2014-11-28 #22

显示全部楼层 · 发表于 2014-11-28 17:12:57

http://kuai.xunlei.com/d/Gh-6AT2sKDF4VAQAc9d
密码：infected

显示全部楼层 · 发表于 2014-11-28 17:36:53

eset清空

显示全部楼层 · 发表于 2014-11-28 17:39:51

本帖最后由 1094947421 于 2014-11-28 18:29 编辑

火绒扫6x，剩余双击杀4个衍生物，有5个因为没装net3.5不能执行，最后发现杀掉2个母体。环境：虚拟机win8.1x64。

显示全部楼层 · 发表于 2014-11-28 17:59:17

FS kill 20

显示全部楼层 · 发表于 2014-11-28 18:15:30

KIS KILL 21X
[mw_shl_code=html,true]11/28/2014 14:51:16
28.11.2014 18.13.16;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\mining.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\mining.exe;Backdoor.Win32.NetWiredRC.i;木马程序;11/28/2014 18:13:16
28.11.2014 18.13.12;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\paypal account hacker.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\paypal account hacker.exe;Trojan.MSIL.Disfa.boi;木马程序;11/28/2014 18:13:12
28.11.2014 18.12.40;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\aa.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\aa.exe;Trojan.MSIL.Crypt.bafs;木马程序;11/28/2014 18:12:40
28.11.2014 18.13.23;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe//data0004.res;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe//data0004.res;not-a-virus:PSWTool.Win32.MailPassView.os;可能会被犯罪分子利用以破坏您的计算机或个人数据的合法软件;11/28/2014 18:13:23
28.11.2014 11.59.46;检测到的对象（文件）不再可用;C:\Users\MrChenWei\Desktop\新建文件夹\ihre_telekom_mobilfunk_november_2014_00002930200_1_3_5_021090_82137_002_008_0004.exe;C:\Users\MrChenWei\Desktop\新建文件夹\ihre_telekom_mobilfunk_november_2014_00002930200_1_3_5_021090_82137_002_008_0004.exe;UDS:DangerousObject.Multi.Generic;未知威胁;11/28/2014 11:59:46
28.11.2014 18.13.10;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe//data0003.res;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe//data0003.res;Trojan.MSIL.Inject.jay;木马程序;11/28/2014 18:13:10
28.11.2014 18.13.18;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\icon.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\icon.exe;HEUR:Trojan.Win32.Generic;木马程序;11/28/2014 18:13:18
28.11.2014 18.12.54;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Acces Sex Party.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Acces Sex Party.exe;Backdoor.Win32.Xtreme.arky;木马程序;11/28/2014 18:12:54
28.11.2014 18.13.06;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\rami made sharing in city jpeg.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\rami made sharing in city jpeg.exe;;未知威胁;11/28/2014 18:13:06
28.11.2014 18.12.51;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\auto.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\auto.exe;Trojan-Ransom.Win32.Blocker.gcyl;木马程序;11/28/2014 18:12:51
28.11.2014 18.13.21;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe//data0002.res;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe//data0002.res;not-a-virus:PSWTool.Win32.NetPass.cif;可能会被犯罪分子利用以破坏您的计算机或个人数据的合法软件;11/28/2014 18:13:21
28.11.2014 18.13.12;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe;;未知威胁;11/28/2014 18:13:12
28.11.2014 18.12.52;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Wupos.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Wupos.exe;Trojan.MSIL.Inject.atsl;木马程序;11/28/2014 18:12:52
28.11.2014 18.12.58;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\test.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\test.exe;HEUR:Trojan.Win32.Generic;木马程序;11/28/2014 18:12:58
28.11.2014 18.13.23;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe;;未知威胁;11/28/2014 18:13:23
28.11.2014 18.12.57;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\winclean.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\winclean.exe;Trojan-Spy.Win32.Recam.aoc;木马程序;11/28/2014 18:12:57
28.11.2014 18.13.00;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\steam_good.txt.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\steam_good.txt.exe;HEUR:Trojan.Win32.Generic;木马程序;11/28/2014 18:13:00
28.11.2014 18.13.03;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Copy#69600.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Copy#69600.exe;Trojan.Win32.Inject.tngv;木马程序;11/28/2014 18:13:03
28.11.2014 18.13.07;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\StarbucksLS.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\StarbucksLS.exe;Trojan.Win32.Agent.alibt;木马程序;11/28/2014 18:13:07
28.11.2014 18.13.01;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\comserv.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\comserv.exe;HEUR:Trojan.Win32.Generic;木马程序;11/28/2014 18:13:01
28.11.2014 18.13.05;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\HACK WEB CAM V2.3.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\HACK WEB CAM V2.3.exe;Trojan-Dropper.Win32.FrauDrop.ahpll;木马程序;11/28/2014 18:13:05
28.11.2014 18.13.06;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\rami made sharing in city jpeg.exe//#;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\rami made sharing in city jpeg.exe//#;Trojan.MSIL.Agent.aaabq;木马程序;11/28/2014 18:13:06
28.11.2014 18.13.19;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\haker gold fre 2015.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\haker gold fre 2015.exe;Trojan-Dropper.Win32.FrauDrop.ahppo;木马程序;11/28/2014 18:13:19
28.11.2014 18.13.22;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe//data0003.res;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\Hack steam.exe//data0003.res;Trojan.MSIL.Inject.jay;木马程序;11/28/2014 18:13:22
28.11.2014 18.13.12;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe//data0004.res;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe//data0004.res;not-a-virus:PSWTool.Win32.MailPassView.os;可能会被犯罪分子利用以破坏您的计算机或个人数据的合法软件;11/28/2014 18:13:12
28.11.2014 18.13.09;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe//data0002.res;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\product_sample_fdp.exe//data0002.res;not-a-virus:PSWTool.Win32.NetPass.cif;可能会被犯罪分子利用以破坏您的计算机或个人数据的合法软件;11/28/2014 18:13:09
28.11.2014 18.13.13;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\mss20.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\mss20.exe;Trojan-Ransom.Win32.Foreign.lgqr;木马程序;11/28/2014 18:13:13
28.11.2014 18.12.55;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\ckcrypt.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\ckcrypt.exe;HEUR:Trojan.Win32.Generic;木马程序;11/28/2014 18:12:55
28.11.2014 18.13.08;检测到的对象（文件）已删除;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\به یجی هاو ریانی فه یز بوك.exe;C:\Users\MrChenWei\Desktop\新建文件夹\20141127_22samples\به یجی هاو ریانی فه یز بوك.exe;HEUR:Trojan.Win32.Generic;木马程序;11/28/2014 18:13:08
[/mw_shl_code]

显示全部楼层 · 发表于 2014-11-28 18:21:20

红伞扫描kill 20 ，剩余2个，双击APC 1个，剩余1个

显示全部楼层 · 发表于 2014-11-28 18:22:25

咖啡kill all

显示全部楼层 · 发表于 2014-11-28 18:45:00

avast继续清空

显示全部楼层 · 发表于 2014-11-28 18:50:34

好压KILL 21X

显示全部楼层 · 发表于 2014-11-28 18:57:16

Dr.web kill 19x

[病毒样本] 2014-11-28 #22

本帖子中包含更多资源

本帖子中包含更多资源