卡巴报启发[MD5: 619D98]

显示全部楼层 · 发表于 2007-7-17 15:08:59

C:\ABC\样本.rar:\mm.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\样本.rar

2 个文件被扫描
(1 个压缩档 1 个文件)
1 个特征码被侦测
0 个可疑代码段被发现
耗时: 0:00.016

显示全部楼层 · 发表于 2007-7-17 15:09:05

AVAST飘过

显示全部楼层 · 发表于 2007-7-17 15:09:57

===================================================================================================
NVCOD On Demand Scanner 5.80.02

NSE revision 5.91.02
nvcbin.def revision 5.90.00 of 2007/07/16 18:21:00 (810345 variants)
nvcmacro.def revision 5.90.00 of 2007/06/29 06:32:19 (20341 variants)
Total number of variants: 830686
Command line: "@C:\Users\Jason\AppData\Local\Temp\~ODF034.tmp"
===================================================================================================

   Time  Filename                                                    Virus name
---------------------------------------------------------------------------------------------------
- Scanning files matching: D:\v\mm.exe
   183 ms D:\v\mm.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File D:\v\mm.exe quarantined.
- File D:\v\mm.exe deleted.

===================================================================================================

The scanning started: 2007/07/17 15:08:11
            ended: 2007/07/17 15:08:12
Logged on as       : Jason
on hostname       : JASON-PC

Scanning results:
Total number of files found..............................:    1
Number of files scanned..................................:    1
Number of files/directories skipped due to exclude list..:    0
Number of files that could not be opened.................:    0
Number of archive files unpacked.........................:    0
Number of archive files not unpacked.....................:    0
Number of infections.....................................:    1

Copyright (c) 1993-2005 Norman ASA.

显示全部楼层 · 发表于 2007-7-17 15:10:22

报的没几个

Scan taken on 17 Jul 2007 07:08:53 (GMT)
A-Squared	Found nothing
AntiVir	Found HEUR/Malware
ArcaVir	Found Heur.Win32
Avast	Found nothing
AVG Antivirus	Found nothing
BitDefender	Found BehavesLike:Win32.ExplorerHijack (probable variant)
ClamAV	Found nothing
Dr.Web	Found nothing
F-Prot Antivirus	Found nothing
F-Secure Anti-Virus	Found nothing
Fortinet	Found nothing
Kaspersky Anti-Virus	Found nothing
NOD32	Found nothing
Norman Virus Control	Found nothing
Panda Antivirus	Found nothing
Rising Antivirus	Found nothing
Sophos Antivirus	Found Mal/Packer
VirusBuster	Found Packed/Upack
VBA32	Found nothing

显示全部楼层 · 发表于 2007-7-17 15:11:00

费尔启发。

显示全部楼层 · 发表于 2007-7-17 15:19:52

程序:
E:\病毒库\样本\MM.EXE
木马程序生成以下文件:
1) C:\WINDOWS\SYSTEM32\SYSTHECATMSG.EXE
2) C:\WINDOWS\SYSTEM32\SYSTHECATDLL.EXE
是否删除木马程序及其衍生物?

显示全部楼层 · 发表于 2007-7-17 15:31:27

安铁诺杀死靠

显示全部楼层 · 发表于 2007-7-17 15:31:33

显示全部楼层 · 发表于 2007-7-17 16:02:20

这个样本以前有人发过

[病毒样本] 卡巴报启发[MD5: 619D98]

本帖子中包含更多资源

本帖子中包含更多资源