查看: 3650|回复: 12
收起左侧

[已鉴定] 来个+个地址

 关闭 [复制链接]
流清泉
头像被屏蔽
发表于 2008-1-30 19:20:13 | 显示全部楼层 |阅读模式
来个
http://qqck.512j.com/QQck.zip
里面好像是鸽子吧
http://www.fs2you.com/zh-cn/files/a93767ae-cf13-11dc-890e-00142218fc6e/

[ 本帖最后由 流清泉 于 2008-1-30 21:34 编辑 ]
qigang
发表于 2008-1-30 19:31:04 | 显示全部楼层

QQ聊天纪录察看器

rising20.29.22不杀!

QQck.zip

849.21 KB, 下载次数: 145

su-tt
发表于 2008-1-30 19:37:53 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\Administrator\桌面\QQck.zip'
C:\Documents and Settings\Administrator\桌面\QQck.zip
  [0] Archive type: ZIP
  --> QQÁÄÌì¼Í¼²ì¿´Æ÷.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!


End of the scan: 2008年1月30日  19:37
Used time: 00:04 min

The scan has been done completely.

      0 Scanning directories
      2 Files were scanned
      0 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes
taiw_1144
发表于 2008-1-30 19:43:02 | 显示全部楼层
发现可疑程序
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPARATION.TMP
可疑程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ALL USERS\FAVORITES\NETSERVICE.EXE
是否阻止该进程继续运行?

删除确认
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPARATION.TMP
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ALL USERS\FAVORITES\NETSERVICE.EXE
是否删除病毒程序及其衍生物?

这种微点还是会管的
spatra
发表于 2008-1-30 19:44:07 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\Administrator\桌面\QQck.zip'
C:\Documents and Settings\Administrator\桌面\QQck.zip
  [0] Archive type: ZIP
  --> QQÁÄÌì¼Í¼²ì¿´Æ÷.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!

红伞启发
gho
发表于 2008-1-30 19:53:03 | 显示全部楼层
TEMP\TEMPARATION.TMP被FS系统控制抑制
冷冷
发表于 2008-1-30 19:54:04 | 显示全部楼层
希望楼主一次性贴完
不要等会又加新的来哦!!
先占个位置!
-------------------------------
I:\virus\test\QQ聊天纪录察看器.exe - Signature 'Backdoor.Pcclient.SYX' found
1 File scanned
   (0 Archives with 0 files)
1 Signature found
0 Suspect code-parts found
Used time: 0:00.094
--------------------------------
4.PNG
1.PNG 2.PNG
3.PNG 5.PNG

[ 本帖最后由 冷_冷 于 2008-1-30 20:05 编辑 ]
鱼是一只我
发表于 2008-1-30 20:49:51 | 显示全部楼层
费尔 卡巴  过
Graybird
发表于 2008-1-30 22:30:18 | 显示全部楼层
The file 'QQ##############.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Drop.Agent.xca. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Malware.
leonfg
发表于 2008-1-30 22:49:17 | 显示全部楼层
nod不报
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 15:02 , Processed in 0.144368 second(s), 20 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表