感染全盘EXE的DOWNLOADER全力出击,秒杀各路杀软!

chenrui19930

用爆破工具突破了试用版限制,制造出了完整版,试试,小心全盘感染啊

wangjay1980

难道发过？
detected: virus Worm.Win32.AutoRun.cfe        File: C:\Documents and Settings\Owner\×ÀÃæ\nod32repack.rar/nod32repack.exe

spaceplane

avast过

曲中求

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\nod32repack.rar'
C:\Documents and Settings\Administrator\桌面\nod32repack.rar
  [0] Archive type: RAR
  --> nod32repack.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      A backup was created as '4809e00a.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!

hign

C:\Users\Administrator\Desktop\nod32repack.rar>>nod32repack.exe        Worm.AutoRun.cfe.zpto        病毒        已删除/隔离

wolffshen

FS 杀

chenrui19930

和今天的不一样,灰色的功能可以用了,今天早上的只感染HTML,而现在是全部EXE了,还添加了自动变形装置

[ 本帖最后由 chenrui19930 于 2008-2-3 23:44 编辑 ]

chenrui19930

测试一下行为

zzh161

有动作吗？在线分析结果里没动作 之前给的那个倒是有联网

chenrui19930

有动作啊,我这里微点拦截的,只是不知道详细动作