又一个肥的

显示全部楼层 · 发表于 2007-10-7 17:46:23

文件: C:\Documents and Settings\moonsilver\桌面\[国产]最新户外旱厕偷拍图片.exe
大小: 464267 字节
修改时间: 2007年9月11日, 16:30:06
MD5: B52E82A66838AA56897D62D019B6C9E1
SHA1: 4BDFF85E26B4C614F892BC9040BFD02428C13943
CRC32: B0A8E8C6

显示全部楼层 · 发表于 2007-10-7 17:48:33

C:\Documents and Settings\wangcheng\桌面\1.rar »RAR »[国产]最新户外旱厕偷拍图片.exe »RAR »lili.exe - probably unknown NewHeur_PE virus [7]
汗一个．．．
ＢＤ挂了

显示全部楼层 · 发表于 2007-10-7 17:48:34

C:\ABC\1.rar:\[国产]最新户外旱厕偷拍图片.exe\lili.exe - 可疑代码段被发现 (Level: 35)

显示全部楼层 · 发表于 2007-10-7 17:48:51

卡巴飘。。。。

显示全部楼层 · 发表于 2007-10-7 17:55:53

脱了下壳

显示全部楼层 · 发表于 2007-10-7 17:56:00

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\1.rar'
C:\Documents and Settings\Administrator\桌面\1.rar
  [0] Archive type: RAR
--> [¹ú²ú]×îÐÂ»§Íâºµ²ÞÍµÅÄÍ¼Æ¬.exe
   [1] Archive type: RAR SFX (self extracting)
   --> lili.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [INFO]    A backup was created as '477aad82.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-10-7 18:05:13

脱壳后报了

F-PROT Antivirus version 6.2.1
FRISK Software International (C) Copyright 1989-2007

Engine version: 4.3.3.49
Virus signatures: 200710041535e63534e608f23b7de3e198c8eca81208
               (C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software\F-PROT Antivirus for Windows\antivir.def)

[Clean] C:\ABC\1\[国产]最新户外旱厕偷拍图片.exe->(RAR)->lili.jpg
[Clean] C:\ABC\1\[国产]最新户外旱厕偷拍图片.exe->(RAR)->lili.exe->(UPX_LZMA)
[Clean] C:\ABC\1\[国产]最新户外旱厕偷拍图片.exe->(RAR)
[Clean] C:\ABC\1\[国产]最新户外旱厕偷拍图片.exe
[Found possible virus] <W32/Threat-Backdoor-Silly-based!Maximus>       C:\ABC\unpack_\unpack_.exe

Results:

Files: 2
Skipped files: 0
MBR/boot sectors checked: 0
Objects scanned: 5
Infected objects: 1
Files with errors: 0
Disinfected: 0

Running time: 00:04

*:
C:\
C:\ABC\1\[国产]最新户外旱厕偷拍图片.exe:<RAR>\lili.exe : is suspected of Trojan-PSW.Lmir.24
C:\ABC\unpack_\unpack_.exe : is suspected of Trojan-PSW.Lmir.24
Program execution terminated by user

Directories    : 5    Files in archives:    Files on disks:
Archives:                - total    : 2    - total    : 14
- scanned       : 1    -  scanned : 2    - scanned    : 14
- contain viruses : 0    -  infected : 0    - infected : 0
- deleted       : 0    -  suspicious : 1    - suspicious  : 2
Startup : 18:06:59 07-10-2007
End       : 18:07:08 07-10-2007
Total time : 00:00:09

[ 本帖最后由 promised 于 2007-10-7 18:07 编辑 ]

显示全部楼层 · 发表于 2007-10-7 18:10:09

脱壳后卡巴启发了。.
已检测到: 病毒 Heur.Trojan.Generic (变种) URL: http://bbs.kafan.cn/attachment.php?aid=136730//unpack_.exe

显示全部楼层 · 发表于 2007-10-7 18:10:53

显示全部楼层 · 发表于 2007-10-7 18:12:55

小紅傘P版　。。。殺。。

[病毒样本] 又一个肥的

本帖子中包含更多资源

本帖子中包含更多资源

回复 5楼 promised 的帖子

本帖子中包含更多资源

浏览过的版块