CLIENT 103楼更新

显示全部楼层 · 发表于 2011-5-4 19:42:54

UPDATE

显示全部楼层 · 发表于 2011-5-4 19:45:09

11L qvm20

显示全部楼层 · 发表于 2011-5-4 19:45:48

過大蜘蛛，已上報！

显示全部楼层 · 发表于 2011-5-4 20:32:31

金山毒霸云鉴定管理器
http://www.ijinshan.com

文件安全信息：
文件路径：C:\Users\qwead\Desktop\client1.exe
文件状况：安全

文件广度：

文件鉴定时间：2011-05-04 20:29:38

文件签名：
文件指纹-MD5：d41d8cd98f00b204e9800998ecf8427e

显示全部楼层 · 发表于 2011-5-4 20:45:27

本帖最后由三生缘石于 2011-5-4 21:07 编辑

11L
to eset

[/quote]
[quote]Dear 微亿毫,

Thank you for your submission.
The detection for this threat will be included in our next signature update.

client.exe - Win32/Kelihos.A trojan

Regards,

Dalibor Drzik
Malware Researcher
ESET spol. s r.o.

显示全部楼层 · 发表于 2011-5-4 20:47:44

11L
KIS 检测到两威胁

显示全部楼层 · 发表于 2011-5-4 20:56:41

Firewall: Automatic decision 2011/5/4 20:52 Blocked C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access blocked to: 127.0.0.1:50214
Firewall: User decision 2011/5/4 20:52 Blocked C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access blocked to: 192.168.1.100:80
Firewall: User decision 2011/5/4 20:52 Blocked C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access blocked to: (xfstat.qq.com) 127.0.0.1:50208
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 122.100.69.5:80
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: (xfstat.qq.com) 127.0.0.1:50205
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 119.201.243.41:80
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: (xfstat.qq.com) 127.0.0.1:50202
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 192.168.1.100:80
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 14.32.101.44:80
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 121.143.148.14:80
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: (xfstat.qq.com) 127.0.0.1:50197
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 14.32.101.44:80
Program Guard: client.exe 2011/5/4 20:52 Blocked C:\Users\xxxx\Desktop\client\client.exe wants to get a list of the files F:\*
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: 14.32.101.44:80
Program Guard: client.exe 2011/5/4 20:52 Blocked C:\Users\xxxx\Desktop\client\client.exe wants to get a list of the files E:\*
Firewall: User decision 2011/5/4 20:52 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: (xfstat.qq.com) 127.0.0.1:50191
Program Guard: client.exe 2011/5/4 20:51 Blocked C:\Users\xxxx\Desktop\client\client.exe wants to get a list of the files D:\*
Firewall: User decision 2011/5/4 20:51 Allowed C:\Users\xxxx\Desktop\client\client.exe, Outgoing TCP access allowed to: (xfstat.qq.com) 127.0.0.1:50191
Program Guard: client.exe 2011/5/4 20:51 Blocked C:\Users\xxxx\Desktop\client\client.exe wants to get a list of the files C:\*
Program Guard: client.exe 2011/5/4 20:51 Allowed C:\Windows\explorer.exe -> C:\Users\xxxx\Desktop\client\client.exe

显示全部楼层 · 发表于 2011-5-4 22:28:52

本帖最后由 594157544 于 2011-5-4 22:53 编辑

卡巴斯基一点都不给力啊！！

显示全部楼层 · 发表于 2011-5-4 22:30:42

回复 18楼 594157544 的帖子

我等你做行为分析呢

显示全部楼层 · 发表于 2011-5-4 22:34:40

kurakimai 发表于 2011-5-4 22:30
回复 18楼 594157544 的帖子

我等你做行为分析呢

⊙﹏⊙b汗今天恐怕不行啦，卡巴扫描都是到66%就卡住了，电脑都有点假死啦

[病毒样本] CLIENT 103楼更新

浏览过的版块