精睿样本测试（16.12.1）

显示全部楼层 · 发表于 2016-12-1 09:47:43

Avira 26
[mw_shl_code=css,true]Start of the scan: Thursday, 1 December, 2016  09:35

Starting the file scan:

Begin scan in 'C:\Users\Ivan\Desktop\2016.12.1'
C:\Users\Ivan\Desktop\2016.12.1\05.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
C:\Users\Ivan\Desktop\2016.12.1\06.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\Ivan\Desktop\2016.12.1\09.vir
  [DETECTION] Is the TR/Dropper.VB.sixnt Trojan
Successful Cloud SDK initialization and license check.
The file 'C:\Users\Ivan\Desktop\2016.12.1\10.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = B436E95D64811A547AAA79BA16CAB305B7B6245EF174490B0D7741481BB927F6
C:\Users\Ivan\Desktop\2016.12.1\10.vir (SHA-256: b436e95d64811a547aaa79ba16cab305b7b6245ef174490b0d7741481bb927f6)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)
  [INFO]    The file 'C:\Users\Ivan\Desktop\2016.12.1\10.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2016.12.1\12.vir
  [DETECTION] Is the TR/Crypt.ZPACK.qjwfn Trojan
C:\Users\Ivan\Desktop\2016.12.1\13.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
C:\Users\Ivan\Desktop\2016.12.1\14.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2016.12.1\16.vir
  [DETECTION] Is the TR/Dropper.MSIL.nydux Trojan
C:\Users\Ivan\Desktop\2016.12.1\18.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
C:\Users\Ivan\Desktop\2016.12.1\19.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Nemucod.ED Java script virus
C:\Users\Ivan\Desktop\2016.12.1\21.vir
  [DETECTION] Contains suspicious code HEUR/Macro.Agent
C:\Users\Ivan\Desktop\2016.12.1\22.vir
[0] Archive type: Inno Setup
--> {tmp}\c11w.exe
      [DETECTION] Contains patterns of software PUA/Downloader.Gen
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.1\23.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
C:\Users\Ivan\Desktop\2016.12.1\24.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2016.12.1\27.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
C:\Users\Ivan\Desktop\2016.12.1\28.vir
  [DETECTION] Is the TR/Proxy.Gen8 Trojan
C:\Users\Ivan\Desktop\2016.12.1\30.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
C:\Users\Ivan\Desktop\2016.12.1\31.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.PLOW Java script virus
C:\Users\Ivan\Desktop\2016.12.1\32.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipkza Java script virus
Retry 1 for the file 'C:\Users\Ivan\Desktop\2016.12.1\34.vir'. SHA256 = 59228565034E0614DFABDCC0C612C234C570BCDFC79A4240007B92499156E796
Retry 2 for the file 'C:\Users\Ivan\Desktop\2016.12.1\34.vir'. SHA256 = 59228565034E0614DFABDCC0C612C234C570BCDFC79A4240007B92499156E796
The file 'C:\Users\Ivan\Desktop\2016.12.1\34.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 59228565034E0614DFABDCC0C612C234C570BCDFC79A4240007B92499156E796
C:\Users\Ivan\Desktop\2016.12.1\34.vir (SHA-256: 59228565034e0614dfabdcc0c612c234c570bcdfc79a4240007b92499156e796)
  [INFO]    The file 'C:\Users\Ivan\Desktop\2016.12.1\34.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2016.12.1\36.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.74030 Java script virus
C:\Users\Ivan\Desktop\2016.12.1\37.vir
[0] Archive type: RAR SFX (self extracting)
--> Steam.sfx.exe
      [1] Archive type: RAR SFX (self extracting)
   --> CMT
      [DETECTION] Is the TR/Dropper.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.1\38.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Users\Ivan\Desktop\2016.12.1\40.vir
[0] Archive type: BZ2
--> 40.vir.out
      [1] Archive type: TAR (tape archiver)
   --> Estado_De_Cuenta_Adjunta_Contactenos.exe
      [DETECTION] Is the TR/Dropper.VB.rpdjk Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.1\41.vir
  [DETECTION] Is the TR/Crypt.Xpack.otjqf Trojan
C:\Users\Ivan\Desktop\2016.12.1\42.vir
  [DETECTION] Contains suspicious code HEUR/Macro.Agent
C:\Users\Ivan\Desktop\2016.12.1\49.vir
  [DETECTION] Is the TR/Crypt.Xpack.aocuz Trojan[/mw_shl_code]

显示全部楼层 · 发表于 2016-12-1 09:55:12

cylance 13x

显示全部楼层 · 发表于 2016-12-1 10:05:12

ys0516 发表于 2016-12-1 09:37
AVG_Antivirus_Free KILL 31X 剩余19X

"外壳扩展扫描（Shell Extension Scan）"

注意看看数量，AVG报的往往都不太准。

显示全部楼层 · 发表于 2016-12-1 10:14:06

SEP14 ：扫描+监控=34X

显示全部楼层 · 发表于 2016-12-1 10:14:09

猪头无双发表于 2016-12-1 10:05
注意看看数量，AVG报的往往都不太准。

嗯。数量的个数上是对上了

显示全部楼层 · 发表于 2016-12-1 10:26:54

心醉咖啡发表于 2016-12-1 09:18
扫描时间：[2016-12-01 09:17:39]
扫描用时：[00:00:26]
扫描类型：自定义查杀

手这么快干嘛。我来测试好啦

显示全部楼层 · 发表于 2016-12-1 10:38:18

瑞星新引擎KILLL 32

WD kill 27

显示全部楼层 · 发表于 2016-12-1 10:40:38

显示全部楼层 · 发表于 2016-12-1 11:49:53

本帖最后由猪头无双于 2016-12-1 18:26 编辑

FSIS

解压删除8个

手动扫描20X

其中跳过2X: 40.vir 33.vir(内含两个文件)

无法隔离1X： 22.vir

剩余17X清除

[mw_shl_code=css,true]

05.vir: 已清除

08.vir: 已清除
T
13.vir: 已清除

06.vir: 已清除

15.vir: 已清除

18.vir: 已清除

17.vir: 已清除

23.vir: 已清除

27.vir: 已清除

04.vir: 已清除

30.vir: 已清除

31.vir: 已清除

32.vir: 已清除

45.vir: 已清除

40.vir: 已清除

36.vir: 已清除

33.vir: 已清除[/mw_shl_code]
++++++++++++++++++++++++++++++++++++++

实际扫描结果：20+8=28，剩余19

++++++++++++++++++++++++++++++++++++++

18：21分重新解压后扫描，结果如下

[mw_shl_code=css,true]结果

已扫描项目： 149
找到的恶意项目： 36
详细信息

Trojan.VBA.Agent.FU
C:\Users\caizh\Desktop\2016.12.1\01.vir: 无法清理
Trojan.Phishing.BL
C:\Users\caizh\Desktop\2016.12.1\08.vir: 已清除
JS:Trojan.JS.Agent.OMN
C:\Users\caizh\Desktop\2016.12.1\06.vir: 已清除
Trojan.GenericKD.3770111
C:\Users\caizh\Desktop\2016.12.1\05.vir: 已清除
JS:Trojan.JS.Downloader.NG
C:\Users\caizh\Desktop\2016.12.1\04.vir: 已清除
Trojan.GenericKD.3672334
C:\Users\caizh\Desktop\2016.12.1\09.vir: 已清除
Gen:Variant.Zusy.212834
C:\Users\caizh\Desktop\2016.12.1\12.vir: 已清除
Gen:Variant.Strictor.43629
C:\Users\caizh\Desktop\2016.12.1\16.vir: 已清除
Trojan.GenericKD.3776446
C:\Users\caizh\Desktop\2016.12.1\13.vir: 已清除
JS:Trojan.JS.Downloader.NG
C:\Users\caizh\Desktop\2016.12.1\17.vir: 已清除
Trojan.GenericKD.3771796
C:\Users\caizh\Desktop\2016.12.1\18.vir: 已清除
Trojan.GenericKD.3773501
C:\Users\caizh\Desktop\2016.12.1\24.vir: 已清除
Trojan.GenericKD.3771800
C:\Users\caizh\Desktop\2016.12.1\23.vir: 已清除
Trojan.Phishing.BL
C:\Users\caizh\Desktop\2016.12.1\15.vir: 已清除
Trojan.RanSerKD.3763561
C:\Users\caizh\Desktop\2016.12.1\27.vir: 已清除
Trojan.GenericKD.3775887
C:\Users\caizh\Desktop\2016.12.1\20.vir: 已清除
Trojan.RanSerKD.3765125
C:\Users\caizh\Desktop\2016.12.1\30.vir: 已清除
Java.Trojan.GenericGB.28
C:\Users\caizh\Desktop\2016.12.1\33.vir\e.class: 已跳过
Trojan.GenericKD.3763263
C:\Users\caizh\Desktop\2016.12.1\26.vir: 已清除
Trojan.GenericKD.3772336
C:\Users\caizh\Desktop\2016.12.1\32.vir: 已清除
Java.Trojan.GenericGB.107
C:\Users\caizh\Desktop\2016.12.1\33.vir\q.class: 已跳过
Gen:Trojan.Heur.PT.bm1@aSmQ89ei
C:\Users\caizh\Desktop\2016.12.1\38.vir: 已清除
Application.Agent.AFW
C:\Users\caizh\Desktop\2016.12.1\22.vir: 无法隔离
Trojan.GenericKD.3768311
C:\Users\caizh\Desktop\2016.12.1\31.vir: 已清除
Trojan.GenericKD.3764953
C:\Users\caizh\Desktop\2016.12.1\36.vir: 已清除
Trojan.GenericKD.3768560
C:\Users\caizh\Desktop\2016.12.1\35.vir: 已清除
Gen:Variant.MSILPerseus.47435
C:\Users\caizh\Desktop\2016.12.1\39.vir: 已清除
Java.Trojan.GenericGB.28
C:\Users\caizh\Desktop\2016.12.1\33.vir: 已清除
Generic.Starter.4.7001870B
C:\Users\caizh\Desktop\2016.12.1\37.vir\DLL.bat: 已跳过
Trojan.GenericKD.3739612
C:\Users\caizh\Desktop\2016.12.1\40.vir\40\Estado_De_Cuenta_Adjunta_Contactenos.exe: 已跳过
Trojan.Generic.19846277
C:\Users\caizh\Desktop\2016.12.1\41.vir: 已清除
JS.Nemucod.4.Gen
C:\Users\caizh\Desktop\2016.12.1\45.vir: 已清除
Trojan.ScriptKD.1298
C:\Users\caizh\Desktop\2016.12.1\37.vir: 已清除
Trojan.GenericKD.3782172
C:\Users\caizh\Desktop\2016.12.1\49.vir: 已清除
Trojan.GenericKD.3739612
C:\Users\caizh\Desktop\2016.12.1\40.vir: 已清除
Trojan.RanSerKD.3763555
C:\Users\caizh\Desktop\2016.12.1\44.vir: 已清除
未扫描文件

未扫描文件数量： 1。

文件：

C:\Users\caizh\Desktop\2016.12.1\37.vir\Steam.sfx.exe\Steam.exe

病毒定义数据库：

2016-12-01_07
扫描引擎：

F-Secure Aquarius: 11.00.01, 2016-12-01
F-Secure Gemini: 3.02.414, 2016-11-29
F-Secure Hydra: 5.15.154, 2016-12-01
F-Secure Online: 16.15.23
F-Secure USS: 5.08.198, 2016-07-06[/mw_shl_code]

扫描结果36，但是由于33、37每个文件扫出两个结果，所以，剔除结果2X，为34个

显示全部楼层 · 发表于 2016-12-1 14:27:34

360杀毒扫描日志

病毒库版本：2016-11-30 11:07
扫描时间：2016-12-01 14:22:48
扫描用时：00:00:05
扫描类型：右键扫描
扫描文件总数：50
项目总数：29
清除项目数：29

扫描选项
----------------------
扫描所有文件：否
扫描压缩包：否
发现病毒处理方式：由用户选择处理
扫描磁盘引导区：是
扫描 Rootkit：否
使用云查杀引擎：是
使用QVM人工智能引擎：是
扫描建议修复项：是
常规引擎设置：BitDefender Avira(小红伞)

扫描内容
----------------------
C:\Users\Administrator\Downloads\2016.12.1

白名单设置
----------------------

扫描结果
======================
高危风险项
----------------------
C:\Users\Administrator\Downloads\2016.12.1\04.vir js.url.downloader.k 已删除
C:\Users\Administrator\Downloads\2016.12.1\06.vir virus.js.qexvmc.1080 已删除
C:\Users\Administrator\Downloads\2016.12.1\09.vir HEUR/QVM03.0.8699.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\12.vir 感染型病毒(Win32/Trojan.2eb) 已删除
C:\Users\Administrator\Downloads\2016.12.1\24.vir HEUR/QVM10.1.8699.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\20.vir HEUR/QVM20.1.8750.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\26.vir HEUR/QVM20.1.8750.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\44.vir HEUR/QVM20.1.8699.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\35.vir HEUR/QVM20.1.8750.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\43.vir HEUR/QVM42.1.8750.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\49.vir HEUR/QVM20.1.8750.Malware.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\14.vir 感染型病毒(Win32/Trojan.Dropper.b73) 已删除
C:\Users\Administrator\Downloads\2016.12.1\37.vir 木马程序(Trojan.ScriptKD.1298) 已删除
C:\Users\Administrator\Downloads\2016.12.1\28.vir TR.Proxy.Gen8 已删除
C:\Users\Administrator\Downloads\2016.12.1\16.vir TR.Dropper.MSIL.nydux 已删除
C:\Users\Administrator\Downloads\2016.12.1\41.vir TR.Crypt.Xpack.otjqf 已删除
C:\Users\Administrator\Downloads\2016.12.1\39.vir Gen:Variant.MSILPerseus.47435 已删除
C:\Users\Administrator\Downloads\2016.12.1\38.vir TR.ATRAPS.Gen 已删除
C:\Users\Administrator\Downloads\2016.12.1\13.vir virus.js.qexvmc.1070 已删除
C:\Users\Administrator\Downloads\2016.12.1\17.vir js.url.downloader.k 已删除
C:\Users\Administrator\Downloads\2016.12.1\19.vir virus.js.qexvmc.1 已删除
C:\Users\Administrator\Downloads\2016.12.1\23.vir virus.js.qexvmc.1070 已删除
C:\Users\Administrator\Downloads\2016.12.1\25.vir virus.js.qexvmc.1085 已删除
C:\Users\Administrator\Downloads\2016.12.1\30.vir virus.js.qexvmc.1070 已删除
C:\Users\Administrator\Downloads\2016.12.1\31.vir virus.js.qexvmc.1080 已删除
C:\Users\Administrator\Downloads\2016.12.1\32.vir virus.js.qexvmc.1070 已删除
C:\Users\Administrator\Downloads\2016.12.1\33.vir Java.Trojan.GenericGB.107 已删除
C:\Users\Administrator\Downloads\2016.12.1\36.vir virus.js.qexvmc.1080 已删除
C:\Users\Administrator\Downloads\2016.12.1\45.vir JS.Nemucod.4.Gen 已删除

[病毒样本] 精睿样本测试（16.12.1）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块