由 xyxuliang 发布的
PPS影音去广告补丁 V5.8 | 支持PPS V2.7.0.1488 正式版+破解VIP
https://bbs.pcbeta.com/forum.php?mod=viewthread&tid=1061527&highlight=
PPTV网络电视去广告补丁V4.9 | 支持 PPTV3.1.7.0033 版
https://bbs.pcbeta.com/forum.php?mod=viewthread&tid=1061526&highlight=
经过ESET Smart security 5.095.0 检测安全
本帖最后由 zhangjf05 于 2012-7-3 17:25 编辑
《超级异性吸引术2012高级版》泡妞技巧秘籍 手到擒来 | https://bbs.pcbeta.com/forum.php?mod=viewthread&tid=1065451
文件过大,解压后无法上传至VirScan以及 Comodo Instant Malware Analysis,仅进行手工检测:
解压前1.71MB,解压后66.8MB
程序运行后,调用ntfs.bat和cmd.exe,随后ntfs.bat创建两个进程conime.exe和cacls.exe
日期 应用程序 行为 目标
2012-07-03 16:40:15 C:\Documents and Settings\Administrator\桌面\《超级异性吸引术2012高级版》泡妞技巧秘籍.exe 修改注册表项 HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{10019334-A707-22d2-9CBD-0000F87A469H}\StubPath
2012-07-03 16:40:47 C:\Documents and Settings\Administrator\桌面\《超级异性吸引术2012高级版》泡妞技巧秘籍.exe 创建进程 C:\Program Files\Common Files\Microsoft Shared\MSInfo\ntfs.bat
2012-07-03 16:40:54 C:\Documents and Settings\Administrator\桌面\《超级异性吸引术2012高级版》泡妞技巧秘籍.exe 创建进程 C:\WINDOWS\system32\cmd.exe
2012-07-03 16:40:56 C:\Program Files\Common Files\Microsoft Shared\MSInfo\ntfs.bat 创建进程 C:\WINDOWS\system32\conime.exe
2012-07-03 16:40:58 C:\Program Files\Common Files\Microsoft Shared\MSInfo\ntfs.bat 创建进程 C:\WINDOWS\system32\cacls.exe
报告结束
重启后,产生dns.bat
日期 应用程序 行为 目标
2012-07-03 16:45:26 C:\WINDOWS\system32\imapi.exe 修改文件 C:\WINDOWS\TEMP\0hgyzsrh.TMP
2012-07-03 16:47:24 C:\WINDOWS\system32\imapi.exe 修改文件 C:\WINDOWS\TEMP\0hgyzsrh.TMP
2012-07-03 16:47:38 C:\WINDOWS\system32\imapi.exe 修改文件 C:\WINDOWS\TEMP\7shlb5jz.TMP
2012-07-03 16:47:48 C:\Program Files\Common Files\dns.bat 创建进程 C:\WINDOWS\system32\conime.exe
2012-07-03 16:47:53 C:\Program Files\Common Files\dns.bat 创建进程 C:\WINDOWS\system32\ipconfig.exe
2012-07-03 16:48:00 C:\WINDOWS\system32\ipconfig.exe 修改注册表项 HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
2012-07-03 16:48:06 C:\WINDOWS\system32\ipconfig.exe 修改注册表项 HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryMessageFile
2012-07-03 16:48:10 C:\WINDOWS\system32\ipconfig.exe 修改注册表项 HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryCount
2012-07-03 16:48:12 C:\WINDOWS\system32\ipconfig.exe 修改注册表项 HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\TypesSupported
2012-07-03 16:48:15 C:\WINDOWS\system32\ipconfig.exe DNS/RPC 客户端访问 \RPC Control\DNSResolver
报告结束
这个dns.bat文件调用ipconfig.exe文件修改关键注册表键值,结合软件本身功能考虑,该资源有较大可能性带毒。
博元迅雷离线下载(迅雷vip离线下载器) v10.01绿色版 | https://bbs.pcbeta.com/forum.php?mod=viewthread&tid=1074344
扫描时间:2012-07-18 20:59:00
扫描用时:00:03:37
扫描类型:快速扫描
扫描文件总数:4659
威胁总数:3
清除威胁数:0
扫描选项
----------------------
扫描所有文件:否
扫描压缩包:否
发现病毒处理方式:由用户选择处理
使用云查杀引擎:是
扫描磁盘引导区:是
扫描 Rootkit:否
使用QVM启发式引擎:是
常规引擎设置:Avira(小红伞)
扫描内容
----------------------
C:\Windows
C:\Windows\system
C:\Windows\system32
C:\Windows\fonts
C:\Windows\system32\drivers
C:\Windows\system32\dllcache
C:\Windows\temp
C:\Windows\tasks
C:\Windows\inf
C:\Program Files\Common Files
C:\Program Files\Common Files\System
C:\Program Files\Common Files\Microsoft Shared\DAO
白名单设置
----------------------
扫描结果
======================
系统修复扫描结果
----------------------
病毒扫描结果
----------------------
c:\windows\iexpresxs.DLL 恶意程序(Malware.QVM25.Gen) 未处理
c:\windows\iexpresxs.exe 后门程序(Backdoor.Win32.GrayPigeon.D) 未处理
d:\博元迅雷离线下载10.01.exe 恶意程序(Malware.QVM18.Gen) 未处理
病毒库版本:2012-07-16 02:02
扫描时间:2012-07-18 21:53:16
扫描用时:00:04:40
扫描类型:右键扫描
扫描文件总数:8106
威胁总数:2
清除威胁数:0
扫描选项
----------------------
扫描所有文件:否
扫描压缩包:否
发现病毒处理方式:由用户选择处理
使用云查杀引擎:是
扫描磁盘引导区:是
扫描 Rootkit:否
使用QVM启发式引擎:是
常规引擎设置:Avira(小红伞)
扫描内容
----------------------
D:\
白名单设置
----------------------
扫描结果
======================
病毒扫描结果
----------------------
D:\博元迅雷离线下载10.01.exe HEUR/Malware.QVM18.Gen 未处理
D:\TDDownload\byxllxxz.rar=>byxllxxz\博元迅雷离线下载10.01.exe HEUR/Malware.QVM18.Gen 未处理
本帖最后由 zhangjf05 于 2012-7-19 11:31 编辑
大蜗牛小蜗牛 发表于 2012-7-18 23:03 static/image/common/back.gif
博元迅雷离线下载(迅雷vip离线下载器) v10.01绿色版 | https://bbs.pcbeta.com/forum.php?mod=viewthread&ti ...
VirSCAN.org Scanned Report :
Scanned time : 2012/07/18 21:07:00 (CST)
Scanner results: 64%的杀软(23/36)报告发现病毒
File Name : 博元迅雷离线下载10.01.exe
File Size : 2422737 byte
File Type : MS-DOS executable, PE for MS Windows (GUI) Intel 80386 32-bi
MD5 : 847623b155f8c5b5118ea7a6f2ed74df
SHA1 : cf7dfdbb9857a58ac71c462705e13a55e021ab27
Online report: http://r.virscan.org/f54bb4b5057c60d47ef7f66f1ee66611
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.4 20120718110400 2012-07-1810.72Virus.Win32.Delf.CSK!IK
安博士V3 ... .. -- 0.42 -
AntiVir 8.2.10.80 7.11.32.106 2012-06-090.36 -
安天 2.0.18 2.0.18. 0002-18-000.51 -
Arcavir 2011 201206041805 2012-06-048.91 -
Authentium 5.1.1 201207180821 2012-07-183.97 W32/Heuristic-210!Eldorado (Heuristic)
AVAST! 4.7.4 120718-0 2012-07-181.43 Win32:Agent-WI
AVG 12.0.1787 2437/5138 2012-07-171.54 Dropper.Generic2.DVP
BitDefender 7.90123.7.90123 7.90123 2012-07-180.31 -
ClamAV 0.97.3 15148 2012-07-180.59 PUA.Packed.FSG
Comodo 5.1 12971 2012-07-184.33 TrojWare.Win32.PSW.MMThief._0
CP Secure 1.3.0.5 2012.07.18 2012-07-180.84 Troj.Dropper.W32.Agent.hx
Dr.Web 7.0.2.4281 2012.07.17 2012-07-1717.70Trojan.MulDrop.7665
F-Prot 4.6.2.117 20120718 2012-07-182.42 Possible W32/Heuristic-210!Eldorado (damaged, not disinfectable)
F-Secure 7.02.73807 2012.07.18.04 2012-07-182.01 MemScan:Backdoor.Hupigon.ZXC
飞塔 4.3.392 15.871 2012-07-170.88 W32/Agent.HX!tr.dr
GData 22.5599 20120718 2012-07-187.17 MemScan:Backdoor.Hupigon.ZXC
ViRobot 20120718 2012.07.18 2012-07-180.41 -
Ikarus T3.1.32.20.0 ..1.32.20.0. --1.32.20.0 0.26 -
江民杀毒 13.0.900 2012.07.18 2012-07-184.86 TrojanDropper.Agent.bjl
卡巴斯基 5.5.10 2012.07.16 2012-07-160.47 Trojan-Dropper.Win32.Delf.afz
金山毒霸 2009.2.5.15 2012.7.18.16 2012-07-183.00 Win32.Troj.Downloader.rj.1323008
迈克菲 5400.1158 6775 2012-07-179.37 PWS-MMThief
Microsoft 1.8601 2012.07.17 2012-07-174.43 TrojanDropper:Win32/Agent
NOD32 3.0.21 7308 2012-07-182.95 a variant of Win32/TrojanDropper.Delf.NZQ trojan
熊猫卫士 9.05.01 2012.07.18 2012-07-186.53 Suspicious file
趋势科技 9.500-1005 9.268.03 2012-07-171.91 -
Quick Heal 11.00 2012.07.17 2012-07-171.90 -
瑞星 20.0 24.19.01.03 2012-07-172.88 -
Sophos 3.33.2 4.79 2012-07-184.97 Mal/Packer
Sunbelt 3.9.2542.2 12264 2012-07-174.75 -
赛门铁克 1.3.0.24 20120717.004 2012-07-170.78 -
nProtect 20120717.01 11607257 2012-07-173.06 MemScan:Backdoor.Hupigon.ZXC
The Hacker 6.8.0.0 v00063 2012-07-170.64 -
VBA32 3.12.18.1 20120718.0726 2012-07-183.40 Trojan-Dropper.Win32.Agent.hx
VirusBuster 5.5.2.11 15.0.102.0/91072772012-07-170.49 Packed/FSG
http://r.virscan.org/f54bb4b5057c60d47ef7f66f1ee66611
本帖最后由 zhangjf05 于 2012-7-19 11:29 编辑
大蜗牛小蜗牛 发表于 2012-7-18 23:03 static/image/common/back.gif
博元迅雷离线下载(迅雷vip离线下载器) v10.01绿色版 | https://bbs.pcbeta.com/forum.php?mod=viewthread&ti ...
https://www.virustotal.com/file/206ed182ff38ebc0e57ed8d909dda223d8055e9a69b8521b11fa0fa40f7a73fd/analysis/
SmartDraw.2012.Enterprise.Edition企业英文20.0.1.0版+Keygen(流程图制作)
https://bbs.pcbeta.com/data/attachment/forum/201207/27/152435w55x0weejwll6lhs.png.thumb.jpg
下载后解压出来图中标出的两个文件,扫描结果如下:
文件名称 :Keygen SmartDraw 2012.exe (本站不提供任何文件的下载服务)
文件大小 :1589760 byte
文件类型 :PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 :f5fe908866a5038bca2016011004ade1
SHA1 :c8e3deb61235e34d7d1f3a8efc8c8b162139dccf
扫描结果
扫描结果 :11%的杀软(4/36)报告发现病毒
时间 :2012/07/27 15:16:37 (CST)
软件名称 http://img.virscan.org/images/arrow-down.gif引擎版本病毒库版本病毒库时间扫描结果时间
a-squared5.1.0.4201207271201312012-07-27Backdoor.Win32.VB!IK
6.626
AntiVir8.2.10.807.11.32.1062012-06-09-
0.180
Arcavir20112012060418052012-06-04-
4.328
Authentium5.1.12012072622212012-07-26-
2.481
AVAST!4.7.4120726-22012-07-26-
0.453
AVG12.0.17872437/51572012-07-26-
0.574
BitDefender7.90123.7.901237.901232012-07-27-
0.220
ClamAV0.97.3151822012-07-27PUA.Win32.Packer.SetupExeSection
0.491
Comodo5.1130592012-07-27-
4.791
CP Secure1.3.0.52012.07.272012-07-27-
0.526
Dr.Web7.0.2.42812012.07.272012-07-27-
18.027
F-Prot4.6.2.117201207262012-07-26-
2.269
F-Secure7.02.738072012.07.27.012012-07-27-
0.932
GData22.5660201207272012-07-27-
6.606
IkarusT3.1.32.20.0..1.32.20.0.--1.32.20.0-
0.240
Microsoft1.86012012.07.272012-07-27-
11.063
NOD323.0.2173322012-07-26-
3.017
nProtect20120726.01116262762012-07-26-
2.035
Quick Heal11.002012.07.242012-07-24-
1.372
Sophos3.33.24.792012-07-27-
4.666
Sunbelt3.9.2542.2123862012-07-26-
9.096
The Hacker6.8.0.0v000682012-07-26-
0.683
VBA323.12.18.120120726.07302012-07-26-
11.878
ViRobot201207262012.07.262012-07-26-
0.405
VirusBuster5.5.2.1315.0.116.0/91330722012-07-26Suspicious!SA
1.262
卡巴斯基5.5.102012.07.262012-07-26-
0.300
安博士V3.....---
0.187
安天2.0.182.0.18.0002-18-00-
0.324
江民杀毒13.0.9002012.07.272012-07-27Worm/Fipp.ej
2.182
熊猫卫士9.05.012012.07.262012-07-26-
6.790
瑞星20.024.20.03.012012-07-26-
2.698
赛门铁克1.3.0.2420120725.0032012-07-25-
0.584
趋势科技9.500-10059.286.072012-07-26-
0.228
迈克菲5400.115867842012-07-26-
11.924
金山毒霸2009.2.5.152012.7.26.92012-07-26-
1.047
飞塔4.3.39215.9242012-07-26-
0.253
文件名称 :REPT.exe (本站不提供任何文件的下载服务)
文件大小 :48148 byte
文件类型 :MS-DOS executable, MZ for MS-DOS
MD5 :5756f0d4650deb1361994b1c2831ce06
SHA1 :c0fbf2b4b95c5017341f8bf69f477d7aa94ef9cf
扫描结果
扫描结果 :36%的杀软(13/36)报告发现病毒
时间 :2012/07/23 20:59:09 (CST)
软件名称 http://img.virscan.org/images/arrow-down.gif引擎版本病毒库版本病毒库时间扫描结果时间
a-squared5.1.0.4201207231901372012-07-23Backdoor.Win32.Poison!IK
7.896
AntiVir8.2.10.807.11.32.1062012-06-09-
0.182
Arcavir20112012060418052012-06-04-
5.004
Authentium5.1.12012072301512012-07-23W32/Heuristic-210!Eldorado (Heuristic)
4.164
AVAST!4.7.4120723-02012-07-23-
0.280
AVG12.0.17872437/51492012-07-23-
1.750
BitDefender7.90123.7.901237.901232012-07-23-
0.268
ClamAV0.97.3151682012-07-23PUA.Packed.UPack-2
0.395
Comodo5.1130212012-07-23TrojWare.Win32.TrojanDownloader.Agent.~d018
9.067
CP Secure1.3.0.52012.07.232012-07-23-
0.354
Dr.Web7.0.2.42812012.07.212012-07-21-
14.754
F-Prot4.6.2.117201207232012-07-23Possible W32/Heuristic-210!Eldorado (damaged, not disinfectable)
2.880
F-Secure7.02.738072012.07.23.022012-07-23.html]Gen:Trojan.Heur.DP.cmGeaSyJcIbc
0.419
GData22.5636201207232012-07-23.html]Gen:Trojan.Heur.DP.cmGeaSyJcIbc
11.584
IkarusT3.1.32.20.0..1.32.20.0.--1.32.20.0-
0.399
Microsoft1.86012012.07.232012-07-23-
37.769
NOD323.0.2173212012-07-23-
1.087
nProtect20120723.02116193592012-07-23-
7.385
Quick Heal11.002012.07.222012-07-22Suspicious - DNAScan
2.662
Sophos3.33.24.792012-07-23-
7.647
Sunbelt3.9.2542.2123382012-07-23Trojan.Win32.Packer.Upack0.3.9 (ep)
5.430
The Hacker6.8.0.0v000652012-07-22W32/Behav-Heuristic-060
1.098
VBA323.12.18.120120723.07192012-07-23-
5.500
ViRobot201207232012.07.232012-07-23-
0.674
VirusBuster5.5.2.1115.0.109.0/91115142012-07-22Packed/Upack
0.737
卡巴斯基5.5.102012.07.232012-07-23-
1.133
安博士V3.....---
0.333
安天2.0.182.0.18.0002-18-00-
0.295
江民杀毒13.0.9002012.07.232012-07-23-
2.602
熊猫卫士9.05.012012.07.232012-07-23Trj/Pupack.A
14.168
瑞星20.024.20.00.012012-07-23-
5.266
赛门铁克1.3.0.2420120722.0062012-07-22-
1.184
趋势科技9.500-10059.280.052012-07-23Cryp_Xed-12
1.418
迈克菲5400.115867802012-07-22-
12.126
金山毒霸2009.2.5.152012.7.23.92012-07-23-
3.017
飞塔4.3.39215.8922012-07-21-
0.592
放毒的太缺德了!
本帖最后由 张淏 于 2012-7-30 19:08 编辑
SHA256:7bc08e2f82df43660fa6d7fce5074eb08fc9bb615b1c254edce3c09abdd0e3c2
File name:XL离线下载器v3.8.rar
Detection ratio:30 / 41
Analysis date:2012-07-30 10:43:32 UTC ( 25 分钟 ago )
https://chart.googleapis.com/chart?chs=120x60&cht=gom&chco=d60c1A,379f32&chds=-100,100&chd=t:-1
0
1
More details
AntivirusResultUpdate
AhnLab-V3-20120729
AntiVirTR/Black.Gen220120730
Antiy-AVLTrojan/Win32.Agent2.gen20120727
AvastWin32:Malware-gen20120730
AVGWin32/Heur20120730
BitDefenderTrojan.Generic.751806620120730
ByteHero-20120723
CAT-QuickHealTrojan.Agent2.fhpy20120730
ClamAV-20120730
Commtouch-20120730
ComodoUnclassifiedMalware20120730
DrWeb-20120730
EmsisoftVirus.Win32.Heur!IK20120730
eSafeWin32.Packed.Vmpbad20120729
ESET-NOD32a variant of Win32/FlyStudio.Packed.AE20120730
F-Prot-20120730
F-SecureTrojan.Generic.751806620120730
FortinetW32/Generic20120730
GDataTrojan.Generic.751806620120730
IkarusVirus.Win32.Heur20120730
JiangminTrojan/Generic.acukw20120730
K7AntiVirusRiskware20120728
KasperskyTrojan.Win32.Agent2.fhpy20120730
McAfeeArtemis!6D96ED2F286720120730
McAfee-GW-EditionArtemis!6D96ED2F286720120730
Microsoft-20120730
NormanW32/Troj_Generic.BMZDO20120730
nProtectTrojan.Generic.751806620120730
PandaTrj/Thed.V20120730
Rising-20120730
SophosMal/Behav-36320120730
SUPERAntiSpyware-20120729
SymantecPacked.Vmpbad!gen920120730
TheHackerTrojan/Agent2.fhpy20120729
TotalDefense-20120728
TrendMicroTROJ_GEN.R47C8FN20120730
TrendMicro-HouseCallTROJ_GEN.R47C8FN20120730
VBA32Trojan.Agent2.fhpy20120730
VIPRETrojan.Win32.Generic!BT20120730
ViRobot-20120730
VirusBusterTrojan.Packed!ogmeVafVXm420120729
由于扫描结果显示绝大多数杀软认为含有病毒,可以判定此附件为病毒。
本帖最后由 zhangjf05 于 2012-7-30 22:05 编辑
InternetDownload Manager 6.12.07中文注册版 (提升5倍下载速度 比迅雷还快) | https://bbs.pcbeta.com/forum.php?mod=viewthread&tid=1082792压缩包3.97M,解压后63.6M。运行后,释放出
C:\Windows\SysWOW64\drivers\DDDDDDDD.sysC:\Program Files\Common Files\Microsoft Shared\MSInfo\hostsC:\Program Files\forumdisp.exeFiles\Microsoft Shared\MSInfo\ntfs.batC:\Program Files\Common Files\Microsoft Shared\MSInfo\win.txtC:\Program Files\Common Files\Microsoft Shared\MSInfo\xinzhu.txtC:\Program Files\Common Files\Microsoft Shared\MSInfo\xinzhu.txt:\Program Files\Common Files\Microsoft Shared\MSInfo\kkk.txtC:\Program Files\Common Files\Microsoft Shared\MSInfo\IEFILES5.INI (这个文件的大小为59.8MB)C:\Program Files\Common Files\Microsoft Shared\MSInfo\aay.txtC:\Program Files\Common Files\Microsoft Shared\MSInfo\hou.txt
添加如下注册表项:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10031305-A707-22d2-9CBD-0000F87A469H}
部分文件的内容:C:\ProgramFiles\Common Files\Microsoft Shared\MSInfo\aay.txt(这个文件不断重生)C:\Program Files\Common Files\Microsoft Shared\INK\10019622.789
后面的数字会不断变化C:\ProgramFiles\Common Files\Microsoft Shared\MSInfo\hosts
#This
file has been replaced with its default version by Kaspersky Lab because of possible infection###127.0.0.1
localhost::1
localhost
(这个已经被卡巴杀掉了,源代码没看到)
C:\ProgramFiles\Common Files\Microsoft Shared\MSInfo\hou.txt(会重生)789
内容是随机三位数,不断变化C:\ProgramFiles\Common Files\Microsoft Shared\MSInfo\ntfs.bat
cacls
"C:\Program Files\Common Files\Microsoft Shared\686\686 /d everyone /e cacls
"C:\Program Files\Common Files\Microsoft Shared\686" /d everyone /e
C:\ProgramFiles\Common Files\Microsoft Shared\MSInfo\win.txtC:\Program Files\Common Files\Microsoft Shared\686\686\686.exe
C:\ProgramFiles\Common Files\Microsoft Shared\MSInfo\xinzhu.txt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10017369-A707-22d2-9CBD-0000F87A469H}
空间人气提升器
https://bbs.pcbeta.com/viewthread-1096909-1-1.html
SHA256:22eafff417037607fa049ba42319f7db970f61f6a50ce825a8e570a59a658710
File name:QQ海军空间人气王v2.4_猴岛游戏.rar
Detection ratio:15 / 41
Analysis date:2012-08-10 12:40:29 UTC ( 1 分钟 ago )
https://chart.googleapis.com/chart?chs=120x60&cht=gom&chco=d60c1A,379f32&chds=-100,100&chd=t:0
0
0
More details
AntivirusResultUpdate
AhnLab-V3-20120810
AntiVir-20120810
Antiy-AVL-20120808
AvastWin32:Malware-gen20120810
AVG-20120810
BitDefender-20120810
ByteHero-20120723
CAT-QuickHeal-20120810
ClamAV-20120809
CommtouchW32/Downloader-Web-based!Maximus20120810
ComodoUnclassifiedMalware20120810
EmsisoftTrojan.Win32.Pasta!IK20120810
eSafe-20120809
ESET-NOD32a variant of Win32/FlyStudio20120810
F-ProtW32/Downloader-Web-based!Maximus20120810
F-Secure-20120810
FortinetW32/Tfr.CM!tr20120810
GDataWin32:Malware-gen20120810
IkarusTrojan.Win32.Pasta20120810
Jiangmin-20120810
K7AntiVirusTrojan20120809
Kaspersky-20120810
McAfeeGeneric.tfr!cm20120810
McAfee-GW-EditionGeneric.tfr!cm20120810
Microsoft-20120810
Norman-20120810
nProtect-20120810
Panda-20120810
PCTools-20120810
Rising-20120810
SophosSus/ComPack-L20120810
SUPERAntiSpyware-20120810
Symantec-20120810
TheHacker-20120810
TotalDefense-20120809
TrendMicro-20120810
TrendMicro-HouseCallTROJ_GEN.R44H1FQ20120810
VBA32-20120810
VIPREVirTool.Win32.Obfuscator.XZ (v)20120810
ViRobot-20120810
VirusBuster-20120809
VirSCAN.org Scanned Report :
Scanned time : 2012/08/14 14:09:35 (CST)
Scanner results: 19%的杀软(7/36)报告发现病毒
File Name : 绿色工具箱子.exe
File Size : 12079183 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : e7add2ba6d5f7c99e8984e1294f8ddce
SHA1 : fb276e4ae80da0275a741cbc06b5e954c7ba79db
Online report: http://r.virscan.org/6494c925a778f05613120aee61feeaa8
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.4 20120814140200 2012-08-147.74 Trojan.Backdoor.FlyAgent!IK
安博士V3 ... .. -- 0.15 -
AntiVir 8.2.10.80 7.11.32.106 2012-06-090.00 -
安天 2.0.18 20120803.20230192 2012-08-030.00 -
Arcavir 2011 201206041805 2012-06-040.00 -
Authentium 5.1.1 201208070244 2012-08-070.00 -
AVAST! 4.7.4 120806-1 2012-08-060.00 -
AVG 12.0.1787 2437/5182 2012-08-060.00 -
BitDefender 7.90123.7330300 7.42746 2012-06-270.00 -
ClamAV 0.97.3 15226 2012-08-070.00 -
Comodo 5.1 13232 2012-08-142.71 TrojWare.Win32.TrojanDropper.Agent.~JJB
CP Secure 1.3.0.5 2012.08.06 2012-08-060.00 -
Dr.Web 7.0.2.4281 2012.08.07 2012-08-070.00 -
F-Prot 4.6.2.117 20120806 2012-08-060.00 -
F-Secure 7.02.73807 2012.08.07.01 2012-08-070.00 -
飞塔 4.3.392 16.31 2012-08-130.46 W32/Autorun!worm
GData 22.5786 20120814 2012-08-146.30 -
ViRobot 20120813 2012.08.13 2012-08-130.63 -
Ikarus T3.1.32.20.0 ..1.32.20.0. --1.32.20.0 0.00 -
江民杀毒 13.0.900 2012.08.13 2012-08-132.47 -
卡巴斯基 5.5.10 2012.08.07 2012-08-070.00 -
金山毒霸 2009.2.5.15 2012.8.14.9 2012-08-142.13 -
迈克菲 5400.1158 6795 2012-08-060.00 -
Microsoft 1.8601 2012.08.14 2012-08-148.82 VirTool:Win32/DelfInject.gen!T
NOD32 3.0.21 7353 2012-08-030.00 -
熊猫卫士 9.05.01 2012.08.13 2012-08-139.83 Trj/FlyStudio.CR
趋势科技 9.500-1005 9.308.05 2012-08-060.00 -
Quick Heal 11.00 2012.08.13 2012-08-135.57 -
瑞星 20.0 24.23.01.01 2012-08-146.74 -
Sophos 3.33.2 4.79 2012-08-070.00 -
Sunbelt 3.9.2544.2 12628 2012-08-133.80 Backdoor.Win32.FlyAgent.h (v)
赛门铁克 1.3.0.24 20120805.009 2012-08-050.00 -
nProtect 20120814.01 11804285 2012-08-144.11 -
The Hacker 6.8.0.0 v00076 2012-08-130.80 Trojan/Downloader.Flystudio.gen
VBA32 3.12.18.1 20120806.0754 2012-08-060.00 -
VirusBuster 5.5.2.13 15.0.133.1/92354842012-08-070.00 -
2012-QQ 空间强制查看器 七公小工具
SHA256:2472585ec6d4cbda8cda8412bb0e1292d6df205e9bdb909e4b3622f594ad4298
File name:2012-QQ 空间强制查看器--七公.rar
Detection ratio:28 / 41
Analysis date:2012-08-14 12:35:33 UTC ( 1 小时, 49 分钟 ago )
https://chart.googleapis.com/chart?chs=120x60&cht=gom&chco=d60c1A,379f32&chds=-100,100&chd=t:0
0
0
More details
AntivirusResultUpdate
AhnLab-V3-20120813
AntiVir-20120814
Antiy-AVLBackdoor/Win32.Hupigon.gen20120813
AvastWin32:Malware-gen20120813
AVGBackDoor.Generic15.NFN20120813
BitDefenderGen:Variant.Graftor.67420120814
ByteHero-20120723
CAT-QuickHealWin32.VirTool.DelfInject.gen!X.4.a20120813
ClamAV-20120814
CommtouchW32/Agent.EW.gen!Eldorado20120813
ComodoUnclassifiedMalware20120813
DrWebBackDoor.Pigeon1.34420120814
EmsisoftVirus.Win32.OnLineGames!IK20120813
ESET-NOD32a variant of Win32/FlyStudio20120813
F-ProtW32/Agent.EW.gen!Eldorado20120813
F-SecureTrojan:W32/DelfInject.R20120813
FortinetW32/BackDoor.UC!tr20120813
GDataGen:Variant.Graftor.67420120814
IkarusVirus.Win32.OnLineGames20120813
Jiangmin-20120813
K7AntiVirusRiskware20120813
Kaspersky-20120813
McAfeeGeneric Backdoor.uc20120814
McAfee-GW-EditionGeneric Backdoor.uc20120813
MicrosoftTrojan:Win32/Danginex20120814
NormanW32/OnLineGames.LWBP20120813
nProtect-20120813
PandaSuspicious file20120813
PCTools-20120813
Rising-20120813
SophosMal/Generic-L20120814
SUPERAntiSpyware-20120811
SymantecTrojan.Gen.220120813
TheHacker-20120813
TotalDefense-20120814
TrendMicroTROJ_GEN.R44C8C520120814
TrendMicro-HouseCallTROJ_GEN.R44C8C520120814
VBA32Backdoor.Hupigon.qtvw20120813
VIPRETrojan.Win32.Generic.pak!cobra20120813
ViRobot-20120813
VirusBusterBackdoor.Hupigon!BQLtMijK8zU20120813
手机摧残器V1.0-报复那些发银行帐号,打骚扰电话的人们
27款杀软报毒,确定内含病毒。贴子回收。
SHA256:a69e2459c31fc6a09b95de8efe5395e4a725f053fb52f642b6a16984f57b0f9d
File name:手机摧残器.rar
Detection ratio:27 / 42
Analysis date:2012-08-15 09:31:58 UTC ( 0 分钟 ago )
https://chart.googleapis.com/chart?chs=120x60&cht=gom&chco=d60c1A,379f32&chds=-100,100&chd=t:0
0
0
More details
AntivirusResultUpdate
AhnLab-V3-20120814
AntiVir-20120815
Antiy-AVL-20120815
AvastWin32:Malware-gen20120815
AVGGeneric2_c.BORC20120814
BitDefenderTrojan.Generic.460759020120815
ByteHero-20120814
CAT-QuickHeal(Suspicious) - DNAScan20120814
ClamAV-20120815
Commtouch-20120815
ComodoTrojWare.Win32.FlyStudio.~UJ20120814
DrWeb-20120815
EmsisoftTrojan.SuspectCRC!IK20120815
eSafeWin32.Trojan20120814
ESET-NOD32a variant of Win32/Packed.FlyStudio20120815
F-Prot-20120814
F-SecureTrojan.Generic.460759020120815
FortinetW32/Downloader_x.ECN!tr20120814
GDataTrojan.Generic.460759020120815
IkarusTrojan.SuspectCRC20120815
JiangminTrojanDownloader.Agent.bjcy20120815
K7AntiVirusTrojan20120814
Kaspersky-20120815
McAfeeArtemis!FD27B0066A0820120815
McAfee-GW-EditionArtemis!44E2CA67C06020120814
MicrosoftTrojanDownloader:Win32/Troxen!rts20120815
NormanW32/DLoader.AHYXT20120814
nProtectTrojan.Generic.460759020120815
PandaSuspicious file20120815
PCTools-20120813
RisingTrojan.Win32.Generic.123BC33620120815
SophosMal/PWSDLL-B20120815
SUPERAntiSpyware-20120815
SymantecWS.Reputation.120120815
TheHacker-20120814
TotalDefense-20120814
TrendMicro-20120815
TrendMicro-HouseCallTROJ_GEN.F43BZJH20120815
VBA32TrojanDownloader.Small.zhn20120814
VIPRETrojan.Win32.Generic!BT20120815
ViRobot-20120814
VirusBusterTrojan.Agent2!4IuNqcA3c5o20120814
本帖最后由 贝爷 于 2012-8-15 23:33 编辑
检测通过,误发了一个。。
www.virustotal.com的检测结果,应该不会
SHA256:d569f2cb0e3a933d12e6a3ec94e49bf70a7a5999a760ed361cbc22eef385f592
File name:神器.rar
Detection ratio:20 / 40
Analysis date:2012-08-01 06:17:37 UTC ( 1 月, 2 周 ago )
https://chart.googleapis.com/chart?chs=120x60&cht=gom&chco=d60c1A,379f32&chds=-100,100&chd=t:0
0
0
More details
AntivirusResultUpdate
AhnLab-V3-20120731
AntiVirTR/Agent.101107920120801
Antiy-AVLTrojan/win32.agent20120801
Avast-20120731
AVGSuspicion: unknown virus20120731
BitDefender-20120801
ByteHero-20120723
CAT-QuickHeal-20120801
ClamAV-20120801
CommtouchW32/Heuristic-210!Eldorado20120801
ComodoUnclassifiedMalware20120801
DrWeb-20120801
EmsisoftTrojan.Win32.BHO!IK20120801
eSafeWin32.NewMalware.Aq20120731
ESET-NOD32-20120731
F-ProtW32/Heuristic-210!Eldorado20120801
F-Secure-20120801
FortinetW32/Dx.24!tr20120801
GData-20120801
IkarusTrojan.Win32.BHO20120801
Jiangmin-20120801
K7AntiVirusRiskware20120731
Kaspersky-20120801
McAfeeArtemis!792688B35B5920120801
McAfee-GW-EditionArtemis!792688B35B5920120731
Microsoft-20120801
NormanW32/Suspicious_Gen2.PGDZE20120731
nProtect-20120801
PandaGeneric Trojan20120731
Rising-20120801
SophosMal/Generic-L20120801
SUPERAntiSpyware-20120801
Symantec-20120801
TheHacker-20120730
TotalDefense-20120731
TrendMicroMal_MLWR-2420120801
TrendMicro-HouseCallTROJ_GEN.F47BZJE20120801
VIPREPacker.NSAnti.Gen (v)20120801
ViRobot-20120801
VirusBusterPacked/NSPack20120731
天堂的风、 发表于 2012-9-15 23:33 static/image/common/back.gif
www.virustotal.com的检测结果,应该不会
这是哪个帖子里的资源?给个地址,我去处理。
xiaoket 发表于 2012-9-17 15:30 static/image/common/back.gif
这是哪个帖子里的资源?给个地址,我去处理。
https://bbs.pcbeta.com/forum.php?mod=viewthread&tid=999842
我记的我当时发帖子的时候加上链接了,估计是编辑的时候没弄好
为什么大部分种子搜索工具都能被检测出病毒呀?
非常酷哦,不顶对不起良心
谢谢了,。歇息诶