若干个（1L+3L+5L)

幸福的猪猪

kaba miss,to kill !


Hello,


Setup(1).exe,
Setup.exe - Trojan.Win32.Bepiv.ajo
101.exe_ - Backdoor.Win32.Hupigon.gwws

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

[ 本帖最后由 幸福的猪猪 于 2009-5-24 13:31 编辑 ]

Sebastian

Starting the file scan:

Begin scan in 'D:\kafan\123.zip'
D:\kafan\123.zip
  [0] Archive type: ZIP
    --> Setup.exe
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'D:\kafan\456.rar'
D:\kafan\456.rar
  [0] Archive type: RAR
    --> Setup.exe
      [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was deleted!
Begin scan in 'D:\kafan\101'
D:\kafan\101\101.exe
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
    [NOTE]      The file was deleted!


End of the scan: 2009年5月24日  06:43
Used time: 00:00 Minute(s)

The scan has been done completely.

      1 Scanned directories
      5 Files were scanned
      3 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      3 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      2 Archives were scanned
      0 Warnings
      3 Notes

幸福的猪猪

http://www.arhjfgjdrf.cn/1.exe
http://www.arhjfgjdrf.cn/2.exe
http://www.arhjfgjdrf.cn/3.exe
http://www.arhjfgjdrf.cn/4.exe
http://www.arhjfgjdrf.cn/5.exe
http://www.arhjfgjdrf.cn/6.exe
http://www.arhjfgjdrf.cn/7.exe
http://www.arhjfgjdrf.cn/8.exe
http://www.arhjfgjdrf.cn/9.exe
http://www.arhjfgjdrf.cn/10.exe
http://www.arhjfgjdrf.cn/11.exe
http://www.arhjfgjdrf.cn/12.exe
http://www.arhjfgjdrf.cn/13.exe
http://www.arhjfgjdrf.cn/14.exe
http://www.arhjfgjdrf.cn/15.exe
http://www.arhjfgjdrf.cn/16.exe
http://www.arhjfgjdrf.cn/17.exe
http://www.arhjfgjdrf.cn/18.exe
http://www.arhjfgjdrf.cn/19.exe
http://www.arhjfgjdrf.cn/20.exe
http://www.arhjfgjdrf.cn/21.exe
http://www.arhjfgjdrf.cn/22.exe
http://www.arhjfgjdrf.cn/23.exe
http://www.arhjfgjdrf.cn/24.exe
http://www.arhjfgjdrf.cn/25.exe
http://www.arhjfgjdrf.cn/26.exe
http://www.arhjfgjdrf.cn/27.exe
http://www.arhjfgjdrf.cn/28.exe
http://www.arhjfgjdrf.cn/29.exe
http://www.arhjfgjdrf.cn/30.exe
http://www.arhjfgjdrf.cn/31.exe
http://www.arhjfgjdrf.cn/32.exe
http://www.arhjfgjdrf.cn/33.exe (失效)
http://www.arhjfgjdrf.cn/34.exe
http://www.arhjfgjdrf.cn/35.exe
http://www.arhjfgjdrf.cn/36.exe
http://www.arhjfgjdrf.cn/37.exe (失效)
http://www.arhjfgjdrf.cn/38.exe (失效)

解压密码为：virus

kaba miss 3x ，to kill ！（这次关闭kaba的启发引擎扫描得出的结果）


Hello,


1.exe_ - Trojan-GameThief.Win32.OnLineGames.bmby,

24.exe_ - Trojan-GameThief.Win32.OnLineGames.bmca,

34.exe_ - Trojan-Downloader.Win32.Agent.bzrv

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

[ 本帖最后由 幸福的猪猪 于 2009-5-24 13:57 编辑 ]

Sebastian

清空
36 Files were scanned
35 Viruses and/or unwanted programs were found

幸福的猪猪

在上报一些，kaba all miss,to kill !

einnawy

费尔kill all

Sebastian

Starting the file scan:

Begin scan in 'D:\kafan\112.zip'
D:\kafan\112.zip
  [0] Archive type: ZIP
    --> TDDOWNLOAD/1.exe
      [DETECTION] Contains HEUR/Crypted suspicious code
    --> TDDOWNLOAD/dsfghs0.exe
      [DETECTION] Is the TR/Crypt.FKM.Gen Trojan
    --> TDDOWNLOAD/func.dll
      [1] Archive type: RSRC
      [DETECTION] Is the TR/Dropper.Gen Trojan
    --> TDDOWNLOAD/ope103.exe
      [DETECTION] Contains HEUR/Crypted suspicious code
    [NOTE]      The file was deleted!


End of the scan: 2009年5月24日  09:30
Used time: 00:00 Minute(s)

The scan has been done completely.

      0 Scanned directories
      6 Files were scanned
      0 Viruses and/or unwanted programs were found
      4 Files were classified as suspicious
      1 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
      0 Warnings
      1 Notes

[ 本帖最后由 Sebastian 于 2009-5-24 09:31 编辑 ]

wajika

原帖由 幸福的猪猪 于 2009-5-24 08:28 发表



解压密码为：virus

kaba miss 3x ，to kill ！（这次关闭kaba的启发引擎扫描得出的结果）

病毒信息
附件 TDDOWNLOAD[1].rar 含有Mal/Dropper-O病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Emogen-R病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Emogen-R病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Emogen-R病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lolyda-D病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/EncPk-EW病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Behav-160病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/PWS-Fam病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Emogen-R病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Emogen-R病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/EncPk-EW病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/EncPk-EW病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/EncPk-EW病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/Emogen-R病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Mal/EncPk-EW病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/PWS-BAF病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/PWS-BAF病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/LdPinch-SE病毒  清除失败
附件 TDDOWNLOAD[1].rar 含有Troj/Lineag-BG病毒  清除失败

黑衣~魂

DR.WEB TO MISS
11.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11589;Deleted.;
12.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
13.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
14.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Qqpass.2730;Deleted.;
15.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11711;Deleted.;
17.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Modification of BackDoor.Generic.1928;Deleted.;
18.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11395;Deleted.;
19.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11387;Deleted.;
20.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11089;Deleted.;
21.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.origin;Deleted.;
22.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11387;Deleted.;
23.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
24.exe/data002\data001;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\24.exe/data002;Trojan.PWS.Gamania.origin;;
data002;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Container contains infected objects;;
24.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Container contains infected objects;Deleted.;
25.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11557;Deleted.;
26.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11386;Deleted.;
27.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11557;Deleted.;
28.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
29.exe\data001;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\29.exe;Trojan.PWS.Gamania.18581;;
29.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Container contains infected objects;Deleted.;
3.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11557;Deleted.;
30.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11586;Deleted.;
31.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Gamania.18637;Deleted.;
32.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
34.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
35.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Gamania.18753;Deleted.;
36.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11706;Deleted.;
4.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
5.exe\data001;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\5.exe;Trojan.PWS.Wsgame.11745;;
5.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Container contains infected objects;Deleted.;
6.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11700;Deleted.;
7.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Qqpass.origin;Deleted.;
8.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Qqpass.origin;Deleted.;
9.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.PWS.Wsgame.11776;Deleted.;
1.exe;D:\Documents and Settings\Administrator\桌面\112\TDDOWNLOAD;Trojan.MulDrop.31659;Deleted.;
dsfghs0.exe;D:\Documents and Settings\Administrator\桌面\112\TDDOWNLOAD;Trojan.MulDrop.31659;Deleted.;
ope103.exe;D:\Documents and Settings\Administrator\桌面\112\TDDOWNLOAD;Trojan.MulDrop.31659;Deleted.;

悠柚

全部的
24:05:2009 11:34:48 SEARCHTASK "USER_DEFINED" started...
scan item: D:\TDDownload\101
File scanned: D:\TDDownload\101\1.exe - SIGNATURE FOUND "Trojan.Renos"
File scanned: D:\TDDownload\101\10.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\101.exe - SIGNATURE FOUND "Generic.Graybird"
File scanned: D:\TDDownload\101\11.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\12.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\13.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\14.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.OnLineGames"
File scanned: D:\TDDownload\101\15.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\16.exe - SIGNATURE FOUND "Generic.PWS"
File scanned: D:\TDDownload\101\17.exe - SIGNATURE FOUND "Trojan.Win32.Agent"
File scanned: D:\TDDownload\101\18.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\19.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\2.exe - SIGNATURE FOUND "Trojan-Downloader.Agent.pmd.2"
File scanned: D:\TDDownload\101\20.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\21.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\22.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\23.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\25.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\26.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\27.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\28.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\29.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.WOW"
File scanned: D:\TDDownload\101\3.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\30.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\31.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.WOW"
File scanned: D:\TDDownload\101\32.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\34.exe - SIGNATURE FOUND "Virus.Win32.Crypt.CQW"
File scanned: D:\TDDownload\101\35.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.WOW"
File scanned: D:\TDDownload\101\36.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\4.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\5.exe - SIGNATURE FOUND "Generic.PWS"
File scanned: D:\TDDownload\101\6.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\7.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.WOW"
File scanned: D:\TDDownload\101\8.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.WOW"
File scanned: D:\TDDownload\101\9.exe - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: D:\TDDownload\101\dsfghs0.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.OnLineGames"
File scanned: D:\TDDownload\101\func.dll - SIGNATURE FOUND "Virus.Win32.Agent.BQC"
File scanned: D:\TDDownload\101\ope103.exe - SIGNATURE FOUND "Trojan-GameThief.Win32.OnLineGames"
File scanned: D:\TDDownload\101\Setup.exe - SIGNATURE FOUND "Trojan.Crypt"
File scanned: D:\TDDownload\101\Setup1.exe - SIGNATURE FOUND "Trojan.Crypt"
24:05:2009 11:34:50 SEARCHTASK "USER_DEFINED" FINISHED...
----------------------------------------------------
Directories scanned: 1
Files scanned: 43
Virus found: 40
----------------------------------------------------