精睿样本测试（16.5.13）

显示全部楼层 · 发表于 2016-5-13 09:15:33

地址：

http://pan.baidu.com/s/1kUV71Rp 提取密码 ph53

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-5-13 09:19:27

微软

[mw_shl_code=css,true]Scan started on Fri May 13 09:17:53 2016

C:\Users\XuanXia\Desktop\2016.5.13\01.vir                                  Infected: Worm:Win32/Skypoot.A
C:\Users\XuanXia\Desktop\2016.5.13\03.vir                                  Infected: TrojanSpy:Win32/Nivdort
C:\Users\XuanXia\Desktop\2016.5.13\08.vir->[FunctionPacked]->(SCRIPT0000)    Infected: TrojanDownloader:JS/Nemucod.EX [non_writable_container]
C:\Users\XuanXia\Desktop\2016.5.13\10.vir->word/vbaProject.bin             Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.5.13\12.vir                                  Infected: Trojan:Win32/Matsnu.Q
C:\Users\XuanXia\Desktop\2016.5.13\13.vir->Invoice-packing list.exe          Infected: TrojanSpy:MSIL/Omaneat.C
C:\Users\XuanXia\Desktop\2016.5.13\16.vir                                  Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.5.13\21.vir                                  Infected: TrojanSpy:Win32/Ursnif.HP
C:\Users\XuanXia\Desktop\2016.5.13\22.vir                                  Infected: TrojanDropper:O97M/Bartallex
C:\Users\XuanXia\Desktop\2016.5.13\23.vir                                  Infected: TrojanDownloader:Win32/Silcon
C:\Users\XuanXia\Desktop\2016.5.13\24.vir->Factuur 00345443-345345434.PDF.exe Infected: Ransom:Win32/Cerber
C:\Users\XuanXia\Desktop\2016.5.13\28.vir                                  Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.5.13\29.vir->word/vbaProject.bin             Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.5.13\30.vir                                  Infected: Ransom:MSIL/Samas.A
C:\Users\XuanXia\Desktop\2016.5.13\31.vir                                  Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.5.13\33.vir->Scan32343sc?fdp.exe             Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.5.13\35.vir                                  Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.5.13\36.vir                                  Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.5.13\37.vir                                  Infected: PWS:Win32/Zbot
C:\Users\XuanXia\Desktop\2016.5.13\39.vir                                  Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.5.13\40.vir                                  Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.5.13\43.vir->(Ole Stream 2)                   Infected: TrojanDropper:O97M/Bartallex
C:\Users\XuanXia\Desktop\2016.5.13\44.vir->word/vbaProject.bin             Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.5.13\47.vir                                  Infected: TrojanDownloader:O97M/Donoff.H
C:\Users\XuanXia\Desktop\2016.5.13\48.vir                                  Infected: Ransom:Win32/Locky
Successfully checked: C:\Users\XuanXia\Desktop\2016.5.13

Scan ended on Fri May 13 09:18:00 2016[/mw_shl_code]

显示全部楼层 · 发表于 2016-5-13 09:33:59

本帖最后由狐狸糊涂于 2016-5-13 11:54 编辑

EAV杀37

[mw_shl_code=css,true]C:\Users\qiu\Desktop\2016.5.13\15.vir;C:\Users\qiu\Desktop\2016.5.13\16.vir;C:\Users\qiu\Desktop\2016.5.13\17.vir;C:\Users\qiu\Desktop\2016.5.13\18.vir;C:\Users\qiu\Desktop\2016.5.13\19.vir;C:\Users\qiu\Desktop\2016.5.13\20.vir;C:\Users\qiu\Desktop\2016.5.13\21.vir;C:\Users\qiu\Desktop\2016.5.13\22.vir;C:\Users\qiu\Desktop\2016.5.13\23.vir;C:\Users\qiu\Desktop\2016.5.13\24.vir;C:\Users\qiu\Desktop\2016.5.13\25.vir;C:\Users\qiu\Desktop\2016.5.13\26.vir;C:\Users\qiu\Desktop\2016.5.13\27.vir;C:\Users\qiu\Desktop\2016.5.13\28.vir;C:\Users\qiu\Desktop\2016.5.13\29.vir;C:\Users\qiu\Desktop\2016.5.13\30.vir;C:\Users\qiu\Desktop\2016.5.13\31.vir;C:\Users\qiu\Desktop\2016.5.13\32.vir;C:\Users\qiu\Desktop\2016.5.13\33.vir;C:\Users\qiu\Desktop\2016.5.13\34.vir;C:\Users\qiu\Desktop\2016.5.13\35.vir;C:\Users\qiu\Desktop\2016.5.13\36.vir;C:\Users\qiu\Desktop\2016.5.13\37.vir;C:\Users\qiu\Desktop\2016.5.13\38.vir;C:\Users\qiu\Desktop\2016.5.13\39.vir;C:\Users\qiu\Desktop\2016.5.13\40.vir;C:\Users\qiu\Desktop\2016.5.13\41.vir;C:\Users\qiu\Desktop\2016.5.13\42.vir;C:\Users\qiu\Desktop\2016.5.13\43.vir;C:\Users\qiu\Desktop\2016.5.13\44.vir;C:\Users\qiu\Desktop\2016.5.13\45.vir;C:\Users\qiu\Desktop\2016.5.13\46.vir;C:\Users\qiu\Desktop\2016.5.13\47.vir;C:\Users\qiu\Desktop\2016.5.13\48.vir;C:\Users\qiu\Desktop\2016.5.13\49.vir;C:\Users\qiu\Desktop\2016.5.13\50.vir;C:\Users\qiu\Desktop\2016.5.13\01.vir;C:\Users\qiu\Desktop\2016.5.13\02.vir;C:\Users\qiu\Desktop\2016.5.13\03.vir;C:\Users\qiu\Desktop\2016.5.13\04.vir;C:\Users\qiu\Desktop\2016.5.13\05.vir;C:\Users\qiu\Desktop\2016.5.13\06.vir;C:\Users\qiu\Desktop\2016.5.13\07.vir;C:\Users\qiu\Desktop\2016.5.13\08.vir;C:\Users\qiu\Desktop\2016.5.13\09.vir;C:\Users\qiu\Desktop\2016.5.13\10.vir;C:\Users\qiu\Desktop\2016.5.13\11.vir;C:\Users\qiu\Desktop\2016.5.13\12.vir;C:\Users\qiu\Desktop\2016.5.13\13.vir;C:\Users\qiu\Desktop\2016.5.13\14.vir
C:\Users\qiu\Desktop\2016.5.13\15.vir > SMARTINSTALLMAKER - 错误－未知的压缩方法
C:\Users\qiu\Desktop\2016.5.13\16.vir - JS/TrojanDownloader.Nemucod.YD 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\18.vir - PowerShell/Agent.A 特洛伊木马 - 已清除
C:\Users\qiu\Desktop\2016.5.13\19.vir - JS/TrojanDownloader.Nemucod.YM 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\20.vir - Win32/Amonetize.RG 潜在的不受欢迎应用程序的变种 - 扫描完成后再选择处理方式
C:\Users\qiu\Desktop\2016.5.13\21.vir - Win32/Kryptik.EXCQ 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\22.vir > OLEDATA > - Win32/Agent.RAS 特洛伊木马 - 已删除
C:\Users\qiu\Desktop\2016.5.13\23.vir - Win32/TrojanDownloader.Nymaim.BA 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\24.vir > ZIP > Factuur 00345443-345345434.PDF.exe - Win32/Filecoder.Cerber.B 特洛伊木马 - 已删除
C:\Users\qiu\Desktop\2016.5.13\25.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AZE 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\qiu\Desktop\2016.5.13\26.vir - BAT/Agent.NPV 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\27.vir > WINRARSFX - 压缩文件已损坏
C:\Users\qiu\Desktop\2016.5.13\28.vir - JS/TrojanDownloader.Nemucod.YD 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\29.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BBT 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\qiu\Desktop\2016.5.13\30.vir - MSIL/Filecoder.Samas.A 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\31.vir - Win32/Kryptik.EXAQ 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\32.vir - VBS/Obfuscated.G 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\33.vir > RAR > Scan32343scfdp.exe - MSIL/Injector.OBU 特洛伊木马的变种 - 已删除
C:\Users\qiu\Desktop\2016.5.13\35.vir - Win32/Kryptik.EXAQ 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\36.vir - Win32/Filecoder.Locky.B 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\37.vir - Win32/Injector.CXNY 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\39.vir - JS/TrojanDownloader.Nemucod.YJ 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\40.vir - VBA/TrojanDropper.Agent.HM 特洛伊木马 - 已清除
C:\Users\qiu\Desktop\2016.5.13\41.vir > NSIS > nsDialogs.dll - Win32/Toolbar.MyWebSearch.AY 潜在的不受欢迎应用程序的变种 - 扫描完成后再选择处理方式
C:\Users\qiu\Desktop\2016.5.13\42.vir - VBS/TrojanDownloader.Agent.OCN 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\44.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BBT 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\qiu\Desktop\2016.5.13\46.vir > INNO > files.info - 不支持的选项
C:\Users\qiu\Desktop\2016.5.13\47.vir - VBA/TrojanDownloader.Agent.BBB 特洛伊木马 - 已清除
C:\Users\qiu\Desktop\2016.5.13\48.vir - Win32/Kryptik.EWZB 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\01.vir - Win32/Videspra.AP 蠕虫 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\03.vir - Win32/Bayrob.BS 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\04.vir - MSIL/Injector.PCR 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\05.vir - Win32/Injector.CYEL 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\06.vir - VBA/TrojanDownloader.Agent.BBY 特洛伊木马 - 已清除
C:\Users\qiu\Desktop\2016.5.13\07.vir - VBA/TrojanDownloader.Agent.BAN 特洛伊木马 - 已清除
C:\Users\qiu\Desktop\2016.5.13\08.vir - JS/TrojanDownloader.Nemucod.XX 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\10.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BAR 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\qiu\Desktop\2016.5.13\12.vir - Win32/TrojanDownloader.Nymaim.BA 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\13.vir > ZIP > Invoice-packing list.exe - MSIL/Agent.AIU 特洛伊木马 - 已删除
C:\Users\qiu\Desktop\2016.5.13\14.vir - VBA/TrojanDownloader.Agent.BBT 特洛伊木马 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\20.vir - Win32/Amonetize.RG 潜在的不受欢迎应用程序的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\25.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AZE 特洛伊木马 - 已删除
C:\Users\qiu\Desktop\2016.5.13\29.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BBT 特洛伊木马 - 已删除
C:\Users\qiu\Desktop\2016.5.13\41.vir > NSIS > nsDialogs.dll - Win32/Toolbar.MyWebSearch.AY 潜在的不受欢迎应用程序的变种 - 通过删除清除 [1]
C:\Users\qiu\Desktop\2016.5.13\44.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BBT 特洛伊木马 - 已删除
C:\Users\qiu\Desktop\2016.5.13\10.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BAR 特洛伊木马 - 已删除
已扫描的对象数: 121
发现的威胁数: 37
已清除对象数: 37
完成时间: 11:52:30 总扫描时间: 21 秒 (00:00:21)

备注:
[1] 由于对象中仅包含病毒主体，因此已被删除。
[/mw_shl_code]

显示全部楼层 · 发表于 2016-5-13 09:52:56

火绒 19/50

显示全部楼层 · 发表于 2016-5-13 10:44:06

迈克菲、、

显示全部楼层 · 发表于 2016-5-13 11:15:38

AVRIA miss

显示全部楼层 · 发表于 2016-5-13 11:15:56

Avira餘17

[mw_shl_code=css,true]Start of the scan: Friday, 13 May, 2016  10:58

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.5.13'
C:\Users\User\Desktop\2016.5.13\01.vir
  [DETECTION] Is the TR/Dropper.MSIL.eisr Trojan
C:\Users\User\Desktop\2016.5.13\03.vir
  [DETECTION] Is the TR/Crypt.Xpack.nhqh Trojan
C:\Users\User\Desktop\2016.5.13\04.vir
  [DETECTION] Is the TR/Dropper.MSIL.wyug Trojan
C:\Users\User\Desktop\2016.5.13\05.vir
  [DETECTION] Is the TR/Dropper.VB.lqdc Trojan
C:\Users\User\Desktop\2016.5.13\06.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.5392494 macro virus
C:\Users\User\Desktop\2016.5.13\07.vir
  [DETECTION] Contains code of the W2000M/Agent.926640 macro virus
C:\Users\User\Desktop\2016.5.13\10.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W97M/Dldr.Agent.7654 Word macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\12.vir
  [DETECTION] Is the TR/Crypt.EPACK.sbmk Trojan
C:\Users\User\Desktop\2016.5.13\13.vir
[0] Archive type: ZIP
--> Invoice-packing list.exe
      [DETECTION] Is the TR/Dropper.MSIL.mige Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\17.vir
  [DETECTION] Is the TR/FileCoder.hlqc Trojan
C:\Users\User\Desktop\2016.5.13\18.vir
  [DETECTION] Contains code of the X2000M/Dldr.Agent.0600139 Excel macro virus
C:\Users\User\Desktop\2016.5.13\20.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/Amonetize.tntc
C:\Users\User\Desktop\2016.5.13\21.vir
  [DETECTION] Is the TR/Crypt.Xpack.kqeu Trojan
C:\Users\User\Desktop\2016.5.13\22.vir
  [DETECTION] Is the TR/AD.Injector.M.gvhk Trojan
C:\Users\User\Desktop\2016.5.13\23.vir
  [DETECTION] Is the TR/Crypt.ZPACK.rvvr Trojan
C:\Users\User\Desktop\2016.5.13\24.vir
[0] Archive type: ZIP
--> Factuur 00345443-345345434.PDF.exe
      [DETECTION] Is the TR/Dropper.VB.blij Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\25.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.926685 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\29.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.56467 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\30.vir
  [DETECTION] Is the TR/Samas.ekzk Trojan
C:\Users\User\Desktop\2016.5.13\31.vir
  [DETECTION] Is the TR/Crypt.ZPACK.gwlj Trojan
C:\Users\User\Desktop\2016.5.13\33.vir
[0] Archive type: RAR
--> Scan32343scfdp.exe
      [DETECTION] Is the TR/Dropper.MSIL.iciv Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\35.vir
  [DETECTION] Is the TR/Crypt.ZPACK.opmy Trojan
C:\Users\User\Desktop\2016.5.13\36.vir
  [DETECTION] Is the TR/AD.Locky.Y.nyam Trojan
C:\Users\User\Desktop\2016.5.13\37.vir
  [DETECTION] Is the TR/Crypt.Xpack.rpvj Trojan
C:\Users\User\Desktop\2016.5.13\40.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.53922896 macro virus
C:\Users\User\Desktop\2016.5.13\42.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.5.13\43.vir
  [DETECTION] Is the TR/AD.Injector.M.rogd Trojan
C:\Users\User\Desktop\2016.5.13\44.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.56467 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.5.13\45.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Rogue.52224 back-door program
C:\Users\User\Desktop\2016.5.13\47.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.ueoid macro virus

Begin scan in 'C:\Users\User\Desktop\2016.5.13\16.vir'
C:\Users\User\Desktop\2016.5.13\16.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.MB Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '5121d778.qua'!
Begin scan in 'C:\Users\User\Desktop\2016.5.13\28.vir'
C:\Users\User\Desktop\2016.5.13\28.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.MB Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '49b6f8c1.qua'!
Begin scan in 'C:\Users\User\Desktop\2016.5.13\39.vir'
C:\Users\User\Desktop\2016.5.13\39.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.MB Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '1be9a22b.qua'![/mw_shl_code]

显示全部楼层 · 发表于 2016-5-13 11:23:16

Eset小粉絲发表于 2016-5-13 11:15
Avira餘17

[mw_shl_code=css,true]Start of the scan: Friday, 13 May, 2016 10:58

你楼上怎么MISS的。。。。。。不知道密码？

显示全部楼层 · 发表于 2016-5-13 11:25:14

轩夏发表于 2016-5-13 11:23
你楼上怎么MISS的。。。。。。不知道密码？

怎麽可能不知道密碼。。我暈

。。。你都寫很清楚了呀~

显示全部楼层 · 发表于 2016-5-13 11:27:01

Eset小粉絲发表于 2016-5-13 11:25
怎麽可能不知道密碼。。我暈。。。你都寫很清楚了呀~

那伞伞怎么可能 MISS

[病毒样本] 精睿样本测试（16.5.13）

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块