精睿样本测试（16.12.12）

a1414007

大蜘蛛kill24x

Virus4

540923555 发表于 2016-12-12 09:34
我那测试工具统计的也是删除15修复7个

看来我小学数学学的还可以。
今天修复好多。
WD日志方式显示是真麻烦。。

pal家族

我这里卡巴杀30x
其中修复1x

截图为证：


哈哈，这次终于差不多了！表现不错。。

剩下的已经上报~~~哈~




Greetings,

感谢您的帮助，在您提交的附件中已经发现新的恶意软件，
21.vir - Trojan-Dropper.Win32.Injector.pyyi
13.vir - Trojan.HTML.Phish.t
19.vir - Trojan.HTML.Phish.u
36.vir - Trojan-Downloader.BAT.Crypt.b
44.vir - Trojan-Downloader.JS.Nemucod.fu
43.vir - not-a-virus:RiskTool.Win32.KeyGen.e
03.vir - Trojan.PDF.Phish.dq
49.vir - HEUR:Trojan.Script.Agent.gen
15.vir - Trojan-Downloader.MSIL.Agentb.aks
06.vir - Backdoor.Win32.Dridex.bh
27.vir - Trojan-Downloader.JS.Agent.nhp
02.vir - HEUR:Trojan.Script.Agent.gen
34.vir - not-a-virus:AdWare.Win32.DealPly.ygmm
25.vir - Trojan.Win32.Iframer.cr
请稍后更新最新数据库试一下

Dolby123

pal家族 发表于 2016-12-12 11:06
我这里卡巴杀30x
其中修复1x

编辑，按错

pal家族

Dolby123 发表于 2016-12-12 11:29
编辑，按错

fix的文档你打开看看成什么样了？

kepuzhishi

360杀毒扫描日志

病毒库版本：2016-12-11 14:24
扫描时间：2016-12-12 11:36:17
扫描用时：00:00:05
扫描类型：右键扫描
扫描文件总数：50
项目总数：31
清除项目数：31

扫描选项
----------------------
扫描所有文件：否
扫描压缩包：否
发现病毒处理方式：由用户选择处理
扫描磁盘引导区：是
扫描 Rootkit：否
使用云查杀引擎：是
使用QVM人工智能引擎：是
扫描建议修复项：是
常规引擎设置：BitDefender Avira(小红伞)

扫描内容
----------------------
C:\Users\Administrator\Downloads\2016.12.12


白名单设置
----------------------


扫描结果
======================
高危风险项
----------------------
C:\Users\Administrator\Downloads\2016.12.12\05.vir        virus.office.obfuscated.1                已修复
C:\Users\Administrator\Downloads\2016.12.12\15.vir        HEUR/QVM03.0.C468.Malware.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\21.vir        HEUR/QVM42.1.C468.Malware.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\45.vir        HEUR/QVM10.1.C468.Malware.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\06.vir        TR.Crypt.XPACK.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\08.vir        TR.Dropper.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\18.vir        TR.Gendal.4975592        已删除
C:\Users\Administrator\Downloads\2016.12.12\20.vir        TR.Dropper.VB.dtxck        已删除
C:\Users\Administrator\Downloads\2016.12.12\34.vir        Gen:Variant.Application.Bundler.DealPly.164        已删除
C:\Users\Administrator\Downloads\2016.12.12\35.vir        TR.Jord.dukdj        已删除
C:\Users\Administrator\Downloads\2016.12.12\26.vir        TR.Dropper.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\32.vir        TR.Dropper.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\39.vir        TR.Dropper.Gen        已删除
C:\Users\Administrator\Downloads\2016.12.12\46.vir        TR.Dropper.VB.hodgz        已删除
C:\Users\Administrator\Downloads\2016.12.12\10.vir        virus.office.obfuscated.1                已修复
C:\Users\Administrator\Downloads\2016.12.12\11.vir        virus.office.obfuscated.1                已修复
C:\Users\Administrator\Downloads\2016.12.12\13.vir        木马程序(trojan-clicker.js.agent.mb)                已修复
C:\Users\Administrator\Downloads\2016.12.12\14.vir        virus.elf.mirai.b        已删除
C:\Users\Administrator\Downloads\2016.12.12\17.vir        virus.vbs.dropper.d        已删除
C:\Users\Administrator\Downloads\2016.12.12\22.vir        virus.office.qexvmc.1075                已修复
C:\Users\Administrator\Downloads\2016.12.12\23.vir        virus.elf.mirai.b        已删除
C:\Users\Administrator\Downloads\2016.12.12\25.vir        virus.image.iframe.1        已删除
C:\Users\Administrator\Downloads\2016.12.12\27.vir        virus.js.qexvmc.1065        已删除
C:\Users\Administrator\Downloads\2016.12.12\29.vir        virus.office.obfuscated.1                已修复
C:\Users\Administrator\Downloads\2016.12.12\30.vir        virus.office.qexvmc.1075                已修复
C:\Users\Administrator\Downloads\2016.12.12\31.vir        virus.office.obfuscated.1        已删除
C:\Users\Administrator\Downloads\2016.12.12\36.vir        virus.bat.evilset.a        已删除
C:\Users\Administrator\Downloads\2016.12.12\37.vir        virus.vbs.qexvmc.1080        已删除
C:\Users\Administrator\Downloads\2016.12.12\40.vir        virus.office.qexvmc.1075        已修复
C:\Users\Administrator\Downloads\2016.12.12\44.vir        virus.js.qexvmc.1070        已删除
C:\Users\Administrator\Downloads\2016.12.12\49.vir        virus.js.qexvmc.1070        已删除

vanishtime

BD kill20 fix10 共30

Eset小粉絲

Avira 26x
[mw_shl_code=css,true]Start of the scan: Monday, 12 December, 2016  11:54

Starting the file scan:

Begin scan in 'C:\Users\Ivan\Desktop\2016.12.12'
C:\Users\Ivan\Desktop\2016.12.12\04.vir
  [DETECTION] Contains code of the X2000M/Agent.98230 Excel macro virus
C:\Users\Ivan\Desktop\2016.12.12\05.vir
    [0] Archive type: ZIP
    --> xl/vbaProject.bin
        [DETECTION] Contains suspicious code HEUR/Macro.Downloader
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\06.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Users\Ivan\Desktop\2016.12.12\07.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.PPPP Java script virus
C:\Users\Ivan\Desktop\2016.12.12\08.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2016.12.12\10.vir
    [0] Archive type: ZIP
    --> xl/vbaProject.bin
        [DETECTION] Contains suspicious code HEUR/Macro.Downloader
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\11.vir
    [0] Archive type: ZIP
    --> xl/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.49460 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\15.vir
  [DETECTION] Is the TR/Downloader.uflqa Trojan
C:\Users\Ivan\Desktop\2016.12.12\18.vir
  [DETECTION] Is the TR/Gendal.4975592 Trojan
C:\Users\Ivan\Desktop\2016.12.12\20.vir
  [DETECTION] Is the TR/Dropper.VB.dtxck Trojan
C:\Users\Ivan\Desktop\2016.12.12\22.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.460825 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\25.vir
  [DETECTION] Contains recognition pattern of the HTML/PicFrame.Gen HTML script virus
C:\Users\Ivan\Desktop\2016.12.12\26.vir
  [DETECTION] Is the TR/Crypt.ZPACK.qvpzp Trojan
C:\Users\Ivan\Desktop\2016.12.12\29.vir
    [0] Archive type: ZIP
    --> xl/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.725816 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\30.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.460825 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\31.vir
  [DETECTION] Contains code of the X2000M/Dldr.Agent.gtng Excel macro virus
C:\Users\Ivan\Desktop\2016.12.12\32.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
The file 'C:\Users\Ivan\Desktop\2016.12.12\33.vir' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 3FE3EC3B72AEFD54EA9BE1E16EF76A53158A05443C671910C93C612391FFC6F6
C:\Users\Ivan\Desktop\2016.12.12\34.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.vgkys
C:\Users\Ivan\Desktop\2016.12.12\35.vir
  [DETECTION] Is the TR/Jord.dukdj Trojan
The file 'C:\Users\Ivan\Desktop\2016.12.12\38.vir' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 37BF5938A4A39FCF6E1746178194084C192260CBC0D1314444A16D6550B63628
C:\Users\Ivan\Desktop\2016.12.12\39.vir
    [0] Archive type: NSIS
    --> ProgramFilesDir/controllability.dll
        [DETECTION] Is the TR/Injector.cexbc Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\40.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.460825 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2016.12.12\41.vir
    [0] Archive type: ZIP
    --> xl/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.45331 macro virus
        [WARNING]   Infected files in archives cannot be repaired
Successful Cloud SDK initialization and license check.
The file 'C:\Users\Ivan\Desktop\2016.12.12\43.vir' was scanned with the Protection Cloud. SHA256 = 1D5282D36199FC398D87879A3974DCC0D9A03877EBAF640F6AC1994E8200DEFA
C:\Users\Ivan\Desktop\2016.12.12\43.vir (SHA-256: 1d5282d36199fc398d87879a3974dcc0d9a03877ebaf640f6ac1994e8200defa)
  [DETECTION] Contains recognition pattern of the APPL/Keygen.1d5282 (Cloud) application
The file 'C:\Users\Ivan\Desktop\2016.12.12\45.vir' was found in the cache; the Protection Cloud scan was skipped. SHA256 = 99967BF87E97D014AB9AA041653B778A341E85AAF2F5D8D6662699036498A8FA
C:\Users\Ivan\Desktop\2016.12.12\46.vir
  [DETECTION] Is the TR/Dropper.VB.hodgz Trojan
C:\Users\Ivan\Desktop\2016.12.12\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.75001 Java script virus
C:\Users\Ivan\Desktop\2016.12.12\50.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus[/mw_shl_code]

ysj963

fireherman 发表于 2016-12-12 09:58
又一次看到ESET的高启发（第19行），泪流满脸。

我用了几年看到了两次。话说猪头无双是什么技术级别的？

ys0516

NEW AVG BETA
KILL 20X 修复8X  总计28X
感觉应该和AVAST一样