精睿样本测试（16.5.9）

显示全部楼层 · 发表于 2016-5-9 12:32:43

BD:44X

显示全部楼层 · 发表于 2016-5-9 12:39:30

简单彡发表于 2016-5-9 11:49
瑞星

我测试是21，把那个只扫描流行病毒关了

显示全部楼层 · 发表于 2016-5-9 12:45:31

腾讯国际版开bd引擎35

显示全部楼层 · 发表于 2016-5-9 12:51:15

gdata46个

显示全部楼层 · 发表于 2016-5-9 12:52:56

熊猫free10个

显示全部楼层 · 发表于 2016-5-9 13:04:44

Avira Leftover 13

[mw_shl_code=css,true]Start of the scan: Monday, 9 May, 2016  12:57

Starting the file scan:

Begin scan in 'C:\Users\User\Downloads\Compressed\2016.5.9'
C:\Users\User\Downloads\Compressed\2016.5.9\02.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\03.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\04.vir
[0] Archive type: ZIP
--> a.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.5352 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> ah.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.6684 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> c0.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.2993 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> c_.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.11077 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> dp.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.6024 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> e.class
      [DETECTION] Contains recognition pattern of the JAVA/Jacksbot.10303 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> eq.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.9686 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> f.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.9469 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.8006 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> o.class
      [DETECTION] Contains recognition pattern of the EXP/CVE20113544.6266 exploit
      [WARNING] Infected files in archives cannot be repaired
--> ed.class
      [DETECTION] Contains recognition pattern of the JAVA/Jacksbot.62360 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\05.vir
  [DETECTION] Is the TR/Dropper.VB.vdle Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\06.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\07.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains suspicious code HEUR/Macro.Downloader
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\10.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\11.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\15.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\16.vir
  [DETECTION] Is the TR/Agent.derr Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\17.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\18.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\20.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\21.vir
  [DETECTION] Contains recognition pattern of the DR/Delphi.cwzq dropper
C:\Users\User\Downloads\Compressed\2016.5.9\22.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\23.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\26.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\27.vir
[0] Archive type: ZIP SFX (self extracting)
--> WindowsApplication11.exe
      [DETECTION] Is the TR/Injector.dyfs Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\28.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\29.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\30.vir
  [DETECTION] Is the TR/Dropper.MSIL.smuf Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\32.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\33.vir
[0] Archive type: ZIP SFX (self extracting)
--> WindowsApplication11.exe
      [DETECTION] Is the TR/Injector.dyfs Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\34.vir
  [DETECTION] Contains code of the W32/Ramnit.A Windows virus
C:\Users\User\Downloads\Compressed\2016.5.9\35.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\37.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\38.vir
  [DETECTION] Is the TR/Crypt.Xpack.azzh Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\39.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.aagg macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\41.vir
[0] Archive type: MIME
--> provisional_budget.js
      [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Downloads\Compressed\2016.5.9\44.vir
  [DETECTION] Is the TR/Agent.plqq Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\47.vir
  [DETECTION] Is the TR/VB.Downloader.coms Trojan
C:\Users\User\Downloads\Compressed\2016.5.9\49.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.73050 macro virus
C:\Users\User\Downloads\Compressed\2016.5.9\50.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.556958 macro virus
      [WARNING] Infected files in archives cannot be repaired

Begin scan in 'C:\Users\User\Downloads\Compressed\2016.5.9\09.vir'
C:\Users\User\Downloads\Compressed\2016.5.9\09.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.98765 Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '513e86a5.qua'!
Begin scan in 'C:\Users\User\Downloads\Compressed\2016.5.9\31.vir'
C:\Users\User\Downloads\Compressed\2016.5.9\31.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
  [NOTE]    The file was moved to the quarantine directory under the name '49a9a90a.qua'!
Begin scan in 'C:\Users\User\Downloads\Compressed\2016.5.9\46.vir'
C:\Users\User\Downloads\Compressed\2016.5.9\46.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.EL Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '1bf6f3e7.qua'!
Begin scan in 'C:\Users\User\Downloads\Compressed\2016.5.9\48.vir'
C:\Users\User\Downloads\Compressed\2016.5.9\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.EL Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '511388f5.qua'![/mw_shl_code]

显示全部楼层 · 发表于 2016-5-9 21:52:18

数字卫士开伞不改后缀14
EAV10 删除43清除1

显示全部楼层 · 发表于 2016-5-10 10:37:11

Emsisoft Anti-Malware - Version 11.7.0.6394
Last update: 2016/5/10 10:25:56
Initiated by: DESKTOP-IGCD2C3\woshi

Scan settings:

Scan type:
Objects: C:\Users\woshi\Downloads\2016.5.9

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 2016/5/10 10:35:25
C:\Users\woshi\Downloads\2016.5.9\05.vir    Trojan.GenericKD.3212584 (B)
C:\Users\woshi\Downloads\2016.5.9\01.vir -> document_OpUYFi226.js    Trojan.JS.RKC (B)
C:\Users\woshi\Downloads\2016.5.9\03.vir    Trojan.Generic.16739409 (B)
C:\Users\woshi\Downloads\2016.5.9\09.vir -> (INFECTED_JS)    JS:Trojan.Crypt.PB (B)
C:\Users\woshi\Downloads\2016.5.9\02.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\12.vir    Application.Generic.1541685 (B)
C:\Users\woshi\Downloads\2016.5.9\11.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\14.vir    Trojan.JS.RKB (B)
C:\Users\woshi\Downloads\2016.5.9\18.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\17.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\15.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\19.vir -> confirm_adYV3XT0288.js    Trojan.JS.RJK (B)
C:\Users\woshi\Downloads\2016.5.9\20.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\16.vir    Trojan.GenericKD.3214668 (B)
C:\Users\woshi\Downloads\2016.5.9\23.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\22.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\06.vir    Gen:Variant.Razy.41703 (B)
C:\Users\woshi\Downloads\2016.5.9\24.vir -> warning_fKjqtToh35.js    Trojan.JS.RJM (B)
C:\Users\woshi\Downloads\2016.5.9\10.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\26.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\28.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\29.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\30.vir    Gen:Variant.Zusy.190888 (B)
C:\Users\woshi\Downloads\2016.5.9\32.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\27.vir    Trojan.GenericKD.3212032 (B)
C:\Users\woshi\Downloads\2016.5.9\34.vir    Trojan.Generic.15333860 (B)
C:\Users\woshi\Downloads\2016.5.9\36.vir -> confirm_50CLHo172.js    Trojan.JS.RJS (B)
C:\Users\woshi\Downloads\2016.5.9\35.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\38.vir    Gen:Variant.Razy.48551 (B)
C:\Users\woshi\Downloads\2016.5.9\40.vir    Trojan.Generic.16537973 (B)
C:\Users\woshi\Downloads\2016.5.9\41.vir    Generic.JS.Downloader.3C7DA449 (B)
C:\Users\woshi\Downloads\2016.5.9\44.vir    Trojan.GenericKD.3206242 (B)
C:\Users\woshi\Downloads\2016.5.9\37.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\43.vir    Gen:Trojan.Heur.FU.buX@a0TIZug (B)
C:\Users\woshi\Downloads\2016.5.9\46.vir -> (INFECTED_JS)    JS:Trojan.JS.Downloader.IK (B)
C:\Users\woshi\Downloads\2016.5.9\39.vir -> word/vbaProject.bin    W97M.Downloader.CBM (B)
C:\Users\woshi\Downloads\2016.5.9\49.vir    W97M.Downloader.BUA (B)
C:\Users\woshi\Downloads\2016.5.9\48.vir -> (INFECTED_JS)    JS:Trojan.JS.Downloader.IK (B)
C:\Users\woshi\Downloads\2016.5.9\47.vir    Trojan.GenericKD.3204266 (B)
C:\Users\woshi\Downloads\2016.5.9\42.vir -> (INFECTED_JS)    JS:Trojan.JS.Agent.NC (B)
C:\Users\woshi\Downloads\2016.5.9\45.vir -> (INFECTED_JS)    JS:Trojan.Crypt.OY (B)
C:\Users\woshi\Downloads\2016.5.9\50.vir -> word/vbaProject.bin    W97M.Downloader.BRA (B)
C:\Users\woshi\Downloads\2016.5.9\21.vir    Gen:Variant.Zusy.192473 (B)
C:\Users\woshi\Downloads\2016.5.9\33.vir    Trojan.GenericKD.3212044 (B)

Scanned 50
Found 44

Scan end: 2016/5/10 10:35:27
Scan time: 0:00:02

来迟了，抱歉。隔夜的EMSI击杀44个，其中一个被认为是中等威胁
不入库了，代{过}{滤}理流量有限

[病毒样本] 精睿样本测试（16.5.9）

本帖子中包含更多资源

浏览过的版块