毒来啦～谁想测？？

九尾野狐

应该也是个感染型的蠕虫

呵呵

我现在在下电影

没空测

等有空了再说



wubiaobing  快来啊

wangweivip

看了个开头，没继续下去，实机......

[ 本帖最后由 wangweivip 于 2007-6-1 12:32 编辑 ]

mzj

实机状态下,    打开了PG的学习模式(否则根本无法运行程序),

双击"小猫",  没有什么反应, 被咖啡拦截了.

一下是咖啡的日志记录:

2007-6-1        Blocked by Access Protection rule         C:\Program Files\WinRAR\WinRAR.exe        C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX04.267\小猫\setup.exe        User-defined Rules:阻止维金病毒,保护所有的exe文件        Action blocked : Write
2007-6-1        Blocked by Access Protection rule         C:\Program Files\WinRAR\WinRAR.exe        C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX04.267\小猫\setup.exe        Common Standard Protection:Prevent common programs from running files from the Temp folder        Action blocked : Execute
2007-6-1        Blocked by Access Protection rule         C:\Documents and Settings\Administrator\My Documents\我的小软件\virus --test\小猫\setup.exe        D:\setup.exe        User-defined Rules:阻止维金病毒,保护所有的exe文件        Action blocked : Write
2007-6-1        Blocked by Access Protection rule         :\Documents and Settings\Administrator\My Documents\我的小软件\virus --test\小猫\setup.exe        C:\Documents And Settings\All Users\「开始」菜单\程序\启动\setup.exe        User-defined Rules:阻止维金病毒,保护所有的exe文件        Action blocked : Write
2007-6-1        Blocked by Access Protection rule                 C:\Documents and Settings\Administrator\My Documents\我的小软件\virus --test\小猫\setup.exe        D:\setup.exe        User-defined Rules:阻止维金病毒,保护所有的exe文件        Action blocked : Write

mzj

当然,应该不是维金病毒了,
反正我自己的咖啡规则里面把所有的修改 *.exe 的行为都叫做维金.  

[ 本帖最后由 mzj 于 2007-6-1 06:00 编辑 ]

jpzy

怎么我的KIS7拦截的时候显示是Autorun病毒呢？

flykiss

呵呵，猫猫病毒出来了~~[:27:]

010

还是闭咔吧发现
米敢运行

pils

来了。等会儿测。

[:27:]

l10x

过红伞，NOD32杀

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ba6b3263.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2007年6月1日  14:55

Starting the file scan:

Begin scan in 'E:\小猫'


End of the scan: 2007年6月1日  14:55
Used time: 00:01 min

The scan has been done completely.

      1 Scanning directories
      2 Files were scanned
      0 viruses and/or unwanted programs were found
      0 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found


扫描开始时间: 2007-6-1 14:54:40
扫描日志
NOD32 版本 2292 (20070525) NT
命令行: E:\小猫
系统内存<病毒 - > - 操作错误 <错误 ()> [4]
系统内存<病毒 - >

日期: 2007年6月1日  时间: 14:54:44
反 Rookits 技术已启用。
已扫描磁盘、文件夹和文件: E:\小猫\
E:\小猫\setup.exe<病毒 - 未知的 NewHeur_PE 病毒 [7]>
E:\小猫\setup.execz_636Mp三K636Mp三K636Mp三K636Mp三K636Mp三K636Mp三K636Mp三K636Mp三K636Mp三K636Mp三Kill<病毒 - 未知的 NewHeur_PE 病毒 [7]>
已扫描文件数量: 2
已发现病毒数量: 2
完成时间: 14:54:44 总共扫描时间: 0 秒 (00:00:00)

注意:
[7] 文件可能感染了未知病毒。

pils

加壳了，还得脱壳。

不测了。