[病毒样本] 28x

显示全部楼层 · 发表于 2009-1-8 21:38:32

显示全部楼层 · 发表于 2009-1-8 21:39:22

28

D:\download\28_0.rar>>a10_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a13_0.exe TrojanGameThief.Magania.gen.msbo 木马还未处理
D:\download\28_0.rar>>a17_0.exe TrojanGameThief.Magania.gen.vbdg 木马还未处理
D:\download\28_0.rar>>a18_0.exe TrojanGameThief.Magania.gen.cvsi 木马还未处理
D:\download\28_0.rar>>a1_0.exe TrojanGameThief.Magania.gen.bmbt 木马还未处理
D:\download\28_0.rar>>a25_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a27_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a29_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a35_0.exe TrojanGameThief.OnLineGames.ubga.awpy 木马还未处理
D:\download\28_0.rar>>a3_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a41_0.exe TrojanGameThief.Magania.gen.xnio 木马还未处理
D:\download\28_0.rar>>a44_0.exe TrojanGameThief.OnLineGames.ubga.awpy 木马还未处理
D:\download\28_0.rar>>a4_0.exe TrojanGameThief.Magania.gen.qlao 木马还未处理
D:\download\28_0.rar>>a51_0.exe TrojanGameThief.Magania.gen.jzhf 木马还未处理
D:\download\28_0.rar>>a52_0.exe TrojanGameThief.OnLineGames.ubga.awpy 木马还未处理
D:\download\28_0.rar>>a55_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a60_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a6_0.exe TrojanGameThief.Magania.gen.ojow 木马还未处理
D:\download\28_0.rar>>a7_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>a9_0.exe Trojan.OnLineGames.gen.a 木马还未处理
D:\download\28_0.rar>>aaa_0.exe Trojan.Cap91222.nfip 木马还未处理
D:\download\28_0.rar>>abc_0.exe TrojanDownloader.Nurech.bd.bmqk 木马还未处理
D:\download\28_0.rar>>cj_0.exe Adware.BHO.dws.nsrd.arc 广告程序还未处理
D:\download\28_0.rar>>kunet_0.exe Adware.AdMedia.ed.zdst.arc 广告程序还未处理
D:\download\28_0.rar>>lcinst_0.exe Trojan.JunkCode.Gen.robr 木马还未处理
D:\download\28_0.rar>>qqq_0.exe TrojanPSW.QQPass.ete.jqvf 木马还未处理
D:\download\28_0.rar>>Tail_0.exe Trojan.Gamania.gen 木马还未处理
D:\download\28_0.rar>>vip_0.exe Trojan.Cap9170.xvix 木马还未处理

显示全部楼层 · 发表于 2009-1-8 21:41:23

C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a1_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a10_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a13_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a17_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a18_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a25_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a27_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a29_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a3_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a35_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a4_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a41_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a44_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a51_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a52_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a55_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a6_0.exe - 可能是 Win32/PSW.OnLineGames.NRF 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a60_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a7_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > a9_0.exe - Win32/PSW.OnLineGames.NTM 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > aaa_0.exe - 可能是 Win32/PSW.Delf.NLZ 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > abc_0.exe - Win32/PSW.Legendmir.NGG 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > cj_0.exe > NSIS > 33.exe - Win32/Adware.Cinmus 应用程序
C:\Documents and Settings\Administrator\桌面\28_0.rar > RAR > kunet_0.exe > NSIS > 23.exe > NSIS > 龏

显示全部楼层 · 发表于 2009-1-8 21:49:28

收到 to kl

[ 本帖最后由 wangjay1980 于 2009-1-8 21:52 编辑 ]

显示全部楼层 · 发表于 2009-1-8 21:53:19

显示全部楼层 · 发表于 2009-1-8 22:08:21

Begin scan in 'D:\28_0.rar'
D:\28_0.rar
[0] Archive type: RAR
--> a1_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
   --> a10_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
--> a13_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
--> a17_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
--> a18_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
--> a25_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
   --> a27_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> a29_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> a3_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> a35_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
--> a4_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
--> a41_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
   --> a44_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
--> a51_0.exe
   [DETECTION] Is the TR/Thief.Magania.B Trojan
   --> a52_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> a55_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
--> a6_0.exe
   [DETECTION] Is the TR/Agent.BHQ Trojan
   --> a60_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> a7_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> a9_0.exe
      [DETECTION] Is the TR/Thief.Games.ubha Trojan
   --> abc_0.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
--> cj_0.exe
   [DETECTION] Contains recognition pattern of the DR/Cinmus.ish dropper
   --> cj_0.exe
      [1] Archive type: NSIS
      --> ProgramFilesDir/33.exe
      [DETECTION] Is the TR/Obfuscated.kah Trojan
--> kunet_0.exe
   [DETECTION] Contains recognition pattern of the ADSPY/AdMedia.ED.171 adware or spyware
   --> lcinst_0.exe
      --> Object
      [2] Archive type: OVL
      --> Object
         [DETECTION] Is the TR/BHOSta.ER Trojan
   --> qqq_0.exe
      [DETECTION] Is the TR/ATRAPS.Gen Trojan
   --> Tail_0.exe
      [DETECTION] Is the TR/Downloader.Gen Trojan
--> vip_0.exe
   [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.ZFS back-door program
[NOTE]    A backup was created as '49c508cd.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2009-1-8 22:15:22

Hello.

New malicious software was found in the attached file. Its detection will be included in the next update.
Thank you for your help.

Trojan.Win32.Multis.hs
Trojan-Downloader.Win32.Small.ailr

显示全部楼层 · 发表于 2009-1-8 22:18:43

红伞全kill

显示全部楼层 · 发表于 2009-1-8 22:18:46

文件名称病毒名称处理情况
C:\Documents and Settings\Administrator\桌面\28_0.rar=]abc_0.exe BehavesLike:Win32.ExplorerHijack 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]kunet_0.exe DeepScan:Generic.Adw.Cinmus.2.E8144529 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]aaa_0.exe Generic.PWStealer.7BB6A226 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]vip_0.exe MemScan:Backdoor.Agent.ZFS 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]cj_0.exe Trojan.Obfuscated.KU 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]lcinst_0.exe Trojan.Obfuscated.MQ 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a1_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a13_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a17_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a18_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a25_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a4_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a41_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a51_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a6_0.exe Trojan.PWS.Agent.SGC 清除病毒失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a35_0.exe Trojan.PWS.OnlineGames.AAIQ 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a44_0.exe Trojan.PWS.OnlineGames.AAIQ 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a52_0.exe Trojan.PWS.OnlineGames.AAIQ 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a10_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a27_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a29_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a3_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a55_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a60_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a7_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）
C:\Documents and Settings\Administrator\桌面\28_0.rar=]a9_0.exe Trojan.PWS.OnlineGames.AAJB 删除失败（文件在归档文件中）

[病毒样本] 28x

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

26

浏览过的版块