File size: 81541 bytes |
MD5: 08f56bcb99ca1ff8cd2e921c31bebc04 |
SHA1: 6af8caae8c501d9793ff3ba305474f30593dec1a |
packers: ORIEN |
packers: ORiEN | 1、特征病毒将释放文件SYS.COM ,autorun.inf到每个硬盘分区及可能的移动盘的根目录下,以获得双击磁盘盘符被执行的机会。其中 autorun.inf内容如下:
[AutoRun] open=SYS.COM shellexecute=SYS.COM shell\Auto\command=SYS.COM
Dr. Web 报为 Trojan.PWS.Qqrobber.163
2、手动清除 右键--打开中选择打开磁盘,将隐藏文件显示 ,删除各磁盘根目录下的SYS.COM和autorun.inf (可以借助工具删autorun.inf 重启后再删sys.com)
~~~~~对于这个病毒,其他的杀毒软件表现如何呢?
AntiVir |
Found Trojan/PSW.Delf.NX.14 |
ArcaVir |
Found nothing |
Avast |
Found nothing |
AVG Antivirus |
Found nothing |
BitDefender |
Found GenPack:Generic.Malware.SP!Pk!g.B68E0D40 |
ClamAV |
Found nothing |
Dr.Web |
Found Trojan.PWS.Qqrobber.163 |
F-Prot Antivirus |
Found nothing |
F-Secure Anti-Virus |
Found Trojan-PSW.Win32.Delf.nx |
Fortinet |
Found nothing |
Kaspersky Anti-Virus |
Found Trojan-PSW.Win32.Delf.nx |
NOD32 |
Found a variant of Win32/PSW.QQPass.JF |
Norman Virus Control |
Found W32/QQRob.gen1 |
VirusBuster |
Found nothing |
VBA32 |
Found Trojan-Spy.Delf.16 (paranoid heuristics) (probable variant) |
|