精睿样本测试（16.9.20）

显示全部楼层 · 发表于 2016-9-20 09:36:39

地址：

https://pan.baidu.com/s/1bYE4IM 提取密码 72r9

http://www.vdisk.cn/down/index/19734599

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-9-20 09:48:07

AVG 19X

显示全部楼层 · 发表于 2016-9-20 09:50:38

AVIRA 28X

[mw_shl_code=css,true]Start of the scan: Tuesday, 20 September, 2016  09:49

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.9.20'
C:\Users\User\Desktop\2016.9.20\02.vir
  [DETECTION] Is the TR/Agent.qwuxs Trojan
C:\Users\User\Desktop\2016.9.20\04.vir
  [DETECTION] Is the TR/Crypt.Xpack.esnbq Trojan
C:\Users\User\Desktop\2016.9.20\05.vir
  [DETECTION] Is the TR/Locky.iurrr Trojan
C:\Users\User\Desktop\2016.9.20\06.vir
  [DETECTION] Is the TR/Agent.45056.2065 Trojan
C:\Users\User\Desktop\2016.9.20\07.vir
  [DETECTION] Is the TR/Dropper.MSIL.cjfpc Trojan
C:\Users\User\Desktop\2016.9.20\09.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Krypt.915164 Java script virus
C:\Users\User\Desktop\2016.9.20\10.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Users\User\Desktop\2016.9.20\11.vir
  [DETECTION] Is the TR/Confuser.juq Trojan
C:\Users\User\Desktop\2016.9.20\14.vir
  [DETECTION] Is the TR/Spy.Gen Trojan
C:\Users\User\Desktop\2016.9.20\18.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Krypt.915164 Java script virus
C:\Users\User\Desktop\2016.9.20\22.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/Adware.sydc
C:\Users\User\Desktop\2016.9.20\23.vir
  [DETECTION] Contains code of the X2000M/Agent.15190 Excel macro virus
C:\Users\User\Desktop\2016.9.20\25.vir
  [DETECTION] Is the TR/Agent.pyu Trojan
C:\Users\User\Desktop\2016.9.20\27.vir
  [DETECTION] Is the TR/AD.Bladabindi.plcvl Trojan
C:\Users\User\Desktop\2016.9.20\28.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71677 Java script virus
C:\Users\User\Desktop\2016.9.20\30.vir
  [DETECTION] Is the TR/Crypt.ZPACK.rhxma Trojan
C:\Users\User\Desktop\2016.9.20\32.vir
  [DETECTION] Is the TR/Crypt.Xpack.tttle Trojan
C:\Users\User\Desktop\2016.9.20\33.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Krypt.916162 Java script virus
C:\Users\User\Desktop\2016.9.20\34.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71699 Java script virus
C:\Users\User\Desktop\2016.9.20\36.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.bngz back-door program
C:\Users\User\Desktop\2016.9.20\39.vir
  [DETECTION] Is the TR/Agent.fboq Trojan
C:\Users\User\Desktop\2016.9.20\40.vir
  [DETECTION] Is the TR/AD.Locky.M.ljkj Trojan
C:\Users\User\Desktop\2016.9.20\43.vir
  [DETECTION] Is the TR/Peals.viuir Trojan
C:\Users\User\Desktop\2016.9.20\44.vir
  [DETECTION] Is the TR/Delf.Agent.ylqnu Trojan
C:\Users\User\Desktop\2016.9.20\45.vir
  [DETECTION] Is the TR/Agent.konui Trojan
C:\Users\User\Desktop\2016.9.20\47.vir
  [DETECTION] Is the TR/Crypt.Xpack.nzml Trojan
C:\Users\User\Desktop\2016.9.20\48.vir
[0] Archive type: OLE
--> AV0000000f.AV$
      [1] Archive type: 7-Zip
   --> EmiratesNBD_ADVICE.exe
      [DETECTION] Is the TR/Dropper.MSIL.fcal Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.20\49.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.CG.100 Java script virus[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-20 09:52:09

bd 22个

显示全部楼层 · 发表于 2016-9-20 10:09:17

[mw_shl_code=html,true]【扫描信息】

开始时间:2016-9-20 10:04:09
扫描用时:00:00:07
扫描类型:指定位置杀毒
扫描引擎:管家云查杀引擎管家反病毒引擎管家系统修复引擎
扫描状态:扫描完成

【扫描结果】

扫描文件数:50
发现风险数:13
已处理风险数:13

---------------------
2016-9-20 10:04:19 MD5:25da1e0c96dc8842a354055286217d30 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\27.vir [Msil.Trojan.Zapchast.wurb]  [删除成功]
2016-9-20 10:04:19 MD5:94e8aefdc343f8fe43c7bb9db4ea96a6 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\07.vir [Msil.Trojan.Smalo.lmld]  [删除成功]
2016-9-20 10:04:19 MD5:ea9c5ea58baf21da123327e0f14043ac C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\40.vir [Win32.Trojan.Locky.htmp]  [删除成功]
2016-9-20 10:04:19 MD5:562ddc8a04f4ac43e1ef993fa3f85e9e C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\05.vir [Win32.Trojan.Locky.pfjv]  [删除成功]
2016-9-20 10:04:19 MD5:1335712a183d2b0728d5b658149d29c2 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\14.vir [Win32.Trojan.Spy.wqmx]  [删除成功]
2016-9-20 10:04:20 MD5:864cfe4c5f8c252583afd2dc87f8b61a C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\44.vir [Win32.Trojan.ATRAPS.hrfg]  [删除成功]
2016-9-20 10:04:20 MD5:000419a5a8b18f65ba3331964babbdb9 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\04.vir [Win32.Trojan.Ircbot.egej]  [删除成功]
2016-9-20 10:04:20 MD5:3b146eee041e3a8e8f6e0208633fbe04 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\24.vir [Win32.Trojan.Cosmu.efav]  [删除成功]
2016-9-20 10:04:20 MD5:0954b8dfef0555dbc4dcef0594dfc462 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\32.vir [Win32.Trojan.Generic.lhnd]  [删除成功]
2016-9-20 10:04:20 MD5:decfe641f84a77d4253c807dfe9862ff C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\02.vir [Win32.Trojan.Kryptik.bnk]  [删除成功]
2016-9-20 10:04:20 MD5:4386142340e164e6898259e397734542 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\06.vir [Gen:Variant.Graftor.290457]  [删除成功]
2016-9-20 10:04:20 MD5:38cc1efd28df3f60fc2fb0f60dbdd737 C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\48.vir --> (attachment) --> EmiratesNBD_ADVICE.exe [Trojan.GenericKD.3295982]  [删除成功]
2016-9-20 10:04:20 MD5:3e0d72733203e999b7ca2c8a13c1d7ce C:\Users\Joyzz_Android01\Desktop\样本\2016.9.20\11.vir [Trojan.Generic.17949563]  [删除成功]
---------------------
[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-20 10:10:28

诺顿检测28个。
[mw_shl_code=css,true]Resolved Threats:
Risks in compressed file "48.vir"
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
[emiratesnbd_advice.exe] inside of [__substg1.0_37010102] inside of [d:\virus\2016.9.20\48.vir] - Fully Resolved

JS.Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
8 Infected Files
d:\virus\2016.9.20\13.vir - Deleted
d:\virus\2016.9.20\18.vir - Deleted
d:\virus\2016.9.20\28.vir - Deleted
d:\virus\2016.9.20\29.vir - Deleted
d:\virus\2016.9.20\09.vir - Deleted
d:\virus\2016.9.20\33.vir - Deleted
d:\virus\2016.9.20\34.vir - Deleted
d:\virus\2016.9.20\49.vir - Deleted
1 Browser Cache

Trojan.Mdropper
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\23.vir - Deleted
1 Browser Cache

Suspicious.Cloud.5
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\12.vir - Deleted
1 Browser Cache

Trojan.Gen.2
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
7 Infected Files
d:\virus\2016.9.20\14.vir - Deleted
d:\virus\2016.9.20\39.vir - Deleted
d:\virus\2016.9.20\11.vir - Deleted
d:\virus\2016.9.20\44.vir - Deleted
d:\virus\2016.9.20\27.vir - Deleted
d:\virus\2016.9.20\43.vir - Deleted
d:\virus\2016.9.20\06.vir - Deleted
1 Browser Cache

Trojan.Gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
3 Infected Files
d:\virus\2016.9.20\24.vir - Deleted
d:\virus\2016.9.20\30.vir - Deleted
d:\virus\2016.9.20\47.vir - Deleted
1 Browser Cache

Trojan.Bayrob!g11
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\32.vir - Deleted
1 Browser Cache

Heur.AdvML.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\26.vir - Deleted
1 Browser Cache

Backdoor.Trojan
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
3 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\->EnableLUA:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
2 Infected Files
d:\virus\2016.9.20\36.vir - Deleted
d:\virus\2016.9.20\04.vir - Deleted
1 Browser Cache

Heur.AdvML.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\37.vir - Deleted
1 Browser Cache

Ransom.Locky!g4
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\40.vir - Deleted
1 Browser Cache

Trojan Horse
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 Infected File
d:\virus\2016.9.20\02.vir - Deleted
1 Browser Cache[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-20 10:17:56

显示全部楼层 · 发表于 2016-9-20 10:23:15

火绒 13X
[mw_shl_code=css,true]Huorong Network Security Suite v3.0.47.8 (Last update: 2016-09-19 16:28)
Copyright (C) Huorong Borui (Beijing) Technology Co., Ltd. All rights reserved.

Scan engine version:v3.0.4.0
Signature database fingerprint: 988ab08:ce849ce:d90b6de:d90b6de
Signature database timestamp: 2016-09-19 16:28

Scan started at: 2016-09-20 09:46:05

D:\vc52\2016.9.20\04.vir: HEUR:VirTool/Obfuscator.gen!C
D:\vc52\2016.9.20\09.vir: TrojanDownloader/JS.Nemucod.eq
D:\vc52\2016.9.20\10.vir: HEUR:Trojan/Cryobf
D:\vc52\2016.9.20\18.vir: TrojanDownloader/JS.Nemucod.eq
D:\vc52\2016.9.20\23.vir: OMacro/Downloader
D:\vc52\2016.9.20\27.vir: TrojanDropper/MSIL.Agent.n
D:\vc52\2016.9.20\28.vir: TrojanDownloader/JS.Nemucod.ei
D:\vc52\2016.9.20\33.vir: TrojanDownloader/JS.Nemucod.ei
D:\vc52\2016.9.20\35.vir: TrojanDropper/MSIL.Agent.n
D:\vc52\2016.9.20\40.vir: Ransom/Locky.b
D:\vc52\2016.9.20\32.vir: HVM:Trojan/Bayrob.d
D:\vc52\2016.9.20\43.vir: HVM:VirTool/Obfuscator.gen!B
D:\vc52\2016.9.20\47.vir: VirTool/Kovter.p

Scan completed at: 2016-09-20 09:46:15

Total:          50 file(s), 225 objects(s)
Infected:       13 file(s), 13 objects(s)
Deleted:          0 file(s), 0 failure(s)
Disinfected:    0 file(s), 0 failure(s)
Duration:       00:00:10
[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-20 10:26:53

显示全部楼层 · 发表于 2016-9-20 11:29:25

蓝天二号发表于 2016-9-20 09:48
AVG 19X

今天成绩不太好啊。G到期需要续费了。。。

[病毒样本] 精睿样本测试（16.9.20）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块