精睿论坛样本测试（06.16）

显示全部楼层 · 发表于 2012-6-16 10:47:28

样本地址：Vdisk 威盘

（多线程，无限速，推荐使用IDM全速下载）

样本密码：冠盖满京华，斯人独憔悴。
样本数量：50

显示全部楼层 · 发表于 2012-6-16 10:48:41

本帖最后由酱紫啊~ 于 2012-6-16 11:04 编辑

nis2012kill 39X,miss11X

类别：已解决的安全风险
日期和时间,风险,活动,状态,推荐的操作,路径 - 文件名
2012-6-16 11:01:06,低,检测到 billlab-25.vc52 (Adware.Gen) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-25.vc52
2012-6-16 10:58:55,高,检测到 billlab-3.vc52 (Packed.Generic.362) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-3.vc52
2012-6-16 10:58:53,高,检测到 billlab-49.vc52 (Suspicious.Epi.2) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-49.vc52
2012-6-16 10:58:52,高,检测到 billlab-49.vc52 (Suspicious.Epi) (检测方: 自动防护),已隔离,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-49.vc52
2012-6-16 10:58:51,高,检测到 billlab-45.vc52 (W32.Almanahe.B!inf) (检测方: 病毒扫描程序和自动防护),已隔离,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-45.vc52
2012-6-16 10:58:51,高,检测到 billlab-46.vc52 (Trojan.Gen) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-46.vc52
2012-6-16 10:58:47,高,检测到 billlab-43.vc52 (W32.Fujacks.E) (检测方: 病毒扫描程序),已隔离,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-43.vc52
2012-6-16 10:58:43,高,检测到 billlab-29.vc52 (WS.Malware.2) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-29.vc52
2012-6-16 10:58:43,高,检测到 billlab-40.vc52 (WS.Malware.1) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-40.vc52
2012-6-16 10:58:39,高,检测到 billlab-39.vc52 (Trojan.Dropper) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-39.vc52
2012-6-16 10:58:39,高,检测到 billlab-37.vc52 (Trojan.Zeroaccess!gen7) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-37.vc52
2012-6-16 10:58:38,高,检测到 billlab-28.vc52 (Trojan.Gen.2) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-28.vc52
2012-6-16 10:58:38,高,检测到 billlab-33.vc52 (W32.SillyFDC.BCR) (检测方: 病毒扫描程序),已删除,已解决 - 不需要操作,c:\documents and settings\wen\桌面\vc520616\vc520616\billlab-33.vc52
2012-6-16 10:57:53,高,billlab-9.vc52 (Infostealer.Gampass) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:53,高,billlab-8.vc52 (Infostealer.Gampass) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:53,高,billlab-7.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:53,高,billlab-6.vc52 (Infostealer.Gampass) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:43,高,billlab-47.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:43,高,billlab-46.vc52 (Trojan.Gen) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:40,高,billlab-43.vc52 (W32.Fujacks.E) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:40,高,billlab-42.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:35,高,billlab-40.vc52 (WS.Malware.1) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:35,高,billlab-4.vc52 (Infostealer.Gampass) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:34,高,billlab-39.vc52 (Trojan.Dropper) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:33,高,billlab-38.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:31,高,billlab-37.vc52 (Trojan.Zeroaccess!gen7) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:30,高,billlab-36.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:28,高,billlab-34.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:24,高,billlab-33.vc52 (W32.SillyFDC.BCR) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:17,高,billlab-30.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:14,高,billlab-3.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:12,高,billlab-29.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:11,高,billlab-28.vc52 (Trojan.Gen.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:10,高,billlab-27.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:06,低,billlab-25.vc52 (Adware.Gen) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:03,高,billlab-22.vc52 (WS.Malware.1) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:57:02,高,billlab-24.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:58,高,billlab-21.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:55,高,billlab-20.vc52 (Trojan.Gen.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:53,高,billlab-2.vc52 (W32.SillyFDC.BCR) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:52,高,billlab-19.vc52 (Trojan.Gen.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:51,高,billlab-18.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:51,高,billlab-16.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:49,高,billlab-15.vc52 (Trojan.Gen) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:48,高,billlab-14.vc52 (Packed.Generic.362) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:46,高,billlab-13.vc52 (Trojan.Gampass.B!inf) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:46,高,billlab-12.vc52 (WS.Malware.2) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:43,高,billlab-10.vc52 (Trojan.Gampass.B!inf) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:41,高,billlab-1.vc52 (Infostealer.Gampass) 检测方自动防护,已阻止,已解决 - 不需要操作,
2012-6-16 10:56:37,高,billlab-0.vc52 (Infostealer) 检测方自动防护,已阻止,已解决 - 不需要操作,

显示全部楼层 · 发表于 2012-6-16 10:51:11

本帖最后由阿鲁卡德于 2012-6-16 10:56 编辑

管家45kill

显示全部楼层 · 发表于 2012-6-16 10:51:15

本帖最后由 humanlwj52 于 2012-6-16 11:00 编辑

ESET killed 49x (1x cleaned object included) , missed 1x.

C:\Users\TOSHIBA\Desktop\vc520616\BillLab-45.vc52 - Win32/Alman.NAB 病毒 - 已清除 - 已隔离

To ESET.

P.S.
BillLab-49.vc52 is marked as risk by ESET Live Grid.

显示全部楼层 · 发表于 2012-6-16 11:05:26

诺顿解压阻止加处理加扫描共38个威胁，剩余样本13个。

Q管扫描引擎全开扫描出44个处理后剩余样本6个

另为，想说，楼上的ESET真给力啊。

显示全部楼层 · 发表于 2012-6-16 11:05:48

Malcide Scanner
Version - 1.0.686

Heuristics - Extreme

Scanning now...
Date - 2012/6/16 Time - 11:05:21
Targets:
C:\Users\Gateway\Desktop\vc520616

C:\Users\Gateway\Desktop\vc520616\BillLab-0.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-1.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-10.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-11.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-12.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-13.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-14.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-15.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-16.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-17.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-18.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-19.vc52 > UPX - Win32.Malware.VB.JunkCode
C:\Users\Gateway\Desktop\vc520616\BillLab-2.vc52 - Win32.Malware.VB.JunkCode
C:\Users\Gateway\Desktop\vc520616\BillLab-20.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-21.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-22.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-23.vc52 - HEUR:Win32.Trojan-Dropper.RARSfx
C:\Users\Gateway\Desktop\vc520616\BillLab-24.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-25.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-26.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-27.vc52 - Win32.Malware.VB.JunkCode
C:\Users\Gateway\Desktop\vc520616\BillLab-28.vc52 - HEUR:Win32.Packed.Gen
C:\Users\Gateway\Desktop\vc520616\BillLab-29.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-3.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-30.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-31.vc52 > UPX - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520616\BillLab-32.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-33.vc52 - Win32.Malware.VB.JunkCode
C:\Users\Gateway\Desktop\vc520616\BillLab-34.vc52 - HEUR:Win32.Packed.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-36.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-37.vc52 - HEUR:Win32.Malware.Gen.3
C:\Users\Gateway\Desktop\vc520616\BillLab-38.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-39.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-4.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-40.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-42.vc52 - HEUR:Win32.Packed.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-43.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520616\BillLab-44.vc52 > UPX - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-46.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-47.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-48.vc52 > UPX - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-49.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520616\BillLab-6.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-7.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-8.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520616\BillLab-9.vc52 - HEUR:Win32.Malware.Gen.2

51 Objects scanned
5 Malicious objects found
41 Suspicious objects found
46 Threats found

Finish time - 11:05:42
Duration - 21 seconds (00:00:21)

显示全部楼层 · 发表于 2012-6-16 11:26:29

mse 16日病毒库扫描剩余7个文件~~

显示全部楼层 · 发表于 2012-6-16 11:28:29

熊猫云，剩余13个样本

显示全部楼层 · 发表于 2012-6-16 11:34:08

Dr.Web:

修复一个文件:
BillLab-45.vc52 - cured
扫描报告:
Total 20819189 bytes in 50 files scanned (122 objects)
Total 43 files are infected
Total 43 files are neutralized
Total 1 file (2 objects) are raised error condition
Total 6 files (74 objects) are clean,Already reported.

显示全部楼层 · 发表于 2012-6-16 11:36:39

本帖最后由 846859163 于 2012-6-16 11:55 编辑

黄豆+hitmanpro+数字卫士=48X miss2 已经上报毛豆

[病毒样本] 精睿论坛样本测试（06.16）

本帖子中包含更多资源

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源