精睿样本测试（15.5.23）

显示全部楼层 · 发表于 2015-5-23 09:32:18

地址：http://kuai.xunlei.com/d/zuh.AaQkgb1fVQQA630

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2015-5-23 09:36:06

KIS

数字（未开伞）

显示全部楼层 · 发表于 2015-5-23 10:07:03

本帖最后由 Flying_Bird 于 2015-5-23 10:15 编辑

ESS-CH deleted 39x, and missed 11x.
[mw_shl_code=xml,true]——————————————————First Scan——————————————————————————
02.vir - MSIL/Agent.RQ 特洛伊木马 - 通过删除清除 - 已隔离
03.vir - MSIL/Bladabindi.BH 特洛伊木马 - 通过删除清除 - 已隔离
04.vir > PECompact v2.xx - Win32/TrojanDownloader.Banload.VPA 特洛伊木马的变种 - 已删除 - 已隔离
06.vir - Win32/TrojanDownloader.Banload.VSW 特洛伊木马的变种 - 通过删除清除 - 已隔离
09.vir > NSIS > Entries.bin - 正在清除时出错
09.vir > NSIS > Strings.txt - 正在清除时出错
09.vir > NSIS > Script.nsi - Win32/TrojanDropper.Addrop.B 特洛伊木马 - 通过删除清除 - 已隔离
09.vir > NSIS > b7523e745b07fceb61d544ed5ba7a56b - 正在清除时出错
10.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
11.vir - MSIL/TrojanDropper.Agent.RP 特洛伊木马的变种 - 通过删除清除 - 已隔离
12.vir - Win32/Spatet.A 特洛伊木马 - 通过删除清除 - 已隔离
14.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
15.vir - MSIL/Bladabindi.O 特洛伊木马 - 通过删除清除 - 已隔离
17.vir - MSIL/Bladabindi.BC 特洛伊木马 - 通过删除清除 - 已隔离
19.vir - Win32/Injector.CAMZ 特洛伊木马的变种 - 通过删除清除 - 已隔离
20.vir - VBA/TrojanDownloader.Agent.RY 特洛伊木马 - 无法清除
21.vir - VBA/TrojanDownloader.Agent.QP 特洛伊木马 - 无法清除
22.vir - Win32/Bifrose.NEL 特洛伊木马 - 通过删除清除 - 已隔离
23.vir - Win32/Spy.Zbot.ABX 特洛伊木马 - 通过删除清除 - 已隔离
24.vir - Win32/Injector.CBBX 特洛伊木马的变种 - 通过删除清除 - 已隔离
26.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
27.vir - MSIL/Packed.MultiPacked.AP 特洛伊木马的变种 - 通过删除清除 - 已隔离
28.vir - Win32/Kryptik.CFEE 特洛伊木马的变种 - 通过删除清除 - 已隔离
29.vir - Win32/Filecoder.EM 特洛伊木马 - 通过删除清除 - 已隔离
31.vir - Win32/PSW.Fareit.A 特洛伊木马的变种 - 通过删除清除 - 已隔离
33.vir > ZIP > DHL_Report_6119036454____ID20_DHL_DE_M05___BD20_05_2015___23_15_15___MessageId_42816.exe - Win32/Injector.CBBX 特洛伊木马的变种 - 已删除 - 已隔离
34.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
35.vir > ZIP > FAX_82APL932UN_772.scr - Win32/Injector.CBDI 特洛伊木马的变种 - 已删除 - 已隔离
36.vir > NSIS > Entries.bin - 正在清除时出错
36.vir > NSIS > Strings.txt - 正在清除时出错
36.vir > NSIS > Script.nsi - Win32/AnyProtect.G 潜在的不受欢迎应用程序 - 通过删除清除 - 已隔离
36.vir > NSIS > System.dll - 正在清除时出错
36.vir > NSIS > flush-inetc.dll - 正在清除时出错
36.vir > NSIS > inetc.dll - 正在清除时出错
36.vir > NSIS > modern-header.bmp - 正在清除时出错
36.vir > NSIS > Aero.dll - 正在清除时出错
36.vir > NSIS > WmiInspector.dll - 正在清除时出错
36.vir > NSIS > UserInfo.dll - 正在清除时出错
36.vir > NSIS > ProcessKiller.dll - 正在清除时出错
36.vir > NSIS > aps_install.bmp - 正在清除时出错
36.vir > NSIS > aps_welcome.bmp - 正在清除时出错
36.vir > NSIS > nsDialogs.dll - 正在清除时出错
36.vir > NSIS > nsis-progressbar.dll - 正在清除时出错
36.vir > NSIS > Uninstall.exe - 正在清除时出错
37.vir - VBA/TrojanDownloader.Agent.RY 特洛伊木马 - 无法清除
38.vir - MSIL/Bladabindi.BC 特洛伊木马的变种 - 通过删除清除 - 已隔离
39.vir - Generik.NFFEPAN 特洛伊木马的变种 - 通过删除清除 - 已隔离
40.vir - Win32/Spatet.A 特洛伊木马 - 通过删除清除 - 已隔离
41.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
42.vir - Win32/Rovnix.Z 特洛伊木马 - 通过删除清除 - 已隔离
43.vir - Win32/Spy.Banker.AAWU 特洛伊木马的变种 - 通过删除清除 - 已隔离
44.vir - MSIL/Injector.JST 特洛伊木马的变种 - 通过删除清除 - 已隔离
46.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
47.vir - MSIL/Bladabindi.O 特洛伊木马 - 通过删除清除 - 已隔离
48.vir - Win32/Kryptik.CILO 特洛伊木马的变种 - 通过删除清除 - 已隔离
49.vir - Win32/Bifrose.NDU 特洛伊木马的变种 - 通过删除清除 - 已隔离
50.vir - MSIL/Bladabindi.F 特洛伊木马 - 通过删除清除 - 已隔离
——————————————————Second Scan——————————————————————————
20.vir - VBA/TrojanDownloader.Agent.RY 特洛伊木马 - 已删除 - 已隔离
21.vir - VBA/TrojanDownloader.Agent.QP 特洛伊木马 - 已删除 - 已隔离
37.vir - VBA/TrojanDownloader.Agent.RY 特洛伊木马 - 已删除 - 已隔离[/mw_shl_code]

显示全部楼层 · 发表于 2015-5-23 10:27:10

BAV占楼

显示全部楼层 · 发表于 2015-5-23 10:32:40

金山

开伞

显示全部楼层 · 发表于 2015-5-23 10:43:02

NSBU22 27/50
[mw_shl_code=html,true]扫描信息:
  病毒定义版本: 2015.05.22.003
  病毒定义序列 ID: 164508

扫描统计信息:
  扫描开始:
本地: 2015/5/23 星期六 10:31
UTC: 2015/5/23 星期六 2:31
  扫描时间: 487 秒
  扫描目标: D:\test\2015.5.23
计数:
  扫描的项目总数: 277
  - 文件和目录: 277
  - 注册表条目: 0
  - 进程和启动项目: 0
  - 网络和浏览器项目: 0
  - 其他: 0
  - 受信任文件: 0
  - 跳过的文件: 0

  检测到的安全风险总数: 16
  已解决的项目总数: 16
  需要注意的项目总数: 0

已解决的威胁:
W32.Cridex.B
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
- 已删除

Backdoor.Ratenjay
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
10 个文件
d:\test\2015.5.23\03.vir - 已删除
d:\test\2015.5.23\14.vir - 已删除
d:\test\2015.5.23\17.vir - 已删除
d:\test\2015.5.23\26.vir - 已删除
d:\test\2015.5.23\10.vir - 已删除
d:\test\2015.5.23\41.vir - 已删除
d:\test\2015.5.23\46.vir - 已删除
d:\test\2015.5.23\50.vir - 已删除
d:\test\2015.5.23\38.vir - 已删除
d:\test\2015.5.23\34.vir - 已删除
1 个浏览器缓存

Trojan.Gen
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
2 个文件
d:\test\2015.5.23\11.vir - 已删除
d:\test\2015.5.23\43.vir - 已删除
1 个浏览器缓存

SAPE.Rebhip.8
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
2 个文件
d:\test\2015.5.23\12.vir - 已删除
d:\test\2015.5.23\40.vir - 已删除
1 个浏览器缓存

SAPE.Bladabindi.19
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
2 个文件
d:\test\2015.5.23\15.vir - 已删除
d:\test\2015.5.23\47.vir - 已删除
1 个浏览器缓存

Trojan.Gen.SMH
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\19.vir - 已删除
1 个浏览器缓存

W32.Cridex.B
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\24.vir - 已删除
1 个浏览器缓存

Backdoor.Trojan
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\22.vir - 已删除
1 个浏览器缓存

SAPE.Downloader.3844
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\09.vir - 已删除
1 个浏览器缓存

Trojan.Gen.2
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
3 个文件
d:\test\2015.5.23\28.vir - 已删除
d:\test\2015.5.23\36.vir - 已删除
d:\test\2015.5.23\48.vir - 已删除
1 个浏览器缓存

Trojan.Cryptolocker.E
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\29.vir - 已删除
1 个浏览器缓存

Trojan.Fareit!gm
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\31.vir - 已删除
1 个浏览器缓存

SAPE.AnProt.1
类型: 异常
风险: 低 (低隐藏, 低删除, 低性能, 低隐私)
类别: 广告软件
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\36.vir - 不需要操作
1 个浏览器缓存

Downloader.Ponik
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
4 个注册表项
HKEY_USERS\S-1-5-19\Control Panel\Desktop->Wallpaper - 已修复
HKEY_USERS\S-1-5-20\Control Panel\Desktop->Wallpaper - 已修复
HKEY_USERS\S-1-5-21-4288546484-3147665396-782981585-1001\Control Panel\Desktop->Wallpaper - 已修复
HKEY_USERS\.DEFAULT\Control Panel\Desktop->Wallpaper - 已修复
1 个文件
d:\test\2015.5.23\42.vir - 已删除
1 个浏览器缓存

Suspicious.Cloud.2
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 启发式病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\42.vir - 不需要操作
1 个浏览器缓存

Suspicious.Cloud.9.A
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 启发式病毒
状态: 完全解决
-----------
1 个文件
d:\test\2015.5.23\44.vir - 已删除
1 个浏览器缓存

未解决的威胁:
没有未解决的风险[/mw_shl_code]

显示全部楼层 · 发表于 2015-5-23 10:49:03

AVIRA kill 35 files and Tencent kill 28 files.
[mw_shl_code=css,true]【扫描信息】

开始时间:2015-5-23 10:45:27
扫描用时:00:00:04
扫描类型:指定位置杀毒
扫描引擎:管家云查杀引擎管家反病毒引擎 Avira本地查杀引擎管家系统修复引擎
扫描状态:扫描完成

【扫描结果】

扫描文件数:50
发现风险数:28
已处理风险数:28

---------------------
2015-5-23 10:45:47 MD5:6385c8b60bcfd0f257894efd69acb0a0 C:\Documents and Settings\Administrator\桌面\2015.5.23\27.vir [TR/Dropper.Gen]  [删除成功]
2015-5-23 10:45:47 MD5:0669f4912e6bb46e9a8672c7dfa3ea57 C:\Documents and Settings\Administrator\桌面\2015.5.23\26.vir [Win32.Trojan.Generic.tapp]  [删除成功]
2015-5-23 10:45:47 MD5:6d2e708a6ea655158c2cce8c960be032 C:\Documents and Settings\Administrator\桌面\2015.5.23\41.vir [Win32.Trojan.Generic.tapp]  [删除成功]
2015-5-23 10:45:48 MD5:d8fe1b3264f7cf7b88097564baac67f2 C:\Documents and Settings\Administrator\桌面\2015.5.23\12.vir [Win32.Trojan.Llac.Wvba]  [删除成功]
2015-5-23 10:45:48 MD5:c8cba5a2c426bd394a43cd3374138d3a C:\Documents and Settings\Administrator\桌面\2015.5.23\31.vir [Win32.Trojan-qqpass.Qqrob.Tayt]  [删除成功]
2015-5-23 10:45:48 MD5:891881e53b373a29672607529b8a8d10 C:\Documents and Settings\Administrator\桌面\2015.5.23\22.vir [Win32.Trojan.Refroso.crf]  [删除成功]
2015-5-23 10:45:49 MD5:468ccdc4e7db0b15ea491b9c1de8e6b1 C:\Documents and Settings\Administrator\桌面\2015.5.23\38.vir [TR/Dropper.Gen7]  [删除成功]
2015-5-23 10:45:49 MD5:60817fc064282cfb9eaa48c4dfaebfbd C:\Documents and Settings\Administrator\桌面\2015.5.23\29.vir [Win32.Risk.Malware.wpto]  [删除成功]
2015-5-23 10:45:49 MD5:b70b8bd5c5eca8186e9c5892e591176d C:\Documents and Settings\Administrator\桌面\2015.5.23\11.vir [Win32.Trojan.Pakes.Pdcd]  [删除成功]
2015-5-23 10:45:50 MD5:b211092513b0a4d24a82111a1a4bd6ba C:\Documents and Settings\Administrator\桌面\2015.5.23\36.vir [Win32.Trojan.Falsesign.Pboj]  [删除成功]
2015-5-23 10:45:50 MD5:cd4a978a0bf5599af877688b72e7ff30 C:\Documents and Settings\Administrator\桌面\2015.5.23\21.vir [Heur.MSWord.Downloader.d]  [清除成功]
2015-5-23 10:45:51 MD5:2070e4b63dd804d135d7d598670cd00e C:\Documents and Settings\Administrator\桌面\2015.5.23\46.vir [Win32.Trojan.Generic.htvk]  [删除成功]
2015-5-23 10:45:51 MD5:2e613bdf9772740096bb905b7c98a13a C:\Documents and Settings\Administrator\桌面\2015.5.23\34.vir [Win32.Trojan.Generic.htvk]  [删除成功]
2015-5-23 10:45:51 MD5:168fe6d6c38600cea51aeb21cf058f4b C:\Documents and Settings\Administrator\桌面\2015.5.23\14.vir [Win32.Trojan.Generic.Dyhb]  [删除成功]
2015-5-23 10:45:52 MD5:52877561a33380425c74cb8cd51aff7d C:\Documents and Settings\Administrator\桌面\2015.5.23\48.vir [Win32.Trojan.Generic.Sunv]  [删除成功]
2015-5-23 10:45:52 MD5:9428a038240f88091ef2eac5d87fd4f5 C:\Documents and Settings\Administrator\桌面\2015.5.23\40.vir [Win32.Trojan.Llac.Hquy]  [删除成功]
2015-5-23 10:45:53 MD5:f5a7b8303b3a3b71020979f7260f5d47 C:\Documents and Settings\Administrator\桌面\2015.5.23\10.vir [Win32.Trojan.Generic.tapp]  [删除成功]
2015-5-23 10:45:53 MD5:32a83aec96d71dc9d9362c1ad1aeaf8c C:\Documents and Settings\Administrator\桌面\2015.5.23\47.vir [Win32.Trojan.Generic.htvs]  [删除成功]
2015-5-23 10:45:53 MD5:8f7f2969027a24defdc07161e9b8d6ca C:\Documents and Settings\Administrator\桌面\2015.5.23\19.vir [Win32.Trojan.Bp-ransomware.Ejqz]  [删除成功]
2015-5-23 10:45:53 MD5:faa52a5636017650749dd26e36525e16 C:\Documents and Settings\Administrator\桌面\2015.5.23\43.vir [Win32.Trojan-banker.Chepro.Efuj]  [删除成功]
2015-5-23 10:45:54 MD5:d3d013aaa07c6217fda7a8a139c42b60 C:\Documents and Settings\Administrator\桌面\2015.5.23\42.vir [Win32.Trojan-qqpass.Qqrob.Wsjo]  [删除成功]
2015-5-23 10:45:55 MD5:9e31f5b13b51f84097753311a49d5b5e C:\Documents and Settings\Administrator\桌面\2015.5.23\15.vir [Win32.Trojan.Generic.htvs]  [删除成功]
2015-5-23 10:45:55 MD5:01df16f86b45bafc14790c09b7950cba C:\Documents and Settings\Administrator\桌面\2015.5.23\49.vir [Win32.Trojan.Generic.swuo]  [删除成功]
2015-5-23 10:45:56 MD5:d125b30848ff06640adf119796e23460 C:\Documents and Settings\Administrator\桌面\2015.5.23\24.vir [Win32.Trojan.Spy.Wnlt]  [删除成功]
2015-5-23 10:45:56 MD5:f2270cdf581d5711ae7b5ebc6b64e2b8 C:\Documents and Settings\Administrator\桌面\2015.5.23\02.vir [Win32.Trojan.Generic.eegy]  [删除成功]
2015-5-23 10:45:56 MD5:2703244be72e1aefb03396412c1d2138 C:\Documents and Settings\Administrator\桌面\2015.5.23\17.vir [Msil.Trojan.Disfa.wozx]  [删除成功]
2015-5-23 10:45:56 MD5:43e2f79800f669efb7cdb0a1610a4a06 C:\Documents and Settings\Administrator\桌面\2015.5.23\50.vir [Win32.Trojan.Generic.htvk]  [删除成功]
2015-5-23 10:45:57 MD5:aafb71d757f840ee87b31e08ca4b4d14 C:\Documents and Settings\Administrator\桌面\2015.5.23\28.vir [Win32.Trojan-qqpass.Qqrob.Lqyt]  [删除成功]
---------------------
[/mw_shl_code]

[mw_shl_code=css,true]Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.5.23'
C:\Documents and Settings\Administrator\桌面\2015.5.23\03.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\04.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\06.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\09.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/InstallCo.ksdd
C:\Documents and Settings\Administrator\桌面\2015.5.23\10.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\11.vir
  [DETECTION] Is the TR/Starter.AN Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\12.vir
  [DETECTION] Contains recognition pattern of the WORM/Rebhip.V worm
C:\Documents and Settings\Administrator\桌面\2015.5.23\14.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\15.vir
  [DETECTION] Is the TR/Rogue.KDZ.1629.59 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\17.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\19.vir
  [DETECTION] Is the TR/Dropper.A.38332 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\22.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bifrose.aec back-door program
C:\Documents and Settings\Administrator\桌面\2015.5.23\23.vir
  [DETECTION] Is the TR/Crypt.Xpack.233750 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\24.vir
  [DETECTION] Is the TR/Spy.ZBot.ytzm Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\26.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\27.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\28.vir
  [DETECTION] Is the TR/Crypt.ZPACK.87769 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\29.vir
  [DETECTION] Is the TR/Crypt.Xpack.232666 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\31.vir
  [DETECTION] Is the TR/PSW.Fareit.iloen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\33.vir
[0] Archive type: ZIP
--> DHL_Report_6119036454____ID20_DHL_DE_M05___BD20_05_2015___23_15_15___MessageId_42816.exe
      [DETECTION] Is the TR/Spy.ZBot.ytzm Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.5.23\34.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.bbyr back-door program
C:\Documents and Settings\Administrator\桌面\2015.5.23\35.vir
[0] Archive type: ZIP
--> FAX_82APL932UN_772.scr
      [DETECTION] Is the TR/Crypt.Xpack.233645 Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.5.23\36.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/InstallCo.zlq
C:\Documents and Settings\Administrator\桌面\2015.5.23\38.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\39.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\40.vir
  [DETECTION] Contains recognition pattern of the WORM/Rebhip.V worm
C:\Documents and Settings\Administrator\桌面\2015.5.23\41.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\42.vir
  [DETECTION] Is the TR/Crypt.Xpack.193086 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\43.vir
  [DETECTION] Is the TR/Delf.Inject.543744.7 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\44.vir
  [DETECTION] Is the TR/Crypt.ZPACK.169996 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\46.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.bbyr back-door program
C:\Documents and Settings\Administrator\桌面\2015.5.23\47.vir
  [DETECTION] Is the TR/Rogue.KDZ.1629.59 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\48.vir
  [DETECTION] Is the TR/Vawtrak.A.365 Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\49.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.5.23\50.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.bbyr back-door program

Beginning disinfection:
[ERROR] RepairMalware: Not able to Repair Malware ADWARE/InstallCo.zlq
[ERROR] RepairMalware: Not able to Repair Malware ADWARE/InstallCo.ksdd
C:\Documents and Settings\Administrator\桌面\2015.5.23\50.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.bbyr back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '51e84d65.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\49.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '497f62db.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\48.vir
  [DETECTION] Is the TR/Vawtrak.A.365 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '1b203832.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\47.vir
  [DETECTION] Is the TR/Rogue.KDZ.1629.59 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '7d1777f3.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\46.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.bbyr back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '38935acc.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\44.vir
  [DETECTION] Is the TR/Crypt.ZPACK.169996 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '478868b3.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\43.vir
  [DETECTION] Is the TR/Delf.Inject.543744.7 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0b3044fa.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\42.vir
  [DETECTION] Is the TR/Crypt.Xpack.193086 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '772804ab.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\41.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '5a722be1.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\40.vir
  [DETECTION] Contains recognition pattern of the WORM/Rebhip.V worm
  [NOTE]    The file was moved to the quarantine directory under the name '431a107a.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\39.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '2f463c53.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\38.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '5eff05c7.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\36.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/InstallCo.zlq
  [NOTE]    The file was moved to the quarantine directory under the name '50e53503.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\35.vir
  [DETECTION] Is the TR/Crypt.Xpack.233645 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '15cc4c40.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\34.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.bbyr back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '1cc748f4.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\33.vir
  [DETECTION] Is the TR/Spy.ZBot.ytzm Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '4486519c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\31.vir
  [DETECTION] Is the TR/PSW.Fareit.iloen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '68722852.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\29.vir
  [DETECTION] Is the TR/Crypt.Xpack.232666 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '568c4890.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\28.vir
  [DETECTION] Is the TR/Crypt.ZPACK.87769 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '358263e4.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\27.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '134a23f8.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\26.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '21de585e.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\24.vir
  [DETECTION] Is the TR/Spy.ZBot.ytzm Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '2b9b7321.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\23.vir
  [DETECTION] Is the TR/Crypt.Xpack.233750 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '14c8177b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\22.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bifrose.aec back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '6ae41b5d.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\19.vir
  [DETECTION] Is the TR/Dropper.A.38332 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3f9c1f8d.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\17.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '320a6ea3.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\15.vir
  [DETECTION] Is the TR/Rogue.KDZ.1629.59 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '2e577aa8.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\14.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '1f843767.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\12.vir
  [DETECTION] Contains recognition pattern of the WORM/Rebhip.V worm
  [NOTE]    The file was moved to the quarantine directory under the name '73d2234f.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\11.vir
  [DETECTION] Is the TR/Starter.AN Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3a48064b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\10.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '61dd0e9b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\09.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/InstallCo.ksdd
  [NOTE]    The file was moved to the quarantine directory under the name '076f0268.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\06.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '50e170c5.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\04.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '729127b3.qua'!
C:\Documents and Settings\Administrator\桌面\2015.5.23\03.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '1a815d24.qua'!

End of the scan: 2015年5月23日  10:43
Used time: 00:11 Minute(s)

The scan has been done completely.

   1 Scanned directories
105 Files were scanned
   35 Viruses and/or unwanted programs were found
   0 Files were classified as suspicious
   0 Files were deleted
   0 Viruses and unwanted programs were repaired
   35 Files were moved to quarantine
   0 Files were renamed
   0 Files cannot be scanned
   70 Files not concerned
   19 Archives were scanned
   2 Warnings
   35 Notes
[/mw_shl_code]

显示全部楼层 · 发表于 2015-5-23 11:02:08

本帖最后由欧阳宣于 2015-5-23 11:30 编辑

百度国内版占位
31个。
[mw_shl_code=css,true]病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\02.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\03.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan-Dropper.Addrop.cgu.cav  路径:E:\virus\2015.5.23\09.vir  病毒木马类型:释放者木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\10.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan-Dropper.Agent.dqhp.cav  路径:E:\virus\2015.5.23\11.vir  病毒木马类型:释放者木马  已清除
病毒木马名:Win32.Trojan.Agent.co.cav  路径:E:\virus\2015.5.23\12.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\15.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\17.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Injector.BVM30.cav  路径:E:\virus\2015.5.23\19.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE03.cdq.cav  路径:E:\virus\2015.5.23\22.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Injector.xp.cav  路径:E:\virus\2015.5.23\24.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\26.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan-PSW.Tepfer.inkl.cav  路径:E:\virus\2015.5.23\28.vir  病毒木马类型:盗号木马  已清除
病毒木马名:Win32.Trojan.Filecoder.ia.cav  路径:E:\virus\2015.5.23\29.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE03.cdq.cav  路径:E:\virus\2015.5.23\31.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\34.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\41.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Agent.co.cav  路径:E:\virus\2015.5.23\40.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Rovnix.nvn.cav  路径:E:\virus\2015.5.23\42.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Risk.Malware.ut.cav  路径:E:\virus\2015.5.23\43.vir  病毒木马类型:风险程序  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\46.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\47.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.Kryptik.ihvs.cav  路径:E:\virus\2015.5.23\48.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\49.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9999.bav  路径:E:\virus\2015.5.23\33.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Gen.CCE10.dsl.cav  路径:E:\virus\2015.5.23\50.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Backdoor.Bladabindi.a.bav  路径:E:\virus\2015.5.23\14.vir  病毒木马类型:后门程序  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9987.bav  路径:E:\virus\2015.5.23\23.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Backdoor.Bladabindi.a.bav  路径:E:\virus\2015.5.23\38.vir  病毒木马类型:后门程序  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9999.bav  路径:E:\virus\2015.5.23\39.vir  病毒木马类型:恶意木马  已清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9977.bav  路径:E:\virus\2015.5.23\44.vir  病毒木马类型:恶意木马  已清除[/mw_shl_code]

显示全部楼层 · 发表于 2015-5-23 11:04:30

本帖最后由 Flying_Bird 于 2015-5-23 11:20 编辑

Huorong detected 23x (including 2x repaired) and missed 27x
[mw_shl_code=xml,true]Huorong Network Security Suite v2.5.0.68 (Last update: 2015-05-22 15:39)
Copyright (C) Huorong Security Lab. All rights reserved.

D:\FilesServerA\2015.5.23\03.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\10.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\11.vir Trojan/Agent
D:\FilesServerA\2015.5.23\12.vir Worm/Rebhip
D:\FilesServerA\2015.5.23\14.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\15.vir HEUR:Trojan/Bladabindi.a
D:\FilesServerA\2015.5.23\17.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\21.vir X97M/DL.Agent
D:\FilesServerA\2015.5.23\22.vir HEUR:Trojan/HVM30
D:\FilesServerA\2015.5.23\26.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\28.vir Backdoor/Vawtrak
D:\FilesServerA\2015.5.23\31.vir TrojanSpy/Fareit
D:\FilesServerA\2015.5.23\34.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\35.vir >> FAX_82APL932UN_772.scr TrojanDownloader/Ruckguv.a
D:\FilesServerA\2015.5.23\38.vir Trojan/Bladabindi
D:\FilesServerA\2015.5.23\40.vir Worm/Rebhip
D:\FilesServerA\2015.5.23\41.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\43.vir HEUR:Trojan/HVM01
D:\FilesServerA\2015.5.23\46.vir Backdoor/Bladabindi
D:\FilesServerA\2015.5.23\47.vir HEUR:Trojan/Bladabindi.a
D:\FilesServerA\2015.5.23\48.vir Backdoor/Vawtrak
D:\FilesServerA\2015.5.23\49.vir HEUR:Trojan/HVM1A
D:\FilesServerA\2015.5.23\50.vir Backdoor/Bladabindi[/mw_shl_code]

显示全部楼层 · 发表于 2015-5-23 11:15:28

gdata监控发现34个

[病毒样本] 精睿样本测试（15.5.23）

本帖子中包含更多资源

本帖子中包含更多资源