精睿样本测试（17.5.12）

显示全部楼层 · 发表于 2017-5-12 10:09:08

地址：

https://pan.baidu.com/s/1sllTKO9 密码: 8avx

密码：http://bbs.vc52.cn
数量：120

分流：
https://www.upload.ee/files/7000213/2017.5.12.7z.html

显示全部楼层 · 发表于 2017-5-12 10:27:22

rising 57
360 60
dr.web 67

显示全部楼层 · 发表于 2017-5-12 10:33:34

eset 103

显示全部楼层 · 发表于 2017-5-12 10:51:37

WD删除83个，修复1个，漏了36个。。。

显示全部楼层 · 发表于 2017-5-12 10:52:26

火绒kill52

显示全部楼层 · 发表于 2017-5-12 11:16:05

本帖最后由轩夏于 2017-5-12 11:17 编辑

ESET[mw_shl_code=css,true]日志
正在扫描日志
病毒库版本: 15401 (20170511)
日期: 2017/5/12  时间: 11:16:44
已扫描的磁盘、文件夹和文件: D:\病毒测试\2017.5.12
D:\病毒测试\2017.5.12\002.vir - VBA/TrojanDropper.Agent.VH 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\003.vir - Win32/Neurevt.I 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\004.vir - MSIL/Injector.MEG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\005.vir - Win32/Neurevt.I 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\006.vir - Win32/Injector.DOAV 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\007.vir - Win32/Kryptik.FSDT 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\008.vir - VBA/TrojanDownloader.Agent.DEI 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\010.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\011.vir - Win32/Injector.DOOB 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\012.vir - Win32/Kryptik.FSCY 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\013.vir - PowerShell/Agent.AD 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\015.vir - Win32/TrojanDownloader.Banload.XXK 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\016.vir - MSIL/Injector.SDN 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\017.vir - Win32/Injector.DOOB 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\018.vir - Win32/GenKryptik.AEYW 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\019.vir - Win32/GenKryptik.AFBR 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\020.vir > ZIP > word/embeddings/oleObject2.bin > OLEDATA > Receipt_050123.lnk - PowerShell/TrojanDownloader.Agent.Q 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\020.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > Receipt_050123.lnk - PowerShell/TrojanDownloader.Agent.Q 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\021.vir - Win32/Injector.DOPM 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\022.vir - Win32/Kryptik.FSBP 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\023.vir - HTML/Iframe.B 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\024.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > 新しいメッセージ.js - JS/TrojanDownloader.Agent.QHW 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\025.vir - Win32/Injector.DOPM 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\027.vir - Win32/Kryptik.FROS 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\028.vir - Win32/Agent.SLF 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\030.vir > INNO > setup.data - 正常
D:\病毒测试\2017.5.12\031.vir - MSIL/Kryptik.CXU 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\033.vir - MSIL/Kryptik.JAG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\034.vir - VBA/TrojanDownloader.Agent.DEU 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\035.vir - MSIL/GenKryptik.SQH 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\036.vir - MSIL/Injector.MEG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\037.vir - JS/TrojanDownloader.Nemucod.CYG 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\038.vir - Win32/Kryptik.FRDR 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\039.vir - Win32/Kryptik.FRDR 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\040.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > 安全な情報.js - JS/TrojanDownloader.Agent.QHW 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\041.vir - Win32/Filecoder.DMALocker.C 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\042.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\043.vir - Win32/GenKryptik.AFAO 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\045.vir - Win32/Kryptik.FSDB 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\046.vir > ZIP > ff1/bG.class - Java/Jacksbot.AK 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\046.vir > ZIP > ff1/dI.class - 正常
D:\病毒测试\2017.5.12\046.vir > ZIP > ff1/dy.class - Java/Jacksbot.AE 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\046.vir > ZIP > ff1/h.class - Java/Jacksbot.AG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\048.vir - Win32/GenKryptik.AFFZ 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\049.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\050.vir - VBA/TrojanDownloader.Agent.DEU 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\051.vir - Win32/Kryptik.FRVT 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\052.vir - VBA/TrojanDownloader.Agent.DEU 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\053.vir - Win32/Adware.ELEX.GJ 应用程序的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\055.vir - Win32/Injector.CXYE 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\056.vir - VBA/TrojanDownloader.Agent.DES 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\057.vir - MSIL/Injector.IFO 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\060.vir - Win32/Kryptik.FRTX 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\062.vir > ZIP > F.class - 正常
D:\病毒测试\2017.5.12\062.vir > ZIP > B.class - Java/Adwind.AFV 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\062.vir > ZIP > L.class - Java/Adwind.AFV 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\064.vir - VBA/TrojanDownloader.Agent.DEO 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\065.vir - Win32/PSW.Fareit.L 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\066.vir - Win32/Filecoder.FV 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\068.vir - Generik.GIOXPXS 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\069.vir > ZIP > word/embeddings/oleObject3.bin > OLEDATA > Office Doc Part                                           .vbs - VBA/TrojanDownloader.Agent.DDM 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\069.vir > ZIP > word/embeddings/oleObject2.bin > OLEDATA > Office Doc Part                                           .vbs - VBA/TrojanDownloader.Agent.DDM 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\069.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > Office Doc Part                                           .vbs - VBA/TrojanDownloader.Agent.DDM 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\070.vir - Win32/TrojanDownloader.Waski.A 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\071.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\072.vir - MSIL/Injector.SAG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\073.vir - VBS/Agent.NLD 蠕虫 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\075.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.DCY 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\076.vir - Win32/Kryptik.FSCN 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\077.vir - MSIL/Filecoder.BitKangoroo.A 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\078.vir - VBA/TrojanDownloader.Agent.DEN 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\080.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\082.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\083.vir - MSIL/Filecoder.GG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\084.vir - Win32/Injector.DOOL 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\085.vir - VBA/TrojanDownloader.Agent.DEU 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\086.vir - Win32/Injector.DOPA 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\087.vir - MSIL/Agent.QUI 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\088.vir > NSIS > TyKslk - JS/Kryptik.BEN 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\089.vir - Win32/Spy.Ursnif.AO 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\090.vir - Win32/Filecoder.NLB 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\091.vir - Win32/Filecoder.FV 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\092.vir - VBA/TrojanDownloader.Agent.DEU 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\093.vir - VBA/TrojanDownloader.Agent.DET 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\094.vir - Win32/Kryptik.FSCN 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\095.vir - Win32/GenKryptik.AEKF 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\096.vir - VBA/PowerShell.A 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\097.vir - MSIL/TrojanDownloader.Agent.DFD 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\098.vir - Win32/Agent.SJK 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\099.vir - VBA/TrojanDropper.Agent.VH 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\100.vir > NSIS > Script.nsi - 正常
D:\病毒测试\2017.5.12\100.vir > NSIS > nsDialogs.dll - 正常
D:\病毒测试\2017.5.12\100.vir > NSIS > TooltabExtension.dll - 正常
D:\病毒测试\2017.5.12\101.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\102.vir - Win32/Filecoder.NKP 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\103.vir - Win32/TrojanDownloader.Waski.A 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\104.vir - VBS/Kryptik.HB 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\105.vir - Win32/Injector.DOPA 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\106.vir - Generik.GEVIUID 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\107.vir - Win32/Injector.DONO 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\108.vir - VBA/TrojanDownloader.Agent.DEU 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\110.vir - Win32/Kryptik.FSCY 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\111.vir - MSIL/Spammer.Agent.AG 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\112.vir - Win32/Kryptik.FQST 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\113.vir - PDF/Phishing.A.Gen 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\114.vir - Win32/Kryptik.FSCL 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\115.vir - VBA/TrojanDownloader.Agent.DEO 特洛伊木马 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\116.vir - Win32/Kryptik.FSDT 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\117.vir - Win32/Wapomi.BA 病毒 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\118.vir - Win32/Injector.DONO 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\119.vir - Win32/Agent.SLF 特洛伊木马的变种 - 扫描完成后再选择处理方式
D:\病毒测试\2017.5.12\120.vir - Win32/Agent.SLF 特洛伊木马 - 扫描完成后再选择处理方式
已扫描的对象数: 537
发现的威胁数: 106
已清除对象数: 0
完成时间: 11:17:21  总扫描时间: 37 秒 (00:00:37)
[/mw_shl_code]

显示全部楼层 · 发表于 2017-5-12 11:42:17

瑞星二扫73

显示全部楼层 · 发表于 2017-5-12 12:46:12

emsisoft 扫描杀98个
剩余22个

显示全部楼层 · 发表于 2017-5-12 12:51:07

rising 病毒库从2087升到2088，变成86个

显示全部楼层 · 发表于 2017-5-12 13:07:19

Avira 88x

[mw_shl_code=css,true]Starting the file scan:

Begin scan in 'C:\Users\Ivan\Desktop\2017.5.12\'
C:\Users\Ivan\Desktop\2017.5.12\001.vir
  [DETECTION] Is the TR/Fuery.rfwev Trojan
C:\Users\Ivan\Desktop\2017.5.12\003.vir
  [DETECTION] Is the TR/Dropper.xhapl Trojan
C:\Users\Ivan\Desktop\2017.5.12\004.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\005.vir
  [DETECTION] Is the TR/Crypt.ZPACK.ihehh Trojan
C:\Users\Ivan\Desktop\2017.5.12\006.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\007.vir
  [DETECTION] Is the TR/Ranscrape.xvdds Trojan
C:\Users\Ivan\Desktop\2017.5.12\008.vir
  [DETECTION] Contains code of the W2000M/Agent.3440281 macro virus
C:\Users\Ivan\Desktop\2017.5.12\009.vir
  [DETECTION] Contains patterns of software PUA/InstallCore.Gen9
C:\Users\Ivan\Desktop\2017.5.12\011.vir
  [DETECTION] Is the TR/Dropper.VB.denpt Trojan
C:\Users\Ivan\Desktop\2017.5.12\012.vir
  [DETECTION] Is the TR/Crypt.Xpack.nfldd Trojan
C:\Users\Ivan\Desktop\2017.5.12\015.vir
  [DETECTION] Is the TR/Dldr.Banload.pvcwu Trojan
C:\Users\Ivan\Desktop\2017.5.12\016.vir
  [DETECTION] Is the TR/Dropper.MSIL.weuzp Trojan
C:\Users\Ivan\Desktop\2017.5.12\017.vir
  [DETECTION] Is the TR/Dropper.VB.wzwch Trojan
C:\Users\Ivan\Desktop\2017.5.12\018.vir
  [DETECTION] Is the TR/AD.Cerber.yteec Trojan
C:\Users\Ivan\Desktop\2017.5.12\019.vir
  [DETECTION] Is the TR/Dropper.VB.usimw Trojan
C:\Users\Ivan\Desktop\2017.5.12\020.vir
[0] Archive type: ZIP
      [DETECTION] Is the TR/LNK.PSH.Downloader.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
      [DETECTION] Is the TR/LNK.PSH.Downloader.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\Ivan\Desktop\2017.5.12\021.vir
  [DETECTION] Is the TR/AD.BrowserPwdStealer.ciszi Trojan
Successful Cloud SDK initialization and license check.
The file 'C:\Users\Ivan\Desktop\2017.5.12\022.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 1E8F8B0AA093C7D272DAFBD9DD4EE49E42441BA957D24E983A137ED03DF7D6FD
C:\Users\Ivan\Desktop\2017.5.12\022.vir (SHA-256: 1e8f8b0aa093c7d272dafbd9dd4ee49e42441ba957d24e983a137ed03df7d6fd)
  [DETECTION] Is the TR/Crypt.ZPACK.Gen7 (Cloud) Trojan
  [INFO]    The file 'C:\Users\Ivan\Desktop\2017.5.12\022.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2017.5.12\025.vir
  [DETECTION] Contains recognition pattern of the DR/Delphi.cllrs dropper
C:\Users\Ivan\Desktop\2017.5.12\027.vir
  [DETECTION] Is the TR/Crypt.Xpack.tixmi Trojan
C:\Users\Ivan\Desktop\2017.5.12\029.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.jyigo
C:\Users\Ivan\Desktop\2017.5.12\030.vir
  [DETECTION] Contains patterns of software PUA/InstallCore.Gen9
C:\Users\Ivan\Desktop\2017.5.12\031.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\032.vir
  [DETECTION] Contains code of the W2000M/Agent.0038520 macro virus
C:\Users\Ivan\Desktop\2017.5.12\033.vir
  [DETECTION] Is the TR/Dropper.MSIL.uppvz Trojan
C:\Users\Ivan\Desktop\2017.5.12\034.vir
  [DETECTION] Contains code of the W2000M/Agent.00381596 macro virus
C:\Users\Ivan\Desktop\2017.5.12\035.vir
  [DETECTION] Is the TR/Crypt.Xpack.ocbbk Trojan
C:\Users\Ivan\Desktop\2017.5.12\036.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\037.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\Ivan\Desktop\2017.5.12\038.vir
  [DETECTION] Is the TR/Crypt.ZPACK.feidz Trojan
C:\Users\Ivan\Desktop\2017.5.12\039.vir
  [DETECTION] Is the TR/Kriptik.5435 Trojan
C:\Users\Ivan\Desktop\2017.5.12\041.vir
  [DETECTION] Is the TR/Ransom.ydcjt Trojan
C:\Users\Ivan\Desktop\2017.5.12\043.vir
  [DETECTION] Is the TR/Crypt.EPACK.phzhz Trojan
C:\Users\Ivan\Desktop\2017.5.12\044.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2017-0199.Gen exploit
C:\Users\Ivan\Desktop\2017.5.12\045.vir
  [DETECTION] Is the TR/Crypt.Xpack.ltgcp Trojan
C:\Users\Ivan\Desktop\2017.5.12\048.vir
  [DETECTION] Is the TR/Crypt.Xpack.oleuu Trojan
C:\Users\Ivan\Desktop\2017.5.12\050.vir
  [DETECTION] Contains code of the W2000M/Agent.0782574 macro virus
C:\Users\Ivan\Desktop\2017.5.12\051.vir
  [DETECTION] Is the TR/Crypt.Xpack.dplxp Trojan
C:\Users\Ivan\Desktop\2017.5.12\052.vir
  [DETECTION] Contains code of the W2000M/Agent.0782606 macro virus
C:\Users\Ivan\Desktop\2017.5.12\053.vir
  [DETECTION] Contains recognition pattern of the WORM/Lodbak.Gen4 worm
C:\Users\Ivan\Desktop\2017.5.12\054.vir
  [DETECTION] Contains suspicious code HEUR/CVE-2017-0199
The file 'C:\Users\Ivan\Desktop\2017.5.12\055.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 1D86B9E8668C74D9D976F363E43733338ECDBABFFD01AFB17FE9194B6A427552
C:\Users\Ivan\Desktop\2017.5.12\055.vir (SHA-256: 1d86b9e8668c74d9d976f363e43733338ecdbabffd01afb17fe9194b6a427552)
  [DETECTION] Is the TR/Crypt.ZPACK.Gen4 (Cloud) Trojan
  [INFO]    The file 'C:\Users\Ivan\Desktop\2017.5.12\055.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2017.5.12\056.vir
  [DETECTION] Contains code of the W2000M/Agent.00381898 macro virus
The file 'C:\Users\Ivan\Desktop\2017.5.12\057.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = B865A2892375D4E2280951138F7E61222E86333E75DF719F8C48FF5620C0DA12
C:\Users\Ivan\Desktop\2017.5.12\057.vir (SHA-256: b865a2892375d4e2280951138f7e61222e86333e75df719f8c48ff5620c0da12)
  [DETECTION] Is the TR/Dropper.MSIL.Gen8 (Cloud) Trojan
  [INFO]    The file 'C:\Users\Ivan\Desktop\2017.5.12\057.vir' has been uploaded to the Protection Cloud and analyzed.
The file 'C:\Users\Ivan\Desktop\2017.5.12\058.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 8510E196E45EBA0FC0B064C7BEE755FD22E2B44DA7D669B2941449E94A85C3E5
C:\Users\Ivan\Desktop\2017.5.12\058.vir (SHA-256: 8510e196e45eba0fc0b064c7bee755fd22e2b44da7d669b2941449e94a85c3e5)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)
  [INFO]    The file 'C:\Users\Ivan\Desktop\2017.5.12\058.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2017.5.12\059.vir
  [DETECTION] Contains suspicious code HEUR/CVE-2017-0199
C:\Users\Ivan\Desktop\2017.5.12\060.vir
  [DETECTION] Is the TR/AD.MalwareCrypter.ajknh Trojan
C:\Users\Ivan\Desktop\2017.5.12\064.vir
  [DETECTION] Contains code of the W97M/Agent.3429711 Word macro virus
C:\Users\Ivan\Desktop\2017.5.12\065.vir
  [DETECTION] Is the TR/AD.VBCryptor.vvhky Trojan
C:\Users\Ivan\Desktop\2017.5.12\066.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\068.vir
  [DETECTION] Is the TR/AD.VBCryptor.ydcjt Trojan
C:\Users\Ivan\Desktop\2017.5.12\070.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\072.vir
  [DETECTION] Is the TR/Injector.leqhr Trojan
C:\Users\Ivan\Desktop\2017.5.12\073.vir
  [DETECTION] Contains recognition pattern of the VBS/Jenxcus.Gen VBS script virus
C:\Users\Ivan\Desktop\2017.5.12\076.vir
  [DETECTION] Is the TR/Crypt.ZPACK.kabsl Trojan
The file 'C:\Users\Ivan\Desktop\2017.5.12\077.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 6D9359EF74C5D47886CBDDC2192DAE274145097978C2FBB5687D30684C76117B
C:\Users\Ivan\Desktop\2017.5.12\077.vir (SHA-256: 6d9359ef74c5d47886cbddc2192dae274145097978c2fbb5687d30684c76117b)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)
  [INFO]    The file 'C:\Users\Ivan\Desktop\2017.5.12\077.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\Ivan\Desktop\2017.5.12\083.vir
  [DETECTION] Is the TR/Ranscrape.hefhp Trojan
The file 'C:\Users\Ivan\Desktop\2017.5.12\084.vir' was scanned with the Protection Cloud. SHA256 = D50B52E3F3E615CA4D7817CEF64D98F2F86C845F8F1A5BBC3B93A773D22A14E7
C:\Users\Ivan\Desktop\2017.5.12\084.vir (SHA-256: d50b52e3f3e615ca4d7817cef64d98f2f86c845f8f1a5bbc3b93a773d22a14e7)
  [DETECTION] Is the TR/Crypt.XPACK.d50b52 (Cloud) Trojan
C:\Users\Ivan\Desktop\2017.5.12\085.vir
  [DETECTION] Contains code of the W2000M/Agent.00381596 macro virus
C:\Users\Ivan\Desktop\2017.5.12\086.vir
  [DETECTION] Is the TR/Dropper.VB.gysyd Trojan
C:\Users\Ivan\Desktop\2017.5.12\087.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
C:\Users\Ivan\Desktop\2017.5.12\088.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\089.vir
  [DETECTION] Is the TR/Crypt.ZPACK.byopx Trojan
C:\Users\Ivan\Desktop\2017.5.12\090.vir
  [DETECTION] Is the TR/Genasom.ispnz Trojan
C:\Users\Ivan\Desktop\2017.5.12\091.vir
  [DETECTION] Is the TR/AD.RansomHeur.mjdnt Trojan
C:\Users\Ivan\Desktop\2017.5.12\092.vir
  [DETECTION] Contains code of the W2000M/Agent.67381272 macro virus
C:\Users\Ivan\Desktop\2017.5.12\094.vir
  [DETECTION] Is the TR/Crypt.ZPACK.kaovv Trojan
C:\Users\Ivan\Desktop\2017.5.12\095.vir
  [DETECTION] Is the TR/Crypt.ZPACK.Gen2 Trojan
C:\Users\Ivan\Desktop\2017.5.12\096.vir
  [DETECTION] Contains suspicious code HEUR/Macro.Agent
C:\Users\Ivan\Desktop\2017.5.12\097.vir
  [DETECTION] Is the TR/Fuery.kyktg Trojan
The file 'C:\Users\Ivan\Desktop\2017.5.12\098.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 48CB6CD2591AFC84C318F7F188F02CD3A4ABA5B4B948474D875567AFD99985A6
C:\Users\Ivan\Desktop\2017.5.12\098.vir (SHA-256: 48cb6cd2591afc84c318f7f188f02cd3a4aba5b4b948474d875567afd99985a6)
  [DETECTION] Is the TR/Crypt.XPACK.Gen7 (Cloud) Trojan
  [INFO]    The file 'C:\Users\Ivan\Desktop\2017.5.12\098.vir' has been uploaded to the Protection Cloud and analyzed.
The file 'C:\Users\Ivan\Desktop\2017.5.12\100.vir' was scanned with the Protection Cloud. SHA256 = 7983390F082D292F8C090C6026960BE3C99B87B4BC575E54DEF4DCCA837B5946
C:\Users\Ivan\Desktop\2017.5.12\100.vir (SHA-256: 7983390f082d292f8c090c6026960be3c99b87b4bc575e54def4dcca837b5946)
  [DETECTION] Contains patterns of software PUA/MyWebSearch (Cloud)
C:\Users\Ivan\Desktop\2017.5.12\102.vir
  [DETECTION] Is the TR/FileCoder.rwsii Trojan
C:\Users\Ivan\Desktop\2017.5.12\103.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Ivan\Desktop\2017.5.12\105.vir
  [DETECTION] Is the TR/AD.KoInject.qdbcu Trojan
C:\Users\Ivan\Desktop\2017.5.12\106.vir
  [DETECTION] Is the TR/Dropper.VB.bffzf Trojan
C:\Users\Ivan\Desktop\2017.5.12\107.vir
  [DETECTION] Is the TR/Dropper.VB.zuzdc Trojan
C:\Users\Ivan\Desktop\2017.5.12\108.vir
  [DETECTION] Contains code of the W2000M/Agent.67381272 macro virus
The file 'C:\Users\Ivan\Desktop\2017.5.12\109.vir' was scanned with the Protection Cloud. SHA256 = F71D900739F369E2996CD19D0F1DD7D6AD5844F191F17162D9A212150C84A0D4
C:\Users\Ivan\Desktop\2017.5.12\109.vir (SHA-256: f71d900739f369e2996cd19d0f1dd7d6ad5844f191f17162d9a212150c84a0d4)
  [DETECTION] Contains suspicious code HEUR/APC (Cloud)
C:\Users\Ivan\Desktop\2017.5.12\110.vir
  [DETECTION] Is the TR/Crypt.Xpack.rawwg Trojan
C:\Users\Ivan\Desktop\2017.5.12\111.vir
  [DETECTION] Is the TR/ATRAPS.rajvv Trojan
C:\Users\Ivan\Desktop\2017.5.12\112.vir
  [DETECTION] Is the TR/Crypt.Xpack.yhifx Trojan
C:\Users\Ivan\Desktop\2017.5.12\114.vir
  [DETECTION] Is the TR/Crypt.ZPACK.aiqcf Trojan
C:\Users\Ivan\Desktop\2017.5.12\115.vir
  [DETECTION] Contains code of the W97M/Agent.3429711 Word macro virus
C:\Users\Ivan\Desktop\2017.5.12\116.vir
  [DETECTION] Is the TR/Crypt.Xpack.cucpa Trojan
C:\Users\Ivan\Desktop\2017.5.12\117.vir
  [DETECTION] Contains recognition pattern of the W32/Jadtre.B Windows virus
C:\Users\Ivan\Desktop\2017.5.12\118.vir
  [DETECTION] Is the TR/Dropper.VB.mshgf Trojan
C:\Users\Ivan\Desktop\2017.5.12\119.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan[/mw_shl_code]

[病毒样本] 精睿样本测试（17.5.12）

本帖子中包含更多资源