过红伞的病毒和木马

ybc13795

放几个过红伞的病毒,解压不要运行啊,到时中毒表怪我啊,呵呵呵 .

[ 本帖最后由 ybc13795 于 2008-8-12 20:32 编辑 ]

Tynox

a-squared	3.5.0.22	2008.08.11	2008-08-11	Trojan.Win32.KillWin.hw	2.399
AntiVir	7.8.1.19	7.0.5.240	2008-08-11	-	2.190
Arcavir	1.0.5	200808111903	2008-08-11	-	1.279
AVAST!	3.0.1	080811-0	2008-08-11	-	0.678
AVG	7.5.51.442	270.6.1/1605	2008-08-11	-	1.551
BitDefender	7.60825.1436879	7.20476	2008-08-12	-	6.391
CA (VET)	9.0.0.143	31.6.6025	2008-08-12	-	5.234
ClamAV	0.93.3	8017	2008-08-12	Trojan.W32.KillWin	0.016
Comodo	2.11	2.0.0.614	2008-08-12	-	0.462
CP Secure	1.1.0.715	2008.08.12	2008-08-12	-	6.132
Dr.Web	4.44.0.9170	2008.08.11	2008-08-11	-	3.115
ewido	4.0.0.2	2008.08.04	2008-08-04	-	2.369
F-Prot	4.4.4.56	20080811	2008-08-11	-	1.367
F-Secure	5.51.6100	2008.08.11.07	2008-08-11	Trojan.Win32.KillWin.ja [AVP]	3.030
Ikarus	T3.1.01.34	2008.08.12.71259	2008-08-12	Virus.Trojan.Win32.KillWin.ja	3.244
Microsoft	1.3807	2008.08.12	2008-08-12	-	5.074
mks_vir	2.01	2008.08.11	2008-08-11	-	2.743
Norman	5.93.01	5.93.00	2008-08-11	-	4.727
nProtect	2008-08-12.00	1765896	2008-08-12	Trojan/W32.KillWin.130048	3.244
Quick Heal	9.50	2008.08.11	2008-08-11	Suspicious - DNAScan	1.756
Sophos	2.77.0	4.32	2008-08-12	-	1.838
Sunbelt	3.1.1542.1	2188	2008-08-11	-	0.432
The Hacker	6.2.96	v00396	2008-08-11	-	0.429
VBA32	3.12.8.3	20080811.0831	2008-08-11	-	1.725
ViRobot	20080811	2008.08.11	2008-08-11	-	0.411
VirusBuster	4.5.11.10	4.5.11/	0010-00-00	-	0.819
卡巴斯基	5.5.10	2008.08.12	2008-08-12	Trojan.Win32.KillWin.ja	0.062
安博士V3	2008.08.12.01	2008.08.12	2008-08-12	-	0.884
江民杀毒	11.0.706	2008.08.11	2008-08-11	-	1.150
熊猫卫士	9.05.01	2008.08.11	2008-08-11	-	1.957
瑞星	20.0	20.57.10.00	2008-08-12	-	0.864
赛门铁克	1.3.0.24	20080811.016	2008-08-11	-	0.252
趋势科技	8.700-1004	5.470.01	2008-08-11	-	0.036
迈克菲	5.2.00	5358	2008-08-11	-	2.486
金山毒霸	2008.1.14.15	2008.8.11.17	2008-08-11	Win32.Troj.KillFiles.mk.3072	0.582
飞塔	2.81-3.11	9.388	2008-08-05	-	1.664

上报红伞

Tynox

Filename	Result
53E839E5	CLEAN

The file '53E839E5' has been determined to be 'CLEAN'.Our analysts did not discovered any malicious content.

Filename	Result
explorer.exe	CLEAN

The file 'explorer.exe' has been determined to be 'CLEAN'.Our analysts did not discovered any malicious content.

Filename	Result
uninst2.exe	CLEAN

The file 'uninst2.exe' has been determined to be 'CLEAN'.Our analysts did not discovered any malicious content.



召唤高手解答

GPRS9000

卡巴阻止下载。

kkgh

金山       C:\Documents and Settings\zh\桌面\病毒\1.exe中        Win32.Troj.KillFiles.mk.3072        处理成功（操作：删除）

chenyilong58

金山现在越来越好了

Tynox

是病毒吗?

红伞的答复:

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.
Tracking number: INC00190221.



We received the following archive files:

File ID	?Filename	Size (Byte)	Result
25111984	??.rar	106.7 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	?Filename	Size (Byte)	Result
25111985	1.exe	12.55 KB	CLEAN
25100440	53E839E5	2.56 KB	CLEAN
25107491	explorer.exe	10.66 KB	CLEAN
25107492	uninst2.exe	102.5 KB	CLEAN

Please find a detailed report concerning each individual sample below:

?Filename	Result
1.exe	CLEAN

The file '1.exe' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

?Filename	Result
53E839E5	CLEAN

The file '53E839E5' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

?Filename	Result
explorer.exe	CLEAN

The file 'explorer.exe' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

?Filename	Result
uninst2.exe	CLEAN

The file 'uninst2.exe' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

召唤高人来解答

[ 本帖最后由 Tynox 于 2008-8-12 16:24 编辑 ]

ahzsmzkf

pass（不仅仅红伞）
用hips的监控一下
虚拟机下当机

[ 本帖最后由 ahzsmzkf 于 2008-8-12 17:23 编辑 ]

yjwfn502

是病毒吗?

ahzsmzkf

需要用eq监控，谁有用hips的监控下，看看有那些3d动作，拜托

我没用hips，太烦