精睿论坛样本测试（06.28）

显示全部楼层 · 发表于 2012-6-28 11:43:15

样本地址：高速下载

（多线程，无限速，推荐使用IDM全速下载）

样本密码：江流天地外，山色有无中。
样本数量：50

显示全部楼层 · 发表于 2012-6-28 12:02:51

解压之后，一共是50个样本：

大蜘蛛发现44个：

修复其中的1个：
vc520628\BillLab-11.vc52 - cured
其中一个是损坏的文件，无法扫描：
vc520628\BillLab-48.vc52 - packed by UPX
vc520628\BillLab-48.vc52 is RAR archive
vc520628\BillLab-48.vc52 - archive, incomplete
vc520628\BillLab-48.vc52 - archive, incomplete
扫描统计：
Total 21531817 bytes in 50 files scanned (109 objects)
Total 5 files (62 objects) are clean
Total 44 files are infected
Total 44 files are neutralized
Total 1 file are raised error condition
Scan time is 00:00:04.303
剩余7个样本：

提出修复的样本和损坏的样本，余下5个已上报。

显示全部楼层 · 发表于 2012-6-28 12:18:43

本帖最后由悠柚于 2012-6-28 12:25 编辑

Fortinet
D:\Download\FortiClient\BillLab-1.vc52,查到病毒： W32/Kryptik.JTR!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-10.vc52,查到病毒： W32/Klez.fam@mm, 操作：已修复
D:\Download\FortiClient\BillLab-11.vc52,查到病毒： W32/Ramnit.A, 操作：删除/隔离
D:\Download\FortiClient\BillLab-13.vc52,查到病毒： W32/Sasfis.G!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-15.vc52,查到病毒： W32/VBKrypt.CA!tr, 操作：已修复
D:\Download\FortiClient\BillLab-17.vc52,查到病毒： Riskware/ArchSMS, 操作：删除/隔离
D:\Download\FortiClient\BillLab-18.vc52,查到病毒： W32/VBKrypt.CA!tr, 操作：已修复
D:\Download\FortiClient\BillLab-19.vc52,查到病毒： W32/Klink.FN!tr.dldr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-2.vc52,查到病毒： W32/Kryptik.AB!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-22.vc52,查到病毒： W32/Mmorpg.KY!tr.pws, 操作：删除/隔离
D:\Download\FortiClient\BillLab-23.vc52,查到病毒： W32/KillAV.XXX!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-25.vc52,查到病毒： W32/AutoRun.FI!worm, 操作：已修复
D:\Download\FortiClient\BillLab-26.vc52,查到病毒： W32/Cidox.SNV!tr, 操作：已修复
D:\Download\FortiClient\BillLab-27.vc52,查到病毒： W32/Allaple.gen!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-28.vc52,查到病毒： Riskware/InstallCore.AAAA, 操作：删除/隔离
D:\Download\FortiClient\BillLab-29.vc52,查到病毒： W32/Delf.PBT!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-3.vc52,查到病毒： W32/Frethoq.ESF!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-30.vc52,查到病毒： W32/MultiBarDownloader!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-32.vc52,查到病毒： W32/VBKrypt.BRUJ!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-36.vc52,查到病毒： W32/LPECrypt.A!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-4.vc52,查到病毒： W32/Kryptik.WDV!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-40.vc52,查到病毒： W32/Mydoom.M!dam, 操作：已修复
D:\Download\FortiClient\BillLab-42.vc52,查到病毒： W32/LPECrypt.A!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-43.vc52,查到病毒： Riskware/InstallCore.AAAA, 操作：删除/隔离
D:\Download\FortiClient\BillLab-46.vc52,查到病毒： W32/Kryptik.XUW!tr, 操作：已修复
D:\Download\FortiClient\BillLab-47.vc52,查到病毒： Adware/Hotbar, 操作：删除/隔离
D:\Download\FortiClient\BillLab-49.vc52,查到病毒： W32/Alman.DB, 操作：删除/隔离
D:\Download\FortiClient\BillLab-5.vc52,查到病毒： W32/Kryptik.WDV!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-7.vc52,查到病毒： W32/FraudPack.CG!tr, 操作：删除/隔离
D:\Download\FortiClient\BillLab-8.vc52,查到病毒： W32/LPECrypt.A!tr, 操作：删除/隔离

30/50=60%

FS 45/50=90%

显示全部楼层 · 发表于 2012-6-28 12:28:02

FS杀44，再压缩杀一个，上报

显示全部楼层 · 发表于 2012-6-28 12:29:50

本帖最后由无奈的C 于 2012-6-28 12:37 编辑

小a
全是解压时候杀的解压好后右键
剩余8个文件

剩余样本为

显示全部楼层 · 发表于 2012-6-28 12:39:46

对了小a如何上报？？？

显示全部楼层 · 发表于 2012-6-28 12:54:54

火眼：https://fireeye.ijinshan.com/ana ... 5809ff2ba3fe2d0135d

https://fireeye.ijinshan.com/ana ... 38de18fc7eff38d0228

基本信息
文件名称：IDMan.exe
文件哈希：6feb063276bf038de18fc7eff38d0228
文件大小：3453952字节
创建时间：2012-06-28 12:46:10
文件类型：EXE
PEID信息：Microsoft Visual C++ 6.0
文件注释：http://www.internetdownloadmanager.com
公司描述：Tonec Inc.
文件描述：Internet Download Manager (IDM)
文件版本：6, 11, 2, 1
版权所有：Tonec Inc., Copyright © 1999 - 2012
合法商标：Internet Download Manager
原始文件名：IDMan.exe
产品名称：Internet Download Manager (IDM)
产品版本：6, 11, 2, 1
危险行为监控
其他行为监控行为描述：隐藏指定窗口
附加信息：#32770 : [IDMan.exe]

行为描述：检测是否存在指定注册表键
附加信息：HKEY_CURRENT_USER\Software\DownloadManager\

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\

HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions

HKEY_CURRENT_USER\Software\Opera Software

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4}

HKEY_LOCAL_MACHINE\SOFTWARE\FullCircle\TalkBack

HKEY_LOCAL_MACHINE\SOFTWARE\Internet Download Manager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objec...

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE5B8E34-973C-4FBE...

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Netscape Navigator

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\SeaMonkey

HKEY_LOCAL_MACHINE\SOFTWARE\Netscape\Netscape

HKEY_LOCAL_MACHINE\SOFTWARE\Netscape\Netscape 6

HKEY_LOCAL_MACHINE\SOFTWARE\Netscape\Netscape Browser

HKEY_LOCAL_MACHINE\SOFTWARE\mozilla.org\Mozilla

HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}

HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{6DDF00DB-1234-46EC-8356-27E7B2051192}

HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}

HKEY_LOCAL_MACHINE\Software\Flock\Flock

HKEY_LOCAL_MACHINE\Software\Mozilla\Aurora

HKEY_LOCAL_MACHINE\Software\Mozilla\Mozilla Firefox

HKEY_LOCAL_MACHINE\Software\mozilla.org\Mozilla Firefox

行为描述：添加开机自启动项
附加信息：[IDMan] : %SampleStore%\IDMan.exe /onboot

行为描述：创建互斥体
附加信息："Tonec_Internet_Download_Manager_MTX"

行为描述：查找文件
附加信息："%APPDATA%\IDM\Grabber\Projects\*.gsd"

"%APPDATA%\IDM\Scheduler\q_*.dt"

"%SampleStore%\Languages\idm_*.lng"

"%SampleStore%\Toolbar\*.tbi"

行为描述：提升权限
附加信息："SeRestorePrivilege"

文件操作监控
操作文件MD5 文件大小文件路径
释放后删除 b35bf5f2b53fc8d10169b975c9670030 13 %APPDATA%\IDM\temp.htm
新增 a37a7e9af7ed0285126c4912e43b69d7 22 %APPDATA%\IDM\DwnlData\Administrat...
新增 3515f6990e46be35dd105c38e0b571aa 304 %APPDATA%\IDM\Scheduler\s_1.dt
新增 7aafdeb867e41f8f536bec303ebcaf98 628 %APPDATA%\IDM\DwnlData\Administrat...
进程操作监控
创建进程：net.exe
启动参数：start idmtdi
创建进程：%ProgramFiles%\Internet Explorer\iexplore.exe
启动参数：http://www.internetdownloadmanager.com/welcome.html?v=611bb2注册表监控新增删除修改 HKEY_CLASSES_ROOT\CLSID\{6DDF00DB-1234-46EC-8356-27E7B2051192}
[Model] = [0x000000a5]
[Therad] = [0x00000001]
HKEY_CLASSES_ROOT\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4}
[(NULL)] = [IDMan.CIDMLinkTransmitter]
HKEY_CLASSES_ROOT\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4}\LocalServer32
[(NULL)] = [%SampleStore%\IDMan.exe]
HKEY_CLASSES_ROOT\CLSID\{D5B91409-A8CA-4973-9A0B-59F713D25671}
HKEY_CLASSES_ROOT\IDMan.CIDMLinkTransmitter
HKEY_CLASSES_ROOT\IDMan.CIDMLinkTransmitter\CLSID
[(NULL)] = [{AC746233-E9D3-49CD-862F-068F7B7CCCA4}]
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\ftp
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\https
HKEY_CURRENT_USER\Software\Classes\CLSID\{D5B91409-A8CA-4973-9A0B-59F713D25671}
HKEY_CURRENT_USER\Software\DownloadManager
[AppDataIDMFolder] = [%APPDATA%\IDM\]
[MonitorUrlClipboard] = [0x00000000]
[mzcc_ext_vers] = [0x00001c95]
[FindApps] = [0x00000000]
[UseHttpProxy] = [0x00000000]
[LastCheck] = [06/14/12]
[EnableDriver] = [0x00000001]
[IntegrateNN] = [0x00000001]
[ExceptionServers] = [*.update.microsoft.com download.windowsupdate.com siteseal.thawte.co...
[UseFtpProxy] = [0x00000000]
[Extensions] = [3GP 7Z AAC ACE AIF ARJ ASF AVI BIN BZ2 EXE GZ GZIP IMG ISO LZH M4A M4V MKV...
[intAOFRWE] = [0x00000001]
[idmvers] = [v6.11bb2 Full]
[LaunchOnStart] = [0x00000001]
[lastintres] = [0x00000000]
[FtpPasive] = [0x00000000]
[TempPath] = [%APPDATA%\IDM\]
[ConnectionType] = [0x00000000]
[ConnectionSpeed] = [0x00000000]
[isSSW_OK] = [0x00000000]
[nDESC8] = [0x00000001]
[nDESC7] = [0x00000001]
[mzcc_vers] = [0x0000eead]
[FSSettingsChecked] = [0x00000001]
[trayIcon] = [0x00000001]
[Rememb
HKEY_CURRENT_USER\Software\DownloadManager\1
[cFlags] = [0x00000000]
[U0_u] = [tcidm]
[CategoryID] = [0x00000000]
[bOUD_Ch] = [0x00000001]
[LocalFileName] = [%APPDATA%\IDM\DwnlData\Administrator\update610b_1\update610b.txt]
[lastTryDate] = [Jun 14 17:15:58 2012]
[TPswitch] = [0x00000001]
[dateAdded] = [Jun 14 17:15:58 2012]
[ua] = [Mozilla/4.0 (compatible
MSIE 8.0
Windows NT 5.1)]
[Host] = [www.internetdownloadmanager.com]
[User] = [tcidm]
[Port] = [0x00000050]
[Status] = [0x00000001]
[LocalPath] = [%APPDATA%\IDM\DwnlData\Administrator\update610b_1\]
[CISBU] = [0x00000000]
[LogFileName] = [%APPDATA%\IDM\DwnlData\Administrator\update610b_1\update610b_1.log]
[Path] = [/data/]
[FileName] = [update610b.txt]
HKEY_CURRENT_USER\Software\DownloadManager\1\ChList
HKEY_CURRENT_USER\Software\DownloadManager\ConfigTime
[(NULL)] = [0x4fd9abc8]
HKEY_CURRENT_USER\Software\DownloadManager\DwnlPanel
[F4V] = [0x00000001]
[MOV] = [0x00000001]
[WEBM] = [0x00000001]
[RM] = [0x00000001]
[AVI] = [0x00000001]
[OGG] = [0x00000001]
[MP4] = [0x00000001]
[mp3] = [0x00000001]
[ASF] = [0x00000001]
[FLV] = [0x00000001]
[M4A] = [0x00000001]
[OGV] = [0x00000001]
[M4V] = [0x00000001]
[MPG] = [0x00000001]
[WAV] = [0x00000001]
[Mpeg] = [0x00000001]
[3GP] = [0x00000001]
[QT] = [0x00000001]
[WMA] = [0x00000001]
[WMV] = [0x00000001]
HKEY_CURRENT_USER\Software\DownloadManager\FoldersTree
HKEY_CURRENT_USER\Software\DownloadManager\FoldersTree\Compressed
[Mask] = [zip rar r0* r1* arj gz sit sitx sea ace bz2 7z]
[ID] = [0x00000007]
[rememberLastPath] = [0x00000000]
HKEY_CURRENT_USER\Software\DownloadManager\FoldersTree\Documents
[rememberLastPath] = [0x00000000]
[Mask] = [doc pdf ppt pps]
[ID] = [0x00000005]
HKEY_CURRENT_USER\Software\DownloadManager\FoldersTree\Music
[Mask] = [mp3 wav wma mpa ram ra aac aif m4a]
[rememberLastPath] = [0x00000000]
[ID] = [0x00000002]
HKEY_CURRENT_USER\Software\DownloadManager\FoldersTree\Programs
[Mask] = [exe msi]
[ID] = [0x00000001]
[rememberLastPath] = [0x00000000]
HKEY_CURRENT_USER\Software\DownloadManager\FoldersTree\Video
[Mask] = [avi mpg mpe mpeg asf wmv mov qt rm mp4 flv m4v webm ogv ogg]
[ID] = [0x00000003]
[rememberLastPath] = [0x00000000]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\chrome
[int] = [0x00000001]
[Name] = [Google Chrome]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\Firefox
[Name] = [Mozilla firefox]
[int] = [0x00000001]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\IEXPLORE
[Name] = [Internet Explorer]
[int] = [0x00000001]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\Mozilla
[int] = [0x00000001]
[Name] = [Mozilla]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\NETSCP
[int] = [0x00000001]
[Name] = [Netscape 6 and later]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\OPERA
[Name] = [Opera]
[int] = [0x00000001]
HKEY_CURRENT_USER\Software\DownloadManager\IDMBI\Safari
[int] = [0x00000001]
[Name] = [Apple Safari]
HKEY_CURRENT_USER\Software\DownloadManager\ListSettings
HKEY_CURRENT_USER\Software\DownloadManager\maxID
[maxID] = [0x00000001]
HKEY_CURRENT_USER\Software\DownloadManager\MCN
HKEY_CURRENT_USER\Software\DownloadManager\menuExt
[ffdownlAll_str] = [Download all links with IDM]
[ffdownlppFLV_str] = [Download FLV video with IDM]
[ffdownl10FLVa_str] = [Download FLV videos with IDM from 10 last requested]
[ffdownl10FLV_str] = [Choose from 10 last requested FLV videos]
[ffdownlFLV_v] = [0x00000002]
[ffdownlFLVa_str] = [Download last requested FLV video with IDM]
[ffdownl1_str] = [Download with IDM]
[ffdownl10FLV_v] = [0x00000002]
[iedownlAll_str] = [Download all links with IDM]
[iedownl1_str] = [Download with IDM]
[ffdownlFLV_str] = [Download last requested FLV video]
HKEY_CURRENT_USER\Software\DownloadManager\Passwords
HKEY_CURRENT_USER\Software\DownloadManager\Queue
HKEY_CURRENT_USER\Software\DownloadManager\Scheduler
HKEY_CURRENT_USER\Software\DownloadManager\SpecialKeys
[AltP] = [0x00000001]
[UseKeyToForce] = [0x00000000]
[ShiftP] = [0x00000000]
[InsF] = [0x00000001]
[ShiftF] = [0x00000000]
[SkipHtml] = [0x00000001]
[UseKeyToPrevent] = [0x00000001]
[AltF] = [0x00000000]
[CtrlF] = [0x00000000]
[CheckMouse] = [0x00000000]
[CtrlP] = [0x00000000]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
[DownloadUI] = [{7D11E719-FF90-479C-B0D7-96EB43EE55D7}]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\DragDrop
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\DragDrop\{19129CDA-AFC0-4330-99BC-...
[Policy] = [0x00000003]
[AppPath] = [%SampleStore%]
[AppName] = [IDMan.exe]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C...
[AppPath] = [%SampleStore%]
[Policy] = [0x00000003]
[AppName] = [IEMonitor.exe]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46E...
[AppPath] = [%SampleStore%]
[Policy] = [0x00000003]
[AppName] = [IDMan.exe]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all links with IDM
[(NULL)] = [%SampleStore%\IEGetAll.htm]
[Contexts] = [0x000000f3]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with IDM
[Contexts] = [0x000000f3]
[(NULL)] = [%SampleStore%\IEExt.htm]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B45...
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B45...
[Time] = [\xdc\x07\x06\x00\x04...]
[Type] = [0x00000003]
[Count] = [0x00000001]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E2DD38-D088-4134-82B7-F2BA3...
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E2DD38-D088-4134-82B7-F2BA3...
[Time] = [\xdc\x07\x06\x00\x04...]
[Count] = [0x00000001]
[Type] = [0x00000004]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB5F1910-F110-11D2-BB9E-00C04...
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB5F1910-F110-11D2-BB9E-00C04...
[Type] = [0x00000004]
[Time] = [\xdc\x07\x06\x00\x04...]
[Count] = [0x00000001]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[IDMan] = [%SampleStore%\IDMan.exe /onboot]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDF00DB-1234-46EC-8356-27E7B2051192}
[Model] = [0x000000a5]
[Therad] = [0x00000001]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4}
[(NULL)] = [IDMan.CIDMLinkTransmitter]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC746233-E9D3-49CD-862F-068F7B7CCCA4}\LocalServer32
[(NULL)] = [%SampleStore%\IDMan.exe]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IDMan.CIDMLinkTransmitter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IDMan.CIDMLinkTransmitter\CLSID
[(NULL)] = [{AC746233-E9D3-49CD-862F-068F7B7CCCA4}]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\ftp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\http
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\https
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Download Manager
[AdvIntDriverEnabled2] = [0x00000001]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer
[DownloadUI] = [{7D11E719-FF90-479C-B0D7-96EB43EE55D7}]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C0...
[NoExplorer] = [0x00000001]
[(NULL)] = [IDM Helper]网络监控
网络操作
【获取主机信息】www.internetdownloadmanager.com
【访问网址】http://www.internetdownloadmanager.com/welcome.html?v=611bb2
【连接主机】www.internetdownloadmanager.com:80

以及：
危险行为监控
行为描述：释放DLL到系统目录，并通过修改注册表将DLL注入到其他进程
附加信息：%ProgramFiles%\Internet Download Manager\IDMGetAll.dll

%ProgramFiles%\Internet Download Manager\IDMIECC.dll

%ProgramFiles%\Internet Download Manager\downlWithIDM.dll

%ProgramFiles%\Internet Download Manager\idmfsa.dll

显示全部楼层 · 发表于 2012-6-28 12:55:42

ESET 45/50 剩余5x 数字卫士上传鉴定4x

To ESET

显示全部楼层 · 发表于 2012-6-28 13:10:40

无奈的C 发表于 2012-6-28 12:39
对了小a如何上报？？？

邮箱
"小a实验室"<virus@avast.com>;

显示全部楼层 · 发表于 2012-6-28 13:17:03

本帖最后由紫夜M冰凝于 2012-6-28 13:46 编辑

诺顿查杀60%

[病毒样本] 精睿论坛样本测试（06.28）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

评分

本帖子中包含更多资源