收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(15.8.23)
12345下一页
返回列表 发新帖
楼主: 神迹般存在
 收起左侧

[病毒样本] 精睿样本测试(15.8.23)

  [复制链接]
hooyuan
发表于 2015-8-23 10:26:18 | 显示全部楼层
本帖最后由 hooyuan 于 2015-8-23 10:32 编辑

360TSE


[mw_shl_code=html,true]360 Total Security扫描日志

扫描时间:2015-08-23 10:29:24
扫描用时:00:00:07
扫描项目总数:50
威胁总数:24
处理威胁数:24

扫描选项
----------------------
扫描压缩包:否
常规引擎设置:未开启小红伞和Bitdefender引擎

扫描内容
----------------------
C:\Documents and Settings\Administrator\桌面\2015.8.23\

扫描结果
======================
高风险项目
----------------------
C:\Documents and Settings\Administrator\桌面\2015.8.23\01.vir        HEUR/QVM20.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\02.vir        HEUR/QVM19.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\03.vir        HEUR/QVM08.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\04.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\06.vir        HEUR/QVM06.2.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\09.vir        Win32/Trojan.Ransom.28d        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\11.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\14.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\25.vir        Win32/Trojan.2dd        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\27.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\30.vir        HEUR/QVM10.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\32.vir        Win32/Trojan.BO.e3a        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\35.vir        HEUR/QVM10.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\37.vir        HEUR/QVM05.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\38.vir        Malware.Radar05.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\39.vir        HEUR/QVM07.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\41.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\42.vir        HEUR/QVM07.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\47.vir        HEUR/QVM11.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\49.vir        HEUR/QVM10.1.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\15.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\26.vir        HEUR/QVM36.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\36.vir        HEUR/QVM03.0.Malware.Gen        已处理
C:\Documents and Settings\Administrator\桌面\2015.8.23\40.vir        HEUR/QVM03.0.Malware.Gen        已处理
[/mw_shl_code]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

230f4
发表于 2015-8-23 10:27:29 来自手机 | 显示全部楼层
nick20010117 发表于 2015-8-23 10:14
从来没有中过,ZeroAccess都是实机测试的

你的电脑里什么都没有吗,装了影子?
回复

举报

nick20010117
发表于 2015-8-23 10:33:42 | 显示全部楼层
230f4 发表于 2015-8-23 10:27
你的电脑里什么都没有吗,装了影子?


只有ghost和蛋挞
蛋挞za主防刚好成功拦截
回复

举报

nick20010117
发表于 2015-8-23 10:37:38 | 显示全部楼层
欧阳宣 发表于 2015-8-23 09:26
f-secure
检测24个,修复1个。
[mw_shl_code=css,true]结果: 找到 27 恶意软件

能否更新病毒库后再测,我这边蛋挞bdkill29x
回复

举报

欧阳宣
头像被屏蔽
发表于 2015-8-23 11:04:14 | 显示全部楼层
nick20010117 发表于 2015-8-23 10:37
能否更新病毒库后再测,我这边蛋挞bdkill29x

多检测的那几个有可能是b引擎检测的
回复

举报

共和时代
发表于 2015-8-23 12:00:11 | 显示全部楼层
红伞free


扫描结束时间: 2015年8月23日  11:15
已用时间: 00:00 分钟

扫描完毕.

      1 已扫描目录
    123 已扫描文件
     34 发现病毒和/或恶意程序
      0 文件被划定为可疑
      0 个文件已删除
      0 病毒和恶意程序已修复
     26 文件已移到隔离区
      0 文件已重命名
      0 无法扫描的文件
     89 不关心的文件
     20 存档已扫描
     16 警告
     26 说明
回复

举报

cxy密斯
发表于 2015-8-23 12:11:39 | 显示全部楼层
[mw_shl_code=css,true]
Dr.Web Scanner SE for Windows v9.1.3.08170

Start scanning

C:\Users\Shiloh\Desktop\2015.8.23\01.vir:Zone.Identifier - Ok - 8ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\02.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\02.vir - packed by FLY-CODE
C:\Users\Shiloh\Desktop\2015.8.23\01.vir - infected with Trojan.Encoder.567
C:\Users\Shiloh\Desktop\2015.8.23\01.vir - infected - 405ms, 607018 bytes
C:\Users\Shiloh\Desktop\2015.8.23\03.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>>C:\Users\Shiloh\Desktop\2015.8.23\02.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\02.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\02.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\02.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\02.vir - container - 430ms, 1536 bytes
C:\Users\Shiloh\Desktop\2015.8.23\04.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\05.vir is JS-HTML container
>>C:\Users\Shiloh\Desktop\2015.8.23\05.vir\JSTAG_1[2d][1514] - packed by JSPACK
C:\Users\Shiloh\Desktop\2015.8.23\05.vir\JSTAG_1[2d][1514] - probably infected with SCRIPT.Virus
C:\Users\Shiloh\Desktop\2015.8.23\05.vir\JSTAG_1[2d][1514] - infected
C:\Users\Shiloh\Desktop\2015.8.23\05.vir - infected container
C:\Users\Shiloh\Desktop\2015.8.23\05.vir - infected container - 38ms, 5467 bytes
C:\Users\Shiloh\Desktop\2015.8.23\05.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\03.vir - Ok - 574ms, 552960 bytes
C:\Users\Shiloh\Desktop\2015.8.23\06.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\07.vir - infected with X97M.MulDrop.13
C:\Users\Shiloh\Desktop\2015.8.23\07.vir - infected - 7ms, 626176 bytes
C:\Users\Shiloh\Desktop\2015.8.23\07.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\08.vir is JS-HTML container
>>C:\Users\Shiloh\Desktop\2015.8.23\08.vir\JSTAG_1[17][44d] - packed by JSPACK
C:\Users\Shiloh\Desktop\2015.8.23\08.vir\JSTAG_1[17][44d] - probably infected with SCRIPT.Virus
C:\Users\Shiloh\Desktop\2015.8.23\08.vir\JSTAG_1[17][44d] - infected
C:\Users\Shiloh\Desktop\2015.8.23\08.vir - infected container
C:\Users\Shiloh\Desktop\2015.8.23\08.vir - infected container - 27ms, 1150 bytes
C:\Users\Shiloh\Desktop\2015.8.23\08.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\04.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\04.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\04.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\04.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\04.vir - container - 492ms, 588800 bytes
C:\Users\Shiloh\Desktop\2015.8.23\09.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\06.vir is RAR archive
C:\Users\Shiloh\Desktop\2015.8.23\06.vir\ARO.exe - Ok
C:\Users\Shiloh\Desktop\2015.8.23\06.vir\aross.dll - Ok
C:\Users\Shiloh\Desktop\2015.8.23\06.vir\aross.a - Ok
C:\Users\Shiloh\Desktop\2015.8.23\06.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\06.vir - archive - 586ms, 244844 bytes
C:\Users\Shiloh\Desktop\2015.8.23\10.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\09.vir is SIM container
C:\Users\Shiloh\Desktop\2015.8.23\09.vir\script.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\09.vir\temp.bin - Ok
>>C:\Users\Shiloh\Desktop\2015.8.23\09.vir\data.bin is ASF container
>>>C:\Users\Shiloh\Desktop\2015.8.23\09.vir\data.bin\0.file is CAB archive
C:\Users\Shiloh\Desktop\2015.8.23\09.vir\data.bin\0.file\0 - infected with Trojan.Encoder.567
C:\Users\Shiloh\Desktop\2015.8.23\09.vir\data.bin\0.file\0 - infected
C:\Users\Shiloh\Desktop\2015.8.23\09.vir\data.bin\0.file - infected archive
C:\Users\Shiloh\Desktop\2015.8.23\09.vir\data.bin - infected container
C:\Users\Shiloh\Desktop\2015.8.23\09.vir - infected container
C:\Users\Shiloh\Desktop\2015.8.23\09.vir - infected container - 538ms, 736970 bytes
C:\Users\Shiloh\Desktop\2015.8.23\11.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\10.vir is BINARYRES container
>>C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data001 is NET container
C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data002 - Ok
>>C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data003 is NET container
C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data003 - Ok
>>C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data004 is NET container
C:\Users\Shiloh\Desktop\2015.8.23\10.vir\data004 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\10.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\10.vir - container - 443ms, 123392 bytes
C:\Users\Shiloh\Desktop\2015.8.23\12.vir:Zone.Identifier - Ok - 3ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\12.vir - Ok - 451ms, 371196 bytes
C:\Users\Shiloh\Desktop\2015.8.23\13.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\11.vir is BINARYRES container
>>C:\Users\Shiloh\Desktop\2015.8.23\11.vir\data001 is NET container
>C:\Users\Shiloh\Desktop\2015.8.23\14.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\14.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\14.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\14.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\14.vir - container - 405ms, 98816 bytes
C:\Users\Shiloh\Desktop\2015.8.23\14.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\11.vir\data001\W2t6bIXtKRzHJkl - Ok
C:\Users\Shiloh\Desktop\2015.8.23\11.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\11.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\11.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\11.vir - container - 995ms, 299008 bytes
C:\Users\Shiloh\Desktop\2015.8.23\15.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\16.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.8.23\16.vir\Court_Notification_000439851.doc.js - probably infected with SCRIPT.Virus
>>C:\Users\Shiloh\Desktop\2015.8.23\16.vir\Court_Notification_000439851.doc.js is JS-HTML container
C:\Users\Shiloh\Desktop\2015.8.23\16.vir\Court_Notification_000439851.doc.js\JSFile_1[0][2d45] - Ok
C:\Users\Shiloh\Desktop\2015.8.23\16.vir\Court_Notification_000439851.doc.js\JSEval_2[332] - infected with JS.DownLoader.435
C:\Users\Shiloh\Desktop\2015.8.23\16.vir\Court_Notification_000439851.doc.js\JSEval_2[332] - infected
C:\Users\Shiloh\Desktop\2015.8.23\16.vir\Court_Notification_000439851.doc.js - infected container
C:\Users\Shiloh\Desktop\2015.8.23\16.vir - infected archive
C:\Users\Shiloh\Desktop\2015.8.23\16.vir - infected archive - 81ms, 1919 bytes
C:\Users\Shiloh\Desktop\2015.8.23\16.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\13.vir is BINARYRES container
>>C:\Users\Shiloh\Desktop\2015.8.23\13.vir\data001 is NET container
C:\Users\Shiloh\Desktop\2015.8.23\13.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\13.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\13.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\13.vir - container - 910ms, 886784 bytes
C:\Users\Shiloh\Desktop\2015.8.23\17.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\18.vir is JAR container
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\META-INF\MANIFEST.MF - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\META-INF\CERT.SF - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\META-INF\CERT.RSA - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\AndroidManifest.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\classes.dex - infected with Android.SmsSpy.369.origin
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\classes.dex - infected
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\bg_big.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\common_dialog_btn_cancel.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\15.vir - Ok - 379ms, 24576 bytes
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\common_dialog_btn_confirm.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\popover_base.9.png - Ok
>C:\Users\Shiloh\Desktop\2015.8.23\19.vir is OPEN XML container
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\popover_button_gray_click.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\popover_button_gray_normal.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\[Content_Types].xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\popover_button_white_click.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\_rels\.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-hdpi\popover_button_white_normal.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\_rels\workbook.xml.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-ldpi\action_bar_background.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-ldpi\iocn.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-mdpi\iocn.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\drawable-mdpi\un_icon.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\activity_main.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\workbook.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\app_details.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\dialog.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\float_window_big.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\styles.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\float_window_small.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\worksheets\_rels\sheet2.xml.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\float_window_small2.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\worksheets\_rels\sheet1.xml.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\main.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\op_progress.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\worksheets\sheet2.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\uninstall_confirm.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\uninstall_progress.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\theme\theme1.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\layout\x.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\res\xml\ds.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir\resources.arsc - Ok
C:\Users\Shiloh\Desktop\2015.8.23\18.vir - infected container, incurable
C:\Users\Shiloh\Desktop\2015.8.23\18.vir - infected container, incurable - 287ms, 250834 bytes
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\worksheets\sheet1.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir:Zone.Identifier - Ok - 7ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\sharedStrings.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\docProps\app.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\printerSettings\printerSettings1.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\printerSettings\printerSettings2.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\17.vir - Ok - 439ms, 370684 bytes
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\xl\calcChain.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\20.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\19.vir\docProps\core.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\19.vir - container - 175ms, 34476 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\21.vir is JAR container
C:\Users\Shiloh\Desktop\2015.8.23\21.vir:Zone.Identifier - Ok - 7ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\22.vir is ZIP archive
>C:\Users\Shiloh\Desktop\2015.8.23\20.vir is BZIP2 archive
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\META-INF\MANIFEST.MF - Ok
>>C:\Users\Shiloh\Desktop\2015.8.23\22.vir\pedido0172631.vbe - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\META-INF\CERT.SF - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\META-INF\CERT.RSA - Ok
C:\Users\Shiloh\Desktop\2015.8.23\22.vir\pedido0172631.vbe - Ok
C:\Users\Shiloh\Desktop\2015.8.23\22.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\22.vir - archive - 47ms, 3372 bytes
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\AndroidManifest.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\22.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\classes.dex - infected with Android.SmsSpy.369.origin
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\classes.dex - infected
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\bg_big.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\common_dialog_btn_cancel.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\common_dialog_btn_confirm.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\popover_base.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\popover_button_gray_click.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\popover_button_gray_normal.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\popover_button_white_click.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-hdpi\popover_button_white_normal.9.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-ldpi\action_bar_background.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-ldpi\iocn.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-mdpi\iocn.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\drawable-mdpi\un_icon.png - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\activity_main.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\app_details.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\dialog.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\float_window_big.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\float_window_small.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\float_window_small2.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\main.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\op_progress.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\uninstall_confirm.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\uninstall_progress.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\layout\x.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\res\xml\ds.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir\resources.arsc - Ok
C:\Users\Shiloh\Desktop\2015.8.23\21.vir - infected container, incurable
C:\Users\Shiloh\Desktop\2015.8.23\21.vir - infected container, incurable - 311ms, 250834 bytes
C:\Users\Shiloh\Desktop\2015.8.23\23.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>>C:\Users\Shiloh\Desktop\2015.8.23\20.vir\data000.tmp is AUTOIT container
C:\Users\Shiloh\Desktop\2015.8.23\23.vir - Ok - 370ms, 32768 bytes
C:\Users\Shiloh\Desktop\2015.8.23\24.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>>>C:\Users\Shiloh\Desktop\2015.8.23\20.vir\data000.tmp\Users\WORK\AppData\Local\Temp\autD2A7.tmp - packed by ASCRIPT
C:\Users\Shiloh\Desktop\2015.8.23\20.vir\data000.tmp\Users\WORK\AppData\Local\Temp\autD2A7.tmp - Ok
C:\Users\Shiloh\Desktop\2015.8.23\20.vir\data000.tmp - Ok
C:\Users\Shiloh\Desktop\2015.8.23\20.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\20.vir - archive - 621ms, 392939 bytes
C:\Users\Shiloh\Desktop\2015.8.23\25.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\24.vir is BINARYRES container
>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001 is INNO SETUP container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script0.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script1.bin - Ok
>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin\data002 - Ok
>>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin\data003 is ZLIB container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin\data003\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin\data003 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Script2.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\0.object - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\Embedded_Setup.exe - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{tmp}\OCSetupHlp.dll - is adware program Adware.OpenCandy.137
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{tmp}\OCSetupHlp.dll - infected
>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data001 - Ok
>>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data002 is NET container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\25.vir - infected with Trojan.DownLoader15.43774
C:\Users\Shiloh\Desktop\2015.8.23\25.vir - infected - 876ms, 256512 bytes
C:\Users\Shiloh\Desktop\2015.8.23\26.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data003 is NET container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data003 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data004 - Ok
>>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data005 is ZLIB container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data005\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data005 - Ok
>>>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data006 is ZLIB container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data006\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe\data006 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\DoNotSpy10.exe - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\Newtonsoft.Json.dll - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{group}\icon.ico - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\readme.txt - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001\{app}\license.txt - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data001 - infected container
>>C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data002 is ZLIB container
>C:\Users\Shiloh\Desktop\2015.8.23\26.vir - packed by FLY-CODE
>>C:\Users\Shiloh\Desktop\2015.8.23\26.vir - packed by VMPROTECT
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data002\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\24.vir - infected container
C:\Users\Shiloh\Desktop\2015.8.23\24.vir - infected container - 1372ms, 1015101 bytes
C:\Users\Shiloh\Desktop\2015.8.23\27.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\28.vir is OPEN XML container
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\[Content_Types].xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\_rels\.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\_rels\document.xml.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\document.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\_rels\vbaProject.bin.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\vbaProject.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\theme\theme1.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\vbaData.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\settings.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\webSettings.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\styles.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\numbering.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\docProps\app.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\stylesWithEffects.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\word\fontTable.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir\docProps\core.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\28.vir - container - 148ms, 24074 bytes
C:\Users\Shiloh\Desktop\2015.8.23\28.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\29.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.8.23\29.vir\invoice_blank4175-70919.exe - infected with BackDoor.Kuluoz.260
C:\Users\Shiloh\Desktop\2015.8.23\29.vir\invoice_blank4175-70919.exe - infected
C:\Users\Shiloh\Desktop\2015.8.23\29.vir - infected archive
C:\Users\Shiloh\Desktop\2015.8.23\29.vir - infected archive - 17ms, 15296 bytes
C:\Users\Shiloh\Desktop\2015.8.23\29.vir:Zone.Identifier - Ok - 7ms, 26 bytes
>>>C:\Users\Shiloh\Desktop\2015.8.23\26.vir - packed by FLY-CODE
>C:\Users\Shiloh\Desktop\2015.8.23\27.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\26.vir - Ok - 1341ms, 96256 bytes
C:\Users\Shiloh\Desktop\2015.8.23\27.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\30.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\31.vir is JAR container
C:\Users\Shiloh\Desktop\2015.8.23\27.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\27.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\27.vir - container - 615ms, 2321165 bytes
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\META-INF\MANIFEST.MF - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\b.txt - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\a.txt - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\a\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzj.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\b\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzj.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\c\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzj.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\d\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzj.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\d\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzv.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\d\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzf.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\Main.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzj.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzv.class - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\31.vir - container - 70ms, 96410 bytes
C:\Users\Shiloh\Desktop\2015.8.23\32.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\30.vir - Ok - 379ms, 9728 bytes
C:\Users\Shiloh\Desktop\2015.8.23\33.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\34.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.8.23\34.vir\jjeabbb.exe - infected with Trojan.PWS.Siggen1.40020
C:\Users\Shiloh\Desktop\2015.8.23\34.vir\jjeabbb.exe - infected
C:\Users\Shiloh\Desktop\2015.8.23\34.vir - infected archive
C:\Users\Shiloh\Desktop\2015.8.23\34.vir - infected archive - 45ms, 851574 bytes
C:\Users\Shiloh\Desktop\2015.8.23\34.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\32.vir - infected with BackDoor.Siggen.59693
C:\Users\Shiloh\Desktop\2015.8.23\32.vir - infected - 369ms, 74490 bytes
C:\Users\Shiloh\Desktop\2015.8.23\35.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\33.vir - Ok - 386ms, 106496 bytes
C:\Users\Shiloh\Desktop\2015.8.23\36.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\36.vir - Ok - 405ms, 8704 bytes
C:\Users\Shiloh\Desktop\2015.8.23\37.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\37.vir - infected with Trojan.Packed.19697
C:\Users\Shiloh\Desktop\2015.8.23\37.vir - infected - 389ms, 71680 bytes
C:\Users\Shiloh\Desktop\2015.8.23\38.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\35.vir - Ok - 495ms, 523268 bytes
C:\Users\Shiloh\Desktop\2015.8.23\39.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\38.vir - infected with Trojan.Virtumod.11842
C:\Users\Shiloh\Desktop\2015.8.23\38.vir - infected - 423ms, 44032 bytes
C:\Users\Shiloh\Desktop\2015.8.23\40.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\40.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.8.23\40.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\40.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.8.23\40.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\40.vir - container - 405ms, 76288 bytes
C:\Users\Shiloh\Desktop\2015.8.23\41.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\39.vir - Ok - 432ms, 106978 bytes
C:\Users\Shiloh\Desktop\2015.8.23\42.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\41.vir - Ok - 407ms, 122880 bytes
C:\Users\Shiloh\Desktop\2015.8.23\43.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\44.vir is OPEN XML container
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\[Content_Types].xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\_rels\.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\42.vir - infected with Trojan.DownLoader15.53460
C:\Users\Shiloh\Desktop\2015.8.23\42.vir - infected - 377ms, 294912 bytes
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\_rels\document.xml.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir:Zone.Identifier - Ok - 8ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\document.xml - Ok
>C:\Users\Shiloh\Desktop\2015.8.23\45.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\_rels\vbaProject.bin.rels - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\vbaProject.bin - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\theme\theme1.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\docProps\thumbnail.jpeg - Ok
C:\Users\Shiloh\Desktop\2015.8.23\45.vir\P.O_1211101234553.scr - infected with Trojan.PWS.Stealer.13732
C:\Users\Shiloh\Desktop\2015.8.23\45.vir\P.O_1211101234553.scr - infected
C:\Users\Shiloh\Desktop\2015.8.23\45.vir - infected archive
C:\Users\Shiloh\Desktop\2015.8.23\45.vir - infected archive - 52ms, 570889 bytes
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\settings.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\45.vir:Zone.Identifier - Ok - 9ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\vbaData.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\webSettings.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\stylesWithEffects.xml - Ok
>C:\Users\Shiloh\Desktop\2015.8.23\46.vir is JS-HTML container
>C:\Users\Shiloh\Desktop\2015.8.23\43.vir - packed by UPX
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\docProps\app.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\46.vir\JSFile_1[0][ed6] - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\fontTable.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\docProps\core.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\46.vir\JSEval_2[6d3] - Ok
C:\Users\Shiloh\Desktop\2015.8.23\46.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\46.vir - container - 56ms, 3798 bytes
C:\Users\Shiloh\Desktop\2015.8.23\46.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\44.vir\word\styles.xml - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\44.vir - container - 162ms, 42349 bytes
C:\Users\Shiloh\Desktop\2015.8.23\47.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>>C:\Users\Shiloh\Desktop\2015.8.23\43.vir - packed by PESTUB
>C:\Users\Shiloh\Desktop\2015.8.23\48.vir is BZIP2 archive
C:\Users\Shiloh\Desktop\2015.8.23\43.vir - Ok - 617ms, 49152 bytes
C:\Users\Shiloh\Desktop\2015.8.23\48.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>>C:\Users\Shiloh\Desktop\2015.8.23\48.vir\data000.tmp is AUTOIT container
>>>C:\Users\Shiloh\Desktop\2015.8.23\48.vir\data000.tmp\Users\WORK\AppData\Local\Temp\autD2A7.tmp - packed by ASCRIPT
>C:\Users\Shiloh\Desktop\2015.8.23\47.vir - packed by UPX
C:\Users\Shiloh\Desktop\2015.8.23\49.vir - infected with Trojan.Inject1.55577
C:\Users\Shiloh\Desktop\2015.8.23\49.vir - infected - 370ms, 310272 bytes
C:\Users\Shiloh\Desktop\2015.8.23\49.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\47.vir - infected with BackDoor.Andromeda.614
C:\Users\Shiloh\Desktop\2015.8.23\47.vir - infected - 525ms, 81210 bytes
C:\Users\Shiloh\Desktop\2015.8.23\50.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.8.23\48.vir\data000.tmp\Users\WORK\AppData\Local\Temp\autD2A7.tmp - Ok
C:\Users\Shiloh\Desktop\2015.8.23\48.vir\data000.tmp - Ok
C:\Users\Shiloh\Desktop\2015.8.23\48.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\48.vir - archive - 581ms, 392939 bytes
>C:\Users\Shiloh\Desktop\2015.8.23\50.vir is JS-HTML container
C:\Users\Shiloh\Desktop\2015.8.23\50.vir\JSTAG_1[bb][8c50] - Ok
C:\Users\Shiloh\Desktop\2015.8.23\50.vir\JSEval_2[5b] - Ok
C:\Users\Shiloh\Desktop\2015.8.23\50.vir\JSEval_3[328] - Ok
C:\Users\Shiloh\Desktop\2015.8.23\50.vir - Ok
C:\Users\Shiloh\Desktop\2015.8.23\50.vir - container - 243ms, 36271 bytes

Total 14110543 bytes in 100 files scanned (291 objects, 4 containers)
Total 81 files (258 objects) are clean
Total 17 files are infected
Total 2 files (3 objects) are suspicious
Scan time is 00:00:07.087

Start curing

C:\Users\Shiloh\Desktop\2015.8.23\01.vir - quarantined - 88 ms
C:\Users\Shiloh\Desktop\2015.8.23\05.vir - quarantined - 39 ms
C:\Users\Shiloh\Desktop\2015.8.23\07.vir - cured - 37 ms
C:\Users\Shiloh\Desktop\2015.8.23\08.vir - quarantined - 38 ms
C:\Users\Shiloh\Desktop\2015.8.23\09.vir - quarantined - 55 ms
C:\Users\Shiloh\Desktop\2015.8.23\16.vir - quarantined - 39 ms
C:\Users\Shiloh\Desktop\2015.8.23\18.vir - quarantined - 43 ms
C:\Users\Shiloh\Desktop\2015.8.23\21.vir - quarantined - 38 ms
C:\Users\Shiloh\Desktop\2015.8.23\25.vir - quarantined - 79 ms
C:\Users\Shiloh\Desktop\2015.8.23\24.vir - quarantined - 93 ms
C:\Users\Shiloh\Desktop\2015.8.23\29.vir - quarantined - 40 ms
C:\Users\Shiloh\Desktop\2015.8.23\34.vir - quarantined - 60 ms
C:\Users\Shiloh\Desktop\2015.8.23\32.vir - quarantined - 54 ms
C:\Users\Shiloh\Desktop\2015.8.23\37.vir - quarantined - 65 ms
C:\Users\Shiloh\Desktop\2015.8.23\38.vir - quarantined - 65 ms
C:\Users\Shiloh\Desktop\2015.8.23\42.vir - quarantined - 60 ms
C:\Users\Shiloh\Desktop\2015.8.23\45.vir - quarantined - 48 ms
C:\Users\Shiloh\Desktop\2015.8.23\49.vir - quarantined - 60 ms
C:\Users\Shiloh\Desktop\2015.8.23\47.vir - quarantined - 205 ms

Total 14110543 bytes in 100 files scanned (291 objects, 4 containers)
Total 81 files (258 objects) are clean
Total 17 files are infected
Total 2 files (3 objects) are suspicious
Total 19 files (20 objects) are neutralized
Scan time is 00:00:07.087[/mw_shl_code]
回复

举报

liu237
发表于 2015-8-23 12:36:44 | 显示全部楼层
360安全卫士
vir扩展名 21
exe扩展名 3
zip扩展名  6
总检测率:60%
回复

举报

MXCERILYF!
发表于 2015-8-23 12:54:10 | 显示全部楼层
本帖最后由 MXCERILYF! 于 2015-8-23 18:01 编辑

360TS(只开启自主引擎)
文件后缀为vir时:杀25个

文件后缀为zip时:补杀6个

文件后缀为exe时:补杀3个

文件后缀为apk时:补杀2个

共查杀36个,最终剩余:14个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

諾言敵不過時間
发表于 2015-8-23 13:25:25 | 显示全部楼层
本帖最后由 諾言敵不過時間 于 2015-8-23 14:06 编辑

這成績
金山kill 8
AVG kill 26

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
12345下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-22 01:31 , Processed in 0.093771 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表