收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试{15.9.19)
1234下一页
返回列表 发新帖
查看: 212934|回复: 38
收起左侧

[病毒样本] 精睿样本测试{15.9.19)

[复制链接]
蓝天二号
发表于 2015-9-19 09:21:15 | 显示全部楼层 |阅读模式
http://kuai.xunlei.com/d/zuh.AT6GFjL8VQQAd7c

http://pan.baidu.com/s/1jGrkzI2 提取密码  k4uk


密码:bbs.vc52.cn
数量:50
回复

举报

MXCERILYF!
发表于 2015-9-19 09:21:33 | 显示全部楼层
本帖最后由 MXCERILYF! 于 2015-9-19 09:50 编辑

金山毒霸10-检出24

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

aboringman
发表于 2015-9-19 09:22:30 | 显示全部楼层
本帖最后由 aboringman 于 2015-9-19 16:30 编辑

NS 扫描:kill 20 files and fix 6 files

下载智能分析(Download Intelligence):kill 07、09、49、29、38、14、11、35、16、30、06、12、23、50;

改rar后缀(解压后扫描/双击):01是压缩包,解压不杀(扫描)。。

另:32、44、48、37、46、25、15、17不是程序/压缩包格式。

Avira kill 13 files,and the remaining files I have sent to Avira     @诸葛亮
[mw_shl_code=css,true]Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\19.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\09.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\49.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\49.vir
    [0] Archive type: NSIS
    --> ProgramFilesDir/beecfefcif.exe
        [DETECTION] Contains patterns of software PUA/Outbrowse.Gen
        [WARNING]   Infected files in archives cannot be repaired
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\29.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\29.vir
  [DETECTION] Is the TR/Downloader.Gen7 Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\48.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\37.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\05.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\05.vir
  [DETECTION] Is the TR/Patched.Ren.Gen Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\28.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\01.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\38.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\38.vir
  [DETECTION] Is the TR/Dropper.MSIL.196944 Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\26.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\14.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\11.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\46.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\46.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.171125 HTML script virus
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\03.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\10.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\04.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\22.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\35.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\16.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\45.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\30.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\47.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\47.vir
  [DETECTION] Contains code of the X2000M/Dldr.Agent.70656 Excel macro virus
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\25.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\06.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\27.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\18.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\15.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\02.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\42.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\17.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\12.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\24.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\39.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\23.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\23.vir
  [DETECTION] Is the TR/Dldr.Waski.211456 Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\50.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\40.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\40.vir
  [DETECTION] Is the TR/Dldr.Agent.bkch Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\20.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\20.vir
  [DETECTION] Is the TR/Drop.Necurs.E Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\41.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\41.vir
    [0] Archive type: ZIP
    --> Forderung Rechnungsstelle Pay Online24 AG.zip
        [1] Archive type: ZIP
      --> Ausgleich Rechnungsstelle Pay Online24 AG.com
          [DETECTION] Is the TR/AD.Matsnu.Y.27 Trojan
          [WARNING]   Infected files in archives cannot be repaired
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\34.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\44.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\21.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\07.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\32.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\13.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\31.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\08.vir'
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\33.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\33.vir
  [DETECTION] Is the TR/Swrort.A.8191 Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\43.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\43.vir
  [DETECTION] Is the TR/Crowti.A.8 Trojan
Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.19\36.vir'
C:\Documents and Settings\Administrator\桌面\2015.9.19\36.vir
  [DETECTION] Is the TR/Dropper.VB.34897 Trojan

Beginning disinfection:
[ERROR] RepairMalware: Not able to Repair Malware PUA/Outbrowse.Gen
C:\Documents and Settings\Administrator\桌面\2015.9.19\36.vir
  [DETECTION] Is the TR/Dropper.VB.34897 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '528618b3.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\43.vir
  [DETECTION] Is the TR/Crowti.A.8 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '4a113712.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\33.vir
  [DETECTION] Is the TR/Swrort.A.8191 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '184e6dfa.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\41.vir
  [DETECTION] Is the TR/AD.Matsnu.Y.27 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '7e79223a.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\20.vir
  [DETECTION] Is the TR/Drop.Necurs.E Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '3bfd0f04.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\40.vir
  [DETECTION] Is the TR/Dldr.Agent.bkch Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '44e63d65.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\23.vir
  [DETECTION] Is the TR/Dldr.Waski.211456 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '085e112c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\47.vir
  [DETECTION] Contains code of the X2000M/Dldr.Agent.70656 Excel macro virus
  [NOTE]      The file was moved to the quarantine directory under the name '74465178.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\46.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.171125 HTML script virus
  [NOTE]      The file was moved to the quarantine directory under the name '591c7e34.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\38.vir
  [DETECTION] Is the TR/Dropper.MSIL.196944 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '40744590.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\05.vir
  [DETECTION] Is the TR/Patched.Ren.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2c28699e.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\29.vir
  [DETECTION] Is the TR/Downloader.Gen7 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '5d915037.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.19\49.vir
  [DETECTION] Contains patterns of software PUA/Outbrowse.Gen
  [NOTE]      The file was moved to the quarantine directory under the name '538b60f1.qua'!


End of the scan: 2015年9月19日  09:36
Used time: 00:04 Minute(s)

The scan has been done completely.

      0 Scanned directories
    169 Files were scanned
     13 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
     13 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
    156 Files not concerned
     19 Archives were scanned
      2 Warnings
     13 Notes
[/mw_shl_code]
回复

举报

蓝天二号
 楼主| 发表于 2015-9-19 09:25:42 | 显示全部楼层
蜘蛛 KILL  31X



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ericdj
发表于 2015-9-19 09:27:16 | 显示全部楼层
本帖最后由 ericdj 于 2015-9-19 09:33 编辑

BD蹲坑

========================================
BD 剩余17个,其中修复1个



[mw_shl_code=css,true]C:\Users\eric_dj\Desktop\virus\2015.9.19\23.vir                Trojan.GenericKD.2731508
C:\Users\eric_dj\Desktop\virus\2015.9.19\05.vir                Trojan.GenericKD.2733331
C:\Users\eric_dj\Desktop\virus\2015.9.19\45.vir=>Fax-46787543675.doc.vbs                Trojan.Downloader.JSEL
C:\Users\eric_dj\Desktop\virus\2015.9.19\29.vir                Trojan.Generic.15031478
C:\Users\eric_dj\Desktop\virus\2015.9.19\47.vir                W97m.Downloader.UK
C:\Users\eric_dj\Desktop\virus\2015.9.19\10.vir=>(heurC)                Zum.Zmutz.1
C:\Users\eric_dj\Desktop\virus\2015.9.19\31.vir                Trojan.GenericKD.2734461
C:\Users\eric_dj\Desktop\virus\2015.9.19\13.vir                Trojan.GenericKD.2733441
C:\Users\eric_dj\Desktop\virus\2015.9.19\36.vir                Trojan.GenericKD.2729619
C:\Users\eric_dj\Desktop\virus\2015.9.19\39.vir=>word/vbaProject.bin                W97M.Downloader.AAD
C:\Users\eric_dj\Desktop\virus\2015.9.19\09.vir                Gen:Variant.Kazy.285691
C:\Users\eric_dj\Desktop\virus\2015.9.19\07.vir                Gen:Variant.Kazy.332415
C:\Users\eric_dj\Desktop\virus\2015.9.19\43.vir                Gen:Variant.Symmi.41215
C:\Users\eric_dj\Desktop\virus\2015.9.19\41.vir=>Forderung Rechnungsstelle Pay Online24 AG.zip=>Ausgleich Rechnungsstelle Pay Online24 AG.com        2930f9ab-8350-4a8d-86ac-5f4b7f24e604        Trojan.Zmutzy.36
C:\Users\eric_dj\Desktop\virus\2015.9.19\04.vir                Dropped:Trojan.Generic.15012973
C:\Users\eric_dj\Desktop\virus\2015.9.19\40.vir                Trojan.Generic.2568093
C:\Users\eric_dj\Desktop\virus\2015.9.19\12.vir                Trojan.GenericKD.2733238
C:\Users\eric_dj\Desktop\virus\2015.9.19\41.vir=>Forderung Rechnungsstelle Pay Online24 AG.zip=>(heurC)                Zum.Zmutz.1
C:\Users\eric_dj\Desktop\virus\2015.9.19\35.vir                Trojan.GenericKD.2734187
C:\Users\eric_dj\Desktop\virus\2015.9.19\38.vir                Trojan.GenericKD.2711647
C:\Users\eric_dj\Desktop\virus\2015.9.19\32.vir=>(INFECTED_JS)                JS:Trojan.JS.Downloader.AP
C:\Users\eric_dj\Desktop\virus\2015.9.19\33.vir                Gen:Trojan.Heur.GM.09C4000000
C:\Users\eric_dj\Desktop\virus\2015.9.19\28.vir                Trojan.GenericKD.2734479
C:\Users\eric_dj\Desktop\virus\2015.9.19\26.vir                Gen:Variant.Application.Strictor.52108
C:\Users\eric_dj\Desktop\virus\2015.9.19\22.vir=>PaymentAdvice.scr                Trojan.GenericKD.2733820
C:\Users\eric_dj\Desktop\virus\2015.9.19\03.vir                Gen:Trojan.Heur.xuW@!JnKezk
C:\Users\eric_dj\Desktop\virus\2015.9.19\10.vir=>Purchase Order.exe        cdfa625d-4169-4e96-85aa-5d112512f207        Trojan.Zmutzy.32
C:\Users\eric_dj\Desktop\virus\2015.9.19\21.vir                Trojan.GenericKD.2731914
C:\Users\eric_dj\Desktop\virus\2015.9.19\19.vir                Trojan.GenericKD.2734799
C:\Users\eric_dj\Desktop\virus\2015.9.19\18.vir=>Take online paying system fund .exe                Trojan.Downloader.JSER
C:\Users\eric_dj\Desktop\virus\2015.9.19\20.vir                Gen:Variant.Kazy.337196
C:\Users\eric_dj\Desktop\virus\2015.9.19\15.vir=>(SCRENC)                Trojan.VBS.Downloader.GN
C:\Users\eric_dj\Desktop\virus\2015.9.19\16.vir                Gen:Variant.Kazy.730695
C:\Users\eric_dj\Desktop\virus\2015.9.19\11.vir                Trojan.Agent.BJNY
C:\Users\eric_dj\Desktop\virus\2015.9.19\08.vir=>(INFECTED_JS)                JS:Trojan.JS.Downloader.AP
C:\Users\eric_dj\Desktop\virus\2015.9.19\06.vir                Gen:Variant.Kazy.701835
[/mw_shl_code]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

MXCERILYF!
发表于 2015-9-19 09:28:06 | 显示全部楼层
本帖最后由 MXCERILYF! 于 2015-9-19 10:06 编辑

360TS(只开启自主引擎)
文件后缀为vir时:杀28个

文件后缀为exe时:补杀4个

文件后缀为zip时:补杀3个

无后缀:补杀2个

共查杀37个,(排除1个修复的)剩余13个

Kaspersky补杀3个

Bitdefender补杀1个

最终剩余9个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
275751198 + 1 360坑爹的扫描机制真是难为你了

查看全部评分

回复

举报

毛豆新人
发表于 2015-9-19 09:46:40 | 显示全部楼层
本帖最后由 毛豆新人 于 2015-9-19 09:50 编辑

CIS kill 12x
回复

举报

白露为霜
发表于 2015-9-19 09:50:36 | 显示全部楼层
本帖最后由 root1605 于 2015-9-19 17:40 编辑

放弃测试。
回复

举报

诸葛亮
发表于 2015-9-19 10:23:48 | 显示全部楼层
aboringman 发表于 2015-9-19 09:22
NS 扫描:kill 20 files and fix 6 files

下载智能分析(Download Intelligence):kill 07、09、 ...

我擦,今天红伞这么菜
回复

举报

aboringman
发表于 2015-9-19 10:28:41 | 显示全部楼层
诸葛亮 发表于 2015-9-19 10:23
我擦,今天红伞这么菜

估计是白文件太多。。。我已经上报给红伞了。。。。。。
回复

举报

下一页 »
1234下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-21 15:44 , Processed in 0.135458 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表