精睿样本测试（16.10.30）

显示全部楼层 · 发表于 2016-10-31 10:11:54

360杀毒扫描日志

病毒库版本：2016-10-30 11:28
扫描时间：2016-10-31 10:08:10
扫描用时：00:00:47
扫描类型：右键扫描
扫描文件总数：50
项目总数：28
清除项目数：28

扫描选项
----------------------
扫描所有文件：否
扫描压缩包：否
发现病毒处理方式：由用户选择处理
扫描磁盘引导区：是
扫描 Rootkit：否
使用云查杀引擎：是
使用QVM人工智能引擎：是
扫描建议修复项：是
常规引擎设置：Avira(小红伞)

扫描内容
----------------------
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本

白名单设置
----------------------

扫描结果
======================
高危风险项
----------------------
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\01.vir virus.js.gen.65 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\04.vir virus.js.gen.65 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\07.vir HEUR/QVM10.1.D599.Malware.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\06.vir virus.js.gen.70 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\09.vir BDS.Katien.R 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\10.vir virus.vbs.gen.85 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\16.vir 广告软件(ADWARE.DealPly.hmht) 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\17.vir TR.Dldr.Small.jcdog 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\18.vir virus.js.gen.70 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\19.vir virus.js.gen.1 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\23.vir TR.Crypt.XPACK.Gen7 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\24.vir EXP.FLASH.Lodabytor.M.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\27.vir 广告软件(ADWARE.DealPly.prsc) 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\26.vir 木马程序(trojan.js.downloader.4) 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\32.vir DR.Delphi.Gen8 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\34.vir 广告软件(ADWARE.DealPly.A.52754) 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\33.vir virus.js.gen.70 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\35.vir js.url.downloader.k2 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\38.vir 广告软件(ADWARE.PullUpdate.Gen7) 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\37.vir virus.office.obfuscated.2 已修复
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\25.vir HEUR/QVM42.1.D599.Malware.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\30.vir HEUR/QVM18.1.D599.Malware.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\29.vir HEUR/QVM40.1.D599.Malware.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\43.vir TR.Dropper.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\41.vir virus.office.obfuscated.2 已修复
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\47.vir TR.Downloader.Gen 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\50.vir TR.Crypt.XPACK.Gen3 已删除
C:\Users\chy\Desktop\chrome\2016.10.31 - 副本\48.vir virus.js.gen.1 已删除

显示全部楼层 · 发表于 2016-10-31 10:33:32

本帖最后由 schumi小粉于 2016-10-31 10:51 编辑

红伞剩24个

显示全部楼层 · 发表于 2016-10-31 10:43:31

宇宙無敵SEP14 標準庫版殺26x （其中修復0x）

（右鍵掃描一堆B C 監控補了3個A...）

[mw_shl_code=css,true]sgahuetrwa/rwdfshsdsadqwq.class Trojan.Gen.2
15.vir.ZIP Trojan.Gen.2
01.vir.html JS.Downloader
04.vir.html JS.Downloader
06.vir.html JS.Downloader
07.vir.exe Heur.AdvML.B
10.vir VBS.Downloader.Trojan
11.vir.exe Heur.AdvML.B
16.vir.exe Trojan Horse
17.vir.exe Heur.AdvML.C
18.vir.html JS.Downloader
22.vir.exe Trojan.Gen.2
23.vir.exe Heur.AdvML.B
25.vir.exe Heur.AdvML.B
27.vir.exe Trojan Horse
29.vir.dll Ransom.Locky
32.vir.exe Trojan Horse
33.vir.html JS.Downloader
34.vir.exe Heur.AdvML.B
35.vir.html JS.Nemucod
38.vir.exe Heur.AdvML.B
43.vir.exe Heur.AdvML.C
45.vir.js Trojan.Malscript
50.vir.exe Trojan.Gen.2

30.vir.exe Heur.AdvML.A
47.vir.exe Heur.AdvML.A
46.vir.exe Heur.AdvML.A[/mw_shl_code]

另外說是“標準庫版” liveupdate中顯示的SDS庫卻說是“縮小庫”
我裝了兩次都這樣有點奇怪啊
還是說只有暗網版的SDS庫是“完整”的？

显示全部楼层 · 发表于 2016-10-31 11:36:04

本帖最后由 Eset小粉絲于 2016-10-31 11:38 编辑

Avira 29x    @schumi小粉

[mw_shl_code=css,true]Start of the scan: Monday, 31 October, 2016  11:34

Starting the file scan:

Begin scan in 'C:\Users\Ivan\Desktop\2016.10.31'
C:\Users\Ivan\Desktop\2016.10.31\01.vir
  [DETECTION] Contains recognition pattern of the JS/Crypted.pglioo Java script virus
C:\Users\Ivan\Desktop\2016.10.31\02.vir
[0] Archive type: ACE
--> SWIFT-EUR50052-IMG102816UC_JPEG.scr
      [DETECTION] Is the TR/Dropper.VB.tilhk Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.31\04.vir
  [DETECTION] Contains recognition pattern of the JS/Crypted.pglioo Java script virus
C:\Users\Ivan\Desktop\2016.10.31\06.vir
  [DETECTION] Contains recognition pattern of the JS/Crypted.pglioo Java script virus
Successful Cloud SDK initialization and license check.
The file 'C:\Users\Ivan\Desktop\2016.10.31\07.vir' was scanned with the Protection Cloud. SHA256 = 6ADEA9FDA3201E798BB110ED01BA593DC12B2C1438453AC4AE9EC19346C83305
C:\Users\Ivan\Desktop\2016.10.31\09.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Katien.R back-door program
C:\Users\Ivan\Desktop\2016.10.31\10.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Locky.EL.1 VBS script virus
C:\Users\Ivan\Desktop\2016.10.31\13.vir
  [DETECTION] Contains code of the ANDROID/Spy.Banker.EQ.Gen virus
C:\Users\Ivan\Desktop\2016.10.31\15.vir
[0] Archive type: ZIP
--> sgahuetrwa/rwdfshsdsadqwq.class
      [DETECTION] Contains recognition pattern of the EXP/JAVA.Adwind.BV.Gen exploit
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.31\16.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.hmht
C:\Users\Ivan\Desktop\2016.10.31\17.vir
  [DETECTION] Is the TR/Dldr.Small.jcdog Trojan
C:\Users\Ivan\Desktop\2016.10.31\18.vir
  [DETECTION] Contains recognition pattern of the JS/Crypted.pglioo Java script virus
The file 'C:\Users\Ivan\Desktop\2016.10.31\22.vir' was scanned with the Protection Cloud. SHA256 = 15997874AC7CD549202A87C1AA9FB199AC6246951A7C8ADE52B941126390FED6
C:\Users\Ivan\Desktop\2016.10.31\22.vir (SHA-256: 15997874ac7cd549202a87c1aa9fb199ac6246951a7c8ade52b941126390fed6)
  [DETECTION] Is the TR/AD.Oxiru.159978 (Cloud) Trojan
C:\Users\Ivan\Desktop\2016.10.31\23.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen7 Trojan
C:\Users\Ivan\Desktop\2016.10.31\24.vir
  [DETECTION] Contains recognition pattern of the EXP/FLASH.Lodabytor.M.Gen exploit
C:\Users\Ivan\Desktop\2016.10.31\25.vir
[0] Archive type: NSIS
--> ProgramFilesDir/Services.dll
      [DETECTION] Is the TR/Injector.btfeq Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.31\27.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.prsc
C:\Users\Ivan\Desktop\2016.10.31\29.vir
  [DETECTION] Is the TR/Peals.fzakn Trojan
The file 'C:\Users\Ivan\Desktop\2016.10.31\30.vir' was scanned with the Protection Cloud. SHA256 = 3D8154F69A14709D4A66C7981DCD3ED922B063DFC74398225FE6DA3303228430
C:\Users\Ivan\Desktop\2016.10.31\30.vir (SHA-256: 3d8154f69a14709d4a66c7981dcd3ed922b063dfc74398225fe6da3303228430)
  [DETECTION] Is the TR/Agent.3d8154 (Cloud) Trojan
C:\Users\Ivan\Desktop\2016.10.31\32.vir
  [DETECTION] Contains recognition pattern of the DR/Delphi.Gen8 dropper
C:\Users\Ivan\Desktop\2016.10.31\33.vir
  [DETECTION] Contains recognition pattern of the JS/Crypted.pglioo Java script virus
C:\Users\Ivan\Desktop\2016.10.31\34.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.A.52754
C:\Users\Ivan\Desktop\2016.10.31\37.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains suspicious code HEUR/Macro.Dropper
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.31\38.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/PullUpdate.Gen7
C:\Users\Ivan\Desktop\2016.10.31\41.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains suspicious code HEUR/Macro.Dropper
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.10.31\43.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2016.10.31\45.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\Ivan\Desktop\2016.10.31\47.vir
  [DETECTION] Is the TR/Downloader.Gen Trojan
C:\Users\Ivan\Desktop\2016.10.31\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.lsod Java script virus
C:\Users\Ivan\Desktop\2016.10.31\50.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen3 Trojan[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-31 12:57:18

Eset小粉絲发表于 2016-10-31 11:36
Avira 29x @schumi小粉

[mw_shl_code=css,true]Start of the scan: Monday, 31 October, 2016 1 ...

扫完后直接上报了，多杀很正常哈

显示全部楼层 · 发表于 2016-10-31 13:48:08

schumi小粉发表于 2016-10-31 12:57
扫完后直接上报了，多杀很正常哈

不上报也会很多云杀出现，，脚本PDFDOC类就需要上报了。

显示全部楼层 · 发表于 2016-10-31 14:22:08

本帖最后由 houtiancheng 于 2016-10-31 14:24 编辑

VirusTotal结果综合，扫描时间都在10点后，报毒名称见附件

[mw_shl_code=css,true]
+------+----------------------+--------------------+------------------------+
| Rank | Anti Virus          | Killed/Scanned/Eff | Effective Killing Rate |
+------+----------------------+--------------------+------------------------+
|  1 | GData             |    32/50/50    |       64.00%       |
|  2 | BitDefender       |    31/50/50    |       62.00%       |
|  2 | Ad-Aware          |    31/50/50    |       62.00%       |
|  2 | Arcabit             |    31/50/50    |       62.00%       |
|  2 | F-Secure          |    31/50/50    |       62.00%       |
|  2 | Qihoo-360          |    31/50/50    |       62.00%       |
|  7 | ESET-NOD32          |    30/50/50    |       60.00%       |
|  7 | Kaspersky          |    30/50/50    |       60.00%       |
|  7 | McAfee             |    30/50/50    |       60.00%       |
|  10  | McAfee-GW-Edition |    29/50/50    |       58.00%       |
|  10  | MicroWorld-eScan    |    29/50/50    |       58.00%       |
|  12  | Emsisoft          |    28/50/50    |       56.00%       |
|  13  | Avast             |    27/50/50    |       54.00%       |
|  13  | Avira             |    27/50/50    |       54.00%       |
|  15  | Rising             |    25/50/50    |       50.00%       |
|  15  | Cyren             |    25/50/50    |       50.00%       |
|  17  | AVG                |    23/50/50    |       46.00%       |
|  17  | Fortinet          |    23/50/50    |       46.00%       |
|  17  | DrWeb             |    23/50/50    |       46.00%       |
|  20  | Antiy-AVL          |    21/50/50    |       42.00%       |
|  20  | Ikarus             |    21/50/50    |       42.00%       |
|  22  | Microsoft          |    20/50/50    |       40.00%       |
|  22  | Symantec          |    20/50/50    |       40.00%       |
|  22  | Sophos             |    20/50/50    |       40.00%       |
|  25  | CrowdStrike       |    18/18/50    |       36.00%       |
|  26  | AVware             |    16/50/50    |       32.00%       |
|  26  | CAT-QuickHeal       |    16/50/50    |       32.00%       |
|  26  | NANO-Antivirus    |    16/50/50    |       32.00%       |
|  29  | Invincea          |    15/19/50    |       30.00%       |
|  29  | F-Prot             |    15/50/50    |       30.00%       |
|  31  | VIPRE             |    14/50/50    |       28.00%       |
|  32  | K7GW                |    13/50/50    |       26.00%       |
|  32  | AhnLab-V3          |    13/50/50    |       26.00%       |
|  34  | Tencent             |    12/49/50    |       24.00%       |
|  35  | Baidu             |    11/50/50    |       22.00%       |
|  36  | TrendMicro          |    10/49/50    |       20.00%       |
|  36  | TrendMicro-HouseCall |    10/48/50    |       20.00%       |
|  36  | Jiangmin          |    10/50/50    |       20.00%       |
|  36  | ALYac             |    10/49/50    |       20.00%       |
|  40  | Yandex             |    9/50/50    |       18.00%       |
|  41  | Panda             |    7/50/50    |       14.00%       |
|  42  | ClamAV             |    6/50/50    |       12.00%       |
|  43  | Bkav                |    5/50/50    |       10.00%       |
|  43  | AegisLab          |    5/49/50    |       10.00%       |
|  43  | Zillya             |    5/50/50    |       10.00%       |
|  46  | K7AntiVirus       |    4/50/50    |       8.00%       |
|  47  | SUPERAntiSpyware    |    3/50/50    |       6.00%       |
|  48  | Comodo             |    2/50/50    |       4.00%       |
|  48  | TheHacker          |    2/50/50    |       4.00%       |
|  48  | Malwarebytes       |    2/50/50    |       4.00%       |
|  51  | Alibaba             |    1/7/50    |       2.00%       |
|  51  | Zoner             |    1/50/50    |       2.00%       |
|  51  | TotalDefense       |    1/46/50    |       2.00%       |
|  54  | VBA32             |    0/50/50    |       0.00%       |
|  54  | Kingsoft          |    0/50/50    |       0.00%       |
|  54  | nProtect          |    0/50/50    |       0.00%       |
|  54  | CMC                |    0/50/50    |       0.00%       |
|  54  | ViRobot             |    0/50/50    |       0.00%       |
+------+----------------------+--------------------+------------------------+
[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-31 14:27:25

houtiancheng 发表于 2016-10-31 14:22
VirusTotal结果综合，扫描时间都在10点后，报毒名称见附件

[mw_shl_code=css,true]

怎么弄的这个

显示全部楼层 · 发表于 2016-10-31 14:54:38

houtiancheng 发表于 2016-10-31 14:22
VirusTotal结果综合，扫描时间都在10点后，报毒名称见附件

[mw_shl_code=css,true]

同问。这是什么新鲜玩意儿

显示全部楼层 · 发表于 2016-10-31 17:22:29

T.Yoshiyuki 发表于 2016-10-31 10:43
宇宙無敵SEP14 標準庫版殺26x （其中修復0x）

（右鍵掃描一堆B C 監控補了3個A...）

怎么设置标准库？

[病毒样本] 精睿样本测试（16.10.30）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

评分

浏览过的版块