样本~~

显示全部楼层 · 发表于 2007-3-26 15:30:21

1

[ 本帖最后由 tonger2003 于 2007-3-26 15:33 编辑 ]

显示全部楼层 · 发表于 2007-3-26 15:32:53

没有样本

显示全部楼层 · 发表于 2007-3-26 15:36:17

Scan performed at: 2007-3-26 15:36:33
Scanning Log
NOD32 version 2144 (20070325) NT
Command line: C:\Documents and Settings\EQ2\桌面\bo.rar
Operating memory - is OK

Date: 26.3.2007 Time: 15:36:38
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\bo.rar
C:\Documents and Settings\EQ2\桌面\bo.rar ?RAR ?bo.exe - a variant of Win32/PSW.QQShou.NAU trojan
Number of scanned files: 2
Number of threats found: 1
Number of files cleaned: 1
Time of completion: 15:36:38 Total scanning time: 0 sec (00:00:00)

显示全部楼层 · 发表于 2007-3-26 15:37:45

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\bo.rar'
C:\Documents and Settings\Administrator\桌面\bo.rar
  [0] Archive type: RAR
  --> bo.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    A backup was created as '463578e3.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-3-26 15:39:09

Cyberhawk

显示全部楼层 · 发表于 2007-3-26 15:42:38

C:\Documents and Settings\Administrator\桌面\病毒样本\样本文件\bo.rar ?RAR ?bo.exe - a variant of Win32/PSW.QQShou.NAU 木马

显示全部楼层 · 发表于 2007-3-26 15:46:47

C:\Program Files\SysInfo.wmp

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {7C3E3EA0-F318-43FB-952E-74736B2F6789}

被mp切掉了

显示全部楼层 · 发表于 2007-3-26 16:28:25

显示全部楼层 · 发表于 2007-3-26 18:15:28

卡巴不杀...
红伞杀...

显示全部楼层 · 发表于 2007-3-26 23:27:39

[病毒样本] 样本~~

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源