1.exe,2.exe,3.exe,4.exe,5.exe,6.exe，看看你的杀软杀几个

显示全部楼层 · 发表于 2011-6-28 13:24:33

本帖最后由 -oAo- 于 2011-6-28 13:44 编辑

下载360报木马，右键微点报安全

啊哦微点设置不扫描压缩文件

显示全部楼层 · 发表于 2011-6-28 13:27:34

eset kill 3x
C:\Users\微亿毫\Desktop\6X.rar > RAR > 2.exe - Win32/PSW.OnLineGames.PJS 特洛伊木马的变种
C:\Users\微亿毫\Desktop\6X.rar > RAR > 3.exe - 可能是 Win32/PSW.WOW.NTW 特洛伊木马的变种
C:\Users\微亿毫\Desktop\6X.rar > RAR > 5.exe - Win32/Farfli.BS 特洛伊木马的变种
TO ESET

显示全部楼层 · 发表于 2011-6-28 13:37:50

本帖最后由 xyc5238207 于 2011-6-28 13:39 编辑

微点主防1.2只查出了3个。3.5和六、

显示全部楼层 · 发表于 2011-6-28 13:41:53

本帖最后由 humanlwj52 于 2011-6-28 13:44 编辑

4.exe>>BD miss

显示全部楼层 · 发表于 2011-6-28 13:48:45

红伞解压后杀了5个。余1

显示全部楼层 · 发表于 2011-6-28 14:51:25

本帖最后由 a256886572008 于 2011-6-28 14:57 编辑

4.exe 只不過是隨開機啟動，把首頁設置為
http://www.zhu911.org

不是病毒，風險程序。

显示全部楼层 · 发表于 2011-6-28 14:54:19

本帖最后由 a256886572008 于 2011-6-28 15:08 编辑

CAV 殺

2011-06-28 14:48:55 C:\Documents and Settings\Roger\桌面\VIRUS\6X\1.exe TrojWare.Win32.TrojanDownloader.Agent.~d018@103168378

2011-06-28 14:48:37 C:\Documents and Settings\Roger\桌面\VIRUS\6X\3.exe TrojWare.Win32.Trojan.Agent.Gen@216931101

2011-06-28 14:48:43 C:\Documents and Settings\Roger\桌面\VIRUS\6X\5.exe TrojWare.Win32.Magania.~acku@25568599

2011-06-28 14:48:49 C:\Documents and Settings\Roger\桌面\VIRUS\6X\6.exe
Heur.Suspicious@162526895

-------------------------------------------------
comodo 雲查殺

2011-06-28 15:07:26 C:\Documents and Settings\Roger\桌面\VIRUS\6X\4.exe
Heur.Packed.Unknown@1

--------------------------------------------------------------------
1.exe

http://camas.comodo.com/cgi-bin/submit?file=fd44d3a7eae90fde128b4b8ba8f19b5ea85bfafc7afd8938df9498d203a42a01

• Verdict
Auto Analysis Verdict
Suspicious+

• Description
Suspicious Actions Detected
Copies self to other locations
Creates files in windows system directory
Deletes self

-------------------------------------------------------------------
2.exe

CIMA沒反應，實機運行也沒動作

-----------------------------------------
3.exe

http://camas.comodo.com/cgi-bin/submit?file=7f258fb5def852b167b4a2a5bc0a9b1c6aec9c6703858cac3994a3a038344882

• Verdict
Auto Analysis Verdict
Suspicious++

• Description
Suspicious Actions Detected
Creates files in windows system directory
Deletes self
Patches system files

----------------------------------------------
4.exe

http://camas.comodo.com/cgi-bin/submit?file=976bd000ffc71ecdd8ac20c03ead2a76821489491831d1459eee37f5a0c5c725

• Verdict
Auto Analysis Verdict
Suspicious+

• Description
Suspicious Actions Detected
Creates autorun records
Creates files in windows system directory

------------------------------------------------
5.exe

http://camas.comodo.com/cgi-bin/submit?file=a92e323d02d82c9966bf920506d01c4c93495b27505bf39a8569d3686d002d05

• Verdict
Auto Analysis Verdict
Suspicious++

• Description
Suspicious Actions Detected
Creates system services or drivers
Deletes self

-----------------------------------------------------
6.exe

http://camas.comodo.com/cgi-bin/submit?file=b345918fd426261718741b320cba2102d1226ead98788c13ef6a5f6fdf3c7af2

• Verdict
Auto Analysis Verdict
Suspicious+

• Description
Suspicious Actions Detected
Copies self to other locations
Creates autorun records
Creates files in program files directory
Injects code into other processes

显示全部楼层 · 发表于 2011-6-28 15:13:05

大蜘蛛发现3个，文件加了壳：
2.exe packed by UPX
2.exe packed by BINARYRES
2.exe - Ok
3.exe packed by UPX
3.exe packed by FLY-CODE
3.exe - archive BINARYRES
3.exe/data001 infected with Trojan.PWS.Gamania.30107

4.exe - archive RAR
4.exe - Ok

5.exe infected with Trojan.MulDrop1.43202

6.exe packed by ASPACK
6.exe packed by ASPROTECT
6.exe infected with Trojan.Darkshell.110

1.exe packed by UPACK
1.exe packed by BINARYRES
1.exe - Ok

显示全部楼层 · 发表于 2011-6-28 15:32:08

显示全部楼层 · 发表于 2011-6-28 15:36:13

a256886572008 发表于 2011-6-28 14:51
4.exe 只不過是隨開機啟動，把首頁設置為
http://www.zhu911.org

好像还有击键记录哦

[病毒样本] 1.exe,2.exe,3.exe,4.exe,5.exe,6.exe，看看你的杀软杀几个

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块