这个不是病毒吧？？？

显示全部楼层 · 发表于 2008-9-15 22:45:47

00008548 10008548    0 user32.dll
000086EE 100086EE    0 GetLastError
000086FE 100086FE    0 lstrcpyA
0000870A 1000870A    0 lstrlenA
00008716 10008716    0 lstrcatA
00008722 10008722    0 GetComputerNameA
00008736 10008736    0 GetSystemDirectoryA
0000874C 1000874C    0 lstrcmpA
00008756 10008756    0 KERNEL32.dll
00008766 10008766    0 wsprintfA
00008770 10008770    0 USER32.dll
0000877E 1000877E    0 GetUserNameA
0000878E 1000878E    0 RegCloseKey
0000879C 1000879C    0 RegQueryValueExA
000087B0 100087B0    0 RegCreateKeyExA
000087C2 100087C2    0 RegQueryValueA
000087D4 100087D4    0 RegOpenKeyA
000087E0 100087E0    0 ADVAPI32.dll
000087EE 100087EE    0 WS2_32.dll
000087FC 100087FC    0 SetLastError
0000880C 1000880C    0 VirtualProtect
0000881E 1000881E    0 FlushInstructionCache
00008836 10008836    0 GetCurrentProcess
0000884A 1000884A    0 GetProcAddress
0000885C 1000885C    0 LoadLibraryA
0000886C 1000886C    0 GetCommandLineA
0000887E 1000887E    0 GetVersion
0000888C 1000888C    0 RtlUnwind
00008898 10008898    0 EnterCriticalSection
000088B0 100088B0    0 LeaveCriticalSection
000088C8 100088C8    0 HeapFree
000088D4 100088D4    0 CloseHandle
000088E2 100088E2    0 ReadFile
000088EE 100088EE    0 InitializeCriticalSection
0000890A 1000890A    0 ExitProcess
00008918 10008918    0 TerminateProcess
0000892C 1000892C    0 GetCurrentThreadId
00008942 10008942    0 TlsSetValue
00008950 10008950    0 TlsAlloc
0000895C 1000895C    0 TlsFree
00008966 10008966    0 TlsGetValue
00008974 10008974    0 SetHandleCount
00008986 10008986    0 GetStdHandle
00008996 10008996    0 GetFileType
000089A4 100089A4    0 GetStartupInfoA
000089B6 100089B6    0 DeleteCriticalSection
000089CE 100089CE    0 GetModuleFileNameA
000089E4 100089E4    0 FreeEnvironmentStringsA
000089FE 100089FE    0 FreeEnvironmentStringsW
00008A18 10008A18    0 WideCharToMultiByte
00008A2E 10008A2E    0 GetEnvironmentStrings
00008A46 10008A46    0 GetEnvironmentStringsW
00008A60 10008A60    0 HeapDestroy
00008A6E 10008A6E    0 HeapCreate
00008A7C 10008A7C    0 VirtualFree
00008A8A 10008A8A    0 WriteFile
00008A96 10008A96    0 HeapAlloc
00008AA2 10008AA2    0 VirtualAlloc
00008AB2 10008AB2    0 HeapReAlloc
00008AC0 10008AC0    0 SetStdHandle
00008AD0 10008AD0    0 FlushFileBuffers
00008AE4 10008AE4    0 SetFilePointer
00008AF6 10008AF6    0 CreateFileA
00008B04 10008B04    0 GetCPInfo
00008B10 10008B10    0 GetACP
00008B1A 10008B1A    0 GetOEMCP
00008B26 10008B26    0 SetEndOfFile
00008B36 10008B36    0 MultiByteToWideChar
00008B4C 10008B4C    0 LCMapStringA
00008B5C 10008B5C    0 LCMapStringW
00008B6C 10008B6C    0 GetStringTypeA
00008B7E 10008B7E    0 GetStringTypeW
00009034 10009034    0 \pscColct.dll
00009044 10009044    0 FuckYou%d
00009050 10009050    0 SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E551-0000-0000-C000-000000000046}
000090B4 100090B4    0 SOFTWARE\AutoSoft\MultRun2
000090D0 100090D0    0 imagehlp.dll
000090E0 100090E0    0 ImagehlpApiVersionEx
000090F8 100090F8    0 SymInitialize
00009108 10009108    0 SymSetOptions
00009118 10009118    0 SymGetOptions
00009128 10009128    0 SymLoadModule
00009138 10009138    0 SymGetModuleInfo
0000914C 1000914C    0 SymGetSymFromName

一大堆..
实在看不下去了..直接上报红伞

显示全部楼层 · 发表于 2008-9-15 22:48:13

25134766 MyDll.dll 44 KB UNDER ANALYSIS

显示全部楼层 · 发表于 2008-9-15 22:59:41

2008-9-15 22:59:26 http://bbs.kafan.cn/attachment.p ... 21490719//MyDll.dll ThunderS Module 拒绝: Backdoor.Win32.Delf.iap 启发式分析计算的威胁级别值较高
2008-9-15 22:59:26 http://bbs.kafan.cn/attachment.p ... 21490719//MyDll.dll ThunderS Module 检测到: Backdoor.Win32.Delf.iap 启发式分析计算的威胁级别值较高
2008-9-15 22:59:20 http://bbs.kafan.cn/attachment.p ... 21490719//MyDll.dll ThunderS Module 拒绝: Backdoor.Win32.Delf.iap 启发式分析计算的威胁级别值较高
2008-9-15 22:59:20 http://bbs.kafan.cn/attachment.p ... 21490719//MyDll.dll ThunderS Module 检测到: Backdoor.Win32.Delf.iap 启发式分析计算的威胁级别值较高

显示全部楼层 · 发表于 2008-9-15 23:29:44

Not FP..

25134766 MyDll.dll 44 KB MALWARE
楼主希望破灭

显示全部楼层 · 发表于 2008-9-15 23:43:24

有潜在威胁

[病毒样本] 这个不是病毒吧？？？