LESE.EXE

显示全部楼层 · 发表于 2008-1-2 21:34:26

from
hxxp://766598.com/lese1.htm
看到UNESCAPE就想吐了..就把明文列出来的发上来吧..

http://world0fwarcraft.net/lese.exe
http://www.cvcvdede.cn/lese.exe

显示全部楼层 · 发表于 2008-1-2 21:36:17

費爾 missed

显示全部楼层 · 发表于 2008-1-2 21:39:37

ESET报

2008-1-2 21:38:41 HTTP filter file http://world0fwarcraft.net/lese.exe probably a variant of Win32/PSW.OnLineGames.NFY trojan connection terminated - quarantined CHINESE-GUNDAM\GUNDAM Threat was detected upon access to web by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
2008-1-2 21:38:41 HTTP filter file http://www.cvcvdede.cn/lese.exe probably a variant of Win32/PSW.OnLineGames.NFY trojan connection terminated - quarantined CHINESE-GUNDAM\GUNDAM Threat was detected upon access to web by the application: C:\Program Files\Mozilla Firefox\firefox.exe.

显示全部楼层 · 发表于 2008-1-2 21:49:53

detected: Trojan program Trojan-PSW.Win32.Delf.alg File: C:\Documents and Settings\Owner\×ÀÃæ\lese1.exe//#
detected: Trojan program Trojan-PSW.Win32.Delf.alg File: C:\Documents and Settings\Owner\×ÀÃæ\lese.exe//#

显示全部楼层 · 发表于 2008-1-2 21:55:16

Virus or unwanted program 'TR/Crypt.ULPM.Gen [TR/Crypt.ULPM.Gen]'
detected in file 'C:\TDDOWNLOAD\lese.exe.td.
Action performed: Deny access

显示全部楼层 · 发表于 2008-1-2 23:58:34

3嗰

显示全部楼层 · 发表于 2008-1-3 00:18:57

显示全部楼层 · 发表于 2008-1-3 07:23:12

Starting the file scan:

Begin scan in 'E:\3.zip'
E:\3.zip
  [0] Archive type: ZIP
  --> g0ld.com
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> lese[1].exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> tt[1].gif
   [DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2008-1-3 09:37:26

D:\firefox download\3.zip » ZIP » g0ld.com - probably a variant of Win32/PSW.OnLineGames.NFY trojan
D:\firefox download\3.zip » ZIP » lese[1].exe - probably a variant of Win32/PSW.OnLineGames.NFY trojan
D:\firefox download\3.zip » ZIP » tt[1].gif - a variant of Win32/TrojanDownloader.Ani.Gen trojan

显示全部楼层 · 发表于 2008-1-3 11:08:46

结果: 找到 3 恶意软件
Trojan-Downloader.Win32.Agent.gzu (病毒)
C:\Documents and Settings\028222\桌面\3.zip\g0ld.com
C:\Documents and Settings\028222\桌面\3.zip\lese[1].exe
Exploit.Win32.IMG-ANI.s (病毒)
C:\Documents and Settings\028222\桌面\3.zip\tt[1].gif

[已鉴定] LESE.EXE

回复 6楼冷_冷的帖子

[已鉴定] LESE.EXE

回复 6楼 冷_冷 的帖子

回复 6楼冷_冷的帖子