收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 样本一只……测试下你的杀软,落马的杀软很多很多
123456下一页
返回列表 发新帖
楼主: 赤井秀一
 收起左侧

[病毒样本] 样本一只……测试下你的杀软,落马的杀软很多很多

  [复制链接]
释然的心
发表于 2012-4-26 08:43:39 | 显示全部楼层
瑞星杀毒静默安装???
回复

举报

503468891
发表于 2012-4-26 09:19:24 | 显示全部楼层
Windows Intune Endpoint Protection 2012 miss
回复

举报

503468891
发表于 2012-4-26 09:24:08 | 显示全部楼层
VirSCAN.org Scanned Report :
Scanned time   : 2012/04/26 09:20:42 (CST)
Scanner results: 全部的杀毒软件报告没有发现病毒!
File Name      : 444766.zip
File Size      : 88016 byte
File Type      : Zip archive data, at least v2.0 to extract
MD5            : 0356416c84e195aa542f334b19d9d1ee
SHA1           : 40615fc2369ead0ded4b686f6ac0091e8239f072
Online report  : http://r.virscan.org/7b537798f5601df86e0ed1a75344d975

Scanner        Engine Ver      Sig Ver           Sig Date    Time   Scan result
a-squared      5.1.0.4         20120426080714    2012-04-26  0.45   -
安博士V3       2012.03.26.00   2012.03.26        2012-03-26  3.24   -
AntiVir        8.2.10.24       7.11.25.222       2012-03-22  0.18   -
安天           2.0.18          2.0.18.           0002-18-00  0.29   -
Arcavir        2011            201204241400      2012-04-24  4.09   -
Authentium     5.1.1           201204251825      2012-04-25  1.54   -
AVAST!         4.7.4           120425-1          2012-04-25  0.20   -
AVG            12.0.1782       2409/4959         2012-04-25  0.72   -
BitDefender    7.90123.7094456 7.42049           2012-04-25  3.95   -
ClamAV         0.97.3          14845             2012-04-26  0.23   -
Comodo         5.1             12153             2012-04-25  2.51   -
CP Secure      1.3.0.5         2012.04.26        2012-04-26  0.23   -
Dr.Web         7.0.1.2210      2012.04.23        2012-04-23  12.07  -
F-Prot         4.6.2.117       20120425          2012-04-25  0.97   -
F-Secure       7.02.73807      2012.02.07.03     2012-02-07  2.39   -
飞塔           4.3.392         15.462            2012-04-25  0.24   -
GData          22.4759         20120426          2012-04-26  5.30   -
ViRobot        20120425        2012.04.25        2012-04-25  0.41   -
Ikarus         T3.1.32.20.0    2012.04.25.81034  2012-04-25  5.05   -
江民杀毒       13.0.900        2012.04.25        2012-04-25  2.03   -
卡巴斯基       5.5.10          2012.04.25        2012-04-25  0.37   -
金山毒霸       2009.2.5.15     2012.4.26.9       2012-04-26  0.93   -
迈克菲         5400.1158       6692              2012-04-25  8.49   -
Microsoft      1.8304          2012.04.26        2012-04-26  5.24   -
NOD32          3.0.21          7063              2012-04-17  0.17   -
熊猫卫士       9.05.01         2012.04.25        2012-04-25  2.40   -
趋势科技       9.500-1005      8.940.02          2012-04-25  0.20   -
Quick Heal     11.00           2012.04.25        2012-04-25  1.00   -
瑞星           20.0            24.07.02.01       2012-04-25  2.68   -
Sophos         3.30.0          4.76              2012-04-26  5.58   -
Sunbelt        3.9.2535.2      11839             2012-04-25  0.82   -
赛门铁克       1.3.0.24        20120425.002      2012-04-25  0.37   -
nProtect       20120425.01     11175612          2012-04-25  1.64   -
The Hacker     6.7.0.1         v00451            2012-04-24  0.63   -
VBA32          3.12.16.4       20120425.1149     2012-04-25  4.02   -
VirusBuster    5.5.0.2         14.2.44.0/8481437 2012-04-25  0.19   -
回复

举报

/tiao眼镜鱼
发表于 2012-4-26 09:26:46 | 显示全部楼层
过360和金山
回复

举报

Hacker29cn
发表于 2012-4-26 09:28:11 | 显示全部楼层
八成是瑞星升级保姆吧
http://camas.comodo.com/cgi-bin/ ... b0a7e57aa2ccf4ad0fc
• File Info
Name Value
Size 166552
MD5 c51e852e8300dbf425e097d12b76d79e
SHA1 e5bc718c6ecf9311382ce51f3bf0582fd34ed32b
SHA256 4b3de39841194343a4de2b30d3552f1f4a48de1354e4eb0a7e57aa2ccf4ad0fc
Process Active

• Keys Created
Name Last Write Time
LM\Software\Classes\ClsId\{CAA2D3B1-4BB5-4a45-A17A-122773379D99} 2009.01.09 10:37:29.015

• Keys Changed
• Keys Deleted
• Values Created
Name Type Size Value
LM\Software\Classes\ClsId\{CAA2D3B1-4BB5-4a45-A17A-122773379D99}\ProcID REG_SZ 78 "{D7565346-0BA2-6648-3030-303030303030}"
LM\Software\Microsoft\Windows\CurrentVersion\Run\RavDown REG_SZ 150 ""C:\TEST\sample.exe" /session A88BF3304EFC42ECA84F924FCA733282 /subkey RAV"

• Values Changed
Name Type Size Value
CU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings REG_BINARY/REG_BINARY 56/56 ?/?

• Values Deleted
• Directories Created
Name Last Write Time Creation Time Last Access Time Attr
C:\Documents and Settings\User\Local Settings\Temp\RavDown 2009.01.09 10:37:28.890 2009.01.09 10:37:28.890 2009.01.09 10:37:28.890 0x10

• Directories Changed
• Directories Deleted
• Files Created
Name Size Last Write Time Creation Time Last Access Time Attr
C:\Documents and Settings\User\Local Settings\Temp\RS1.tmp 0 2009.01.09 10:37:29.015 2009.01.09 10:37:29.015 2009.01.09 10:37:29.015 0x20

• Files Changed
• Files Deleted
• Directories Hidden
• Files Hidden
• Drivers Loaded
• Drivers Unloaded
• Processes Created
• Processes Terminated
• Threads Created
PId Process Name TId Start Start Mem Win32 Start Win32 Start Mem
0x2b0 lsass.exe 0x40c 0x7c810856 MEM_IMAGE 0x77e76bf0 MEM_IMAGE
0x2b0 lsass.exe 0x6ec 0x7c810856 MEM_IMAGE 0x75738e06 MEM_IMAGE
0x424 svchost.exe 0x414 0x7c810856 MEM_IMAGE 0x77df9981 MEM_IMAGE

• Modules Loaded
• Windows Api Calls
• DNS Queries
DNS Query Text
cloudinfo.rising.com.cn IN A +
rsup10.rising.com.cn IN A +

• HTTP Queries
HTTP Query Text
cloudinfo.rising.com.cn GET /cloudconfig/GuideConfig5701.xml HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1
rsup10.rising.com.cn GET /Register/OnlineHelper/Web_Online/DownloaderInfo.aspx?info=isIlCKyGMgELExdtJ18tOy4lexovNzN2dAxoY2c7MgFrOg== HTTP/1.1

• Verdict
Auto Analysis Verdict
Suspicious+

• Description
Suspicious Actions Detected
Creates autorun records

• Mutexes Created or Opened
PId Image Name Address Mutex Name
0x4ac C:\TEST\sample.exe 0x40605c Global\{DB37DF94-6157-42e3-8324-3FF035409B59}
0x4ac C:\TEST\sample.exe 0x76ee3a34 RasPbFile
0x4ac C:\TEST\sample.exe 0x771ba3ae _!MSFTHISTORY!_
0x4ac C:\TEST\sample.exe 0x771bc21c WininetConnectionMutex
0x4ac C:\TEST\sample.exe 0x771bc23d WininetProxyRegistryMutex
0x4ac C:\TEST\sample.exe 0x771bc2dd WininetStartupMutex
0x4ac C:\TEST\sample.exe 0x771d9710 c:!documents and settings!user!cookies!
0x4ac C:\TEST\sample.exe 0x771d9710 c:!documents and settings!user!local settings!history!history.ie5!
0x4ac C:\TEST\sample.exe 0x771d9710 c:!documents and settings!user!local settings!temporary internet files!content.ie5!

• Events Created or Opened
PId Image Name Address Event Name
0x4ac C:\TEST\sample.exe 0x769c4ec2 Global\userenv: User Profile setup event
0x4ac C:\TEST\sample.exe 0x77de5f48 Global\SvcctrlStartEvent_A3752DX
回复

举报

天璇诛仙
发表于 2012-4-26 09:31:54 | 显示全部楼层
汗 mse和QQ管家都悲剧了。。。
回复

举报

sanhu35
发表于 2012-4-26 09:42:03 | 显示全部楼层
看操作不太像病毒,但又有点可疑
回复

举报

赤井秀一
 楼主| 发表于 2012-4-26 09:56:25 | 显示全部楼层
503468891 发表于 2012-4-26 09:24
VirSCAN.org Scanned Report :
Scanned time   : 2012/04/26 09:20:42 (CST)
Scanner results: 全部的杀毒 ...

那你双击了吗?
回复

举报

消停
头像被屏蔽
发表于 2012-4-26 10:19:53 | 显示全部楼层
过诺顿扫描+双击,然后被安装上了瑞星!
回复

举报

再见ろ、往事。
发表于 2012-4-26 10:22:07 | 显示全部楼层
微点不报
回复

举报

下一页 »
123456下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 17:08 , Processed in 0.100242 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表