精睿样本测试（16.7.26）

显示全部楼层 · 发表于 2016-7-26 09:29:53

地址：

https://pan.baidu.com/s/1slckHvJ 提取密码 nt3q

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-7-26 09:31:22

本帖最后由 Eset小粉絲于 2016-7-26 09:46 编辑

Avira 35X

[mw_shl_code=css,true]Start of the scan: Tuesday, 26 July, 2016  09:38

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.7.26'
C:\Users\User\Desktop\2016.7.26\01.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.kse Java script virus
C:\Users\User\Desktop\2016.7.26\02.vir
[0] Archive type: NSIS
--> ProgramFilesDir/iphLauncher.exe
      [DETECTION] Contains virus patterns of Adware ADWARE/Kraddare.yjel
      [WARNING] Infected files in archives cannot be repaired
--> ProgramFilesDir/iphlms.exe
      [DETECTION] Contains virus patterns of Adware ADWARE/Kraddare.lfkv
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\04.vir
  [DETECTION] Is the TR/Crypt.Xpack.dvxo Trojan
C:\Users\User\Desktop\2016.7.26\05.vir
  [DETECTION] Is the TR/Inject.ssaw Trojan
C:\Users\User\Desktop\2016.7.26\08.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.7.26\12.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.icir Java script virus
C:\Users\User\Desktop\2016.7.26\13.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.7.26\14.vir
  [DETECTION] Contains recognition pattern of the VBS/Jenxcus.Gen VBS script virus
C:\Users\User\Desktop\2016.7.26\15.vir
  [DETECTION] Is the TR/AD.Bladabindi.Y.fmsc Trojan
C:\Users\User\Desktop\2016.7.26\16.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.AMAV Java script virus
C:\Users\User\Desktop\2016.7.26\18.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.dgk macro virus
C:\Users\User\Desktop\2016.7.26\19.vir
  [DETECTION] Is the TR/Dropper.MSIL.Gen Trojan
C:\Users\User\Desktop\2016.7.26\20.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.icir Java script virus
C:\Users\User\Desktop\2016.7.26\21.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.6489236 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\22.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.7.26\23.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.dfgh macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\25.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.7.26\26.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.7.26\27.vir
[0] Archive type: RAR SFX (self extracting)
--> Qrxdz.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\28.vir
[0] Archive type: ZIP
--> main/NameClassh.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1213 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/Start.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.828 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/NameClassm.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.2323 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/NameClassv.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1319 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/NameClassw.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1545 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/NameClassi.class
      [DETECTION] Contains recognition pattern of the EXP/Java.HLP.EB.911 exploit
      [WARNING] Infected files in archives cannot be repaired
--> main/NameClassy.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.1719 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/NameClassu.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.760 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\29.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.icir Java script virus
C:\Users\User\Desktop\2016.7.26\30.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.23540 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\31.vir
[0] Archive type: RAR SFX (self extracting)
--> Xykssl.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\32.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\Users\User\Desktop\2016.7.26\33.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Nemucod.AM VBS script virus
C:\Users\User\Desktop\2016.7.26\34.vir
  [DETECTION] Is the TR/Spy.Gen Trojan
C:\Users\User\Desktop\2016.7.26\37.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.7.26\38.vir
[0] Archive type: ZIP
--> word/embeddings/oleObject1.bin
      [1] Archive type: OLE
   --> Object
      [DETECTION] Contains recognition pattern of the JS/Agent.864466 Java script virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.26\39.vir
  [DETECTION] Is the TR/Agent.zbdc Trojan
C:\Users\User\Desktop\2016.7.26\43.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.7.26\44.vir
  [DETECTION] Is the TR/Razy.voac Trojan
C:\Users\User\Desktop\2016.7.26\45.vir
  [DETECTION] Contains code of the ANDROID/Spy.Kasandra.E.Gen virus
C:\Users\User\Desktop\2016.7.26\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.AMAV Java script virus
C:\Users\User\Desktop\2016.7.26\49.vir
  [DETECTION] Is the TR/AD.Bladabindi.Y.fmsc Trojan
C:\Users\User\Desktop\2016.7.26\50.vir
  [DETECTION] Is the TR/Crypt.Xpack.ohpo Trojan[/mw_shl_code]

显示全部楼层 · 发表于 2016-7-26 09:32:01

MSE

[mw_shl_code=css,true]Scan started on Tue Jul 26 09:31:10 2016

C:\Users\XuanXia\Desktop\2016.7.26\01.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.26\04.vir                                                                      Infected: Backdoor:MSIL/Bladabindi
C:\Users\XuanXia\Desktop\2016.7.26\07.vir                                                                      Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.7.26\08.vir                                                                      Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.7.26\12.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.26\13.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.GH
C:\Users\XuanXia\Desktop\2016.7.26\14.vir                                                                      Infected: Worm:VBS/Jenxcus
C:\Users\XuanXia\Desktop\2016.7.26\15.vir                                                                      Infected: Backdoor:MSIL/Bladabindi
C:\Users\XuanXia\Desktop\2016.7.26\16.vir                                                                      Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.7.26\19.vir                                                                      Infected: Backdoor:MSIL/Bladabindi
C:\Users\XuanXia\Desktop\2016.7.26\20.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.GI
C:\Users\XuanXia\Desktop\2016.7.26\22.vir->[WsfCmtOut]->(SCRIPT0001)                                           Infected: TrojanDownloader:JS/Nemucod.FJ [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.26\23.vir->word/vbaProject.bin                                                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.7.26\25.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.FY
C:\Users\XuanXia\Desktop\2016.7.26\26.vir->[txtmzhextobin]                                                    Infected: Backdoor:MSIL/Bladabindi.B [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.26\27.vir                                                                      Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.7.26\27.vir->(RarSfx)->Qrxdz.exe                                                 Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.26\28.vir->main/NameClassm.class                                              Infected: Trojan:Java/Adwind
C:\Users\XuanXia\Desktop\2016.7.26\28.vir->main/NameClassi.class                                              Infected: Exploit:Java/CVE-2014-0114
C:\Users\XuanXia\Desktop\2016.7.26\29.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.26\30.vir->word/vbaProject.bin                                                 Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.7.26\31.vir                                                                      Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.7.26\31.vir->(RarSfx)->Xykssl.exe                                              Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.26\33.vir                                                                      Infected: TrojanDownloader:JS/Nemucod.FK
C:\Users\XuanXia\Desktop\2016.7.26\35.vir                                                                      Infected: Backdoor:Linux/Shellshock.A
C:\Users\XuanXia\Desktop\2016.7.26\37.vir                                                                      Infected: TrojanDownloader:JS/Swabfex.C
...anXia\Desktop\2016.7.26\38.vir->word/embeddings/oleObject1.bin->(Ole Stream 0)->Rechnung_Tickets.js->[Eval]  Infected: TrojanDownloader:JS/Nemucod.GG [non_writable_container]
...top\2016.7.26\38.vir->word/embeddings/oleObject1.bin->(Ole Stream 0)->Rechnung_Tickets.js->[FunctionPacked]  Infected: TrojanDownloader:JS/Nemucod.GG [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.26\39.vir                                                                      Infected: TrojanSpy:Win32/Ursnif.HP
C:\Users\XuanXia\Desktop\2016.7.26\43.vir                                                                      Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.7.26\48.vir                                                                      Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.7.26\49.vir                                                                      Infected: Backdoor:MSIL/Bladabindi
C:\Users\XuanXia\Desktop\2016.7.26\50.vir                                                                      Infected: Trojan:Win32/Lethic.B
Successfully checked: C:\Users\XuanXia\Desktop\2016.7.26

Scan ended on Tue Jul 26 09:31:19 2016

Time: 9 second(s). [0h:00m:09s]
Files/second: 18 (6549 Kb/s).
Objects scanned: 164.
Infected: 33. Suspicious: 0. Clean: 131. Different virus bodies: 20.
Files: 50. Directories: 1. Archives: 23. Packed: 4. Mail files: 1.
Warnings: 33. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.[/mw_shl_code]

显示全部楼层 · 发表于 2016-7-26 09:38:44

本帖最后由挥泪斩情思于 2016-7-26 10:03 编辑

NS

显示全部楼层 · 发表于 2016-7-26 09:42:48

McAfee 25X

显示全部楼层 · 发表于 2016-7-26 09:47:13

挥泪斩情思发表于 2016-7-26 09:38
我这里百度云死活下载不下来。。。。

我刚才也是，多刷新几次就行了，，，。

显示全部楼层 · 发表于 2016-7-26 09:47:23

毒霸kill11X

显示全部楼层 · 发表于 2016-7-26 09:50:35

BD检测33，修复4个。
[mw_shl_code=css,true]D:\Virus\2016.7.26\35.vir Generic.Gafgyt.1.3B7F4CE9 Deleted
D:\Virus\2016.7.26\13.vir=>(INFECTED_JS) JS:Trojan.JS.Agent.MHU Deleted
D:\Virus\2016.7.26\28.vir=>main/NameClassh.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\31.vir Trojan.GenericKD.3417775 Deleted after reboot
D:\Virus\2016.7.26\32.vir Trojan.Generic.17777978 Deleted after reboot
D:\Virus\2016.7.26\50.vir Trojan.GenericKD.3425847 Deleted
D:\Virus\2016.7.26\05.vir Gen:Variant.Barys.385 Deleted after reboot
D:\Virus\2016.7.26\23.vir Trojan.Doc.Downloader.NO Deleted
D:\Virus\2016.7.26\27.vir Trojan.GenericKD.3399103 Deleted after reboot
D:\Virus\2016.7.26\46.vir Trojan.Java.Agent.GI Deleted after reboot
D:\Virus\2016.7.26\43.vir Trojan.Script.DJD Moved to Quarantine
D:\Virus\2016.7.26\12.vir Trojan.JS.Downloader.DPT Moved to Quarantine
D:\Virus\2016.7.26\20.vir Trojan.JS.Downloader.DPT Moved to Quarantine
D:\Virus\2016.7.26\02.vir=>(NSIS o)=>zlib_nsis0008 Gen:Variant.Graftor.291579 Moved to Quarantine
D:\Virus\2016.7.26\28.vir=>main/NameClassv.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\19.vir Trojan.GenericKD.3413930 Deleted after reboot
D:\Virus\2016.7.26\29.vir Trojan.JS.Downloader.DPW Deleted after reboot
D:\Virus\2016.7.26\28.vir=>main/Start.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\28.vir=>main/NameClassm.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\10.vir Generic.JS.DownloaderAC.4EB48EA9 Deleted
D:\Virus\2016.7.26\16.vir Trojan.GenericKD.3420637 Deleted after reboot
D:\Virus\2016.7.26\34.vir Gen:Trojan.Agent.Delf.GY.MKX@aSdznKp Deleted after reboot
D:\Virus\2016.7.26\15.vir Trojan.GenericKD.3421320 Deleted after reboot
D:\Virus\2016.7.26\33.vir Trojan.JS.Downloader.DPK Moved to Quarantine
D:\Virus\2016.7.26\45.vir=>res/layout/videoview.xml Android.Trojan.AndroRAT.E Deleted
D:\Virus\2016.7.26\28.vir=>main/NameClassu.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\18.vir W97M.Downloader.DUR Disinfected
D:\Virus\2016.7.26\02.vir=>(NSIS o)=>zlib_nsis0007 Gen:Variant.Strictor.109293 Moved to Quarantine
D:\Virus\2016.7.26\39.vir Trojan.GenericKD.3398951 Deleted after reboot
D:\Virus\2016.7.26\44.vir Gen:Variant.Razy.56278 Deleted after reboot
D:\Virus\2016.7.26\38.vir=>word=>embeddings=>oleObject1.bin=>Rechnung_Tickets.js Trojan.Downloader.JTAX Deleted
D:\Virus\2016.7.26\28.vir=>main/NameClassw.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\30.vir=>word/vbaProject.bin W97M.Downloader.DUF Disinfected
D:\Virus\2016.7.26\30.vir=>word/media/image1.jpg Trojan.Scam.LH Deleted
D:\Virus\2016.7.26\49.vir Trojan.GenericKD.3407667 Deleted after reboot
D:\Virus\2016.7.26\42.vir Trojan.PDF.Phishing.BT Deleted after reboot
D:\Virus\2016.7.26\01.vir Trojan.JS.Downloader.DQA Deleted after reboot
D:\Virus\2016.7.26\04.vir Trojan.Generic.17768847 Deleted after reboot
D:\Virus\2016.7.26\22.vir Trojan.Script.DJA Deleted after reboot
D:\Virus\2016.7.26\28.vir=>main/NameClassi.class Trojan.Java.Classloader.BK Deleted
D:\Virus\2016.7.26\48.vir Trojan.GenericKD.3421297 Deleted
D:\Virus\2016.7.26\28.vir=>main/NameClassy.class Trojan.Java.Classloader.BK Deleted [/mw_shl_code]

显示全部楼层 · 发表于 2016-7-26 10:04:57

本帖最后由 skycai 于 2016-7-26 10:06 编辑

由于总所周知的原因，火绒是老的病毒库，不过成绩还好。

下面是V17，今天的成绩还比不过火绒的老库。

显示全部楼层 · 发表于 2016-7-26 10:06:16

本帖最后由 540923555 于 2016-7-26 10:20 编辑

wd占位

wd查杀+修复样本29个，未处理样本21个

[病毒样本] 精睿样本测试（16.7.26）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

WD

浏览过的版块