几个星期了MKF还查不出这病毒！这是我上次发布过的杀病毒的病毒完整板

qiqi00612

原帖由 playx 于 2007-5-17 16:30 发表
上报后回覆..



We have analyzed your submission.  The following is a report of our
findings for each file you have submitted:

filename:  u.rar
machine: Machine
result: See the develope ...

你是报到那里去的？？？那个大包为什么不报啊，就是那个大包的只有一个查出啊其它的全不行...

playx

大包是否有13个档..只回覆7个先贴..后6个回覆再贴

filename:  viurs2.rar
machine: Machine
result: See the developer notes

filename: setup.exe
machine: Machine
result: See the developer notes

filename: eyviewer.exe
machine: Machine
result: This file is detected as W32.Looked.BK.
http://www.symantec.com/avcenter/venc/data/w32.looked.bk.html

filename: searchtool.dll
machine: Machine
result: This file is detected as Adware.Searchtool.  

filename: horoscopes.exe
machine: Machine
result: See the developer notes

filename: slimjunn.exe
machine: Machine
result: See the developer notes

filename: u.vbe
machine: Machine
result: This file is clean

filename: u.bat
machine: Machine
result: This file is detected as W32.Uisgon.A.  

Developer notes:
viurs2.rar is a container file of type  RAR
setup.exe Our automation was unable to identify any malicious content
in this submission.
The file will be stored for further human analysis  This file is
contained by   viurs2.rar
eyviewer.exe is detected and repaired by NAV with the latest available
definition.  Please follow the instruction at the end of this email
message to install the latest available definitions.  This file is
contained by   viurs2.rar
searchtool.dll is an adware   This file is contained by   viurs2.rar
horoscopes.exe Our automation was unable to identify any malicious
content in this submission.
The file will be stored for further human analysis  This file is
contained by   viurs2.rar
slimjunn.exe The submitted file will just pop up advertisements. It is
safe to delete this file.   This file is contained by   viurs2.rar
u.vbe is a clean file  This file is contained by   viurs2.rar
u.bat is non-repairable threat. Please delete this file and replace it
if necessary. Please follow the instruction at the end of this email
message to install the latest available definitions.  This file is
contained by   viurs2.rar

playx

刚刚将其余6个一一上报...还差3个

filename:  ebayshop.rar
machine: Machine
result: See the developer notes

filename: ebayshop.exe
machine: Machine
result: This file is detected as Adware.Kiswin.  

Developer notes:
ebayshop.rar is an infected container file of type  RAR
ebayshop.exe installs Adware.  This file is contained by   ebayshop.rar



filename:  autorun.rar
machine: Machine
result: This file is clean

filename: autorun.inf
machine: Machine
result: This file is clean

Developer notes:
autorun.rar is a container file of type  RAR
autorun.inf is a clean file  This file is contained by   autorun.rar


filename:  AUTOEXEC.rar
machine: Machine
result: This file is clean

filename: AUTOEXEC.BAT
machine: Machine
result: This file is clean

filename: msg-2624-3.txt
machine: Machine
result: This file is clean

Developer notes:
AUTOEXEC.rar is a container file of type  RAR
AUTOEXEC.BAT is a container file of type  MIME. This file is contained
by   AUTOEXEC.rar
msg-2624-3.txt  is a harmless part of a worm-generated email message.  
This file is contained by  AUTOEXEC.BAT

qiqi00612

原帖由 playx 于 2007-5-18 01:29 发表
大包是否有13个档..只回覆7个先贴..后6个回覆再贴

filename:  viurs2.rar
machine: Machine
result: See the developer notes

filename: setup.exe
machine: Machine
result: See the developer not ...

不太明你的意思，除去那个U.rar是一个包外，那个Upang.rar是别一个包，只是太大了，我把他分成500KB一个的。

playx

因为上报不能超过9个档..所以重新在压缩成2个rar上传

[ 本帖最后由 playx 于 2007-5-18 13:58 编辑 ]

wjjxqx

哈，咖啡确实是没动静，不过不知道这个病毒的危害性在哪里？LZ试过没有？

qiqi00612

原帖由 wjjxqx 于 2007-5-18 14:21 发表
哈，咖啡确实是没动静，不过不知道这个病毒的危害性在哪里？LZ试过没有？

其中有个威金的啊！其他就是会感染所有的盘符了，就是会传染了。。。。

playx

终于回覆..等真久

filename:  viurs1.rar
machine: Machine
result: See the developer notes

filename: desktop.ini
machine: Machine
result: This file is clean

filename: autorun.inf
machine: Machine
result: This file is clean

filename: ebayshop.exe
machine: Machine
result: This file is detected as Adware.Kiswin.  

filename: 8bye.txt
machine: Machine
result: This file is clean

filename: angelinajoliedt.exe
machine: Machine
result: This file is detected as Trojan.Dropper.
http://www.symantec.com/avcenter/venc/data/trojan.dropper.html

filename: AUTOEXEC.BAT
machine: Machine
result:  

filename: msg-2624-1.txt
machine: Machine
result: This file is clean

Developer notes:
viurs1.rar is an archive that contains a non-repairable
worm(s)/trojan(s).  Please delete the afflicted file(s) and restore from a known
clean backup, as needed.
desktop.ini is a clean file  This file is contained by   viurs1.rar
autorun.inf is a clean file  This file is contained by   viurs1.rar
ebayshop.exe is an adware   This file is contained by   viurs1.rar
8bye.txt is a clean file  This file is contained by   viurs1.rar
angelinajoliedt.exe is non-repairable threat. Please delete this file
and replace it if necessary. Please follow the instruction at the end of
this email message to install the latest available definitions.  This
file is contained by   viurs1.rar
AUTOEXEC.BAT   This file is contained by   viurs1.rar
msg-2624-1.txt  is a clean file.  This file is contained by  
AUTOEXEC.BAT



Symantec Security Response has determined that the sample(s) that you
provided are infected with a virus, worm, or Trojan. We have created
RapidRelease definitions that will detect this threat. Please follow the
instruction at the end of this email message to download and install the
latest RapidRelease definitions.
Downloading and Installing RapidRelease Definition Instructions:
1. Open your Web browser. If you are using a dial-up connection,
connect to any Web site, such as:  http://securityresponse.symantec.com/
2. Click this link to the ftp site:
ftp://ftp.symantec.com/public/en ... releasedefsi32.exe.
If it does not go to the site (this could take a minute or so if you
have a slow connection), copy and paste the address into the address bar
of your Web browser and then press Enter.
3. When a download dialog box appears, save the file to the Windows
desktop.
4. Double-click the downloaded file and follow the prompts.

Should you have any questions about your submission, please contact
your regional technical support from the Symantec website and give them
the tracking number in the subject of this message.

-----------------------------------------------------------------------
This message was generated by Symantec Security Response automation.

For USA:
For electronic support options, Symantec provides On-Line Services at
http://www.symantec.com/techsupp/

fanrubin

卡巴杀10个