832DAD8F.exe        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan.Win32.ShareAll.f        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/75119BA4.exe/UPX        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan-Downloader.Win32.Delf.oyp        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/8154B3CB.exe        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan-Downloader.Win32.Delf.oyj        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/8096D9FC.exe        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan-GameThief.Win32.WOW.afi        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/7FFFECB8.exe/PE_Patch/UPack        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan-Downloader.Win32.Small.usu        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/7D5C13D6.exe/PE_Patch/UPack        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan-GameThief.Win32.OnLineGames.tlbv        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/7B434436.exe/PE_Patch/UPack        Postponed       
2008-10-29 JAY15:10:05        Untreated        Trojan program        Trojan.Win32.KillFiles.aaj        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/76714EA7.exe        Postponed       
2008-10-29 JAY15:10:04        Untreated        Trojan program        Trojan-GameThief.Win32.Magania.afqu        High        Exact        C:\Documents and Settings\Owner\桌面\2008.10.29.rar/8182B0C7.exe        Postponed

will

Multi Command-Line Scanner Report
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\75119BA4.exe   
MD5 Hash: 1BAA76584FCF4D50C1883F9746EF9EA0   
Type: Win32 Executable Generic / Extension: .EXE   

A-squared ----- Trojan.Win32.ShareAll.f!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- Generic.TXB     
Antivir ----- BDS/Backdoor.Gen    
BitDefender ----- Trojan.ShareAll.F    
ClamWin ----- Trojan.Shareall.F    
Dr.Web ----- Trojan.ShareAll    
NOD32 ----- Win32/ShareAll.F trojan    
Ikarus ----- Trojan.Win32.ShareAll.f    
Jiangmin ----- Trojan/ShareAll.b    
Kaspersky ----- Trojan.Win32.ShareAll.f    
Kingsoft ----- Win32.Troj.ShareAll.f.7680    
Vba32 ----- OScope.Dialer.GMHA    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\76714EA7.exe   
MD5 Hash: AEB5F48B97CA17D9C6B257DD5A793092   
Type: Generic Win/DOS Executable / Extension: .EXE   

A-squared ----- Trojan.Win32.KillFiles.aaj!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- Nothing   
Antivir ----- Nothing   
BitDefender ----- Nothing   
ClamWin ----- Nothing   
Dr.Web ----- Nothing   
NOD32 ----- a variant of Win32/Spy.Banker.PRQ trojan    
Ikarus ----- Trojan.Win32.KillFiles.aaj    
Jiangmin ----- Trojan/KillFiles.ot    
Kaspersky ----- Trojan.Win32.KillFiles.aaj    
Kingsoft ----- Win32.Troj.KillFiles.2560    
Vba32 ----- Trojan.Win32.KillFiles.aaj    

*** 8/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\7B434436.exe   
MD5 Hash: EC13F7AAFB5CE35202DCDD5CB91B5107   
Type: DOS Executable Generic / Extension: .EXE   

A-squared ----- Trojan-Spy.Win32.Hitpop.C!IK    
Avast ----- Win32:OnLineGames-ALS [Trj]    
Avg ----- Generic11.AIOV     
Antivir ----- TR/Spy.Gen    
BitDefender ----- Dropped:Trojan.PWS.OnlineGames.OPB    
ClamWin ----- Trojan.Spy-54107    
Dr.Web ----- Trojan.PWS.Legmir.origin    
NOD32 ----- probably a variant of Win32/PSW.WOW.WU trojan    
Ikarus ----- Trojan-Spy.Win32.Hitpop.C    
Jiangmin ----- TrojanSpy.OnLineGames.gqn    
Kaspersky ----- Trojan-GameThief.Win32.OnLineGames.tlbv    
Kingsoft ----- Win32.TrojDownloader.MyDown.196608    
Vba32 ----- Trojan-GameThief.Win32.OnLineGames.tlbv    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\7D5C13D6.exe   
MD5 Hash: AAD2939306A413B6D3EC86C31F0FFF0A   
Type: DOS Executable Generic / Extension: .EXE   

A-squared ----- Trojan-PWS.Win32.Agent.hf!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- PSW.OnlineGames.BEVX     
Antivir ----- TR/Dldr.Small.usu.1    
BitDefender ----- Nothing   
ClamWin ----- Nothing   
Dr.Web ----- Trojan.DownLoad.5887    
NOD32 ----- a variant of Win32/Kryptik.AE trojan    
Ikarus ----- Trojan-PWS.Win32.Agent.hf    
Jiangmin ----- Nothing   
Kaspersky ----- Trojan-Downloader.Win32.Small.usu    
Kingsoft ----- Win32.TrojDownloader.Small.77824    
Vba32 ----- Nothing   

*** 9/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\7FFFECB8.exe   
MD5 Hash: E928FD59E400665A6B1BC7BED86C6B80   
Type: DOS Executable Generic / Extension: .EXE   

A-squared ----- Trojan-PWS.Win32.Agent.hf!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- PSW.OnlineGames.BEWI     
Antivir ----- TR/Dropper.Gen    
BitDefender ----- Trojan.PWS.OnlineGames.ZTC    
ClamWin ----- Nothing   
Dr.Web ----- Nothing   
NOD32 ----- a variant of Win32/Kryptik.AE trojan    
Ikarus ----- Trojan-PWS.Win32.Agent.hf    
Jiangmin ----- Trojan/PSW.OnLineGames.kjg    
Kaspersky ----- Trojan-GameThief.Win32.WOW.afi    
Kingsoft ----- Win32.Troj.OnLineGamesT.gr.2637    
Vba32 ----- Nothing   

*** 10/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\8096D9FC.exe   
MD5 Hash: C8BED56CA0CCDAA803F438130895656D   
Type: Win32 Executable Generic / Extension: .EXE   

A-squared ----- Virus.Trojan.Win32.Agent.gam!IK    
Avast ----- Win32:Delf-HJO [Trj]    
Avg ----- PSW.Generic6.AGFC     
Antivir ----- TR/Dldr.Delf.oyk.1    
BitDefender ----- Trojan.Agent.Delf.JZ    
ClamWin ----- Trojan.Downloader-56563    
Dr.Web ----- Trojan.DownLoad.6025    
NOD32 ----- Win32/Spy.Pachat.U trojan    
Ikarus ----- Virus.Trojan.Win32.Agent.gam    
Jiangmin ----- TrojanDownloader.Delf.ahj    
Kaspersky ----- Trojan-Downloader.Win32.Delf.oyj    
Kingsoft ----- Win32.TrojDownloader.Delf.495631    
Vba32 ----- Trojan-Downloader.Win32.Delf.oyj    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\8154B3CB.exe   
MD5 Hash: D90A733AAA56DF71F9D1691A3BA0CA11   
Type: Win32 Executable Generic / Extension: .EXE   

A-squared ----- Virus.Trojan.Win32.Agent.gam!IK    
Avast ----- Win32:Delf-HJO [Trj]    
Avg ----- PSW.Generic6.AGFC     
Antivir ----- TR/Dldr.Delf.oyk.1    
BitDefender ----- Trojan.Agent.Delf.JZ    
ClamWin ----- Trojan.Downloader-56563    
Dr.Web ----- Trojan.DownLoad.6025    
NOD32 ----- Win32/Spy.Pachat.U trojan    
Ikarus ----- Virus.Trojan.Win32.Agent.gam    
Jiangmin ----- TrojanDownloader.Delf.ahj    
Kaspersky ----- Trojan-Downloader.Win32.Delf.oyp    
Kingsoft ----- Win32.TrojDownloader.Delf.495631    
Vba32 ----- Trojan-Downloader.Win32.Delf.oyp    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\8182B0C7.exe   
MD5 Hash: BEC759725C91F44107A0686CA76997C2   
Type: Win32 Executable Generic / Extension: .EXE   

A-squared ----- Packer.Malware.NSAnti.1!IK    
Avast ----- Win32:Gamona [Trj]    
Avg ----- PSW.OnlineGames.2.AE     
Antivir ----- TR/Crypt.XPACK.Gen    
BitDefender ----- Packer.Malware.NSAnti.1    
ClamWin ----- Trojan.Magania-6996    
Dr.Web ----- Trojan.Nsanti.Packed    
NOD32 ----- Win32/PSW.OnLineGames.NNM trojan    
Ikarus ----- Packer.Malware.NSAnti.1    
Jiangmin ----- Trojan/PSW.Magania.con    
Kaspersky ----- Trojan-GameThief.Win32.Magania.afqu    
Kingsoft ----- Nothing   
Vba32 ----- Trojan-GameThief.Win32.Magania.afqu    

*** 12/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\832DAD8F.exe   
MD5 Hash: 4626EDB215D707A0B81D993E6C21E1A7   
Type: DOS Executable Generic / Extension: .EXE   

A-squared ----- Trojan-PWS.Lmir.UMH!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- PSW.Generic6.AFJQ     
Antivir ----- TR/PSW.Online.bdn    
BitDefender ----- Trojan.PWS.Lmir.UMH    
ClamWin ----- Trojan.Spy-53858    
Dr.Web ----- Trojan.MulDrop.19702    
NOD32 ----- a variant of Win32/PSW.Agent.NIA trojan    
Ikarus ----- Trojan-PWS.Lmir.UMH    
Jiangmin ----- TrojanSpy.OnLineGames.ilb    
Kaspersky ----- Trojan-GameThief.Win32.OnLineGames.tlzm    
Kingsoft ----- Win32.Troj.OnLineGame.ac.86016    
Vba32 ----- Trojan-GameThief.Win32.OnLineGames.tmnz    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   

Task done @ 2008/10/29 三 16:33:40.03   

BING126

McAfee  全灭。。。

5119ba4.exe         generic.cd                 
76714ea7.exe       generic del.x             
7b434436.exe       new malware.n              
7d5c13d6.exe       generic downloader.x      
7fffecb8.exe          generic.dx                 
8096d9fc.exe       generic pws.b             
8154b3cb.exe       generic pws.b             
8182b0c7.exe       pws-gamania.gen.c          
832dad8f.exe        pws-onlinegames.ce