木马一只过NOD32，被微点拿下

qiuzhen1976

游戏群里新发的文件，估计是木马，这次质量不错，NOD32没反应，微点发现未知网络蠕虫把它拿下。金山卫士，数字卫士没反应啊！！！用其他杀毒的兄弟看看自己的杀毒怎么样，随便上报下，让木马报废。

jayavira

to eset

http://samples.eset.com.cn/index ... b7e4d27cedae07edc22

wx4543

[:26:]

liulangzhecgr

timhas266

Start of the scan: Sunday, 9 January, 2011  09:57

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Tim\桌面\test\自动多FB辅助(正式版).rar'
C:\Documents and Settings\Tim\桌面\test\自动多FB辅助(正式版).rar
[0] Archive type: RAR
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
  --> ￗￔﾶﾯﾶ￠FBﾸﾨￖ(ￕ�ￊﾽﾰ￦).exe
    [1] Archive type: RSRC
--> Object
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      A backup was created as 'ad20c987.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!


End of the scan: Sunday, 9 January, 2011  09:58
Used time: 01:16 Minute(s)

The scan has been done completely.

      0 Scanned directories
      2 Files were scanned
      1 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      1 files were deleted
      0 Viruses and unwanted programs were repaired
      1 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      1 Archives were scanned
      0 Warnings
      1 Notes

fatezero

TO KL

Hello,

This message is generated by automatic letter reception system. The report contains information on what the verdicts on the files (if any in the letter) makes antivirus with latest updates. Letter will be passed to the virus analyst.

自动多FB辅助(正式版).exe - P2P-Worm.Win32.Palevo.bmfw

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Best Regards, Kaspersky Lab

猪头大队

avg无视

星晨

BitDefender上报

2011-01-09 10:41:50	C:\Users\k\Desktop\自动多FB辅助(正式版).exe	修改文件	C:\WINDOWS\362.VBS
2011-01-09 10:41:56	C:\Users\k\Desktop\自动多FB辅助(正式版).exe	修改文件	C:\WINDOWS\Best.bat

电影结束了

TrojWare.Win32.Magania.~all@25568566 E:\virus test\

久远寺有珠

过瑞星防御