精睿样本测试（15.9.18）

显示全部楼层 · 发表于 2015-9-18 12:41:11

挥泪斩情思发表于 2015-9-18 12:37
Dr.Web V11版

11版都来了？？？？？？？中文的？

显示全部楼层 · 发表于 2015-9-18 12:47:26

蓝天二号发表于 2015-9-18 12:41
11版都来了？？？？？？？中文的？

beta版，只有在安装的时候是中文的，其他都是英文

显示全部楼层 · 发表于 2015-9-18 12:48:46

挥泪斩情思发表于 2015-9-18 12:47
beta版，只有在安装的时候是中文的，其他都是英文

好吧，期待中文11版，俄语不懂啊。。。。

显示全部楼层 · 发表于 2015-9-18 13:08:35

eam 杀37 余13

显示全部楼层 · 发表于 2015-9-18 16:20:22

本帖最后由狐狸糊涂于 2015-9-18 16:38 编辑

BD杀37(其中修复2),余13

显示全部楼层 · 发表于 2015-9-18 16:47:33

[mw_shl_code=css,true]【扫描信息】

开始时间:2015-9-18 16:46:43
扫描用时:00:00:13
扫描类型:指定位置杀毒
扫描引擎:管家云查杀引擎管家反病毒引擎 Avira本地查杀引擎管家系统修复引擎
扫描状态:扫描完成

【扫描结果】

扫描文件数:50
发现风险数:24
已处理风险数:24

---------------------
2015-9-18 16:47:02 MD5:4f5ff9ec9dcc5db239789fc6068b36f7 E:\下载\样本\2015.9.18\23.vir [Win32.Trojan-spy.Zbot.Pfjz]  [删除成功]
2015-9-18 16:47:02 MD5:c9d3267a721ee26af5c6266b14e423e9 E:\下载\样本\2015.9.18\08.vir [Win32.Trojan.Kazy.Tbsd]  [删除成功]
2015-9-18 16:47:03 MD5:3c2e2b9f835deda674b0a8e9accc6a7e E:\下载\样本\2015.9.18\03.vir --> abcdefghijklmnopqrstuvwxyzzp.class [JAVA/Adwind.1691]  [删除成功]
2015-9-18 16:47:03 MD5:3c2e2b9f835deda674b0a8e9accc6a7e E:\下载\样本\2015.9.18\03.vir --> d/abcdefghijklmnopqrstuvwxyzzp.class [JAVA/Adwind.2294]  [删除成功]
2015-9-18 16:47:03 MD5:0feb5a516b8cc55d6b8ec8aacea43ed4 E:\下载\样本\2015.9.18\46.vir [Win32.Trojan.Generic.Kzz]  [删除成功]
2015-9-18 16:47:03 MD5:a8eca89756fbba93263778b941057e49 E:\下载\样本\2015.9.18\19.vir [Win32.Trojan.Generic.Lpvg]  [删除成功]
2015-9-18 16:47:03 MD5:d01b9817ec35a24caf61855596c2dad7 E:\下载\样本\2015.9.18\07.vir [Win32.Trojan.Generic.Wmsh]  [删除成功]
2015-9-18 16:47:03 MD5:9d7dd78aa4f9c5d03ffb9eaff8071dc1 E:\下载\样本\2015.9.18\47.vir [HEUR/Infected.WebPage.Gen]  [删除成功]
2015-9-18 16:47:03 MD5:da398247744879ffb32c159150057491 E:\下载\样本\2015.9.18\41.vir [Win32.Trojan.Graftor.Wrgj]  [删除成功]
2015-9-18 16:47:04 MD5:bebf9f2c1ff2108cbf22af437c65ea26 E:\下载\样本\2015.9.18\02.vir [Win32.Backdoor.Netwire.Kiuy]  [删除成功]
2015-9-18 16:47:04 MD5:c84b573f8c46d9da1004e50a265d17c3 E:\下载\样本\2015.9.18\37.vir [TR/Crypt.XPACK.Gen]  [删除成功]
2015-9-18 16:47:04 MD5:5bfcb32f9dc429415609a7805688a6c1 E:\下载\样本\2015.9.18\39.vir [Win32.Trojan.Generic.Tapo]  [删除成功]
2015-9-18 16:47:04 MD5:a1a9677cdd23c21f2c0e52a4f833c7ec E:\下载\样本\2015.9.18\17.vir [Win32.Trojan.Generic.Llqv]  [删除成功]
2015-9-18 16:47:04 MD5:8a82c8707c1c88885d30fd71048f9212 E:\下载\样本\2015.9.18\40.vir [Trojan.Win32.Downloader.aau]  [删除成功]
2015-9-18 16:47:04 MD5:074f6288c240b9f3a27cb0dca612c0f2 E:\下载\样本\2015.9.18\44.vir [Win32.Trojan.Inject.Auto]  [删除成功]
2015-9-18 16:47:04 MD5:2b230c381b243e657508dad01f084108 E:\下载\样本\2015.9.18\29.vir [Win32.Trojan.Kazy.Hqvj]  [删除成功]
2015-9-18 16:47:05 MD5:91d673f0f04739c31793a7449df2daa5 E:\下载\样本\2015.9.18\14.vir [Win32.Trojan.Graftor.Htvq]  [删除成功]
2015-9-18 16:47:05 MD5:3c2e2b9f835deda674b0a8e9accc6a7e E:\下载\样本\2015.9.18\03.vir --> b/abcdefghijklmnopqrstuvwxyzzg.class [JAVA/Adwind.1337]  [删除成功]
2015-9-18 16:47:05 MD5:166244c2351bf9c164a887f48b53882a E:\下载\样本\2015.9.18\45.vir [Win32.Trojan.Bp-ransomware.Ejqz]  [删除成功]
2015-9-18 16:47:05 MD5:21877e38b3d08ffc3265b426c5a02214 E:\下载\样本\2015.9.18\26.vir [Win32.Trojan.Generic.Hpid]  [删除成功]
2015-9-18 16:47:05 MD5:5a0f3badda727e40b5a003c1591f8394 E:\下载\样本\2015.9.18\09.vir [Win32.Trojan.Generic.Suod]  [删除成功]
2015-9-18 16:47:05 MD5:3c2e2b9f835deda674b0a8e9accc6a7e E:\下载\样本\2015.9.18\03.vir --> Main.class [JAVA/Adwind.1573]  [删除成功]
2015-9-18 16:47:05 MD5:3c2e2b9f835deda674b0a8e9accc6a7e E:\下载\样本\2015.9.18\03.vir --> d/abcdefghijklmnopqrstuvwxyzzg.class [JAVA/Adwind.1330]  [删除成功]
2015-9-18 16:47:06 MD5:8f42f80c4b71d65b4dff8cba5f9bf536 E:\下载\样本\2015.9.18\50.vir [Win32.Trojan.Generic.Ecuc]  [删除成功]
---------------------
[/mw_shl_code]

显示全部楼层 · 发表于 2015-9-18 16:53:36

本帖最后由 aboringman 于 2015-9-18 19:59 编辑

Norton 扫描：kill 15 files，fix 9 files

下载智能分析：kill 36、07、02、19、21、24、08、39、35、45、33、14、37；

改rar后缀（解压后扫描/双击）：15、06、16、27是压缩包格式；其中15（扫描）、16（扫描）、06（扫描，未测双击）解压不杀，27解压出的程序云信誉级别为可信，右键入沙未见异常；

另：18、20、12、47、32、05、13、22、11不是程序/压缩包格式。

27解压出的程序信息：
[mw_shl_code=css,true]Filename: jd-gui.exe
Full Path: c:\documents and settings\administrator\桌面\2015.9.18\jd-gui.exe

____________________________

____________________________

Developers
Not Available

Version
Not Available

Identified
2015-9-18 at 17:12:32

Last Used
Not Available

Startup Item
No

____________________________

Many Users
Tens of thousands of users in the Norton Community have used this file.

Mature
This file was released 1 year 10 months ago.

Trusted
Norton has given this file a trusted rating.

____________________________

____________________________

File Thumbprint - SHA:
999f9033f1e34fadfdb40ff155f63fe5ddd515ca8e80f6b88f87bd7d52e7e0ef
File Thumbprint - MD5:
Not available
[/mw_shl_code]

Avira kill 30 files

[mw_shl_code=css,true]Starting the file scan:

Begin scan in 'F:\样本库\精睿样本包\2015.9.18'
F:\样本库\精睿样本包\2015.9.18\02.vir
  [DETECTION] Is the TR/Spy.Gen Trojan
F:\样本库\精睿样本包\2015.9.18\03.vir
[0] Archive type: ZIP
--> b/abcdefghijklmnopqrstuvwxyzzg.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1337 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/abcdefghijklmnopqrstuvwxyzzg.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1330 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/abcdefghijklmnopqrstuvwxyzzp.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.2294 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Main.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1573 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> abcdefghijklmnopqrstuvwxyzzp.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1691 Java virus
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\07.vir
  [DETECTION] Is the TR/Dldr.Waski.462670 Trojan
F:\样本库\精睿样本包\2015.9.18\08.vir
  [DETECTION] Is the TR/Kazy.282624.21 Trojan
F:\样本库\精睿样本包\2015.9.18\09.vir
  [DETECTION] Is the TR/Downloader.A.25622 Trojan
F:\样本库\精睿样本包\2015.9.18\10.vir
[0] Archive type: ZIP
--> receipt.scr
      [DETECTION] Is the TR/Rogue.aioira.15 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\14.vir
  [DETECTION] Is the TR/Graftor.53248.71 Trojan
F:\样本库\精睿样本包\2015.9.18\17.vir
  [DETECTION] Is the TR/Malex.E.2338 Trojan
F:\样本库\精睿样本包\2015.9.18\19.vir
  [DETECTION] Is the TR/Dropper.MSIL.198219 Trojan
F:\样本库\精睿样本包\2015.9.18\21.vir
  [DETECTION] Is the TR/Dropper.VB.35595 Trojan
F:\样本库\精睿样本包\2015.9.18\23.vir
  [DETECTION] Is the TR/Spy.A.5678 Trojan
F:\样本库\精睿样本包\2015.9.18\24.vir
  [DETECTION] Is the TR/Symmi.353280.11 Trojan
F:\样本库\精睿样本包\2015.9.18\25.vir
[0] Archive type: ZIP
--> Continue this information  Keon Valley.exe
      [DETECTION] Is the TR/Upatre.90590 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\26.vir
  [DETECTION] Is the TR/Agent.314880.35 Trojan
F:\样本库\精睿样本包\2015.9.18\30.vir
[0] Archive type: ZIP
--> Purchase Order.exe
      [DETECTION] Is the TR/Dropper.VB.36140 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\31.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2010-0188 exploit
F:\样本库\精睿样本包\2015.9.18\33.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen4 Trojan
F:\样本库\精睿样本包\2015.9.18\37.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
F:\样本库\精睿样本包\2015.9.18\39.vir
  [DETECTION] Is the TR/Downloader.A.25139 Trojan
F:\样本库\精睿样本包\2015.9.18\40.vir
  [DETECTION] Contains recognition pattern of the WORM/Autorun.AK worm
F:\样本库\精睿样本包\2015.9.18\41.vir
  [DETECTION] Is the TR/Dropper.VB.36142 Trojan
F:\样本库\精睿样本包\2015.9.18\42.vir
[0] Archive type: ZIP
--> Overdue Invoice for August payment 2015.exe
      [DETECTION] Is the TR/Crypt.Xpack.278974 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\43.vir
[0] Archive type: ZIP
--> MV_HOPE_01pdf.exe
      [DETECTION] Is the TR/Crypt.Xpack.278923 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\44.vir
  [DETECTION] Is the TR/Crypt.Xpack.89540 Trojan
F:\样本库\精睿样本包\2015.9.18\45.vir
  [DETECTION] Is the TR/Crypt.ZPACK.32135 Trojan
F:\样本库\精睿样本包\2015.9.18\46.vir
  [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
F:\样本库\精睿样本包\2015.9.18\47.vir
  [DETECTION] Contains suspicious code HEUR/Infected.WebPage.Gen
F:\样本库\精睿样本包\2015.9.18\48.vir
[0] Archive type: ZIP
--> Pay for tax check  Jettie Mews.exe
      [DETECTION] Is the TR/Upatre.90586 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\49.vir
[0] Archive type: ZIP
--> New PO.exe
      [DETECTION] Is the TR/Dropper.VB.36159 Trojan
      [WARNING] Infected files in archives cannot be repaired
F:\样本库\精睿样本包\2015.9.18\50.vir
  [DETECTION] Is the TR/Dropper.VB.36145 Trojan

Beginning disinfection:
F:\样本库\精睿样本包\2015.9.18\50.vir
  [DETECTION] Is the TR/Dropper.VB.36145 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '527d7c41.qua'!
F:\样本库\精睿样本包\2015.9.18\49.vir
  [DETECTION] Is the TR/Dropper.VB.36159 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '4aea53ff.qua'!
F:\样本库\精睿样本包\2015.9.18\48.vir
  [DETECTION] Is the TR/Upatre.90586 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '18b50916.qua'!
F:\样本库\精睿样本包\2015.9.18\47.vir
  [DETECTION] Contains suspicious code HEUR/Infected.WebPage.Gen
  [NOTE]    The file was moved to the quarantine directory under the name '7e8246d7.qua'!
F:\样本库\精睿样本包\2015.9.18\46.vir
  [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3b066be8.qua'!
F:\样本库\精睿样本包\2015.9.18\45.vir
  [DETECTION] Is the TR/Crypt.ZPACK.32135 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '441d5989.qua'!
F:\样本库\精睿样本包\2015.9.18\44.vir
  [DETECTION] Is the TR/Crypt.Xpack.89540 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '08a575c4.qua'!
F:\样本库\精睿样本包\2015.9.18\43.vir
  [DETECTION] Is the TR/Crypt.Xpack.278923 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '74bd3595.qua'!
F:\样本库\精睿样本包\2015.9.18\42.vir
  [DETECTION] Is the TR/Crypt.Xpack.278974 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '59e71ad8.qua'!
F:\样本库\精睿样本包\2015.9.18\41.vir
  [DETECTION] Is the TR/Dropper.VB.36142 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '408f2141.qua'!
F:\样本库\精睿样本包\2015.9.18\40.vir
  [DETECTION] Contains recognition pattern of the WORM/Autorun.AK worm
  [NOTE]    The file was moved to the quarantine directory under the name '2cd30d70.qua'!
F:\样本库\精睿样本包\2015.9.18\39.vir
  [DETECTION] Is the TR/Downloader.A.25139 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '5d6a34ec.qua'!
F:\样本库\精睿样本包\2015.9.18\37.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '53700425.qua'!
F:\样本库\精睿样本包\2015.9.18\33.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen4 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '16597d64.qua'!
F:\样本库\精睿样本包\2015.9.18\31.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2010-0188 exploit
  [NOTE]    The file was moved to the quarantine directory under the name '1f5279c9.qua'!
F:\样本库\精睿样本包\2015.9.18\30.vir
  [DETECTION] Is the TR/Dropper.VB.36140 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '471360a3.qua'!
F:\样本库\精睿样本包\2015.9.18\26.vir
  [DETECTION] Is the TR/Agent.314880.35 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '6be71969.qua'!
F:\样本库\精睿样本包\2015.9.18\25.vir
  [DETECTION] Is the TR/Upatre.90590 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '551979b3.qua'!
F:\样本库\精睿样本包\2015.9.18\24.vir
  [DETECTION] Is the TR/Symmi.353280.11 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '361752c1.qua'!
F:\样本库\精睿样本包\2015.9.18\23.vir
  [DETECTION] Is the TR/Spy.A.5678 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '10df12df.qua'!
F:\样本库\精睿样本包\2015.9.18\21.vir
  [DETECTION] Is the TR/Dropper.VB.35595 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '224b697b.qua'!
F:\样本库\精睿样本包\2015.9.18\19.vir
  [DETECTION] Is the TR/Dropper.MSIL.198219 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '280e420d.qua'!
F:\样本库\精睿样本包\2015.9.18\17.vir
  [DETECTION] Is the TR/Malex.E.2338 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '175d264e.qua'!
F:\样本库\精睿样本包\2015.9.18\14.vir
  [DETECTION] Is the TR/Graftor.53248.71 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '69712a64.qua'!
F:\样本库\精睿样本包\2015.9.18\10.vir
  [DETECTION] Is the TR/Rogue.aioira.15 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3c092eac.qua'!
F:\样本库\精睿样本包\2015.9.18\09.vir
  [DETECTION] Is the TR/Downloader.A.25622 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '319f5f8d.qua'!
F:\样本库\精睿样本包\2015.9.18\08.vir
  [DETECTION] Is the TR/Kazy.282624.21 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '2dc24b85.qua'!
F:\样本库\精睿样本包\2015.9.18\07.vir
  [DETECTION] Is the TR/Dldr.Waski.462670 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '1c11064b.qua'!
F:\样本库\精睿样本包\2015.9.18\03.vir
  [DETECTION] Contains recognition pattern of the JAVA/Adwind.1691 Java virus
  [NOTE]    The file was moved to the quarantine directory under the name '70471279.qua'!
F:\样本库\精睿样本包\2015.9.18\02.vir
  [DETECTION] Is the TR/Spy.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '39dd3771.qua'!

End of the scan: 2015年9月18日  17:25
Used time: 00:08 Minute(s)

The scan has been done completely.

   1 Scanned directories
156 Files were scanned
   34 Viruses and/or unwanted programs were found
   0 Files were classified as suspicious
   0 Files were deleted
   0 Viruses and unwanted programs were repaired
   30 Files were moved to quarantine
   0 Files were renamed
   0 Files cannot be scanned
122 Files not concerned
   21 Archives were scanned
   12 Warnings
   30 Notes
[/mw_shl_code]

显示全部楼层 · 发表于 2015-9-18 17:25:33

Virus Fighter: 27个。
SCEP: 30个。修复未统计。

显示全部楼层 · 发表于 2015-9-18 19:25:32

趋势繁体10
共23个，其中修复6个

显示全部楼层 · 发表于 2015-9-18 19:34:08

挥泪斩情思发表于 2015-9-18 12:37
Dr.Web V11版

赞一下DPH

[病毒样本] 精睿样本测试（15.9.18）

本帖子中包含更多资源

浏览过的版块