c-setup.exe 更新了~

显示全部楼层 · 发表于 2008-8-30 02:04:02

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.8.29.0	2008.08.29	-
AntiVir	7.8.1.23	2008.08.29	DR/Delphi.Gen
Authentium	5.1.0.4	2008.08.29	W32/Adware-RegBHO-based.1!Maximus
Avast	4.8.1195.0	2008.08.29	-
AVG	8.0.0.161	2008.08.29	Generic3.LZS
BitDefender	7.2	2008.08.29	-
CAT-QuickHeal	9.50	2008.08.29	-
ClamAV	0.93.1	2008.08.29	-
DrWeb	4.44.0.09170	2008.08.29	-
eSafe	7.0.17.0	2008.08.28	Suspicious File
eTrust-Vet	31.6.6056	2008.08.29	-
Ewido	4.0	2008.08.29	-
F-Prot	4.4.4.56	2008.08.29	W32/Adware-RegBHO-based.1!Maximus
F-Secure	7.60.13501.0	2008.08.29	Trojan:W32/Agent.FVX
Fortinet	3.14.0.0	2008.08.29	-
GData	19	2008.08.29	-
Ikarus	T3.1.1.34.0	2008.08.29	Trojan.Delf.NEB
K7AntiVirus	7.10.432	2008.08.29	-
Kaspersky	7.0.0.125	2008.08.29	-
McAfee	5373	2008.08.29	-
Microsoft	1.3807	2008.08.25	-
NOD32v2	3399	2008.08.29	a variant of Win32/Adware.IeDefender.NGU
Norman	5.80.02	2008.08.29	W32/Malware.DQPF
Panda	9.0.0.4	2008.08.29	Suspicious file
PCTools	4.4.2.0	2008.08.29	-
Prevx1	V2	2008.08.29	Malicious Software
Rising	20.59.41.00	2008.08.29	-
Sophos	4.33.0	2008.08.29	Sus/Dropper-R
Sunbelt	3.1.1592.1	2008.08.29	-
Symantec	10	2008.08.29	-
TheHacker	6.3.0.6.067	2008.08.29	-
TrendMicro	8.700.0.1004	2008.08.29	PAK_Generic.001
VBA32	3.12.8.4	2008.08.29	-
ViRobot	2008.8.29.1355	2008.08.29	-
VirusBuster	4.5.11.0	2008.08.29	-
Webwasher-Gateway	6.6.2	2008.08.29	Trojan.Dropper.Delphi.Gen

显示全部楼层 · 发表于 2008-8-30 07:09:46

Access to the data has been denied!
Warning: A virus or unwanted program has been found in the HTTP Data.

Requested URL: http://bbs.kafan.cn/attachment.p ... a8&t=1220051374
Information: Contains recognition pattern of the DR/Delphi.Gen dropper

Generated by AntiVir WebGuard 8.0.15.0, AVE 8.1.1.23, VDF 7.0.6.92

显示全部楼层 · 发表于 2008-8-30 07:56:15

C:\Documents and Settings\Administrator\桌面\c-setup.rar>>c-setup.exe Trojan.Delphi.Gen.pjgq 木马还未处理

显示全部楼层 · 发表于 2008-8-30 08:17:43

<W32/Adware-RegBHO-based.1!Maximus (not disinfectable)> C:\Download Files\c-setup.rar->c-setup.exe->rsrcPE->(UPX)

显示全部楼层 · 发表于 2008-8-30 09:08:30

Scan Log
Version of virus signature database: 3401 (20080829)
Date: 2008-8-30 Time: 9:09:19
Scanned disks, folders and files: G:\v\c-setup.rar
G:\v\c-setup.rar » RAR » c-setup.exe - a variant of Win32/Adware.IeDefender.NGU application - was a part of the deleted object
Number of scanned objects: 1
Number of threats found: 1
Number of cleaned objects: 1
Time of completion: 9:09:19 Total scanning time: 0 sec (00:00:00)

显示全部楼层 · 发表于 2008-8-30 10:01:20

SEP扫描不报，运行报。

[ 本帖最后由 Love=卡巴+费尔于 2008-8-30 10:02 编辑 ]

显示全部楼层 · 发表于 2008-8-30 10:51:25

费尔 Trojan.Delphi.Gen.pjgq

显示全部楼层 · 发表于 2008-8-30 12:59:09

kis2009询问后选择送入low restricted
30/08/2008 12:56:53 AM c-setup.exe Create C:\WINDOWS\SYSWOW64\wsaozy.dll
然后程序退出

这个东西有啥危害？

显示全部楼层 · 发表于 2008-8-30 13:08:05

D:\download\c-setup.rar>>c-setup.exe Trojan.Delphi.Gen.pjgq 木马还未处理

显示全部楼层 · 发表于 2008-8-30 16:56:22

2008/8/30 16:56:04 已清除木马程序 Trojan.Win32.Agent.abtd G:\Temp\Virus\c-setup.rar/c-setup.exe

[病毒样本] c-setup.exe 更新了~

F-Prot 4.4.4