小红伞报电信互联星空宽带登录器（附带小红伞邮件回复）

显示全部楼层 · 发表于 2011-10-20 10:37:36

本帖最后由 245867683 于 2011-10-20 16:11 编辑

从官方下载的，已经上传至115盘，上报给小红伞人工分析的结果依然为木马，电信搞的什么啊

http://115.com/file/dn91v0dj

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00862387.

We received the following archive files:

File ID Filename Size (Byte) Result
26353485 NKSetup25v24_nc.zip 15.41 MB OK
A listing of files contained inside archives alongside their results can be found below:

File ID Filename Size (Byte) Result
26353486 NKSetup25v24_nc.exe 15.49 MB MALWARE

Please find a detailed report concerning each individual sample below:

Filename Result
NKSetup25v24_nc.exe MALWARE

The file 'NKSetup25v24_nc.exe' has been determined to be 'MALWARE'.Our analysts named the threat TR/Horse.SDS.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.138.
Alternatively you can see the analysis result here:
http://analysis.avira.com/sample ... p;incidentid=862387

An overview of all your submissions can be found here:
http://analysis.avira.com/sample ... TXPnVCGjybVTCkB271j

We recommend to use our upload form for further submissions. In case the result is known it will be shown in realtime to you. Furthermore files which are considered to be false positive suspictions can only be submitted using this method. http://analysis.avira.com/samples/index.php?lang=en

Please note: If you have specific questions please address them to support@avira.com

Kind regards
Avira Virus Lab

---------------------------------------------
Avira Operations GmbH & Co. KG
Kaplaneiweg 1, 88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-500 3000
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------

显示全部楼层 · 发表于 2011-10-20 10:39:53

互联星空也可以说是流氓软件啊

显示全部楼层 · 发表于 2011-10-20 10:49:15

A2安全

显示全部楼层 · 发表于 2011-10-20 11:13:06

不被报才不正常呢
这货真不是什么好东西

显示全部楼层 · 发表于 2011-10-20 12:19:30

教室的无线不给力~~~

不下了~~~

显示全部楼层 · 发表于 2011-10-20 12:27:15

大蜘蛛：
NKSetup25v24_nc.exe\wm_hooks.dll - is riskware program Program.RemoteAdmin

显示全部楼层 · 发表于 2011-10-20 12:55:40

留侯发表于 2011-10-20 12:27
大蜘蛛：
NKSetup25v24_nc.exe\wm_hooks.dll - is riskware program Program.RemoteAdmin

汗，国外杀软基本都报

显示全部楼层 · 发表于 2011-10-20 12:56:17

抱金砖发表于 2011-10-20 11:13
不被报才不正常呢
这货真不是什么好东西

没办法，不装这东西在学校无法联网

显示全部楼层 · 发表于 2011-10-20 12:59:35

TR/horse。sds

显示全部楼层 · 发表于 2011-10-20 13:40:44

估计它代码里有一些比较恶心的收集信息以及定时弹广告功能

[误报文件] 小红伞报电信互联星空宽带登录器（附带小红伞邮件回复）

浏览过的版块