28个 (来自美国和阿拉伯大型毒窟)

显示全部楼层 · 发表于 2010-1-14 14:17:03

本帖最后由 sam.to 于 2010-1-15 16:23 编辑

4a93d03d8bc0f6c15b1d7da9d2a5488b  bat.exe+
02c86f451e066e96e1df1c428a7cbb88  Project1.exe+
08ab7bcd7c9bb3161e0c6e980b084d02  system32.exe+
199251f7ab236e4ae6e850935a109733  wh_24093735.exe+
aa946247e51c1579d05d0e07297b2f4b  wh_24094014.exe+
c29f3d6f523805f56b6d0d4c50456335  wh_24095036.exe+
1b866badc7b2bec19bcb1d7f4f5940b4  wh_24124760.exe+
4e6ca27b71e2d04bf51af8ae6e21f1d9  wh_24124892.exe+
12b27dd2f226d2c9e5439707b5a98a4d  wh_24157651.exe+
98dc859ba7ac4356e23f125a50220de0  wh_2javascript:;4163556.exe+
506afeed4a968c749f002ff50bd86cab  wh_24176116.exe+
9ea395e6d2f6f008e37247061fe670b9  wh_24181364.exe+
c4af6cf1cc33ebc0b496b6c978f2094e  wh_24181689.exe+
dfbd4cb5306f2a3ed2a85b24cb55f6c8  wh_24186624.exe+
f09e9cba52bda86bf5ec48bfcb755457  wh_24195385.exe+
bb64276bea9a70f19e5a026bdecd823c  wh_24195512.exe+
6f5dfd67e85d879c9ff17e63fe3c0c96  wh_24204523.exe+
6d3ce7a08998b8519e0221cccb619f08  wh_24210499.exe+
2335d80476e049cc48928ca5d574ee11  wh_24229201.exe+
71fc8fdc213a16648430bf32468a46a9  wh_24238353.exe+
946310ebdf12aefac26759db2b3da129  wh_24239008.exe+
2c18a24fee979545b76b7f5837559131  wh_24254900.exe+
0641b7cfb16ec4709dd76b3ba9769195  wh_24263590.exe+
41930bcd298a27f42e959c3a773dc91b  wh_24263945.exe+
eb77a7884687237f19a0e98cf05a8979  wh_24267859.exe+
31cbfb33c99fad5709f0c3b5e3192c45  wh_24286005.exe+
93f973fb3ee7cd4b1426769ec9666ec3  wh_24289713.exe+
39c4801096f9ed1afac6d2a166bd2911  لعشاق الطيز.exe+

missed to kl,ll

Hello,

Project1.exe+, wh_24095036.exe+

No malicious code were found in these files.

wh_24093735.exe+ - Trojan.Win32.Refroso.aglx,
wh_24163556.exe+ - Trojan.Win32.Refroso.agly,
wh_24181689.exe+ - Backdoor.Win32.Bifrose.cbkd,
wh_24239008.exe+ - Trojan-Dropper.Win32.Clons.dgg

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

--
Best regards,
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

Best Regards, NewVirus

显示全部楼层 · 发表于 2010-1-14 14:22:50

本帖最后由 jason_jiang 于 2010-1-14 14:27 编辑

MSE left 5, to

显示全部楼层 · 发表于 2010-1-14 14:24:39

本帖最后由幸福的猪猪于 2010-1-14 15:10 编辑

在网吧，用A-SQUARED FREE 扫描的结果. (ik miss 1x)

C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\bat.exe+       已检测: Trojan.Win32.Midgare!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\system32.exe+       已检测: Trojan-Downloader.Win32.Pher!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24093735.exe+       已检测: Trojan-Dropper!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24094014.exe+       已检测: Trojan-Spy.Win32.VB!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24095036.exe+       已检测: Trojan.Backdoor.SuspectCRC!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24124760.exe+       已检测: Backdoor.Win32.Agent!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24124892.exe+       已检测: Riskware.Win32.DelfInject!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24157651.exe+       已检测: Riskware.Win32.DelfInject!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24163556.exe+       已检测: Virus.Win32.VB!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24176116.exe+       已检测: Backdoor.Win32.Poison!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24181364.exe+       已检测: Virus.Win32.Bifrose!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24181689.exe+       已检测: Riskware.Win32.Injector!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24186624.exe+       已检测: Gen.Trojan!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24195385.exe+       已检测: Backdoor.Win32.Bifrose!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24195512.exe+/system.exe       已检测: Virus.Win32.Vanbot!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24204523.exe+       已检测: Trojan.Win32.Buzus!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24210499.exe+       已检测: Trojan.Win32.Refroso!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24229201.exe+       已检测: Backdoor.Win32.Poison!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24238353.exe+       已检测: Trojan.Midgare!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24239008.exe+       已检测: Trojan.Buzus!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24254900.exe+       已检测: Virus.Win32.Bifrose!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24263590.exe+       已检测: Trojan-Downloader.Win32.Buzus!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24263945.exe+       已检测: Riskware.Win32.Vbcrypt!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24267859.exe+       已检测: Backdoor.Win32.Bifrose!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24286005.exe+       已检测: Virus.Win32.Poison!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\wh_24289713.exe+       已检测: Trojan-Spy.Win32.VB!IK
C:\Documents and Settings\Administrator\桌面\iygufwt5ytertgy4erdfgcfg[1]\iygufwt5ytertgy4erdfgcfg\لعشاق الطيز.exe+       已检测: Riskware.Win32.Vbinder!IK

显示全部楼层 · 发表于 2010-1-14 14:27:15

D:\TDDownload\iygufwt5ytertgy4erdfgcfg\bat.exe+,查到病毒： W32/Sality.AA, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24095036.exe+,查到病毒： W32/BDoor.DKI!tr.bdr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24124760.exe+,查到病毒： W32/BDoor.IME!tr.bdr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24124892.exe+,查到病毒： PossibleThreat, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24157651.exe+,查到病毒： W32/Buzus.CQZC!tr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24176116.exe+,查到病毒： W32/Hupigon.ZS!tr.bdr, 操作：已修复
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24181364.exe+,查到病毒： W32/Bifrose.ADR!tr.bdr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24181689.exe+,查到病毒： W32/Injector.YHR!tr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24186624.exe+,查到病毒： W32/RBot.AGYS!tr.bdr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24195512.exe+,查到病毒： W32/BDoor.EAZ!tr.bdr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24204523.exe+,查到病毒： W32/Buzus.SF!tr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24229201.exe+,查到病毒： W32/Parite.fam, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24238353.exe+,查到病毒： W32/Midgare.ADJF!tr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24239008.exe+,查到病毒： W32/Buzus.BBNS!tr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24263590.exe+,查到病毒： W32/Agent.COHW!tr, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24263945.exe+,查到病毒： W32/Sality.AA, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24267859.exe+,查到病毒： W32/Virut.CE, 操作：删除/隔离
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24286005.exe+,查到病毒： W32/Keylog.AY!tr.bdr, 操作：已修复
D:\TDDownload\iygufwt5ytertgy4erdfgcfg\wh_24289713.exe+,查到病毒： W32/Emogen.CDL!tr, 操作：删除/隔离

显示全部楼层 · 发表于 2010-1-14 14:45:05

E:\download\iygufwt5ytertgy4erdfgcfg\bat.exe+
[DETECTION] Contains code of the W32/Sality Windows virus
E:\download\iygufwt5ytertgy4erdfgcfg\system32.exe+
[DETECTION] Is the TR/Dldr.Agent.ckps Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24093735.exe+
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24094014.exe+
[DETECTION] Is the TR/ATRAPS.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24095036.exe+
[DETECTION] Is the TR/Crypt.XPACK.Gen2 Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24124760.exe+
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Bifrose.ACI back-door program
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24124892.exe+
[DETECTION] Is the TR/Crypt.XDR.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24157651.exe+
[DETECTION] Is the TR/Agent.AIWT Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24163556.exe+
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24176116.exe+
[DETECTION] Is the TR/Poison.7645 Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24181364.exe+
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.BKY back-door program
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24181689.exe+
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24186624.exe+
[DETECTION] Contains recognition pattern of the DR/Rbot.192060 dropper
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24195385.exe+
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Bifrose.arnw back-door program
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24195512.exe+
[0] Archive type: RAR SFX (self extracting)
--> system.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24204523.exe+
[DETECTION] Contains recognition pattern of the DR/Buzus.aeux dropper
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24210499.exe+
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24229201.exe+
[DETECTION] Contains code of the W32/Parite Windows virus
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24238353.exe+
[DETECTION] Contains recognition pattern of the TR.Midgare.adjf virus
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24239008.exe+
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Bifrose.Gen back-door program
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24254900.exe+
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Bifrose.fqs back-door program
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24263590.exe+
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24263945.exe+
[DETECTION] Contains code of the W32/Sality.Y Windows virus
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24267859.exe+
[DETECTION] Is the TR/Agent.ckeq Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24286005.exe+
[DETECTION] Contains a recognition pattern of the (harmful) BDS/PoisonIv.A.8704 back-door program
E:\download\iygufwt5ytertgy4erdfgcfg\wh_24289713.exe+
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
E:\download\iygufwt5ytertgy4erdfgcfg\لعشاق الطيز.exe+
[DETECTION] Is the TR/Dropper.Gen Trojan

显示全部楼层 · 发表于 2010-1-14 14:45:52

下个测测看看

显示全部楼层 · 发表于 2010-1-14 14:47:31

下载来测试一下KV10。

显示全部楼层 · 发表于 2010-1-14 15:01:25

本帖最后由 shuangchun 于 2010-1-14 15:04 编辑

可怜，nod32还没a2免费版查出来的多，第一个压缩包eset只查到16个，a2查到19个。第二个包eset一个都没查到，a2查到8个，悲剧啊，收费版没有免费版查出来的多

显示全部楼层 · 发表于 2010-1-14 15:44:03

AVG包一9个，包二16个

显示全部楼层 · 发表于 2010-1-14 15:50:38

瑞星22个

[病毒样本] 28个 (来自美国和阿拉伯大型毒窟)

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源