收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 过瑞星扫描和主防
123下一页
返回列表 发新帖
楼主: 江湖的fans
 收起左侧

[病毒样本] 过瑞星扫描和主防

[复制链接]
cliffboy
发表于 2009-2-8 16:34:08 | 显示全部楼层
原帖由 江湖的fans 于 2009-2-8 16:32 发表



就怕他们之间入库不改进主防啊


那你以后关了文件监控用这个病毒测主防,过了主防就给瑞星打电话,发邮件,累死他们
回复

举报

两仪式
发表于 2009-2-8 16:37:52 | 显示全部楼层
NIS KILL
回复

举报

电影结束了
发表于 2009-2-8 17:00:48 | 显示全部楼层
"Detection name";"Trojan horse Dropper.Virukit.B"
回复

举报

heaven888
发表于 2009-2-8 17:05:37 | 显示全部楼层
原帖由 江湖的fans 于 2009-2-8 16:32 发表



就怕他们之间入库不改进主防啊

同意,要彻底的,最快估计要等瑞星2010了
回复

举报

江湖的fans
 楼主| 发表于 2009-2-8 17:07:47 | 显示全部楼层
原帖由 cliffboy 于 2009-2-8 16:34 发表


那你以后关了文件监控用这个病毒测主防,过了主防就给瑞星打电话,发邮件,累死他们


那同时也会累死我的
回复

举报

hm5523
发表于 2009-2-8 17:27:55 | 显示全部楼层
要权限下不来  估计nod能当住吧
回复

举报

tgzw1680
发表于 2009-2-8 17:33:01 | 显示全部楼层
针对瑞星的?机器里面没瑞星,跑了一下没什么异常,呵呵.等待楼下瑞星规则全面的人测试

[ 本帖最后由 tgzw1680 于 2009-2-8 10:35 编辑 ]
回复

举报

江湖的fans
 楼主| 发表于 2009-2-8 17:38:00 | 显示全部楼层

回复 17楼 tgzw1680 的帖子

不可能没有异常
回复

举报

江湖的fans
 楼主| 发表于 2009-2-8 17:40:52 | 显示全部楼层
病毒运行

瑞星无视

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

evilrabbit
发表于 2009-2-8 17:41:24 | 显示全部楼层
----------------------------------
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: DF AA 39 3E 1A DF 01 68 50 70 8D 52 58 78 79 66 E9 B3 6D 84 FE 5C AA 11 E6 7A 73 8E 81 57 F9 46 FC 65 67 A3 60 4D 26 FC 57 73 CE 4C 8E 37 E1 51 3F E8 B9 1B AD 76 65 1A 0A 56 13 12 03 50 A9 DF DC 39 E9 38 E0 9E 4C 5C 92 5C 99 F8 8C 19 F0 68
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: 81 2B 4B BC FF 5B DE 83 4B B8 F1 D2 0A CD F1 84 8B 7E B6 A1 33 A3 84 60 5A E2 33 A3 9C 30 E6 A6 76 D8 DD 6E 92 84 B2 FB 18 A3 FD 69 7B 0F 8A FE A5 6B 97 D2 81 BD 4B 4A FB 32 AE 46 91 2D D7 86 71 CD 37 92 1E FC 85 A6 F4 A9 F2 EE EB 25 E5 A1
HKU\S-1-5-21-1547161642-2147170981-839522115-500\Software\Microsoft\Windows\Shell\Bags\1\Desktop\ColInfo: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD DF DF FD 0F 00 04 00 20 00 10 00 00 00 28 00 00 00 00 00 01 00 00 00 02 00 00 00 03 00 00 00 B4 00 60 00 78 00 78 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
HKU\S-1-5-21-1547161642-2147170981-839522115-500\Software\Microsoft\Windows\Shell\Bags\1\Desktop\ColInfo: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD DF DF FD 0F 00 04 00 20 00 10 00 28 00 3C 00 00 00 00 00 01 00 00 00 02 00 00 00 03 00 00 00 B4 00 60 00 78 00 78 00 00 00 00 00 01 00 00 00 02 00 00 00 03 00 00 00 FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
HKU\S-1-5-21-1547161642-2147170981-839522115-500\Software\Microsoft\Windows\Shell\Bags\1\Desktop\ItemPos800x600(1): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 00 00 00 02 00 00 00 14 00 1F 48 BA 8F 0D 45 25 AD D0 11 98 A8 08 00 36 1B 11 03 18 00 00 00 52 00 00 00 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 18 00 00 00 A2 00 00 00 14 00 1F 58 60 2C 8D 20 EA 3A 69 10 A2 D7 08 00 2B 30 30 9D 98 02 00 00 42 01 00 00 14 00 1F 60 40 F0 5F 64 81 50 1B 10 9F 08 00 AA 00 2F 95 4E 18 00 00 00 F2 00 00 00 14 00 1F 68 80 53 1C 87 A0 42 69 10 A2 EA 08 00 2B 30 30 9D 18 00 00 00 42 01 00 00 64 00 32 00 FE 02 00 00 3F 3A B4 59 20 00 57 49 4E 44 4F 57 7E 31 2E 4C 4E 4B 00 00 48 00 03 00 04 00 EF BE 3F 3A B4 59 47 3A 11 6B 14 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4D 00 65 00 64 00 69 00 61 00 20 00 50 00 6C 00 61 00 79 00 65 00 72 00 2E 00 6C 00 6E 00 6B 00 00 00 1C 00 68 00 00 00 E2 01 00 00 4C 00 32 00 9C 47 13 00 48 3A EF 4C 20 00 53 44 5F 53 65 74 75 70 2E 7A 69 70 00 00 30 00 03 00 04 00 EF BE 48 3A EF 4C 48 3A EF 4C 14 00 00 00 53 00 44 00 5F 00 53 00 65 00 74 00 75 00 70 00 2E 00 7A 00 69 00 70 00 00 00 1C 00 18 00 00 00 92 01 00 00 40 00 31 00 00 00 00 00 48 3A F4 4C 10 00 53 44 5F 53 65 74 75 70 00 00 28 00 03 00 04 00 EF BE 48 3A F4 4C 48 3A F4 4C 14 00 00 00 53 00 44 00 5F 00 53 00 65 00 74 00 75 00 70 00 00 00 18 00 18 00 00 00 E2 01 00 00 5A 00 32 00 DB 02 00 00 48 3A F9 4C 20 00 53 48 41 44 4F 57 7E 31 2E 4C 4E 4B 00 00 3E 00 03 00 04 00 EF BE 48 3A F9 4C 48 3A F9 4C 14 00 00 00 53 00 68 00 61 00 64 00 6F 00 77 00 20 00 44 00 65 00 66 00 65 00 6E 00 64 00 65 00 72 00 2E 00 6C 00 6E 00 6B 00 00 00 1C 00 18 00 00 00 E2 01 00 00 00 00 00 00
HKU\S-1-5-21-1547161642-2147170981-839522115-500\Software\Microsoft\Windows\Shell\Bags\1\Desktop\ItemPos800x600(1): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 00 00 00 02 00 00 00 14 00 1F 48 BA 8F 0D 45 25 AD D0 11 98 A8 08 00 36 1B 11 03 18 00 00 00 52 00 00 00 14 00 1F 50 E0 4F D0 20 EA 3A 69 10 A2 D8 08 00 2B 30 30 9D 18 00 00 00 A2 00 00 00 14 00 1F 58 60 2C 8D 20 EA 3A 69 10 A2 D7 08 00 2B 30 30 9D 98 02 00 00 42 01 00 00 14 00 1F 60 40 F0 5F 64 81 50 1B 10 9F 08 00 AA 00 2F 95 4E 18 00 00 00 F2 00 00 00 14 00 1F 68 80 53 1C 87 A0 42 69 10 A2 EA 08 00 2B 30 30 9D 68 00 00 00 52 00 00 00 3A 00 31 00 00 00 00 00 48 3A 70 4D 10 00 4B 49 4C 4C 52 53 00 00 24 00 03 00 04 00 EF BE 48 3A 70 4D 48 3A 71 4D 14 00 00 00 4B 00 49 00 4C 00 4C 00 52 00 53 00 00 00 16 00 68 00 00 00 02 00 00 00 48 00 31 00 00 00 00 00 48 3A 43 4D 10 00 72 65 67 73 68 6F 74 31 2E 37 32 00 2E 00 03 00 04 00 EF BE 48 3A 40 4D 48 3A 43 4D 14 00 00 00 72 00 65 00 67 00 73 00 68 00 6F 00 74 00 31 00 2E 00 37 00 32 00 00 00 1A 00 18 00 00 00 92 01 00 00 40 00 31 00 00 00 00 00 48 3A F4 4C 10 00 53 44 5F 53 65 74 75 70 00 00 28 00 03 00 04 00 EF BE 48 3A F4 4C 48 3A F5 4C 14 00 00 00 53 00 44 00 5F 00 53 00 65 00 74 00 75 00 70 00 00 00 18 00 58 01 00 00 F2 00 00 00 46 00 32 00 CD 11 00 00 48 3A 2E 4D 20 00 4B 49 4C 4C 52 53 2E 72 61 72 00 00 2C 00 03 00 04 00 EF BE 48 3A 2E 4D 48 3A 2E 4D 14 00 00 00 4B 00 49 00 4C 00 4C 00 52 00 53 00 2E 00 72 00 61 00 72 00 00 00 1A 00 08 01 00 00 F2 00 00 00 52 00 32 00 F4 DD 00 00 48 3A 3C 4D 20 00 52 45 47 53 48 4F 7E 31 2E 5A 49 50 00 00 36 00 03 00 04 00 EF BE 48 3A 3C 4D 48 3A 3C 4D 14 00 00 00 72 00 65 00 67 00 73 00 68 00 6F 00 74 00 31 00 2E 00 37 00 32 00 2E 00 7A 00 69 00 70 00 00 00 1C 00 68 00 00 00 E2 01 00 00 4C 00 32 00 9C 47 13 00 48 3A EF 4C 20 00 53 44 5F 53 65 74 75 70 2E 7A 69 70 00 00 30 00 03 00 04 00 EF BE 48 3A EF 4C 48 3A EF 4C 14 00 00 00 53 00 44 00 5F 00 53 00 65 00 74 00 75 00 70 00 2E 00 7A 00 69 00 70 00 00 00 1C 00 18 00 00 00 E2 01 00 00 5A 00 32 00 DB 02 00 00 48 3A F9 4C 20 00 53 48 41 44 4F 57 7E 31 2E 4C 4E 4B 00 00 3E 00 03 00 04 00 EF BE 48 3A F9 4C 48 3A F9 4C 14 00 00 00 53 00 68 00 61 00 64 00 6F 00 77 00 20 00 44 00 65 00 66 00 65 00 6E 00 64 00 65 00 72 00 2E 00 6C 00 6E 00 6B 00 00 00 1C 00 18 00 00 00 42 01 00 00 64 00 32 00 FE 02 00 00 3F 3A B4 59 20 00 57 49 4E 44 4F 57 7E 31 2E 4C 4E 4B 00 00 48 00 03 00 04 00 EF BE 3F 3A B4 59 47 3A 11 6B 14 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4D 00 65 00 64 00 69 00 61 00 20 00 50 00 6C 00 61 00 79 00 65 00 72 00 2E 00 6C 00 6E 00 6B 00 00 00 1C 00 18 00 00 00 42 01 00 00 00 00 00 00

----------------------------------
C:\Documents and Settings\Administrator\Cookies\index.dat
C:\Documents and Settings\Administrator\ntuser.dat.LOG
C:\WINDOWS\system32\config\software.LOG

C:\Documents and Settings\Administrator\桌面\KILLRS

C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files

[ 本帖最后由 wolfwalk888 于 2009-2-8 17:46 编辑 ]
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-31 02:26 , Processed in 0.100059 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表