搜索
查看: 2095|回复: 19
收起左侧

[病毒样本] 两样本 卡巴 过~~`

[复制链接]
tonger2003
发表于 2007-3-27 15:10:53 | 显示全部楼层 |阅读模式
2

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
The EQs
发表于 2007-3-27 15:12:13 | 显示全部楼层
nod32右键扫描只报了一个。。
Scan performed at: 2007-3-27 15:12:14
Scanning Log
NOD32 version 2146 (20070327) NT
Command line: C:\Documents and Settings\EQ2\桌面\pe.rar C:\Documents and Settings\EQ2\桌面\svchost.rar
Operating memory - is OK

Date: 27.3.2007  Time: 15:12:18
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\pe.rar; C:\Documents and Settings\EQ2\桌面\svchost.rar
C:\Documents and Settings\EQ2\桌面\pe.rar ?RAR ?pe.exe - a variant of Win32/Agent.NEO trojan
Number of scanned files: 4
Number of threats found: 1
Number of files cleaned: 1
Time of completion: 15:12:19 Total scanning time: 1 sec (00:00:01)



另外一个运行看看。。。
The EQs
发表于 2007-3-27 15:13:46 | 显示全部楼层
试图想修改explorer.exe
bridgewr
发表于 2007-3-27 15:18:40 | 显示全部楼层
微点杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
观弈书童
发表于 2007-3-27 15:24:36 | 显示全部楼层
C:\Documents and Settings\Administrator\桌面\病毒样本\样本文件\pe.rar ?RAR ?pe.exe - a variant of Win32/Agent.NEO 木马
jlennon
头像被屏蔽
发表于 2007-3-27 15:30:10 | 显示全部楼层
-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.3.1
Virus signature file from: 2007-3-27, 3:05

Scan name: [Custom Scan]
Path to scan: C:\Documents and Settings\Administrator\桌面\pe.rar|C:\Documents and Settings\Administrator\桌面\svchost.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-3-27, 15:28:39
---------------------------------------------------------------------

[Found possible virus]         <W32/PWStealer.gen1 (not disinfectable)>        C:\Documents and Settings\Administrator\桌面\svchost.rar->svchost.exe
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\svchost.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\svchost.rar->svchost.exe

---------------------------------------------------------------------
Scan ended:        2007-3-27, 15:28:50
Duration:        0:00:11

Scan result:

Scanned files:                 2
Infected objects:         1
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------
金剑
头像被屏蔽
发表于 2007-3-27 15:31:03 | 显示全部楼层
风暴胜者V2 测试版本(http://www.v0day.com)
_________您的安全是我们的责任_______________
载入病毒库…进行整理…分配内存…可以使用



===============================================
   ___________病毒查杀结果__________________


===============================================

2007年3月27日15时30分52秒 开始查杀C:\Documents and Settings\Administrator\桌面\新建文件夹\svchost
=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。


C:\Documents and Settings\Administrator\桌面\新建文件夹\svchost\svchost.exe 带壳文件:UPX加壳
-----------------------------------------

2007年3月27日15时30分52秒收起线程…100% 查杀完毕!
扫描文件:2查杀病毒:0
a750828
发表于 2007-3-27 16:11:06 | 显示全部楼层
pe.rar

AntiVir 7.3.1.44 03.27.2007 TR/Crypt.NSPM.Gen
Authentium 4.93.8 03.26.2007 Possibly a new variant of W32/PWStealer.gen1
Avast 4.7.936.0 03.25.2007 Win32:Tibs-ADO
CAT-QuickHeal 9.00 03.26.2007 (Suspicious) - DNAScan
eSafe 7.0.14.0 03.26.2007 suspicious Trojan/Worm
Fortinet 2.85.0.0 03.27.2007 suspicious
F-Prot 4.3.1.45 03.26.2007 W32/PWStealer.gen1
F-Secure 6.70.13030.0 03.27.2007 Viking.gen
Ikarus T3.1.1.3 03.27.2007 MalwareScope.Worm.Viking.3
Panda 9.0.0.4 03.27.2007 Suspicious file
VBA32 3.11.2 03.26.2007 MalwareScope.Worm.Viking.3
Webwasher-Gateway 6.0.1 03.27.2007 Trojan.Crypt.NSPM.Gen

svchost.rar

AntiVir 7.3.1.44 03.27.2007 TR/Crypt.FKM.Gen
Avast 4.7.936.0 03.25.2007 Win32:Agent-ELK
CAT-QuickHeal 9.00 03.26.2007 (Suspicious) - DNAScan
eSafe 7.0.14.0 03.26.2007 suspicious Trojan/Worm
Fortinet 2.85.0.0 03.27.2007 suspicious
Ikarus T3.1.1.3 03.27.2007 Backdoor.Win32.Hupigon.BV
Microsoft 1.2306 03.27.2007 VirTool:Win32/Obfuscator.A
NOD32v2 2146 03.27.2007 a variant of Win32/Agent.NEO
Panda 9.0.0.4 03.27.2007 Suspicious file
Sunbelt 2.2.907.0 03.24.2007 VIPRE.Suspicious
Webwasher-Gateway 6.0.1 03.27.2007 Trojan.Crypt.FKM.Gen
hkt988
发表于 2007-3-27 16:17:55 | 显示全部楼层
红伞杀
zzh161
发表于 2007-3-27 16:19:53 | 显示全部楼层
费尔都报启发
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|卡饭乐购| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2019-9-24 02:21 , Processed in 0.049394 second(s), 6 queries , MemCache On.

快速回复 返回顶部 返回列表