流行样本生成物

显示全部楼层 · 发表于 2009-9-26 11:34:20

全部以身运行提取来的
因为是流行样本所以。。

显示全部楼层 · 发表于 2009-9-26 11:35:09

sofa耶

显示全部楼层 · 发表于 2009-9-26 11:36:53

7.1病毒库

UGuard v6 - 扫描日志

I:\MyStudio\090924\复件 Files.rar>>c@docume~1@admini~1@locals~1@temp@34..exe -> nFile.Suspicious
I:\MyStudio\090924\复件 Files.rar>>c@docume~1@admini~1@locals~1@temp@35..exe -> nFile.Suspicious
I:\MyStudio\090924\复件 Files.rar>>c@docume~1@admini~1@locals~1@temp@~135640.exe -> nFile.Suspicious
I:\MyStudio\090924\复件 Files.rar>>c@program files@internet explorer@top.dll>>UPX -> Trojan.QQPass.d
I:\MyStudio\090924\复件 Files.rar>>c@windows@downloaded program files@sjrjqgredp3p8b4reeg.cur>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@downloaded program files@wustnjhyfqfpv8pqbc.cur>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@fonts@a97cracb.fon>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@fonts@ctz8uc499k.fon>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@122b901e.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@2ef0d734.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@2exjw3dsatgwrf5uapadmhn.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@704c3595.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@b4ynkreeheerkfeea4.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@btmband89jc9pspq5eknj.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@cduauvkgy9.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@dhdhws7ffw.dll>>UPX -> Trojan.OnLineGames.o
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@dmvjfcdsge5kccsmc6gzfjb.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@fxnee8ue86dau4wwqsw.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@ndxq9awmc.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@p6vyqtqjuya3rfan7j.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@perrgx5dkqsbqdwaucrqh.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@qzp3jtzcsfsh.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@s5ksrtwdf35ew9f2kbdf.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@scevfjrcmab7.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@skcfujq5edn.dll>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@uv4kfmsjpk7ekfenjpv9ct.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@system32@z6fvkef47hupzgaxee.inf>>UPX -> Trojan.OnLineGames.o
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@2vefnvqbcyfhkuaxtve9.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@c2nh4numz9kny5zqnc.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@cgbyr44s5jcmgad6ar.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@cgbyr44s5jcmgad6ar.inf -> EngineSherry.Malware.Gen
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@fktqef2gvvz9fr7v5he.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@jjx5r8wnsqunnxgwpwn.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@sbrmpxjdcrgrafhz4ghh.inf>>UPX -> Generic.OperationOfSEH
I:\MyStudio\090924\复件 Files.rar>>c@windows@tasks@ygfdvuegeqm9fhy5rnn.inf>>UPX -> Generic.OperationOfSEH

日志结束。

显示全部楼层 · 发表于 2009-9-26 11:38:48

原帖由 IllusionWing 于 2009-9-26 11:36 发表
7.1病毒库

UGuard v6 - 扫描日志

I:\MyStudio\090924\复件 Files.rar>>c@docume~1@admini~1@locals~1@temp@34..exe -> nFile.Suspicious
I:\MyStudio\090924\复件 Files.rar>>c@docume~1@admini~1@loc ...

都说了是流行样本

质量低相当正常

显示全部楼层 · 发表于 2009-9-26 11:40:15

E:\复件 Files.rar > RAR > c@windows@system32@2exjw3dsatgwrf5uapadmhn.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@b4ynkreeheerkfeea4.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@btmband89jc9pspq5eknj.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@dmvjfcdsge5kccsmc6gzfjb.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@fxnee8ue86dau4wwqsw.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@p6vyqtqjuya3rfan7j.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@s5ksrtwdf35ew9f2kbdf.inf - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@system32@uv4kfmsjpk7ekfenjpv9ct.inf - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@system32@z6fvkef47hupzgaxee.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@tasks@2vefnvqbcyfhkuaxtve9.inf - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@tasks@c2nh4numz9kny5zqnc.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@tasks@cgbyr44s5jcmgad6ar.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@tasks@fktqef2gvvz9fr7v5he.inf - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@tasks@jjx5r8wnsqunnxgwpwn.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@tasks@sbrmpxjdcrgrafhz4ghh.inf - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@tasks@ygfdvuegeqm9fhy5rnn.inf - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@docume~1@admini~1@locals~1@temp@~135640.exe - 正常
E:\复件 Files.rar > RAR > c@docume~1@admini~1@locals~1@temp@34..exe - Win32/Tiny.NAI 特洛伊木马
E:\复件 Files.rar > RAR > c@docume~1@admini~1@locals~1@temp@35..exe - Win32/PSW.QQPass.NFC 特洛伊木马
E:\复件 Files.rar > RAR > c@progra~1@common~1@tencent@qqplug@qqpet.dll - 正常
E:\复件 Files.rar > RAR > c@program files@internet explorer@top.dll - Win32/PSW.QQPass.NEH 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@122b901e.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@2ef0d734.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@704c3595.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@cduauvkgy9.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@dhdhws7ffw.dll - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马的变种
E:\复件 Files.rar > RAR > c@windows@system32@ndxq9awmc.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@perrgx5dkqsbqdwaucrqh.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@qzp3jtzcsfsh.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@scevfjrcmab7.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@system32@skcfujq5edn.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@downloaded program files@sjrjqgredp3p8b4reeg.cur - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@downloaded program files@wustnjhyfqfpv8pqbc.cur - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@fonts@a97cracb.fon - Win32/PSW.OnLineGames.NRD 特洛伊木马
E:\复件 Files.rar > RAR > c@windows@fonts@ctz8uc499k.fon - Win32/PSW.OnLineGames.NRD 特洛伊木马

显示全部楼层 · 发表于 2009-9-26 12:02:37

13 to IObit

显示全部楼层 · 发表于 2009-9-26 12:51:00

瑞星2010

显示全部楼层 · 发表于 2009-9-26 13:26:53

红伞报 TR/Downloader.Gen

显示全部楼层 · 发表于 2009-9-26 13:27:05

Avira AntiVir
复件 Files.rar
[0] Archive type: RAR
--> c@windows@system32@2exjw3dsatgwrf5uapadmhn.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@system32@b4ynkreeheerkfeea4.inf
   [DETECTION] Is the TR/Hijacker.Gen Trojan
--> c@windows@system32@btmband89jc9pspq5eknj.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@system32@dmvjfcdsge5kccsmc6gzfjb.inf
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@fxnee8ue86dau4wwqsw.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@system32@p6vyqtqjuya3rfan7j.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@system32@s5ksrtwdf35ew9f2kbdf.inf
   [DETECTION] Is the TR/Hijacker.Gen Trojan
--> c@windows@system32@uv4kfmsjpk7ekfenjpv9ct.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@system32@z6fvkef47hupzgaxee.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@tasks@2vefnvqbcyfhkuaxtve9.inf
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@tasks@c2nh4numz9kny5zqnc.inf
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@tasks@cgbyr44s5jcmgad6ar.inf
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@tasks@fktqef2gvvz9fr7v5he.inf
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@tasks@jjx5r8wnsqunnxgwpwn.inf
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@tasks@sbrmpxjdcrgrafhz4ghh.inf
   [DETECTION] Is the TR/Hijacker.Gen Trojan
--> c@windows@tasks@ygfdvuegeqm9fhy5rnn.inf
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@docume~1@admini~1@locals~1@temp@34..exe
   [DETECTION] Is the TR/ATRAPS.Gen Trojan
--> c@docume~1@admini~1@locals~1@temp@35..exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
--> c@program files@internet explorer@top.dll
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@system32@122b901e.dll
   [DETECTION] Is the TR/PSW.Magania.bydz Trojan
--> c@windows@system32@2ef0d734.dll
   [DETECTION] Is the TR/PSW.Magania.byjr Trojan
--> c@windows@system32@704c3595.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@cduauvkgy9.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@dhdhws7ffw.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@ndxq9awmc.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@perrgx5dkqsbqdwaucrqh.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@qzp3jtzcsfsh.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@scevfjrcmab7.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@system32@skcfujq5edn.dll
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@downloaded program files@sjrjqgredp3p8b4reeg.cur
   [DETECTION] Is the TR/Downloader.Gen Trojan
--> c@windows@downloaded program files@wustnjhyfqfpv8pqbc.cur
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@fonts@a97cracb.fon
   [DETECTION] Is the TR/Spy.Gen Trojan
--> c@windows@fonts@ctz8uc499k.fon
   [DETECTION] Is the TR/Spy.Gen Trojan
[NOTE]    A backup was created as '4ade2ee6.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2009-9-26 16:06:28

2009/9/26 16:05:00 已隔离病毒 HEUR:Trojan.Win32.Generic G:\Temp\Virus\复件 Files\c@windows@tasks@sbrmpxjdcrgrafhz4ghh.inf
2009/9/26 16:04:52 已隔离病毒 HEUR:Trojan.Win32.Generic G:\Temp\Virus\复件 Files\c@windows@downloaded program files@wustnjhyfqfpv8pqbc.cur
2009/9/26 16:04:52 已删除木马程序 Trojan-PSW.Win32.QQPass.msc G:\Temp\Virus\复件 Files\c@program files@internet explorer@top.dll
2009/9/26 16:04:52 已删除木马程序 Trojan-PSW.Win32.QQPass.msc G:\Temp\Virus\复件 Files\c@program files@internet explorer@top.dll//PE_Patch.UPX
2009/9/26 16:04:52 已删除木马程序 Trojan-PSW.Win32.QQPass.msc G:\Temp\Virus\复件 Files\c@program files@internet explorer@top.dll//PE_Patch.UPX//UPX
2009/9/26 16:04:52 已删除木马程序 Trojan-GameThief.Win32.OnLineGames.bmnz G:\Temp\Virus\复件 Files\c@windows@fonts@a97cracb.fon
2009/9/26 16:04:52 已删除木马程序 Trojan-GameThief.Win32.OnLineGames.bmnz G:\Temp\Virus\复件 Files\c@windows@fonts@a97cracb.fon//PE_Patch.UPX
2009/9/26 16:04:52 已删除木马程序 Trojan-GameThief.Win32.OnLineGames.bmnz G:\Temp\Virus\复件 Files\c@windows@fonts@a97cracb.fon//PE_Patch.UPX//UPX
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.cdrf G:\Temp\Virus\复件 Files\c@windows@tasks@fktqef2gvvz9fr7v5he.inf
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.cdrf G:\Temp\Virus\复件 Files\c@windows@tasks@fktqef2gvvz9fr7v5he.inf//PE_Patch.UPX
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.cdrf G:\Temp\Virus\复件 Files\c@windows@tasks@fktqef2gvvz9fr7v5he.inf//PE_Patch.UPX//UPX
2009/9/26 16:05:00 已删除木马程序 Trojan-GameThief.Win32.Magania.cdqj G:\Temp\Virus\复件 Files\c@windows@tasks@jjx5r8wnsqunnxgwpwn.inf
2009/9/26 16:04:57 已删除木马程序 Trojan-GameThief.Win32.Magania.cdmz G:\Temp\Virus\复件 Files\c@windows@system32@s5ksrtwdf35ew9f2kbdf.inf
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cdmy G:\Temp\Virus\复件 Files\c@windows@tasks@2vefnvqbcyfhkuaxtve9.inf
2009/9/26 16:04:52 已删除木马程序 Trojan-GameThief.Win32.Magania.cdmt G:\Temp\Virus\复件 Files\c@windows@downloaded program files@sjrjqgredp3p8b4reeg.cur
2009/9/26 16:04:52 已删除木马程序 Trojan-GameThief.Win32.Magania.cdmt G:\Temp\Virus\复件 Files\c@windows@downloaded program files@sjrjqgredp3p8b4reeg.cur//PE_Patch.UPX
2009/9/26 16:04:52 已删除木马程序 Trojan-GameThief.Win32.Magania.cdmt G:\Temp\Virus\复件 Files\c@windows@downloaded program files@sjrjqgredp3p8b4reeg.cur//PE_Patch.UPX//UPX
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.ccet G:\Temp\Virus\复件 Files\c@windows@system32@fxnee8ue86dau4wwqsw.inf
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.ccet G:\Temp\Virus\复件 Files\c@windows@system32@fxnee8ue86dau4wwqsw.inf//PE_Patch.UPX
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.ccet G:\Temp\Virus\复件 Files\c@windows@system32@fxnee8ue86dau4wwqsw.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cces G:\Temp\Virus\复件 Files\c@windows@system32@z6fvkef47hupzgaxee.inf
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cces G:\Temp\Virus\复件 Files\c@windows@system32@z6fvkef47hupzgaxee.inf//PE_Patch.UPX
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cces G:\Temp\Virus\复件 Files\c@windows@system32@z6fvkef47hupzgaxee.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.ccbf G:\Temp\Virus\复件 Files\c@windows@system32@b4ynkreeheerkfeea4.inf
2009/9/26 16:04:57 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxz G:\Temp\Virus\复件 Files\c@windows@system32@qzp3jtzcsfsh.dll
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxk G:\Temp\Virus\复件 Files\c@windows@tasks@cgbyr44s5jcmgad6ar.inf
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxk G:\Temp\Virus\复件 Files\c@windows@tasks@cgbyr44s5jcmgad6ar.inf//PE_Patch.UPX
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxk G:\Temp\Virus\复件 Files\c@windows@tasks@cgbyr44s5jcmgad6ar.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:55 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxi G:\Temp\Virus\复件 Files\c@windows@system32@dhdhws7ffw.dll
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxh G:\Temp\Virus\复件 Files\c@windows@system32@uv4kfmsjpk7ekfenjpv9ct.inf
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxh G:\Temp\Virus\复件 Files\c@windows@system32@uv4kfmsjpk7ekfenjpv9ct.inf//PE_Patch.UPX
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cbxh G:\Temp\Virus\复件 Files\c@windows@system32@uv4kfmsjpk7ekfenjpv9ct.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:58 已删除木马程序 Trojan-GameThief.Win32.Magania.cbrv G:\Temp\Virus\复件 Files\c@windows@system32@skcfujq5edn.dll
2009/9/26 16:05:00 已删除木马程序 Trojan-GameThief.Win32.Magania.cbrt G:\Temp\Virus\复件 Files\c@windows@tasks@ygfdvuegeqm9fhy5rnn.inf
2009/9/26 16:04:55 已删除木马程序 Trojan-GameThief.Win32.Magania.caku G:\Temp\Virus\复件 Files\c@windows@system32@btmband89jc9pspq5eknj.inf
2009/9/26 16:04:55 已删除木马程序 Trojan-GameThief.Win32.Magania.caku G:\Temp\Virus\复件 Files\c@windows@system32@btmband89jc9pspq5eknj.inf//PE_Patch.UPX
2009/9/26 16:04:55 已删除木马程序 Trojan-GameThief.Win32.Magania.caku G:\Temp\Virus\复件 Files\c@windows@system32@btmband89jc9pspq5eknj.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.cahu G:\Temp\Virus\复件 Files\c@windows@system32@dmvjfcdsge5kccsmc6gzfjb.inf
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.caag G:\Temp\Virus\复件 Files\c@windows@tasks@c2nh4numz9kny5zqnc.inf
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.caag G:\Temp\Virus\复件 Files\c@windows@tasks@c2nh4numz9kny5zqnc.inf//PE_Patch.UPX
2009/9/26 16:04:59 已删除木马程序 Trojan-GameThief.Win32.Magania.caag G:\Temp\Virus\复件 Files\c@windows@tasks@c2nh4numz9kny5zqnc.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.bzvn G:\Temp\Virus\复件 Files\c@windows@system32@p6vyqtqjuya3rfan7j.inf
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.bzvn G:\Temp\Virus\复件 Files\c@windows@system32@p6vyqtqjuya3rfan7j.inf//PE_Patch.UPX
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.bzvn G:\Temp\Virus\复件 Files\c@windows@system32@p6vyqtqjuya3rfan7j.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.bzoc G:\Temp\Virus\复件 Files\c@windows@system32@2exjw3dsatgwrf5uapadmhn.inf
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.bzoc G:\Temp\Virus\复件 Files\c@windows@system32@2exjw3dsatgwrf5uapadmhn.inf//PE_Patch.UPX
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.bzoc G:\Temp\Virus\复件 Files\c@windows@system32@2exjw3dsatgwrf5uapadmhn.inf//PE_Patch.UPX//UPX
2009/9/26 16:04:55 已删除木马程序 Trojan-GameThief.Win32.Magania.bxgt G:\Temp\Virus\复件 Files\c@windows@system32@cduauvkgy9.dll
2009/9/26 16:04:57 已删除木马程序 Trojan-GameThief.Win32.Magania.bwyy G:\Temp\Virus\复件 Files\c@windows@system32@scevfjrcmab7.dll
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.bvpq G:\Temp\Virus\复件 Files\c@windows@system32@perrgx5dkqsbqdwaucrqh.dll
2009/9/26 16:04:56 已删除木马程序 Trojan-GameThief.Win32.Magania.bknw G:\Temp\Virus\复件 Files\c@windows@system32@ndxq9awmc.dll
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bgwg G:\Temp\Virus\复件 Files\c@windows@fonts@ctz8uc499k.fon
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bgwg G:\Temp\Virus\复件 Files\c@windows@fonts@ctz8uc499k.fon//PE_Patch.UPX
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bgwg G:\Temp\Virus\复件 Files\c@windows@fonts@ctz8uc499k.fon//PE_Patch.UPX//UPX
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bgjv G:\Temp\Virus\复件 Files\c@windows@system32@2ef0d734.dll
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bgjv G:\Temp\Virus\复件 Files\c@windows@system32@2ef0d734.dll//PE_Patch.UPX
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bgjv G:\Temp\Virus\复件 Files\c@windows@system32@2ef0d734.dll//PE_Patch.UPX//UPX
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.bfux G:\Temp\Virus\复件 Files\c@windows@system32@704c3595.dll
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.bfux G:\Temp\Virus\复件 Files\c@windows@system32@704c3595.dll//PE_Patch.UPX
2009/9/26 16:04:54 已删除木马程序 Trojan-GameThief.Win32.Magania.bfux G:\Temp\Virus\复件 Files\c@windows@system32@704c3595.dll//PE_Patch.UPX//UPX
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bfsl G:\Temp\Virus\复件 Files\c@windows@system32@122b901e.dll
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bfsl G:\Temp\Virus\复件 Files\c@windows@system32@122b901e.dll//PE_Patch.UPX
2009/9/26 16:04:53 已删除木马程序 Trojan-GameThief.Win32.Magania.bfsl G:\Temp\Virus\复件 Files\c@windows@system32@122b901e.dll//PE_Patch.UPX//UPX
2009/9/26 16:04:51 已删除木马程序 Trojan-Downloader.Win32.Small.kdk G:\Temp\Virus\复件 Files\c@docume~1@admini~1@locals~1@temp@34..exe
2009/9/26 16:04:52 已删除木马程序 Trojan-Downloader.Win32.Agent.cpzj G:\Temp\Virus\复件 Files\c@docume~1@admini~1@locals~1@temp@35..exe

Signature Miss 4,To KL

[病毒样本] 流行样本生成物

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块