1.exe

显示全部楼层 · 发表于 2009-8-14 00:49:02

http://www.virustotal.com/zh-cn/analisis/16d79df3470ac8f48558dd0c63143e5ddcbcca2f1ac6c4f59be6eb73571721e7-1250182068

To KL

[ 本帖最后由尤金卡巴斯基于 2009-8-14 02:08 编辑 ]

显示全部楼层 · 发表于 2009-8-14 00:56:46

1\1.exe - 已感染 Trojan.PWS.Gamania.19803

显示全部楼层 · 发表于 2009-8-14 00:59:33

a-squared 4.5.0.3 20090813160201 2009-08-13 Trojan-GameThief.Win32.WOW!IK 0.414
AntiVir 8.2.1.1 7.1.5.109 2009-08-13 TR/Dropper.Gen 0.113
Arcavir 2009 200908121839 2009-08-12 - 0.038
Authentium 5.1.1 200908131109 2009-08-13 - 1.453
AVAST! 4.7.4 090812-0 2009-08-12 - 0.008
AVG 8.5.288 270.13.54/2300 2009-08-13 Win32/Heur 0.317
BitDefender 7.81008.3837912 7.27144 2009-08-13 Trojan.PWS.OnLineGames.SSH 3.457
CA (VET) 9.0.0.143 31.6.6673 2009-08-13 Win32/Gamepass!generic trojan. 7.565
ClamAV 0.95.2 9689 2009-08-13 Trojan.Delf-6581 0.009
Comodo 3.10 1966 2009-08-13 Heur.Packed.Unknown 0.787
CP Secure 1.1.0.715 2009.08.13 2009-08-13 Troj.W32.Delf.va 12.417
Dr.Web 4.44.0.9170 2009.08.13 2009-08-13 - 5.523
F-Prot 4.4.4.56 20090813 2009-08-13 - 1.472
F-Secure 7.02.73807 2009.08.13.14 2009-08-13 - 0.297
GData 19.7094/19.437 20090813 2009-08-13 - 5.058
Ikarus T3.1.01.64 2009.08.13.73232 2009-08-13 Trojan-GameThief.Win32.WOW 3.721
Microsoft 1.4903 2009.08.12 2009-08-12 TrojanDropper:Win32/OnLineGames.H 5.421
Norman 6.01.09 6.01.00 2009-08-12 - 4.014
nProtect 20090812.02 4997778 2009-08-12 Trojan.PWS.OnLineGames.SSH 5.994
Quick Heal 10.00 2009.08.13 2009-08-13 Suspicious - DNAScan 1.090
Sophos 2.89.1 4.44 2009-08-13 Mal/EncPk-EW 4.700
Sunbelt 5327 5327 2009-08-12 ], [ 1.761
The Hacker 6.3.4.3 v00383 2009-08-12 - 0.751
VBA32 3.12.10.9 20090812.1653 2009-08-12 Backdoor.XiaoBird.67 (paranoid heuristics) (suspicious) 2.075
ViRobot 20090813 2009.08.13 2009-08-13 - 0.439
VirusBuster 4.5.11.10 10.112.4/1818927 2009-08-13 - 2.798
卡巴斯基 5.5.10 2009.08.13 2009-08-13 - 0.112
安博士V3 2009.08.13.04 2009.08.13 2009-08-13 - 0.955
安天 2.0.18 20090813.2698352 2009-08-13 - 0.127
江民杀毒 11.0.800 2009.08.13 2009-08-13 Backdoor/Bifrose.leb 5.873
熊猫卫士 9.05.01 2009.08.13 2009-08-13 Suspicious file 2.244
瑞星 20.0 21.42.34.00 2009-08-13 - 1.380
赛门铁克 1.3.0.24 20090812.008 2009-08-12 - 0.067
趋势科技 8.700-1004 6.361.00 2009-08-13 - 0.038
迈克菲 5.3.00 5707 2009-08-12 - 3.333
金山毒霸 2009.2.5.15 2009.8.13.21 2009-08-13 Win32.Troj.KillAV.155136 0.658
飞塔 2.81-3.120 10.713 2009-08-13 PossibleThreat 0.207

显示全部楼层 · 发表于 2009-8-14 01:00:38

Avira TR/Dropper.Gen Trojan

显示全部楼层 · 发表于 2009-8-14 02:03:32

NOD32 kill
1.exe - Win32/AntiAV.NBO

显示全部楼层 · 发表于 2009-8-14 23:43:54

Hello,

1.exe_ - Trojan-GameThief.Win32.Magania.butz

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.
Please quote all when answering.

The answer is relevant to the latest bases from update sources.

Best regards, Ilya Tolstikhin
Virus analyst, Kaspersky Lab.
10/1, 1st Volokolamsky Proezd, Moscow, 123060, Russia
Tel./Fax: + 7 (495) 797 8700
http://www.kaspersky.com http://www.viruslist.com

[ 本帖最后由尤金卡巴斯基于 2009-8-14 23:59 编辑 ]

显示全部楼层 · 发表于 2009-8-17 09:53:49

Trojan name:Trojan.Win32.AntiAV.aul

Trojan program(s) generates files as below:
1) C:\AVP.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WMNET.EXE
3) C:\PROGRAM FILES\COMMON FILES\SYSTEM\QQJIJI.EXE
Delete Trojan program(s) and its remains or not?

显示全部楼层 · 发表于 2009-8-17 10:25:11

显示全部楼层 · 发表于 2009-9-28 14:47:14

360杀毒kill

[病毒样本] 1.exe

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块