收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 红伞报毒,卡巴不报,发来大家鉴赏鉴赏
12
返回列表 发新帖
楼主: fljoan1
 收起左侧

[病毒样本] 红伞报毒,卡巴不报,发来大家鉴赏鉴赏

[复制链接]
timhas266
发表于 2007-12-16 09:25:43 | 显示全部楼层
原來是誤報
回复

举报

fljoan1
 楼主| 发表于 2007-12-16 09:42:43 | 显示全部楼层
我看不太像是误报。这么多杀软报,而且报的都是灰鸽子,而且有些杀软是以大病毒库出名的,也就是说确实有灰鸽子的代码。但卡巴实验室怎么就说没发现病毒呢~~~
回复

举报

hj5abc
发表于 2007-12-16 10:22:29 | 显示全部楼层
看看sb怎么说 ..

Womcc.exe : Not detected by Sandbox

[ DetectionInfo ]
    * Sandbox name: NO_MALWARE
    * Signature name: W32/Hupigon.FOQ (这个是特征码杀的)
    * Compressed: NO
    * TLS hooks: YES
    * Executable type: Application
    * Executable file structure: OK

[ General information ]
    * File length:      3202048 bytes.
    * MD5 hash: d790bd18ccfeead51919af27b9741a96.

[ Process/window information ]
    * Creates an event called .
    * Creates a mutex Windows Optimization Master.

这是鸽子 ?
回复

举报

ssyknuwyg
发表于 2007-12-16 10:24:06 | 显示全部楼层
看名字的确是挥戈子
回复

举报

moonsilver
发表于 2007-12-16 10:25:50 | 显示全部楼层
无法找到组件,程序无法启动


mp pass
回复

举报

无尽藏海
发表于 2007-12-17 21:07:31 | 显示全部楼层
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00106788.




We received the following archive files:


File ID  Filename  Size (Byte) Result
3600389  Womcc.rar 1.01 MB OK

A listing of files contained inside archives alongside their results can be found below:

File ID  Filename  Size (Byte) Result
3600390  Womcc.exe  3.05 MB  FALSE POSITIVE


Please find a detailed report concerning each individual sample below:

Filename Result  Womcc.exe  FALSE POSITIVE

The file 'Womcc.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.

Alternatively you can see the analysis result here:
http://analysis.avira.com/sample ... p;incidentid=106788

An overview of all your submissions can be found here:
http://analysis.avira.com/sample ... ILgbs8ELHAnJvKsGYVn


Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com

Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------
回复

举报

挪威的冬天
发表于 2007-12-17 21:12:08 | 显示全部楼层
缺少 wormp2p。dll

这个文件名真恶心
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-22 20:45 , Processed in 0.142398 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表