收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(16.8.22)
123下一页
返回列表 发新帖
查看: 5284|回复: 22
收起左侧

[病毒样本] 精睿样本测试(16.8.22)

  [复制链接]
轩夏
发表于 2016-8-22 09:25:58 | 显示全部楼层 |阅读模式
地址:

http://pan.baidu.com/s/1hrSvleG  提取密码  eb6z

http://www.vdisk.cn/down/index/19731407

密码:bbs.vc52.cn
数量:50
回复

举报

Llano_心情
发表于 2016-8-22 09:51:22 | 显示全部楼层
本帖最后由 Llano_心情 于 2016-8-24 11:11 编辑

百度国内【关闭大B引擎

断网 kill x 27
[mw_shl_code=css,true]扫描结果
扫描文件数:50
发现风险数:27
已处理风险数:0


风险情况详情:

病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\05.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoh.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\03.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBS.Trojan.Kryptik.ip.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\11.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\13.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\14.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\18.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\22.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBS.Trojan.Kryptik.ip.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\23.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\26.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\30.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\32.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\34.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\39.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\40.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\42.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBS.Trojan.Kryptik.ip.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\45.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\49.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\50.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9957.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\09.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9986.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\06.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9992.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\10.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\01.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9988.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\17.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\19.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9983.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\44.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9995.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\47.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\48.vir  病毒木马类型:恶意木马 未处理[/mw_shl_code]

联网 kill x 27【日志记录无变化,估摸着云继续大姨妈中

截止24日,测试,百度云应该恢复正常,所以再补测一下吧。
联网【8.24】 kill x 28 嘛,至少慧眼基本都入云了
[mw_shl_code=css,true]扫描结果
扫描文件数:50
发现风险数:28
已处理风险数:0


风险情况详情:

病毒木马名:Win32.Trojan.Injector.qi.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\01.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.Kryptik.tcwh.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\06.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan-Downloader.Agent.heh.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\09.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Worm.Autorun.scq.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\10.vir  病毒木马类型:蠕虫病毒 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoh.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\03.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\05.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBS.Trojan.Kryptik.ip.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\11.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan-Downloader.Agent.vrx.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\19.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.HackTool.SMSFlooder.vxww.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\35.vir  病毒木马类型:黑客工具 未处理
病毒木马名:Win32.Trojan-Downloader.Agent.vm.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\44.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.Agent.hxae.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\47.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.Injector.wuap.cav  路径:C:\Users\魔法llano\Documents\2016.8.22\48.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\13.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\14.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\18.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBS.Trojan.Kryptik.ip.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\23.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\22.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\26.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\30.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\32.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\34.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\39.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\40.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBS.Trojan.Kryptik.ip.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\45.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\42.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\49.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aqx.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\50.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9988.bav  路径:C:\Users\魔法llano\Documents\2016.8.22\17.vir  病毒木马类型:恶意木马 未处理[/mw_shl_code]
回复

举报

alfred0156
发表于 2016-8-22 10:00:01 | 显示全部楼层
瑞星新引擎(联网状态)
总扫描文件: 50
总恶意文件: 29
有效检出率: 58.00%
[mw_shl_code=css,true]扫描目标 : (1) C:\Users\alfred\Desktop\2016.8.22

扫描开始: Mon Aug 22 09:57:41 2016

"C:\\Users\\alfred\\Desktop\\2016.8.22\\04.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\03.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA@DT!1.A540","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\05.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\07.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\08.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\02.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\01.vir","infect":"engine":"thunder","threat":"Malware.Generic!PO1bFEdHr9L@2","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\09.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\06.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\10.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\13.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\11.vir","infect":"engine":"cloud","threat":"Trojan.Kryptik!8.8-KsZTXApTqEG","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\14.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\12.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA@DT!1.A540","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\18.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\17.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\20.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\16.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\19.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\15.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\24.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\21.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\22.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA@DT!1.A540","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\26.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\25.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\29.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\23.vir","infect":"engine":"cloud","threat":"Trojan.Kryptik!8.8-mrX2p4OlTkH","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\27.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\31.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\30.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\34.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\32.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\36.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\28.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\38.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\39.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\37.vir","infect":"engine":"cloud","threat":"Downloader.Ransomware!8.625A-g8VATSwjEwS","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\40.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\42.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\33.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\35.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\41.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\46.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA@DT!1.A540","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\45.vir","infect":"engine":"cloud","threat":"Backdoor.Bladabindi!8.B1F-JpXml2zMOwM","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\43.vir","infect":"engine":"cloud","threat":"Malware.Undefined!8.C-sux0lnCNiqE","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\49.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\50.vir","infect":"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\44.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\47.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.22\\48.vir","infect":"engine":"rdm+","threat":"Malware.Heuristic!ET","type":"scan"

扫描结束: Mon Aug 22 09:57:43 2016

总共耗时: 0:2:59(m:s:ms)
[/mw_shl_code]

AVG
高严重性;"22";"0";"22"
中等严重性;"2";"0";"2"
[mw_shl_code=css,true]已扫描:;"C:\Users\alfred\Desktop\2016.8.22"
已启动:;"2016/8/22, 9:56:51"
已完成:;"2016/8/22, 9:56:52"
项目数:;"226"
名称;"说明";"状态";"状态";"优先级"
C:\Users\alfred\Desktop\2016.8.22\22.vir;"发现病毒 W97M/Downloader";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\27.vir;"发现病毒 JS/Phish";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\10.vir;"发现病毒 Worm/MSIL.Q";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\03.vir;"发现病毒 W97M/Downloader";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\31.vir;"特洛伊木马 Exploit_c.ADLI";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\04.vir;"特洛伊木马 Exploit_c.ADLI";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\08.vir;"发现病毒 SWF/Framer.G";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\48.vir;"特洛伊木马 MSIL10.BBKU";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\30.vir;"发现病毒 W97M/Downloader";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\44.vir;"特洛伊木马 Downloader.MSIL.BNIS";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\33.vir;"特洛伊木马 Inject3.BBKE";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\20.vir;"特洛伊木马 Zbot.APHW";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\37.vir;"发现病毒 JS/Redir.27_7";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\35.vir;"特洛伊木马 Atros4.CGD";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\02.vir;"损坏的可执行文件";"未解决";"未解决";"中等"
C:\Users\alfred\Desktop\2016.8.22\19.vir;"特洛伊木马 Downloader.Generic14.BDGF";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\06.vir;"特洛伊木马 Atros3.BTRC";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\16.vir;"广告软件 DealApp3.RZ";"未解决";"未解决";"中等"
C:\Users\alfred\Desktop\2016.8.22\12.vir;"发现病毒 W97M/Downloader.AX";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\29.vir;"特洛伊木马 Exploit_c.ADLI";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\09.vir;"特洛伊木马 Downloader.Generic14.BBZP";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\01.vir;"特洛伊木马 Generic_r.MNZ";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\47.vir;"特洛伊木马 Agent5.ASGL";"未解决";"未解决";"高"
C:\Users\alfred\Desktop\2016.8.22\38.vir;"特洛伊木马 Exploit_c.ADLI";"未解决";"未解决";"高"
[/mw_shl_code]
回复

举报

蓝天二号
发表于 2016-8-22 10:15:08 | 显示全部楼层
avast



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

xcvbaby
发表于 2016-8-22 10:28:23 | 显示全部楼层
本帖最后由 xcvbaby 于 2016-8-22 11:38 编辑

金山毒霸:7                                           电脑管家国内版(未开BD引擎):3

[mw_shl_code=css,true]
DUBA
发现威胁:7个
清除威胁:0个
=============================================
[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\01.vir
类型:win32.troj.generickd.v.(kcloud)
处理方式:未处理

[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\06.vir
类型:win32.troj.generic_a.a.(kcloud)
处理方式:未处理

[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\09.vir
类型:win32.heur.kvm005.a.(kcloud)
处理方式:未处理

[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\10.vir
类型:win32.heur.kvmh008.a.(kcloud)
处理方式:未处理

[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\16.vir
类型:win32.troj.generic_a.a.(kcloud)
处理方式:未处理

[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\19.vir
类型:win32.troj.generickd.v.(kcloud)
处理方式:未处理

[2016-08-22 10:26:15]
威胁:d:\我的文档\desktop\2016.8.22\2016.8.22\48.vir
类型:win32.troj.generickd.v.(kcloud)
处理方式:未处理[/mw_shl_code]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Eset小粉絲
发表于 2016-8-22 10:31:01 | 显示全部楼层
本帖最后由 Eset小粉絲 于 2016-8-22 11:17 编辑

Avira 28X
Submitted to Avira Virus Lab...

[mw_shl_code=css,true]Start of the scan: Monday, 22 August, 2016  10:49

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.8.22'
C:\Users\User\Desktop\2016.8.22\01.vir
  [DETECTION] Is the TR/AD.Zbot.bvph Trojan
C:\Users\User\Desktop\2016.8.22\03.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.dfgh macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\05.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\06.vir
  [DETECTION] Is the TR/Dropper.MSIL.iemu Trojan
C:\Users\User\Desktop\2016.8.22\09.vir
  [DETECTION] Is the TR/Dldr.Agent.lapi Trojan
C:\Users\User\Desktop\2016.8.22\10.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.8.22\12.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Locky.67710 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\13.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\14.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\16.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.kicu
C:\Users\User\Desktop\2016.8.22\17.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.8.22\18.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\19.vir
  [DETECTION] Is the TR/Crypt.ZPACK.leck Trojan
C:\Users\User\Desktop\2016.8.22\20.vir
    [0] Archive type: ACE
    --> 19 quotations design.exe
        [DETECTION] Is the TR/Dropper.VB.ylpg Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\22.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.83670 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\26.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\30.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.537862 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\32.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\33.vir
    [0] Archive type: RAR
    --> IMG-PO-492384BA_output3E54030.exe
        [DETECTION] Is the TR/Dropper.VB.vczt Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\34.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\39.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\40.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\42.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\44.vir
  [DETECTION] Is the TR/Dldr.Agent.flmx Trojan
C:\Users\User\Desktop\2016.8.22\47.vir
  [DETECTION] Is the TR/Muldrop.osan Trojan
C:\Users\User\Desktop\2016.8.22\48.vir
  [DETECTION] Is the TR/Dropper.MSIL.ueam Trojan
C:\Users\User\Desktop\2016.8.22\49.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.22\50.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired[/mw_shl_code]
回复

举报

tmcss
发表于 2016-8-22 10:40:47 | 显示全部楼层
ESS KILL 35X Fix 1X
[mw_shl_code=css,true]日志
正在扫描日志
病毒库版本: 13996 (20160821)
日期: 2016/8/22  时间: 10:38:28
已扫描的磁盘、文件夹和文件: C:\Users\Mistet\Desktop\2016.8.22
C:\Users\Mistet\Desktop\2016.8.22\01.vir - Win32/Injector.DEAJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\03.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKN 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\05.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\06.vir - MSIL/Kryptik.GNF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\08.vir > CWS > file.swf - SWF/Iframe.T 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\09.vir - Win32/TrojanDownloader.Agent.CLZ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\10.vir > CONFUSER > deobfuscated.exe - MSIL/Autorun.Spy.Agent.AU 蠕虫 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\11.vir - VBS/Kryptik.GC 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\13.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\14.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\16.vir - Win32/DealPly.DD 潜在的不受欢迎应用程序 的变种 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\18.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\19.vir - Win32/TrojanDownloader.Agent.CFH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\20.vir > ACE > 19 quotations design.exe - Win32/PSW.Fareit.H 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\20.vir > ACE >  - 压缩文件已损坏
C:\Users\Mistet\Desktop\2016.8.22\22.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BPB 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\23.vir - VBS/Kryptik.GC 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\25.vir > ZIP > word/vbaProject.bin - PowerShell/Rozena.G 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\26.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\30.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BPQ 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\32.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\33.vir > RAR > IMG-PO-492384BA_output3E54030.exe - Win32/Injector.DDZK 特洛伊木马 的变种 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\34.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\35.vir - MSIL/HackTool.SMSFlooder.L 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\36.vir - Linux/Gafgyt.SE 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\37.vir - JS/TrojanDownloader.Nemucod.ARK 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\39.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\40.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\41.vir - JS/TrojanDownloader.Agent.OWE 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\42.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\44.vir - MSIL/TrojanDownloader.Agent.JB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\45.vir - VBS/Kryptik.GC 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\46.vir - PowerShell/TrojanDownloader.Agent.Q 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.8.22\47.vir - Win32/Agent.YDZ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\48.vir - MSIL/Kryptik.GGK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.22\49.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\50.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.22\03.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BKN 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\05.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\13.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\14.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\16.vir - Win32/DealPly.DD 潜在的不受欢迎应用程序 的变种 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\18.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\20.vir > ACE > 19 quotations design.exe - Win32/PSW.Fareit.H 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\20.vir > ACE >  - 压缩文件已损坏
C:\Users\Mistet\Desktop\2016.8.22\22.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BPB 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\25.vir > ZIP > word/vbaProject.bin - PowerShell/Rozena.G 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\26.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\30.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BPQ 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\32.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\34.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\39.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\40.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\42.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\49.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.22\50.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQG 特洛伊木马 - 已删除
已扫描的对象数: 278
发现的威胁数: 36
已清除对象数: 36
完成时间: 10:38:47  总扫描时间: 19 秒 (00:00:19)

备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。
[/mw_shl_code]
回复

举报

神迹般存在
发表于 2016-8-22 10:59:19 | 显示全部楼层
卡巴斯基安全软件2016:

删除25个,清除6个,未检测19个。

已上报至卡巴斯基官方。
回复

举报

轩夏
 楼主| 发表于 2016-8-22 11:25:34 | 显示全部楼层
MSE

[mw_shl_code=css,true]Scan started on Mon Aug 22 11:24:02 2016

C:\Users\XuanXia\Desktop\2016.8.22\01.vir                                     Infected: PWS:Win32/Zbot
C:\Users\XuanXia\Desktop\2016.8.22\02.vir                                     Infected: Trojan:Win32/Dorv.D!rfn
C:\Users\XuanXia\Desktop\2016.8.22\03.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\05.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\06.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.22\10.vir                                     Infected: HackTool:Win32/Mailpassview
C:\Users\XuanXia\Desktop\2016.8.22\13.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\14.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\18.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\19.vir                                     Infected: TrojanDownloader:Win32/Talalpek.A
C:\Users\XuanXia\Desktop\2016.8.22\20.vir->19 quotations design.exe           Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.22\22.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\26.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\30.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\32.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\33.vir->IMG-PO-492384BA_output3E54030.exe  Infected: Trojan:Win32/Dynamer!ac [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.22\34.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\39.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\40.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\42.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\45.vir                                     Infected: Backdoor:MSIL/Bladabindi.AJ
C:\Users\XuanXia\Desktop\2016.8.22\47.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.22\48.vir                                     Infected: TrojanSpy:MSIL/Golroted.B
C:\Users\XuanXia\Desktop\2016.8.22\49.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.22\50.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff

Successfully checked: C:\Users\XuanXia\Desktop\2016.8.22

Scan ended on Mon Aug 22 11:24:11 2016

Time: 9 second(s). [0h:00m:09s]
Files/second: 37 (1563 Kb/s).
Objects scanned: 334.
Infected: 25. Suspicious: 0. Clean: 309. Different virus bodies: 9.
Files: 50. Directories: 1. Archives: 20. Packed: 3. Mail files: 0.
Warnings: 25. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.[/mw_shl_code]
回复

举报

Sailer.X 该用户已被删除
发表于 2016-8-22 11:28:18 | 显示全部楼层
BDTS 2017 beta2:
检测:32X,删除:18X,修复:14X
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-14 11:12 , Processed in 0.130223 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表