標題: [軟件] Combofix [打印本頁]

---

作者: 62561    時間: 2011-11-13 22:14     標題: Combofix

前排電腦疑似中毒,雖然防毒軟件報告話所有威脅已清除,但恐防都係殺得唔乾淨.
有人話Combofix殺毒一流,試唔試下好呢?

---

作者: qcmadness    時間: 2011-11-13 22:15

如果知係咩毒, 直接睇下symantec既database仲好

---

作者: 62561    時間: 2011-11-13 22:18

引用:

原帖由 qcmadness 於 2011-11-13 22:15 發表
如果知係咩毒, 直接睇下symantec既database仲好

Trojan
Trojan Downloader

---

作者: qcmadness    時間: 2011-11-13 22:22

http://www.symantec.com/security ... lorer/azlisting.jsp

---

作者: 62561    時間: 2011-11-13 22:32

FakeSysdef
Alureon
Karagany.F

---

作者: qcmadness    時間: 2011-11-13 22:36

http://home.mcafee.com/virusinfo ... spx?key=672195#none

---

作者: 62561    時間: 2011-11-13 22:44

又掃一次毒,佢話冇事.

---

作者: qcmadness    時間: 2011-11-13 22:46

引用:

原帖由 62561 於 2011-11-13 22:44 發表
又掃一次毒,佢話冇事.

咁樣check

引用:

System Changes

Some path values have been replaced with environment variables as the exact location may vary with different configurations.
e.g.
%WINDIR% = \WINDOWS (Windows 9x/ME/XP/Vista/7), \WINNT (Windows NT/2000)
%PROGRAMFILES% = \Program Files

The following files were analyzed:

e5dedc61d53f11c56825e20273e5689f
        The following files have been added to the system:
       

    %TEMP%\~!#10.tmp

    %TEMP%\~!#11.tmp

    %TEMP%\~!#12.tmp

    %TEMP%\~!#C.tmp

    %TEMP%\~!#D.tmp

    %TEMP%\~!#E.tmp

    %TEMP%\~!#9.tmp

    %TEMP%\~!#A.tmp

    %TEMP%\~!#B.tmp

    %TEMP%\~!#F.tmp

        The applications attempted the following network connection(s):
       

    46.4.108.**:80

    hxxp://dark-chicken.xe.cx/*****

---

歡迎光臨 HKSpot (https://bbs.hk-spot.com/)

Powered by Discuz! 6.0 Lite