精睿样本测试（16.7.15）

显示全部楼层 · 发表于 2016-7-15 09:56:04

Time;Module;Event;User
2016/7/15 9:55:34;ESET Kernel;File 'C:\Users\Galaxy\Downloads\2016.7.15\2016.7.15\2016.7.15.rar' was sent to ESET for analysis.;

显示全部楼层 · 发表于 2016-7-15 09:57:17

费尔扫描4X 火绒扫描13X

显示全部楼层 · 发表于 2016-7-15 10:03:30

火绒 14/50

显示全部楼层 · 发表于 2016-7-15 10:12:43

Avira 27X

[mw_shl_code=css,true]Start of the scan: Friday, 15 July, 2016  10:07

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.7.15'
C:\Users\User\Desktop\2016.7.15\02.vir
[0] Archive type: GZ
--> Object
      [DETECTION] Is the TR/Crypt.ZPACK.231616 Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.15\03.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.KME Java script virus
C:\Users\User\Desktop\2016.7.15\08.vir
  [DETECTION] Is the TR/Crypt.ZPACK.uaxt Trojan
C:\Users\User\Desktop\2016.7.15\09.vir
  [DETECTION] Is the TR/AD.DridexDownloader.Y.ajgn Trojan
C:\Users\User\Desktop\2016.7.15\10.vir
  [DETECTION] Is the TR/Crypt.ZPACK.eiow Trojan
C:\Users\User\Desktop\2016.7.15\11.vir
  [DETECTION] Is the TR/Patched.Ren.Gen Trojan
C:\Users\User\Desktop\2016.7.15\13.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Users\User\Desktop\2016.7.15\14.vir
[0] Archive type: GZ
--> Object
      [DETECTION] Is the TR/Dropper.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.15\16.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.15\18.vir
  [DETECTION] Is the TR/Taranis.2365 Trojan
C:\Users\User\Desktop\2016.7.15\19.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.7.15\20.vir
[0] Archive type: ZIP
--> Internet/s.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54337 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/w.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54338 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/l.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54335 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/r.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54336 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/Done.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54334 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.15\22.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.15\24.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.KME Java script virus
C:\Users\User\Desktop\2016.7.15\29.vir
  [DETECTION] Is the TR/Crypt.Xpack.ibdk Trojan
C:\Users\User\Desktop\2016.7.15\31.vir
[0] Archive type: ZIP
--> profile-02e..wsf
      [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.15\33.vir
  [DETECTION] Is the TR/Dropper.VB.rixg Trojan
C:\Users\User\Desktop\2016.7.15\34.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.15\36.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.KME Java script virus
C:\Users\User\Desktop\2016.7.15\37.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.7.15\38.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.15\40.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.15\41.vir
[0] Archive type: ZIP
--> Internet/s.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54337 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/w.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54338 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/l.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54335 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/r.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54336 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> Internet/Done.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54334 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.15\42.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.15\43.vir
  [DETECTION] Is the TR/Dldr.Skidlo.ymtj Trojan
C:\Users\User\Desktop\2016.7.15\44.vir
  [DETECTION] Contains code of the W2000M/Agent.9391605 macro virus
C:\Users\User\Desktop\2016.7.15\46.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus[/mw_shl_code]

显示全部楼层 · 发表于 2016-7-15 10:16:00

小A 21x

显示全部楼层 · 发表于 2016-7-15 10:32:35

km2002 发表于 2016-7-15 09:57
费尔扫描4X 火绒扫描13X

见13楼测试结果：火绒 14/50

显示全部楼层 · 发表于 2016-7-15 10:38:40

AVG 36X
[mw_shl_code=css,true]F:\Users\Yizhou\Desktop\2016.7.15\41.vir;"特洛伊木马 Backdoor.Java_c.OT";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\31.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\03.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\36.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\32.vir;"发现病毒 PowerShell/Downloader";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\44.vir;"发现病毒 W97M/Downloader";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\14.vir;"特洛伊木马 MSIL10.AHVW";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\10.vir;"特洛伊木马 Crypt_r.CCU";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\20.vir;"特洛伊木马 Backdoor.Java_c.OT";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\35.vir;"广告软件 Generic7.AUBO";"已保护";"已修复";"中等"
F:\Users\Yizhou\Desktop\2016.7.15\07.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\18.vir;"特洛伊木马 Agent5.ARIC";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\13.vir;"特洛伊木马 Inject3.AXUY";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\42.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\21.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\27.vir;"发现 Win32/DH{UgMK?}";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\47.vir;"发现病毒 SWF/Exploit";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\29.vir;"特洛伊木马 Generic37.CGCM";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\02.vir;"特洛伊木马 Crypt5.ALLX";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\15.vir;"特洛伊木马 Crypt5.BXZN";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\46.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\17.vir;"特洛伊木马 Exploit.Java_c.RYB";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\01.vir;"特洛伊木马 MultiDropper_c.BJVQ";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\11.vir;"特洛伊木马 Generic_r.EZZ";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\24.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\12.vir;"可能是特洛伊木马 JS/Exploit";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\08.vir;"特洛伊木马 Crypt_r.CCU";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\40.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\22.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\34.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\38.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\09.vir;"特洛伊木马 Inject3.AQUT";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\43.vir;"特洛伊木马 Ransom_r.ST";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\26.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\16.vir;"发现病毒 JS/Downloader.Agent";"已保护";"已修复";"高"
F:\Users\Yizhou\Desktop\2016.7.15\33.vir;"特洛伊木马 VB2.AKJO";"已保护";"已修复";"高"
[/mw_shl_code]

显示全部楼层 · 发表于 2016-7-15 10:56:12

本帖最后由 km2002 于 2016-7-15 11:07 编辑

Flying_Bird 发表于 2016-7-15 10:32
见13楼测试结果：火绒 14/50

早上没升级前才4X 这图是我刚升级完后扫的13X 好吧现在试14X 多X了个 11号

显示全部楼层 · 发表于 2016-7-15 13:02:33

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2016/7/15
Scan Time: 12:54
Logfile: 检测2.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.15.02
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 10
CPU: x64
File System: NTFS
User: woshi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 1
Time Elapsed: 0 min, 22 sec

Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Trojan.AdLoad.CN, C:\Users\woshi\Downloads\gole.exe, Quarantined, [af9f71b3d3c71125f214369a18e9b64a],

Physical Sectors: 0
(No malicious items detected)

(end)
malwarebytes简直让人大跌眼镜……昨天的结果我都不好意思贴出来了

显示全部楼层 · 发表于 2016-7-15 17:09:49

AVG：kill 35 files and fix 1 files

[病毒样本] 精睿样本测试（16.7.15）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块