1个 2009.1.3_04 卡巴杀

killloop

软件名称	引擎版本	病毒库版本	病毒库时间	扫描结果	时间
a-squared	4.0.0.29	20090102023151	2009-01-02	-	2.125
AntiVir	7.9.0.45	7.1.1.65	2009-01-02	-	1.713
Arcavir	1.0.5	200812131407	2008-12-13	Trojan.Psw.Magania.Vq	1.417
Authentium	5.1.1	200901021157	2009-01-02	-	1.085
AVAST!	3.0.1	090102-0	2009-01-02	-	0.091
AVG	7.5.52.442	270.10.2/1872	2009-01-02	Generic10.BAS	1.818
BitDefender	7.81008.2404703	7.22938	2009-01-03	Dropped:Trojan.PWS.OnlineGames.AAGG	2.723
CA (VET)	9.0.0.143	31.6.6289	2009-01-02	-	5.159
ClamAV	0.94.2	8830	2009-01-03	-	0.067
Comodo	3.0	866	2009-01-02	-	0.951
CP Secure	1.1.0.715	2009.01.02	2009-01-02	-	6.365
Dr.Web	4.44.0.9170	2009.01.03	2009-01-03	-	3.851
ewido	4.0.0.2	2008.12.31	2008-12-31	-	3.171
F-Prot	4.4.4.56	20090102	2009-01-02	-	1.113
F-Secure	5.51.6100	2009.01.03.01	2009-01-03	-	4.111
GData	19.2223/19.168	20090103	2009-01-03	-	3.263
Ikarus	T3.1.01.45	2009.01.03.72100	2009-01-03	-	3.581
Microsoft	1.4205	2009.01.02	2009-01-02	Trojan:Win32/Helpud.Y	4.488
mks_vir	2.01	2009.01.02	2009-01-02	-	3.265
Norman	5.93.01	5.93.00	2009-01-02	-	6.262
nProtect	20090102.01	2840358	2009-01-02	Dropped:Trojan.PWS.OnlineGames.AAGG	4.447
Quick Heal	10.00	2009.01.03	2009-01-03	-	1.135
Sophos	2.82.1	4.37	2009-01-03	Mal/Dropper-AE	2.030
Sunbelt	4755	4755	2008-12-22	-	0.521
The Hacker	6.3.1.2	v00204	2009-01-01	-	0.488
VBA32	3.12.8.10	20090101.1137	2009-01-01	-	1.521
ViRobot	20081230	2008.12.30	2008-12-30	-	0.414
VirusBuster	4.5.11.10	10.100.13/757535	2009-01-03	-	1.084
卡巴斯基	5.5.10	2009.01.03	2009-01-03	-	0.045
安博士V3	2009.01.03.00	2009.01.03	2009-01-03	-	1.215
安天	2.0.18	20090103.1949622	2009-01-03	-	0.119
江民杀毒	11.0.706	2008.12.21	2008-12-21	TrojanDropper.Viking	1.406
熊猫卫士	9.05.01	2009.01.02	2009-01-02	-	3.764
瑞星	20.0	21.10.22.00	2008-12-31	-	1.035
赛门铁克	1.3.0.24	20090102.006	2009-01-02	-	0.055
趋势科技	8.700-1004	5.744.07	2009-01-02	-	0.037
迈克菲	5.3.00	5482	2009-01-02	-	2.815
金山毒霸	2008.9.8.18	2009.1.2.20	2009-01-02	-	0.594
飞塔	2.81-3.117	9.887	2009-01-02	-	0.264

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.0.0.73	2009.01.03	-
AhnLab-V3	2008.12.31.0	2009.01.02	-
AntiVir	7.9.0.45	2009.01.02	-
Authentium	5.1.0.4	2009.01.02	-
Avast	4.8.1281.0	2009.01.03	Win32:Spyware-gen
AVG	8.0.0.199	2009.01.02	Generic10.BAS
BitDefender	7.2	2009.01.03	Dropped:Trojan.PWS.OnlineGames.AAGG
CAT-QuickHeal	10.00	2009.01.03	-
ClamAV	0.94.1	2009.01.03	-
Comodo	866	2009.01.02	-
DrWeb	4.44.0.09170	2009.01.03	-
eTrust-Vet	31.6.6289	2009.01.02	-
Ewido	4.0	2008.12.31	-
F-Prot	4.4.4.56	2009.01.02	-
F-Secure	8.0.14470.0	2009.01.03	-
Fortinet	3.117.0.0	2009.01.03	-
GData	19	2009.01.03	Dropped:Trojan.PWS.OnlineGames.AAGG
Ikarus	T3.1.1.45.0	2009.01.03	-
K7AntiVirus	7.10.572	2009.01.02	-
Kaspersky	7.0.0.125	2009.01.03	-
McAfee	5482	2009.01.02	-
McAfee+Artemis	5482	2009.01.02	-
Microsoft	1.4205	2009.01.02	Trojan:Win32/Helpud.Y
NOD32	3733	2009.01.02	-
Norman	5.80.02	2009.01.02	-
Panda	9.0.0.4	2009.01.02	-
PCTools	4.4.2.0	2009.01.02	-
Prevx1	V2	2009.01.03	-
Rising	21.10.22.00	2008.12.31	-
SecureWeb-Gateway	6.7.6	2009.01.03	-
Sophos	4.37.0	2009.01.03	Mal/Dropper-AE
Sunbelt	3.2.1809.2	2008.12.22	-
Symantec	10	2009.01.03	-
TheHacker	6.3.1.4.204	2009.01.02	-
TrendMicro	8.700.0.1004	2009.01.02	-
VBA32	3.12.8.10	2009.01.01	-
ViRobot	2009.1.3.1541	2009.01.03	-
VirusBuster	4.5.11.0	2009.01.02	-

Kitman

The file 'rxcfwg.exe' has been determined to be 'UNDER ANALYSIS'.

hj5abc

wcj20236

syfwxmh

Hello,

rxcfwg.exe_ - Trojan-Dropper.Win32.Agent.adqf

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

>
>
> ------------------
> The Russia Kaspersky Lab Board Of the Honor Members
> Users ID:syfwxmh
>
Please quote all when answering.
-----------------
Regards, Davidow Dmitriy
Virus Analyst, Kaspersky Lab.

sam.to

真的是惡意?

hj5abc

原帖由 sam.to 于 2009-1-3 15:16 发表
真的是惡意?

看起来是外挂 但drop了一些XX 不知是不是毒.看路径.

The file 'G:\C\WINDOWS\system32\sh12014.dll'
contained a virus or unwanted program 'TR/Spy.Gen' [trojan]
Action(s) taken:
The file was deleted!


The file 'G:\C\WINDOWS\system32\rpcss.dll'
contained a virus or unwanted program 'TR/Spy.Gen' [trojan]
Action(s) taken:
The file was deleted!

The file 'G:\C\WINDOWS\system32\csrss.dll'
contained a virus or unwanted program 'TR/Spy.Gen' [trojan]
Action(s) taken:
The file was deleted!

[ 本帖最后由 hj5abc 于 2009-1-3 16:32 编辑 ]

luxiao200888

2009-1-3 16:57:41        http://bbs.kafan.cn/attachment.p ... xcfwg.exe//#//UPack        Google Chrome        检测到威胁: Trojan-GameThief.Win32.OnLineGames.ucdf