[病毒样本] 14x

显示全部楼层 · 发表于 2009-9-24 21:14:18

2009-9-24 21:00:53 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\Defraggler1.13.155sc(nnf1).EXE/PE-Armor
2009-9-24 21:00:57 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\kr3_znp.EXE/PE-Armor
2009-9-24 21:00:59 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\kr3_zns.EXE/PE-Armor
2009-9-24 21:01:01 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\kr3_znt.EXE/PE-Armor
2009-9-24 21:01:05 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\kr3_znu.EXE/PE-Armor
2009-9-24 21:01:07 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\kr3_znv.EXE/PE-Armor
2009-9-24 21:01:09 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\kr3_znw.EXE/PE-Armor
2009-9-24 21:01:15 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\np_pkz.EXE/PE-Armor
2009-9-24 21:01:17 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\np_up.EXE/PE-Armor
2009-9-24 21:01:20 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\sn_pkz.EXE/PE-Armor
2009-9-24 21:01:31 检测到威胁: HEUR:Trojan.Win32.Generic F:\DL\14x\sn_up.EXE/PE-Armor

显示全部楼层 · 发表于 2009-9-24 21:24:31

To KL

显示全部楼层 · 发表于 2009-9-24 21:27:30

kis

2009-9-24 21:24:50       D:\Temp\新建文件夹\defraggler1.13.155sc(nnf1).exe       启发式计算的高威胁级别值
2009-9-24 21:24:56       D:\Temp\新建文件夹\kr3_znp.exe       启发式计算的高威胁级别值
2009-9-24 21:25:00       D:\Temp\新建文件夹\kr3_zns.exe       启发式计算的高威胁级别值
2009-9-24 21:25:04       D:\Temp\新建文件夹\kr3_znt.exe       启发式计算的高威胁级别值
2009-9-24 21:25:10       D:\Temp\新建文件夹\kr3_znu.exe       启发式计算的高威胁级别值
2009-9-24 21:25:15       D:\Temp\新建文件夹\kr3_znv.exe       启发式计算的高威胁级别值
2009-9-24 21:25:21       D:\Temp\新建文件夹\kr3_znw.exe       启发式计算的高威胁级别值
2009-9-24 21:25:29       D:\Temp\新建文件夹\np_pkz.exe       启发式计算的高威胁级别值
2009-9-24 21:25:36       D:\Temp\新建文件夹\np_up.exe       启发式计算的高威胁级别值
2009-9-24 21:25:46       D:\Temp\新建文件夹\sn_pkz.exe       启发式计算的高威胁级别值
2009-9-24 21:25:54       D:\Temp\新建文件夹\sn_up.exe       启发式计算的高威胁级别值
2009-9-24 21:26:02       D:\Temp\新建文件夹\tp_map16.exe       启发式计算的高威胁级别值

[ 本帖最后由冰比冰水冰于 2009-9-24 21:28 编辑 ]

显示全部楼层 · 发表于 2009-9-24 21:31:13

又是swizzor..
ug=>通杀。。

显示全部楼层 · 发表于 2009-9-24 23:49:52

Hello,

Defraggler1.13.155sc(nnf1).EXE - Trojan.Win32.Swizzor.arq
kr3_znp.EXE - Trojan.Win32.Swizzor.arr
kr3_zns.EXE - Trojan.Win32.Swizzor.ars
kr3_znt.EXE - Trojan.Win32.Swizzor.art
kr3_znu.EXE - Trojan.Win32.Swizzor.aru
kr3_znv.EXE - Trojan.Win32.Swizzor.arv
kr3_znw.EXE - Trojan.Win32.Swizzor.arw
np_pkz.EXE - Trojan-Downloader.Win32.Obfuscated.uwr
np_up.EXE - Trojan-Downloader.Win32.Obfuscated.uws
sn_pkz.EXE - Trojan-Downloader.Win32.Obfuscated.uwt
sn_up.EXE - Trojan-Downloader.Win32.Obfuscated.uwv
tp_map16.EXE - Trojan.Win32.Sasfis.nuv
upAYB.EXE - Trojan.Win32.Sasfis.nuw
upd_admn.EXE - Trojan.Win32.Sasfis.nuy

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

显示全部楼层 · 发表于 2009-9-25 09:12:04

瑞星2010

显示全部楼层 · 发表于 2009-9-25 10:59:24

Panda都报Malicious Packer

to Panda

显示全部楼层 · 发表于 2009-9-25 11:49:39

红伞 miss了很多

to avira

显示全部楼层 · 发表于 2009-9-25 11:55:35

Avira AntiVir
14x.part1.rar
  [0] Archive type: RAR
--> kr3_znp.EXE
   [DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE]    A backup was created as '4adcc7dc.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
其他miss
Begin scan in 'I:\可疑檔案有毒勿點\14x.part2.rar'
Begin scan in 'I:\可疑檔案有毒勿點\14x.part3.rar'
Begin scan in 'I:\可疑檔案有毒勿點\14x.part4.rar'

显示全部楼层 · 发表于 2009-9-25 13:36:09

大師清空

to comodo

[ 本帖最后由 sam.to 于 2009-9-25 13:37 编辑 ]

[病毒样本] 14x

本帖子中包含更多资源

评分

本帖子中包含更多资源