精睿样本测试（16.10.18）

显示全部楼层 · 发表于 2016-10-18 11:33:22

Avira 28x

[mw_shl_code=css,true]Start of the scan: Tuesday, 18 October, 2016  11:23

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.10.18'
C:\Users\User\Desktop\2016.10.18\01.vir
  [DETECTION] Is the TR/Crypt.Xpack.hpmdu Trojan
C:\Users\User\Desktop\2016.10.18\03.vir
  [DETECTION] Contains code of the W2000M/Agent.97931338 macro virus
C:\Users\User\Desktop\2016.10.18\04.vir
  [DETECTION] Is the TR/Dropper.VB.nggne Trojan
C:\Users\User\Desktop\2016.10.18\05.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.10.18\06.vir
  [DETECTION] Contains recognition pattern of the SPR/MPassView.26 program
C:\Users\User\Desktop\2016.10.18\07.vir
  [DETECTION] Contains code of the W2000M/Agent.6046144 macro virus
C:\Users\User\Desktop\2016.10.18\08.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Nemucod.HC Java script virus
C:\Users\User\Desktop\2016.10.18\11.vir
  [DETECTION] Is the TR/AD.Bladabindi.xsmfq Trojan
C:\Users\User\Desktop\2016.10.18\13.vir
  [DETECTION] Contains code of the W2000M/Drop.Agent.21820 macro virus
C:\Users\User\Desktop\2016.10.18\15.vir
  [DETECTION] Is the TR/Dropper.MSIL.xefri Trojan
Successful Cloud SDK initialization and license check.
The file 'C:\Users\User\Desktop\2016.10.18\16.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 5B47A2EC70C79908A6945ACBDD998BF49DA395277285DC07EF010E23C557282C
C:\Users\User\Desktop\2016.10.18\16.vir (SHA-256: 5b47a2ec70c79908a6945acbdd998bf49da395277285dc07ef010e23c557282c)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.18\16.vir' has been uploaded to the Protection Cloud and analyzed.
The file 'C:\Users\User\Desktop\2016.10.18\17.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = C1DEF812013B52A5E62AADCD71CF4EA1573FB3A8049B3EBD22B109C20E2BFB5F
C:\Users\User\Desktop\2016.10.18\17.vir (SHA-256: c1def812013b52a5e62aadcd71cf4ea1573fb3a8049b3ebd22b109c20e2bfb5f)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.18\17.vir' has been uploaded to the Protection Cloud and analyzed.
The Protection Cloud scan of file 'C:\Users\User\Desktop\2016.10.18\19.vir' completed with the error code 0x4C7. SHA256 = B05924E4345F79763B4591FAD9177EBF34BC6D4C32DE41868A8B5D1BCC003CCD
C:\Users\User\Desktop\2016.10.18\19.vir (SHA-256: b05924e4345f79763b4591fad9177ebf34bc6d4c32de41868a8b5d1bcc003ccd)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.18\19.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\User\Desktop\2016.10.18\20.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/ANDR.MobiDash.N.Gen
C:\Users\User\Desktop\2016.10.18\21.vir
  [DETECTION] Is the TR/Yarwi.rjjfp Trojan
C:\Users\User\Desktop\2016.10.18\22.vir
  [DETECTION] Is the TR/Confuser.bpzpw Trojan
C:\Users\User\Desktop\2016.10.18\23.vir
  [DETECTION] Is the TR/Spy.Autoit.maaqf Trojan
C:\Users\User\Desktop\2016.10.18\24.vir
  [DETECTION] Contains suspicious code HEUR/Macro.Downloader
[0] Archive type: Portable Executable Resource
--> C:\Users\User\Desktop\2016.10.18\25.vir
      [1] Archive type: NSIS
   --> ProgramFilesDir/Perl.dll
      [DETECTION] Is the TR/Injector.cazjf Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.10.18\25.vir
  [DETECTION] Is the TR/Injector.cazjf Trojan
The Protection Cloud scan of file 'C:\Users\User\Desktop\2016.10.18\26.vir' completed with the error code 0x4C7. SHA256 = A476CF48FF6C8FAEFDDF91B2722298291AC78D87446E01DEAA1700214BE3762B
C:\Users\User\Desktop\2016.10.18\26.vir (SHA-256: a476cf48ff6c8faefddf91b2722298291ac78d87446e01deaa1700214be3762b)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.18\26.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\User\Desktop\2016.10.18\28.vir
  [DETECTION] Contains recognition pattern of the EXP/Pidief.ame exploit
C:\Users\User\Desktop\2016.10.18\29.vir
  [DETECTION] Is the TR/Muldrop.vuwmy Trojan
C:\Users\User\Desktop\2016.10.18\30.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Users\User\Desktop\2016.10.18\32.vir
  [DETECTION] Is the TR/Crypt.ZPACK.tgpnt Trojan
The Protection Cloud scan of file 'C:\Users\User\Desktop\2016.10.18\34.vir' completed with the error code 0x4C7. SHA256 = CE0A905319DC20C297A2B2291BC3FF6CE363081ABA1FB347B33799B541203376
C:\Users\User\Desktop\2016.10.18\34.vir (SHA-256: ce0a905319dc20c297a2b2291bc3ff6ce363081aba1fb347b33799b541203376)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.18\34.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\User\Desktop\2016.10.18\35.vir
  [DETECTION] Contains recognition pattern of the EXP/FLASH.Carbul.Gen exploit
C:\Users\User\Desktop\2016.10.18\37.vir
  [DETECTION] Is the TR/Shakat.hskol Trojan
The Protection Cloud scan of file 'C:\Users\User\Desktop\2016.10.18\38.vir' completed with the error code 0x4C7. SHA256 = EA5DB6893EA60955D1911BA397D73F2A77B6F042E5F4D77C96E8973BD3053DD4
C:\Users\User\Desktop\2016.10.18\38.vir (SHA-256: ea5db6893ea60955d1911ba397d73f2a77b6f042e5f4d77c96e8973bd3053dd4)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.18\38.vir' has been uploaded to the Protection Cloud and analyzed.
--> C:\Users\User\Desktop\2016.10.18\39.vir
      [1] Archive type: ZIP
   --> word/embeddings/oleObject1.bin
      [2] Archive type: OLE
      --> Object
         [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.iica Java script virus
         [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.10.18\39.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.iica Java script virus
C:\Users\User\Desktop\2016.10.18\40.vir
  [DETECTION] Contains code of the W2000M/Agent.97931068 macro virus
C:\Users\User\Desktop\2016.10.18\45.vir
  [DETECTION] Is the TR/Dropper.MSIL.obhtf Trojan
C:\Users\User\Desktop\2016.10.18\47.vir
  [DETECTION] Is the TR/Dropper.MSIL.enztv Trojan
--> C:\Users\User\Desktop\2016.10.18\48.vir
      [1] Archive type: ZIP
   --> Adwind.class
      [DETECTION] Contains recognition pattern of the JAVA/AdWin.psld Java virus
      [WARNING] Infected files in archives cannot be repaired
   --> desinstalador/desins.class
      [DETECTION] Contains recognition pattern of the JAVA/AdWin.psld.7 Java virus
      [WARNING] Infected files in archives cannot be repaired
   --> extra/ClassLoaderMod.class
      [DETECTION] Contains recognition pattern of the JAVA/AdWin.psld.5 Java virus
      [WARNING] Infected files in archives cannot be repaired
   --> extra/Constante.class
      [DETECTION] Contains recognition pattern of the JAVA/Agent.KGBLI Java virus
      [WARNING] Infected files in archives cannot be repaired
   --> plugins/AdwindServer.class
      [DETECTION] Contains recognition pattern of the JAVA/AdWin.psld.1 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.10.18\48.vir
  [DETECTION] Contains recognition pattern of the JAVA/AdWin.psld.1 Java virus
C:\Users\User\Desktop\2016.10.18\49.vir
  [DETECTION] Contains code of the W2000M/Agent.97931338 macro virus
The file 'C:\Users\User\Desktop\2016.10.18\50.vir' was scanned with the Protection Cloud. SHA256 = CA341BC099B36AFD46E9432D66FEA2DA5FA9C8AE7B933C1D2D639D13EF919CC7[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-18 11:37:12

avast7.0 删除21修复3，一共24个

显示全部楼层 · 发表于 2016-10-18 11:48:20

青衣染雪发表于 2016-10-18 12:37
avast7.0 删除21修复3，一共24个

7.0……有夠老啊

显示全部楼层 · 发表于 2016-10-18 11:49:20

驭龙发表于 2016-10-18 10:18
WD测试2016年10月18日 10:24
测试版本和特征库

双击补刀两个和三个衍生物

显示全部楼层 · 发表于 2016-10-18 11:59:11

T.Yoshiyuki 发表于 2016-10-18 11:48
7.0……有夠老啊

我想念老版本的病毒库升级语音提示了

显示全部楼层 · 发表于 2016-10-18 12:01:29

本帖最后由 T.Yoshiyuki 于 2016-10-18 14:27 编辑

FSCS 殺33x 其中修復2x （其中7個——03 49 07 27 24 48 06——清除失敗，手動刪除）
DG封鎖7x

[mw_shl_code=css,true]結果: マルウェア 44 が検出されました。

Trojan.GenericKD.3606071 (ウイルス)
•D:\TEST\daily\2016.10.18\04.vir.exe 処理: 隔離保存済み

Trojan.GenericKD.3596261 (ウイルス)
•D:\TEST\daily\2016.10.18\03.vir.DOC
•D:\TEST\daily\2016.10.18\49.vir.DOC

Trojan.GenericKD.3604951 (ウイルス)
•D:\TEST\daily\2016.10.18\01.vir.exe 処理: 隔離保存済み

Trojan:W97M/Nastjencro.A (ウイルス)
•D:\TEST\daily\2016.10.18\07.vir.DOC
•D:\TEST\daily\2016.10.18\13.vir.DOC 処理: 駆除済み
•D:\TEST\daily\2016.10.18\27.vir.DOC

JS:Trojan.Downloader.Nemucod.BC (ウイルス)
•D:\TEST\daily\2016.10.18\08.vir.JS 処理: 隔離保存済み

Gen:Variant.Symmi.68455 (ウイルス)
•D:\TEST\daily\2016.10.18\10.vir.exe 処理: 隔離保存済み

Gen:Variant.Zusy.207899 (ウイルス)
•D:\TEST\daily\2016.10.18\11.vir.exe 処理: 隔離保存済み

Gen:Variant.Zusy.208234 (ウイルス)
•D:\TEST\daily\2016.10.18\15.vir.exe 処理: 隔離保存済み

Trojan.JS.Downloader.FUS (ウイルス)
•D:\TEST\daily\2016.10.18\18.vir.html 処理: 隔離保存済み

Gen:Variant.MSILPerseus.54814 (ウイルス)
•D:\TEST\daily\2016.10.18\22.vir.exe 処理: 隔離保存済み

Gen:Variant.Barys.51267 (ウイルス)
•D:\TEST\daily\2016.10.18\21.vir.exe 処理: 隔離保存済み

Trojan:W97M/MaliciousMacro.GEN (ウイルス)
•D:\TEST\daily\2016.10.18\24.vir.DOC

Trojan.GenericKD.3604832 (ウイルス)
•D:\TEST\daily\2016.10.18\23.vir.exe 処理: 隔離保存済み

Android.Trojan.Downloader.CI (ウイルス)
•D:\TEST\DAILY\2016.10.18\20.VIR.APK 処理: 隔離保存済み

Trojan.GenericKD.3599067 (ウイルス)
•D:\TEST\daily\2016.10.18\26.vir.exe 処理: 隔離保存済み

Trojan.GenericKD.3607636 (ウイルス)
•D:\TEST\daily\2016.10.18\25.vir.exe\stream_215.bin
•D:\TEST\daily\2016.10.18\25.vir.exe\stream_215.bin

Trojan.GenericKD.3598254 (ウイルス)
•D:\TEST\daily\2016.10.18\25.vir.exe 処理: 隔離保存済み

Gen:Variant.Symmi.65774 (ウイルス)
•D:\TEST\daily\2016.10.18\30.vir.exe 処理: 隔離保存済み

Trojan.GenericKD.3597938 (ウイルス)
•D:\TEST\daily\2016.10.18\32.vir.exe 処理: 隔離保存済み

Script.SWF.C259 (ウイルス)
•D:\TEST\daily\2016.10.18\35.vir.swf 処理: 隔離保存済み

PDF:Exploit.PDF-JS.AIU (ウイルス)
•D:\TEST\daily\2016.10.18\28.vir.pdf 処理: 隔離保存済み

Gen:Variant.Katusha.5 (ウイルス)
•D:\TEST\daily\2016.10.18\37.vir.exe 処理: 隔離保存済み

Gen:Variant.Graftor.303294 (ウイルス)
•D:\TEST\daily\2016.10.18\38.vir.exe 処理: 隔離保存済み

W97M.Downloader.ENV (ウイルス)
•D:\TEST\daily\2016.10.18\40.vir.DOC 処理: 駆除済み

Trojan.GenericKD.3604035 (ウイルス)
•D:\TEST\daily\2016.10.18\45.vir.exe 処理: 隔離保存済み

Trojan.GenericKD.3601653 (ウイルス)
•D:\TEST\daily\2016.10.18\44.vir.exe 処理: 隔離保存済み

Trojan.GenericKD.3608189 (ウイルス)
•D:\TEST\daily\2016.10.18\47.vir.exe 処理: 隔離保存済み

Trojan.GenericKD.3603570 (ウイルス)
•D:\TEST\daily\2016.10.18\43.vir.exe 処理: 隔離保存済み

Trojan.Ratty.A (ウイルス)
•D:\TEST\daily\2016.10.18\31.vir.ZIP\de\sogomn\rat\RattyClient.class
•D:\TEST\daily\2016.10.18\31.vir.ZIP 処理: 隔離保存済み

Trojan.Java.Agent.BN (ウイルス)
•D:\TEST\daily\2016.10.18\48.vir.ZIP\Adwind.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP 処理: 隔離保存済み

Java.Trojan.Adwind.BQ (ウイルス)
•D:\TEST\daily\2016.10.18\48.vir.ZIP\desinstalador\desins.class

Java.Trojan.Adwind.BR (ウイルス)
•D:\TEST\daily\2016.10.18\48.vir.ZIP\extra\ClassLoaderMod.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP\extra\Constante.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP\opciones\Interface_.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP\plugins\AdwindServer.class

Java.Trojan.Adwind.BS (ウイルス)
•D:\TEST\daily\2016.10.18\48.vir.ZIP\extra\Constantes$1.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP\opciones\Archivo.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP\opciones\OrdenCaptura.class
•D:\TEST\daily\2016.10.18\48.vir.ZIP\plugins\PluginsTotales_in.class

リスクウェアが見つかりました。
Application.HackTool.PassView (リスクウェア) •D:\TEST\daily\2016.10.18\06.vir.exe
[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-18 12:12:05

BD：共检测出30个，其中修复5个。

显示全部楼层 · 发表于 2016-10-18 12:23:28

扫描时间：[2016-10-18 12:22:15]
扫描用时：[00:00:06]
扫描类型：自定义查杀
扫描文件总数：327
扫描速度：46文件/秒
发现威胁：27个
清除威胁：27个
=============================================
[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\01.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\14.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\25.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\25.vir/<a:nsis>/25/<a:nsis>/晙\perl.dll
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\26.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\04.vir
类型：win32.hack.tofsee.y.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\06.vir
类型：win32.hacktool.mailpassview.v.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\10.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\11.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\12.vir
类型：win32.heur.kvmh008.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\15.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\16.vir
类型：win32.heur.kvmh008.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\19.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\21.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\22.vir
类型：win32.hacktool.undef.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\23.vir
类型：win32.troj.autoit.f.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\29.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\30.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\32.vir
类型：win32.troj.inject.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\34.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\37.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\38.vir
类型：win32.trojdownloader.agent.hh.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\44.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\45.vir
类型：win32.heur.kvmh008.a.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\46.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\47.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-18 12:23:10]
威胁：f:\浏览器下载\2016.10.18\50.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

显示全部楼层 · 发表于 2016-10-18 12:45:53

GreenCodes 发表于 2016-10-18 11:49
双击补刀两个和三个衍生物

你也玩WD了？

显示全部楼层 · 发表于 2016-10-18 13:26:01

本帖最后由星云劫于 2016-10-18 13:29 编辑

瑞星安全云终端解压后监控杀掉19个，修复5个，总计24个

无双击。尝试右键扫描，没有发现补刀。

[病毒样本] 精睿样本测试（16.10.18）

本帖子中包含更多资源

本帖子中包含更多资源