17PHolmes.cmt又更新，质量不错（卡巴回复为病毒）

显示全部楼层 · 发表于 2008-8-6 19:15:49

McAfee miss

显示全部楼层 · 发表于 2008-8-6 20:14:40

是毒吗?

显示全部楼层 · 发表于 2008-8-6 20:18:41

The file '17PHolmes.cmt' has been determined to be 'CLEAN'. Our analysts did not discovered any malicious content.

显示全部楼层 · 发表于 2008-8-6 20:34:52

我晕……
这个17PHolmes.cmt应该很少出错才是啊……我上报卡巴看看……

显示全部楼层 · 发表于 2008-8-6 20:36:53

MISS . to lab

显示全部楼层 · 发表于 2008-8-6 21:42:05

Hello,

17PHolmes.cmt - Trojan-Downloader.Win32.Homles.ce

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Namestnikov Yury
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

> Attachment: 17PHolmes.cmt

显示全部楼层 · 发表于 2008-8-6 21:47:53

cmt怎么测试？

显示全部楼层 · 发表于 2008-8-6 21:49:08

红伞和卡巴的分析老是不一样

显示全部楼层 · 发表于 2008-8-6 21:55:37

PASS

显示全部楼层 · 发表于 2008-8-6 23:07:35

檔案 17PHolmes.rar 接收於 2008.08.06 17:05:13 (CET)

反病毒引擎	版本	最後更新	掃瞄結果
AhnLab-V3	2008.8.6.2	2008.08.06	-
AntiVir	7.8.1.15	2008.08.06	-
Authentium	5.1.0.4	2008.08.05	-
Avast	4.8.1195.0	2008.08.06	-
AVG	8.0.0.156	2008.08.06	-
BitDefender	7.2	2008.08.06	-
CAT-QuickHeal	9.50	2008.08.06	-
ClamAV	0.93.1	2008.08.06	-
DrWeb	4.44.0.09170	2008.08.06	-
eSafe	7.0.17.0	2008.08.06	Suspicious File
eTrust-Vet	31.6.6015	2008.08.06	-
Ewido	4.0	2008.08.06	-
F-Prot	4.4.4.56	2008.08.05	-
F-Secure	7.60.13501.0	2008.08.06	-
Fortinet	3.14.0.0	2008.08.06	-
GData	2.0.7306.1023	2008.08.06	-
Ikarus	T3.1.1.34.0	2008.08.06	-
K7AntiVirus	7.10.405	2008.08.06	-
Kaspersky	7.0.0.125	2008.08.06	-
McAfee	5354	2008.08.05	-
Microsoft	1.3807	2008.08.06	Trojan:Win32/Matcash
NOD32v2	3332	2008.08.06	-
Norman	5.80.02	2008.08.06	-
Panda	9.0.0.4	2008.08.06	-
PCTools	4.4.2.0	2008.08.06	-
Prevx1	V2	2008.08.06	Malware Dropper
Rising	20.56.22.00	2008.08.06	-
Sophos	4.31.0	2008.08.06	-
Sunbelt	3.1.1537.1	2008.08.06	-
Symantec	10	2008.08.06	-
TheHacker	6.2.96.393	2008.08.04	-
TrendMicro	8.700.0.1004	2008.08.06	PAK_Generic.001
VBA32	3.12.8.2	2008.08.05	-
ViRobot	2008.8.6.1326	2008.08.06	-
VirusBuster	4.5.11.0	2008.08.05	-
Webwasher-Gateway	6.6.2	2008.08.06	-

附加訊息
File size: 100072 bytes
MD5...: b9c396a4bf95bad36c594bc5624d8720
SHA1..: 0effbe577b63ffd17fddd07c3f5966aaf3605512
SHA256: 589b560baab492e19ab163c7bdc60955ec5cf9615a53bc1e3fd8995688e82c53
SHA512:93f385b473917a310c2cdb07c2a0f7004560a660103fd3975f9a57130a698fa5<br>ee66f584b077dda7a503eb920ba032fb68780a9eeb9b1b87084caa9e9e69eafd
PEiD..: -
PEInfo: -
Prevx info: http://info.prevx.com/aboutprogr ... 1EDBFA821000468FFD9
packers (Kaspersky): PE_Patch.UPX, UPX
packers (F-Prot): UPX

[ 本帖最后由 ljabchn 于 2008-8-6 23:08 编辑 ]

[病毒样本] 17PHolmes.cmt又更新，质量不错（卡巴回复为病毒）

回复 13楼 Kitman 的帖子

ArcaVir2008, F-Prot 4.4.4,NVC 5.99