WmpUpdate.exe

显示全部楼层 · 发表于 2008-10-29 22:04:05

505一扫而过

显示全部楼层 · 发表于 2008-10-29 23:27:45

LS上报了沒有?

显示全部楼层 · 发表于 2008-10-29 23:34:37

Virus Scan: completed 2008-10-29 JAY23:33:30 (events: 30, objects: 8, time: 00:00:01)
2008-10-29 JAY23:33:30 Untreated Trojan program Heur.Trojan.Generic High Partial C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe Skipped by user
2008-10-29 JAY23:33:29 Untreated Trojan program Heur.Trojan.Generic High Partial C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe Postponed
2008-10-29 JAY23:33:29 Task started
2008-10-29 JAY23:33:31 Task completed
2008-10-29 JAY23:33:29 Packed  UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#/PE_Patch.UPX
2008-10-29 JAY23:33:29 Packed  PE_Patch.UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 Packed  UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/PE_Patch.UPX
2008-10-29 JAY23:33:29 Packed  PE_Patch.UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe
2008-10-29 JAY23:33:29 Packed  UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#/PE_Patch.UPX
2008-10-29 JAY23:33:29 Packed  PE_Patch.UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 Packed  UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/PE_Patch.UPX
2008-10-29 JAY23:33:29 Packed  PE_Patch.UPX C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#/PE_Patch.UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#/PE_Patch.UPX/UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/PE_Patch.UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/PE_Patch.UPX/UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#/PE_Patch.UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#/PE_Patch.UPX/UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/#
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/PE_Patch.UPX
2008-10-29 JAY23:33:29 OK    C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe/PE_Patch.UPX/UPX
2008-10-29 JAY23:33:30 Detected Trojan program Heur.Trojan.Generic High Partial C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe
2008-10-29 JAY23:33:29 Detected Trojan program Heur.Trojan.Generic High Partial C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe
2008-10-29 JAY23:33:29 Detected Trojan program Heur.Trojan.Generic High Partial C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe
2008-10-29 JAY23:33:29 Detected Trojan program Heur.Trojan.Generic High Partial C:\Documents and Settings\Owner\桌面\454 启发引擎卡住.exe

显示全部楼层 · 发表于 2008-10-29 23:37:00

原帖由 328397663 于 2008-10-29 23:32 发表
已上传卡巴分析

倒，这个俺藏着用来测试卡巴的启发引擎的。。。。

显示全部楼层 · 发表于 2008-10-29 23:37:46

看来最新的启发引擎很值得期待。

显示全部楼层 · 发表于 2008-10-29 23:40:03

启发引擎质量是不断提高的，隔段时间就会提高一些，新的引擎还是会遇到卡住的样本，或是比较卡的样本。

[ 本帖最后由 wangjay1980 于 2008-10-29 23:41 编辑 ]

显示全部楼层 · 发表于 2008-10-29 23:43:46

等下个测试版出来就装上试试看。

那个js启发引擎怎么个用法？

[ 本帖最后由浪滔天于 2008-10-29 23:44 编辑 ]

显示全部楼层 · 发表于 2008-10-29 23:49:20

既可以在右键扫描中使用，例如针对VBS文件，这个还没试过。

也可以在WEB扫描中，启发恶意脚本。

[ 本帖最后由 wangjay1980 于 2008-10-29 23:50 编辑 ]

显示全部楼层 · 发表于 2008-10-29 23:49:24

[病毒样本] WmpUpdate.exe

本帖子中包含更多资源

回复 14楼 wangjay1980 的帖子

回复 16楼浪滔天的帖子

回复 17楼 wangjay1980 的帖子

回复 18楼浪滔天的帖子

本帖子中包含更多资源

[病毒样本] WmpUpdate.exe

本帖子中包含更多资源

回复 14楼 wangjay1980 的帖子

回复 16楼 浪滔天 的帖子

回复 17楼 wangjay1980 的帖子

回复 18楼 浪滔天 的帖子

本帖子中包含更多资源

回复 16楼浪滔天的帖子

回复 18楼浪滔天的帖子