维护

显示全部楼层 · 发表于 2007-11-27 12:06:43

维护

显示全部楼层 · 发表于 2007-11-27 12:07:44

Starting the file scan:

Begin scan in 'E:\help.rar'
E:\help.rar
  [0] Archive type: RAR
  --> help.exe
   [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-11-27 12:08:43

程序:
C:\DOCUMENTS AND SETTINGS\DELL\桌面\HELP.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\DELL\LOCAL SETTINGS\TEMP\V9ED9.DLL
2) C:\DOCUMENTS AND SETTINGS\DELL\LOCAL SETTINGS\TEMP\S.SYS
是否删除木马程序及其衍生物?

显示全部楼层 · 发表于 2007-11-27 12:15:45

ena miss

显示全部楼层 · 发表于 2007-11-27 12:26:57

kis 7 没有报

软体名称	引擎版本	特征库版本	特征库日期	扫瞄结果	时间
a-squared	3.0.0.126	2007.11.26	2007-11-26	-	7.072
AhnLab V3	2007.11.24.00	2007.11.24	2007-11-24	-	2.193
Arcavir	1.0.4	200711262202	2007-11-26	-	3.387
Avast	1.0.8	071125-0	2007-11-25	-	4.707
AVG	7.5.49.442	269.16.8/1153	2007-11-26	-	4.036
BitDefender	7.60825.956676	7.15978	2007-11-27	-	10.681
CA(VET)	9.0.0.143	31.3.5329	2007-11-27	-	1.753
ClamAV	0.91.2	4928	2007-11-27	-	0.048
Comodo	2.11	2.0.0.355	2007-11-26	-	1.144
CP Secure	1.1.0.655	2007.11.27	2007-11-27	-	8.911
ewido	4.0.0.2	2007.11.25	2007-11-25	-	1.943
F-Port	4.4.1.52	20071127	2007-11-27	-	1.588
F-SECURE	5.51.6100	2007.11.26.07	2007-11-26	-	2.845
Fortinet	2.81-3.11	8.420	2007-11-26	Suspicious	3.777
IKARUS	T3.1.01.15	2007.11.26.69895	2007-11-26	suspicious(level 130)	1.675
MKS_VIR	2.01	2007.11.27	2007-11-27	-	3.013
NOD32	2.70.10	2687	2007-11-26	-	0.086
nProtect	2007-11-26.01	1062855	2007-11-26	-	8.180
Prevx	V2	20071127	2007-11-27	KAVKOP:Trojan-A	3.542
QuickHeal	9.00	2007.11.26	2007-11-26	Suspicious - DNAScan	2.560
Rising	19.0	20.20.10.00	2007-11-27	-	1.592
SOPHOS	2.49.1	4.21	2007-11-27	Mal/Behav-164	4.011
The Hacker	6.2.9	v00142	2007-11-26	-	0.689
VBA32	3.12.2.5	20071126.1048	2007-11-26	-	1.699
ViRobot	20071126	2007.11.26	2007-11-26	-	0.902
VirusBuster	4.3.19:9	9.115.11/11.0	2007-11-26	-	2.038
卡巴斯基	5.5.10	2007.11.27	2007-11-27	-	4.473
大蜘蛛	4.44.0.9170	2007.11.26	2007-11-26	Trojan.Nsanti.Packed	3.419
小红伞	7.6.0.35	7.0.1.9	2007-11-26	TR/Crypt.NSPM.Gen	4.879
江民科技	10.00.650	2007.11.26	2007-11-26	-	1.625
熊猫	9.04.03.0001	2007.11.26	2007-11-26	-	3.982
诺曼	5.91.08	5.90	2007-11-25	-	7.512
赛门铁克	1.3.0.24	20071126.021	2007-11-26	-	0.206
趋势科技	8.500-1001	4.850.01	2007-11-26	-	0.044
迈克菲	5.2.00	5171	2007-11-26	-	1.427
金山毒霸	2007.6.20.249	2007.11.27	2007-11-27	-	3.773

显示全部楼层 · 发表于 2007-11-27 13:29:11

已上报给卡巴和nod

显示全部楼层 · 发表于 2007-11-27 14:18:43

Hello.

New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.

--
Regards, Ilya Goncharov
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com http://www.viruslist.com

显示全部楼层 · 发表于 2007-11-27 14:21:17

估计卡巴斯基托不掉nsanti所以没法分析code，微点已经给的很详细了

显示全部楼层 · 发表于 2007-11-27 14:22:19

不明白??

显示全部楼层 · 发表于 2007-11-27 14:34:38

看3楼

[病毒样本] 维护

本帖子中包含更多资源

回复 7楼 kato9096 的帖子

回复 8楼 mofunzone 的帖子

回复 9楼 kato9096 的帖子