精睿样本测试（15.9.2）

显示全部楼层 · 发表于 2015-9-2 11:55:03

驭龙发表于 2015-9-2 11:51
我懒，你是知道的，所以我就不下载包包了。

话说你还是taotao吗？我真的很好奇

我还是taotao。变不了。
it's me .小龙。

显示全部楼层 · 发表于 2015-9-2 12:17:16

gdata
44x
[mw_shl_code=css,true]Analysis performed in full: 9/2/2015 12:07:26 AM
50 files checked
44 infected files detected
0 suspicious files found

Object: 05.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: DeepScan:Generic.Malware.DYBd.0A6BA493 (Engine A)

Object: 09.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BKVB (Engine A)

Archive: 08.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Java.Agent.CU (Engine A)
Object: d/NODODODODODODODODODODODODODODODODODODODODODODe.class
In archive: D:\Virus\huge\2015.9.2\08.vir
Status: Virus detected
Virus: Trojan.Java.Agent.CU

Archive: 06.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Gen:Variant.Kazy.719048 (Engine A)
Object: Scancopy#0001.exe
In archive: D:\Virus\huge\2015.9.2\06.vir
Status: Virus detected
Virus: Gen:Variant.Kazy.719048

Archive: 11.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Java.Trojan.Agent.L8DKDM (Engine B)
Object: PI # 3594 DM.jar
In archive: D:\Virus\huge\2015.9.2\11.vir
Status: Virus detected
Virus: Java.Trojan.Agent.L8DKDM

Archive: 12.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Script.SWF.C09 (Engine A)
Object: (Flash)
In archive: D:\Virus\huge\2015.9.2\12.vir
Status: Virus detected
Virus: Script.SWF.C09

Archive: 10.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Java.Agent.CU (Engine A)
Object: Invoice.jar=>d/NODODODODODODODODODODODODODODODODODODODODODODe.class
In archive: D:\Virus\huge\2015.9.2\10.vir
Status: Virus detected
Virus: Trojan.Java.Agent.CU

Object: 13.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Injector.BQV (Engine A)

Object: 14.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: MemScan:Trojan.Inject.AUZ (Engine A)

Object: 15.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Script.Trojan.Agent.K5VZ92 (Engine B)

Archive: 17.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\17.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 16.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: JS:Trojan.HideLink.A (Engine A)
Object: (INFECTED_JS)
In archive: D:\Virus\huge\2015.9.2\16.vir
Status: Virus detected
Virus: JS:Trojan.HideLink.A

Archive: 18.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2692433 (Engine A)
Object: word/embeddings/oleObject1.bin=>êò êè à 01092015.exe
In archive: D:\Virus\huge\2015.9.2\18.vir
Status: Virus detected
Virus: Trojan.GenericKD.2692433

Archive: 19.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2692314 (Engine A)
Object: 01092015.exe
In archive: D:\Virus\huge\2015.9.2\19.vir
Status: Virus detected
Virus: Trojan.GenericKD.2692314

Archive: 21.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.MSIL.Dropper.DA (Engine A)
Object: HSBC_COPY-pdf.exe
In archive: D:\Virus\huge\2015.9.2\21.vir
Status: Virus detected
Virus: Trojan.MSIL.Dropper.DA

Archive: 23.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Java.Trojan.Agent.L8DKDM (Engine B)
Object: INVOICE # 3594 DM.jar
In archive: D:\Virus\huge\2015.9.2\23.vir
Status: Virus detected
Virus: Java.Trojan.Agent.L8DKDM

Archive: 24.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Exploit.CVE-2012-0158.Gen (2x) (Engine A)
Object: (objdata)=>(Embedded DocFile g)
In archive: D:\Virus\huge\2015.9.2\24.vir
Status: Virus detected
Virus: Exploit.CVE-2012-0158.Gen
Object: (objdata)=>(MSComctlLib.ListViewCtrl.2)
In archive: D:\Virus\huge\2015.9.2\24.vir
Status: Virus detected
Virus: Exploit.CVE-2012-0158.Gen

Archive: 25.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Exploit.CVE-2012-0158.Gen (2x) (Engine A)
Object: (objdata)=>(Embedded DocFile g)
In archive: D:\Virus\huge\2015.9.2\25.vir
Status: Virus detected
Virus: Exploit.CVE-2012-0158.Gen
Object: (objdata)=>(MSComctlLib.ListViewCtrl.2)
In archive: D:\Virus\huge\2015.9.2\25.vir
Status: Virus detected
Virus: Exploit.CVE-2012-0158.Gen

Archive: 26.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2692682 (Engine A)
Object: HB-PRJ141.scr
In archive: D:\Virus\huge\2015.9.2\26.vir
Status: Virus detected
Virus: Trojan.GenericKD.2692682

Object: 28.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Downloader.JSDC (Engine A)

Object: 29.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Gen:Variant.Graftor.11403 (Engine A)

Archive: 30.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2692263 (Engine A)
Object: PO894947FAC300.exe
In archive: D:\Virus\huge\2015.9.2\30.vir
Status: Virus detected
Virus: Trojan.GenericKD.2692263

Archive: 31.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\31.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 32.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\32.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Object: 33.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Application.Hacktool.KK (Engine A)

Object: 36.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2691110 (Engine A)

Archive: 34.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Gen:Variant.Strictor.77612 (Engine A)
Object: AdobeReader.exe
In archive: D:\Virus\huge\2015.9.2\34.vir
Status: Virus detected
Virus: Gen:Variant.Strictor.77612

Object: 35.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2691509 (Engine A)

Archive: 37.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\37.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 39.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2692695 (Engine A)
Object: Image01_09_2015.exe
In archive: D:\Virus\huge\2015.9.2\39.vir
Status: Virus detected
Virus: Trojan.GenericKD.2692695

Archive: 40.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\40.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 41.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\41.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 38.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2692274 (Engine A)
Object: 22011urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\38.vir
Status: Virus detected
Virus: Trojan.GenericKD.2692274

Object: 43.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Generic.14896799 (Engine A)

Object: 42.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Adware.Agent.PHZ (Engine A)

Archive: 44.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\44.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 45.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\45.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 48.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\48.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 50.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\50.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 01.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\01.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Archive: 02.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.Agent.BMFR (Engine A)
Object: 5225urgent_message.exe
In archive: D:\Virus\huge\2015.9.2\02.vir
Status: Virus detected
Virus: Trojan.Agent.BMFR

Object: 03.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Gen:Variant.Adware.Kazy.666250 (Engine A)

Object: 46.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Generic.Sdbot.724902AD (Engine A)

Object: 04.vir
Path: D:\Virus\huge\2015.9.2
Status: File moved to quarantine
Virus: Trojan.GenericKD.2689927 (Engine A)[/mw_shl_code]

显示全部楼层 · 发表于 2015-9-2 12:35:31

ELOHIM 发表于 2015-9-2 11:55
我还是taotao。变不了。
it's me .小龙。

希望是如假包换的，需要假一赔十哦，哈哈

显示全部楼层 · 发表于 2015-9-2 12:43:45

ELOHIM 发表于 2015-9-2 10:49
非常诡异。@sunnyjianna
WD可以检测到46号样本是恶意的，但是反复清理失败，也没有推荐处理项。
重启计 ...

我这里测试结果是检测出18只，46号样本同样无法处理（未重启）。隔离掉17只，删除1只。样本包剩余1-11（缺3，4，5），15-23(缺16），26-32（缺28，29），37-50（缺46，47）。

显示全部楼层 · 发表于 2015-9-2 12:48:08

sunnyjianna 发表于 2015-9-2 12:43
我这里测试结果是检测出18只，46号样本同样无法处理（未重启）。隔离掉17只，删除1只。样本包剩余1-11（ ...

@ELOHIM
你们的WD怎么了？不就是46号样本吗，我这里轻松解决，隔离过程才5秒，就完成了

显示全部楼层 · 发表于 2015-9-2 12:52:18

本帖最后由 sunnyjianna 于 2015-9-2 12:54 编辑

驭龙发表于 2015-9-2 12:48
@ELOHIM
你们的WD怎么了？不就是46号样本吗，我这里轻松解决，隔离过程才5秒，就完成了

我还是8.1系统呢，版本没你那么高
反恶意软件客户端版本: 4.5.218.0
引擎版本: 1.1.12002.0
防病毒定义: 1.205.1280.0
反间谍软件定义: 1.205.1280.0
网络检查系统引擎版本: 2.1.11804.0
网络检查系统定义版本: 115.3.0.0
不过@ELOHIM 他的版本和你一样，结果不一样也就不清楚了。
解压报毒隔离删除处理了一堆之后向MAPS发送了13号样本。

显示全部楼层 · 发表于 2015-9-2 12:53:24

sunnyjianna 发表于 2015-9-2 12:52
我还是8.1系统呢，版本没你那么高
反恶意软件客户端版本: 4.5.218.0
引擎版本: 1.1.12002.0

你的版本太老了吧，为什么不升级最新版本的WD？

显示全部楼层 · 发表于 2015-9-2 12:54:28

本帖最后由 sunnyjianna 于 2015-9-2 12:56 编辑

驭龙发表于 2015-9-2 12:53
你的版本太老了吧，为什么不升级最新版本的WD？

额，补丁一搜再搜，没了。。。。。
系统的话刚从10回来，正版系统不要了，实在受不了正版系统不能自己DIY，什么都给你弄好了还送了一堆不明不白的软件。而且win10下成都网银驱动好像和什么冲突，开机占用哗哗哗的

显示全部楼层 · 发表于 2015-9-2 12:57:05

sunnyjianna 发表于 2015-9-2 12:54
额，补丁一搜再搜，没了。。。。。
系统的话刚从10回来，正版系统不要了，实在受不了正版系统不能自己 ...

离线包安装，不就可以了
https://support.microsoft.com/zh-cn/kb/3038936

显示全部楼层 · 发表于 2015-9-2 12:59:13

itismelsy 发表于 2015-9-2 09:57
卡巴KIS2015 检测到47X

不错了吧

[病毒样本] 精睿样本测试（15.9.2）

本帖子中包含更多资源

浏览过的版块