sbbdms Magania更新帖5天接手[22L]

显示全部楼层 · 发表于 2009-1-27 20:39:06

特征码较统一，一般全秒

C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\1.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\2.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\32n79.tmp - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\bgdferw0.dll - Win32/PSW.OnLineGames.XTT 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\cc_0.exe - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\cvsdfw.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\dsewtds0.dll - Win32/PSW.OnLineGames.NMP 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\ff_0.exe - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\help_0.exe - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\hg.exe - Win32/PSW.OnLineGames.NNU 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\hyrteas0.dll - Win32/PSW.OnLineGames.ODJ 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\ll_0.exe - Win32/TrojanDropper.Agent.NJV 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\mg.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\mkfght0.dll - Win32/PSW.OnLineGames.ODJ 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\nod75.tmp - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\nod76.tmp - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\nod77.tmp - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\nod78.tmp - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\nod7A.tmp - Win32/TrojanDropper.Agent.NJV 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\optyhww0.dll - Win32/PSW.OnLineGames.NMP 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\otrewe0.dll - Win32/PSW.OnLineGames.NMP 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\oukdfgr.exe - Win32/PSW.OnLineGames.NNU 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\rb.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\rttrwq.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\tt.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\urretnd.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\uu_0.exe - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\weidfsg.exe - Win32/PSW.OnLineGames.NMY 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\MG_01271937\zz_0.exe - Win32/TrojanDropper.Agent.NJV 特洛伊木马 - 通过删除清除 - 已隔离

显示全部楼层 · 发表于 2009-1-27 20:47:25

原帖由 qianwenxiang 于 2009-1-27 19:43 发表
Update 0127 没有去除重复

2009/1/27 20:45:05       已清除       木马程序 Trojan.Win32.Agent2.aur       G:\Temp\Virus\MG_01271937.rar/nod78.tmp
2009/1/27 20:45:05       已清除       木马程序 Trojan.Win32.Agent2.aur       G:\Temp\Virus\MG_01271937.rar/uu_0.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auev       G:\Temp\Virus\MG_01271937.rar/otrewe0.dll
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aueu       G:\Temp\Virus\MG_01271937.rar/optyhww0.dll
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auet       G:\Temp\Virus\MG_01271937.rar/hyrteas0.dll
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aues       G:\Temp\Virus\MG_01271937.rar/tt.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aues       G:\Temp\Virus\MG_01271937.rar/cvsdfw.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auer       G:\Temp\Virus\MG_01271937.rar/oukdfgr.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auer       G:\Temp\Virus\MG_01271937.rar/hg.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aueq       G:\Temp\Virus\MG_01271937.rar/bgdferw0.dll
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auep       G:\Temp\Virus\MG_01271937.rar/nod77.tmp
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auep       G:\Temp\Virus\MG_01271937.rar/help_0.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aueo       G:\Temp\Virus\MG_01271937.rar/nod75.tmp
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aueo       G:\Temp\Virus\MG_01271937.rar/cc_0.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auen       G:\Temp\Virus\MG_01271937.rar/nod76.tmp
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auen       G:\Temp\Virus\MG_01271937.rar/ff_0.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auem       G:\Temp\Virus\MG_01271937.rar/nod7A.tmp
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.auem       G:\Temp\Virus\MG_01271937.rar/ll_0.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.audy       G:\Temp\Virus\MG_01271937.rar/urretnd.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.audy       G:\Temp\Virus\MG_01271937.rar/mg.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.audw       G:\Temp\Virus\MG_01271937.rar/2.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aswq       G:\Temp\Virus\MG_01271937.rar/32n79.tmp//PE-Crypt.CF
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.aswq       G:\Temp\Virus\MG_01271937.rar/zz_0.exe//PE-Crypt.CF
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.asvw       G:\Temp\Virus\MG_01271937.rar/mkfght0.dll
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.asvp       G:\Temp\Virus\MG_01271937.rar/rttrwq.exe
2009/1/27 20:45:05       已清除       木马程序 Trojan-GameThief.Win32.Magania.asvp       G:\Temp\Virus\MG_01271937.rar/1.exe

Miss 3, To KL

[ 本帖最后由尤金卡巴斯基于 2009-1-27 20:55 编辑 ]

显示全部楼层 · 发表于 2009-1-27 20:51:53

26日全歼

Begin scan in 'G:\MG 01261627.rar'
G:\MG 01261627.rar
[0] Archive type: RAR
--> 1.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 2.exe
   [DETECTION] Is the TR/Meredrop.A.748 Trojan
--> cc_0.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> cvsdfw.exe
   [DETECTION] Is the TR/PSW.Magania.aues Trojan
--> ff_0.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> help_0.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> hg.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> ll_0.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> mg.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> oukdfgr.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> rb.exe
   [DETECTION] Is the TR/PSW.OnLineGa.aak Trojan
--> rttrwq.exe
   [DETECTION] Is the TR/Meredrop.A.748 Trojan
--> tt.exe
   [DETECTION] Is the TR/PSW.Magania.aues Trojan
--> urretnd.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> uu_0.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> weidfsg.exe
   [DETECTION] Is the TR/PSW.OnLineGa.aak Trojan
--> zz_0.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> bgdferw0.dll
   [DETECTION] Is the TR/Vundo Trojan
--> dsewtds0.dll
   [DETECTION] Is the TR/Dldr.Agent.nnz Trojan
--> hrnqgp.dll
   [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
--> hyrteas0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> mkfght0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> optyhww0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> otrewe0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 32n18.tmp
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> nod13.tmp
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> nod14.tmp
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> nod15.tmp
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> nod16.tmp
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> nod17.tmp
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[WARNING] The file was ignored!

27日全歼

Begin scan in 'G:\MG 01271937.rar'
G:\MG 01271937.rar
[0] Archive type: RAR
--> 1.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 2.exe
   [DETECTION] Is the TR/Meredrop.A.748 Trojan
--> cc_0.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> cvsdfw.exe
   [DETECTION] Is the TR/PSW.Magania.aues Trojan
--> ff_0.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> help_0.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> hg.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> ll_0.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> mg.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> oukdfgr.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> rb.exe
   [DETECTION] Is the TR/PSW.OnLineGa.aak Trojan
--> rttrwq.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> tt.exe
   [DETECTION] Is the TR/PSW.Magania.aues Trojan
--> urretnd.exe
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> uu_0.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> weidfsg.exe
   [DETECTION] Is the TR/PSW.OnLineGa.aak Trojan
--> zz_0.exe
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> bgdferw0.dll
   [DETECTION] Is the TR/Vundo Trojan
--> dsewtds0.dll
   [DETECTION] Is the TR/Dldr.Agent.nnz Trojan
--> hyrteas0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> mkfght0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> optyhww0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> otrewe0.dll
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 32n79.tmp
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> nod75.tmp
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> nod76.tmp
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> nod77.tmp
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> nod78.tmp
   [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
--> nod7A.tmp
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[WARNING] The file was ignored!

显示全部楼层 · 发表于 2009-1-28 16:19:53

原帖由 尤金卡巴斯基 于 2009-1-27 20:47 发表

2009/1/27 20:45:05 已清除木马程序 Trojan.Win32.Agent2.aur G:\Temp\Virus\MG_01271937.rar/nod78.tmp
2009/1/27 20:45:05 已清除木马程序 Trojan.Win ...

全入

2009/1/28 16:11:46 已清除木马程序 Packed.Win32.Krap.g G:\Temp\Virus\MG_01271937.rar/dsewtds0.dll
2009/1/28 16:11:46 已清除木马程序 Packed.Win32.Krap.g G:\Temp\Virus\MG_01271937.rar/weidfsg.exe
2009/1/28 16:11:46 已清除木马程序 Packed.Win32.Krap.g G:\Temp\Virus\MG_01271937.rar/rb.exe

显示全部楼层 · 发表于 2009-1-28 21:26:28

mg 0128 未去重

显示全部楼层 · 发表于 2009-1-28 21:35:15

红伞好像全杀了

显示全部楼层 · 发表于 2009-1-29 00:02:50

红伞全杀了。。。。

显示全部楼层 · 发表于 2009-1-29 00:09:44

28日全歼
报壳基因依旧主旋律。

[ 本帖最后由 hj5abc 于 2009-1-29 00:10 编辑 ]

显示全部楼层 · 发表于 2009-1-29 01:24:05

漏一个

Scan Shell extension scan was finished.
Infections; 28
Folders selected for scanning; C:\Users\Standard user\Desktop\MG 01282124;
Scan started; Thursday, January 29, 2009
Scan finished; Thursday, January 29, 2009 (2 second(s))
Total object scanned; 30
User who launched the scan; Standard user

Infections
File; Infection; Result
C:\Users\Standard user\Desktop\MG 01282124\1.exe; Trojan horse PSW.OnlineGames_r.K; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\2.exe; Trojan horse PSW.OnlineGames_r.K; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\32n51.tmp; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\bgdferw0.dll; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\cc_0.exe; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\cvsdfw.exe; Trojan horse PSW.OnlineGames_r.X; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\dsewtds0.dll; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\ff_0.exe; Trojan horse PSW.OnlineGames_r.K.dropper; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\help_0.exe; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\hg.exe; Trojan horse PSW.OnlineGames.2.Z; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\ll_0.exe; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\mg.exe; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\mkfght0.dll; Virus identified Klone.AP; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\nod52.tmp; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\nod53.tmp; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\nod54.tmp; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\nod55.tmp; Trojan horse PSW.OnlineGames_r.K.dropper; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\nod56.tmp; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\optyhww0.dll; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\otrewe0.dll; Trojan horse PSW.OnlineGames_r.M; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\oukdfgr.exe; Trojan horse PSW.OnlineGames.2.Z; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\rb.exe; Trojan horse PSW.OnlineGames.2.S; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\rttrwq.exe; Trojan horse PSW.OnlineGames_r.K; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\tt.exe; Trojan horse PSW.OnlineGames_r.X; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\urretnd.exe; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\uu_0.exe; Virus found Win32/Heur; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\weidfsg.exe; Trojan horse PSW.OnlineGames.2.S; Moved to Virus Vault
C:\Users\Standard user\Desktop\MG 01282124\zz_0.exe; Virus found Win32/Heur; Moved to Virus Vault

显示全部楼层 · 发表于 2009-1-29 01:52:18

卡巴剩一个 TO KL

[病毒样本] sbbdms Magania更新帖5天接手[22L]

本帖子中包含更多资源

回复 15楼 qianwenxiang 的帖子

本帖子中包含更多资源

回复 15楼 qianwenxiang 的帖子