精睿样本测试（15.4.2）

显示全部楼层 · 发表于 2015-4-2 08:50:29

本帖最后由神迹般存在于 2015-4-2 16:16 编辑

地址：http://kuai.xunlei.com/d/zuh.AVjdZYwcVQQA36a

http://pan.baidu.com/s/1kTvIp7p 提取密码 jtsb

密码：vc52
数量：100

显示全部楼层 · 发表于 2015-4-2 09:09:09

本帖最后由 taroyoo 于 2015-4-2 09:13 编辑

AVG占位
[mw_shl_code=css,true]D:\2015.4.2\2015.4.2\[1].vir;"特洛伊木马 PSW.Generic12.AMWG";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[10].vir;"发现病毒 Worm/AutoRun.OT";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[100].vir;"特洛伊木马 SHeur4.BYWP";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[11].vir;"发现病毒 Win32/Ramnit.A";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[12].vir;"发现病毒 Win32/Alman";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[13].vir;"发现病毒 Win32/Sality";"正在处理...";"未解决";"高"
D:\2015.4.2\2015.4.2\[14].vir;"特洛伊木马 Downloader.Generic14.HND";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[15].vir;"特洛伊木马 Downloader.Generic14.HND";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[16].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[17].vir;"发现病毒 Worm/AutoRun.JT";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[18].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[19].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[2].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[20].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[21].vir;"特洛伊木马 Downloader.Generic14.HND";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[22].vir;"特洛伊木马 Downloader.Generic14.HND";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[23].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[24].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[25].vir;"发现病毒 Win32/Tanatos.M";"已保护";"已修复";"高"
D:\2015.4.2\2015.4.2\[26].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[27].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[28].vir;"发现病毒 Worm/Allaple.B";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[29].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[3].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[30].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[31].vir;"特洛伊木马 PSW.Generic10.CHVU";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[32].vir;"特洛伊木马 Dropper.Generic_c.MWD";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[33].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[34].vir;"发现病毒 Win32/Wapomi";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[35].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[36].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[37].vir;"特洛伊木马 Agent2.AKRM";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[38].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[39].vir;"发现 Win32/DH{gRKBEztQTxVRgQccUyADYQ8kIg}";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[4].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[40].vir;"发现病毒 Win32/ElKern.C";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[41].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[42].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[43].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[44].vir;"发现病毒 Win32/Zbot.G";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[45].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[46].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[47].vir;"特洛伊木马 Inject2.ASWR";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[48].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[49].vir;"发现病毒 Worm/AutoRun.MX";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[5].vir;"发现 Win32/DH{gRKBE14egQ82Cg}";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[50].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[51].vir;"特洛伊木马 Citem.ESV";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[52].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[53].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[54].vir;"发现病毒 Win32/VBCrypt";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[55].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[56].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[57].vir;"发现病毒 Worm/Viking.T";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[58].vir;"发现病毒 I-Worm/Nuwar.N";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[59].vir;"发现病毒 Win32/Alman";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[6].vir;"特洛伊木马 Generic18.ARRV";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[60].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[61].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[62].vir;"特洛伊木马 Downloader.Generic9.AYKD";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[63].vir;"特洛伊木马 SHeur.CNKQ";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[64].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[65].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[66].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[67].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[68].vir;"特洛伊木马 Dropper.Agent.9.BH";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[69].vir;"特洛伊木马 Inject2.BVPU.dropper";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[7].vir;"特洛伊木马 PSW.Keylog.AQ";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[70].vir;"发现病毒 Win32/Chir.C@mm";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[71].vir;"发现 Win32/DH{gRKBE14egQ82Cg}";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[72].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[73].vir;"特洛伊木马 BackDoor.Agent.NG";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[74].vir;"发现 Win32/DH{gQoDZw9FBjdmgRNcEw}";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[75].vir;"发现病毒 Worm/Allaple.B";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[76].vir;"发现病毒 Win32/PEMask";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[77].vir;"特洛伊木马 Downloader.Generic14.HND";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[78].vir;"特洛伊木马 PSW.Generic12.AMWG";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[79].vir;"发现病毒 Worm/Koobface.F";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[8].vir;"发现病毒 Win32/Sality";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[80].vir;"特洛伊木马 Agent_r.L";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[81].vir;"特洛伊木马 BHO.YIH";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[82].vir;"特洛伊木马 Agent4.RTK";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[83].vir;"发现病毒 Worm/Generic_r.IE";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[84].vir;"特洛伊木马 PSW.Generic2.POB";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[85].vir;"特洛伊木马 Autoit.FY";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[86].vir;"特洛伊木马 Autoit.FY";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[87].vir;"发现病毒 Win32/Sality.Y";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[88].vir;"特洛伊木马 Downloader.Small.FHT";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[89].vir;"特洛伊木马 PSW.Generic7.BYBR.dropper";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[9].vir;"特洛伊木马 Hider.ABQE.dropper";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[90].vir;"特洛伊木马 BackDoor.Bifrose.BL";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[91].vir;"特洛伊木马 SHeur3.KAC";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[92].vir;"特洛伊木马 Downloader.Generic14.LEW";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[93].vir;"特洛伊木马 BackDoor.Generic12.CILN.dropper";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[94].vir;"特洛伊木马 Generic31.BGFG";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[95].vir;"发现 Win32/DH{gRMgA2cICQoPgRIkIh4TXA}";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[96].vir;"特洛伊木马 PSW.OnlineGames.2.U";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[97].vir;"特洛伊木马 Clicker.AIYQ";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[98].vir;"发现病毒 Win32/Ramnit.A";"未解决";"未解决";"高"
D:\2015.4.2\2015.4.2\[99].vir;"发现病毒 Win32/Sality.Y";"未解决";"未解决";"高" [/mw_shl_code]

显示全部楼层 · 发表于 2015-4-2 09:10:09

本帖最后由 ericdj 于 2015-4-3 17:06 编辑

GD kill all

[mw_shl_code=html,true]Virus check with G DATA INTERNET SECURITY
Version 25.0.2.4 (2015/1/8)
Virus signature dated 2015/4/2
Start time: 2015/4/2 9:16:31
Engine(s): Engine A (AVA 25.916), Engine B (GD 25.4885)
Heuristics: On
Archives: On
System areas: On
Check rootkits: Off

Analysis performed in full: 2015/4/2 9:17:09
   100 files checked
   100 infected files detected
   0 suspicious files found

Object: [10].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Worm.Sohanad.NBN (Engine A)

Object: [100].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Nestha.C (Engine A)

Object: [11].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [12].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Almanahe.D (Engine A)

Object: [13].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [14].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [15].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [17].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Jadtre.E (Engine A)

Object: [18].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [19].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [16].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [1].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [21].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [20].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [23].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [22].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [24].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [25].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Virtob.Gen.12 (Engine A)

Object: [27].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [28].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Worm.Allaple.Gen (Engine A)

Object: [26].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [2].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [29].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [31].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Sirefef.124 (Engine A)

Object: [32].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Worm.Viking.AR (Engine A)

Object: [33].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [34].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.VJadtre.3 (Engine A)

Object: [30].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [36].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [37].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Trojan.Heur.RP.gqZ@aiNg8Ck (Engine A)

Object: [38].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [35].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [39].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Proxy.Horst.APO (Engine A)

Object: [3].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [41].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [42].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [43].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [44].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit.N (Engine A)

Object: [40].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Viking.819869A2 (Engine A)

Object: [45].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [46].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [48].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

+
Archive: [47].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Nsis.Androm.3, Trojan.GenericKD.1822444 (Engine A)

Object: [4].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [49].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Runouce.B@mm (Engine A)

Object: [50].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [51].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Malware.Heur.hq0@bOotY9pG (Engine A)

Object: [52].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [54].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Kazy.384152 (Engine A)

Object: [55].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [53].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [56].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [58].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Malware.SYd!g.300E9615 (Engine A)

Object: [59].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Almanahe.D (Engine A)

Object: [5].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15893 (Engine A)

Object: [57].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Viking.39931919 (Engine A)

Object: [60].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [62].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Malware.SP!Pk!g.4E7B4C11 (Engine A)

Object: [63].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Agent.AKXJ (Engine A)

Object: [61].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [64].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [66].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [67].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [68].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Viking.AZ (Engine A)

Object: [65].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [6].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Crypt.BC (Engine A)

Object: [69].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Trojan.Heur.FU.gm1@a47Q9!ob (Engine A)

Object: [71].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15893 (Engine A)

Object: [72].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [70].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Runouce.B@mm (Engine A)

Object: [74].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Generic.9176938 (Engine A)

Object: [75].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Worm.Allaple.Gen (Engine A)

Object: [73].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Kazy.31265 (Engine A)

Object: [77].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [78].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [79].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Worm.Koobface.BJ (Engine A)

Object: [7].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Delf.Agent.AH (Engine A)

Object: [76].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Backdoor.Hupigon.AYPE (Engine A)

Object: [80].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.PWS.OnlineGames.ZWU (Engine A)

Object: [81].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Adware.Graftor.180167 (Engine A)

Object: [82].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Generic.10134024 (Engine A)

Object: [83].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Generic.8370611 (Engine A)

Object: [84].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: DeepScan:Generic.Malware.SMPPkg.3617FF0A (Engine A)

Object: [85].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Strictor.81798 (Engine A)

Object: [86].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Strictor.81798 (Engine A)

Object: [88].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Graftor.28753 (Engine A)

Object: [89].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Trojan.Heur.DP.cmGfa0vCnHeb (Engine A)

Object: [87].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Malware.P!DYVdPk!g.9A292A40 (Engine A)

Object: [8].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [91].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Crypt.Delf.I (Engine A)

Object: [90].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Crypt.BH (Engine A)

Object: [93].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Dropper.SMA (Engine A)

Object: [94].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Variant.Sirefef.918 (Engine A)

Object: [92].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.Spy.ZBot.CB (Engine A)

Object: [96].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Trojan.PWS.OnlineGames.AAIL (Engine A)

Object: [97].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Gen:Trojan.Heur.VP.dmKfaGH63Wcb (Engine A)

Object: [98].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [95].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Malware.FWX!g.C7545C36 (Engine A)

Object: [99].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Generic.Malware.P!DYVdPk!g.AF3F56C4 (Engine A)

Object: [9].vir
Path: C:\Users\eric\Desktop\virus\2015.4.2
Status: Virus, file deleted
Virus: Dropped:Trojan.Generic.12605817 (Engine A)
[/mw_shl_code]

显示全部楼层 · 发表于 2015-4-2 10:06:14

费尔右键检测100，修复5， miss0

[mw_shl_code=css,true]
C:\Users\jg\Desktop\2015.4.2\[100].vir Virus.9BBAB6156D634ED5 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[10].vir Suspicious:Trojan.2003C3B21911AA803.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[11].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[12].vir Suspicious:Virus.5BB9@120000@16E2FA.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[13].vir Suspicious:Virus.0FCF@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[14].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[15].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[16].vir Suspicious:Virus.87CB@2FF0000@32000.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[17].vir Suspicious:Virus.0000@320085C075@24.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[18].vir Suspicious:Virus.0669@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[19].vir Suspicious:Virus.8ACA@2400000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[1].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[20].vir W32.Sality.gen.hbjp 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[21].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[22].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[23].vir Suspicious:Virus.C7C5@2FF0000@2FF0F.mg 病毒!基因修复成功
C:\Users\jg\Desktop\2015.4.2\[24].vir Suspicious:Virus.0A80@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[25].vir Suspicious:Virus.0FCF@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[26].vir W32.Sality.gen.nogh 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[27].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[28].vir Suspicious:Trojan.034C24@32004C24@2.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[29].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[2].vir Suspicious:Virus.F671@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[30].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[31].vir Trojan.EC9A82763F4C2DA8 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[32].vir Virus.A2D1681339B1D546 病毒修复成功
C:\Users\jg\Desktop\2015.4.2\[33].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[34].vir Suspicious:Virus.880000008365EC0083.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[35].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[36].vir Suspicious:Virus.B6DD@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[37].vir Trojan.531EF6680D0EDDD0 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[38].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[39].vir Suspicious:Virus.59F7@2408D04@1883F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[3].vir Suspicious:Virus.81D0@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[40].vir Trojan.0AB489EEF212A42B 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[41].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[42].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[43].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[44].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[45].vir Suspicious:Virus.C7C5@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[46].vir Suspicious:Virus.0000@2FFC7C7@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[47].vir Trojan.Inject.phov.ijbc.arc 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[48].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[49].vir Suspicious:Trojan.6168@1300C3@18000.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[4].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[50].vir Suspicious:Virus.69F1@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[51].vir Suspicious.6BF5BC2744FAD13F 可疑程序隔离成功
C:\Users\jg\Desktop\2015.4.2\[52].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[53].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[54].vir W32.VBObfus.QW.ikao 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[55].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[56].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[57].vir Virus.5DDFF3AAF1879EC5 病毒修复成功
C:\Users\jg\Desktop\2015.4.2\[58].vir Suspicious:Trojan.9090@2FF0090@2400.mg 木马!基因修复成功
C:\Users\jg\Desktop\2015.4.2\[59].vir Suspicious:Virus.5BB9@120000@16E2FA.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[5].vir Trojan.DOMG.ulxx 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[60].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[61].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[62].vir Trojan.A5E4C6BD1E324B79 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[63].vir Backdoor.7C154FB7FE43657E 后门隔离成功
C:\Users\jg\Desktop\2015.4.2\[64].vir Suspicious:Virus.C7C0@2FF0FAF@32000.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[65].vir Suspicious:Virus.F3C6@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[66].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[67].vir Suspicious:Virus.0FCF@2FF0000@2FF0F.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[68].vir Suspicious:Virus.558BEC83EC70538365.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[69].vir Trojan.Cap153305.wpvd! 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[6].vir Suspicious:Trojan.0000@2FF20400068@.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[70].vir Suspicious:Trojan.6168@1300C3@18000.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[71].vir Trojan.DOMG.ulxx 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[72].vir Suspicious:Virus.81DE@2FF0000@32000.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[73].vir Backdoor.D86C8374FE478441 后门隔离成功
C:\Users\jg\Desktop\2015.4.2\[74].vir Suspicious:Suspicious.8030#403D@240.mg 可疑程序!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[75].vir Suspicious:Virus.C744@32000401@2FF4.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[76].vir Suspicious:Backdoor.B818000000648B1.mg 后门!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[77].vir Trojan.Cap148156.kwer 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[78].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[79].vir Virus.8B87384CDA2EAA6F 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[7].vir Suspicious:Trojan.0010#010442797465.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[80].vir Trojan.087D7C70518F24EB 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[81].vir Trojan.Generic.iodq 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[82].vir Trojan.286B41CCD78C90AD 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[83].vir Trojan.D7F4D23A8022DE29 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[84].vir Trojan.750DB376F870CD1D 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[85].vir Trojan.Yakes.kegj.wlhy 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[86].vir Trojan.Yakes.kcqp.gztb 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[87].vir Trojan.8E893994731197BD 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[88].vir Trojan.B202A235F1B55660 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[89].vir Suspicious:Trojan.20836CFFFF25/7140.mg 木马!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[8].vir W32.Sality.gen.rlpp 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[90].vir Backdoor.Bifrose.la.frun 后门隔离成功
C:\Users\jg\Desktop\2015.4.2\[91].vir Trojan.489FECF47DF8BB76 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[92].vir Trojan.75CB87E733810DD2 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[93].vir Trojan.B8D93FB06409B1A6 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[94].vir Backdoor.712C18F382034844 后门隔离成功
C:\Users\jg\Desktop\2015.4.2\[95].vir Suspicious:Virus.0000@240BDAC@2FF33.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[96].vir Virus.57C1C6944937804D 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[97].vir Trojan.22D67AB3450CCB04 木马隔离成功
C:\Users\jg\Desktop\2015.4.2\[98].vir Suspicious:Virus.60E8000000005D8BC5.mg 病毒!基因隔离成功
C:\Users\jg\Desktop\2015.4.2\[99].vir Virus.0472E849A5FBEA67 病毒隔离成功
C:\Users\jg\Desktop\2015.4.2\[9].vir TrojanDrop.Agent.rsdv.ohnn 木马修复成功
[/mw_shl_code]

显示全部楼层 · 发表于 2015-4-2 10:28:37

大蜘蛛解除威胁98 清除35

显示全部楼层 · 发表于 2015-4-2 10:31:18

@驭龙能分析一下黑寡妇为什么这样么？两个样本偶尔能拦截，两个应该都存在此问题
情况是这样的，有个样本拦截后忘记截图了，又重新运行了一次，结果黑寡妇给无视了，后面就有联网弹窗了

显示全部楼层 · 发表于 2015-4-2 10:36:27

swq0503 发表于 2015-4-2 10:31
@驭龙能分析一下黑寡妇为什么这样么？两个样本偶尔能拦截，两个应该都存在此问题
情况是这样的 ...

黑寡妇的DPH好像是这样的，拦截样本以后应该重启才彻底完成清理，撤销的行为也已经挂起，所以再运行样本就不拦截了，重启动以后应该会再次拦截，这是DrWeb 9的情况，而DrWeb 10我没有测试，但看你说的情况，应该跟DrWeb 9的DPH问题一样，这个应该是设计？

显示全部楼层 · 发表于 2015-4-2 10:38:24

驭龙发表于 2015-4-2 10:36
黑寡妇的DPH好像是这样的，拦截样本以后应该重启才彻底完成清理，撤销的行为也已经挂起，所以再运行样本 ...

实机沙盘运行第一次是拦截的，后来不拦截也重启过
样本放在虚拟机中也是这样子

显示全部楼层 · 发表于 2015-4-2 10:40:47

swq0503 发表于 2015-4-2 10:38
实机沙盘运行第一次是拦截的，后来不拦截也重启过
样本放在虚拟机中也是这样子

那个新问题么？你试一下在虚拟机中双击以后立即重启动，然后再双击一下，看看是否拦截

显示全部楼层 · 发表于 2015-4-2 10:56:55

驭龙发表于 2015-4-2 10:40
那个新问题么？你试一下在虚拟机中双击以后立即重启动，然后再双击一下，看看是否拦截

特别是69样本，按照你说的运行后重启（有防火墙提示），再运行没有任何反应了

[病毒样本] 精睿样本测试（15.4.2）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块