精睿样本测试（16.11.17）

540923555

猪头无双 发表于 2016-11-17 11:23
有修复吗？

有，加上修复的，共计22个

猪头无双

540923555 发表于 2016-11-17 11:27
有，加上修复的，共计22个

你是实机测试？看你之前对别的样本回帖的时候，貌似提到了用WD双击似的

qwe12301

自己也尝试了下

Dolby123

WD ~ TOTAL KILL 24X

欧阳宣

gdata检测29，修复2个
[mw_shl_code=css,true]Analysis performed in full: 2016-11-16 11:00:22 PM
    50 files checked
    29 infected files detected
    0 suspicious files found


Archive: 07.vir
        Path: D:\Virus\2016.11.17
        Status: Virus, file deleted
        Virus: Trojan.Doc.Downloader.VU (Engine A)
        ----------------------------------------------------------------
        Object: [Subject: Companies House - new company complaint][Date: Wed, 2 Nov 2016 08:09:28 -0400]=>Complaint.doc
                In archive: D:\Virus\2016.11.17\07.vir
                Status: Virus detected
                Virus: Trojan.Doc.Downloader.VU
        ----------------------------------------------------------------

Object: 06.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Gen:Heur.JS.Downloader.3 (Engine A), Script.Trojan-Downloader.Locky.CQ (Engine B)

Object: 13.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.GenericKD.3709388 (Engine A)

Object: 10.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.RanSerKD.3711206 (Engine A)

Object: 04.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Gen:Variant.Barys.385 (Engine A)

Object: 15.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.GenericKD.3708305 (Engine A)

Object: 16.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.Agent.CBAC (Engine A)

Object: 17.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.GenericKD.3712808 (Engine A)

Object: 19.vir
        Path: D:\Virus\2016.11.17
        Status: File moved to quarantine
        Virus: Script.Trojan.Injector.JX (Engine B)

Object: 23.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.HTML.Phishing.OU (Engine A), Script.Packed.Agent.F@susp (Engine B)

Archive: 24.vir
        Path: D:\Virus\2016.11.17
        Status: Virus, file deleted
        Virus: Generic.Trojan.Agent.43KP62 (Engine B)
        ----------------------------------------------------------------
        Object: word/embeddings/oleObject1.bin
                In archive: D:\Virus\2016.11.17\24.vir
                Status: Virus detected
                Virus: Generic.Trojan.Agent.43KP62
        ----------------------------------------------------------------

Object: 27.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.PDF.Phishing.FK (Engine A)

Object: 29.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.Downloader.JS.ZH (Engine A)

Object: 20.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.Generic.4975592 (Engine A)

Object: 34.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.GenericKD.3700894 (Engine A)

Object: 36.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.GenericKD.3712595 (Engine A)

Object: 25.vir
        Path: D:\Virus\2016.11.17
        Status: File moved to quarantine
        Virus: Trojan.VBS.Downloader.VC (Engine A)

Object: 37.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.JS.Agent.OKU (Engine A)

Archive: 39.vir
        Path: D:\Virus\2016.11.17
        Status: Virus, file deleted
        Virus: Exploit.CVE-2012-0158.Gen (2x) (Engine A)
        ----------------------------------------------------------------
        Object: (objdata)=>(Embedded DocFile g)
                In archive: D:\Virus\2016.11.17\39.vir
                Status: Virus detected
                Virus: Exploit.CVE-2012-0158.Gen
        Object: (objdata)=>(MSComctlLib.ListViewCtrl.2)
                In archive: D:\Virus\2016.11.17\39.vir
                Status: Virus detected
                Virus: Exploit.CVE-2012-0158.Gen
        ----------------------------------------------------------------

Object: 42.vir
        Path: D:\Virus\2016.11.17
        Status: File moved to quarantine
        Virus: Trojan.JS.Downloader.GYP (Engine A)

Object: 43.vir
        Path: D:\Virus\2016.11.17
        Status: File moved to quarantine
        Virus: W97M.Dropper.GK (Engine A), Macro.Trojan-Dropper.Hancitor.B (Engine B)

Object: 44.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.GenericKD.3689401 (Engine A)

Object: 46.vir
        Path: D:\Virus\2016.11.17
        Status: File moved to quarantine
        Virus: Trojan.JS.Downloader.GYQ (Engine A)

Object: 40.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Trojan.RanSerKD.3693589 (Engine A)

Object: 41.vir
        Path: D:\Virus\2016.11.17
        Status: File moved to quarantine
        Virus: Script.Trojan-Downloader.Agent.UI@gen (Engine B)

Object: 48.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: W97M.Downloader.ERB (Engine A)

Object: 49.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: Gen:Variant.Razy.105913 (Engine A)

Object: 50.vir
        Path: D:\Virus\2016.11.17
        Status: Virus removed
        Virus: W97M.Downloader.ERB (Engine A)

Archive: 02.vir
        Path: D:\Virus\2016.11.17
        Status: Virus, file deleted
        Virus: W97M.Downloader.ERM (Engine A)
        ----------------------------------------------------------------
        Object: word/embeddings/oleObject1.bin
                In archive: D:\Virus\2016.11.17\02.vir
                Status: Virus detected
                Virus: W97M.Downloader.ERM[/mw_shl_code]

kepuzhishi

360杀毒扫描日志

病毒库版本：2016-11-17 10:55
扫描时间：2016-11-17 13:13:07
扫描用时：00:00:25
扫描类型：右键扫描
扫描文件总数：50
项目总数：30
清除项目数：0

扫描选项
----------------------
扫描所有文件：否
扫描压缩包：否
发现病毒处理方式：由用户选择处理
扫描磁盘引导区：是
扫描 Rootkit：否
使用云查杀引擎：是
使用QVM人工智能引擎：是
扫描建议修复项：是
常规引擎设置：BitDefender Avira(小红伞)

扫描内容
----------------------
E:\共享盘\精睿样本\2016.11.17


白名单设置
----------------------


扫描结果
======================
高危风险项
----------------------
E:\共享盘\精睿样本\2016.11.17\06.vir        virus.js.gen.100        未处理
E:\共享盘\精睿样本\2016.11.17\07.vir        W97M.Dldr.Agent.fvgrg        未处理
E:\共享盘\精睿样本\2016.11.17\22.vir        virus.office.obfuscated.1        未处理
E:\共享盘\精睿样本\2016.11.17\23.vir        html.script.packed.d        未处理
E:\共享盘\精睿样本\2016.11.17\25.vir        HTML.MHT.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\26.vir        macro.ole.jork.4j        未处理
E:\共享盘\精睿样本\2016.11.17\30.vir        virus.vbs.crypt.c        未处理
E:\共享盘\精睿样本\2016.11.17\31.vir        virus.js.gen.80        未处理
E:\共享盘\精睿样本\2016.11.17\37.vir        virus.js.gen.80        未处理
E:\共享盘\精睿样本\2016.11.17\39.vir        virus.exp.20120158        未处理
E:\共享盘\精睿样本\2016.11.17\41.vir        virus.js.gen.85        未处理
E:\共享盘\精睿样本\2016.11.17\42.vir        js.url.downloader.k        未处理
E:\共享盘\精睿样本\2016.11.17\43.vir        virus.office.gen.100        未处理
E:\共享盘\精睿样本\2016.11.17\04.vir        HEUR/QVM03.0.372E.Malware.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\08.vir        感染型病毒(Win32/Trojan.1d4)        未处理
E:\共享盘\精睿样本\2016.11.17\11.vir        HEUR/QVM03.0.372E.Malware.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\16.vir        感染型病毒(Win32/Trojan.3d5)        未处理
E:\共享盘\精睿样本\2016.11.17\20.vir        感染型病毒(Win32/Trojan.cc2)        未处理
E:\共享盘\精睿样本\2016.11.17\17.vir        Malware.Radar01.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\10.vir        感染型病毒(Win32/Trojan.43a)        未处理
E:\共享盘\精睿样本\2016.11.17\36.vir        感染型病毒(Win32/Trojan.Dropper.0bc)        未处理
E:\共享盘\精睿样本\2016.11.17\38.vir        HEUR/QVM03.0.372E.Malware.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\40.vir        感染型病毒(Win32/Trojan.5e4)        未处理
E:\共享盘\精睿样本\2016.11.17\49.vir        感染型病毒(Win32/Trojan.a72)        未处理
E:\共享盘\精睿样本\2016.11.17\15.vir        HEUR/QVM20.1.3546.Malware.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\35.vir        感染型病毒(Win32/Trojan.Dropper.b73)        未处理
E:\共享盘\精睿样本\2016.11.17\44.vir        TR.Dropper.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\48.vir        virus.office.gen.80        未处理
E:\共享盘\精睿样本\2016.11.17\28.vir        TR.Dropper.Gen        未处理
E:\共享盘\精睿样本\2016.11.17\50.vir        virus.office.gen.80        未处理

Llano_心情

瑞星云安全终端3.0

kill x 17

petr0vic

McAfee VirusScan Enterprise 8.8.1588
5900 Engine Beta 2
DAT: 8351
kill - 20 repair -1 total kill -21

好想用EMSI

[mw_shl_code=css,true]AV/treatment,2016/11/17,15:34:56 +8:00 GMT,Trojan-Dropper.VBS.Agent.fn,C:\Users\Cosmos\Pictures\2016.11.17\09.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:56 +8:00 GMT,UDS:DangerousObject.Multi.Generic,C:\Users\Cosmos\Pictures\2016.11.17\10.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:56 +8:00 GMT,UDS:DangerousObject.Multi.Generic,C:\Users\Cosmos\Pictures\2016.11.17\15.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:56 +8:00 GMT,Trojan.Win32.VBKryjetor.aevc,C:\Users\Cosmos\Pictures\2016.11.17\16.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:56 +8:00 GMT,Trojan-Spy.Win64.Lurk.ap,C:\Users\Cosmos\Pictures\2016.11.17\17.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:56 +8:00 GMT,HEUR:Trojan-Downloader.Script.Generic,C:\Users\Cosmos\Pictures\2016.11.17\18.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:56 +8:00 GMT,HEUR:Trojan-Downloader.Script.Generic,C:\Users\Cosmos\Pictures\2016.11.17\22.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:58 +8:00 GMT,Exploit.HTML.Agent.dq,C:\Users\Cosmos\Pictures\2016.11.17\25.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:58 +8:00 GMT,HEUR:Trojan.Script.Agent.gen,C:\Users\Cosmos\Pictures\2016.11.17\26.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:58 +8:00 GMT,HEUR:Trojan-Downloader.Script.Generic,C:\Users\Cosmos\Pictures\2016.11.17\30.vir,Deleted,Auto
AV/treatment,2016/11/17,15:34:58 +8:00 GMT,Trojan-Spy.Linux.Pymadro.a,C:\Users\Cosmos\Pictures\2016.11.17\32.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,HEUR:Trojan-Downloader.Script.Generic,C:\Users\Cosmos\Pictures\2016.11.17\34.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,Trojan-Dropper.Win32.Injector.pxlg,C:\Users\Cosmos\Pictures\2016.11.17\36.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,HEUR:Trojan.Script.Agent.gen,C:\Users\Cosmos\Pictures\2016.11.17\37.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,Exploit.Win32.CVE-2012-0158.j,C:\Users\Cosmos\Pictures\2016.11.17\39.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,UDS:DangerousObject.Multi.Generic,C:\Users\Cosmos\Pictures\2016.11.17\40.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,Trojan-Downloader.JS.Cryptoload.ars,C:\Users\Cosmos\Pictures\2016.11.17\42.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:00 +8:00 GMT,Trojan-Dropper.MSWord.Agent.oy,C:\Users\Cosmos\Pictures\2016.11.17\43.vir,File Repaired,Auto
AV/treatment,2016/11/17,15:35:02 +8:00 GMT,UDS:DangerousObject.Multi.Generic,C:\Users\Cosmos\Pictures\2016.11.17\44.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:02 +8:00 GMT,Trojan-Downloader.JS.Agent.nbi,C:\Users\Cosmos\Pictures\2016.11.17\46.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:02 +8:00 GMT,Trojan-Dropper.MSWord.Agent.pa,C:\Users\Cosmos\Pictures\2016.11.17\48.vir,File Repaired,Auto
AV/treatment,2016/11/17,15:35:02 +8:00 GMT,UDS:DangerousObject.Multi.Generic,C:\Users\Cosmos\Pictures\2016.11.17\49.vir,Deleted,Auto
AV/treatment,2016/11/17,15:35:02 +8:00 GMT,Trojan-Dropper.MSWord.Agent.pa,C:\Users\Cosmos\Pictures\2016.11.17\50.vir,File Repaired,Auto[/mw_shl_code]
ZoneAlarm的监控，扫描补刀4个

天堂一朵云

用360压缩解压缩直接被内置病毒检测拦截，没解压完成之前avast直接报警11个，中间解压缩失败，没有测试完，不过小a貌似经受住了考验，综合症终于解决了，不会再换杀软了