收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 Avira(小红伞) 怎样处理HEUR/Exploit.HTML?
12下一页
返回列表 发新帖
查看: 4059|回复: 13
收起左侧

[求助] 怎样处理HEUR/Exploit.HTML?

[复制链接]
guoyunfeifei
发表于 2008-2-9 22:51:35 | 显示全部楼层 |阅读模式
自从我打开一个论坛(http://www.knifriend.com/viewthread.php?tid=88309&;fpage=1&highlight=%c4%a5%b5%b6)里的一个连接(不记得是哪个)后,
我只要一上网(包括门户网站)或一开PPLIVE网络电视小红伞就提示发现病毒或木马




小红伞里提示的是发现HEUR/Exploit.HTML


对于发现的问题小红伞并不能删除,只能将HEUR/Exploit.HTML放到隔离区.
过一小段时间同样的问题又会重复出现,连续多次报警,严重的话还会引至短暂的死机,真郁闷!

请问:该如何处理?
---------------------------------
小红伞官方最新回复:
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00122540.



We received the following archive files:

File ID Filename Size (Byte)Result
3725211 google_cn[2].rar311 ByteOK
A listing of files contained inside archives alongside their results can be found below:
File ID Filename Size (Byte)Result
3725212 google_cn[2].htm 317 Byte MALWARE

Please find a detailed report concerning each individual sample below:
FilenameResult
google_cn[2].htm MALWARE

The file 'google_cn[2].htm' has been determined to be 'MALWARE'.
Our analysts named the threat HEUR/Exploit.HTML. This malware is detected by a special detection routine from the engine module.
Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=IFbphHDZhINQjt9fCNbL5ZtqR5ETRC6I&incidentid=122540

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=IFbphHDZhINQjt9fCNbL5ZtqR5ETRC6I

Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------
情况同前,请问该如何处理??

[ 本帖最后由 guoyunfeifei 于 2008-2-12 23:40 编辑 ]
回复

举报

guoyunfeifei
 楼主| 发表于 2008-2-9 22:55:34 | 显示全部楼层
小红伞提示:
HEUR/Exploit.HTML - Heuristic See also            
Summary  Full description  Statistics  

How would you rate this information?   
Worthless           Excellent   




Virus: HEUR/Exploit.HTML
Type: AHeAD Heuristic special detection
In the wild: No
Reported Infections: Low
Distribution Potential: Low
Damage Potential: Low
Static file: No

Important information • The write up for this analysis is currently in progress. Please check again later for more details.

For more details see full description here .


Description inserted by Andrei Ivanes on Wed, 29 Aug 2007 09:32 (GMT+1)
Description updated by Andrei Ivanes on Wed, 29 Aug 2007 09:35 (GMT+1)

  » About Malware  
» About Phishing  
» Viruses In the Wild   

« back
回复

举报

spatra
发表于 2008-2-9 23:03:28 | 显示全部楼层
去隔离区把样本上报(不过周末休息,星期一应该有回复)
回复

举报

kfjtkk
发表于 2008-2-9 23:20:14 | 显示全部楼层
支持,顶一下》
回复

举报

kfjtkk
发表于 2008-2-9 23:20:37 | 显示全部楼层
支持,顶一下》

评分

参与人数 1经验 -1 收起 理由
jimmyleo -1 抱歉 灌水

查看全部评分

回复

举报

kfjtkk
发表于 2008-2-9 23:22:03 | 显示全部楼层
支持,顶一下》

评分

参与人数 1经验 -2 收起 理由
woai_jolin -2 抱歉,这个帖子按规定属于恶意灌水

查看全部评分

回复

举报

alskdjfhg
发表于 2008-2-9 23:57:55 | 显示全部楼层
你在干什么?恶意灌水?不想要你的ID了?
回复

举报

mofunzone
发表于 2008-2-10 02:28:46 | 显示全部楼层
怀疑arp,检查一下,把报的样本隔离,发到卡反的样本区去
回复

举报

guoyunfeifei
 楼主| 发表于 2008-2-11 21:43:12 | 显示全部楼层
原帖由 spatra 于 2008-2-9 23:03 发表
去隔离区把样本上报(不过周末休息,星期一应该有回复)

怎么老是上报失败?我用的是C版。
我上报的方法是:http://bbs.kafan.cn/viewthread.php?tid=41913&extra=page%3D6
如果上报方法错误,请兄台明示!

[ 本帖最后由 guoyunfeifei 于 2008-2-11 21:57 编辑 ]
回复

举报

guoyunfeifei
 楼主| 发表于 2008-2-12 23:18:48 | 显示全部楼层
原帖由 mofunzone 于 2008-2-10 02:28 发表
怀疑arp,检查一下,把报的样本隔离,发到卡反的样本区去

今天得到官方回复,详情如下:
Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00122540.



We received the following archive files:

File ID Filename Size (Byte)Result
3725211 google_cn[2].rar311 ByteOK
A listing of files contained inside archives alongside their results can be found below:
File ID Filename Size (Byte)Result
3725212 google_cn[2].htm 317 Byte MALWARE

Please find a detailed report concerning each individual sample below:
FilenameResult
google_cn[2].htm MALWARE

The file 'google_cn[2].htm' has been determined to be 'MALWARE'.
Our analysts named the threat HEUR/Exploit.HTML. This malware is detected by a special detection routine from the engine module.
Alternatively you can see the analysis result here:
http://analysis.avira.com/samples/details.php?uniqueid=IFbphHDZhINQjt9fCNbL5ZtqR5ETRC6I&incidentid=122540

An overview of all your submissions can be found here:
http://analysis.avira.com/samples/details.php?uniqueid=IFbphHDZhINQjt9fCNbL5ZtqR5ETRC6I

Please note: The detection of Spy/Adware is not available in the product "AntiVir PersonalEdition Classic". Please address specific questions to support@avira.com
Kind regards
Avira Virus Lab

---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-525 10
Internet: http://www.avira.com

CEO: Tjark Auerbach
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992
---------------------------------------------
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-9 01:57 , Processed in 0.126404 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表