查看完整版本: NTNP.EXE相关资料附下载（新客网首发）

NTNP.EXE相关资料附下载（新客网首发）

NTNP.EXE
Determination: [color=#ff0000][b]Bad[/b][img]http://spywarefiles.prevx.com/images2/sred.gif[/img][/color]
NTNP.EXE has been determined by the Prevx database as Bad. Therefore this file is unsafe to run and should be removed using Prevx.
We Recommend you do not delete the files listed above manually. As Malware can use the same name as a genuine file, you could inadvertantly delete a file which is genuine. Prevx can analyze the actual malware file on your computer so it can identify and clean up malware and protect your computer from future malware infections.
It's very easy to remove these infections just click the button below to download and run Prevx


NTNP.EXEAUTOMATED MALWARE PROFILE, ANALYSIS, REMOVAL AND SIGNATURE INFORMATION: DEFINITION OF: NTNP.EXE[list][*]Safety Rating: Known Malware, do not run[*]Malware Family: Part of Malware group - Trojan Win32 Agent bi[*]Malware Form: TROJAN[*]Protection: Prevx is a very powerful PC security product, it will protect, disinfect, [url=http://info.prevx.com/downloadprevx2.asp][color=#486caa]cleanup and remove NTNP.EXE[/color][/url] and safeguard your PC against viruses, trojans, worms, spyware, rootkits and adware[*]New Users: You can download the full Prevx product and use it to [url=http://info.prevx.com/downloadprevx2.asp][color=#486caa]cleanup and remove NTNP.EXE and other infections free of charge, then leave it to monitor your PC for other infections[/color][/url][*]First seen: Jul 7 2005 (GMT)[*]Last seen: Jul 7 2005 (GMT)[*]File Size: 11,385 bytes[/list]
MALWARE ASSESSMENT: PREVX 4 AXES OF EVIL METHODOLOGY
1. COVERT ANALYSIS OF: NTNP.EXE[list][*]File Names Used: 6940[*]Paths Used: 33[*]Common File Name: NTNP.EXE[*]Common Path: %WINDIR%\SYSTEM32\[*]Vendor Information: No Vendor details specified[*]NTNP.EXE may use 6,940 or more path and file names, these are the most common:[*]1 :%WINDIR%\ATLCV32.EXE[*]2 :%WINDIR%\ATLZV32.EXE[*]3 :%WINDIR%\CRAS.EXE[*]4 :%WINDIR%\D3HO.EXE[*]5 :%WINDIR%\D3TU32.EXE[*]6 :%WINDIR%\D3VO.EXE[*]7 :%WINDIR%\MSVJ.EXE[*]8 :%WINDIR%\NTKC32.EXE[*]9 :%WINDIR%\SDKXT32.EXE[*]10:%WINDIR%\SYSSN.EXE[*]11:%WINDIR%\SYSTEM32\APPQN.EXE[*]12:%WINDIR%\SYSTEM32\ATLSR32.EXE[*]13:%WINDIR%\SYSTEM32\CRWW32.EXE[*]14:%WINDIR%\SYSTEM32\D3JG.EXE[*]15:%WINDIR%\SYSTEM32\D3PY.EXE[*]File Name Structure: Normal[*]File and Path Structure: Suspicious, unusually high number of file and path combinations[/list]
2. RELATIONSHIP ANALYSIS OF: NTNP.EXE[list][*]Malicious Objects Created: 5 objects[*]Malicious Creators: 13[*]Malware Run Keys: Creates registry run keys for known malware objects[*]Self Persists: Yes, creates copies of itself[*]Antivirus Detection: No third party antivirus detection observed[*]Anti-Spyware Detection: No third party anti-spyware detection observed[/list]3. ACTIVITY ANALYSIS OF: NTNP.EXE[list][*]The following behaviors have been observed for this object:[*]Installs programs.[*]Deletes programs.[*]Invokes dll components.[*]Registers Browser Help Objects.[*]Creates Run Keys.[*]Creates Run Once Keys.[*]Runs other programs.[*]Runs other programs.[*]Modifies Browser Search Settings.[*]Can hide files from the user, such as rootkits.[*]Creates registry entries.[*]Creates run keys for known malware.[*]Creates known malware.[*]Packed Executable.[*]Hidden From Task Manager.[*]Injects DLLs into multiple processes.[/list]4. PROPAGATION ANALYSIS OF: NTNP.EXE[list][*]Malware Group Propagation Rate: Moderate (spreading)[*]Malware Group: Trojan Win32 Agent bi[*]Copyright Prevx Limited 2005, 2006[/list]

下载：
Windows XP (All versions - 32/64bit) and Windows 2000 Professional.
[url=http://pxnow.prevx.com/zeroL/SETUP.PREVX2.1.0.1.31.2K2K3XP.x86AMD64.exe]http://pxnow.prevx.com/zeroL/SETUP.PREVX2.1.0.1.31.2K2K3XP.x86AMD64.exe[/url]

Windows Vista (All versions - 32/64bit - This is a beta release - You must use an Admin type account and disable UAC).
[url=http://pxnow.prevx.com/zeroL/SETUP.PREVX2.1.0.1.31.VISTA.x86AMD64.exe]http://pxnow.prevx.com/zeroL/SETUP.PREVX2.1.0.1.31.VISTA.x86AMD64.exe[/url]

Windows 2003 Server (All versions - 32/64bit) and Windows 2000 Server (SP4 only).
[url=http://pxnow.prevx.com/zeroL/SETUP.PREVX2SERVER.1.0.1.31.2K2K3XP.x86AMD64.exe]http://pxnow.prevx.com/zeroL/SETUP.PREVX2SERVER.1.0.1.31.2K2K3XP.x86AMD64.exe[/url]

Other versions of NTNP.EXE

[attach]92[/attach]