精睿样本测试（16.9.1）

显示全部楼层 · 发表于 2016-9-1 09:09:20

地址：

http://pan.baidu.com/s/1jIz1DIm 提取密码 h5t2

http://www.vdisk.cn/down/index/19732665

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-9-1 09:26:13

本帖最后由 tomochan 于 2016-9-1 09:37 编辑

avast监控+扫描检出13X（高启发+PUP）

显示全部楼层 · 发表于 2016-9-1 09:26:33

MSE

[mw_shl_code=css,true]Scan started on Thu Sep 01 09:24:09 2016

C:\Users\XuanXia\Desktop\2016.9.1\01.vir->word/vbaProject.bin       Infected: TrojanDownloader:O97M/Donoff.CI
C:\Users\XuanXia\Desktop\2016.9.1\06.vir->(SCRIPT0000)                Infected: TrojanDownloader:JS/Nemucod.PP
C:\Users\XuanXia\Desktop\2016.9.1\09.vir->(GZip)->Scan2016082790.exe Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.9.1\11.vir                            Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.9.1\12.vir->word/vbaProject.bin       Infected: TrojanDownloader:O97M/Donoff.CI
C:\Users\XuanXia\Desktop\2016.9.1\17.vir                            Infected: Trojan:Win32/Ghokswa
C:\Users\XuanXia\Desktop\2016.9.1\18.vir->word/vbaProject.bin       Infected: TrojanDownloader:O97M/Donoff.CI
C:\Users\XuanXia\Desktop\2016.9.1\20.vir->(RtfExtraData)             Infected: Exploit:Win32/CVE-2012-0158[non_writable_container]
C:\Users\XuanXia\Desktop\2016.9.1\26.vir                            Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.9.1\28.vir                            Infected: Trojan:Win32/Pdfphish.AF
C:\Users\XuanXia\Desktop\2016.9.1\31.vir->x/abcabcabcabcr.class       Infected: Trojan:Java/Adwind
C:\Users\XuanXia\Desktop\2016.9.1\34.vir                            Infected: Trojan:Win32/Matta.A!gfc
C:\Users\XuanXia\Desktop\2016.9.1\35.vir->x/abcabcabcabcr.class       Infected: Trojan:Java/Adwind
C:\Users\XuanXia\Desktop\2016.9.1\37.vir                            Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.9.1\38.vir->(pdf0000:)                Suspicious: Exploit:JS/ShellCode.gen [generic] [submit_sample] [non_writable_container]
C:\Users\XuanXia\Desktop\2016.9.1\38.vir->(pdf0002:)                Infected: Exploit:Win32/CVE-2011-2462.D [non_writable_container]
C:\Users\XuanXia\Desktop\2016.9.1\39.vir                            Infected: TrojanDownloader:JS/Nemucod.FG
C:\Users\XuanXia\Desktop\2016.9.1\41.vir                            Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.9.1\43.vir->word/vbaProject.bin       Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.9.1\47.vir                            Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.9.1\48.vir->word/vbaProject.bin       Infected: TrojanDownloader:O97M/Donoff

Successfully checked: C:\Users\XuanXia\Desktop\2016.9.1

Scan ended on Thu Sep 01 09:24:50 2016

Time: 41 second(s). [0h:00m:41s]
Files/second: 6 (393 Kb/s).
Objects scanned: 273.
Infected: 20. Suspicious: 1. Clean: 252. Different virus bodies: 13.
Files: 50. Directories: 1. Archives: 68. Packed: 11. Mail files: 2.
Warnings: 21. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-1 09:48:45

本帖最后由 Prince云于 2016-9-1 10:04 编辑

360 Total Security【联网】0X，上传13文件分析，10文件为病毒，2文件为无风险，1文件为低风险！
[mw_shl_code=html,true]360 Total Security扫描日志
扫描时间：2016-09-01 09:40:36
扫描用时：00:00:11
扫描项目总数：50
威胁总数：0
处理威胁数：0
扫描选项
----------------------
扫描压缩包：否
常规引擎设置：未开启小红伞和Bitdefender引擎
扫描内容
----------------------
D:\Data\桌面\2016.9.1\
扫描结果
======================
未发现威胁[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-1 09:50:04

扫描时间：[2016-09-01 09:49:23]
扫描用时：[00:00:05]
扫描类型：自定义查杀
扫描文件总数：239
扫描速度：39文件/秒
发现威胁：7个
清除威胁：7个
=============================================
[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\27.vir
类型：win32.troj.generic_a.c.(kcloud)
处理方式：删除

[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\07.vir
类型：win32.heur.kvmh008.a.(kcloud)
处理方式：删除

[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\08.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\10.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\15.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\46.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-09-01 09:49:41]
威胁：f:\浏览器下载\2016.9.1\50.vir
类型：win32.hack.androm.km.(kcloud)
处理方式：删除

显示全部楼层 · 发表于 2016-9-1 10:00:25

显示全部楼层 · 发表于 2016-9-1 10:01:09

本帖最后由 rrorr 于 2016-9-1 10:11 编辑

AVG21x

显示全部楼层 · 发表于 2016-9-1 10:06:22

[mw_shl_code=css,true]Huorong Network Security Suite v3.0.46.1 (Last update: 2016-08-31 16:48)
Copyright (C) Huorong Borui (Beijing) Technology Co., Ltd. All rights reserved.

Scan engine version:v3.0.4.0
Signature database fingerprint: 988ab08:a37c089:96c3268:96c3268
Signature database timestamp: 2016-08-31 16:48

Scan started at: 2016-09-01 09:49:34

D:\2016.9.1\31.vir >> x\abcabcabcabcc.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcp.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcx.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcu.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcl.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcr.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcs.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcj.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabce.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcm.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcw.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabci.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabco.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcf.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabct.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcd.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcn.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcz.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabch.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcy.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcb.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcg.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcv.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabcq.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> x\abcabcabcabca.class: Trojan/Java.Adwind
D:\2016.9.1\31.vir >> lolipop\StreamMainer.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcc.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcp.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcx.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcu.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcl.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcr.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcs.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcj.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabce.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcm.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcw.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabci.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabco.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcf.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabct.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcd.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcn.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcz.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabch.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcy.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcb.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcg.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcv.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabcq.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> x\abcabcabcabca.class: Trojan/Java.Adwind
D:\2016.9.1\35.vir >> lolipop\StreamMainer.class: Trojan/Java.Adwind
D:\2016.9.1\37.vir: TrojanDownloader/JS.Nemucod.ee
D:\2016.9.1\39.vir: TrojanDownloader/JS.Nemucod.eh
D:\2016.9.1\41.vir: TrojanDownloader/JS.Nemucod.ee
D:\2016.9.1\43.vir >> word\vbaProject.bin: OMacro/Downloader
D:\2016.9.1\47.vir: TrojanDownloader/JS.Nemucod.ed
D:\2016.9.1\48.vir >> word\vbaProject.bin: OMacro/Downloader.iv

Scan completed at: 2016-09-01 09:49:49

Total:          50 file(s), 471 objects(s)
Infected:       8 file(s), 58 objects(s)
Deleted:          0 file(s), 0 failure(s)
Disinfected:    0 file(s), 0 failure(s)
Duration:       00:00:15
[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-1 10:14:53

rrorr 发表于 2016-9-1 10:01
AVG21x

扫描设置里各项确认开到最高了吗……

显示全部楼层 · 发表于 2016-9-1 10:22:51

wu5920 发表于 2016-9-1 10:06
[mw_shl_code=css,true]Huorong Network Security Suite v3.0.46.1 (Last update: 2016-08-31 16:48)
Copy ...

其实就报了31、35两个嘛……

[病毒样本] 精睿样本测试（16.9.1）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块