精睿论坛样本测试（01.29）

显示全部楼层 · 发表于 2012-1-29 11:06:29

中文密码？

显示全部楼层 · 发表于 2012-1-29 11:07:28

phpwave 发表于 2012-1-29 11:06
中文密码？

不行吗

显示全部楼层 · 发表于 2012-1-29 11:28:15

程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-1.VC52
是木马程序!

木马名称：Backdoor.Win32.Agent.f

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-12.VC52
是病毒程序!

木马名称：Virus.Win32.Parite.a

处理结果：清除成功!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-18.VC52
是木马程序!

木马名称：Backdoor.Win32.GreyPigeon.dm

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-19.VC52
是木马程序!

木马名称：Backdoor.Win32.007BE047

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-2.VC52
是木马程序!

木马名称：Trojan-Spy.Win32.06636040

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-23.VC52
是木马程序!

木马名称：Trojan.Win32.Generic.dnh

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-29.VC52
是木马程序!

木马名称：Trojan-Spy.Win32.Swizzor.a

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-3.VC52
是木马程序!

木马名称：Trojan-PSW.Win32.QQPass.bqy

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-30.VC52
是木马程序!

木马名称：Backdoor.Win32.007BE047

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-36.VC52
是木马程序!

木马名称：Trojan-Spy.Win32.005C0EE5

处理结果：成功删除!
程序：C:\USERS\ADMINISTRATOR\DOWNLOADS\VC520129\BILLLAB-0129-41.VC52
是病毒程序!

木马名称：Virus.Win32.Sality.u

处理结果：清除成功!

微点kill15X
金山云补上19X
总共kill34X

显示全部楼层 · 发表于 2012-1-29 12:06:53

360 43

显示全部楼层 · 发表于 2012-1-29 12:25:09

大蜘蛛发现40个病毒，在39个样本内：

清除其中的一个：
vc520129\BillLab-0129-12.vc52 - cured
扫描统计：
Total 19038499 bytes in 50 files scanned (57 objects)
Total 11 files (16 objects) are clean
Total 39 files (40 objects) are infected
Scan time is 00:00:15

显示全部楼层 · 发表于 2012-1-29 13:09:45

噗哪来的样本全都是启发

Malcide Scanner
Version - 1.0.532
Genetic Database - 2012/1/29 1:27:31
Urgent Database - 2012/1/29 1:27:31

Scanning now...
Date - 2012/1/29 Time - 13:09:12
Target:
C:\Users\Gateway\Desktop\vc520129

C:\Users\Gateway\Desktop\vc520129\BillLab-0129-0.vc52 - HEUR: Win32.Virus.Suspect-EP.2
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-1.vc52 - HEUR: Win32.Virus.Suspect-EP.2
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-10.vc52 - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-11.vc52 - HEUR: Win32.Virus.Suspect-EP.2
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-12.vc52 - HEUR: Win32.Virus.Suspect-EP.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-13.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-15.vc52 - HEUR: Win32.Packed.EP-Crypt
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-17.vc52 - HEUR: Win32.Virus.Unexpected-SOI
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-19.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-2.vc52 - HEUR: Win32.Trojan.PV-Crypt
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-20.vc52 - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-22.vc52 - decompression error (UPX)
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-23.vc52 > UPX - Generic: Win32.Trojan-PSW.IEPass
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-25.vc52 - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-27.vc52 - HEUR: Win32.Packed.EP-Crypt
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-28.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-3.vc52 - Genetic: Win32.Trojan-PSW.1 (Possibly)
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-30.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-31.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-32.vc52 - HEUR: Win32.Virus.Suspect-EP.2
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-34.vc52 - HEUR: Win32.Virus.Unexpected-SOI
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-36.vc52 - HEUR: Win32.Packed.EP-Crypt
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-37.vc52 - decompression error (UPX)
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-4.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-41.vc52 - HEUR: Win32.Virus.Suspect-EP.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-43.vc52 - HEUR: Win32.Virus.Suspect-EP.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-44.vc52 - HEUR: Win32.Virus.Suspect-EP.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-45.vc52 - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-47.vc52 - HEUR: Win32.Trojan-Dropper.RarSfx
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-48.vc52 - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-5.vc52 > UPX - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-6.vc52 - HEUR: Win32.Trojan.Sign.Suspicious
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-8.vc52 - HEUR: Win32.Trojan.EPO-Crypt.1
C:\Users\Gateway\Desktop\vc520129\BillLab-0129-9.vc52 - HEUR: Win32.Trojan.Sign.Suspicious

50 Objects scanned
1 Malicious objects found
31 Suspicious objects found
32 Threats found

Finish time - 13:09:21
Duration - 9 second(s) (00:00:09)

显示全部楼层 · 发表于 2012-1-29 13:11:17

NIS Quarantine 34X Cured 2X Miss 14X

显示全部楼层 · 发表于 2012-1-29 13:20:43

emsisoft 40/50

显示全部楼层 · 发表于 2012-1-29 13:36:08

nod32 43

Mirror
http://1000eb.com/6il1

显示全部楼层 · 发表于 2012-1-29 14:02:59

File ID    Filename    Size (Byte) Result
26539524    vc520129.rar 0 Byte OK
A listing of files contained inside archives alongside their results can be found below:
File ID    Filename    Size (Byte) Result
26539525    BillLab-0129-13.vc52    339.57 KB    UNDER ANALYSIS
26539526    BillLab-0129-14.vc52    157.8 KB    UNDER ANALYSIS
26539527    BillLab-0129-22.vc52    73 KB    UNDER ANALYSIS
26539528    BillLab-0129-34.vc52    348.25 KB    UNDER ANALYSIS
26539529    BillLab-0129-47.vc52    338.16 KB    UNDER ANALYSIS
26539530    BillLab-0129-9.vc52    452.24 KB    UNDER ANALYSIS
26539531    BillLab-0129-11.vc52    431.02 KB    UNDER ANALYSIS

[病毒样本] 精睿论坛样本测试（01.29）

本帖子中包含更多资源

本帖子中包含更多资源