精睿样本测试（16.9.19）

qq271199810

avast解压杀13 扫描杀13剩余24

不宜诺斯艾里斯

卡巴 解压28kill 扫描1kill

skycai

心醉咖啡 发表于 2016-9-19 09:17
毒霸一扫kill1X，牛

bbszy

mcafee 37x 其中修复1x

好想用EMSI

时间  文件路径  威胁类型  结果  对应进程  
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\46.vir.html  Trojan.Obfus/JS!1.A5EB  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\16.vir.exe>>147CDD218CBE  Ransom.Vaultcrypt!8.6376  清除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\28.vir.exe  Downloader.Silcon!8.2D0A  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\37.vir.exe  Malware.TrojanSpy!8.1BF  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\39.vir.exe  Trojan.Generic!8.C3  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\40.vir.exe  Trojan.VBInject!1.64FE  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\41.vir.exe  Trojan.DownloadSponsor!1.A479  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\42.vir.exe  Trojan.Injector!8.C4  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\47.vir.dll  Ransom.Locky!8.1CD4  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\49.vir.exe  Dropper.Generic!8.35E  删除   
2016-09-19 10:40:31  D:\360极速浏览器下载\2016.9.19\50.vir.exe  Trojan.Inject!8.103  删除   
2016-09-19 10:40:30  D:\360极速浏览器下载\2016.9.19\32.vir.html>>jscript  Trojan.Obfus/JS!1.A5EB  删除   
2016-09-19 10:40:29  D:\360极速浏览器下载\2016.9.19\21.vir.html  Trojan.Obfus/JS!1.A5EB  删除   
2016-09-19 10:40:29  D:\360极速浏览器下载\2016.9.19\02.vir.exe  Malware.Obscure/Heur!1.9E03  删除   
2016-09-19 10:40:29  D:\360极速浏览器下载\2016.9.19\14.vir.exe  Malware.Undefined!8.C  删除   
2016-09-19 10:40:29  D:\360极速浏览器下载\2016.9.19\22.vir.dll  Ransom.Locky!8.1CD4  删除   
2016-09-19 10:40:29  D:\360极速浏览器下载\2016.9.19\24.vir.html  Trojan.Obfus/JS!1.A5EB  删除   
瑞星V17

欧阳宣

诺顿检测31个，修复0
[mw_shl_code=css,true]Resolved Threats:
Risks in compressed file "12.vir"
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
[__substg1.0_37010102] inside of [d:\virus\2016.9.19\12.vir] - Fully Resolved


Bloodhound.PDF.3
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\11.vir - Deleted
1 Browser Cache



JS.Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
14 Infected Files
d:\virus\2016.9.19\10.vir - Deleted
d:\virus\2016.9.19\19.vir - Deleted
d:\virus\2016.9.19\21.vir - Deleted
d:\virus\2016.9.19\24.vir - Deleted
d:\virus\2016.9.19\25.vir - Deleted
d:\virus\2016.9.19\04.vir - Deleted
d:\virus\2016.9.19\17.vir - Deleted
d:\virus\2016.9.19\05.vir - Deleted
d:\virus\2016.9.19\18.vir - Deleted
d:\virus\2016.9.19\29.vir - Deleted
d:\virus\2016.9.19\45.vir - Deleted
d:\virus\2016.9.19\46.vir - Deleted
d:\virus\2016.9.19\32.vir - Deleted
d:\virus\2016.9.19\34.vir - Deleted
1 Browser Cache



Trojan.Swifi
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\26.vir - Deleted
1 Browser Cache



Heur.AdvML.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\15.vir - Deleted
1 Browser Cache



Heur.AdvML.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\16.vir - Deleted
1 Browser Cache



Trojan.Gen.2
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
4 Infected Files
d:\virus\2016.9.19\22.vir - Deleted
d:\virus\2016.9.19\28.vir - Deleted
d:\virus\2016.9.19\37.vir - Deleted
d:\virus\2016.9.19\50.vir - Deleted
1 Browser Cache



Trojan.Gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
4 Infected Files
d:\virus\2016.9.19\14.vir - Deleted
d:\virus\2016.9.19\47.vir - Deleted
d:\virus\2016.9.19\49.vir - Deleted
d:\virus\2016.9.19\42.vir - Deleted
1 Browser Cache



Trojan.Dualtoy
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\30.vir - Deleted
1 Browser Cache



Heur.AdvML.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\39.vir - Deleted
1 Browser Cache



Backdoor.Trojan
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
3 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\->EnableLUA:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
1 Infected File
d:\virus\2016.9.19\02.vir - Deleted
1 Browser Cache



Heur.AdvML.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.19\40.vir - Deleted
1 Browser Cache[/mw_shl_code]

心醉咖啡

skycai 发表于 2016-9-19 10:29

现在总共杀17X

wajika

病毒信息
附件 2016.9.19.7z 含有JS/DwnLdr-OPS;Troj/JSDldr-TL;Troj/JSDown-CQ;Troj/PDFJs-O;Troj/DocDl-EUP;Troj/JsDwnLdr-T;JS/Dwnldr-OPP;JS/DwnLdr-OPI;JS/Dldr-NR;Mal/RansomDl-C;JS/Dldr-NR;JS/Dwnldr-OPP;Troj/JSDldr-TF;JS/DwnLdr-OPF;JS/Dwnldr-OPP;Troj/DocDL-EUM;JS/Dldr-NR;Mal/Locky-B病毒  清除失败

Prince云

360 Total Security【联网】扫描0X，上传17未知文件分析，分析7文件为病毒，10文件为无威胁！
[mw_shl_code=html,true]360 Total Security扫描日志
扫描时间：2016-09-19 13:33:15
扫描用时：00:00:04
扫描项目总数：50
威胁总数：0
处理威胁数：0
扫描选项
----------------------
扫描压缩包：否
常规引擎设置：未开启小红伞和Bitdefender引擎
扫描内容
----------------------
C:\Users\MICROMINE\桌面\2016.9.19\
扫描结果
======================
未发现威胁[/mw_shl_code]



上传后扫描7X
[mw_shl_code=html,true]360 Total Security扫描日志
扫描时间：2016-09-19 13:58:54
扫描用时：00:00:05
扫描项目总数：50
威胁总数：7
处理威胁数：7
扫描选项
----------------------
扫描压缩包：否
常规引擎设置：未开启小红伞和Bitdefender引擎
扫描内容
----------------------
C:\Users\MICROMINE\桌面\2016.9.19\
扫描结果
======================
高风险项目
----------------------
C:\Users\MICROMINE\桌面\2016.9.19\15.vir        HEUR/QVM03.0.EC4A.Malware.Gen        已处理
C:\Users\MICROMINE\桌面\2016.9.19\28.vir        Win32/Trojan.3d3        已处理
C:\Users\MICROMINE\桌面\2016.9.19\37.vir        Win32/Trojan.4d4        已处理
C:\Users\MICROMINE\桌面\2016.9.19\42.vir        Win32/Trojan.Dropper.fb7        已处理
C:\Users\MICROMINE\桌面\2016.9.19\49.vir        HEUR/QVM03.0.EC4A.Malware.Gen        已处理
C:\Users\MICROMINE\桌面\2016.9.19\47.vir        Script/Virus.bc3        已处理
C:\Users\MICROMINE\桌面\2016.9.19\50.vir        HEUR/QVM03.0.EC4A.Malware.Gen        已处理[/mw_shl_code]

Eset小粉絲

AVIRA 18号的库杀 35X 20号的库 再杀1个