收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿论坛样本测试(07.07)
12345678下一页
返回列表 发新帖
楼主: billgates1996
 收起左侧

[病毒样本] 精睿论坛样本测试(07.07)

  [复制链接]
ADSLgg
发表于 2012-7-7 11:45:18 | 显示全部楼层
红伞39/50
回复

举报

hx1997
发表于 2012-7-7 12:03:34 | 显示全部楼层
本帖最后由 hx1997 于 2012-7-7 12:05 编辑

比尔这么有时间?初三毕业?我们初二暑假作业超多。

Malcide Scanner
Version - 1.0.687

Heuristics - Extreme

Scanning now...
Date - 2012/7/7   Time - 11:57:23
Targets:
    C:\Users\Gateway\Desktop\vc520707

C:\Users\Gateway\Desktop\vc520707\BillLab-0.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-1.vc52 > NSIS > script.bin - NSIS.Trojan-Downloader.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-12.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-13.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-14.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-15.vc52 > UPX - Win32.Malware.VB.JunkCode
C:\Users\Gateway\Desktop\vc520707\BillLab-16.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-17.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-18.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-2.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-20.vc52 > INNO > {app}\lame.exe - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-20.vc52 > INNO > {app}\oggenc.exe - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-21.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-22.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-24.vc52 > NSIS > script.bin - NSIS.Trojan-Downloader.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-25.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-26.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-27.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-28.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-29.vc52 - HEUR:Win32.Packed.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-3.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-30.vc52 - HEUR:Win32.Malware.Gen.3
C:\Users\Gateway\Desktop\vc520707\BillLab-33.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-34.vc52 - HEUR:Win32.Malware.Gen.3
C:\Users\Gateway\Desktop\vc520707\BillLab-35.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-36.vc52 - Win32.Malware.VB.JunkCode
C:\Users\Gateway\Desktop\vc520707\BillLab-37.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-4.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-40.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-42.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-43.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-44.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-45.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-46.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-47.vc52 - HEUR:Win32.Virus.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-48.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-49.vc52 - HEUR:Win32.Malware.Gen.2
C:\Users\Gateway\Desktop\vc520707\BillLab-5.vc52 - HEUR:Win32.Trojan-Dropper.Gen
C:\Users\Gateway\Desktop\vc520707\BillLab-7.vc52 - HEUR:Win32.Packed.Gen

234 Objects scanned
4 Malicious objects found
34 Suspicious objects found
38 Threats found

Finish time - 11:58:10
Duration - 47 seconds (00:00:47)
回复

举报

ywsuda
发表于 2012-7-7 12:03:52 | 显示全部楼层
哀酱俏佳人 发表于 2012-7-7 10:40
EES剩余5个

这货的查杀永远这么牛叉
回复

举报

天山童姥
发表于 2012-7-7 12:19:00 | 显示全部楼层
费尔Kill 34X



余下样本

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hx1997
发表于 2012-7-7 12:20:13 | 显示全部楼层
本帖最后由 hx1997 于 2012-7-7 12:22 编辑

ESET killed 45×, missed 5×.

To ESET.

C:\Users\Gateway\Desktop\vc520707\BillLab-0.vc52 - Win32/Spy.Zbot.AAN trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-1.vc52 » NSIS » Script.nsi - Win32/Toggle potentially unwanted application
C:\Users\Gateway\Desktop\vc520707\BillLab-11.vc52 - probably a variant of Win32/UpToDown.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-12.vc52 - Win32/Fynloski.AA trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-13.vc52 - MSIL/Agent.NQU trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-14.vc52 - a variant of Win32/Kryptik.SHL trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-15.vc52 - Win32/TrojanClicker.VB.NUE trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-16.vc52 - a variant of Win32/DTopTool potentially unwanted application - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-17.vc52 - Win32/Sality.NBA virus - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-19.vc52 - probably a variant of Win32/UpToDown.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-22.vc52 - Win32/TrojanDownloader.Banload.REO trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-23.vc52 - a variant of MSIL/TrojanDropper.Agent.AL trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-24.vc52 » NSIS » Script.nsi - Win32/Toggle potentially unwanted application
C:\Users\Gateway\Desktop\vc520707\BillLab-25.vc52 » UPX v13_m8 - a variant of Win32/Kryptik.AEMA trojan - was a part of the deleted object
C:\Users\Gateway\Desktop\vc520707\BillLab-26.vc52 - a variant of Win32/KillAV.NOB trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-27.vc52 - a variant of Win32/Virut.NCS virus - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-28.vc52 - a variant of MSIL/Kryptik.CT trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-29.vc52 - a variant of Win32/Kryptik.YVH trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-3.vc52 - Win32/PSW.OnLineGames.QNW trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-30.vc52 - Win32/Sirefef.DB trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-31.vc52 - Win32/VB.OSK trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-32.vc52 - probably a variant of Win32/UpToDown.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-33.vc52 - Win32/Sality.NBA virus - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-34.vc52 - Win32/Adware.RK.AG application - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-35.vc52 - Win32/Sality.NBA virus - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-36.vc52 - Win32/AutoRun.VB.AHY worm - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-37.vc52 - Win32/Virut.NBP virus - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-38.vc52 - probably a variant of Win32/VB.QGW trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-39.vc52 - a variant of Win32/InstallCore.Q potentially unwanted application - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-4.vc52 - Win32/Spy.Zbot.AAN trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-40.vc52 - a variant of MSIL/Packed.Confuser.A potentially unwanted application - action selection postponed until scan completion
C:\Users\Gateway\Desktop\vc520707\BillLab-41.vc52 - a variant of Win32/Kryptik.ADDT trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-42.vc52 - a variant of Win32/Injector.RRV trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-43.vc52 - Win32/Corkow.F trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-44.vc52 » NSIS » Script.nsi - Win32/PSW.Agent.NTJ trojan
C:\Users\Gateway\Desktop\vc520707\BillLab-45.vc52 - Win32/Spy.Zbot.AAN trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-46.vc52 - Win32/Spy.Chekafev.AA trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-47.vc52 - a variant of Win32/VB.NPP trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-48.vc52 - a variant of Win32/PSW.OnLineGames.QBE trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-49.vc52 - a variant of Win32/Kryptik.MBE trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-5.vc52 - Win32/PSW.VB.NIS trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-6.vc52 » UPX v12_m2 - a variant of Win32/Kryptik.YRO trojan - was a part of the deleted object
C:\Users\Gateway\Desktop\vc520707\BillLab-7.vc52 - a variant of Win32/Injector.KQV trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-8.vc52 - a variant of Win32/Kryptik.AEGA trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-9.vc52 - a variant of Win32/Kryptik.UFA trojan - cleaned by deleting - quarantined [1]
C:\Users\Gateway\Desktop\vc520707\BillLab-1.vc52 » NSIS » Script.nsi - Win32/Toggle potentially unwanted application - was a part of the deleted object
C:\Users\Gateway\Desktop\vc520707\BillLab-11.vc52 - probably a variant of Win32/UpToDown.B potentially unwanted application - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-16.vc52 - a variant of Win32/DTopTool potentially unwanted application - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-19.vc52 - probably a variant of Win32/UpToDown.B potentially unwanted application - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-24.vc52 » NSIS » Script.nsi - Win32/Toggle potentially unwanted application - was a part of the deleted object
C:\Users\Gateway\Desktop\vc520707\BillLab-27.vc52 - a variant of Win32/Virut.NCS virus - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-32.vc52 - probably a variant of Win32/UpToDown.B potentially unwanted application - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-37.vc52 - Win32/Virut.NBP virus - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-39.vc52 - a variant of Win32/InstallCore.Q potentially unwanted application - deleted - quarantined
C:\Users\Gateway\Desktop\vc520707\BillLab-40.vc52 - a variant of MSIL/Packed.Confuser.A potentially unwanted application - deleted - quarantined

Notes:
[1] Object has been deleted as it only contained the virus body.
回复

举报

仯釕↘①訜執著
发表于 2012-7-7 12:22:10 | 显示全部楼层
本帖最后由 仯釕↘①訜執著 于 2012-7-7 12:33 编辑

占位编辑Avira V9   
            

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

小淘气
头像被屏蔽
发表于 2012-7-7 12:27:25 | 显示全部楼层
留夏 发表于 2012-7-7 10:12
FortiClient Endpoint Security

冰岛的?
回复

举报

仯釕↘①訜執著
发表于 2012-7-7 12:34:10 | 显示全部楼层
接下来是Q管(不更新Avira引擎测试)

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

港岛妹妹
发表于 2012-7-7 12:34:53 | 显示全部楼层
小淘气 发表于 2012-7-7 12:27
冰岛的?

美國的企業安全
回复

举报

风~舒念
发表于 2012-7-7 13:05:22 | 显示全部楼层
billgates1996 发表于 2012-7-7 11:12
BS测了不贴成绩的

不贴就是不贴
回复

举报

下一页 »
12345678下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-9-25 14:43 , Processed in 0.107804 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表