agsdg

显示全部楼层 · 发表于 2008-8-18 16:30:42

qagsd

显示全部楼层 · 发表于 2008-8-18 16:31:05

红伞竟然..没反应..

显示全部楼层 · 发表于 2008-8-18 16:33:07

卡巴 ESET KILL ALL

显示全部楼层 · 发表于 2008-8-18 16:33:31

卡巴直接拦截：

2008-08-18 16:32:01 拒绝: Exploit.JS.CVE-2006-1359.aj Firefox http://bbs.kafan.cn/attachment.p ... mp;t=1219048263//4/黑手刃2008免杀网马生成器终生免费版.exe//PE_Patch.UPX//UPX//C:\Documents and Settings\Administrator\桌面\黑手刃2008免杀网马生成器[终生免费版].exe

显示全部楼层 · 发表于 2008-8-18 16:34:58

To Avira

显示全部楼层 · 发表于 2008-8-18 16:36:23

显示全部楼层 · 发表于 2008-8-18 16:46:56

运行后

25117141    Exec.exe    21.5 KB    MALWARE
The file 'Exec.exe' has been determined to be 'MALWARE'. Detection is added to our virus definition file (VDF) starting with version 7.00.04.243. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Malware.

1004885    dialupass.exe    40.79 KB    MALWARE
The file 'dialupass.exe' has been determined to be 'MALWARE'. Our analysts named the threat BDS/Pcclient.GV.254. The term "BDS/" denotes a Backdoor-Server program. Backdoor-Server programs are used to spy out, modify or delete data.Detection is added to our virus definition file (VDF) starting with version 6.38.02.19. Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: HEUR/Crypted.

25117140    Exec2.exe    306.99 KB    UNDER ANALYSIS
25117140    Hacker.com.cn.ini    306.99 KB    UNDER ANALYSIS

显示全部楼层 · 发表于 2008-8-18 16:55:21

d:\工具\样本\4\4\黑手刃2008免杀网马生成器终生免费版.exe packed: PE_Patch.UPX
ERROR: delete wrong pointer (00000000)
d:\工具\样本\4\4\黑手刃2008免杀网马生成器终生免费版.exe packed: UPX
ERROR: delete wrong pointer (00000000)
ERROR: delete wrong pointer (00000000)
d:\工具\样本\4\4\黑手刃2008免杀网马生成器终生免费版.exe archive: Embedded
d:\工具\样本\4\4\黑手刃2008免杀网马生成器终生免费版.exe/C:\Documents and Settings\Administrator\桌面\黑手刃2008免杀网马生成器[终生免费版].exe infected: Exploit.JS.CVE-2006-1359.aj
d:\工具\样本\4\4\黑手刃2008免杀网马生成器终生免费版.exe/C:\Documents and Settings\Administrator\桌面\1.exe infected: Backdoor.Win32.Hupigon.cpb

显示全部楼层 · 发表于 2008-8-18 17:06:12

E:\新建文件夹1\病毒测试文件夹\Run Virus lab\黑手刃2008免杀网马生成器终生免费版.exe > AUTOIT > file.bin - 未查明的 NewHeur_PE 病毒
E:\新建文件夹1\病毒测试文件夹\Run Virus lab\黑手刃2008免杀网马生成器终生免费版.exe > AUTOIT > file.bin - Win32/Hupigon 特洛伊木马的变种

显示全部楼层 · 发表于 2008-8-18 17:09:00

kv 0

[其他相关] agsdg

浏览过的版块