收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(15.8.1)
123下一页
返回列表 发新帖
查看: 4498|回复: 20
收起左侧

[病毒样本] 精睿样本测试(15.8.1)

[复制链接]
Flying_Bird
发表于 2015-8-1 09:39:15 | 显示全部楼层 |阅读模式
地址:  

http://kuai.xunlei.com/d/zuh.AcVBskK7VQQAb0c

http://pan.baidu.com/s/1dD54y4p 提取密码  ca8s

  
密码:bbs.vc52.cn
数量:50
回复

举报

欧阳宣
头像被屏蔽
发表于 2015-8-1 09:56:18 | 显示全部楼层
本帖最后由 欧阳宣 于 2015-8-1 10:17 编辑

bitdefender
检测33个,修复6个。
[mw_shl_code=css,true]File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\Plugin\pw.dll Trojan.Generic.9700000 Moved to Quarantine
File: E:\Virus\huge\2015.8.1\49.vir Trojan.GenericKD.2608302 Deleted
File: E:\Virus\huge\2015.8.1\23.vir Trojan.Generic.14873991 Deleted
File: E:\Virus\huge\2015.8.1\05.vir Trojan.JS.Downloader.CDM Deleted
File: E:\Virus\huge\2015.8.1\47.vir Gen:Variant.Symmi.15229 Deleted
File: E:\Virus\huge\2015.8.1\29.vir Trojan.GenericKD.2608062 Deleted
File: E:\Virus\huge\2015.8.1\02.vir Trojan.GenericKDZ.29536 Deleted
File: E:\Virus\huge\2015.8.1\20.vir Trojan.GenericKD.2608252 Deleted
File: E:\Virus\huge\2015.8.1\34.vir=>Invoice #939385.js Trojan.JS.Downloader.CDM Deleted
File: E:\Virus\huge\2015.8.1\46.vir Gen:Variant.Symmi.15229 Deleted
File: E:\Virus\huge\2015.8.1\01.vir Trojan.GenericKD.2608033 Deleted
File: E:\Virus\huge\2015.8.1\18.vir=>emailflood/Mail3r.exe Trojan.GenericKD.2607880 Deleted
File: E:\Virus\huge\2015.8.1\07.vir Trojan.Agent.BLMT Deleted
File: E:\Virus\huge\2015.8.1\25.vir Gen:Variant.Symmi.51130 Deleted
File: E:\Virus\huge\2015.8.1\43.vir Gen:Variant.Kazy.351236 Deleted
File: E:\Virus\huge\2015.8.1\42.vir=>res=>raw=>g=>META-INF/CERT.RSA Android.Trojan.Banker.AN Deleted
File: E:\Virus\huge\2015.8.1\06.vir Trojan.Doc.Downloader.EE Deleted
File: E:\Virus\huge\2015.8.1\03.vir Gen:Variant.Kazy.344059 Deleted
File: E:\Virus\huge\2015.8.1\42.vir=>META-INF/CERT.RSA Android.Trojan.Dropper.Q Deleted
File: E:\Virus\huge\2015.8.1\33.vir Trojan.GenericKD.2530650 Deleted
File: E:\Virus\huge\2015.8.1\14.vir=>(Extracted-Dropped 0) Worm.VBS.Dunihi.BC Moved to Quarantine
File: E:\Virus\huge\2015.8.1\21.vir=>doc_鈩?4958221.scr Trojan.Upatre.FC Deleted
File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\njRAT.exe Gen:Variant.Kazy.255536 Moved to Quarantine
File: E:\Virus\huge\2015.8.1\26.vir Trojan.GenericKD.2606056 Deleted
File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\Plugin\cam.dll Gen:Variant.Kazy.97400 Moved to Quarantine
File: E:\Virus\huge\2015.8.1\12.vir Generic.Malware.SI!FV!g.DB110350 Deleted
File: E:\Virus\huge\2015.8.1\27.vir Trojan.GenericKD.2601993 Deleted
File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\Plugin\ch.dll Gen:Variant.Kazy.183337 Moved to Quarantine
File: E:\Virus\huge\2015.8.1\04.vir Trojan.GenericKD.2608915 Deleted
File: E:\Virus\huge\2015.8.1\22.vir Trojan.GenericKD.2604569 Deleted
File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\Plugin\fm.dll Trojan.Generic.9894049 Moved to Quarantine
File: E:\Virus\huge\2015.8.1\19.vir Trojan.Agent.BKQM Deleted
File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\Plugin\Mic.dll Trojan.Generic.9891153 Moved to Quarantine
File: E:\Virus\huge\2015.8.1\17.vir Gen:Variant.Barys.1094 Deleted
File: E:\Virus\huge\2015.8.1\32.vir=>njRAT 0.6.4\Plugin\sc2.dll Gen:Variant.Kazy.254785 Moved to Quarantine [/mw_shl_code]
回复

举报

尘梦幽然
发表于 2015-8-1 09:59:36 | 显示全部楼层

趋势科技简中10

本帖最后由 尘梦幽然 于 2015-8-1 10:39 编辑

[mw_shl_code=css,true]TROJ_GOLBLA.SMA        威胁        C:\Users\simplr\Desktop\2015.8.1\02.vir        已移除
TROJ_GOLOROTED.XYUO        威胁        C:\Users\simplr\Desktop\2015.8.1\04.vir        已移除
W2KM_BARTALEX.XYUO        威胁        C:\Users\simplr\Desktop\2015.8.1\06.vir        已移除
W2KM_BARTALEX.XYUO        威胁        C:\Users\simplr\Desktop\2015.8.1\07.vir        已移除
W2KM_BARTALEX.SMO        威胁        C:\Users\simplr\Desktop\2015.8.1\13.vir        已移除
TSPY_SPATET.SMT        威胁        C:\Users\simplr\Desktop\2015.8.1\19.vir        已移除
Mal_Dunihi        病毒        C:\Users\simplr\Desktop\2015.8.1\14.vir        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\a\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\b\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\c\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\Main.class        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
W2KM_BARTALEX.XYUN        威胁        C:\Users\simplr\Desktop\2015.8.1\30.vir        已移除
TROJ_PROXY.UK        威胁        C:\Users\simplr\Desktop\2015.8.1\43.vir        已移除
TROJ_GEN.R047C0DGU15        病毒        C:\Users\simplr\Desktop\2015.8.1\25.vir        已移除
TROJ_GEN.R08NC0OFU15        病毒        C:\Users\simplr\Desktop\2015.8.1\33.vir        已移除
TROJ_GEN.R021C0DF415        病毒        C:\Users\simplr\Desktop\2015.8.1\46.vir        已移除
MEM_Gen.000140        威胁        C:\Users\simplr\Desktop\2015.8.1\12.vir        已移除
TROJ_GEN.R00JC0PLS13        病毒        C:\Users\simplr\Desktop\2015.8.1\32.vir\njRAT 0.6.4\Plugin\sc2.dll        已移除
HKTL_PWDUMP        C:\Users\simplr\Desktop\2015.8.1\16.vir        已移除[/mw_shl_code]

评分

参与人数 1人气 +1 收起 理由
wjy19800315 + 1 rq回复,送还!

查看全部评分

回复

举报

Flying_Bird
 楼主| 发表于 2015-8-1 10:02:16 | 显示全部楼层
本帖最后由 Flying_Bird 于 2015-8-1 10:27 编辑

ESS-CH deleted 38x, repaired 3x and missed 9x
[mw_shl_code=xml,true]\2015.8.1\01.vir - MSIL/Kryptik.DBO 特洛伊木马 的变种
\2015.8.1\02.vir - MSIL/Injector.KWT 特洛伊木马 的变种
\2015.8.1\03.vir - Win32/Spy.Zbot.AAU 特洛伊木马
\2015.8.1\04.vir - Generik.EMCGSAK 特洛伊木马 的变种
\2015.8.1\05.vir - JS/TrojanDownloader.Nemucod.AA 特洛伊木马
\2015.8.1\06.vir - VBA/TrojanDownloader.Agent.YU 特洛伊木马
\2015.8.1\07.vir - VBA/TrojanDownloader.Agent.YU 特洛伊木马
\2015.8.1\12.vir - Win32/Dorkbot.B 蠕虫
\2015.8.1\13.vir > MSOXML > editdata.mso - VBA/TrojanDownloader.Agent.XU 特洛伊木马
\2015.8.1\14.vir - VBS/Kryptik.I 特洛伊木马
\2015.8.1\17.vir - MSIL/Injector.KJP 特洛伊木马 的变种
\2015.8.1\18.vir > ZIP > emailflood/Mail3r.exe - MSIL/Kryptik.DBO 特洛伊木马 的变种
\2015.8.1\19.vir - Win32/Spatet.I 特洛伊木马
\2015.8.1\20.vir > ZIP > 2.rar > RAR > Spt-Net  v2.6\Spt-Net  v2.6\Spt-Net  v2.6\SpyNet 2.6.0.EXE > CAB > SPYNET~1.EXE - MSIL/Injector.BLF 特洛伊木马 的变种
\2015.8.1\20.vir > ZIP > 2.rar > RAR > Spt-Net  v2.6\Spt-Net  v2.6\Spt-Net  v2.6\SpyNet 2.6.0.EXE > CAB > SPYNET~2.EXE - MSIL/Bladabindi.O 特洛伊木马 的变种
\2015.8.1\20.vir > ZIP > 1.exe - MSIL/TrojanDropper.Agent.BWB 特洛伊木马 的变种
\2015.8.1\21.vir > ZIP > doc_№44958221.scr - Win32/TrojanDownloader.Waski.X 特洛伊木马
\2015.8.1\22.vir - Win32/Kryptik.DRXR 特洛伊木马 的变种
\2015.8.1\23.vir - MSIL/Packed.NetSeal.A 可疑应用程序 的变种
\2015.8.1\25.vir - Win32/Kryptik.DRPU 特洛伊木马 的变种
\2015.8.1\26.vir - Win32/TrojanDownloader.Banload.WDZ 特洛伊木马
\2015.8.1\27.vir - MSIL/Injector.FPT 特洛伊木马 的变种
\2015.8.1\28.vir > ZIP > a/RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiIiiIiIII.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > b/RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiIiiIiIII.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > c/RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiIiiIiIII.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiIiiIiIII.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > Main.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiIiIiIIii.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiiiiiiiiI.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALiiiiIiiIII.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\28.vir > ZIP > RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZuaVYMCNU7DDCJHngb6cOALIiIIiiiiii.class - Java/Adwind.HH 特洛伊木马
\2015.8.1\29.vir > PECompact v2.xx - Win32/Spy.Banker.ACDG 特洛伊木马 的变种
\2015.8.1\30.vir - VBA/TrojanDownloader.Agent.YU 特洛伊木马
\2015.8.1\31.vir - MSIL/Packed.Confuser.P 可疑应用程序 的变种
\2015.8.1\32.vir > RAR > njRAT 0.6.4\njRAT.exe - MSIL/Bladabindi.AN 特洛伊木马
\2015.8.1\32.vir > RAR > njRAT 0.6.4\Plugin\cam.dll - MSIL/Bladabindi.U 特洛伊木马 的变种
\2015.8.1\32.vir > RAR > njRAT 0.6.4\Plugin\ch.dll - MSIL/Bladabindi.U 特洛伊木马
\2015.8.1\32.vir > RAR > njRAT 0.6.4\Plugin\fm.dll - MSIL/Bladabindi.U 特洛伊木马 的变种
\2015.8.1\32.vir > RAR > njRAT 0.6.4\Plugin\Mic.dll - MSIL/Bladabindi.U 特洛伊木马
\2015.8.1\32.vir > RAR > njRAT 0.6.4\Plugin\pw.dll - MSIL/Spy.Agent.QN 特洛伊木马 的变种
\2015.8.1\32.vir > RAR > njRAT 0.6.4\Plugin\sc2.dll - MSIL/Bladabindi.U 特洛伊木马 的变种
\2015.8.1\33.vir - MSIL/Kryptik.DBL 特洛伊木马 的变种
\2015.8.1\34.vir > ZIP > Invoice #939385.js - JS/TrojanDownloader.Nemucod.AA 特洛伊木马
\2015.8.1\35.vir - Win32/TrojanDownloader.Banload.WED 特洛伊木马 的变种
\2015.8.1\36.vir - MSIL/Packed.Confuser.P 可疑应用程序 的变种
\2015.8.1\37.vir > ZIP > 2.rar > RAR > ÅoßoűPPo¬¬¥oÅoCPÅu¬‘§±¥ŬűÅPCIt¬¬Hߥ߬′¬Å¥¥Å…¥Ps¾Å¥oïCOPÅP.exe - MSIL/Packed.Confuser.P 可疑应用程序 的变种
\2015.8.1\37.vir > ZIP > Amanda NUDES/彠岌忨PPИP弖?躐緩獜駨PCI绐狧峋岐铼従緩.綪s髲晶婥OP廝.exe - MSIL/Packed.Confuser.P 可疑应用程序 的变种
\2015.8.1\37.vir > ZIP > 1.exe - MSIL/TrojanDropper.Agent.BWB 特洛伊木马 的变种
\2015.8.1\38.vir - JS/Kryptik.AB 特洛伊木马
\2015.8.1\39.vir - MSIL/GameHack.KE 潜在的不安全应用程序 的变种
\2015.8.1\42.vir > ZIP > res/raw/g > ZIP > res/raw/org - Android/Spy.Banker.BV 特洛伊木马 的变种
\2015.8.1\42.vir > ZIP > classes.dex - Android/TrojanDropper.Agent.BG 特洛伊木马 的变种
\2015.8.1\43.vir - Win32/TrojanProxy.Agent.NVS 特洛伊木马 的变种
\2015.8.1\44.vir - MSIL/Injector.LDT 特洛伊木马 的变种
\2015.8.1\45.vir - MSIL/Packed.Confuser.P 可疑应用程序 的变种
\2015.8.1\46.vir - Win32/Spatet.A 特洛伊木马
\2015.8.1\47.vir - Win32/Injector.CBZM 特洛伊木马 的变种
\2015.8.1\48.vir - Win32/Filecoder.CR 特洛伊木马
\2015.8.1\49.vir > ZIP > 2.rar > RAR > Spycronic\Spycronic.exe - Win32/Spatet.C 特洛伊木马 的变种
\2015.8.1\49.vir > ZIP > 1.exe - MSIL/TrojanDropper.Agent.BWB 特洛伊木马 的变种
\2015.8.1\50.vir - MSIL/Packed.Confuser.P 可疑应用程序 的变种[/mw_shl_code]
回复

举报

尘梦幽然
发表于 2015-8-1 10:33:28 | 显示全部楼层

趋势科技国际10

本帖最后由 尘梦幽然 于 2015-8-1 11:02 编辑

[mw_shl_code=css,true]TROJ_GOLBLA.SMA        安全威脅        C:\Users\simplr\Desktop\2015.8.1\02.vir        已移除
TROJ_GEN.R047C0DGV15        病毒        C:\Users\simplr\Desktop\2015.8.1\03.vir        已移除
TSPY_FAREIT.XYUO        安全威脅        C:\Users\simplr\Desktop\2015.8.1\04.vir        已移除
W2KM_BARTALEX.XYUO        安全威脅        C:\Users\simplr\Desktop\2015.8.1\06.vir        已移除
W2KM_BARTALEX.XYUO        安全威脅        C:\Users\simplr\Desktop\2015.8.1\07.vir        已移除
W2KM_BARTALEX.SMO        安全威脅        C:\Users\simplr\Desktop\2015.8.1\13.vir        已移除
TSPY_SPATET.SMT        安全威脅        C:\Users\simplr\Desktop\2015.8.1\19.vir        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\a\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\b\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\c\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\Main.class        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        安全威脅        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
W2KM_BARTALEX.XYUN        安全威脅        C:\Users\simplr\Desktop\2015.8.1\30.vir        已移除
TROJ_PROXY.UK        安全威脅        C:\Users\simplr\Desktop\2015.8.1\43.vir        已移除
Mal_Dunihi        病毒        C:\Users\simplr\Desktop\2015.8.1\14.vir        已移除
TROJ_GEN.R047C0DGU15        病毒        C:\Users\simplr\Desktop\2015.8.1\25.vir        已移除
TROJ_GEN.R08NC0OFU15        病毒        C:\Users\simplr\Desktop\2015.8.1\33.vir        已移除
TROJ_GEN.R0E9C0DGU15        病毒        C:\Users\simplr\Desktop\2015.8.1\35.vir        已移除
TROJ_GEN.R03EC0DGV15        病毒        C:\Users\simplr\Desktop\2015.8.1\36.vir        已移除
TROJ_GEN.R021C0DF415        病毒        C:\Users\simplr\Desktop\2015.8.1\46.vir        已移除
TROJ_GEN.R03EC0PGV15        病毒        C:\Users\simplr\Desktop\2015.8.1\47.vir        已移除
TROJ_GEN.R047C0RGV15        病毒        C:\Users\simplr\Desktop\2015.8.1\49.vir        已移除
TROJ_UPATRE.SMJTU        安全威脅        C:\Users\simplr\Desktop\2015.8.1\21.vir\doc_鈩?4958221.scr        已移除
MEM_Gen.000140        安全威脅        C:\Users\simplr\Desktop\2015.8.1\12.vir        已移除
TROJ_GEN.R047C0CGJ15        病毒        C:\Users\simplr\Desktop\2015.8.1\32.vir\njRAT 0.6.4\Plugin\fm.dll        已移除
TROJ_SPNR.3AHR14        安全威脅        C:\Users\simplr\Desktop\2015.8.1\32.vir\njRAT 0.6.4\Plugin\Mic.dll        已移除
TROJ_SPNR.3AJK13        安全威脅        C:\Users\simplr\Desktop\2015.8.1\32.vir\njRAT 0.6.4\Plugin\pw.dll        已移除
TROJ_SPNV.03CA14        安全威脅        C:\Users\simplr\Desktop\2015.8.1\32.vir\njRAT 0.6.4\Plugin\sc2.dll        已移除
HKTL_PWDUMP        C:\Users\simplr\Desktop\2015.8.1\16.vir        已移除
HKTL_RATNJ        C:\Users\simplr\Desktop\2015.8.1\32.vir        已移除[/mw_shl_code]
回复

举报

尘梦幽然
发表于 2015-8-1 11:21:53 | 显示全部楼层

趋势科技简中8.0

本帖最后由 尘梦幽然 于 2015-8-1 11:24 编辑

[mw_shl_code=css,true]TROJ_GOLBLA.SMA        威胁        C:\Users\simplr\Desktop\2015.8.1\02.vir        已移除
TROJ_GOLOROTED.XYUO        威胁        C:\Users\simplr\Desktop\2015.8.1\04.vir        已移除
W2KM_BARTALEX.XYUO        威胁        C:\Users\simplr\Desktop\2015.8.1\06.vir        已移除
W2KM_BARTALEX.XYUO        威胁        C:\Users\simplr\Desktop\2015.8.1\07.vir        已移除
TROJ_PROXY.UK        威胁        C:\Users\simplr\Desktop\2015.8.1\43.vir        已移除
W2KM_BARTALEX.SMO        威胁        C:\Users\simplr\Desktop\2015.8.1\13.vir        已移除
TSPY_SPATET.SMT        威胁        C:\Users\simplr\Desktop\2015.8.1\19.vir        已移除
W2KM_BARTALEX.XYUN        威胁        C:\Users\simplr\Desktop\2015.8.1\30.vir        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\a\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\b\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\c\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChc        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\Main.class        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
TROJ_GEN.R021C0DF415        恶意软件        C:\Users\simplr\Desktop\2015.8.1\46.vir        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
JAVA_ADWIND.CG        威胁        C:\Users\simplr\Desktop\2015.8.1\28.vir\RRMq0vPQRIVr1iT5haMPpP5PlmbY9P2HfYq79oZI7t3pSKMVD5D8qfj62zhy69viayX69sTPQQmGSgoFFogRapKA6cdakTIhXhcRSnz7dyuGP4cdMSA5BzLITIe7f2vnKLEVSTx9cE81y0fCLoODxAWQkbMjMtPKDz8VLSXQB06Fps2DeW85T185wOt2CfCJLnYObkRJ1KSpI03b552BrHP1h0bbwBfYHObdEH35X0H1dvoPAXUfALz7PbKSugChcZu        已移除
Mal_Dunihi        恶意软件        C:\Users\simplr\Desktop\2015.8.1\14.vir        已移除
TROJ_GEN.R08NC0OFU15        恶意软件        C:\Users\simplr\Desktop\2015.8.1\33.vir        已移除
TROJ_GEN.R047C0DGU15        恶意软件        C:\Users\simplr\Desktop\2015.8.1\25.vir        已移除
TROJ_GEN.R047C0DGU15        恶意软件        C:\Users\simplr\Desktop\2015.8.1\25.vir        已移除
MEM_Gen.000140        威胁        C:\Users\simplr\Desktop\2015.8.1\12.vir        已移除
HKTL_PWDUMP        C:\Users\simplr\Desktop\2015.8.1\16.vir        已移除
HKTL_RATNJ        C:\Users\simplr\Desktop\2015.8.1\32.vir        已移除[/mw_shl_code]
回复

举报

欧阳宣
头像被屏蔽
发表于 2015-8-1 12:22:37 | 显示全部楼层
本帖最后由 欧阳宣 于 2015-8-1 12:28 编辑

norton
扫描检测18个,剩余有请双击党。
[mw_shl_code=css,true]Resolved Threats:
Trojan Horse
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.8.1\11.vir - Deleted


Risks in compressed file "32.vir"
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
7 Files
[sc2.dll] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved
[pw.dll] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved
[mic.dll] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved
[fm.dll] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved
[ch.dll] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved
[cam.dll] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved
[njrat.exe] inside of [e:\virus\huge\2015.8.1\32.vir] - Fully Resolved


W97M.Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
4 Files
e:\virus\huge\2015.8.1\07.vir - Deleted
e:\virus\huge\2015.8.1\06.vir - Deleted
e:\virus\huge\2015.8.1\30.vir - Deleted
e:\virus\huge\2015.8.1\13.vir - Deleted
1 Browser Cache



Trojan.Zbot
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Restart Required
-----------
41 Registry Entries
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\gHcq8R9 - Restart Required
HKEY_USERS\S-1-5-19\Software\gHcq8R9 - Restart Required
HKEY_USERS\S-1-5-20\Software\gHcq8R9 - Restart Required
HKEY_USERS\.DEFAULT\Software\gHcq8R9 - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DE7CBE17-0368-40E2-8357-1639DA027BAB} - Restart Required
HKEY_CLASSES_ROOT\PPT_Test.Application - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Userinit:C:\WINDOWS\SysWOW64\userinit.exe, - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion->Win32 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_CLASSES_ROOT\Cad.Document - Restart Required
HKEY_CLASSES_ROOT\.max - Restart Required
HKEY_CLASSES_ROOT\.max - Restart Required
HKEY_CLASSES_ROOT\Matrix.Document - Restart Required
HKEY_CLASSES_ROOT\Matrix.Document - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.max - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Matrix.Document - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Restart Required
9 Files
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\ntos.exe - Restart Required
C:\WINDOWS\SysWOW64\ntos.exe - Restart Required
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\wsnpoem\audio.dll - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem\audio.dll - Restart Required
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\wsnpoem\video.dll - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem\video.dll - Restart Required
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\wsnpoem - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem - Restart Required
e:\virus\huge\2015.8.1\03.vir - Deleted
1 Browser Cache



Trojan.Gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
5 Files
e:\virus\huge\2015.8.1\02.vir - Deleted
e:\virus\huge\2015.8.1\23.vir - Deleted
e:\virus\huge\2015.8.1\43.vir - Deleted
e:\virus\huge\2015.8.1\46.vir - Deleted
e:\virus\huge\2015.8.1\33.vir - Deleted
1 Browser Cache



W32.Spyrat
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Restart Required
-----------
22 Registry Entries
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\INFCT K.L - Restart Required
HKEY_USERS\S-1-5-19\Software\INFCT K.L - Restart Required
HKEY_USERS\S-1-5-20\Software\INFCT K.L - Restart Required
HKEY_USERS\.DEFAULT\Software\INFCT K.L - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{XHIY7M7P-0CD3-6O7E-G1JR-5IQV0C3J3D2P} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5257J270-BCY8-B212-I8RM-O658CNV82K28} - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Louka78 - Restart Required
HKEY_USERS\S-1-5-19\Software\Louka78 - Restart Required
HKEY_USERS\S-1-5-20\Software\Louka78 - Restart Required
HKEY_USERS\.DEFAULT\Software\Louka78 - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\lolzer - Restart Required
HKEY_USERS\S-1-5-19\Software\lolzer - Restart Required
HKEY_USERS\S-1-5-20\Software\lolzer - Restart Required
HKEY_USERS\.DEFAULT\Software\lolzer - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\--((Mutex))-- - Restart Required
HKEY_USERS\S-1-5-19\Software\--((Mutex))-- - Restart Required
HKEY_USERS\S-1-5-20\Software\--((Mutex))-- - Restart Required
HKEY_USERS\.DEFAULT\Software\--((Mutex))-- - Restart Required
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\XtremeRAT - Restart Required
HKEY_USERS\S-1-5-19\Software\XtremeRAT - Restart Required
HKEY_USERS\S-1-5-20\Software\XtremeRAT - Restart Required
HKEY_USERS\.DEFAULT\Software\XtremeRAT - Restart Required
1 File
e:\virus\huge\2015.8.1\19.vir - Deleted
1 Browser Cache



Trojan Horse
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.8.1\15.vir - Deleted
1 Browser Cache



Pwdump
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Security Assessment Tool
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.8.1\16.vir - Deleted
1 Browser Cache



Infostealer.Bancos
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
3 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->UacDisableNotify:0 - Repaired
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN->iexplore.exe:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Repaired
1 File
e:\virus\huge\2015.8.1\26.vir - Deleted
1 Browser Cache



Infostealer.Limitail
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
6 Registry Entries
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_USERS\S-1-5-21-1864693499-3227222065-3676373339-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
1 File
e:\virus\huge\2015.8.1\36.vir - Deleted
1 Browser Cache



Trojan!gm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.8.1\12.vir - Deleted
1 Browser Cache



W32.IRCBot.NG
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
e:\virus\huge\2015.8.1\12.vir - No Action Required
1 Browser Cache[/mw_shl_code]
回复

举报

蓝天二号
发表于 2015-8-1 13:33:17 | 显示全部楼层
KIS

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

xcvbaby
发表于 2015-8-1 13:35:18 | 显示全部楼层
金山毒霸:16                               百度杀毒国内版         不开比特梵德引擎:又是26

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

神迹般存在
发表于 2015-8-1 15:56:46 | 显示全部楼层
KIS killed 39X.
Have sent to KL,
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-22 02:20 , Processed in 0.137488 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表