[病毒样本] N

显示全部楼层 · 发表于 2009-11-27 04:31:23

http://www.brsbox.com/filebox/uploadcomplete/randstr/2016qbk5l60gPv9f52Uf397H12/fgid/aa9e58a8b426e4fe68706a23bb194dc3/dirids/1973116

pw virus

显示全部楼层 · 发表于 2009-11-27 07:09:02

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\1e'
C:\Documents and Settings\Administrator\桌面\1e\1e\1\1.EXE
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\1e\1e\3\cg\cg3.2.exe
  [0] Archive type: NSIS
--> [TempDir]/ﾵ￘ￏￂﾳￇￓ￫ￓￂￊ﾿(9999).exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
发表帖子[完成后可按 Ctrl+E --> [TempDir]/DNFￌ￬￉?ﾸﾨￖ￺.exe
   [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\1e\1e\3\cg\cg3.2\1.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\1e\1e\3\cg\cg3.2\2.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\1e\1e\4\1.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE]    The file was deleted!

End of the scan: 2009年11月27日星期五  07:08
Used time: 00:04 Minute(s)

The scan has been done completely.

   33 Scanned directories
   70 Files were scanned
   6 Viruses and/or unwanted programs were found
   0 Files were classified as suspicious
   5 files were deleted
   0 Viruses and unwanted programs were repaired
   0 Files were moved to quarantine
   0 Files were renamed
   0 Files cannot be scanned
   64 Files not concerned
   2 Archives were scanned
   0 Warnings
   5 Notes

显示全部楼层 · 发表于 2009-11-27 07:43:13

C:\Users\Ricky\Desktop\1e.rar » RAR » 1e\1\1.EXE - a variant of Win32/Kryptik.AHT trojan
C:\Users\Ricky\Desktop\1e.rar » RAR » 1e\3\cg\cg3.2\1.exe - a variant of Win32/PSW.OnLineGames.OXR trojan
C:\Users\Ricky\Desktop\1e.rar » RAR » 1e\3\cg\cg3.2.exe » NSIS » 地下城与勇士(9999).exe - a variant of Win32/PSW.OnLineGames.OXR trojan

[ 本帖最后由 RickyBoy 于 2009-11-27 07:48 编辑 ]

显示全部楼层 · 发表于 2009-11-27 09:15:43

27:11:2009 09:11:12 SEARCHTASK "USER_DEFINED" started...
scan item: C:\Users\Ricky\Desktop\1e
File scanned: C:\Users\Ricky\Desktop\1e\1\1.EXE - SIGNATURE FOUND "Trojan-PWS.Win32.LdPinch"
File scanned: C:\Users\Ricky\Desktop\1e\1\2\youxia\mapdata2.dat - SIGNATURE FOUND "Virus.Win32.Downloader"
File scanned: C:\Users\Ricky\Desktop\1e\1\2\youxia\mapdata7.dat - SIGNATURE FOUND "Win32.SuspectCrc"
File scanned: C:\Users\Ricky\Desktop\1e\1\3File scanned: C:\Users\Ricky\Desktop\1e\2\dnfxx13.0vip.exe - SIGNATURE FOUND "Trojan.Backdoor.Hupigon5"
File scanned: C:\Users\Ricky\Desktop\1e\3\cg\cg3.2\1.exe - SIGNATURE FOUND "Packed.Win32.PolyCrypt.d"
File scanned: C:\Users\Ricky\Desktop\1e\3\cg\cg3.2\2.exe - SIGNATURE FOUND "Trojan-Dropper"
File scanned: C:\Users\Ricky\Desktop\1e\3\cg\cg3.2.exe - SIGNATURE FOUND "Packed.Win32.PolyCrypt.d"
File scanned: C:\Users\Ricky\Desktop\1e\5\exp1orer.exe - SIGNATURE FOUND "Trojan-Dropper.Win32.Flystud"
27:11:2009 09:11:15 SEARCHTASK "USER_DEFINED" FINISHED...
----------------------------------------------------
Directories scanned: 32
Files scanned: 68
Virus found: 9
----------------------------------------------------

IKARUS还是很强悍的
除去3个dat还报6个..

显示全部楼层 · 发表于 2009-11-27 17:07:49

MPAV Kill 1 Only

显示全部楼层 · 发表于 2009-11-27 21:05:11

这个下载速度。。。

显示全部楼层 · 发表于 2009-11-27 23:31:59

2009/11/27 23:30:48 已隔离病毒 HEUR:Trojan.Win32.Generic G:\Temp\Virus\1e.rar/1e\卡巴启发.rar/1\太阳1。6.exe
To KL

显示全部楼层 · 发表于 2009-11-28 00:06:23

2009/11/28 0:04:40 引擎版本                                  = 5400.1158
2009/11/28 0:04:40 防病毒 DAT 版本                            = 5814.0
2009/11/28 0:04:40 EXTRA.DAT 中的检测项特征码数                   = 无
2009/11/28 0:04:40 EXTRA.DAT 中的检测项特征码名称                   = 无
2009/11/28 0:04:34 扫描已启动子兮-PC\子兮按需扫描
2009/11/28 0:04:45 未采取操作子兮 ODS F:\病毒\1e_2.rar\1.EXE Generic Dropper.eb (特洛伊)
2009/11/28 0:04:48 未采取操作子兮 ODS F:\病毒\1e_2.rar\DNFXX13.0VIP.EXE Generic Malware.fi (特洛伊)
2009/11/28 0:04:48 未采取操作子兮 ODS F:\病毒\1e_2.rar\1.EXE Generic Downloader.aa (特洛伊)
2009/11/28 0:04:48 未采取操作子兮 ODS F:\病毒\1e_2.rar\2.EXE BackDoor-DRV.gen.c (特洛伊)
2009/11/28 0:04:48 未采取操作子兮 ODS F:\病毒\1e_2.rar\CG3.2.EXE\2.nsis Generic Downloader.aa (特洛伊)
2009/11/28 0:04:48 未采取操作子兮 ODS F:\病毒\1e_2.rar\CG3.2.EXE\3.nsis BackDoor-DRV.gen.c (特洛伊)
2009/11/28 0:04:49 未采取操作子兮 ODS F:\病毒\1e_2.rar\EXP1ORER.EXE BackDoor-DRV.gen.c (特洛伊)
2009/11/28 0:04:49 未扫描（文件已加密） F:\病毒\1e_2.rar
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮扫描摘要
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已扫描的进程: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已检测的进程: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已清除病毒的进程: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已扫描的引导区: 1
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已检测的引导区: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已清除病毒的引导区: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已扫描的文件: 1
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮含有检测项的文件: 1
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮文件检测项: 7
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已清除病毒的文件： 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮已删除的文件: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮未扫描的文件: 0
2009/11/28 0:04:49 扫描摘要子兮-PC\子兮运行时间: 0:00:15
2009/11/28 0:04:49 扫描结束子兮-PC\子兮按需扫描