楼主: 运指如飞
收起左侧

[已鉴定] 没有见过这么嚣张网站

 关闭 [复制链接]
qigang
发表于 2008-6-25 21:34:46 | 显示全部楼层

13/1




瑞星病毒查杀结果报告

清除病毒种类列表:

病毒: Trojan.Win32.Undef.hdf   

MAC 地址:00:11:5B:F3:6D:69

用户来源:互联网

软件版本:20.50.22
frodo
发表于 2008-6-25 22:34:17 | 显示全部楼层
说实在的,我们干脆就密切关注这个站点。。。还有大家要混入Q群拿样本 。。。
frodo
发表于 2008-6-25 22:48:25 | 显示全部楼层
http://bbs.77169.com/read-htm-tid-217931.html
照着样子看,他已经到了2.3免杀版本了
电影结束了
发表于 2008-6-25 22:57:27 | 显示全部楼层
F:\virus(5个).rar>>1Backdoor.Agent.jok.vvxm.exe                              后门
F:\virus(5个).rar>>2.exeTrojanDownloader.Aqtemp.r.mhpj木马
F:\virus(5个).rar>>arp.exeHacktool.ArpCheater.c.rzqm  黑客工具
F:\virus(5个).rar>>me.exe TrojanDownloader.Agent.rei.zrpb木马
F:\virus(5个).rar>>wincap.exeHeuri.Suspicious.ERNM   启发式...
aerbeisi
发表于 2008-6-26 00:23:22 | 显示全部楼层
Hello.

No malicious software was found in the attached file.

-----------------
Regards, Evgeny Aseev
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com   http://www.viruslist.com


> Attachment: kd.rar
tanlimo
发表于 2008-6-26 00:43:23 | 显示全部楼层

回复 37楼 aerbeisi 的帖子

这个是怎么回事?

安博士的分析师也说无毒,但是运行kb.exe后系统的确起不来了。
frodo
发表于 2008-6-26 00:54:10 | 显示全部楼层
Avira的分析师也是。。。作者的意思是他不怕分析。。。。你不觉得很奇怪么?难道他就是想入虎穴?。。。?
mofunzone
发表于 2008-6-26 00:54:19 | 显示全部楼层
The file 'C:\TDDOWNLOAD\me.exe'
contained a virus or unwanted program 'TR/Downloader.Gen' [trojan]
Action(s) taken:
The file was deleted!
mofunzone
发表于 2008-6-26 00:54:56 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\virus(5个)'
C:\Documents and Settings\morgan\My Documents\virus(5个)\
  1.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
      [NOTE]      The file was deleted!
  2.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Aqtemp.R
      [NOTE]      The file was deleted!
  arp.exe
      [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.2
      [NOTE]      The file was deleted!
  me.exe
    [0] Archive type: Runtime Packed
    --> Object
      [NOTE]      The file was deleted!
  wincap.exe
    [0] Archive type: Runtime Packed
      --> Object
        [1] Archive type: RSRC
        --> Object
        --> Object
        --> Object
        --> Object
      [DETECTION] Contains suspicious code HEUR/Crypted
      [NOTE]      The fund was classified as suspicious.
      [NOTE]      The file was moved to '48d078bd.qua'!


End of the scan: 2008年6月25日  09:54
Used time: 00:04 min

The scan has been done completely.

      1 Scanning directories
      5 Files were scanned
      4 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:
      4 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      0 Archives were scanned
      0 Warnings
      5 Notes
mofunzone
发表于 2008-6-26 00:57:04 | 显示全部楼层
The file 'C:\TDDOWNLOAD\hackshen.swf'
contained a virus or unwanted program 'EXP/Flash.Gen' [exploit]
Action(s) taken:
The file was deleted!
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-15 10:45 , Processed in 0.080454 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表