收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(16.7.19)
1234下一页
返回列表 发新帖
查看: 4525|回复: 38
收起左侧

[病毒样本] 精睿样本测试(16.7.19)

  [复制链接]
心醉咖啡
发表于 2016-7-19 09:50:00 | 显示全部楼层 |阅读模式
地址:

https://pan.baidu.com/s/1jIfgxOq  提取密码  grz7

  

密码:bbs.vc52.cn
数量:50
回复

举报

心醉咖啡
 楼主| 发表于 2016-7-19 09:51:51 | 显示全部楼层
本帖最后由 心醉咖啡 于 2016-7-19 10:17 编辑

毒霸一扫kill0X

二扫kill9X

三扫再kill1X
回复

举报

傻猪猪米走鸡
发表于 2016-7-19 09:56:01 | 显示全部楼层
Log
Scan Log
Version of virus signature database: 13823P (20160718)
Date: 2016/7/19  Time: 9:55:34
Scanned disks, folders and files: C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\02.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BJG trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\03.vir - Win32/Filecoder.Locky.C trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassh.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/Start.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassm.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassv.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassw.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassi.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassy.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassu.class - Java/Adwind.LI trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\06.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\07.vir - JS/TrojanDownloader.Nemucod.AKH trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\08.vir » ZWS » file.swf - a variant of SWF/Exploit.Agent.KI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\10.vir - a variant of Win32/Kryptik.FCIP trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\11.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\13.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\14.vir - a variant of MSIL/DllInject.BK potentially unsafe application - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\15.vir - VBS/Kryptik.J trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\16.vir - JS/TrojanDownloader.Nemucod.AKI trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\17.vir » ZIP » rfq_mv_parish.doc - Win32/Exploit.CVE-2012-0158.ACB trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\18.vir - Win32/Filecoder.Locky.C trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\19.vir » RAR » Doc Files.exe - a variant of MSIL/Injector.PTS trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\20.vir » ZIP » main/qollakdsÑÑÑDDDDDÑÑÑDDDDDÑÑÑDDDDDÑÑÑDDDDDÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑj.class - Java/Adwind.MB trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\20.vir » ZIP » main/qollakdsÑÑÑDDDDDÑÑÑDDDDDÑÑÑDDDDDÑÑÑDDDDDÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑy.class - a variant of Java/Adwind.LU trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\20.vir » ZIP » main/qollakdsÑÑÑDDDDDÑÑÑDDDDDÑÑÑDDDDDÑÑÑDDDDDÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑÑf.class - a variant of Java/Adwind.LT trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\22.vir - MSIL/Bladabindi.AS trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\23.vir - Win32/Filecoder.WEDS trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\24.vir - VBA/TrojanDownloader.Agent.BKG trojan - cleaned
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\27.vir - VBA/TrojanDropper.Agent.LU trojan - cleaned
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\28.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKN trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\29.vir - JS/TrojanDownloader.Nemucod.AKI trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\30.vir - Win32/Filecoder.WEDS trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/u.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/s.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/w.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/z.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/b.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/y.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/d.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/p.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/l.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/r.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/n.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/g.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/q.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/j.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/h.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/c.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/Done.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/x.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/m.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/o.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\31.vir » ZIP » Internet/i.class - Java/Adwind.WG trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\32.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\33.vir - JS/TrojanDownloader.Nemucod.AKM trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\34.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\35.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\36.vir - JS/TrojanDownloader.Nemucod.AKH trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\37.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\38.vir » ZIP » rfq_mv_parish.doc - Win32/Exploit.CVE-2012-0158.ACB trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\39.vir - a variant of Win32/Injector.DCEJ trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\41.vir - JS/TrojanDownloader.Nemucod.AKH trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\43.vir - a variant of Win32/GameHack.AKC potentially unsafe application - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\44.vir - VBA/TrojanDropper.Agent.LU trojan - cleaned
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\45.vir - VBS/TrojanDownloader.Agent.OAW trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\46.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKN trojan - action selection postponed until scan completion
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\47.vir - VBA/TrojanDropper.Agent.LU trojan - cleaned
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\48.vir - JS/TrojanDownloader.Nemucod.AKM trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\50.vir - JS/TrojanDownloader.Nemucod.AKI trojan - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\02.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BJG trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassh.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/Start.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassm.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassv.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassw.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassi.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassy.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\04.vir » ZIP » word/embeddings/oleObject1.bin » OLEDATA » wealthy.jar » ZIP » main/NameClassu.class - Java/Adwind.LI trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\06.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\11.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\13.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\14.vir - a variant of MSIL/DllInject.BK potentially unsafe application - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\28.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKN trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\32.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\34.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\35.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\37.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKP trojan - deleted
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\43.vir - a variant of Win32/GameHack.AKC potentially unsafe application - cleaned by deleting [1]
C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\46.vir » ZIP » word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKN trojan - deleted
Number of scanned objects: 283
Number of threats found: 69
Number of cleaned objects: 69
Time of completion: 9:55:45  Total scanning time: 11 sec (00:00:11)

Notes:
[1] Object has been deleted as it only contained the virus body.
回复

举报

km2002
发表于 2016-7-19 09:58:32 | 显示全部楼层
费尔扫描6X 未双击 火绒扫描44X 今早上更新的

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

傻猪猪米走鸡
发表于 2016-7-19 09:59:48 | 显示全部楼层
ESET剩下14个. 我怎么觉得这个包似曾相识.

Time;Module;Event;User
2016/7/19 9:59:26;ESET Kernel;File  'C:\Users\Galaxy\Downloads\2016.7.19\2016.7.19\2016.7.19.rar' was sent to ESET for analysis.;
回复

举报

km2002
发表于 2016-7-19 10:00:08 | 显示全部楼层
本帖最后由 km2002 于 2016-7-19 10:02 编辑
心醉咖啡 发表于 2016-7-19 09:51
毒霸一扫kill0X


0X  看来今天毒霸还没睡醒   等待二扫~
回复

举报

傻猪猪米走鸡
发表于 2016-7-19 10:10:58 | 显示全部楼层
km2002 发表于 2016-7-19 10:00
0X  看来今天毒霸还没睡醒   等待二扫~

毒霸以前的上报系统很方便,现在自己把自己搞残
回复

举报

水墨静音
发表于 2016-7-19 10:11:13 | 显示全部楼层
本帖最后由 水墨静音 于 2016-7-19 10:14 编辑

360引擎检出6X,4X为红伞引擎检出

管家国内版(含BD引擎)检出9X,全部为腾讯云引擎检出

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

欧阳宣
头像被屏蔽
发表于 2016-7-19 10:11:28 | 显示全部楼层
本帖最后由 欧阳宣 于 2016-7-19 10:23 编辑

管家国际版检测34,修复3个
[mw_shl_code=css,true]2016-7-19 10:22:33 MD5:70167a279959fbfbea7395a0dc243b71 D:\Virus\2016.7.19\13.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:33 MD5:b354377d839975e3074882ece684c023 D:\Virus\2016.7.19\41.vir [Trojan.JS.Downloader.DQA]  [Delete success]
2016-7-19 10:22:33 MD5:de142ff85004796d5b4dd0816bdfeda4 D:\Virus\2016.7.19\30.vir [Trojan.GenericKD.3380417]  [Delete success]
2016-7-19 10:22:33 MD5:f38f72383dcfae5e2e83e77b1782ce88 D:\Virus\2016.7.19\28.vir [Trojan.Doc.Downloader.NO]  [Delete success]
2016-7-19 10:22:34 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassi.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:34 MD5:bee0f883cd2ee7dcc3658a0739859771 D:\Virus\2016.7.19\03.vir [Trojan.GenericKD.3409169]  [Delete success]
2016-7-19 10:22:34 MD5:5a220090dcbc55d6195189da2a7ed52d D:\Virus\2016.7.19\05.vir [Trojan.Generic.17631985]  [Delete success]
2016-7-19 10:22:34 MD5:c4dff550f32132907325024012855ca9 D:\Virus\2016.7.19\06.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:34 MD5:de96ea6c53d308bfb4848c5d85caa60b D:\Virus\2016.7.19\50.vir [Trojan.GenericKD.3409059]  [Delete success]
2016-7-19 10:22:34 MD5:200049488ca4763bceca904a11f3802c D:\Virus\2016.7.19\35.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:34 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassh.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:34 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassh.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:34 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassv.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:35 MD5:88f10f9e49b6f845500396df5fd6a4a6 D:\Virus\2016.7.19\19.vir --> Doc Files.exe [Trojan.GenericKD.3404020]  [Delete success]
2016-7-19 10:22:35 MD5:0b8667d62233628d35f37898f04df5f7 D:\Virus\2016.7.19\22.vir [Gen:Variant.Graftor.137029]  [Delete success]
2016-7-19 10:22:35 MD5:42c710efc0c3afcacbb185357e67790a D:\Virus\2016.7.19\18.vir [Trojan.GenericKD.3409294]  [Delete success]
2016-7-19 10:22:35 MD5:cddcdfef4acd3d796985a520e1903c03 D:\Virus\2016.7.19\32.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:35 MD5:8e22d3c2aa3e43a8899cc3eec6e99677 D:\Virus\2016.7.19\46.vir [Trojan.Doc.Downloader.NN]  [Delete success]
2016-7-19 10:22:36 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassv.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:36 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassy.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:36 MD5:2af868564a43dbdc3cf6becc1d1f113d D:\Virus\2016.7.19\11.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:36 MD5:792d9a3aa6ce36ebb690195429418f40 D:\Virus\2016.7.19\02.vir [W97M.Downloader.DRO]  [Delete success]
2016-7-19 10:22:36 MD5:a6bd37080ddf6ab4c18e5ef7a1c6d98e D:\Virus\2016.7.19\37.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:36 MD5:ca3a83384afcff29f783f3a8cb289f14 D:\Virus\2016.7.19\27.vir [W97M.Downloader.DUR]  [Clean success]
2016-7-19 10:22:36 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassy.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:36 MD5:795a0e987ed367346b4fb0c0c957db34 D:\Virus\2016.7.19\25.vir [Trojan.GenericKD.3409517]  [Delete success]
2016-7-19 10:22:36 MD5:59064c336512fcb60496f40eafdb69df D:\Virus\2016.7.19\10.vir [Trojan.GenericKD.3408750]  [Delete success]
2016-7-19 10:22:37 MD5:f6a277314f9bab15cd4a767ef1ca173d D:\Virus\2016.7.19\48.vir [Trojan.Script.DJA]  [Delete success]
2016-7-19 10:22:37 MD5:0294b392575746000972d19b60ca9195 D:\Virus\2016.7.19\34.vir --> word/vbaProject.bin [W97M.Downloader.DUT]  [Delete success]
2016-7-19 10:22:37 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/Start.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:37 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/Start.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:37 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassw.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:37 MD5:e0fa94f05baa338b1cc8fbce8e76eaa1 D:\Virus\2016.7.19\16.vir [Trojan.GenericKD.3409021]  [Delete success]
2016-7-19 10:22:37 MD5:a1556a3052650f5dbface031a664fa62 D:\Virus\2016.7.19\39.vir [Trojan.GenericKD.3408955]  [Delete success]
2016-7-19 10:22:37 MD5:3b7223e771220d05e195e652eac39f1e D:\Virus\2016.7.19\44.vir [W97M.Downloader.DUR]  [Clean success]
2016-7-19 10:22:37 MD5:13c6daed50fc8a35e72d8e7012964bad D:\Virus\2016.7.19\29.vir [Trojan.GenericKD.3409037]  [Delete success]
2016-7-19 10:22:37 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassw.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:38 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassu.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:38 MD5:52fdba1f594641baae4180703ad9c48b D:\Virus\2016.7.19\07.vir [Trojan.JS.Downloader.DQA]  [Delete success]
2016-7-19 10:22:38 MD5:a3e5224187a1cca95923f8154afd4c1f D:\Virus\2016.7.19\01.vir [Trojan.GenericKD.3400052]  [Delete success]
2016-7-19 10:22:38 MD5:7c1277eb70a9fd9df799e29f6e04c29b D:\Virus\2016.7.19\36.vir [Trojan.JS.Downloader.DQA]  [Delete success]
2016-7-19 10:22:38 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassu.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:38 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassm.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:38 MD5:57522a5a2af01df4efed4293a0c8c42f D:\Virus\2016.7.19\20.vir --> main/Start.class [Java.Trojan.Adwind.BB]  [Delete success]
2016-7-19 10:22:38 MD5:6a144243b9e4f66b6711a95ef13f9ee8 D:\Virus\2016.7.19\14.vir [Application.Generic.1619470]  [Delete success]
2016-7-19 10:22:38 MD5:f655e224745b3f6327dc53eb9e30c899 D:\Virus\2016.7.19\23.vir [Trojan.GenericKD.3408482]  [Delete success]
2016-7-19 10:22:39 MD5:019f1e862034f2d217f3c09c3b261b83 D:\Virus\2016.7.19\47.vir [W97M.Downloader.DUR]  [Clean success]
2016-7-19 10:22:39 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> wealthy.jar --> main/NameClassm.class [Trojan.Java.Classloader.BK]  [Delete success]
2016-7-19 10:22:39 MD5:c5c3162ba4725df77f972aa2e1910477 D:\Virus\2016.7.19\04.vir --> word/embeddings/oleObject1.bin --> main/NameClassi.class [Trojan.Java.Classloader.BK]  [Delete success][/mw_shl_code]
回复

举报

Eset小粉絲
发表于 2016-7-19 10:13:16 | 显示全部楼层
本帖最后由 Eset小粉絲 于 2016-7-19 10:15 编辑

Avira 34X


[mw_shl_code=css,true]Start of the scan: Tuesday, 19 July, 2016  10:12

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.7.19'
C:\Users\User\Desktop\2016.7.19\01.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.KMP Java script virus
C:\Users\User\Desktop\2016.7.19\02.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.79160 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\04.vir
    [0] Archive type: ZIP
    --> word/embeddings/oleObject1.bin
        [1] Archive type: OLE
      --> AV00000015.AV$
          [2] Archive type: ZIP
        --> main/NameClassh.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.1213 Java virus
            [WARNING]   Infected files in archives cannot be repaired
        --> main/Start.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.828 Java virus
            [WARNING]   Infected files in archives cannot be repaired
        --> main/NameClassm.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.2323 Java virus
            [WARNING]   Infected files in archives cannot be repaired
        --> main/NameClassv.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.1319 Java virus
            [WARNING]   Infected files in archives cannot be repaired
        --> main/NameClassw.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.1545 Java virus
            [WARNING]   Infected files in archives cannot be repaired
        --> main/NameClassi.class
            [DETECTION] Contains recognition pattern of the EXP/Java.HLP.EB.911 exploit
            [WARNING]   Infected files in archives cannot be repaired
        --> main/NameClassy.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.1719 Java virus
            [WARNING]   Infected files in archives cannot be repaired
        --> main/NameClassu.class
            [DETECTION] Contains recognition pattern of the JAVA/Adwind.760 Java virus
            [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\05.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.7.19\06.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\07.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.kse Java script virus
C:\Users\User\Desktop\2016.7.19\10.vir
  [DETECTION] Is the TR/Crypt.Xpack.zday Trojan
C:\Users\User\Desktop\2016.7.19\11.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\13.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\14.vir
  [DETECTION] Is the TR/Inject.khwm Trojan
C:\Users\User\Desktop\2016.7.19\15.vir
  [DETECTION] Contains recognition pattern of the VBS/Jenxcus.Gen VBS script virus
C:\Users\User\Desktop\2016.7.19\16.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.7.19\17.vir
    [0] Archive type: ZIP
        [DETECTION] Contains recognition pattern of the EXP/CVE-2012-0158 exploit
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\18.vir
  [DETECTION] Is the TR/AD.Locky.Y.etzi Trojan
C:\Users\User\Desktop\2016.7.19\19.vir
    [0] Archive type: RAR
    --> Doc Files.exe
        [DETECTION] Is the TR/Dropper.MSIL.weis Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\22.vir
  [DETECTION] Is the TR/Agent.xhsm Trojan
C:\Users\User\Desktop\2016.7.19\23.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen7 Trojan
C:\Users\User\Desktop\2016.7.19\24.vir
  [DETECTION] Contains code of the W2000M/Agent.3957189 macro virus
C:\Users\User\Desktop\2016.7.19\27.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.dgh macro virus
C:\Users\User\Desktop\2016.7.19\28.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.dfgh macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\29.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.7.19\30.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen7 Trojan
C:\Users\User\Desktop\2016.7.19\31.vir
    [0] Archive type: ZIP
    --> Internet/u.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.12 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/s.class
        [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54337 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/w.class
        [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54338 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/z.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.15 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/b.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5475 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/y.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.14 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/d.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/p.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.10 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/l.class
        [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54335 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/r.class
        [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54336 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/n.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.9 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/g.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.4 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/q.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.11 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/j.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.7 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/h.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.5 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/c.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/Done.class
        [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.54334 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/x.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.13 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/m.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.8 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/o.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.11 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Internet/i.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5474.6 Java virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\32.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\34.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\35.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\36.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.kse Java script virus
C:\Users\User\Desktop\2016.7.19\37.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.45050 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\38.vir
    [0] Archive type: ZIP
        [DETECTION] Contains recognition pattern of the EXP/CVE-2012-0158 exploit
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\41.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.kse Java script virus
C:\Users\User\Desktop\2016.7.19\44.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.dgh macro virus
C:\Users\User\Desktop\2016.7.19\46.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.dfgh macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.7.19\47.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.dgh macro virus
C:\Users\User\Desktop\2016.7.19\50.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus[/mw_shl_code]
回复

举报

下一页 »
1234下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-14 09:51 , Processed in 0.134087 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表