FakeAV (613, 621, 628L 更新) 停更

显示全部楼层 · 发表于 2012-7-9 19:18:53

本帖最后由 hx1997 于 2012-7-9 22:22 编辑

更新 2×

Live Security Platinum / Winwebsec

CRC-32: Cyclic redundancy check, 32 bit: A6E48489
MD5: Message-Digest algorithm 5: 1B1323D08AB2AB2AC4BBFDD3699687F7
SHA-1: US Secure Hash Algorithm 1: 14985183530452EC5639845BE48370E9A5A13A73
SHA-256: US Secure Hash Algorithm: 8F2F4576A27C8BC723A628DEAFD65111C968F37E5A5D870F85C149AC62AAE413

To ESET.

Dear Hx0755,

Thank you for your submission.
The detection for this threat will be included in our next signature update.

1B1323D08AB2AB2AC4BBFDD3699687F7.exe - Win32/Adware.SystemSecurity.AL application

Regards,

ESET Malware Response Team

显示全部楼层 · 发表于 2012-7-9 19:31:00

431L,大蜘蛛clean，已上报

显示全部楼层 · 发表于 2012-7-9 19:37:39

hx1997 发表于 2012-7-9 17:54
更新 4×

Live Security Platinum / Winwebsec

kaspersky killed all

显示全部楼层 · 发表于 2012-7-9 19:42:00

431L
QVM 20 清空

显示全部楼层 · 发表于 2012-7-9 22:28:19

更新 2×

Live Security Platinum / Winwebsec

CRC-32: Cyclic redundancy check, 32 bit: 1EECF4A6
MD5: Message-Digest algorithm 5: C215C3A0952016EF1EADB8CB8616B8E0
SHA-1: US Secure Hash Algorithm 1: 1ADFB8D3AE878910A2F4F63285EF9F506B706116
SHA-256: US Secure Hash Algorithm: 56FB3366ADDF9DEADDA43A4CFA3BBB3251AF89169E0A97F0F4DA000DFBC7F044

是 ESET 加基因码了还是巧合？

K:\Malware Database\samples\8ABCAAFBDDA480F631448E9581A0662D.exe - probably a variant of Win32/Kryptik.AICW trojan
K:\Malware Database\samples\C215C3A0952016EF1EADB8CB8616B8E0.exe - probably a variant of Win32/Kryptik.AICW trojan

显示全部楼层 · 发表于 2012-7-10 09:02:11

本帖最后由 hx1997 于 2012-7-10 18:52 编辑

更新 20×，变种挺快的

Live Security Platinum / Winwebsec

CRC-32: Cyclic redundancy check, 32 bit: C6C4F15C
MD5: Message-Digest algorithm 5: C4D7E3F19160F97A3EBBFFB5BBC2BAA0
SHA-1: US Secure Hash Algorithm 1: B9D77676FAE68ADE573D82988B8095B0D1084C23
SHA-256: US Secure Hash Algorithm: 8FAF83DACA8CAF116700E9DB6CC55F177D96C7C61A457BF7068967D9BF3B3924

To ESET.

Dear Hx0755,

Thank you for your submission.
The detection for this threat will be included in our next signature update.

Regards,

ESET Malware Response Team

http://www.kuaipan.cn/file/id_11112673827618871.html

显示全部楼层 · 发表于 2012-7-10 09:11:05

436 360sd kill all

360杀毒扫描日志

病毒库版本：
扫描时间：2012-07-10 09:08:41
扫描用时：00:00:05
扫描类型：右键扫描
扫描文件总数：20
威胁总数：20
清除威胁数：0

扫描选项
----------------------
扫描系统异常项：否
扫描所有文件：否
扫描压缩包：否
发现病毒处理方式：由用户选择处理
使用云查杀引擎：是
扫描磁盘引导区：是
扫描 Rootkit：否
使用QVM启发式引擎：是
常规引擎设置：未使用

扫描内容
----------------------
C:\Documents and Settings\Administrator\桌面\Live Security Platinum

白名单设置
----------------------

扫描结果
======================
病毒扫描结果
----------------------
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\A75A8DD0C611D25E8ED61DC1E00D25DC.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\C12C7D3051BC0BBD971704D5F933418D.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\E844A8EC36315DC0E9B779FC708980E2.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\05E73C146118A026ED9D09D6ED0429F8.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\18C594AFB529A45791E3423950D8316E.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\226FC207AF3E3CD1D0EC6B10D9407C8B.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\284AD4063484A2605B9275AC0BD52883.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\4F03EDD1BEBBF3308C98C75A5673A9EA.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\59E2CF04AADF037B6ECA3C03BC0F1ADC.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\94E316BED3B89F5D06CD33310531C5DF.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\97EA42E2B2E1E05DB60BA1B9C98DB6B4.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\9EF6D62865577C55FFC4F0AE080D3F39.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\A125F301589FCB9B9948FA04B2950BA3.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\ACA1BE4F36982E83C8EB26FF5330AA8D.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\B754F34D48B80D8CD9AE6D50299A0B78.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\C30EC2EBAC151EBE7B90921302D0CF14.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\C4D7E3F19160F97A3EBBFFB5BBC2BAA0.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\C8CE0E370C1B8C6C500C1F275CC1FB2A.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\DC487A4FA6252C416354DA6D3FEFB593.exe HEUR/Malware.QVM07.Gen 未处理
C:\Documents and Settings\Administrator\桌面\Live Security Platinum\F044F0490837DD7EC16A4F13FE9836B4.exe HEUR/Malware.QVM07.Gen 未处理

可疑文件上传结果
----------------------
c:\documents and settings\administrator\桌面\live security platinum\05e73c146118a026ed9d09d6ed0429f8.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\18c594afb529a45791e3423950d8316e.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\226fc207af3e3cd1d0ec6b10d9407c8b.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\284ad4063484a2605b9275ac0bd52883.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\4f03edd1bebbf3308c98c75a5673a9ea.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\59e2cf04aadf037b6eca3c03bc0f1adc.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\94e316bed3b89f5d06cd33310531c5df.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\97ea42e2b2e1e05db60ba1b9c98db6b4.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\9ef6d62865577c55ffc4f0ae080d3f39.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\a125f301589fcb9b9948fa04b2950ba3.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\aca1be4f36982e83c8eb26ff5330aa8d.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\b754f34d48b80d8cd9ae6d50299a0b78.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\c30ec2ebac151ebe7b90921302d0cf14.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\c4d7e3f19160f97a3ebbffb5bbc2baa0.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\c8ce0e370c1b8c6c500c1f275cc1fb2a.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\dc487a4fa6252c416354da6d3fefb593.exe 上传成功
c:\documents and settings\administrator\桌面\live security platinum\f044f0490837dd7ec16a4f13fe9836b4.exe 上传成功

显示全部楼层 · 发表于 2012-7-10 09:19:15

AVG

431L
"C:\Users\Administrator\Desktop\Live Security Platinum\1B1323D08AB2AB2AC4BBFDD3699687F7.exe";"Virus found Win32/Cryptor";"Infected"
"C:\Users\Administrator\Desktop\Live Security Platinum\29F98E8AF1E59CAA6571C3DB3480666A.exe";"Virus found Win32/Cryptor";"Infected"

435L & 436L
To AVG.

显示全部楼层 · 发表于 2012-7-10 09:25:59

431-436L
hitman kill23x

显示全部楼层 · 发表于 2012-7-10 10:56:00

大蜘蛛：
435L：
8ABCAAFBDDA480F631448E9581A0662D.exe - infected with Trojan.Fakealert.32460
C215C3A0952016EF1EADB8CB8616B8E0.exe - infected with Trojan.Fakealert.32460

436L:

[病毒样本] FakeAV (613, 621, 628L 更新) 停更

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源