鸽子两只

显示全部楼层 · 发表于 2007-12-7 21:29:17

C:\ABC\conf1g.exe - 特征码 'Trojan-Dropper.Win32.Flystud.B' 被发现
C:\ABC\win.com.cn.exe - 特征码 'Backdoor.Win32.Hupigon.RS' 被发现

显示全部楼层 · 发表于 2007-12-7 21:32:28

UGuard Log (Digital Fox - gankeyu@126.com)
UGuarduu.exe = 4.5.6
HC0.rlb = 3.9.4
HC2.rlb = 2.4.0
FN0.rlb = 2.3.1
扫描选项：扫描档案, 扩展, 忽略非活动, 忽略大文件, nFile, BAT模拟, 捆绑检测, 变形壳, 启发,
[扫描] [捆绑检测] 在 E:\Documents and Settings\Administrator\桌面\win\conf1g.exe 检测到 Generic.Binder
[扫描] [nFile Detect 2] 在 E:\Documents and Settings\Administrator\桌面\win\win.com.cn.exe 检测到 Generic.nFile
检测到了 2 个未知的恶意程序，请上报。
任务扫描完成。共耗费的时间：0-00-00 00:00:00:0062，共扫描的文件数量：2，共扫描到的威胁数量：2，威胁率：100%，扫描速率： 32.26 文件/秒，扫描速度： 17785.11 千字节/秒，共扫描了 1102.68 千字节。

显示全部楼层 · 发表于 2007-12-7 21:36:52

Starting the file scan:

Begin scan in 'E:\win.rar'
E:\win.rar
  [0] Archive type: RAR
  --> win.com.cn.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [WARNING] The file was ignored!

显示全部楼层 · 发表于 2007-12-7 21:38:18

易语言不认识

deleted: Trojan program Backdoor.Win32.Hupigon.eko File: C:\Documents and Settings\Owner\×ÀÃæ\win.rar/win.com.cn.exe

显示全部楼层 · 发表于 2007-12-7 21:40:16

易直接启发分析得了..类似.NET的结构..

显示全部楼层 · 发表于 2007-12-7 21:42:38

C:\win.rar\conf1g.exe\data002\krnln.fnr - infected with BackDoor.Pigeon.775
C:\win.rar\win.com.cn.exe - infected with BackDoor.Pigeon.2772

Archive contains 2 infected items

DRWEB 4.44

显示全部楼层 · 发表于 2007-12-7 21:54:20

The file 'conf1g.exe' has been determined to be 'MALWARE'. Our analysts named the threat DR/Hupigon.fps. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection will be added to our virus definition file (VDF) with one of the next updates.

显示全部楼层 · 发表于 2007-12-7 22:26:41

Hello,

conf1g.exe - Trojan-Dropper.Win32.Flystud.w

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Kirill Erakhtin
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

显示全部楼层 · 发表于 2007-12-7 22:28:43

微点砍掉

显示全部楼层 · 发表于 2007-12-8 06:53:20

Miss

[病毒样本] 鸽子两只

本帖子中包含更多资源

回复 3楼 Graybird 的帖子

本帖子中包含更多资源

ESET Smart Security