精睿样本测试（15.4.6）

显示全部楼层 · 发表于 2015-4-6 09:28:09

本帖最后由 ericdj 于 2015-4-6 09:38 编辑

最新的精睿样本又出炉咯 ——转载至精睿论坛

地址：http://kuai.xunlei.com/d/zuh.ARnlN98hVQQA99e

http://pan.baidu.com/s/1hqvi9KS 提取密码 71gy

密码：vc52
数量：100

蛋挞 kill 99，miss [100].vir

[mw_shl_code=html,true]Virus check with G DATA INTERNET SECURITY
Version 25.0.2.4 (2015/1/8)
Virus signature dated 2015/4/6
Start time: 2015/4/6 9:31:34
Engine(s): Engine A (AVA 25.972), Engine B (GD 25.4907)
Heuristics: On
Archives: On
System areas: On
Check rootkits: Off

Check system areas...
Check the following directories and files:
C:\Users\eric\Desktop\virus\2015.4.6\

Analysis performed in full: 2015/4/6 9:32:19
   100 files checked
   99 infected files detected
   0 suspicious files found

Object: [10].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.ServStart.334E2379 (Engine A)

Object: [11].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Trojan.Generic.12605817 (Engine A)

Object: [12].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Symmi.39699 (Engine A)

Object: [13].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Worm.Allaple.Gen (Engine A)

Object: [15].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [14].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [17].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.VJadtre.3 (Engine A)

Object: [18].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.PoisonIvy.1BBBAFB0 (Engine A)

Object: [16].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [1].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Almanahe.D (Engine A)

Object: [19].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.Viking.AB7479AC (Engine A)

Object: [21].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Graftor.21665 (Engine A)

Object: [22].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Almanahe.D (Engine A)

Object: [23].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: DeepScan:Generic.Onlinegames.14.05435A67 (Engine A)

Object: [20].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [25].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [24].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [26].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [27].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.OG (Engine A)

Object: [29].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Agent.AQNV (Engine A)

Object: [28].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [2].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [30].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [32].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Worm.Generic.23834 (Engine A)

Object: [33].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Worm.Generic.557195 (Engine A)

Object: [34].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Worm.Generic.24461 (Engine A)

Object: [35].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.PWS.Delf.LZ (Engine A)

Object: [31].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Peed.Gen (Engine A)

Object: [36].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [37].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [39].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Generic.8549878 (Engine A)

Object: [3].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [40].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Trojan.Heur.GM.1004030428 (Engine A)

Object: [38].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [42].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Agent.BIRH (Engine A)

Object: [41].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [44].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Worm.Viking.IZ (Engine A)

Object: [45].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Worm.Viking.NDD (Engine A)

Object: [46].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [43].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [47].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.OG (Engine A)

Object: [49].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [4].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [50].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [51].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [52].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: GenPack:Generic.Hupigon.YQA.69987DED (Engine A)

Object: [53].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: GenPack:Generic.ServStart.5010D8FA (Engine A)

–
Archive: [54].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.Starter.4.A594589B (Engine A)

Object: (RAR Sfx o)=>IPK.bat
In archive: C:\Users\eric\Desktop\virus\2015.4.6\[54].vir
Status: Virus detected
Virus: Generic.Starter.4.A594589B

Object: [48].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Trojan.Generic.13104423 (Engine A)

Object: [56].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Symmi.8368 (Engine A)

Object: [55].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Adware.Graftor.180167 (Engine A)

Object: [57].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit.N (Engine A)

Object: [58].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [5].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Graftor.94620 (Engine A)

Object: [59].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.OG (Engine A)

Object: [60].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [62].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Backdoor.Bot.158614 (Engine A)

Object: [61].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Parite.A (Engine A)

Object: [64].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [63].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [65].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [67].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.OG (Engine A)

Object: [68].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [66].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.OG (Engine A)

Object: [69].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [70].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [6].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [71].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Generic.4723073 (Engine A)

Object: [73].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Kazy.516741 (Engine A)

Object: [74].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.OG (Engine A)

Object: [72].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [76].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Zusy.10078 (Engine A)

Object: [77].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [78].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Generic.8668617 (Engine A)

Object: [79].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Ramnit (Engine A)

Object: [75].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.Sdbot.3B9FAA2B (Engine A)

Object: [7].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [81].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.GenericKD.2260588 (Engine A)

Object: [80].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Dropped:Rootkit.15620 (Engine A)

Object: [82].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Win32.Sality.3 (Engine A)

Object: [83].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: GenPack:Generic.ServStart.F152F409 (Engine A)

Object: [84].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.PWS.Games.3.FC3FB601 (Engine A)

Object: [86].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Barys.2028 (Engine A)

Object: [85].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Adware.Graftor.Elzob.22980 (Engine A)

Object: [87].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Delf.Agent.AH (Engine A)

Object: [88].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Symmi.3843 (Engine A)

Object: [8].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Graftor.31784 (Engine A)

Object: [90].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Backdoor.PCClient.TCH (Engine A)

Object: [91].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Kazy.1750 (Engine A)

Object: [92].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Generic.1746211 (Engine A)

Object: [93].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Dropper.AV (Engine A)

Object: [94].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Kazy.25 (Engine A)

Object: [89].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.PWS.Pinch.A (Engine A)

Object: [95].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Kazy.584861 (Engine A)

Object: [96].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Gen:Variant.Graftor.181110 (Engine A)

Object: [98].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Trojan.Crypt.DG (Engine A)

Object: [97].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Packer.Pohernah.A (Engine A)

Object: [9].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Worm.Generic.23834 (Engine A)

Object: [99].vir
Path: C:\Users\eric\Desktop\virus\2015.4.6
Status: Virus, file deleted
Virus: Generic.Hupigon.PAS.31A3A2CF (Engine A)

–
The following files are password-protected:

C:\Users\eric\Desktop\virus\2015.4.6\[54].vir
[/mw_shl_code]

显示全部楼层 · 发表于 2015-4-6 09:31:11

本帖最后由 cxy密斯于 2015-4-6 09:45 编辑

kes10检测98，修复34

显示全部楼层 · 发表于 2015-4-6 09:33:55

本帖最后由 Flying_Bird 于 2015-4-6 09:44 编辑

ESS8-CH deleted 70x, repaired 29x and missed 1x(100.vir).
[mw_shl_code=xml,true][10].vir - Win32/ServStart.IZ 特洛伊木马的变种 - 通过删除清除 - 已隔离
[11].vir - Win32/Zzinfor.F 潜在的不受欢迎应用程序的变种 - 通过删除清除 - 已隔离
[12].vir - Win32/Injector.AZLY 特洛伊木马的变种 - 通过删除清除 - 已隔离
[13].vir - Win32/Kryptik.BBVI 特洛伊木马的变种 - 通过删除清除 - 已隔离
[14].vir - Win32/Ramnit.A 病毒 - 已清除 - 已隔离
[15].vir - Win32/Ramnit.A 病毒 - 已清除 - 已隔离
[16].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[17].vir - Win32/Wapomi.AA 病毒 - 已删除 - 已隔离
[18].vir - Win32/Poison.NAI 特洛伊木马 - 通过删除清除 - 已隔离
[19].vir - Win32/Viking.BB 病毒 - 已删除 - 已隔离
[1].vir - Win32/Alman.NAB 病毒 - 已清除 - 已隔离
[20].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[21].vir - Win32/Kryptik.MYM 特洛伊木马的变种 - 通过删除清除 - 已隔离
[22].vir - Win32/Alman.NAB 病毒 - 已清除 - 已隔离
[23].vir - Win32/PSW.OnLineGames.NRD 特洛伊木马的变种 - 通过删除清除 - 已隔离
[24].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[25].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[26].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[27].vir - Win32/Sality.NAU 病毒 - 已清除 - 已隔离
[28].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[29].vir - Win32/TrojanDownloader.Agent.QFO 病毒 - 已删除 - 已隔离
[2].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[30].vir - Win32/Ramnit.A 病毒 - 已清除 - 已隔离
[31].vir - Win32/Nuwar.Gen 蠕虫 - 通过删除清除 - 已隔离
[32].vir - Win32/Mydoom.Q 蠕虫 - 通过删除清除 - 已隔离
[33].vir - Win32/Agent.NJC 蠕虫的变种 - 通过删除清除 - 已隔离
[34].vir - Win32/Mydoom.R 蠕虫 - 通过删除清除 - 已隔离
[35].vir - Win32/Viking.AR 病毒 - 已删除 - 已隔离
[36].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[37].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[38].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[39].vir - Win32/Bifrose.ADR 特洛伊木马 - 通过删除清除 - 已隔离
[3].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[40].vir - Win32/Pacex.Gen 病毒 - 已删除 - 已隔离
[41].vir - Win32/Ramnit.A 病毒 - 通过删除清除 - 已隔离
[42].vir - Win32/TrojanDownloader.Waski.F 特洛伊木马 - 通过删除清除 - 已隔离
[43].vir - Win32/Ramnit.A 病毒 - 通过删除清除 - 已隔离
[44].vir - Win32/Viking.DC 病毒 - 已删除 - 已隔离
[45].vir - Win32/Viking.BT 病毒 - 已删除 - 已隔离
[46].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[47].vir - Win32/Sality.NAT 病毒 - 已清除 - 已隔离
[48].vir - Win32/Injector.BXDQ 特洛伊木马的变种 - 通过删除清除 - 已隔离
[49].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[4].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[50].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[51].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[52].vir - Win32/Hupigon 特洛伊木马的变种 - 通过删除清除 - 已隔离
[53].vir - Win32/ServStart.AD 特洛伊木马 - 通过删除清除 - 已隔离
[54].vir - Generik.DYFGGMJ 特洛伊木马的变种 - 通过删除清除 - 已隔离
[55].vir - Win32/BHOUninstaller.AB 潜在的不受欢迎应用程序的变种 - 通过删除清除 - 已隔离
[56].vir - Win32/TrojanDownloader.Agent.RFS 特洛伊木马的变种 - 通过删除清除 - 已隔离
[57].vir - Win32/ServStart.JA 特洛伊木马的变种 - 通过删除清除 - 已隔离
[58].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[59].vir - Win32/Chir.B 病毒 - 已清除 - 已隔离
[5].vir - Win32/TrojanDownloader.Agent.RFS 特洛伊木马的变种 - 通过删除清除 - 已隔离
[60].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[61].vir - Win32/Parite.A 病毒 - 已清除 - 已隔离
[62].vir - Win32/IRCBot.OV 特洛伊木马 - 通过删除清除 - 已隔离
[63].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[64].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[65].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[66].vir - Win32/Chir.B 病毒 - 已清除 - 已隔离
[67].vir - Win32/Sality.NAU 病毒 - 已清除 - 已隔离
[68].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[69].vir - Win32/VB.NHZ 蠕虫 - 通过删除清除 - 已隔离
[6].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[70].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[71].vir - Win32/AutoRun.Delf.PH 蠕虫 - 通过删除清除 - 已隔离
[72].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[73].vir - Win32/Spy.Agent.OOT 特洛伊木马的变种 - 通过删除清除 - 已隔离
[74].vir - Win32/Sality.NAR 病毒 - 已清除 - 已隔离
[75].vir - Win32/Rbot 特洛伊木马的变种 - 通过删除清除 - 已隔离
[76].vir - Win32/AutoRun.AntiAV.X 蠕虫的变种 - 通过删除清除 - 已隔离
[77].vir - Win32/Sohanad.NFN 蠕虫 - 通过删除清除 - 已隔离
[78].vir - Win32/Poison.K 特洛伊木马 - 通过删除清除 - 已隔离
[79].vir - Win32/Ramnit.A 病毒 - 已清除 - 已隔离
[7].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[80].vir - Win32/Hijacker.B 特洛伊木马 - 通过删除清除 - 已隔离
[81].vir - Win32/Boaxxe.BR 特洛伊木马 - 通过删除清除 - 已隔离
[82].vir - Win32/Sality.NBA 病毒 - 已清除 - 已隔离
[83].vir - Win32/ServStart.AD 特洛伊木马 - 通过删除清除 - 已隔离
[84].vir - Win32/PSW.OnLineGames.NUA 特洛伊木马的变种 - 通过删除清除 - 已隔离
[85].vir - Win32/Agent.PTP 特洛伊木马的变种 - 通过删除清除 - 已隔离
[86].vir - Win32/TrojanDownloader.VB.PVQ 特洛伊木马的变种 - 通过删除清除 - 已隔离
[87].vir - Win32/Remtasu.F 特洛伊木马 - 通过删除清除 - 已隔离
[88].vir - Win32/Kryptik.ASTB 特洛伊木马的变种 - 通过删除清除 - 已隔离
[89].vir - Win32/PSW.Small.NAF 特洛伊木马 - 通过删除清除 - 已隔离
[8].vir - Win32/Injector.KP 特洛伊木马的变种 - 通过删除清除 - 已隔离
[90].vir - Win32/PcClient.NFK 特洛伊木马的变种 - 通过删除清除 - 已隔离
[91].vir - Win32/Virlock.J 病毒的变种 - 已删除 - 已隔离
[92].vir - Win32/Agent.PBD 特洛伊木马 - 通过删除清除 - 已隔离
[93].vir - Win32/TrojanDropper.Agent.QBF 特洛伊木马 - 通过删除清除 - 已隔离
[94].vir - Win32/TrojanDownloader.Unruy.BN 特洛伊木马 - 通过删除清除 - 已隔离
[95].vir - Win32/TrojanDownloader.Agent.BDR 特洛伊木马 - 通过删除清除 - 已隔离
[96].vir - Win32/Kryptik.DCTD 特洛伊木马的变种 - 通过删除清除 - 已隔离
[97].vir - Generik.IBOCDPO 特洛伊木马的变种 - 通过删除清除 - 已隔离
[98].vir - Win32/PcClient 特洛伊木马的变种 - 通过删除清除 - 已隔离
[99].vir - Win32/Hupigon 特洛伊木马的变种 - 通过删除清除 - 已隔离
[9].vir - Win32/Mydoom.Q 蠕虫 - 通过删除清除 - 已隔离[/mw_shl_code]

显示全部楼层 · 发表于 2015-4-6 09:35:46

本帖最后由学雷锋做人于 2015-4-6 09:42 编辑

360安全卫士(关伞)：100个

FD，单测VT：100个

显示全部楼层 · 发表于 2015-4-6 09:41:18

本帖最后由欧阳宣于 2015-4-6 10:00 编辑

norton占位
检测98个，修复30个。
[mw_shl_code=css,true]Resolved Threats:
W32.Almanahe.B!inf
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
e:\virus\huge\2015.4.6\[1].vir - Repaired
e:\virus\huge\2015.4.6\[22].vir - Repaired
1 Browser Cache

W32.Sality.AE
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
289 Registry Entries
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->UacDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot->AlternateShell - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot->AlternateShell:cmd.exe - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Repaired
HKEY_CLASSES_ROOT\exefile - Repaired
HKEY_CLASSES_ROOT\exefile\->TileInfo:prop:FileDescription;Company;FileVersion - Repaired
HKEY_CLASSES_ROOT\exefile\->InfoTip:prop:FileDescription;Company;FileVersion;Create;Size - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\->FirewallDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\->UpdatesDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\->FirstRunDisabled:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\->UacDisableNotify:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System->DisableRegistryTools:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\->Shell:Explorer.exe - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->UpdatesDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DisableNotifications:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->EnableFirewall:1 - Repaired
20 Files
e:\virus\huge\2015.4.6\[16].vir - Repaired
e:\virus\huge\2015.4.6\[28].vir - Repaired
e:\virus\huge\2015.4.6\[36].vir - Repaired
e:\virus\huge\2015.4.6\[2].vir - Repaired
e:\virus\huge\2015.4.6\[25].vir - Repaired
e:\virus\huge\2015.4.6\[37].vir - Repaired
e:\virus\huge\2015.4.6\[26].vir - Repaired
e:\virus\huge\2015.4.6\[38].vir - Repaired
e:\virus\huge\2015.4.6\[47].vir - Repaired
e:\virus\huge\2015.4.6\[50].vir - Repaired
e:\virus\huge\2015.4.6\[49].vir - Repaired
e:\virus\huge\2015.4.6\[27].vir - Deleted
e:\virus\huge\2015.4.6\[64].vir - Repaired
e:\virus\huge\2015.4.6\[65].vir - Repaired
e:\virus\huge\2015.4.6\[67].vir - Repaired
e:\virus\huge\2015.4.6\[6].vir - Repaired
e:\virus\huge\2015.4.6\[68].vir - Repaired
e:\virus\huge\2015.4.6\[70].vir - Repaired
e:\virus\huge\2015.4.6\[74].vir - Repaired
e:\virus\huge\2015.4.6\[82].vir - Repaired
1 Browser Cache

Trojan.Zbot
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
41 Registry Entries
HKEY_USERS\S-1-5-19\Software\gHcq8R9 - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\gHcq8R9 - Restart Required
HKEY_USERS\S-1-5-20\Software\gHcq8R9 - Restart Required
HKEY_USERS\.DEFAULT\Software\gHcq8R9 - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DE7CBE17-0368-40E2-8357-1639DA027BAB} - Restart Required
HKEY_CLASSES_ROOT\PPT_Test.Application - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Userinit:C:\WINDOWS\SysWOW64\userinit.exe, - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion->Win32 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_CLASSES_ROOT\Cad.Document - Restart Required
HKEY_CLASSES_ROOT\.max - Restart Required
HKEY_CLASSES_ROOT\.max - Restart Required
HKEY_CLASSES_ROOT\Matrix.Document - Restart Required
HKEY_CLASSES_ROOT\Matrix.Document - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.max - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Matrix.Document - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Restart Required
9 Files
C:\Users\winter0614\AppData\Local\virtualstore\windows\syswow64\ntos.exe - Restart Required
C:\WINDOWS\SysWOW64\ntos.exe - Restart Required
C:\Users\winter0614\AppData\Local\virtualstore\windows\syswow64\wsnpoem\audio.dll - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem\audio.dll - Restart Required
C:\Users\winter0614\AppData\Local\virtualstore\windows\syswow64\wsnpoem\video.dll - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem\video.dll - Restart Required
C:\Users\winter0614\AppData\Local\virtualstore\windows\syswow64\wsnpoem - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem - Restart Required
e:\virus\huge\2015.4.6\[12].vir - Deleted
1 Browser Cache

SAPE.Heur.5bbc
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
8 Files
e:\virus\huge\2015.4.6\[20].vir - Deleted
e:\virus\huge\2015.4.6\[24].vir - Deleted
e:\virus\huge\2015.4.6\[58].vir - Deleted
e:\virus\huge\2015.4.6\[63].vir - Deleted
e:\virus\huge\2015.4.6\[60].vir - Deleted
e:\virus\huge\2015.4.6\[72].vir - Deleted
e:\virus\huge\2015.4.6\[80].vir - Deleted
e:\virus\huge\2015.4.6\[7].vir - Deleted
1 Browser Cache

Hacktool.Rootkit
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
10 Files
e:\virus\huge\2015.4.6\[20].vir - No Action Required
e:\virus\huge\2015.4.6\[11].vir - No Action Required
e:\virus\huge\2015.4.6\[24].vir - No Action Required
e:\virus\huge\2015.4.6\[51].vir - No Action Required
e:\virus\huge\2015.4.6\[46].vir - No Action Required
e:\virus\huge\2015.4.6\[58].vir - No Action Required
e:\virus\huge\2015.4.6\[63].vir - No Action Required
e:\virus\huge\2015.4.6\[60].vir - No Action Required
e:\virus\huge\2015.4.6\[72].vir - No Action Required
e:\virus\huge\2015.4.6\[80].vir - No Action Required
1 Browser Cache

W32.Rahack.W
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
14 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{35349B95-82D3-1178-19ED-0E5D2312F5C0} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{4D07A3BB-E9C1-7481-8379-C14405CE4DCD} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{53475B87-CB02-4419-2DC1-4E8612F021E6} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{5E1E4F4C-3C81-A456-ED6F-CFEF00B35CD8} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{A0393BD3-9009-F1C1-8DF5-39EEE2511C81} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{A29014AA-392B-AC1E-36FA-B05FB97DEAE8} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{B6792859-648C-AC46-F8D9-56668CF507D1} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{E745439E-1E9A-13D5-95A0-D1A613E0A6D3} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{EF73F216-9240-1038-74B8-50AACB1AD0B3} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{FA227F78-6081-615A-D622-9BF5805827F7} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{10013AC3-F55A-7544-91D6-AE2D72116D4F} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{58CE591C-57E3-F663-55D6-3FA18F388993} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{5F541074-2210-C411-4463-517ECA2CA91F} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{F5BBDEB9-9B94-4C43-69AB-DDB93EE50F5F} - Restart Required
1 File
e:\virus\huge\2015.4.6\[13].vir - Deleted
1 Browser Cache

W32.Wapomi.C!inf
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[17].vir - Repaired
1 Browser Cache

W32.Virut.CF
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
36 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->ConsentPromptBehaviorAdmin:5 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\->Userinit:C:\WINDOWS\SysWOW64\userinit.exe, - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\->NoRun - Deleted
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318} - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->Hidden:1 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->HideFileExt:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnabledLUA:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->TaskbarNoThumbnail:0 - Repaired
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Shell:Explorer.exe - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Shell:Explorer.exe - Repaired
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Shell:Explorer.exe - Repaired
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Shell:Explorer.exe - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Shell:Explorer.exe - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableRegistryTools:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Repaired
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NofolderOptions:0 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->SuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->SuperHidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->SuperHidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->SuperHidden:1 - Repaired
HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Windows\System\->DisableCMD:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Policies\Microsoft\Windows\System\->DisableCMD:0 - Repaired
HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\System\->DisableCMD:0 - Repaired
1 File
e:\virus\huge\2015.4.6\[21].vir - Deleted
1 Browser Cache

1 System Action

Suspicious.Cloud.2.A
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[100].vir - Deleted
1 Browser Cache

Trojan!gm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[18].vir - Deleted
1 Browser Cache

Backdoor.Ciadoor
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[18].vir - No Action Required
1 Browser Cache

W32.Ramnit!inf
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
6 Files
e:\virus\huge\2015.4.6\[14].vir - Repaired
e:\virus\huge\2015.4.6\[15].vir - Repaired
e:\virus\huge\2015.4.6\[30].vir - Repaired
e:\virus\huge\2015.4.6\[43].vir - Deleted
e:\virus\huge\2015.4.6\[41].vir - Deleted
e:\virus\huge\2015.4.6\[79].vir - Repaired
1 Browser Cache

Trojan.Gen.2
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
7 Files
e:\virus\huge\2015.4.6\[10].vir - Deleted
e:\virus\huge\2015.4.6\[48].vir - Deleted
e:\virus\huge\2015.4.6\[54].vir - Deleted
e:\virus\huge\2015.4.6\[73].vir - Deleted
e:\virus\huge\2015.4.6\[96].vir - Deleted
e:\virus\huge\2015.4.6\[95].vir - Deleted
e:\virus\huge\2015.4.6\[91].vir - Deleted
1 Browser Cache

W32.Looked.AO
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[19].vir - Repaired
1 Browser Cache

SAPE.Dropped.2f
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[11].vir - Deleted
1 Browser Cache

Infostealer.Gampass
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Partially Resolved
-----------
8 Files
C:\WINDOWS\SysWOW64\lpk32.dll->C:\WINDOWS\SysWOW64\lpk.dll - Failed
C:\WINDOWS\SysWOW64\ws3help.dll->C:\WINDOWS\SysWOW64\ws2help.dll - Failed
C:\WINDOWS\SysWOW64\ws2helpXP.dll->C:\WINDOWS\SysWOW64\ws2help.dll - Failed
C:\WINDOWS\SysWOW64\wimedump.dll->C:\WINDOWS\SysWOW64\ws2help.dll - Failed
C:\WINDOWS\SysWOW64\dllcache\wshtcpip.dll->C:\WINDOWS\SysWOW64\wshtcpip.dll - Failed
e:\virus\huge\2015.4.6\[23].vir - Deleted
e:\virus\huge\2015.4.6\[40].vir - Deleted
e:\virus\huge\2015.4.6\[84].vir - Deleted
1 Browser Cache

W32.Looked.P
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[35].vir - Repaired
1 Browser Cache

SAPE.Tibs.1
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[31].vir - Deleted
1 Browser Cache

Trojan.Packed.13
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[31].vir - No Action Required
1 Browser Cache

W32.Mydoom.gen@mm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
e:\virus\huge\2015.4.6\[32].vir - Deleted
e:\virus\huge\2015.4.6\[9].vir - Deleted
1 Browser Cache

W32.Mydoom.L@mm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
6 Registry Entries
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\POSIX - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\POSIX - No Action Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\POSIX - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\POSIX - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\POSIX - No Action Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run->Traybar - No Action Required
2 Files
e:\virus\huge\2015.4.6\[32].vir - No Action Required
e:\virus\huge\2015.4.6\[9].vir - No Action Required
1 Browser Cache

Trojan Horse
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
4 Files
e:\virus\huge\2015.4.6\[29].vir - Deleted
e:\virus\huge\2015.4.6\[39].vir - Deleted
e:\virus\huge\2015.4.6\[93].vir - Deleted
e:\virus\huge\2015.4.6\[90].vir - No Action Required
1 Browser Cache

SAPE.Heur.46c0
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[33].vir - Deleted
1 Browser Cache

Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
6 Files
e:\virus\huge\2015.4.6\[33].vir - No Action Required
e:\virus\huge\2015.4.6\[53].vir - Deleted
e:\virus\huge\2015.4.6\[5].vir - Deleted
e:\virus\huge\2015.4.6\[76].vir - Deleted
e:\virus\huge\2015.4.6\[83].vir - Deleted
e:\virus\huge\2015.4.6\[85].vir - Deleted
1 Browser Cache

W32.Mydoom!gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[34].vir - Deleted
1 Browser Cache

W32.Mydoom.M@mm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[34].vir - No Action Required
1 Browser Cache

Downloader.Upatre
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[42].vir - Deleted
1 Browser Cache

Suspicious.Cloud.2.A
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[42].vir - No Action Required
1 Browser Cache

SAPE.Rootkit.104
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
4 Files
e:\virus\huge\2015.4.6\[3].vir - Deleted
e:\virus\huge\2015.4.6\[51].vir - Deleted
e:\virus\huge\2015.4.6\[46].vir - Deleted
e:\virus\huge\2015.4.6\[4].vir - Deleted
1 Browser Cache

Trojan.Gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
6 Files
e:\virus\huge\2015.4.6\[3].vir - No Action Required
e:\virus\huge\2015.4.6\[4].vir - No Action Required
e:\virus\huge\2015.4.6\[81].vir - Deleted
e:\virus\huge\2015.4.6\[56].vir - Deleted
e:\virus\huge\2015.4.6\[7].vir - No Action Required
e:\virus\huge\2015.4.6\[94].vir - No Action Required
1 Browser Cache

W32.Looked.BK
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[44].vir - Repaired
1 Browser Cache

Backdoor.Trojan
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
e:\virus\huge\2015.4.6\[52].vir - Deleted
e:\virus\huge\2015.4.6\[8].vir - Deleted
1 Browser Cache

W32.Pinfi.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[61].vir - Deleted
1 Browser Cache

SAPE.Heur.25d7
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[62].vir - Deleted
1 Browser Cache

W32.Looked.AH
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[45].vir - Deleted
1 Browser Cache

Infostealer.Lineage
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
9 Registry Entries
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoDriveTypeAutoRun:0 - Repaired
1 File
e:\virus\huge\2015.4.6\[69].vir - Deleted
1 Browser Cache

Infostealer
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
16 Registry Entries
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\->NoFolderOptions:0 - Repaired
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoDriveTypeAutoRun:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableRegistryTools:0 - Repaired
1 File
e:\virus\huge\2015.4.6\[71].vir - Deleted
1 Browser Cache

W32.Imaut.N
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
5 Registry Entries
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NofolderOptions:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System->DisableRegistryTools:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System->DisableTaskMgr:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule->AtTaskMaxHours:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Shell:Explorer.exe - Repaired
1 File
e:\virus\huge\2015.4.6\[77].vir - Deleted
1 Browser Cache

W32.Spybot.Worm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
51 Registry Entries
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunServices\->Firewall Controls - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\RunServices\->Firewall Controls - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunServices\->Firewall Controls - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices\->Firewall Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\->Firewall Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\->246545 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\->665578 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\->7686743 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\->rrrun - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\->Microsoft Visual Application - Restart Required
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\->C:\WINDOWS\system32\dllcache\winsno.exe - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunServices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\RunServices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunServices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunServices\->Microsoft Directxsp - Restart Required
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\RunServices\->Microsoft Directxsp - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunServices\->Microsoft Directxsp - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunServices\->Microsoft Directxsp - Restart Required
HKEY_CLASSES_ROOT\CLSID\{1C047C97-CA7F-BAF1-05A4-AEBA271281ED} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\->ATI Video Driver Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\->Microsoft Directxsp - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\->ATI Video Driver Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\->Microsoft Directxsp - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\->1123 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\->112 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\->Shell:Explorer.exe - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\->Start:4 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry->Start:2 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole->EnableDCOM:Y - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->UpdatesDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control->WaitToKillServiceTimeout:20000 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->SFCDisable:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa->restrictanonymous:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccEvtMgr->Start:2 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccSetMgr->Start:2 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\navapsvc->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVRT->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVRTPEL->Start:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NAVENG->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NAVEX15->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SymEvent->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\->TransportBindName:\Device\ - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\->Start:2 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableRegistryTools:0 - Repaired
HKEY_USERS\S-1-5-21-199303550-3880348569-3445812084-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallDisableNotify:0 - Repaired
4 Files
C:\Users\winter0614\AppData\Local\Temp\1.reg - Restart Required
C:\Users\winter0614\AppData\Local\Temp\sysremove.bat - Restart Required
C:\a.bat - Restart Required
e:\virus\huge\2015.4.6\[75].vir - Deleted
1 Browser Cache

Backdoor.Darkmoon
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
2 Registry Entries
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs\Parameters->ServiceDll:%SystemRoot%\system32\rpcss.dll - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcSs\Parameters->ServiceDll:%SystemRoot%\system32\rpcss.dll - Repaired
1 File
e:\virus\huge\2015.4.6\[78].vir - Deleted
1 Browser Cache

1 System Action

SAPE.BHOUninstllr.3
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[55].vir - Deleted
1 Browser Cache

W32.Ramnit.B!inf
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
27 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\->Userinit:C:\WINDOWS\system32\userinit.exe, - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->UpdatesDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->UpdatesDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DisableNotifications:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DisableNotifications:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->EnableFirewall:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->EnableFirewall:1 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv->Start:2 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv->Start:2 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->UacDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->UacDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\->Start:2 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\->Start:2 - Repaired
1 File
e:\virus\huge\2015.4.6\[57].vir - Repaired
1 Browser Cache

Backdoor.Bifrose
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[86].vir - Deleted
1 Browser Cache

Trojan.KillAV
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[92].vir - Deleted
1 Browser Cache

W32.Unruy!gen2
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[94].vir - Deleted
1 Browser Cache

SAPE.Xtrat.1
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[87].vir - Deleted
1 Browser Cache

Trojan.Packed.28
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[89].vir - Deleted
1 Browser Cache

Backdoor.Formador
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[97].vir - Deleted
1 Browser Cache

Packed.Generic.481
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[88].vir - Deleted
1 Browser Cache

Backdoor.Pcclient
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
e:\virus\huge\2015.4.6\[98].vir - Deleted
e:\virus\huge\2015.4.6\[90].vir - Deleted
1 Browser Cache

Backdoor.Graybird!Gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.4.6\[99].vir - Deleted
1 Browser Cache

Unresolved Threats:
VOPackage
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
Categories: Security Risk
Status: Not Attempted
-----------
17 Files
C:\Users\winter0614\Desktop\My VuuPC.lnk - No action taken
C:\Users\winter0614\AppData\Local\Temp\report.txt - No action taken
C:\Users\winter0614\AppData\Local\Temp\tempfile.t - No action taken
C:\Users\winter0614\AppData\Local\virtualstore\windows\tasks\vuupcupdate.job - No action taken
C:\WINDOWS\Tasks\VuuPCUpdate.job - No action taken
C:\Users\winter0614\AppData\Local\virtualstore\windows\tasks\vuupcupdatelogin.job - No action taken
C:\WINDOWS\Tasks\VuuPCUpdateLogin.job - No action taken
C:\Users\winter0614\AppData\Local\virtualstore\windows\syswow64\tasks\vuupcupdate - No action taken
C:\WINDOWS\SysWOW64\Tasks\VuuPCUpdate - No action taken
C:\Users\winter0614\AppData\Local\virtualstore\windows\system32\tasks\vuupcupdate - No action taken
C:\WINDOWS\system32\Tasks\VuuPCUpdate - No action taken
C:\Users\winter0614\AppData\Local\virtualstore\windows\syswow64\tasks\vuupcupdatelogin - No action taken
C:\WINDOWS\SysWOW64\Tasks\VuuPCUpdateLogin - No action taken
C:\Users\winter0614\AppData\Local\virtualstore\windows\system32\tasks\vuupcupdatelogin - No action taken
C:\WINDOWS\system32\Tasks\VuuPCUpdateLogin - No action taken
C:\Users\winter0614\AppData\Local\Temp\VuuProduct.exe - No action taken
e:\virus\huge\2015.4.6\[55].vir - No action taken
4 Services
RemoteEngineService - No action taken
VuuPCConnectivity - No action taken
RemoteEngineService - No action taken
VuuPCConnectivity - No action taken
1 Browser Cache[/mw_shl_code]

显示全部楼层 · 发表于 2015-4-6 09:50:13

BAV kill 99x

显示全部楼层 · 发表于 2015-4-6 09:51:38

本帖最后由开开心心卖手机于 2015-4-6 10:51 编辑

MES在我这有错误，测不了了，编辑掉。。。

显示全部楼层 · 发表于 2015-4-6 09:56:15

本帖最后由 ericdj 于 2015-4-6 10:41 编辑

关于 [100].vir

metascan的扫描结果：https://www.metascan-online.com/en/scanresult/file/d7c768a5ab0d4224b5bc2dfe02b27bc4

哈勃的扫描结果：http://habo.qq.com/file/showdetail?pk=ADcGY11pB2YIOg==

谁给解释下这是神马病毒

目测kes10也miss了@驭龙驭龙大大快出手吧

显示全部楼层 · 发表于 2015-4-6 09:59:07

ericdj 发表于 2015-4-6 09:56
关于 [100].vir

metascan的扫描结果：https://www.metascan-online.com/en/scanresult/file/d7c768a5ab0 ...

稍后我开虚拟机去双击看蛋挞主防报不报

显示全部楼层 · 发表于 2015-4-6 10:04:14

断网

联网

开伞

[病毒样本] 精睿样本测试（15.4.6）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块