精睿样本测试（16.7.29）

显示全部楼层 · 发表于 2016-7-29 09:16:23

地址：

https://pan.baidu.com/s/1slUt80d 提取密码 fj9p

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-7-29 09:19:26

MSE

[mw_shl_code=css,true]Scan started on Fri Jul 29 09:17:48 2016

C:\Users\XuanXia\Desktop\2016.7.29\01.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.29\02.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.29\03.vir                                           Infected: TrojanSpy:Win32/Ursnif.HP!bit
C:\Users\XuanXia\Desktop\2016.7.29\05.vir                                           Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.7.29\07.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.29\08.vir->word/vbaProject.bin                      Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.7.29\09.vir                                           Infected: Worm:Win32/Kalockan.A
C:\Users\XuanXia\Desktop\2016.7.29\10.vir->DHL Receipt_pdf.7z->DHL(2).zip->DHL.exe Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.29\13.vir                                           Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.7.29\14.vir->word/vbaProject.bin                      Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.7.29\19.vir                                           Infected: Ransom:Win32/Locky!rfn
C:\Users\XuanXia\Desktop\2016.7.29\20.vir                                           Infected: PWS:Win32/Zbot
C:\Users\XuanXia\Desktop\2016.7.29\21.vir                                           Infected: Worm:Win32/Kalockan.A
C:\Users\XuanXia\Desktop\2016.7.29\22.vir                                           Infected: Worm:Win32/Gamarue
C:\Users\XuanXia\Desktop\2016.7.29\24.vir                                           Infected: DDoS:Win32/Nitol.D
C:\Users\XuanXia\Desktop\2016.7.29\27.vir->[VBInject.LM]                            Infected: Backdoor:Win32/Tofsee.F [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.29\30.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.29\31.vir                                           Suspicious: VirTool:Win32/Obfuscator.XZ [submit_sample]
C:\Users\XuanXia\Desktop\2016.7.29\32.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.29\40.vir->[WsfCmtOut]->(SCRIPT0000)                Infected: TrojanDownloader:JS/Nemucod.FJ [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.29\45.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
C:\Users\XuanXia\Desktop\2016.7.29\48.vir->[WsfCmtOut]->(SCRIPT0000)                Infected: TrojanDownloader:JS/Nemucod.FJ [non_writable_container]
C:\Users\XuanXia\Desktop\2016.7.29\49.vir                                           Infected: TrojanDownloader:JS/Nemucod.FJ
Successfully checked: C:\Users\XuanXia\Desktop\2016.7.29

Scan ended on Fri Jul 29 09:18:13 2016

Time: 25 second(s). [0h:00m:25s]
Files/second: 10 (539 Kb/s).
Objects scanned: 268.
Infected: 22. Suspicious: 1. Clean: 245. Different virus bodies: 12.
Files: 50. Directories: 1. Archives: 15. Packed: 13. Mail files: 2.
Warnings: 23. Scan errors: 0. Protected: 0. Damaged: 1. Unknown method: 0. Spanned: 0.[/mw_shl_code]

显示全部楼层 · 发表于 2016-7-29 09:20:25

今天的迈克菲。。。。

显示全部楼层 · 发表于 2016-7-29 09:22:50

火绒

显示全部楼层 · 发表于 2016-7-29 09:23:05

本帖最后由心醉咖啡于 2016-7-29 11:20 编辑

毒霸一扫4X

二扫再kill10X

第三次扫描又杀2X

显示全部楼层 · 发表于 2016-7-29 09:23:13

本帖最后由 Eset小粉絲于 2016-7-29 09:27 编辑

Avira 35X

[mw_shl_code=css,true]Start of the scan: Friday, 29 July, 2016  09:26

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.7.29'
C:\Users\User\Desktop\2016.7.29\01.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.tret Java script virus
C:\Users\User\Desktop\2016.7.29\03.vir
  [DETECTION] Is the TR/Crypt.Xpack.ztmc Trojan
C:\Users\User\Desktop\2016.7.29\04.vir
  [DETECTION] Is the TR/Agent.lixb Trojan
C:\Users\User\Desktop\2016.7.29\05.vir
  [DETECTION] Is the TR/Crypt.ZPACK.zjou Trojan
C:\Users\User\Desktop\2016.7.29\06.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Users\User\Desktop\2016.7.29\07.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.tret Java script virus
C:\Users\User\Desktop\2016.7.29\08.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.23540 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\10.vir
[0] Archive type: TNEF (Microsoft)
--> DHL Receipt_pdf.7z
      [1] Archive type: 7-Zip
   --> DHL(2).zip
      [2] Archive type: ZIP
      --> DHL.exe
         [DETECTION] Is the TR/Dropper.MSIL.ihvy Trojan
         [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\12.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\15.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\18.vir
  [DETECTION] Is the TR/Crypt.Xpack.pvff Trojan
C:\Users\User\Desktop\2016.7.29\19.vir
  [DETECTION] Is the TR/Crypt.ZPACK.ojwi Trojan
C:\Users\User\Desktop\2016.7.29\20.vir
  [DETECTION] Is the TR/Crypt.Xpack.cqtg Trojan
C:\Users\User\Desktop\2016.7.29\22.vir
  [DETECTION] Is the TR/Agent.hcqa Trojan
C:\Users\User\Desktop\2016.7.29\23.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\24.vir
  [DETECTION] Is the TR/Crypt.ZPACK.igli Trojan
C:\Users\User\Desktop\2016.7.29\25.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\26.vir
  [DETECTION] Is the TR/Sefnit.ndvw Trojan
C:\Users\User\Desktop\2016.7.29\27.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.7.29\31.vir
  [DETECTION] Is the TR/Black.Gen2 Trojan
C:\Users\User\Desktop\2016.7.29\32.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.icir Java script virus
C:\Users\User\Desktop\2016.7.29\33.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\34.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\35.vir
[0] Archive type: NSIS
--> ProgramFilesDir/AnimGif.dll
      [DETECTION] Is the TR/Injector.AM.16896 Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\36.vir
  [DETECTION] Is the TR/Dropper.MSIL.wxnj Trojan
C:\Users\User\Desktop\2016.7.29\37.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.kkww
C:\Users\User\Desktop\2016.7.29\39.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\40.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.73555 Java script virus
C:\Users\User\Desktop\2016.7.29\42.vir
  [DETECTION] Is the TR/Injector.wvil Trojan
C:\Users\User\Desktop\2016.7.29\43.vir
  [DETECTION] Contains recognition pattern of the WORM/Lovsan.F.1 worm
C:\Users\User\Desktop\2016.7.29\44.vir
  [DETECTION] Contains recognition pattern of the WORM/Lovsan.F.1 worm
C:\Users\User\Desktop\2016.7.29\45.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.icir Java script virus
C:\Users\User\Desktop\2016.7.29\46.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.29\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.73555 Java script virus
C:\Users\User\Desktop\2016.7.29\49.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.treb Java script virus[/mw_shl_code]

显示全部楼层 · 发表于 2016-7-29 09:24:47

本帖最后由叶无道于 2016-7-29 09:26 编辑

avg

显示全部楼层 · 发表于 2016-7-29 09:26:17

本帖最后由挥泪斩情思于 2016-7-29 09:37 编辑

NS

检出22X，剩余28X，无修复

显示全部楼层 · 发表于 2016-7-29 09:42:26

小红伞

显示全部楼层 · 发表于 2016-7-29 09:56:55

本帖最后由 a1414007 于 2016-7-29 10:03 编辑

BDTS
统计结果

原始文件数量: 50

处理项目数量: 44

删除项目数量: 35

修复项目数量: 9

近似查杀率: 88.00 %

任意键返回
有一个修复要重启，就直接删了

[病毒样本] 精睿样本测试（16.7.29）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块