精睿样本测试（15.8.7）

ericdj

温馨小屋 发表于 2015-8-7 09:12
Symantec Norton Security
杀35个，无修复
SONAR杀30,35,16,40,15,14，7个不能运行

怎么这次NS，又是爆发了么？

尘梦幽然

SEP检测到35个威胁包含在32个文件中。

温馨小屋

ericdj 发表于 2015-8-7 10:58
怎么这次NS，又是爆发了么？

回想一下上次，别过两天又完了

ericdj

温馨小屋 发表于 2015-8-7 12:13
回想一下上次，别过两天又完了

偶赶脚有可能~~~

断簪

微点加ESS
38个

xcvbaby

百度杀毒国内版
不开BD引擎：28

[mw_shl_code=css,true]

扫描结果
扫描文件数:50
发现风险数:28
已处理风险数:28


风险情况详情:

病毒木马名:Win32.Trojan.Kryptik.sl.cav  路径:D:\我的文档\桌面\download\2015.8.7\02.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.Kryptik.bqh.cav  路径:D:\我的文档\桌面\download\2015.8.7\01.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Worm.Pronny.dek.cav  路径:D:\我的文档\桌面\download\2015.8.7\05.vir  病毒木马类型:蠕虫病毒 成功清除
病毒木马名:Win32.Trojan.Kryptik.sok.cav  路径:D:\我的文档\桌面\download\2015.8.7\07.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.Agent.uq.cav  路径:D:\我的文档\桌面\download\2015.8.7\08.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.Kryptik.wnk.cav  路径:D:\我的文档\桌面\download\2015.8.7\06.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Backdoor.Bladabindi.a.cav  路径:D:\我的文档\桌面\download\2015.8.7\13.vir  病毒木马类型:后门程序 成功清除
病毒木马名:Win32.Backdoor.Bladabindi.a.cav  路径:D:\我的文档\桌面\download\2015.8.7\17.vir  病毒木马类型:后门程序 成功清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9999.bav  路径:D:\我的文档\桌面\download\2015.8.7\14.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.Kryptik.br.cav  路径:D:\我的文档\桌面\download\2015.8.7\16.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan-Downloader.Banload.en.cav  路径:D:\我的文档\桌面\download\2015.8.7\18.vir  病毒木马类型:下载者木马 成功清除
病毒木马名:Win32.Trojan.Injector.tg.cav  路径:D:\我的文档\桌面\download\2015.8.7\19.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Worm.Ainslot.cx.cav  路径:D:\我的文档\桌面\download\2015.8.7\21.vir  病毒木马类型:蠕虫病毒 成功清除
病毒木马名:Win32.Trojan.Obfuscate.BVM30.cav  路径:D:\我的文档\桌面\download\2015.8.7\20.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan-PSW.Papras.ml.cav  路径:D:\我的文档\桌面\download\2015.8.7\23.vir  病毒木马类型:盗号木马 成功清除
病毒木马名:Win32.Trojan.Agent.f.cav  路径:D:\我的文档\桌面\download\2015.8.7\28.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Virus.Virut.a.cav  路径:D:\我的文档\桌面\download\2015.8.7\32.vir  病毒木马类型:感染型病毒 成功清除
病毒木马名:Win32.Trojan-Spy.Zbot.trol.cav  路径:D:\我的文档\桌面\download\2015.8.7\33.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.Injector.xxh.cav  路径:D:\我的文档\桌面\download\2015.8.7\36.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan-Downloader.Banload.plzs.cav  路径:D:\我的文档\桌面\download\2015.8.7\35.vir  病毒木马类型:下载者木马 成功清除
病毒木马名:Win32.Trojan.Delf.nnb.cav  路径:D:\我的文档\桌面\download\2015.8.7\39.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.Injector.tx.cav  路径:D:\我的文档\桌面\download\2015.8.7\40.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan-PSW.Tepfer.h.cav  路径:D:\我的文档\桌面\download\2015.8.7\42.vir  病毒木马类型:盗号木马 成功清除
病毒木马名:Win32.Trojan-Downloader.Banload.w.cav  路径:D:\我的文档\桌面\download\2015.8.7\47.vir  病毒木马类型:下载者木马 成功清除
病毒木马名:Win32.Trojan-PSW.LPKStart.rbj.cav  路径:D:\我的文档\桌面\download\2015.8.7\49.vir  病毒木马类型:盗号木马 成功清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9968.bav  路径:D:\我的文档\桌面\download\2015.8.7\22.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9999.bav  路径:D:\我的文档\桌面\download\2015.8.7\38.vir  病毒木马类型:恶意木马 成功清除
病毒木马名:Win32.Trojan.WisdomEyes.150305.9950.9999.bav  路径:D:\我的文档\桌面\download\2015.8.7\41.vir  病毒木马类型:恶意木马 成功清除[/mw_shl_code]

ELOHIM

尘梦幽然 发表于 2015-8-7 12:05
SEP检测到35个威胁包含在32个文件中。

哎呀，SEP来了。

aboringman

AVIRA kill 35 files and fix one file.
[mw_shl_code=css,true]Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.8.7'
C:\Documents and Settings\Administrator\桌面\2015.8.7\01.vir
  [DETECTION] Is the TR/Crypt.ZPACK.62591 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\02.vir
  [DETECTION] Is the TR/Dldr.Agent.45568.66 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\05.vir
  [DETECTION] Is the TR/Kryptik.qgmim Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\06.vir
  [DETECTION] Is the TR/Dropper.MSIL.179353 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\08.vir
  [DETECTION] Is the TR/Spy.Fosteal.A Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\09.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\11.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Agent.4897 VBS script virus
C:\Documents and Settings\Administrator\桌面\2015.8.7\12.vir
  [WARNING]   Possible archive bomb: the maximum compression ratio has been exceeded.
C:\Documents and Settings\Administrator\桌面\2015.8.7\13.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\14.vir
  [DETECTION] Is the TR/AD.Zlader.M.1 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\15.vir
  [DETECTION] Is the TR/Dropper.VB.28524 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\16.vir
  [DETECTION] Is the TR/Dropper.MSIL.180151 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\17.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\18.vir
  [DETECTION] Is the TR/Dldr.Banload.583168 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\19.vir
  [DETECTION] Is the TR/Dropper.MSIL.176999 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\20.vir
  [DETECTION] Is the TR/Obfuscated.C.597 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\21.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
C:\Documents and Settings\Administrator\桌面\2015.8.7\22.vir
  [DETECTION] Is the TR/Dropper.MSIL.180035 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\23.vir
  [DETECTION] Is the TR/Crypt.ZPACK.12564 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\24.vir
    [0] Archive type: ZIP
    --> Karachan Unlocker/Karachan Unlocker.exe
        [DETECTION] Is the TR/Dropper.Gen Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.8.7\28.vir
  [DETECTION] Is the TR/Agent.11265 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\29.vir
  [DETECTION] Contains recognition pattern of the DR/Delphi.A.5853 dropper
C:\Documents and Settings\Administrator\桌面\2015.8.7\30.vir
  [DETECTION] Contains recognition pattern of the DR/Autoit.A.11741 dropper
C:\Documents and Settings\Administrator\桌面\2015.8.7\32.vir
  [DETECTION] Contains code of the W32/Virut.Gen Windows virus
C:\Documents and Settings\Administrator\桌面\2015.8.7\33.vir
  [DETECTION] Is the TR/Spy.A.6512 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\34.vir
  [DETECTION] Contains code of the WM/Agent.2356 Word macro virus
C:\Documents and Settings\Administrator\桌面\2015.8.7\35.vir
  [DETECTION] Is the TR/Dldr.Delphi.578 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\36.vir
  [DETECTION] Is the TR/Crypt.MWPM.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\37.vir
  [DETECTION] Contains recognition pattern of the SPR/ANDR.Gizmo.6 program
C:\Documents and Settings\Administrator\桌面\2015.8.7\38.vir
  [DETECTION] Is the TR/Agent.278528.271 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\39.vir
  [DETECTION] Is the TR/ATRAPS.A.1232 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\40.vir
  [DETECTION] Is the TR/Fareit.21720417 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\42.vir
  [DETECTION] Is the TR/Kryptik.avp.8 Trojan
    [0] Archive type: Portable Executable Resource
    --> C:\Documents and Settings\Administrator\桌面\2015.8.7\44.vir
        [1] Archive type: MIME
      --> AV00000036.AV$
          [2] Archive type: OLE
        --> Object
            [DETECTION] Contains code of the W97M/ComposBin.57344 Word macro virus
            [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.8.7\44.vir
  [DETECTION] Contains code of the W97M/ComposBin.57344 Word macro virus
    --> C:\Documents and Settings\Administrator\桌面\2015.8.7\45.vir
        [1] Archive type: ZIP
      --> word/vbaProject.bin
          [DETECTION] Contains code of the W97M/Adnel.101376.A Word macro virus
          [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.8.7\45.vir
  [DETECTION] Contains code of the W97M/Adnel.101376.A Word macro virus
C:\Documents and Settings\Administrator\桌面\2015.8.7\47.vir
  [DETECTION] Is the TR/Dldr.Delphi.579 Trojan
C:\Documents and Settings\Administrator\桌面\2015.8.7\49.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan

Beginning disinfection:
C:\Documents and Settings\Administrator\桌面\2015.8.7\49.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '51a8e110.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\47.vir
  [DETECTION] Is the TR/Dldr.Delphi.579 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '493fceb5.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\45.vir
  [DETECTION] Contains code of the W97M/Adnel.101376.A Word macro virus
  [NOTE]      The file was moved to the quarantine directory under the name '1b60945b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\44.vir
  [DETECTION] Contains code of the W97M/ComposBin.57344 Word macro virus
  [NOTE]      The file was moved to the quarantine directory under the name '7d57db98.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\42.vir
  [DETECTION] Is the TR/Kryptik.avp.8 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '38d3f6a4.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\40.vir
  [DETECTION] Is the TR/Fareit.21720417 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '47c8c4cb.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\39.vir
  [DETECTION] Is the TR/ATRAPS.A.1232 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '0b70e888.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\38.vir
  [DETECTION] Is the TR/Agent.278528.271 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '7768a8d9.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\37.vir
  [DETECTION] Contains recognition pattern of the SPR/ANDR.Gizmo.6 program
  [NOTE]      The file was moved to the quarantine directory under the name '5a328797.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\36.vir
  [DETECTION] Is the TR/Crypt.MWPM.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '435abc0c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\35.vir
  [DETECTION] Is the TR/Dldr.Delphi.578 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2f06903b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\34.vir
  [DETECTION] Contains code of the WM/Agent.2356 Word macro virus
  [NOTE]      The file was moved to the quarantine directory under the name '5ebfa9af.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\33.vir
  [DETECTION] Is the TR/Spy.A.6512 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '50a5996b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\32.vir
  [DETECTION] Contains code of the W32/Virut.Gen Windows virus
  [NOTE]      The file was repaired.
C:\Documents and Settings\Administrator\桌面\2015.8.7\30.vir
  [DETECTION] Contains recognition pattern of the DR/Autoit.A.11741 dropper
  [NOTE]      The file was moved to the quarantine directory under the name '158ce027.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\29.vir
  [DETECTION] Contains recognition pattern of the DR/Delphi.A.5853 dropper
  [NOTE]      The file was moved to the quarantine directory under the name '1c87e77b.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\28.vir
  [DETECTION] Is the TR/Agent.11265 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '44c6fded.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\24.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '68328422.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\23.vir
  [DETECTION] Is the TR/Crypt.ZPACK.12564 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '56cce4ff.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\22.vir
  [DETECTION] Is the TR/Dropper.MSIL.180035 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '35c2cf8d.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\21.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
  [NOTE]      The file was moved to the quarantine directory under the name '130a8f93.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\20.vir
  [DETECTION] Is the TR/Obfuscated.C.597 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '219ef437.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\19.vir
  [DETECTION] Is the TR/Dropper.MSIL.176999 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2bdbdcb0.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\18.vir
  [DETECTION] Is the TR/Dldr.Banload.583168 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1488b8f4.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\17.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '6aa4b72c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\16.vir
  [DETECTION] Is the TR/Dropper.MSIL.180151 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '3fdcb3e6.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\15.vir
  [DETECTION] Is the TR/Dropper.VB.28524 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '324ac2cd.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\14.vir
  [DETECTION] Is the TR/AD.Zlader.M.1 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2e17d6c5.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\13.vir
  [DETECTION] Is the TR/ATRAPS.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1fc49b0c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\11.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Agent.4897 VBS script virus
  [NOTE]      The file was moved to the quarantine directory under the name '73928f38.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\09.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '3a08a9c7.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\08.vir
  [DETECTION] Is the TR/Spy.Fosteal.A Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '619da116.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\06.vir
  [DETECTION] Is the TR/Dropper.MSIL.179353 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '072fae01.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\05.vir
  [DETECTION] Is the TR/Kryptik.qgmim Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '50a1dca8.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\02.vir
  [DETECTION] Is the TR/Dldr.Agent.45568.66 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '72d18bd9.qua'!
C:\Documents and Settings\Administrator\桌面\2015.8.7\01.vir
  [DETECTION] Is the TR/Crypt.ZPACK.62591 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1ac1f14e.qua'!


End of the scan: 2015年8月7日  13:44
Used time: 00:14 Minute(s)

The scan has been done completely.

      1 Scanned directories
    134 Files were scanned
     38 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      1 Viruses and unwanted programs were repaired
     35 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
     96 Files not concerned
     17 Archives were scanned
      4 Warnings
     36 Notes
[/mw_shl_code]

修复的那个又报壳杀掉了
[mw_shl_code=css,true]C:\Documents and Settings\Administrator\桌面\2015.8.7\32.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

Beginning disinfection:
C:\Documents and Settings\Administrator\桌面\2015.8.7\32.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '51a8e2cf.qua'!
[/mw_shl_code]

libraboy

360ts  40

Ehanh

360安全卫士杀30个