ccb561

显示全部楼层 · 发表于 2007-8-14 15:48:43

红伞杀1个Start of the scan: 2007年8月14日  15:47

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\99.rar
  [0] Archive type: RAR
  --> 99.exe
   [DETECTION] Is the Trojan horse TR/Hijack.Explor.3889
   [INFO]    The file was deleted!

End of the scan: 2007年8月14日  15:47
Used time: 00:16 min

The scan has been done completely.

   1 Scanning directories
   2 Files were scanned
   1 viruses and/or unwanted programs were found
   0 classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-8-14 15:52:35

好像运行了没有什么动静，没有危害嘛，谁能解释一下呀？

显示全部楼层 · 发表于 2007-8-14 15:53:45

AVAST和NOD32都过啦

显示全部楼层 · 发表于 2007-8-14 16:00:03

kaspersky and mcafee pass

显示全部楼层 · 发表于 2007-8-14 16:05:10

我这里是注入浏览器
修改内存
然后就结束了...
等了很久都没反映~

显示全部楼层 · 发表于 2007-8-14 16:13:43

原帖由 lsyer 于 2007-8-14 16:05 发表
我这里是注入浏览器
修改内存
然后就结束了...
等了很久都没反映~

所以我很奇怪，怎么都没结果了呢，也没什么生成物，可能是误报而已

显示全部楼层 · 发表于 2007-8-14 16:25:50

反病毒引擎版本最后更新扫描结果
AhnLab-V3 2007.8.9.2 2007.08.13 -
AntiVir 7.4.0.60 2007.08.14 TR/Hijack.Explor.3889
Authentium 4.93.8 2007.08.13 -
Avast 4.7.1029.0 2007.08.13 -
AVG 7.5.0.476 2007.08.13 Generic6.KDP
BitDefender 7.2 2007.08.14 BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal 9.00 2007.08.13 (Suspicious) - DNAScan
ClamAV 0.91 2007.08.14 -
DrWeb 4.33 2007.08.14 -
eSafe 7.0.15.0 2007.08.10 Suspicious Trojan/Worm
eTrust-Vet 31.1.5058 2007.08.14 -
Ewido 4.0 2007.08.13 -
FileAdvisor 1 2007.08.14 -
Fortinet 2.91.0.0 2007.08.14 Basine.C
F-Prot 4.3.2.48 2007.08.13 -
F-Secure 6.70.13030.0 2007.08.14 W32/Malware
Ikarus T3.1.1.12 2007.08.14 Trojan-Spy.Win32.VB.kk
Kaspersky 4.0.2.24 2007.08.14 -
McAfee 5096 2007.08.13 -
Microsoft 1.2704 2007.08.14 -
NOD32v2 2458 2007.08.14 -
Norman 5.80.02 2007.08.13 -
Panda 9.0.0.4 2007.08.14 Suspicious file
Prevx1 V2 2007.08.14 -
Rising 19.36.11.00 2007.08.14 -
Sophos 4.20.0 2007.08.12 Mal/Basine-C
Sunbelt 2.2.907.0 2007.08.14 VIPRE.Suspicious
Symantec 10 2007.08.14 -
TheHacker 6.1.8.168 2007.08.14 -
VBA32 3.12.2.2 2007.08.13 -
VirusBuster 4.3.26:9 2007.08.13 -
Webwasher-Gateway 6.0.1 2007.08.14 Trojan.Hijack.Explor.3889

显示全部楼层 · 发表于 2007-8-14 17:42:55

显示全部楼层 · 发表于 2007-8-14 22:54:20

Malicious code found in file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.653\99.EXE.
Infection: W32/Malware
Action: none.

[病毒样本] ccb561

回复 #12 taihuxian 的帖子

本帖子中包含更多资源