收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(15.9.11)
12下一页
返回列表 发新帖
查看: 3827|回复: 16
收起左侧

[病毒样本] 精睿样本测试(15.9.11)

[复制链接]
潘达达
发表于 2015-9-11 09:19:04 | 显示全部楼层 |阅读模式
http://pan.baidu.com/s/1c0z3IBA 提取密码  4gey

密码:bbs.vc52.cn
数量:50
回复

举报

MXCERILYF!
发表于 2015-9-11 09:19:17 | 显示全部楼层
本帖最后由 MXCERILYF! 于 2015-9-11 09:32 编辑

金山毒霸10(一扫)

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

XywCloud
发表于 2015-9-11 09:26:43 | 显示全部楼层
BAV Kill 18x
回复

举报

MXCERILYF!
发表于 2015-9-11 09:50:11 | 显示全部楼层
本帖最后由 MXCERILYF! 于 2015-9-11 09:51 编辑

360TS(只开启自主引擎)
文件后缀为vir时:杀21个

文件后缀为exe时:补杀3个

文件后缀为zip时:补杀4个

无后缀时:补杀2个

共查杀30个,剩余20个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

狐狸糊涂
发表于 2015-9-11 09:52:40 | 显示全部楼层
本帖最后由 狐狸糊涂 于 2015-9-11 09:59 编辑

BD2016杀34,余16

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

毛豆新人
发表于 2015-9-11 10:08:42 | 显示全部楼层
本帖最后由 毛豆新人 于 2015-9-11 10:14 编辑

CIS kill 11x
回复

举报

欧阳宣
头像被屏蔽
发表于 2015-9-11 10:53:39 | 显示全部楼层
mcafee 32x, 修复1个
[mw_shl_code=css,true]9/10/2015        10:52:05 PM        "D:\Virus\2015.9.11\28.vir"        "W97M/Downloader.alw"        "2"

9/10/2015        10:52:05 PM        "D:\Virus\2015.9.11\07.vir"        "Artemis!275BC54B0E16"        "3"

9/10/2015        10:52:07 PM        "D:\Virus\2015.9.11\46.vir"        "JS/Downloader.gen.u"        "2"

9/10/2015        10:52:08 PM        "D:\Virus\2015.9.11\29.vir"        "Artemis!6ABAC7C5FE49"        "2"

9/10/2015        10:52:09 PM        "D:\Virus\2015.9.11\16.vir"        "Artemis!9207E880E2E3"        "2"

9/10/2015        10:52:14 PM        "D:\Virus\2015.9.11\10.vir"        "Bot-FKS!28F0F62A392C"        "1"

9/10/2015        10:52:15 PM        "D:\Virus\2015.9.11\37.vir"        "Artemis!D4E8D96AFCEF"        "2"

9/10/2015        10:50:05 PM        "D:\Virus\2015.9.11\07.vir"        "Artemis!275BC54B0E16"        "3"

9/10/2015        10:50:09 PM        "D:\Virus\2015.9.11\06.vir"        "Adwind!25AA74C8F868"        "2"

9/10/2015        10:50:09 PM        "D:\Virus\2015.9.11\20.vir"        "Adwind!30264AF81464"        "2"

9/10/2015        10:50:10 PM        "D:\Virus\2015.9.11\12.vir"        "Adwind!B90B89B273B7"        "2"

9/10/2015        10:50:10 PM        "D:\Virus\2015.9.11\14.vir"        "Adwind!A76D1CFCFAAF"        "2"

9/10/2015        10:50:11 PM        "D:\Virus\2015.9.11\30.vir"        "VBS/Downloader.t"        "2"

9/10/2015        10:50:14 PM        "D:\Virus\2015.9.11\26.vir"        "Adwind!6439B4CB5462"        "2"

9/10/2015        10:50:15 PM        "D:\Virus\2015.9.11\32.vir"        "Adwind!DEBA55C0BF98"        "2"

9/10/2015        10:50:16 PM        "D:\Virus\2015.9.11\48.vir"        "Adwind!40F2D00C6E44"        "2"

9/10/2015        10:50:21 PM        "D:\Virus\2015.9.11\05.vir"        "Artemis!C2DBA13631DF"        "2"

9/10/2015        10:50:21 PM        "D:\Virus\2015.9.11\17.vir"        "Artemis!F008D4C2F3D6"        "2"

9/10/2015        10:50:22 PM        "D:\Virus\2015.9.11\01.vir"        "Artemis!60E8E0F8289D"        "2"

9/10/2015        10:50:22 PM        "D:\Virus\2015.9.11\02.vir"        "Artemis!4CBFCEE422CB"        "2"

9/10/2015        10:50:22 PM        "D:\Virus\2015.9.11\11.vir"        "Artemis!C2A8ACFE818A"        "2"

9/10/2015        10:50:22 PM        "D:\Virus\2015.9.11\15.vir"        "Artemis!B49967541C63"        "2"

9/10/2015        10:50:23 PM        "D:\Virus\2015.9.11\09.vir"        "Artemis!22FF12843DAD"        "2"

9/10/2015        10:50:23 PM        "D:\Virus\2015.9.11\13.vir"        "Artemis!8BF335774FBB"        "2"

9/10/2015        10:50:23 PM        "D:\Virus\2015.9.11\23.vir"        "Artemis!D7137A7A1B7F"        "2"

9/10/2015        10:50:23 PM        "D:\Virus\2015.9.11\25.vir"        "Artemis!71AADB311275"        "2"

9/10/2015        10:50:24 PM        "D:\Virus\2015.9.11\31.vir"        "Artemis!9207E880E2E3"        "2"

9/10/2015        10:50:24 PM        "D:\Virus\2015.9.11\38.vir"        "Artemis!B3B2E248D1BA"        "2"

9/10/2015        10:50:25 PM        "D:\Virus\2015.9.11\39.vir"        "Artemis!0D2C174F1E9E"        "2"

9/10/2015        10:50:25 PM        "D:\Virus\2015.9.11\42.vir"        "Artemis!A80AC1419E83"        "2"

9/10/2015        10:50:25 PM        "D:\Virus\2015.9.11\41.vir"        "Artemis!FC8A99DE6659"        "2"

9/10/2015        10:50:25 PM        "D:\Virus\2015.9.11\27.vir"        "BackDoor-EXI.gen.aj"        "2"

9/10/2015        10:50:26 PM        "D:\Virus\2015.9.11\49.vir"        "BackDoor-EXI.gen.ah"        "2"[/mw_shl_code]
回复

举报

cxy密斯
发表于 2015-9-11 11:36:07 | 显示全部楼层
[mw_shl_code=css,true]Dr.Web Scanner SE for Windows v9.1.3.08170
Scanning Engine version: 10.0.9.8310
Virus Finding Engine version: 7.0.15.8310
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Object(s) to scan:
- C:\Users\Shiloh\Desktop\2015.9.11

C:\Users\Shiloh\Desktop\2015.9.11\01.vir:Zone.Identifier - Ok - 14ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\02.vir:Zone.Identifier - Ok - 8ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\03.vir is 7-ZIP archive
>>C:\Users\Shiloh\Desktop\2015.9.11\03.vir\Swift Details.exe is BINARYRES container
C:\Users\Shiloh\Desktop\2015.9.11\03.vir\Swift Details.exe\data001 - Ok
>>>C:\Users\Shiloh\Desktop\2015.9.11\03.vir\Swift Details.exe\data002 is NET container
C:\Users\Shiloh\Desktop\2015.9.11\03.vir\Swift Details.exe\data002 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\03.vir\Swift Details.exe - Ok
C:\Users\Shiloh\Desktop\2015.9.11\03.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\03.vir - archive - 69ms, 112405 bytes
C:\Users\Shiloh\Desktop\2015.9.11\03.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\01.vir is BINARYRES container
>>C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data001 is NET container
C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data001 - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data002 is NET container
>>>C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data002\AthenaHttpBin is GZIP archive
C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data002\AthenaHttpBin\AthenaHttpBin.exe - infected with BackDoor.Siggen.56198
C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data002\AthenaHttpBin\AthenaHttpBin.exe - infected
C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data002\AthenaHttpBin - infected archive
C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data002 - infected container
>C:\Users\Shiloh\Desktop\2015.9.11\02.vir is RAR archive
>C:\Users\Shiloh\Desktop\2015.9.11\04.vir - packed by FLY-CODE
>>C:\Users\Shiloh\Desktop\2015.9.11\02.vir\Loader.vbe - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\02.vir\Loader.vbe - Ok
C:\Users\Shiloh\Desktop\2015.9.11\02.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\02.vir - archive - 467ms, 408381 bytes
C:\Users\Shiloh\Desktop\2015.9.11\04.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\04.vir - Ok - 411ms, 215552 bytes
C:\Users\Shiloh\Desktop\2015.9.11\05.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\06.vir - Ok - 6ms, 1762 bytes
C:\Users\Shiloh\Desktop\2015.9.11\06.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>>C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data003 - packed by UPX
>C:\Users\Shiloh\Desktop\2015.9.11\05.vir - packed by ASPACK
C:\Users\Shiloh\Desktop\2015.9.11\07.vir - is adware program Adware.AdPeak.6
C:\Users\Shiloh\Desktop\2015.9.11\01.vir\data003 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\01.vir - infected container
C:\Users\Shiloh\Desktop\2015.9.11\01.vir - infected container - 881ms, 375296 bytes
C:\Users\Shiloh\Desktop\2015.9.11\07.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\05.vir - infected with Trojan.DownLoader11.32745
C:\Users\Shiloh\Desktop\2015.9.11\05.vir - infected - 433ms, 90440 bytes
C:\Users\Shiloh\Desktop\2015.9.11\08.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\09.vir - infected with Trojan.Click3.7041
C:\Users\Shiloh\Desktop\2015.9.11\09.vir - infected - 282ms, 69632 bytes
C:\Users\Shiloh\Desktop\2015.9.11\09.vir:Zone.Identifier - Ok - 7ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\10.vir is RAR archive
C:\Users\Shiloh\Desktop\2015.9.11\08.vir - Ok - 338ms, 73209 bytes
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\blog - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\botlogger.php - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\css\bootstrap-theme.css - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\css\bootstrap-theme.css.map - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\css\bootstrap-theme.min.css - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\css\bootstrap.css - Ok
>C:\Users\Shiloh\Desktop\2015.9.11\11.vir - packed by UPX
C:\Users\Shiloh\Desktop\2015.9.11\11.vir - Ok - 517ms, 108032 bytes
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\css\bootstrap.css.map - Ok
C:\Users\Shiloh\Desktop\2015.9.11\11.vir:Zone.Identifier - Ok - 7ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\12.vir - Ok - 6ms, 1674 bytes
C:\Users\Shiloh\Desktop\2015.9.11\12.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\css\bootstrap.min.css - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\fonts\glyphicons-halflings-regular.eot - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\fonts\glyphicons-halflings-regular.svg - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\fonts\glyphicons-halflings-regular.ttf - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\fonts\glyphicons-halflings-regular.woff - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\index.php is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\index.php - Ok
C:\Users\Shiloh\Desktop\2015.9.11\13.vir - infected with Trojan.DownLoad3.28059
C:\Users\Shiloh\Desktop\2015.9.11\13.vir - infected - 261ms, 77824 bytes
C:\Users\Shiloh\Desktop\2015.9.11\13.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\14.vir - Ok - 7ms, 2143 bytes
C:\Users\Shiloh\Desktop\2015.9.11\14.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\js\bootstrap.js - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\js\bootstrap.min.js - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\login.php is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\login.php\JSTAG_1[2f2][5b] - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\login.php - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\logout.php - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\onlinebots.php is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\onlinebots.php - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\register.php is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\register.php\JSTAG_1[575][5b] - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\register.php - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\settings.php is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\settings.php - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\WebPanel\visitors.txt - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\10.vir\Builder\Blue Botnet Bot Builder.exe is BINARYRES container
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\Builder\Blue Botnet Bot Builder.exe\data001 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\Builder\Blue Botnet Bot Builder.exe\data002 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\Builder\Blue Botnet Bot Builder.exe - Ok
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\Builder\rawbot.exx - infected with Trojan.DownLoader11.38015
C:\Users\Shiloh\Desktop\2015.9.11\10.vir\Builder\rawbot.exx - infected
C:\Users\Shiloh\Desktop\2015.9.11\10.vir - infected archive
C:\Users\Shiloh\Desktop\2015.9.11\10.vir - infected archive - 1068ms, 233035 bytes
C:\Users\Shiloh\Desktop\2015.9.11\15.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\16.vir is GZIP archive
C:\Users\Shiloh\Desktop\2015.9.11\16.vir\gziped.gz - infected with Trojan.PWS.Stealer.4118
C:\Users\Shiloh\Desktop\2015.9.11\16.vir\gziped.gz - infected
C:\Users\Shiloh\Desktop\2015.9.11\16.vir - infected archive
C:\Users\Shiloh\Desktop\2015.9.11\16.vir - infected archive - 16ms, 22414 bytes
C:\Users\Shiloh\Desktop\2015.9.11\16.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\15.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.9.11\15.vir\data001 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\15.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\15.vir\data003 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\15.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\15.vir - container - 293ms, 35840 bytes
C:\Users\Shiloh\Desktop\2015.9.11\07.vir - infected with Trojan.AVKill.35957
C:\Users\Shiloh\Desktop\2015.9.11\07.vir - infected - 1819ms, 473944 bytes
C:\Users\Shiloh\Desktop\2015.9.11\17.vir:Zone.Identifier - Ok - 6ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\18.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\18.vir - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\18.vir - infected with VBS.DownLoader.396
C:\Users\Shiloh\Desktop\2015.9.11\18.vir - infected - 47ms, 5931 bytes
C:\Users\Shiloh\Desktop\2015.9.11\19.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\20.vir - Ok - 6ms, 976 bytes
C:\Users\Shiloh\Desktop\2015.9.11\19.vir - probably infected with SCRIPT.Virus
C:\Users\Shiloh\Desktop\2015.9.11\20.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\19.vir is JS-HTML container
>C:\Users\Shiloh\Desktop\2015.9.11\21.vir is SWF container
>>C:\Users\Shiloh\Desktop\2015.9.11\21.vir\Data is SWF container
C:\Users\Shiloh\Desktop\2015.9.11\21.vir\Data\Code[3326] - Ok
C:\Users\Shiloh\Desktop\2015.9.11\21.vir\Data - Ok
C:\Users\Shiloh\Desktop\2015.9.11\21.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\21.vir - container - 23ms, 2611 bytes
C:\Users\Shiloh\Desktop\2015.9.11\21.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\22.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.9.11\19.vir\JSFile_1[0][3b28] - Ok
C:\Users\Shiloh\Desktop\2015.9.11\19.vir\JSEval_2[32e] - infected with JS.DownLoader.365
>>C:\Users\Shiloh\Desktop\2015.9.11\22.vir\curriculo0182728.vbe - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\19.vir\JSEval_2[32e] - infected
C:\Users\Shiloh\Desktop\2015.9.11\19.vir - infected container
C:\Users\Shiloh\Desktop\2015.9.11\19.vir - infected container - 113ms, 15144 bytes
C:\Users\Shiloh\Desktop\2015.9.11\22.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\22.vir\curriculo0182728.vbe - infected with VBS.DownLoader.398
C:\Users\Shiloh\Desktop\2015.9.11\22.vir\curriculo0182728.vbe - infected
C:\Users\Shiloh\Desktop\2015.9.11\22.vir - infected archive
C:\Users\Shiloh\Desktop\2015.9.11\22.vir - infected archive - 56ms, 4484 bytes
C:\Users\Shiloh\Desktop\2015.9.11\23.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\24.vir - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\24.vir - Ok - 29ms, 3674 bytes
C:\Users\Shiloh\Desktop\2015.9.11\24.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\25.vir - Ok - 19ms, 28672 bytes
C:\Users\Shiloh\Desktop\2015.9.11\25.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\26.vir - Ok - 6ms, 1645 bytes
C:\Users\Shiloh\Desktop\2015.9.11\26.vir:Zone.Identifier - Ok - 3ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\17.vir - Ok - 378ms, 28672 bytes
C:\Users\Shiloh\Desktop\2015.9.11\27.vir:Zone.Identifier - Ok - 12ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\23.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.9.11\23.vir\data001 - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\23.vir\data002 is NET container
C:\Users\Shiloh\Desktop\2015.9.11\23.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\23.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\23.vir - container - 321ms, 394752 bytes
C:\Users\Shiloh\Desktop\2015.9.11\28.vir:Zone.Identifier - Ok - 5ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\29.vir - packed by XOREXE
>C:\Users\Shiloh\Desktop\2015.9.11\28.vir is BASE64 container
>>C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part is OPEN XML container
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\[Content_Types].xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\_rels\.rels - Ok
C:\Users\Shiloh\Desktop\2015.9.11\27.vir - infected with BackDoor.Gbot.1591
C:\Users\Shiloh\Desktop\2015.9.11\27.vir - infected - 290ms, 186880 bytes
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\_rels\document.xml.rels - Ok
C:\Users\Shiloh\Desktop\2015.9.11\29.vir:Zone.Identifier - Ok - 8ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\document.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\vbaProject.bin - infected with W97M.DownLoader.547
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\vbaProject.bin - infected
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\_rels\vbaProject.bin.rels - Ok
>C:\Users\Shiloh\Desktop\2015.9.11\30.vir - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\theme\theme1.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\vbaData.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\30.vir - Ok - 50ms, 4642 bytes
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\settings.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\30.vir:Zone.Identifier - Ok - 7ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\docProps\app.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\styles.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\docProps\core.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\fontTable.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part\word\webSettings.xml - Ok
C:\Users\Shiloh\Desktop\2015.9.11\28.vir\0.part - infected container
C:\Users\Shiloh\Desktop\2015.9.11\28.vir - infected mail
C:\Users\Shiloh\Desktop\2015.9.11\28.vir - infected mail - 265ms, 53788 bytes
C:\Users\Shiloh\Desktop\2015.9.11\31.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\32.vir - Ok - 8ms, 1426 bytes
C:\Users\Shiloh\Desktop\2015.9.11\32.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\29.vir - Ok - 190ms, 305664 bytes
C:\Users\Shiloh\Desktop\2015.9.11\33.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\34.vir is ZIP archive
>>C:\Users\Shiloh\Desktop\2015.9.11\34.vir\e-Ticket_957-2116395082.vbe - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\34.vir\e-Ticket_957-2116395082.vbe - Ok
C:\Users\Shiloh\Desktop\2015.9.11\34.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\34.vir - archive - 26ms, 1237 bytes
C:\Users\Shiloh\Desktop\2015.9.11\34.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\33.vir - probably infected with SCRIPT.Virus
>C:\Users\Shiloh\Desktop\2015.9.11\33.vir is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\33.vir\JSFile_1[0][3ee6] - Ok
C:\Users\Shiloh\Desktop\2015.9.11\33.vir\JSEval_2[339] - infected with JS.DownLoader.365
C:\Users\Shiloh\Desktop\2015.9.11\33.vir\JSEval_2[339] - infected
C:\Users\Shiloh\Desktop\2015.9.11\33.vir - infected container
C:\Users\Shiloh\Desktop\2015.9.11\33.vir - infected container - 108ms, 16102 bytes
C:\Users\Shiloh\Desktop\2015.9.11\35.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\36.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.9.11\36.vir\Court_Notification_000866121.doc.js - probably infected with SCRIPT.Virus
>>C:\Users\Shiloh\Desktop\2015.9.11\36.vir\Court_Notification_000866121.doc.js is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\36.vir\Court_Notification_000866121.doc.js\JSFile_1[0][3f4e] - Ok
C:\Users\Shiloh\Desktop\2015.9.11\36.vir\Court_Notification_000866121.doc.js\JSEval_2[328] - infected with JS.DownLoader.365
C:\Users\Shiloh\Desktop\2015.9.11\36.vir\Court_Notification_000866121.doc.js\JSEval_2[328] - infected
C:\Users\Shiloh\Desktop\2015.9.11\36.vir\Court_Notification_000866121.doc.js - infected container
C:\Users\Shiloh\Desktop\2015.9.11\36.vir - infected archive
C:\Users\Shiloh\Desktop\2015.9.11\36.vir - infected archive - 102ms, 3586 bytes
C:\Users\Shiloh\Desktop\2015.9.11\36.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\31.vir - infected with Trojan.PWS.Stealer.4118
C:\Users\Shiloh\Desktop\2015.9.11\31.vir - infected - 271ms, 42051 bytes
C:\Users\Shiloh\Desktop\2015.9.11\37.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\37.vir is RAR archive
>>C:\Users\Shiloh\Desktop\2015.9.11\37.vir\52150603317431000174550010000015631000015630-NFe.PDF.exe - packed by UPX
>C:\Users\Shiloh\Desktop\2015.9.11\35.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.9.11\35.vir\data001 - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\35.vir\data002 is NET container
C:\Users\Shiloh\Desktop\2015.9.11\35.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\35.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\35.vir - container - 334ms, 343552 bytes
C:\Users\Shiloh\Desktop\2015.9.11\38.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\37.vir\52150603317431000174550010000015631000015630-NFe.PDF.exe - Ok
C:\Users\Shiloh\Desktop\2015.9.11\37.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\37.vir - archive - 244ms, 97374 bytes
C:\Users\Shiloh\Desktop\2015.9.11\39.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\40.vir is PDF container
C:\Users\Shiloh\Desktop\2015.9.11\40.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\40.vir - container - 9ms, 306352 bytes
C:\Users\Shiloh\Desktop\2015.9.11\40.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\38.vir is BINARYRES container
C:\Users\Shiloh\Desktop\2015.9.11\38.vir\data001 - Ok
>>C:\Users\Shiloh\Desktop\2015.9.11\38.vir\data002 is NET container
C:\Users\Shiloh\Desktop\2015.9.11\38.vir\data002 - Ok
C:\Users\Shiloh\Desktop\2015.9.11\38.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\38.vir - container - 295ms, 142848 bytes
C:\Users\Shiloh\Desktop\2015.9.11\41.vir:Zone.Identifier - Ok - 4ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\39.vir - packed by UPX
C:\Users\Shiloh\Desktop\2015.9.11\41.vir - Ok - 345ms, 360448 bytes
C:\Users\Shiloh\Desktop\2015.9.11\42.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\43.vir - packed by ENCODED SCRIPT
C:\Users\Shiloh\Desktop\2015.9.11\43.vir - Ok - 17ms, 581 bytes
C:\Users\Shiloh\Desktop\2015.9.11\43.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\39.vir - Ok - 466ms, 43008 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\42.vir - packed by FLY-CODE
C:\Users\Shiloh\Desktop\2015.9.11\44.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\45.vir is JS-HTML container
C:\Users\Shiloh\Desktop\2015.9.11\45.vir - Ok
C:\Users\Shiloh\Desktop\2015.9.11\45.vir - container - 56ms, 9564 bytes
C:\Users\Shiloh\Desktop\2015.9.11\45.vir:Zone.Identifier - Ok - 6ms, 26 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\46.vir is ZIP archive
C:\Users\Shiloh\Desktop\2015.9.11\46.vir\80aae2 e1a2a5e0aaa8. 8ea1aee0aee2adae-e1a0abeca4aea2eba5 a4a0adadeba5 ada0 11.08.15 a7a0 88eeabec. 8da5aea1e5aea4a8acae e1aea3aba0e1aea2a0e2ec a2 e1e0aee7adaeac afaee0efa4aaa5.daee1  .jsd - infected with JS.DownLoader.451
C:\Users\Shiloh\Desktop\2015.9.11\46.vir\80aae2 e1a2a5e0aaa8. 8ea1aee0aee2adae-e1a0abeca4aea2eba5 a4a0adadeba5 ada0 11.08.15 a7a0 88eeabec. 8da5aea1e5aea4a8acae e1aea3aba0e1aea2a0e2ec a2 e1e0aee7adaeac afaee0efa4aaa5.daee1  .jsd - infected
C:\Users\Shiloh\Desktop\2015.9.11\46.vir - infected archive
C:\Users\Shiloh\Desktop\2015.9.11\46.vir - infected archive - 13ms, 2389 bytes
C:\Users\Shiloh\Desktop\2015.9.11\46.vir:Zone.Identifier - Ok - 5ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\42.vir - Ok - 503ms, 487424 bytes
C:\Users\Shiloh\Desktop\2015.9.11\47.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\48.vir - Ok - 4ms, 1168 bytes
C:\Users\Shiloh\Desktop\2015.9.11\48.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\47.vir - probably infected with DLOADER.Trojan
C:\Users\Shiloh\Desktop\2015.9.11\47.vir - infected - 292ms, 8704 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\44.vir - packed by FLY-CODE
C:\Users\Shiloh\Desktop\2015.9.11\49.vir:Zone.Identifier - Ok - 7ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\44.vir - Ok - 457ms, 215552 bytes
C:\Users\Shiloh\Desktop\2015.9.11\50.vir:Zone.Identifier - Ok - 4ms, 26 bytes
C:\Users\Shiloh\Desktop\2015.9.11\49.vir - infected with BackDoor.Gbot.2028
C:\Users\Shiloh\Desktop\2015.9.11\49.vir - infected - 287ms, 279040 bytes
>C:\Users\Shiloh\Desktop\2015.9.11\50.vir - packed by FLY-CODE
C:\Users\Shiloh\Desktop\2015.9.11\50.vir - Ok - 967ms, 563200 bytes

Total 6266024 bytes in 100 files scanned (174 objects, 5 containers)
Total 82 files (143 objects) are clean
Total 17 files (18 objects) are infected
Total 1 file (4 objects) are suspicious
Scan time is 00:00:05.188
-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------
C:\Users\Shiloh\Desktop\2015.9.11\01.vir - quarantined - 914 ms
C:\Users\Shiloh\Desktop\2015.9.11\05.vir - quarantined - 173 ms
C:\Users\Shiloh\Desktop\2015.9.11\09.vir - quarantined - 41 ms
C:\Users\Shiloh\Desktop\2015.9.11\13.vir - quarantined - 41 ms
C:\Users\Shiloh\Desktop\2015.9.11\10.vir - quarantined - 30 ms
C:\Users\Shiloh\Desktop\2015.9.11\16.vir - quarantined - 26 ms
C:\Users\Shiloh\Desktop\2015.9.11\07.vir - quarantined - 1185 ms
C:\Users\Shiloh\Desktop\2015.9.11\18.vir - quarantined - 75 ms
C:\Users\Shiloh\Desktop\2015.9.11\19.vir - quarantined - 115 ms
C:\Users\Shiloh\Desktop\2015.9.11\22.vir - quarantined - 28 ms
C:\Users\Shiloh\Desktop\2015.9.11\27.vir - quarantined - 58 ms
C:\Users\Shiloh\Desktop\2015.9.11\28.vir - quarantined - 32 ms
C:\Users\Shiloh\Desktop\2015.9.11\33.vir - quarantined - 123 ms
C:\Users\Shiloh\Desktop\2015.9.11\36.vir - quarantined - 28 ms
C:\Users\Shiloh\Desktop\2015.9.11\31.vir - quarantined - 42 ms
C:\Users\Shiloh\Desktop\2015.9.11\46.vir - quarantined - 29 ms
C:\Users\Shiloh\Desktop\2015.9.11\47.vir - quarantined - 29 ms
C:\Users\Shiloh\Desktop\2015.9.11\49.vir - quarantined - 58 ms

Total 6266024 bytes in 100 files scanned (174 objects, 5 containers)
Total 82 files (143 objects) are clean
Total 17 files (18 objects) are infected
Total 1 file (4 objects) are suspicious
Total 18 files (22 objects) are neutralized
Scan time is 00:00:05.188
[/mw_shl_code]
回复

举报

housirvip
发表于 2015-9-11 11:42:08 | 显示全部楼层
eset剩16,emsisoft剩13
回复

举报

aboringman
发表于 2015-9-11 17:21:01 | 显示全部楼层
本帖最后由 aboringman 于 2015-9-11 17:25 编辑

TP kill 36 files
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-21 14:52 , Processed in 0.125794 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表