12x

幸福的猪猪

kaba miss all ,to kill !(本病毒压缩包包含的病毒样本，由一个kaba可杀得病毒样本提供的病毒更新下载地址下载得来）

kaba扫描病毒样本所用的病毒库为  2009-05-27 09.09.00



Hello,

11.exe_ - Trojan-Downloader.Win32.Agent.cbex,
16.exe_ - Trojan-GameThief.Win32.OnLineGames.bmcu,
19.exe_ - Trojan-GameThief.Win32.OnLineGames.bmcv,
20.exe_ - Trojan-Downloader.Win32.Agent.cbee,
23.exe_ - Trojan-GameThief.Win32.OnLineGames.bmcw,
26.exe_ - Trojan-GameThief.Win32.OnLineGames.bmcx,
3.exe_ - Trojan-GameThief.Win32.OnLineGames.bmcy,
46.exe_ - Trojan-Downloader.Win32.Small.jtw,
5.exe_ - Trojan-GameThief.Win32.OnLineGames.bmcz

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

15.exe_ - Trojan-Downloader.Win32.Agent.cbbu,
2(1).exe_ - Trojan-Dropper.Win32.Agent.ardf,
21.exe_ - Trojan-Downloader.Win32.Agent.cbbv

These files are already detected. Please update your antivirus bases.

Please quote all when answering.

[ 本帖最后由 幸福的猪猪 于 2009-5-27 16:19 编辑 ]

einnawy

C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\11.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a4ab441.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\15.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a4ab445.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\16.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a4ab446.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\19.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a4ab449.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\2.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a81b43e.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\20.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a4ab440.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\21.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4bc0c8ca.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\23.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '4a4ab443.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\26.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '4bc0c8cf.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\3.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4b0bc8b7.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\46.exe
    [DETECTION] Is the TR/Crypt.UPKM.Gen Trojan
    [NOTE]      The file was moved to '4a4ab458.qua'!
C:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\5.exe
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was moved to '4a81b430.qua'!

JusT.Like

Last infection: bbs.kafan.cn
Infected with: Trojan.PWS.OnlineGames.KBZA (9x), Dropped:Trojan.PWS.OnlineGames.KCGL (2x), Trojan.Obfuscated.MQ
Kill ALL

时尚

红伞通杀，微点全部MISS~

悠柚

D:\TDDownload\TDDOWNLOAD.zip/11.exe         已检测: Virus.Win32.Crypt.CQW!IK
D:\TDDownload\TDDOWNLOAD.zip/15.exe         已检测: Virus.Win32.Crypt!IK
D:\TDDownload\TDDOWNLOAD.zip/16.exe         已检测: Virus.Win32.Crypt.CQW!IK
D:\TDDownload\TDDOWNLOAD.zip/19.exe         已检测: Virus.Win32.Crypt!IK
D:\TDDownload\TDDOWNLOAD.zip/2.exe         已检测: Trojan-GameThief.Win32.OnLineGames!IK
D:\TDDownload\TDDOWNLOAD.zip/20.exe         已检测: Virus.Win32.Crypt.CQW!IK
D:\TDDownload\TDDOWNLOAD.zip/21.exe         已检测: Virus.Win32.Crypt!IK
D:\TDDownload\TDDOWNLOAD.zip/23.exe         已检测: Trojan-GameThief.Win32.OnLineGames!IK
D:\TDDownload\TDDOWNLOAD.zip/26.exe         已检测: PWS.Win32!IK
D:\TDDownload\TDDOWNLOAD.zip/3.exe         已检测: Virus.Win32.Crypt.CQW!IK
D:\TDDownload\TDDOWNLOAD.zip/46.exe         已检测: Generic.PWS.Games!IK
D:\TDDownload\TDDOWNLOAD.zip/5.exe         已检测: Virus.Win32.Crypt.CQW!IK

SUZAKU

AVK ALL

kingmuro

2009-05-27 15:22:05        gxf        3732        Sign of "Win32:OnLineGames-FFZ [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\11.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FFZ [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\15.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FJX [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\16.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FJX [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\19.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FFZ [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\2.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FJX [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\20.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FFZ [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\21.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FJX [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\3.exe\[UPX]\[Embedded_I#34d58]" file.  
2009-05-27 15:22:08        gxf        3732        Sign of "Win32:OnLineGames-FFZ [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\TDDOWNLOAD\TDDOWNLOAD\5.exe\[UPX]\[Embedded_I#34d58]" file.

Result: 12 malware found

Trojan.PWS.OnlineGames.KBZA (virus)

• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\11.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\15.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\16.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\19.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\2.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\20.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\21.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\3.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\5.exe

Dropped:Trojan.PWS.OnlineGames.KCGL (virus)

• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\23.exe
• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\26.exe

Trojan.Obfuscated.MQ (virus)

• C:\Documents and Settings\sk\桌面\virus\27\TDDOWNLOAD.zip\TDDOWNLOAD\46.exe

Scanning Engines:

• F-Secure Aquarius: 11.00.00, 2009-05-26
• F-Secure Hydra: 3.08.9080, 2009-05-26

黑衣~魂

DR.WEB
11.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
15.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
16.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
19.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
2.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
20.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
21.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
23.exe\data001;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\23.exe;Trojan.PWS.Wsgame.11749;;
23.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Container contains infected objects;Deleted.;
26.exe\data001;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD\26.exe;Trojan.PWS.Wsgame.11761;;
26.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Container contains infected objects;Deleted.;
3.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;
5.exe;D:\Documents and Settings\Administrator\桌面\TDDOWNLOAD\TDDOWNLOAD;Trojan.Fonts.4;Deleted.;

kkgh

费尔全杀