精睿论坛样本测试（10.5）

显示全部楼层 · 发表于 2011-10-5 17:56:14

本帖最后由 billgates1996 于 2011-10-5 19:55 编辑

样本地址:http://www.vdisk.cn/down/index/8934543A6153

http://m.qjwm.com:30080/UUAuth/mydown_m/mszxm1973/105.rar

样本密码：春花秋月何时了，往事知多少。小楼昨夜又东风，故国不堪回首月明中。雕栏玉砌应犹在，只是朱颜改。问君能有几多愁，恰似一江春水向东流。

样本数量:50

显示全部楼层 · 发表于 2011-10-5 17:58:23

本帖最后由 hx1997 于 2011-10-5 18:13 编辑

ESET killed 32×, missed 18×.

C:\Users\Gateway\Desktop\105\1 - Win32/TrojanDropper.Agent.POI 特洛伊木马 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\12 > AUTOIT > Setup.dll > AUTOIT > script.au3 - Win32/TrojanClicker.Autoit.NAM 特洛伊木马
C:\Users\Gateway\Desktop\105\12 > AUTOIT > Setup.dll > AUTOIT > ProcessMonitor.exe - Win32/Spy.KeyLogger.NOU 特洛伊木马
C:\Users\Gateway\Desktop\105\14 - Win32/Injector.JGG 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\16 > NSIS > Script.nsi - Win32/Glupteba.E 特洛伊木马
C:\Users\Gateway\Desktop\105\16 > NSIS > GoogleUpdateBeta.exe - Win32/Glupteba.F 特洛伊木马的变种
C:\Users\Gateway\Desktop\105\17 - 可能是 Win32/Agent.LXKDJYW 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\19 - Win32/PSW.Tibia.NEK 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\21 - Win32/Injector.JSK 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\22 - Win32/AutoRun.VB.YN 蠕虫 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\24 - Win32/Extats.A 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\25 > NSIS > Script.nsi - Win32/Adware.Linkular 应用程序
C:\Users\Gateway\Desktop\105\26 - Win32/Pinit.BJ 蠕虫 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\28 > QUICKBATCH > script.bat - BAT/Qhost.NLB 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\30 > NSIS > svc_agent.exe - 可能是 Win32/Agent.FPJUZK 特洛伊木马的变种
C:\Users\Gateway\Desktop\105\31 - Win32/Remtasu.O 特洛伊木马 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\32 - Win32/TrojanDownloader.Small.OUR 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\34 - Win32/Adware.BonusCash.AD 应用程序的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\35 - Win32/AutoRun.IRCBot.FC 蠕虫 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\38 - 可能是 Win32/VB.PQH 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\39 > NSIS > Script.nsi - Win32/Glupteba.H 特洛伊木马
C:\Users\Gateway\Desktop\105\39 > NSIS > GoogleUpdateBeta.exe - Win32/Glupteba.H 特洛伊木马的变种
C:\Users\Gateway\Desktop\105\4 - Win32/TrojanDropper.Binder.NBH 特洛伊木马 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\40 - Win32/LockScreen.AGM 特洛伊木马 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\41 > NSIS > Script.nsi - Win32/Glupteba.B 特洛伊木马
C:\Users\Gateway\Desktop\105\41 > NSIS > GoogleUpdateBeta.exe - Win32/Agent.OKN 特洛伊木马
C:\Users\Gateway\Desktop\105\42 - Win32/Agent.TCG 特洛伊木马 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\46 - 可能是 Win32/VB.NXB 蠕虫的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\47 - Win32/Delf.NUH 特洛伊木马 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\49 > NSIS > Script.nsi - Win32/Glupteba.E 特洛伊木马
C:\Users\Gateway\Desktop\105\49 > NSIS > GoogleUpdateBeta.exe - Win32/Glupteba.F 特洛伊木马的变种
C:\Users\Gateway\Desktop\105\5 - Win32/Adware.Kraddare.AR 应用程序的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\50 > INNO > file0007.bin - Win32/Adware.MarketScore.A 应用程序
C:\Users\Gateway\Desktop\105\50 > INNO > file0009.bin - Win32/Adware.RK.AB 应用程序
C:\Users\Gateway\Desktop\105\6 > UPX v13_m14 > BAT2EXE > button.bat - BAT/Qhost.NMN 特洛伊木马
C:\Users\Gateway\Desktop\105\6 - BAT/Qhost.NMN 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Gateway\Desktop\105\7 - Win32/TrojanDownloader.Harnig.AB 特洛伊木马的变种 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\8 - Win32/Dorkbot.A 蠕虫 - 通过删除清除 - 已隔离
C:\Users\Gateway\Desktop\105\9 > NSIS > rkinstaller.exe - Win32/Adware.RK.AB 应用程序
C:\Users\Gateway\Desktop\105\9 > NSIS > ffdshow.exe > NSIS - 解压错误
C:\Users\Gateway\Desktop\105\9 > NSIS > ac3filter.exe > NSIS - 解压错误
C:\Users\Gateway\Desktop\105\9 > NSIS > rkverify.exe - Win32/Adware.MarketScore.A 应用程序
C:\Users\Gateway\Desktop\105\12 > AUTOIT > Setup.dll > AUTOIT > script.au3 - Win32/TrojanClicker.Autoit.NAM 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\12 > AUTOIT > Setup.dll > AUTOIT > ProcessMonitor.exe - Win32/Spy.KeyLogger.NOU 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\16 > NSIS > Script.nsi - Win32/Glupteba.E 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\16 > NSIS > GoogleUpdateBeta.exe - Win32/Glupteba.F 特洛伊木马的变种 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\25 > NSIS > Script.nsi - Win32/Adware.Linkular 应用程序 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\30 > NSIS > svc_agent.exe - 可能是 Win32/Agent.FPJUZK 特洛伊木马的变种 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\39 > NSIS > Script.nsi - Win32/Glupteba.H 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\39 > NSIS > GoogleUpdateBeta.exe - Win32/Glupteba.H 特洛伊木马的变种 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\41 > NSIS > Script.nsi - Win32/Glupteba.B 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\41 > NSIS > GoogleUpdateBeta.exe - Win32/Agent.OKN 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\49 > NSIS > Script.nsi - Win32/Glupteba.E 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\49 > NSIS > GoogleUpdateBeta.exe - Win32/Glupteba.F 特洛伊木马的变种 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\50 > INNO > file0007.bin - Win32/Adware.MarketScore.A 应用程序 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\50 > INNO > file0009.bin - Win32/Adware.RK.AB 应用程序 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\6 > UPX v13_m14 > BAT2EXE > button.bat - BAT/Qhost.NMN 特洛伊木马 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\6 - BAT/Qhost.NMN 特洛伊木马 - 已删除 - 已隔离
C:\Users\Gateway\Desktop\105\9 > NSIS > rkinstaller.exe - Win32/Adware.RK.AB 应用程序 - 是已删除对象的一部分
C:\Users\Gateway\Desktop\105\9 > NSIS > ffdshow.exe > NSIS - 解压错误
C:\Users\Gateway\Desktop\105\9 > NSIS > ac3filter.exe > NSIS - 解压错误
C:\Users\Gateway\Desktop\105\9 > NSIS > rkverify.exe - Win32/Adware.MarketScore.A 应用程序 - 是已删除对象的一部分

排除干净文件2、15、18、37、43、44、48，剩余样本已上报。

http://samples.nod32.com.hk/inde ... 98d5dd798fa06721662

显示全部楼层 · 发表于 2011-10-5 18:05:05

360卫士联网33，断网17

显示全部楼层 · 发表于 2011-10-5 18:05:48

扣扣管家5.2自带云引擎查杀22

显示全部楼层 · 发表于 2011-10-5 18:11:50

显示全部楼层 · 发表于 2011-10-5 18:13:43

上报金山，13个

显示全部楼层 · 发表于 2011-10-5 18:19:25

本帖最后由 Mr.Tong 于 2011-10-5 18:25 编辑

avira kiil 36x

余下分开上报。。

Start of the scan: 2011年10月5日  18:17

Starting the file scan:

Begin scan in 'C:\Users\Coffeeboywn\Desktop\105'
C:\Users\Coffeeboywn\Desktop\105\1
  [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
C:\Users\Coffeeboywn\Desktop\105\12
  [0] Archive type: AutoIt
  --> unkwn1
   [1] Archive type: AutoIt
--> unkwn7
      [2] Archive type: AutoIt
C:\Users\Coffeeboywn\Desktop\105\14
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\Coffeeboywn\Desktop\105\16
  [DETECTION] Is the TR/Dldr.goo.r Trojan
C:\Users\Coffeeboywn\Desktop\105\17
  [DETECTION] Is the TR/Agent.102400 Trojan
C:\Users\Coffeeboywn\Desktop\105\19
  [DETECTION] Is the TR/Gendal.kdv.272528.4 Trojan
C:\Users\Coffeeboywn\Desktop\105\22
  [DETECTION] Contains recognition pattern of the WORM/Vobfus.A.308 worm
C:\Users\Coffeeboywn\Desktop\105\24
  [DETECTION] Is the TR/Nedsym.G.334 Trojan
C:\Users\Coffeeboywn\Desktop\105\25
  [0] Archive type: NSIS
C:\Users\Coffeeboywn\Desktop\105\26
  [DETECTION] Is the TR/Gendal.KD.362895 Trojan
C:\Users\Coffeeboywn\Desktop\105\28
  [DETECTION] Is the TR/Delfsnif.DX.561 Trojan
C:\Users\Coffeeboywn\Desktop\105\29
  [DETECTION] Is the TR/Dldr.Sinowal.A Trojan
C:\Users\Coffeeboywn\Desktop\105\30
  [0] Archive type: NSIS
  --> ProgramFilesDir/svc_agent.exe
   [DETECTION] Is the TR/Downloader.Gen Trojan
C:\Users\Coffeeboywn\Desktop\105\31
  [DETECTION] Is the TR/Downloader.Gen Trojan
C:\Users\Coffeeboywn\Desktop\105\32
  [DETECTION] Is the TR/Dldr.Small.anyt.1 Trojan
C:\Users\Coffeeboywn\Desktop\105\33
  [0] Archive type: ZIP SFX (self extracting)
  --> TBEDRS.DLL
   [DETECTION] Contains recognition pattern of the ADSPY/Shopper.V adware or spyware
C:\Users\Coffeeboywn\Desktop\105\34
  [DETECTION] Contains virus patterns of Adware ADWARE/BonusCash.AC
C:\Users\Coffeeboywn\Desktop\105\35
  [DETECTION] Is the TR/VB.Inject.DM.1016 Trojan
C:\Users\Coffeeboywn\Desktop\105\38
  [DETECTION] Is the TR/Gendal.kdv.354409 Trojan
C:\Users\Coffeeboywn\Desktop\105\39
  [DETECTION] Is the TR/Menti.gjbc Trojan
C:\Users\Coffeeboywn\Desktop\105\4
  [0] Archive type: RSRC
  --> Object
   [DETECTION] Is the TR/Gendal.kdv.362770.2 Trojan
  --> Object
   [DETECTION] Is the TR/Winwebsec.A.2790 Trojan
  --> Object
   [DETECTION] Is the TR/Dldr.Harnig.S.89 Trojan
C:\Users\Coffeeboywn\Desktop\105\40
  [DETECTION] Is the TR/Ransom.HG.3 Trojan
C:\Users\Coffeeboywn\Desktop\105\41
  [DETECTION] Is the TR/Pupegger.C.40 Trojan
C:\Users\Coffeeboywn\Desktop\105\42
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Zegost.B.802 back-door program
C:\Users\Coffeeboywn\Desktop\105\46
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
C:\Users\Coffeeboywn\Desktop\105\47
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Delf.jkn back-door program
C:\Users\Coffeeboywn\Desktop\105\49
  [DETECTION] Is the TR/Dldr.goo.x.2 Trojan
C:\Users\Coffeeboywn\Desktop\105\50
  [0] Archive type: Inno Setup
C:\Users\Coffeeboywn\Desktop\105\7
  [DETECTION] Is the TR/Dldr.Harnig.S.89 Trojan
C:\Users\Coffeeboywn\Desktop\105\8
  [DETECTION] Is the TR/VB.avde Trojan
C:\Users\Coffeeboywn\Desktop\105\9
  [0] Archive type: NSIS

Beginning disinfection:
C:\Users\Coffeeboywn\Desktop\105\9
  [DETECTION] Contains virus patterns of Adware ADWARE/Relevant.BA.52
  [NOTE]    The file was moved to the quarantine directory under the name '4b2982af.qua'.
C:\Users\Coffeeboywn\Desktop\105\8
  [DETECTION] Is the TR/VB.avde Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '53bead08.qua'.
C:\Users\Coffeeboywn\Desktop\105\7
  [DETECTION] Is the TR/Dldr.Harnig.S.89 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '01e1f7e0.qua'.
C:\Users\Coffeeboywn\Desktop\105\50
  [DETECTION] Contains virus patterns of Adware ADWARE/Agent.1886395
  [NOTE]    The file was moved to the quarantine directory under the name '67ffb83f.qua'.
C:\Users\Coffeeboywn\Desktop\105\49
  [DETECTION] Is the TR/Dldr.goo.x.2 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '227b9501.qua'.
C:\Users\Coffeeboywn\Desktop\105\47
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Delf.jkn back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '5d60a760.qua'.
C:\Users\Coffeeboywn\Desktop\105\46
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '11d88b2a.qua'.
C:\Users\Coffeeboywn\Desktop\105\42
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Zegost.B.802 back-door program
  [NOTE]    The file was moved to the quarantine directory under the name '6dc0cb7a.qua'.
C:\Users\Coffeeboywn\Desktop\105\41
  [DETECTION] Is the TR/Pupegger.C.40 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '409ae437.qua'.
C:\Users\Coffeeboywn\Desktop\105\40
  [DETECTION] Is the TR/Ransom.HG.3 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '59f2dfad.qua'.
C:\Users\Coffeeboywn\Desktop\105\4
  [DETECTION] Is the TR/Dldr.Harnig.S.89 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3587f380.qua'.
C:\Users\Coffeeboywn\Desktop\105\39
  [DETECTION] Is the TR/Menti.gjbc Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '4417ca08.qua'.
C:\Users\Coffeeboywn\Desktop\105\38
  [DETECTION] Is the TR/Gendal.kdv.354409 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '4a0dfacf.qua'.
C:\Users\Coffeeboywn\Desktop\105\35
  [DETECTION] Is the TR/VB.Inject.DM.1016 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0f24838d.qua'.
C:\Users\Coffeeboywn\Desktop\105\34
  [DETECTION] Contains virus patterns of Adware ADWARE/BonusCash.AC
  [NOTE]    The file was moved to the quarantine directory under the name '062f8726.qua'.
C:\Users\Coffeeboywn\Desktop\105\33
  [DETECTION] Contains recognition pattern of the ADSPY/Shopper.V adware or spyware
  [NOTE]    The file was moved to the quarantine directory under the name '5e6e9e4f.qua'.
C:\Users\Coffeeboywn\Desktop\105\32
  [DETECTION] Is the TR/Dldr.Small.anyt.1 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '729ae783.qua'.
C:\Users\Coffeeboywn\Desktop\105\31
  [DETECTION] Is the TR/Downloader.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '4c648759.qua'.
C:\Users\Coffeeboywn\Desktop\105\30
  [DETECTION] Is the TR/Dldr.Grameyoon.A Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '2f6aac2a.qua'.
C:\Users\Coffeeboywn\Desktop\105\29
  [DETECTION] Is the TR/Dldr.Sinowal.A Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '09a2ec37.qua'.
C:\Users\Coffeeboywn\Desktop\105\28
  [DETECTION] Is the TR/Delfsnif.DX.561 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3b369792.qua'.
C:\Users\Coffeeboywn\Desktop\105\26
  [DETECTION] Is the TR/Gendal.KD.362895 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3173bcec.qua'.
C:\Users\Coffeeboywn\Desktop\105\25
  [DETECTION] Is the TR/Agent.54784.26 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0e20d8a9.qua'.
C:\Users\Coffeeboywn\Desktop\105\24
  [DETECTION] Is the TR/Nedsym.G.334 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '700cd48e.qua'.
C:\Users\Coffeeboywn\Desktop\105\22
  [DETECTION] Contains recognition pattern of the WORM/Vobfus.A.308 worm
  [NOTE]    The file was moved to the quarantine directory under the name '2574d045.qua'.
C:\Users\Coffeeboywn\Desktop\105\19
  [DETECTION] Is the TR/Gendal.kdv.272528.4 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '28e2a16d.qua'.
C:\Users\Coffeeboywn\Desktop\105\17
  [DETECTION] Is the TR/Agent.102400 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '34bfb567.qua'.
C:\Users\Coffeeboywn\Desktop\105\16
  [DETECTION] Is the TR/Dldr.goo.r Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '056cf8a9.qua'.
C:\Users\Coffeeboywn\Desktop\105\14
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '693aec9f.qua'.
C:\Users\Coffeeboywn\Desktop\105\12
  [DETECTION] Is the TR/Autoit.AHB.13 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '20a0c998.qua'.
C:\Users\Coffeeboywn\Desktop\105\1
  [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '7b1cc156.qua'.

End of the scan: 2011年10月5日  18:18
Used time: 00:08 Minute(s)

上传分析结果

显示全部楼层 · 发表于 2011-10-5 18:20:48

KIS2011 KILL 29个

显示全部楼层 · 发表于 2011-10-5 18:23:22

大蜘蛛发现31个病毒，在29个样本内：

扫描统计：
已扫描: 1828
已感染: 26
已感染变种: 0
可疑: 0
广告软件: 4
拨号器: 0
恶作剧程序: 1
风险程序: 0
黑客工具: 0
已修复: 0
已删除: 29
已重命名: 0
已隔离: 0
已忽略: 0

余下21个已上报。

显示全部楼层 · 发表于 2011-10-5 18:25:05

本帖最后由 Kevin_Memo 于 2011-10-5 18:43 编辑

AVG Kill 43X 实际剩余18X
感染
;文件;病毒名称;结果
;C:\Users\Leo Arsenal\Downloads\105\105\1;可能受未知病毒 Win32/DH.00000000{00008001-00000000-00000000} 感染;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\11;特洛伊木马 Generic20.PZA;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\12;特洛伊木马 Generic4_c.BZZX;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\14;特洛伊木马 Dropper.Generic4.AVFC;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\16;特洛伊木马 Generic21.BGLK;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\16:\ns_00003;特洛伊木马 Generic21.BGLK;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\17;特洛伊木马 BackDoor.Bifrose.EH;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\19;特洛伊木马 SHeur3.CHHY;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\22;发现病毒 Worm/Generic2.AZSO;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\24;特洛伊木马 PSW.Banker6.DNH;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\26;特洛伊木马 Dropper.Generic4.BBZK;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\27;特洛伊木马 VBCrypt.DSP;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\29;特洛伊木马 Generic24.AVLW;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\30;特洛伊木马 Downloader.Generic12.CBM.dropper;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\31;特洛伊木马 Cryptic.CWS;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\32;特洛伊木马 Downloader.Generic9.BOKW;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\35;特洛伊木马 Dropper.Generic4.BABA;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\38;特洛伊木马 VB.BPBB;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\39;特洛伊木马 Generic22.AGNP;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\39:\ns_00003;特洛伊木马 Generic22.AGNP;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\4;特洛伊木马 Delf.ZRS;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\40;发现 Luhe.Fiha.A;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\41;特洛伊木马 Generic20.CGPW;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\41:\ns_00004;特洛伊木马 Generic20.CGPW;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\42;特洛伊木马 BackDoor.Generic14.AVPQ;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\46;发现病毒 Worm/Generic2.BACV;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\47;特洛伊木马 BackDoor.Generic9.BAPV;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\48;特洛伊木马 Agent3.APAL;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\49;特洛伊木马 Generic21.BGLK;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\49:\ns_00003;特洛伊木马 Generic21.BGLK;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\6;发现病毒 Hosts;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\7;特洛伊木马 Downloader.Generic12.BRK;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\8;特洛伊木马 VBCrypt.DRK;已隔离

间谍软件
;文件;病毒名称;结果
;C:\Users\Leo Arsenal\Downloads\105\105\34;广告软件 AdSearcher.AL;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\34:\34:\34;广告软件 Generic4.ATFX;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\34:\34:\34;广告软件 Generic4.AZSB;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\34:\34:\34;广告软件 Generic4.ALYP;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\34:\34:\34;广告软件 Generic4.BUAM;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\9;有潜在危害的程序 RelevantKnowledge;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\9:\$JJ\rkinstaller.exe;有潜在危害的程序 RelevantKnowledge;已隔离
;C:\Users\Leo Arsenal\Downloads\105\105\9:\$JJ\rkverify.exe;有潜在危害的程序 RelevantKnowledge;已隔离

警告
;文件;病毒名称;结果
;C:\Users\Leo Arsenal\Downloads\105\105\5;文件的签名证书不可信，颁发者为 Toolbar.839。;已隔离

Webroot 实际Kill36X
PS.Webroot的日志实在是看的我想跳楼……

Wed 2011-10-05 18:37:39.0193 Infection detected: c:\users\leo arsenal\desktop\105\105\21 [MD5: 83D60EB040DD2427FB0EF0A02DE16555] [18/10080830]
Wed 2011-10-05 18:37:39.0193 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\21 [MD5: 83D60EB040DD2427FB0EF0A02DE16555, Size: 175382 bytes] [268961840/00000012]
Wed 2011-10-05 18:37:39.0209 Infection detected: c:\users\leo arsenal\desktop\105\105\4 [MD5: 881E21645E5FFE1FFB959835F8FDF71D] [18/00080020]
Wed 2011-10-05 18:37:39.0209 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\4 [MD5: 881E21645E5FFE1FFB959835F8FDF71D, Size: 2219008 bytes] [524320/00000012]
Wed 2011-10-05 18:37:39.0209 Determination flags modified: MD5: 83D60EB040DD2427FB0EF0A02DE16555, Size: 175382 bytes, Flags: 00000020
Wed 2011-10-05 18:37:39.0240 Performing cleanup entry: 9
Wed 2011-10-05 18:37:39.0240 Determination flags modified: MD5: 881E21645E5FFE1FFB959835F8FDF71D, Size: 2219008 bytes, Flags: 00000020
Wed 2011-10-05 18:37:39.0506 Scan Started: C:\Users\Leo Arsenal\Desktop\105\105| [ID: 25 - Flags: 256/20]
Wed 2011-10-05 18:37:40.0287 Performing cleanup entry: 10
Wed 2011-10-05 18:37:41.0021 Infection detected: c:\users\leo arsenal\desktop\105\105\47 [MD5: EDFEC7C7328029CE09106E2BE48B1A5B] [3/08080000]
Wed 2011-10-05 18:37:41.0021 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\47 [MD5: EDFEC7C7328029CE09106E2BE48B1A5B, Size: 65024 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:41.0146 Infection detected: c:\users\leo arsenal\desktop\105\105\6 [MD5: 4A59B5CFD099F9A7D4C0B8EE76B989AE] [3/08080000]
Wed 2011-10-05 18:37:41.0146 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\6 [MD5: 4A59B5CFD099F9A7D4C0B8EE76B989AE, Size: 23552 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:41.0209 Determination flags modified: MD5: EDFEC7C7328029CE09106E2BE48B1A5B, Size: 65024 bytes, Flags: 00000020
Wed 2011-10-05 18:37:41.0209 Determination flags modified: MD5: 4A59B5CFD099F9A7D4C0B8EE76B989AE, Size: 23552 bytes, Flags: 00000020
Wed 2011-10-05 18:37:41.0443 Infection detected: c:\users\leo arsenal\desktop\105\105\32 [MD5: 0EB78E3A467B006600BEDEB80B6C3FF4] [3/00080000]
Wed 2011-10-05 18:37:41.0443 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\32 [MD5: 0EB78E3A467B006600BEDEB80B6C3FF4, Size: 86016 bytes] [524288/00000003]
Wed 2011-10-05 18:37:41.0443 Performing cleanup entry: 11
Wed 2011-10-05 18:37:41.0553 Determination flags modified: MD5: 0EB78E3A467B006600BEDEB80B6C3FF4, Size: 86016 bytes, Flags: 00000020
Wed 2011-10-05 18:37:41.0615 Infection detected: c:\users\leo arsenal\desktop\105\105\19 [MD5: B87B1DB2E8E44C2C8B36EC07A4C8FA1C] [3/00080000]
Wed 2011-10-05 18:37:41.0615 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\19 [MD5: B87B1DB2E8E44C2C8B36EC07A4C8FA1C, Size: 162816 bytes] [524288/00000003]
Wed 2011-10-05 18:37:41.0615 Performing cleanup entry: 12
Wed 2011-10-05 18:37:41.0678 Determination flags modified: MD5: B87B1DB2E8E44C2C8B36EC07A4C8FA1C, Size: 162816 bytes, Flags: 00000020
Wed 2011-10-05 18:37:41.0740 Infection detected: c:\users\leo arsenal\desktop\105\105\24 [MD5: 58C6BD2EF020F0D3781D1EC389841D4E] [3/08080000]
Wed 2011-10-05 18:37:41.0740 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\24 [MD5: 58C6BD2EF020F0D3781D1EC389841D4E, Size: 72704 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:41.0740 Performing cleanup entry: 13
Wed 2011-10-05 18:37:41.0787 Determination flags modified: MD5: 58C6BD2EF020F0D3781D1EC389841D4E, Size: 72704 bytes, Flags: 00000020
Wed 2011-10-05 18:37:41.0834 Infection detected: c:\users\leo arsenal\desktop\105\105\5 [MD5: 9CE8DDAF3EC3CB5BF4DCEB71A4822BB4] [3/00081000]
Wed 2011-10-05 18:37:41.0834 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\5 [MD5: 9CE8DDAF3EC3CB5BF4DCEB71A4822BB4, Size: 199896 bytes] [528384/00000003]
Wed 2011-10-05 18:37:41.0834 Performing cleanup entry: 14
Wed 2011-10-05 18:37:41.0959 Determination flags modified: MD5: 9CE8DDAF3EC3CB5BF4DCEB71A4822BB4, Size: 199896 bytes, Flags: 00000020
Wed 2011-10-05 18:37:41.0974 Infection detected: c:\users\leo arsenal\desktop\105\105\16 [MD5: 6AD95D527BEDD58C07AEA2D0C0DFD734] [3/00080000]
Wed 2011-10-05 18:37:41.0974 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\16 [MD5: 6AD95D527BEDD58C07AEA2D0C0DFD734, Size: 49822 bytes] [524288/00000003]
Wed 2011-10-05 18:37:41.0990 Performing cleanup entry: 15
Wed 2011-10-05 18:37:42.0037 Determination flags modified: MD5: 6AD95D527BEDD58C07AEA2D0C0DFD734, Size: 49822 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0099 Infection detected: c:\users\leo arsenal\desktop\105\105\1 [MD5: 12909793BFA80EB9731487028D2B7395] [3/00080000]
Wed 2011-10-05 18:37:42.0099 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\1 [MD5: 12909793BFA80EB9731487028D2B7395, Size: 49664 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0099 Performing cleanup entry: 16
Wed 2011-10-05 18:37:42.0131 Determination flags modified: MD5: 12909793BFA80EB9731487028D2B7395, Size: 49664 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0193 Infection detected: c:\users\leo arsenal\desktop\105\105\41 [MD5: A87BA8E4A13A2CFAA18AAF0404B5B89A] [3/00080000]
Wed 2011-10-05 18:37:42.0193 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\41 [MD5: A87BA8E4A13A2CFAA18AAF0404B5B89A, Size: 53353 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0193 Performing cleanup entry: 17
Wed 2011-10-05 18:37:42.0224 Determination flags modified: MD5: A87BA8E4A13A2CFAA18AAF0404B5B89A, Size: 53353 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0303 Infection detected: c:\users\leo arsenal\desktop\105\105\29 [MD5: 4AFB0A545A09F16FB49DEECDF4F9C7C4] [3/00080000]
Wed 2011-10-05 18:37:42.0303 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\29 [MD5: 4AFB0A545A09F16FB49DEECDF4F9C7C4, Size: 56832 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0303 Performing cleanup entry: 18
Wed 2011-10-05 18:37:42.0428 Infection detected: c:\users\leo arsenal\desktop\105\105\2 [MD5: CD64EB57E7606EED2F8660B7F88080CE] [3/00080000]
Wed 2011-10-05 18:37:42.0428 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\2 [MD5: CD64EB57E7606EED2F8660B7F88080CE, Size: 412844 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0443 Performing cleanup entry: 19
Wed 2011-10-05 18:37:42.0490 Determination flags modified: MD5: 4AFB0A545A09F16FB49DEECDF4F9C7C4, Size: 56832 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0521 Determination flags modified: MD5: CD64EB57E7606EED2F8660B7F88080CE, Size: 412844 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0568 Infection detected: c:\users\leo arsenal\desktop\105\105\35 [MD5: 25994E111B223A217E72CAD8ACDC8358] [3/00080000]
Wed 2011-10-05 18:37:42.0568 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\35 [MD5: 25994E111B223A217E72CAD8ACDC8358, Size: 217088 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0568 Performing cleanup entry: 20
Wed 2011-10-05 18:37:42.0693 Infection detected: c:\users\leo arsenal\desktop\105\105\42 [MD5: E7730CE13D88C5E192235E0673676ECD] [3/00080000]
Wed 2011-10-05 18:37:42.0693 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\42 [MD5: E7730CE13D88C5E192235E0673676ECD, Size: 187392 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0693 Performing cleanup entry: 21
Wed 2011-10-05 18:37:42.0787 Determination flags modified: MD5: 25994E111B223A217E72CAD8ACDC8358, Size: 217088 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0787 Determination flags modified: MD5: E7730CE13D88C5E192235E0673676ECD, Size: 187392 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0865 Infection detected: c:\users\leo arsenal\desktop\105\105\28 [MD5: 355F2FFAF4C499027D04A5591CB5D735] [3/00080000]
Wed 2011-10-05 18:37:42.0865 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\28 [MD5: 355F2FFAF4C499027D04A5591CB5D735, Size: 69632 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0865 Performing cleanup entry: 22
Wed 2011-10-05 18:37:42.0943 Infection detected: c:\users\leo arsenal\desktop\105\105\49 [MD5: 850E9FD4486890C8B5A8F715C16BAF6C] [3/00080000]
Wed 2011-10-05 18:37:42.0943 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\49 [MD5: 850E9FD4486890C8B5A8F715C16BAF6C, Size: 49826 bytes] [524288/00000003]
Wed 2011-10-05 18:37:42.0974 Determination flags modified: MD5: 355F2FFAF4C499027D04A5591CB5D735, Size: 69632 bytes, Flags: 00000020
Wed 2011-10-05 18:37:42.0990 Determination flags modified: MD5: 850E9FD4486890C8B5A8F715C16BAF6C, Size: 49826 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0021 Infection detected: c:\users\leo arsenal\desktop\105\105\9 [MD5: 2EC784DA32645ADA7065957CBCF0C950] [3/00080000]
Wed 2011-10-05 18:37:43.0021 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\9 [MD5: 2EC784DA32645ADA7065957CBCF0C950, Size: 2430780 bytes] [524288/00000003]
Wed 2011-10-05 18:37:43.0021 Performing cleanup entry: 23
Wed 2011-10-05 18:37:43.0084 Determination flags modified: MD5: 2EC784DA32645ADA7065957CBCF0C950, Size: 2430780 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0146 Infection detected: c:\users\leo arsenal\desktop\105\105\12 [MD5: 233716F7076ADB1B3D3B58961C4F9C3D] [3/08080000]
Wed 2011-10-05 18:37:43.0146 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\12 [MD5: 233716F7076ADB1B3D3B58961C4F9C3D, Size: 2582913 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:43.0146 Performing cleanup entry: 24
Wed 2011-10-05 18:37:43.0209 Determination flags modified: MD5: 233716F7076ADB1B3D3B58961C4F9C3D, Size: 2582913 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0240 Infection detected: c:\users\leo arsenal\desktop\105\105\17 [MD5: 03CA2D7FAA8F64408FD1EA70AA03C76C] [3/00080000]
Wed 2011-10-05 18:37:43.0240 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\17 [MD5: 03CA2D7FAA8F64408FD1EA70AA03C76C, Size: 102400 bytes] [524288/00000003]
Wed 2011-10-05 18:37:43.0240 Performing cleanup entry: 25
Wed 2011-10-05 18:37:43.0240 Infection detected: c:\users\leo arsenal\desktop\105\105\46 [MD5: F7ED7431AA37AEADB6E6BC27EDC53C53] [3/08080000]
Wed 2011-10-05 18:37:43.0240 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\46 [MD5: F7ED7431AA37AEADB6E6BC27EDC53C53, Size: 164352 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:43.0271 Determination flags modified: MD5: 03CA2D7FAA8F64408FD1EA70AA03C76C, Size: 102400 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0271 Determination flags modified: MD5: F7ED7431AA37AEADB6E6BC27EDC53C53, Size: 164352 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0334 Infection detected: c:\users\leo arsenal\desktop\105\105\39 [MD5: 2D0E973AEE4A6E5EBB9290EBDC3020B2] [3/00080000]
Wed 2011-10-05 18:37:43.0334 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\39 [MD5: 2D0E973AEE4A6E5EBB9290EBDC3020B2, Size: 45724 bytes] [524288/00000003]
Wed 2011-10-05 18:37:43.0334 Performing cleanup entry: 26
Wed 2011-10-05 18:37:43.0412 Infection detected: c:\users\leo arsenal\desktop\105\105\30 [MD5: 4894D28D1D2FF79A70D338649DAF3CD2] [3/00080000]
Wed 2011-10-05 18:37:43.0412 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\30 [MD5: 4894D28D1D2FF79A70D338649DAF3CD2, Size: 70986 bytes] [524288/00000003]
Wed 2011-10-05 18:37:43.0490 Infection detected: c:\users\leo arsenal\desktop\105\105\31 [MD5: 640D004A7061177C7FE48D428E452779] [3/08080000]
Wed 2011-10-05 18:37:43.0490 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\31 [MD5: 640D004A7061177C7FE48D428E452779, Size: 26624 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:43.0537 Determination flags modified: MD5: 2D0E973AEE4A6E5EBB9290EBDC3020B2, Size: 45724 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0537 Infection detected: c:\users\leo arsenal\desktop\105\105\33 [MD5: 54460EB6BEA55050C54C7E495D501687] [3/00081000]
Wed 2011-10-05 18:37:43.0537 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\33 [MD5: 54460EB6BEA55050C54C7E495D501687, Size: 1113360 bytes] [528384/00000003]
Wed 2011-10-05 18:37:43.0553 Determination flags modified: MD5: 4894D28D1D2FF79A70D338649DAF3CD2, Size: 70986 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0553 Determination flags modified: MD5: 640D004A7061177C7FE48D428E452779, Size: 26624 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0553 Determination flags modified: MD5: 54460EB6BEA55050C54C7E495D501687, Size: 1113360 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0803 Infection detected: c:\users\leo arsenal\desktop\105\105\34 [MD5: C40864B5FB08A8E24A4BEC08AEA77481] [3/08081000]
Wed 2011-10-05 18:37:43.0803 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\34 [MD5: C40864B5FB08A8E24A4BEC08AEA77481, Size: 89256 bytes] [134746112/00000003]
Wed 2011-10-05 18:37:43.0803 Performing cleanup entry: 27
Wed 2011-10-05 18:37:43.0896 Infection detected: c:\users\leo arsenal\desktop\105\105\38 [MD5: 8071D7718DCD5C5F57C79B30FF997261] [3/00080000]
Wed 2011-10-05 18:37:43.0896 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\38 [MD5: 8071D7718DCD5C5F57C79B30FF997261, Size: 57344 bytes] [524288/00000003]
Wed 2011-10-05 18:37:43.0943 Infection detected: c:\users\leo arsenal\desktop\105\105\7 [MD5: 621F2279F69686E8547E476B642B6C46] [3/08080000]
Wed 2011-10-05 18:37:43.0943 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\7 [MD5: 621F2279F69686E8547E476B642B6C46, Size: 6656 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:43.0990 Determination flags modified: MD5: C40864B5FB08A8E24A4BEC08AEA77481, Size: 89256 bytes, Flags: 00000020
Wed 2011-10-05 18:37:43.0990 Infection detected: c:\users\leo arsenal\desktop\105\105\22 [MD5: 374DF19E77467928F46145B9F50CA425] [3/08080000]
Wed 2011-10-05 18:37:43.0990 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\22 [MD5: 374DF19E77467928F46145B9F50CA425, Size: 88064 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:44.0037 Determination flags modified: MD5: 8071D7718DCD5C5F57C79B30FF997261, Size: 57344 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0037 Infection detected: c:\users\leo arsenal\desktop\105\105\40 [MD5: 1BE799FBB7810304412D1D7F6766AC42] [3/08080000]
Wed 2011-10-05 18:37:44.0037 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\40 [MD5: 1BE799FBB7810304412D1D7F6766AC42, Size: 77824 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:44.0084 Determination flags modified: MD5: 621F2279F69686E8547E476B642B6C46, Size: 6656 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0099 Determination flags modified: MD5: 374DF19E77467928F46145B9F50CA425, Size: 88064 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0115 Determination flags modified: MD5: 1BE799FBB7810304412D1D7F6766AC42, Size: 77824 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0334 Infection detected: c:\users\leo arsenal\desktop\105\105\26 [MD5: C4D24D5A51C9A6243D29CFF9E40F03DB] [3/08080000]
Wed 2011-10-05 18:37:44.0334 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\26 [MD5: C4D24D5A51C9A6243D29CFF9E40F03DB, Size: 184320 bytes] [134742016/00000003]
Wed 2011-10-05 18:37:44.0334 Performing cleanup entry: 28
Wed 2011-10-05 18:37:44.0349 Infection detected: c:\users\leo arsenal\desktop\105\105\14 [MD5: 9039831F59F0C0B17615B2767FD1427E] [3/00080000]
Wed 2011-10-05 18:37:44.0349 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\14 [MD5: 9039831F59F0C0B17615B2767FD1427E, Size: 173056 bytes] [524288/00000003]
Wed 2011-10-05 18:37:44.0381 Determination flags modified: MD5: C4D24D5A51C9A6243D29CFF9E40F03DB, Size: 184320 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0396 Determination flags modified: MD5: 9039831F59F0C0B17615B2767FD1427E, Size: 173056 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0412 Infection detected: c:\users\leo arsenal\desktop\105\105\11 [MD5: 44746C679345329A0891AC89179A239D] [3/00080000]
Wed 2011-10-05 18:37:44.0412 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\11 [MD5: 44746C679345329A0891AC89179A239D, Size: 258112 bytes] [524288/00000003]
Wed 2011-10-05 18:37:44.0412 Performing cleanup entry: 29
Wed 2011-10-05 18:37:44.0428 Infection detected: c:\users\leo arsenal\desktop\105\105\8 [MD5: FEDA5B9479FADC31E114FE82783886DC] [3/00080000]
Wed 2011-10-05 18:37:44.0428 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\8 [MD5: FEDA5B9479FADC31E114FE82783886DC, Size: 114698 bytes] [524288/00000003]
Wed 2011-10-05 18:37:44.0428 Infection detected: c:\users\leo arsenal\desktop\105\105\25 [MD5: 0BCE2E3557DB598CE557E1D0EC19DEB1] [3/00080000]
Wed 2011-10-05 18:37:44.0428 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\25 [MD5: 0BCE2E3557DB598CE557E1D0EC19DEB1, Size: 54784 bytes] [524288/00000003]
Wed 2011-10-05 18:37:44.0428 Determination flags modified: MD5: 44746C679345329A0891AC89179A239D, Size: 258112 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0428 Infection detected: c:\users\leo arsenal\desktop\105\105\20 [MD5: 62E1338F0DCCDCFE12695E7665EBAAE3] [3/00081000]
Wed 2011-10-05 18:37:44.0428 File blocked in realtime: c:\users\leo arsenal\desktop\105\105\20 [MD5: 62E1338F0DCCDCFE12695E7665EBAAE3, Size: 72720 bytes] [528384/00000003]
Wed 2011-10-05 18:37:44.0459 Determination flags modified: MD5: FEDA5B9479FADC31E114FE82783886DC, Size: 114698 bytes, Flags: 00000020
Wed 2011-10-05 18:37:44.0459 Determination flags modified: MD5: 0BCE2E3557DB598CE557E1D0EC19DEB1, Size: 54784 bytes, Flags: 00000020

[病毒样本] 精睿论坛样本测试（10.5）

评分

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块