2x exe，质量未知

显示全部楼层 · 发表于 2009-2-6 08:21:19

Welcome to test

显示全部楼层 · 发表于 2009-2-6 08:26:25

kaba kill all !

显示全部楼层 · 发表于 2009-2-6 08:28:29

SEP不报。
蜘蛛不报。
GDATA 2。

[ 本帖最后由 xiaohai95 于 2009-2-6 08:30 编辑 ]

显示全部楼层 · 发表于 2009-2-6 08:34:17

Your Submission Has Been Sent
Your submission has been sent Thu Feb 5 16:38:31 PST 2009. You will receive an email message from Symantec with a tracking number that will enable you to check the status of this submission.

显示全部楼层 · 发表于 2009-2-6 08:54:57

Dear tracydk tracydk,

We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename:  D:\\2.zip
machine: Machine
result: See the developer notes

filename: fileng.gif3
machine: Machine
result: See the developer notes

filename: InstallAVg_80808080.exe2
machine: Machine
result: This file is detected as Packed.Generic.187.

Customer notes:

Developer notes:
D:\\2.zip is a container file of type  ZIP
fileng.gif3 Our automation was unable to identify any malicious content in this submission.
The file will be stored for further human analysis  This file is contained by D:\\2.zip
InstallAVg_80808080.exe2 applies to the 20 current Bloodhound detections in the engine This file is contained by D:\\2.zip

Our automation was unable to identify any malicious content in this submission.
The file will be stored for further human analysis

Should you have any questions about your submission, please contact
your regional technical support from the Symantec website and give them
the tracking number in the subject of this message.

-----------------------------------------------------------------------
This message was generated by Symantec Security Response automation.

For USA:
For electronic support options, Symantec provides On-Line Services at
http://www.symantec.com/techsupp/

显示全部楼层 · 发表于 2009-2-6 09:03:02

avast！不报

显示全部楼层 · 发表于 2009-2-6 09:13:46

All to VB~

显示全部楼层 · 发表于 2009-2-6 09:18:23

http://bbs.kafan.cn/attachment.p ... 45&t=1233883072 a variant of Win32/PSW.OnLineGames.NFF trojan deleted (after the next restart) - quarantined
http://bbs.kafan.cn/attachment.p ... 45&t=1233883072 » ZIP » 新建文件夹/jgyjh.exe a variant of Win32/PSW.OnLineGames.NFF trojan was a part of the deleted object
http://bbs.kafan.cn/attachment.p ... 45&t=1233883072 » ZIP » 新建文件夹/jggyc.exe a variant of Win32/PSW.OnLineGames.NFF trojan was a part of the deleted object

显示全部楼层 · 发表于 2009-2-6 09:31:18

程序：
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\新建文件夹\新建文件夹\JGGYC.EXE
是可疑程序!
试图修改系统时间!
是否阻止该进程继续运行?

程序：
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\新建文件夹\新建文件夹\新建文件夹\JGGYC.EXE
木马程序生成以下文件：
1) C:\SANDBOX\ADMINISTRATOR\DEFAULTBOX\DRIVE\C\WINDOWS\HELP\EB6C4499B05F.DLL
是否删除木马程序及其衍生物?

显示全部楼层 · 发表于 2009-2-6 10:25:29

"Scan ""Shell extension scan"" was finished."
"Infections";"2";"0";"2"
"Folders selected for scanning:";"E:\收集区\新建文件夹\jggyc.exe;E:\收集区\新建文件夹\jgyjh.exe;"
"Scan started:";"2009年2月6日, 10:26:32"
"Scan finished:";"2009年2月6日, 10:26:33 (less than one second)"
"Total object scanned:";"2"
"User who launched the scan:";"Administrator"

"Infections"
"File";"Infection";"Result"
"E:\收集区\新建文件夹\jggyc.exe";"Virus identified Win32/Patched.AI";"Infected"
"E:\收集区\新建文件夹\jgyjh.exe";"Virus identified Win32/Patched.AI";"Infected"

[病毒样本] 2x exe，质量未知

本帖子中包含更多资源