收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(16.9.16)
123下一页
返回列表 发新帖
查看: 4374|回复: 28
收起左侧

[病毒样本] 精睿样本测试(16.9.16)

[复制链接]
心醉咖啡
发表于 2016-9-16 09:41:51 | 显示全部楼层 |阅读模式
地址:

https://pan.baidu.com/s/1gfPqYnL   提取密码  iqrs  

http://www.vdisk.cn/down/index/19734226

  

密码:bbs.vc52.cn
输量:50
回复

举报

心醉咖啡
 楼主| 发表于 2016-9-16 09:44:16 | 显示全部楼层
火绒kill7X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

狐狸糊涂
发表于 2016-9-16 10:09:36 | 显示全部楼层
本帖最后由 狐狸糊涂 于 2016-9-16 10:30 编辑

BD杀31,余19
[mw_shl_code=css,true]C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX12.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\25.vir Trojan.GenericKD.3525937 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX30.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\07.vir Trojan.GenericKD.3528027 Deleted
C:\Users\lixia\Desktop\2016.9.16\40.vir Trojan.GenericKD.3528806 Deleted
C:\Users\lixia\Desktop\2016.9.16\13.vir Trojan.GenericKD.3528879 Deleted
C:\Users\lixia\Desktop\2016.9.16\39.vir Trojan.GenericKD.3525770 Deleted
C:\Users\lixia\Desktop\2016.9.16\50.vir Trojan.GenericKD.3529867 Deleted
C:\Users\lixia\Desktop\2016.9.16\32.vir Trojan.GenericKD.3488819 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX15.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\18.vir=>(JAVASCRIPT 1) Trojan.JS.Downloader.FMY Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX23.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\36.vir Trojan.GenericKD.3528802 Deleted
C:\Users\lixia\Desktop\2016.9.16\18.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FMR Deleted
C:\Users\lixia\Desktop\2016.9.16\22.vir=>(JAVASCRIPT-COMPILATION) Trojan.JS.Downloader.FMX Deleted
C:\Users\lixia\Desktop\2016.9.16\38.vir Trojan.RanSerKD.3525047 Deleted after reboot
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX19.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\22.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FMV Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX32.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\49.vir=>(JAVASCRIPT-COMPILATION) Trojan.JS.Downloader.FMX Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX18.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX15.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\28.vir Trojan.JS.Downloader.FMJ Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX10.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX21.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\44.vir=>(JAVASCRIPT-COMPILATION) Trojan.JS.Downloader.FMX Deleted
C:\Users\lixia\Desktop\2016.9.16\49.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FMV Deleted
C:\Users\lixia\Desktop\2016.9.16\45.vir Trojan.GenericKD.3528723 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX14.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\27.vir Exploit.SWF.EG Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX11.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\46.vir=>(JAVASCRIPT-COMPILATION) Trojan.JS.Downloader.FMX Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX11.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\14.vir=>(JAVASCRIPT 1) Trojan.JS.Downloader.FMY Deleted
C:\Users\lixia\Desktop\2016.9.16\14.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FMR Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX31.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\08.vir Trojan.GenericKD.3528729 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX13.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX24.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\19.vir Trojan.PDF.Scam.DL Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX22.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\35.vir Trojan.GenericKD.3526981 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX20.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\33.vir Trojan.GenericKD.3528780 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX22.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\48.vir=>bestellung_26.08.2016.js Exploit.OLE-JS.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX17.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\11.vir Trojan.GenericKD.3525847 Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX16.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\10.vir Gen:Variant.Razy.89506 Deleted
C:\Users\lixia\Desktop\2016.9.16\02.vir Trojan.JS.Downloader.FLR Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\20.vir Trojan.GenericKD.3528101 Deleted
C:\Users\lixia\Desktop\2016.9.16\12.vir Trojan.GenericKD.3529231 Deleted
C:\Users\lixia\Desktop\2016.9.16\46.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FMV Deleted
C:\Users\lixia\Desktop\2016.9.16\03.vir=>PL_Inv_09317_pdf.exe Gen:Variant.Jaik.13078 Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\44.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FMV Deleted
C:\Users\lixia\Desktop\2016.9.16\05.vir=>(JAVASCRIPT 1) Trojan.Script.Agent.II Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX2.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\05.vir=>(JAVASCRIPT 2) Trojan.Script.Agent.II Deleted
C:\Users\lixia\Desktop\2016.9.16\05.vir=>(JAVASCRIPT-COMPILATION) Trojan.Script.Agent.II Deleted
C:\Users\lixia\Desktop\2016.9.16\05.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FLO Deleted
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX25.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX26.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX27.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX28.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX29.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX3.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX32.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX33.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX34.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX35.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX36.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX37.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX38.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX39.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX4.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX40.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX5.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX6.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX7.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX8.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/activeX/activeX9.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>word/document.xml Exploit.CVE-2015-1641.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX10.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX12.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX13.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX14.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX16.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX17.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX18.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX19.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX2.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX20.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX21.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX23.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX24.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX25.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/document.xml Exploit.CVE-2015-1641.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX26.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX27.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX28.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX29.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX3.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX30.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX31.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX33.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX34.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX35.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX36.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX37.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX38.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX39.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX4.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX40.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX5.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX6.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX7.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX8.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
C:\Users\lixia\Desktop\2016.9.16\16.vir=>(objdata)=>(Embedded DocFile g)=>word/activeX/activeX9.xml Exploit.CVE-2012-1856.Gen Moved to Quarantine
[/mw_shl_code]BD
回复

举报

諾言敵不過時間
发表于 2016-9-16 10:25:48 | 显示全部楼层
360TSE 25X
回复

举报

蓝天二号
发表于 2016-9-16 11:32:02 | 显示全部楼层
AVG KILL 34X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

诸葛亮
发表于 2016-9-16 11:56:07 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

917870500
发表于 2016-9-16 12:23:16 | 显示全部楼层
ESET Total kill 37x

解压 kill 31x



[mw_shl_code=css,true]2016-9-16 12:17:54        文件系统实时防护        文件        E:\VirZ\2016.9.16\50.vir        VBA/TrojanDropper.Agent.PD 特洛伊木马        已清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        F99DCD12AFA3C2D264462F53F860F0DABB0C205F        2016-9-16 12:17:54
2016-9-16 12:17:54        文件系统实时防护        文件        E:\VirZ\2016.9.16\49.vir        JS/TrojanDownloader.Nemucod.AXQ 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        74D898A91BC8B97BE34019C3051B51A63C11D6AF        2016-9-16 12:17:54
2016-9-16 12:17:54        文件系统实时防护        文件        E:\VirZ\2016.9.16\47.vir        Win32/Kryptik.FGGZ 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        4CEEA3F48B5B4DC77301C22F8B944E68D135529D        2016-9-16 12:17:53
2016-9-16 12:17:53        文件系统实时防护        文件        E:\VirZ\2016.9.16\46.vir        JS/TrojanDownloader.Nemucod.AXQ 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        262953C2CED381B69A320F7E0F0A338B5A699D2C        2016-9-16 12:17:53
2016-9-16 12:17:53        文件系统实时防护        文件        E:\VirZ\2016.9.16\45.vir        JS/TrojanDownloader.Nemucod.AXU 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        E60E09C298599127012602C29AA23B2EF483486F        2016-9-16 12:17:53
2016-9-16 12:17:53        文件系统实时防护        文件        E:\VirZ\2016.9.16\44.vir        JS/TrojanDownloader.Nemucod.AXQ 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        F3AE55069558942567FAAD6A6CDEFBDF1C073F05        2016-9-16 12:17:53
2016-9-16 12:17:53        文件系统实时防护        文件        E:\VirZ\2016.9.16\43.vir        JS/TrojanDownloader.Nemucod.AUE 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        5F8A8CAA4ABCDED20EA84D2C238DDB4A99D0B965        2016-9-16 12:17:52
2016-9-16 12:17:52        文件系统实时防护        文件        E:\VirZ\2016.9.16\40.vir        JS/TrojanDownloader.Nemucod.AXU 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        21EA492D539AD34FC7ECD9E2A6605E6DE387D897        2016-9-16 12:17:52
2016-9-16 12:17:52        文件系统实时防护        文件        E:\VirZ\2016.9.16\39.vir        Win32/Kryptik.FGEM 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        DBFDF6C4BED5C4B6CB404A967C6E01879A8261B4        2016-9-16 12:17:52
2016-9-16 12:17:52        文件系统实时防护        文件        E:\VirZ\2016.9.16\38.vir        Win32/Injector.DFAS 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe.               
2016-9-16 12:17:51        文件系统实时防护        文件        E:\VirZ\2016.9.16\36.vir        JS/TrojanDownloader.Nemucod.AXU 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        152CAED1586B41863692EF93F3DADBA2B851687C        2016-9-16 12:17:51
2016-9-16 12:17:51        文件系统实时防护        文件        E:\VirZ\2016.9.16\35.vir        Win32/Injector.DEWX 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        6428429870C35DC75A9754AC0D2C27F2C1C32440        2016-9-16 12:17:51
2016-9-16 12:17:51        文件系统实时防护        文件        E:\VirZ\2016.9.16\33.vir        VBA/TrojanDropper.Agent.PC 特洛伊木马        已清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        5A169BCEE08CB23D4ECFD2D9E2FE751DB11256FA        2016-9-16 12:17:51
2016-9-16 12:17:51        文件系统实时防护        文件        E:\VirZ\2016.9.16\32.vir        Win32/Kryptik.FFAI 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        F8814EEC7ACCDA9A7D7E44DDF3002608813E8218        2016-9-16 12:17:51
2016-9-16 12:17:51        文件系统实时防护        文件        E:\VirZ\2016.9.16\28.vir        JS/TrojanDownloader.Nemucod.AXR 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        13A48A76C8DC151ACCBECA1299486CEFB953CB83        2016-9-16 12:17:50
2016-9-16 12:17:50        文件系统实时防护        文件        E:\VirZ\2016.9.16\27.vir        SWF/Agent.K 特洛伊木马        已删除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe.               
2016-9-16 12:17:50        文件系统实时防护        文件        E:\VirZ\2016.9.16\26.vir        PHP/Kryptik.BC 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        F2BE2C32595636824E233982EC1C813F204B1347        2016-9-16 12:17:50
2016-9-16 12:17:50        文件系统实时防护        文件        E:\VirZ\2016.9.16\25.vir        Win32/Filecoder.Locky.H 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        EC9C2B9839C550EA932B2E1D3BC256D25FDE0094        2016-9-16 12:17:50
2016-9-16 12:17:50        文件系统实时防护        文件        E:\VirZ\2016.9.16\22.vir        JS/TrojanDownloader.Nemucod.AXQ 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        9BC2C6BA61F237BF63982DDCF941804D6F044476        2016-9-16 12:17:49
2016-9-16 12:17:49        文件系统实时防护        文件        E:\VirZ\2016.9.16\20.vir        Win32/Kryptik.FGGJ 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        F89394B7B714EF1446067A9AFC7793956C2E37AE        2016-9-16 12:17:49
2016-9-16 12:17:49        文件系统实时防护        文件        E:\VirZ\2016.9.16\18.vir        JS/TrojanDownloader.Nemucod.AXS 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        FFC1E1B900EA95A555BCC4DCE64947C6A6412533        2016-9-16 12:17:49
2016-9-16 12:17:49        文件系统实时防护        文件        E:\VirZ\2016.9.16\16.vir        Win32/Exploit.CVE-2012-0158.ACK 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        4E2A63E34ACEA371781A3F92FB9C8FD6C9E59991        2016-9-16 12:17:49
2016-9-16 12:17:49        文件系统实时防护        文件        E:\VirZ\2016.9.16\15.vir        Android/DualToy.A 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        411C8BC1EC2F9FD42D43C1E5BD2A78206825CE42        2016-9-16 12:17:48
2016-9-16 12:17:48        文件系统实时防护        文件        E:\VirZ\2016.9.16\14.vir        JS/TrojanDownloader.Nemucod.AXS 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        12BC26C807A76887DB698D87B6DFBB760FC1A079        2016-9-16 12:17:48
2016-9-16 12:17:48        文件系统实时防护        文件        E:\VirZ\2016.9.16\13.vir        JS/TrojanDownloader.Nemucod.AXU 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        EDF6DCFF5E6555AFAE08C729C106EAACE773B3BF        2016-9-16 12:17:48
2016-9-16 12:17:48        文件系统实时防护        文件        E:\VirZ\2016.9.16\12.vir        VBA/TrojanDropper.Agent.PC 特洛伊木马        已清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        03A5F8B5B25F2B9704DBC0D45C64C74AF93E47EF        2016-9-16 12:17:48
2016-9-16 12:17:48        文件系统实时防护        文件        E:\VirZ\2016.9.16\11.vir        MSIL/Injector.QGM 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        7BE78446626279A2FCF297769A1B6B3CE25CA73A        2016-9-16 12:17:48
2016-9-16 12:17:48        文件系统实时防护        文件        E:\VirZ\2016.9.16\08.vir        JS/TrojanDownloader.Nemucod.AXU 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        9077451E86C4466A2922553FE5DDEDED99B1860C        2016-9-16 12:17:47
2016-9-16 12:17:47        文件系统实时防护        文件        E:\VirZ\2016.9.16\07.vir        Win32/Injector.DFBU 特洛伊木马 的变种        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        BF8A706F66C6EFF86DA1AFF23989EEA6FC104D18        2016-9-16 12:17:46
2016-9-16 12:17:45        文件系统实时防护        文件        E:\VirZ\2016.9.16\05.vir        JS/TrojanDownloader.Nemucod.ATR 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        7A36F3DC974C00469985BB7CBD75999E1FD427E9        2016-9-16 12:17:44
2016-9-16 12:17:44        文件系统实时防护        文件        E:\VirZ\2016.9.16\02.vir        JS/TrojanDownloader.Nemucod.AWW 特洛伊木马        通过删除清除        RAYMOND-9B1A7AC\Raymond        在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe (95CE9136E708712C2A29EE18BE48DD028018B558).        CFA90089C204F895AD0266C165F1E60CD7D1593E        2016-9-16 12:17:44[/mw_shl_code]

右键二扫:kill 6x



[mw_shl_code=css,true]E:\VirZ\2016.9.16\03.vir > ACE > PL_Inv_09317_pdf.exe - Win32/Injector.DFCD 特洛伊木马 的变种 - 扫描完成后再选择处理方式
E:\VirZ\2016.9.16\03.vir > ACE >  - 压缩文件已损坏
E:\VirZ\2016.9.16\04.vir > RAR > Pedido_11245.jar > ZIP > dgerssdf/D0wwwnF1leww.class - Java/TrojanDownloader.Agent.NNA 特洛伊木马 的变种 - 已删除
E:\VirZ\2016.9.16\37.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > Zahlung_14.09.2016_sbb.ch.js - PowerShell/TrojanDownloader.Agent.Q 特洛伊木马 - 扫描完成后再选择处理方式
E:\VirZ\2016.9.16\41.vir > ZIP > Cruizer/Fanta_Uva.class - Java/TrojanDownloader.Banload.CI 特洛伊木马 的变种 - 通过删除清除
E:\VirZ\2016.9.16\48.vir > OLEDATA > bestellung_26.08.2016.js - JS/ProxyChanger.BP 特洛伊木马 - 通过删除清除
E:\VirZ\2016.9.16\48.vir - JS/ProxyChanger.BP 特洛伊木马 - 通过删除清除
E:\VirZ\2016.9.16\03.vir > ACE > PL_Inv_09317_pdf.exe - Win32/Injector.DFCD 特洛伊木马 的变种 - 已删除
E:\VirZ\2016.9.16\03.vir > ACE >  - 压缩文件已损坏
E:\VirZ\2016.9.16\37.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > Zahlung_14.09.2016_sbb.ch.js - PowerShell/TrojanDownloader.Agent.Q 特洛伊木马 - 已删除[/mw_shl_code]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Eset小粉絲
发表于 2016-9-16 13:08:21 | 显示全部楼层
AVIRA 30X

[mw_shl_code=css,true]Start of the scan: Friday, 16 September, 2016  12:56

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.9.16'
C:\Users\User\Desktop\2016.9.16\01.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.9.16\02.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\03.vir
    [0] Archive type: ACE
    --> PL_Inv_09317_pdf.exe
        [DETECTION] Is the TR/Fareit.lskx Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.16\04.vir
    [0] Archive type: RAR
    --> Pedido_11245.jar
        [1] Archive type: ZIP
      --> dgerssdf/D0wwwnF1leww.class
          [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.8423 Java virus
          [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.16\05.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Kript.83016 Java script virus
C:\Users\User\Desktop\2016.9.16\07.vir
  [DETECTION] Is the TR/Dropper.VB.uuwgx Trojan
C:\Users\User\Desktop\2016.9.16\08.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\10.vir
  [DETECTION] Is the TR/Razy.jdfy Trojan
C:\Users\User\Desktop\2016.9.16\11.vir
  [DETECTION] Is the TR/Dropper.MSIL.xdmxb Trojan
C:\Users\User\Desktop\2016.9.16\13.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\14.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71693 Java script virus
C:\Users\User\Desktop\2016.9.16\18.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71693 Java script virus
C:\Users\User\Desktop\2016.9.16\19.vir
  [DETECTION] Contains recognition pattern of the PHISH/Agent.ahjk phishing file/email
C:\Users\User\Desktop\2016.9.16\20.vir
  [DETECTION] Is the TR/Crypt.Xpack.jic Trojan
C:\Users\User\Desktop\2016.9.16\22.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\25.vir
  [DETECTION] Is the TR/Crypt.Xpack.ufbsx Trojan
C:\Users\User\Desktop\2016.9.16\28.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.9.16\32.vir
  [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Users\User\Desktop\2016.9.16\35.vir
  [DETECTION] Is the TR/AD.NetWiredRc.bhx Trojan
C:\Users\User\Desktop\2016.9.16\36.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\38.vir
    [0] Archive type: NSIS
    --> ProgramFilesDir/CDRom.dll
        [DETECTION] Is the TR/Agent.yau Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.16\40.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\43.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.9.16\44.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\45.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\46.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\47.vir
  [DETECTION] Is the TR/Agent.rfwv Trojan
C:\Users\User\Desktop\2016.9.16\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.765421 Java script virus
C:\Users\User\Desktop\2016.9.16\49.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.9.16\50.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.CG.1200 macro virus[/mw_shl_code]
回复

举报

好想用EMSI
发表于 2016-9-16 13:15:26 | 显示全部楼层
本帖最后由 好想用EMSI 于 2016-9-16 13:19 编辑

ZoneAlarm剩余18个,其中04解压可杀
补充:ZoneAlarm云判定48.doc有害
回复

举报

剑魔孤独
发表于 2016-9-16 18:43:52 | 显示全部楼层
楼主终于换杀软了吗
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-14 00:18 , Processed in 0.123827 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表