精睿样本测试（15.9.16）

kxmp

这都是些什么东西...

28.vir

#@~^cBoAAA==o!x^DkKxP~r~\b"S35vAz#mVP(C/vcUO.k        o*@#@&P~vM0^Fl+F@#@&~~EF,11,bUYKUbx~wW^V+M~,\WDW8kDPjG6Yhm.+BPtDO2)JztWOW8rDR^y@#@&P,ZGUkYP$Ck+c,x,J)~ZG2sVC&B|dHHrhp]j:j.qp5\l41[n0TtbLVVhUKw5DkOE7haz.!F+fW*GR13zE@#@&,Pfb:,[lDlJ+        oO4BP/};YBPoMG;w~+TkU@#@&@#@&P~BMn:K\n~StkOn,/2l1nk~~&0,lxH@#@&~P(ld++cjOMkxT~',I+asCm`(ld+*UY.k        L~,\8/MS0S~rJb@#@&~,4Ck++c?DDbUo,'~IwsC1+`(C/vcUO.k        oBP-4PC(~~Jrb@#@&P~8m/+*UY.k        L,'~"+aVl1+v8lk+cUY.r        o~,EPr~PrEb@#@&@#@&P~BP4PdW!.mPh;kYP^G        /r/Dd,0.K:,oDKEadPSkOt,SnU,W0,*P1tlMd@#@&,P9lOlJn        oOt,xPd+Uc(l/nW?ODbUT#@#@&P,q0,NmOld+UoDt~\KNPW~@!@*P!,P4+        @#@&P~P~3MD Imr/PqS,JA6$tb]SAer~~rAmNP~lknvWPdYMkULcJ@#@&~P,P2XrOPwE        mOkGU@#@&~PAUN,qW@#@&@#@&@#@&,PvPgGSP[mKN+,+m^t,o.W!wl@#@&PPwGD,oDK;2Aobx~'~q,KGP9CYmSnUTYt~jD+2PW@#@&P~,PGk:,x!hfmYCAHYndBPZ4CD;WE        OnDBPDtr//4mDSPD4kkfCOm~PU!MW;wB~ar;D@#@&PP,PE~2mm4P9lOC,oDK;w,+x1G[+kP!w~KG~2PCmD;l^P8zD+/ @#@&P~P,U!:9mYmAXD+k~',&@#@&,P~~        MDK;w,'PZ@#@&@#@&P,P~sG.,Z4lM/W!xOnMP'~T,KGP2@#@&P~,P,PB,ZKU\DOPl^4,mtm.l1Y+M~rxDW,v~4rOkPG0,[lDlS~zxN~C9N~kD~:W@#@&P,PP,PE~l        PrxD+LnMPsK.PD+:aG.lMX,/OW.CT+ P,(0,l~^4lDC^D+.Pbd,l~E'E~PDt.+@#@&~P,P~~EPkk~W        +P6nA+MP9lOl~8HYnR,~`:tn.PmCU,WUVH~(+~mPsl6b:!hPK0~ ,Bxv,qx@#@&P,PP,~vPDtPAtGsPdYMrxTRb@#@&@#@&~~,P~PD4b//4lMP',Hb[`(ld++cjOMkxTSPTDW!2$+Tk        PQP/4mD/W!UYDS~8#@#@&@#@&P~P,~,qW,Y4k/;tm.P{PE'rPP4x@#@&~P,PP,~~x!:GlOl$zD+dP{~x!:9CDlAzO/~O,q@#@&~,P,PP,PD4kkfCYmPx~Z@#@&,~P,PPAsd+@#@&,P~P~~,POtbdfmYC~{PqUjDDcFB~~ldvW~PDtbdZ4l.~,\8$bxlMzZK:wm.n#,O,F@#@&~~,P~PAUN,qW@#@&PP~~,P(0,O4kdGlDlP{P qP:tnx@#@&~~,PP,~PADDc]Ckk+, SPE$}A\b"J2IJS~rAl[~1tCDm^D+.,q        PAm/c,/ODbxL r@#@&,~P,PP,~36bY,s;x^ObWU@#@&~P,P~~AxN~(6@#@&@#@&~,P~,P        MDKEa~',v*PCPU!MWEa~_,Ytbd9lDl@#@&~P~~g+aY@#@&@#@&P~~,BCna,/2VbOkPO4+,VW        o,PW,v~oMW;2kPhbOt,cP(rO/@#@&,P~PU!MW;w,xP_+ac        MDG;a#@#@&@#@&,P~,BzNN,VCNbxLP.+.Gk@#@&,~P,xMMG;w,',?ODrUT`P ~SxcUVDW;2*~~JZE*P',xVDW!w@#@&@#@&P~P,B/G        \+MOPDt+,f~4HYP4+a~bxO+TnD,`~1tl.d*PPW,f,m4mDmmYDk@#@&,P~Par;O,'P;4DvZAHOn`r[_J~[~\bNcxV.W!wS~8~P+b*#~_,m@#@&~,P,PP;tMcZ~XO+vJ'urP[,\k9`xV.GEa~,&SP+b*#~_,m@#@&P~~,PP/4M`/AHO`ELCrP[,Hb[`        M.W!wS~l~Pyb#*@#@&@#@&~P,PEl[N~U!:9lDCAHYnd,mtC.mmO+Md,KG,W!YPkYMrxT@#@&P,P~d}EY,xPkrED~'Pd+6Ycw6;D~~x!hfmYC$HY+db@#@&~PgnXY@#@&@#@&PP~r~\b"S35,'~d}EY@#@&2        NPw;UmDkKx@#@&@#@&Kx~+M.WMP.nkE:n~        +aY@#@&@#@&~,s!xmDkKUP9kdmmD[j1DkaO`*@#@&,~~P,P,Pj+O~K4%sU6P{P/.lYn6(LnmDcr?^MkaYk        ocok^+jXkYnh}4L^Yr#@#@&~~P,P,P~/O.Um.kaOP{P        d1Dk2Oc?^Db2Ds;^Vgl:@#@&~P,P~P,PG8Ns?} fV+Dnok^+v/ODj^Mk2Y*@#@&,P~~AxN~o!x^YbG        @#@&@#@&@#@&@#@&/OP1+UW!DC~{PU^DbwYc/.+mYr8Ln^D`$r~\b"S3evJ.qHNmhVS[;*PmMj/4z'{E#*@#@&L!VLCs+xDGP{PmUGEMlc?2+^rmVoW^[+M/c$}AH)]d2e`r}oAA"Mw!55'{E#*@#@&@#@&frh,loUY/~,sskDWslU~~OmxLlB~Ek~~$}12S~(l8XB~NWdlK~P1DK^t @#@&^VrOK:l        ~',LE^LC:xDW~[~E'J@#@&@#@&4m4z~{PVsrDWhl        ~LPE9:1JPLPr J,[~A}A\)"S2IcJ\(t^Eb@#@&@#@&?nY~CT+UYdP{P/.lYn6(LnmDc~r$tb"S2I`ri gXC(~!C        lxS0tw(M.:np1Z}qFK5h2^5fp{E#*@#@&(6PlLn        Yn/cobVnA6b/Yk`(C4H#~K4+U@#@&/1.kaYR5;rY@#@&Ax[P(W@#@&@#@&9r:,0C;kYlGS,4Cx9nbDC        Y/~s+9rmmmCWBP8CTEx1C~,+/D.CYoblSP8C        NnkMCxD+d+BP0C;kYCWyS,:n9k1lmmWySP/ODmYnLbl @#@&@#@&4l        [nkMl        Yn/~x,J4YD2)Jz[n^Yl ^4+.WsGbxO^l7kxTRbU0Kz[+kxLGkzYm8E^tlr~vs&SAF@#@&WC!/OlK~',A6$tbIJ3I`E5y444faw(:t7S        2w1bx'r#@#@&s+Nb^l1lW,x~V^kDWhlU~LPWl!dYmW@#@&@#@&4CU9+rDmUD+dyP{PJ4YD2)Jz[+^YC 1t+MG:KkxDsC\bxTRrxWGJNn/        LWkz8nMl4CE,Boqd3y@#@&6l!/YmWy~',A6Atb]JA5`r^Mwymyozlq*K4z*CobxJ*@#@&s+[r1lmCGyPxP^sbYGsl        P[,0m;/DlG @#@&@#@&U+Y,CoxYd~',ZM+CYn6(LnmDcA}A\)"S2ecrj+1HCoATmlxS0}a8MjKn(g!t        8n5s2VI&p{Eb#@#@&&0~lLn        Yn/cok^+3ab/Ydcs+[k1C1lG*P:t+        @#@&~PmonxD+d G+VO+wkVch+9k1l^lGb@#@&3x9~q6@#@&@#@&BP/.lO+,C        Pu:KhPW(L^Y@#@&j+DP.Cbxtm~',ZDCO+}4N+^Yc$}A\b"J2I`EPj15PiSXJV4H:24`.wb'r#*@#@&U+OPMlrU4l ,xP;D+mOnr(LmO`$6~H)Id35vJP#g5KiAHSstgPAtijsz'J*#@#@&?Y~DmkU4m&P{~ZM+lDn64N+1YcA6$tb]SAe`rK#HIKjAzdV41:34j#wb{J#*@#@&j+DP.lbx4CWP',/DlY68LmD`$r$\zIJ2IcJ:.He:jhzJ^tHKA4`.oz'r##@#@&@#@&@#@&B~fKhUsKlN,OtP/an^k6kN~j]J@#@&.lbUtmRG2xP$6~H)Id3I`E"!jjJ*~,8l        NnkMlUO/~,ol^/+@#@&.lbx4l /nU9@#@&@#@&vPGWAU^Wl[~DtnPk2mr6kNP`Id@#@&Mlrx4l+ Kw+        ~A}AHz]J2I`rIT.iE*~~4mUNk.C        Y+d+BPol^d@#@&Mlbxtm cd+        N@#@&@#@&v~[aPw(SAFPU)#2@#@&,qWP.Cbx4lcjYmY;d,'P+TZPPtU@#@&~,fb:P(lM8k@#@&P,?nO,4lM8kP',/.+mYr8Ln^D`$r~\b"S3evJp        ]7}!q!i2Iz\wYJ*#@#@&P,rY4P8CM4k@#@&,PP, PXa+,'~F~vmNPXanAbxC.H@#@&~~,P ran        @#@&,P,PRqDbO+,DCk        tC M+/aGxk+AK[z@#@&P,P~RjC7+PWwrVPhn9kmC^mW@#@&,~Ax[,bYt@#@&,~/Y~4mD8rP',HWDtk        L@#@&Ax9P(0@#@&@#@&@#@&E~a[Po(d2 ~jz.3@#@&~&0~Mlbxtm cjYmY;/,'~+Z!P:4+        @#@&,~9ksP(l.4rny@#@&P,j+DP8CM4kn+,'~ZMnmYn}4N+mD`~6Atb]SA5cE5I7tM&Ej2]z}qsDJb#@#@&,P        kD4P(l.8b+ @#@&,P~PcPHwn,',FPEl9PXa+$k        l.z@#@&P,~PcrwU@#@&,P,P .rD+~Dmrx4l+ M+/2G        /nAK[H@#@&,P,PRUl7nKKsrVPhn9kmm^lK @#@&~~2        N,rY4@#@&P~/OP(l.8b+ ~x,1GY4r        o@#@&2        NP&0@#@&@#@&?nVmO~;l/~UmDb2ORzDTEh+UOkR/W!UY@#@&7/m/+~T@#@&7dE~G+WmE^YPb0,UW        +~/a+^r6k+9~kkPVK^CV,mK:2EOnMPcJcE#@#@&77U+Y~G(L        H&jD-bmP',MOr(LnmD`~ESkxsL:D/)J& zMWKY&mrh7 EP*@#@&idjnDPmGs&Yn:k~{PG(LqHqU+M-k1+ 2X+^}!+DHcPr?+^n^Y,e,0.Wh~qkU&ymZK:2;D+DjzkYn:rS,~~W%,#@#@&dioWMP3l1t~G(LqDn:,kx,^GV&Y:d@#@&7iddYM/Wsw;ODPx~K4%qDnsRHm:@#@&idgn6D@#@&d;ldn,F@#@&7dEPZKhhl        N,Vrxn~al.lsnYD~^mxPnrDtnD,8PC,mK:w!Y.P        lh+@#@&77EPWM~JJgJ,OGPM+$En/O~Kxsk        nP4+s2@#@&d7dDD/Ws2!YnMP{PkmMrwDR)DTEhn        Y/vT#@#@&dirWP&xUY.`~dDD/Ws2ED+.S,JgE~*P@*PZ~:tn        PUXxDlX@#@&iZC/P3sk+@#@&7dEPHmar:!:,kdPq~1Wh:mUN,VrUPwC.m:nY.@#@&7i?HxYm6@#@&2        N~?Vn^D@#@&@#@&?YPN;skYmPxP/.lO+}8LmOc~rA\)"S35vE` HHloA!mlUS0}24V.Pno1!\        Fh5:ase&5'r#b@#@&(6P%E^r+Dl obV+3ab/O/vhNr1l1lW*P:4+        @#@&/Y~8mD4mUYP',/.+mYr8Ln^D`$r~\b"S3evJj+4^4!h!}oAA(M^L5oIa8 W'E#*@#@&dYP(GD(WVOC'(lM4CxOnc1C:jwmmncs+Nr^mmCW* bYns/@#@&4mD(CxD+ 1m:njalmcV^kYKhCx*R;W2XunM+c4K.4KVnOm#@#@&3        N~k6@#@&@#@&&0,LE^kOlcsrV2arkY/vh+9kmm^CWy#,K4+U@#@&/nY,8lM4CUD+Px~;DnlDn}4%mD`A}At)Id2e`rj+4^4MS;poAh(!sLI("w8 *xr#b@#@&d+DP8GM4WsnDlx4m.(lUD+c1ls+U2l1+c:Nr^mmlK+#ckYhd@#@&4mD8lUORHlsn?al^nvVVrOK:Cx* ;W2HCD+v4K.4KVnYm#@#@&AxN,r0@#@&@#@&jnY,mKD2W.C^PxP;.+mYn6(L+^OvA6At)"S3I`rj gXmpAZl        *        SVta4MjP+o1!\        qnI:aVe&}xr#b@#@&(0,mG.aWDCscsrV3XkdD/v:+9k1CmmWbP:tnU@#@&mK.wKDl^ 9+^+D+oksnv:nNb^l1lGb@#@&2U[,qW@#@&@#@&qW,mKDwKDmsRwks+A6rdD/`snNbml1CG *P:tnx@#@&1W.wK.l^R9n^+YnobVn`sn9k^mmmW *@#@&3x9P(0@#@&@#@&U+Y,^WMwWMCs ,',Z.+COr8L^YvA6$tbIJ3I`EjyHHlp~!m*        S0tw(M#K(HT\Fhe:aV52}xJ*#@#@&(0~^KD2WMCVyRor^+2arkYd`sr^tGW#,Ktx@#@&mKD2WMls+cf+^nYsk^nc:bV4W*#@#@&Ax[P&W@#@&@#@&nkYDCOorl,x,VsbYK:l        PL~A}A\b"S3evJ}VqLr#@#@&ndYMlD+LkC+,'~V^rYK:CU,[P$6~H)Id3I`E9C~LmVsWep{'E#,BO21wlXC@#@&@#@&&W~lT+        Yn/ obVn2Xr/D/cnkYDCOorl,',J rPLPA}At)Id2e`r}p4^J#*~K4+x@#@&9ksP1DGm4n@#@&j+D~mMW^4P'~        Um.kaOcZ.lD+r(L^YvA6Atb]JA5`r#FgLmssAN;*:l!.d8z'xJ*b@#@&m.G1t+ ]!xc+kOMlOoblP,[,ERrP'P~r$\zISAe`r}(4sE#*@#@&?nY~^MW^t~',1GO4kxL@#@&2UN,(6@#@&@#@&U+Y,YC/D~',j^MkwD ZM+lDn64N+1YcA6$tb]SAe`r.qHNm:sA9ZXKm!j/8z'{J#*@#@&O+m/nDcI;Uv+/D.lD+obC+P,[,J J~',A6At)Id2ecr}(4sr#b@#@&@#@&NrkmmDNUmMrwD`b@#@&vJQHAA==^#~@

44.vir解出来是

cxy密斯

蓝天二号 发表于 2015-9-16 18:24
你根本就没理解我的意思，。。。。

为什么监控发现病毒自动隔离的？？？？
我的图就是对应你的问题的答案啊

蓝天二号

cxy密斯 发表于 2015-9-16 19:56
为什么监控发现病毒自动隔离的？？？？
我的图就是对应你的问题的答案啊

不能设置就对了，，

cxy密斯

蓝天二号 发表于 2015-9-16 19:58
不能设置就对了，，

一共就自带这几个设置。。。你当hips呢

蓝天二号

cxy密斯 发表于 2015-9-16 19:59
一共就自带这几个设置。。。你当hips呢

所以我在期待 11版，，，

aboringman

AVIRA kill 42 files
[mw_shl_code=css,true]Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\2015.9.16'
C:\Documents and Settings\Administrator\桌面\2015.9.16\01.vir
  [DETECTION] Is the TR/Spy.Banker.377344.13 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\02.vir
  [DETECTION] Is the TR/Autorun.L.3 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\03.vir
  [DETECTION] Is the TR/AD.Bladabindi.Y.5110 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\04.vir
  [DETECTION] Contains patterns of software PUA/DomaIQ.Gen7
C:\Documents and Settings\Administrator\桌面\2015.9.16\05.vir
    [0] Archive type: ZIP
    --> INVOICE DOCUMENTS.exe
        [DETECTION] Is the TR/Dropper.MSIL.199699 Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\06.vir
  [DETECTION] Contains recognition pattern of the WORM/Rebhip.Y worm
C:\Documents and Settings\Administrator\桌面\2015.9.16\08.vir
  [DETECTION] Is the TR/Agent.19509.1 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\10.vir
  [DETECTION] Is the TR/Crypt.ZPACK.127018 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\11.vir
    [0] Archive type: ZIP SFX (self extracting)
    --> winofficn2.exe
        [DETECTION] Is the TR/Dropper.Gen Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\12.vir
  [DETECTION] Contains suspicious code HEUR/Macro.Word2000
C:\Documents and Settings\Administrator\桌面\2015.9.16\13.vir
    [0] Archive type: RAR
    --> Orçamento PDF.cpl
        [DETECTION] Is the TR/Spy.Banker.Gen Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\14.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\15.vir
  [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\16.vir
  [DETECTION] Is the TR/Downloader.Gen7 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\17.vir
  [DETECTION] Is the TR/AD.Fareit.Y.460 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\18.vir
    [0] Archive type: ZIP
    --> your invoice Marie Mount.exe
        [DETECTION] Is the TR/Upatre.53777 Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\20.vir
  [DETECTION] Contains patterns of software PUA/DomaIQ.Gen2
C:\Documents and Settings\Administrator\桌面\2015.9.16\21.vir
  [DETECTION] Is the TR/Dldr.Agent.116291 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\22.vir
  [DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen6 HTML script virus
C:\Documents and Settings\Administrator\桌面\2015.9.16\24.vir
  [DETECTION] Is the TR/Qhost.EJ.6 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\25.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\26.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen2 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\27.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\28.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Agent.6772 VBS script virus
C:\Documents and Settings\Administrator\桌面\2015.9.16\29.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Vedratve.118784 back-door program
C:\Documents and Settings\Administrator\桌面\2015.9.16\30.vir
  [DETECTION] Is the TR/Agent.108648.5 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\31.vir
  [DETECTION] Is the TR/Dropper.MSIL.Gen Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\33.vir
  [DETECTION] Is the TR/AD.Gamarue.Y.481 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\34.vir
    [0] Archive type: ZIP
    --> 7088.exe
        [DETECTION] Is the TR/Agent.108648.5 Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\37.vir
    [0] Archive type: ZIP
    --> Original Document.exe
        [DETECTION] Is the TR/Dropper.MSIL.Gen Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\38.vir
  [DETECTION] Contains code of the W97M/Agent.44032 Word macro virus
C:\Documents and Settings\Administrator\桌面\2015.9.16\39.vir
    [0] Archive type: ZIP
    --> products list and specifications xls.exe
        [1] Archive type: Portable Executable Resource
      --> CABINET
          [2] Archive type: CAB (Microsoft)
        --> B.exe
            [DETECTION] Is the TR/Crypt.Xpack.277647 Trojan
            [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\41.vir
  [DETECTION] Is the TR/Dldr.Delphi.663 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\42.vir
  [DETECTION] Contains recognition pattern of the VBS/Obfuscated.G VBS script virus
C:\Documents and Settings\Administrator\桌面\2015.9.16\43.vir
  [DETECTION] Is the TR/Dldr.Bancos.283 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\44.vir
    [0] Archive type: Base64
    --> AV00000014.AV$
        [1] Archive type: Base64
      --> Object
          [DETECTION] Is the TR/Dropper.Gen7 Trojan
          [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\45.vir
  [DETECTION] Is the TR/Dropper.MSIL.169526 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\46.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\47.vir
  [DETECTION] Is the TR/AD.Bunitu.Y.125 Trojan
C:\Documents and Settings\Administrator\桌面\2015.9.16\48.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2014-1761.Gen exploit
C:\Documents and Settings\Administrator\桌面\2015.9.16\49.vir
    [0] Archive type: RAR
    --> 1c.scr
        [DETECTION] Is the TR/Crypt.Xpack.277729 Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Administrator\桌面\2015.9.16\50.vir
  [DETECTION] Contains patterns of software PUA/Solimba.chez

Beginning disinfection:
[ERROR] RepairMalware: Not able to Repair Malware PUA/Solimba.chez
[ERROR] RepairMalware: Not able to Repair Malware PUA/DomaIQ.Gen2
[ERROR] RepairMalware: Not able to Repair Malware PUA/DomaIQ.Gen7
C:\Documents and Settings\Administrator\桌面\2015.9.16\50.vir
  [DETECTION] Contains patterns of software PUA/Solimba.chez
  [NOTE]      The file was moved to the quarantine directory under the name '4ae2f952.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\49.vir
  [DETECTION] Is the TR/Crypt.Xpack.277729 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '18bda384.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\48.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2014-1761.Gen exploit
  [NOTE]      The file was moved to the quarantine directory under the name '7e8aec41.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\47.vir
  [DETECTION] Is the TR/AD.Bunitu.Y.125 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '3b0ec17e.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\46.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '4415f31c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\45.vir
  [DETECTION] Is the TR/Dropper.MSIL.169526 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '08addf56.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\44.vir
  [DETECTION] Is the TR/Dropper.Gen7 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '74b59f07.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\43.vir
  [DETECTION] Is the TR/Dldr.Bancos.283 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '59efb075.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\42.vir
  [DETECTION] Contains recognition pattern of the VBS/Obfuscated.G VBS script virus
  [NOTE]      The file was moved to the quarantine directory under the name '40878bee.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\41.vir
  [DETECTION] Is the TR/Dldr.Delphi.663 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2cdba7dd.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\39.vir
  [DETECTION] Is the TR/Crypt.Xpack.277647 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '5d629e73.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\38.vir
  [DETECTION] Contains code of the W97M/Agent.44032 Word macro virus
  [NOTE]      The file was moved to the quarantine directory under the name '5378aeb7.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\37.vir
  [DETECTION] Is the TR/Dropper.MSIL.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1651d7f4.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\34.vir
  [DETECTION] Is the TR/Agent.108648.5 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1f5ad35a.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\33.vir
  [DETECTION] Is the TR/AD.Gamarue.Y.481 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '471bca33.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\31.vir
  [DETECTION] Is the TR/Dropper.MSIL.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '6befb3c1.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\30.vir
  [DETECTION] Is the TR/Agent.108648.5 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '5511d31a.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\29.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Vedratve.118784 back-door program
  [NOTE]      The file was moved to the quarantine directory under the name '361ff850.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\28.vir
  [DETECTION] Contains recognition pattern of the VBS/Dldr.Agent.6772 VBS script virus
  [NOTE]      The file was moved to the quarantine directory under the name '10d7b84c.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\27.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2243c3ea.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\26.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen2 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '2806e894.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\25.vir
  [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '17558cd0.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\24.vir
  [DETECTION] Is the TR/Qhost.EJ.6 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '697980f0.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\22.vir
  [DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen6 HTML script virus
  [NOTE]      The file was moved to the quarantine directory under the name '3c018439.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\21.vir
  [DETECTION] Is the TR/Dldr.Agent.116291 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '3197f511.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\20.vir
  [DETECTION] Contains patterns of software PUA/DomaIQ.Gen2
  [NOTE]      The file was moved to the quarantine directory under the name '2dcae119.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\18.vir
  [DETECTION] Is the TR/Upatre.53777 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1c19acde.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\17.vir
  [DETECTION] Is the TR/AD.Fareit.Y.460 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '704fb8e9.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\16.vir
  [DETECTION] Is the TR/Downloader.Gen7 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '39d59de1.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\15.vir
  [DETECTION] Is the TR/Crypt.CFI.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '62409531.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\14.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '04f299d8.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\13.vir
  [DETECTION] Is the TR/Spy.Banker.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '537ceb73.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\12.vir
  [DETECTION] Contains suspicious code HEUR/Macro.Word2000
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      The file was moved to the quarantine directory under the name '710cbc06.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\11.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '191cc697.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\10.vir
  [DETECTION] Is the TR/Crypt.ZPACK.127018 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '396ac212.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\08.vir
  [DETECTION] Is the TR/Agent.19509.1 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '6c4e84ae.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\06.vir
  [DETECTION] Contains recognition pattern of the WORM/Rebhip.Y worm
  [NOTE]      The file was moved to the quarantine directory under the name '0d6ea513.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\05.vir
  [DETECTION] Is the TR/Dropper.MSIL.199699 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '68c2e799.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\04.vir
  [DETECTION] Contains patterns of software PUA/DomaIQ.Gen7
  [NOTE]      The file was moved to the quarantine directory under the name '0d159338.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\03.vir
  [DETECTION] Is the TR/AD.Bladabindi.Y.5110 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1ef1afa4.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\02.vir
  [DETECTION] Is the TR/Autorun.L.3 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '0c48d318.qua'!
C:\Documents and Settings\Administrator\桌面\2015.9.16\01.vir
  [DETECTION] Is the TR/Spy.Banker.377344.13 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1b18b0aa.qua'!


End of the scan: 2015年9月16日  21:43
Used time: 00:10 Minute(s)

The scan has been done completely.

      1 Scanned directories
    122 Files were scanned
     41 Viruses and/or unwanted programs were found
      1 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
     42 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
     80 Files not concerned
     18 Archives were scanned
      9 Warnings
     42 Notes
[/mw_shl_code]

nick20010117

bullguard扫描kill39x，其中修复6x，剩余11x

白露为霜

欧阳宣 发表于 2015-9-16 13:57
数字么

你觉得我会用么

好像beta没这个问题
我也是10

欧阳宣

root1605 发表于 2015-9-16 23:08
好像beta没这个问题
我也是10

所以再等等看吧