样本30X

275751198

http://pan.baidu.com/s/1kUjKfPX

password :  infected

Llano_心情

飞塔 killx24

[mw_shl_code=css,true]Scan started at 2016年2月5日 星期五 12:48:30.
av_engine: 5.00220; vir_sig: 32.00375; vir_sig_extd: 32.00320; vir_sig_extm: 32.00343; vir_sig_heuristics: 32.00375; mdare: 2.00062; vir_sig_mdare: 1.00000;
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\01c263a0cc4cd3f7d4bd42fe38e530d0.EXE, virus found: W32/Kryptik.KYT!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\02e3b57e78a21f2b66279f21055798c0.EXE, virus found: W32/Agent.BNA!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\0359015556793afe16797edab1038b60.EXE, virus found: W32/Citerya.SMM!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\046879420a2cb2b1c98015c822de4880.EXE, virus found: W32/Dropper.STP!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\048493303b40bbfc65690354bb39f100.EXE, virus found: W32/Dx.TEA!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\117bd61e7f2e0efad040e37440ef8200.EXE, virus found: W32/Injector.FOD!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\11bed948eb05efd18c08bf2eca2bbe30.EXE, virus found: Riskware/FlyStudio_potentially_unwanted, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\123c58cd7d0ad2a18e13b09245d7c4a0.EXE, virus found: Riskware/FlyStudio_Injector, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\277211ca5606ca7fbd6346216ffca890.EXE, virus found: W32/Injector.BUQG!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\2ad724e9ee0033688caba3d4f7224ea0.EXE, virus found: W32/Kryptik.EKLJ!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\2d7c1528a4283f32b7f323166bb41180.EXE, virus found: W32/Macri.ADX!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\6ed9cfdc48839c5fb39add0204c85850.EXE, virus found: W32/BanLoader.NTAH!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\74cc0f7c8e4c5fdc3f6deba68f4431a0.EXE, virus found: W32/Zegost.MSVVR!tr.bdr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\77ca28d2c5b03dca1fc0cd1c48a5d1a0.EXE, virus found: W32/Generic.APDC!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\80c958ac83820b4aa7ab611c7ae2f520.EXE, virus found: W32/Injector.CMFD!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\85c10932db0755e6b86aeb580fba42f0.EXE, virus found: Adware/BrowserFox, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\8b46e6b2b4ffc1df3e654e5d53fcb9e0.EXE, virus found: W32/Kryptik.EJVO!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\8e4621ef007b8dca3220b52a2fb350e0.EXE, virus found: W32/Kryptik.EBOY!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\9bf7dc5d01b1c20727f016f381ee1890.EXE, virus found: W32/Dapato.IBKDIZ!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\a361a3d47f11c2574e964a237d8f4770.EXE, virus found: W32/Farfli.GZ!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\a3f89df4cda356f70bd966cb3689eb90.EXE, virus found: W32/Injector.CMFD!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\b8bd5d92ab6f479a12f628a846429660.EXE, virus found: W32/Bayrob.AO!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\bc76da57cc7d86c16bb8561d1792afe0.EXE, virus found: W32/Injector.CMFD!tr, action: Remove/quarantine
C:\Users\魔法llano\Desktop\2016.2.5\2016.2.5\d06368e4b04bb1fd37085256fd9231d0.EXE, virus found: Riskware/PennyBee, action: Remove/quarantine
Scan finished at 2016年2月5日 12:49:10.
Total files scanned 30, infected 24. Total boot blocks scanned 0, infected 0.[/mw_shl_code]

icedream89

ess9

1446547521

[mw_shl_code=css,true]扫描信息:
  病毒定义版本: 2016.02.04.035
  病毒定义序列 ID: 173883

扫描统计信息:
  扫描开始:
   本地: 2016/2/5 12:53
   UTC: 2016/2/5 4:53
  扫描时间: 21 秒
  扫描目标: E:\迅雷下载\2016.2.5
计数:
  扫描的项目总数: 61
  - 文件和目录: 61
  - 注册表条目: 0
  - 进程和启动项目: 0
  - 网络和浏览器项目: 0
  - 其他: 0
  - 受信任文件: 0
  - 跳过的文件: 0

  检测到的安全风险总数: 13
  已解决的项目总数: 13
  需要注意的项目总数: 0


已解决的威胁:
Trojan.Gen.2
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
6 个文件
e:\迅雷下载\2016.2.5\277211ca5606ca7fbd6346216ffca890.exe - 已删除
e:\迅雷下载\2016.2.5\2ad724e9ee0033688caba3d4f7224ea0.exe - 已删除
e:\迅雷下载\2016.2.5\2d7c1528a4283f32b7f323166bb41180.exe - 已删除
e:\迅雷下载\2016.2.5\8b46e6b2b4ffc1df3e654e5d53fcb9e0.exe - 已删除
e:\迅雷下载\2016.2.5\d06368e4b04bb1fd37085256fd9231d0.exe - 已删除
e:\迅雷下载\2016.2.5\117bd61e7f2e0efad040e37440ef8200.exe - 已删除
1 个浏览器缓存



Trojan.StartPage
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
25 个注册表项
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Default_Page_URL:http://www.microsoft.com/isapi/r ... =5.5&ar=msnhome - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Default_Page_URL:http://www.microsoft.com/isapi/r ... =5.5&ar=msnhome - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main->Default_Page_URL:http://www.microsoft.com/isapi/r ... =5.5&ar=msnhome - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Default_Search_URL:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Default_Search_URL:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main->Default_Search_URL:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main->Start Page:http://www.symantec.com/redirect ... &pvid=22.5.5.15 - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->Default_Page_URL:http://www.microsoft.com/isapi/r ... =5.5&ar=msnhome - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\->Start Page:http://www.symantec.com/redirect ... &pvid=22.5.5.15 - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\->Start Page:http://www.symantec.com/redirect ... &pvid=22.5.5.15 - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main\->Start Page:http://www.symantec.com/redirect ... &pvid=22.5.5.15 - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Use Search Asst:no - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Use Search Asst:no - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main->Use Search Asst:no - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->CustomizeSearch:http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm - 已修复
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main->SearchURL:http://home.microsoft.com/access/autosearch.asp?p=%s - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->SearchAssistant:http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm - 已修复
1 个文件
e:\迅雷下载\2016.2.5\046879420a2cb2b1c98015c822de4880.exe - 已删除
1 个浏览器缓存



Backdoor.Trojan
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
3 个注册表项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\->EnableLUA:1 - 已修复
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - 已修复
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - 已修复
3 个文件
e:\迅雷下载\2016.2.5\01c263a0cc4cd3f7d4bd42fe38e530d0.exe - 已删除
e:\迅雷下载\2016.2.5\02e3b57e78a21f2b66279f21055798c0.exe - 已删除
e:\迅雷下载\2016.2.5\74cc0f7c8e4c5fdc3f6deba68f4431a0.exe - 已删除
1 个浏览器缓存



Trojan.Gen
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
7 个文件
e:\迅雷下载\2016.2.5\6ed9cfdc48839c5fb39add0204c85850.exe - 已删除
e:\迅雷下载\2016.2.5\862d579b50cbe2adaa09d14aee86a720.exe - 已删除
e:\迅雷下载\2016.2.5\77ca28d2c5b03dca1fc0cd1c48a5d1a0.exe - 已删除
e:\迅雷下载\2016.2.5\a361a3d47f11c2574e964a237d8f4770.exe - 已删除
e:\迅雷下载\2016.2.5\80c958ac83820b4aa7ab611c7ae2f520.exe - 已删除
e:\迅雷下载\2016.2.5\b8bd5d92ab6f479a12f628a846429660.exe - 已删除
e:\迅雷下载\2016.2.5\8e4621ef007b8dca3220b52a2fb350e0.exe - 已删除
1 个浏览器缓存



Trojan.Asprox.B
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
1 个文件
e:\迅雷下载\2016.2.5\2e5eb7f221e4b622c6bd07f4823ba150.exe - 已删除
1 个浏览器缓存



Downloader
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
1 个文件
e:\迅雷下载\2016.2.5\0359015556793afe16797edab1038b60.exe - 已删除
1 个浏览器缓存



PUA.Gen.3
类型: 异常
风险: 低 (低 隐藏, 低 删除, 低 性能, 低 隐私)  
类别: 安全风险
状态: 完全解决
-----------
1 个文件
e:\迅雷下载\2016.2.5\6fe7d57346670bff703a3f6cd8861e80.exe - 已删除
1 个浏览器缓存



Backdoor.Graybird
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 需要重新启动
-----------
9 个注册表项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->UpdatesDisableNotify:0 - 已修复
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\->Start:2 - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:1 - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\New Windows\->PopupMgr:yes - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\New Windows\->PopupMgr:yes - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\New Windows\->PopupMgr:yes - 已修复
3 个文件
C:\Users\jhon\AppData\Local\virtualstore\windows\syswow64\installed.dat - 需要重新启动
C:\Windows\SysWOW64\Installed.dat - 需要重新启动
e:\迅雷下载\2016.2.5\9bf7dc5d01b1c20727f016f381ee1890.exe - 已删除
1 个浏览器缓存

1 个系统操作



Spyware.ADH
类型: 异常
风险: 低 (低 隐藏, 低 删除, 低 性能, 低 隐私)  
类别: 安全风险
状态: 完全解决
-----------
1 个文件
e:\迅雷下载\2016.2.5\048493303b40bbfc65690354bb39f100.exe - 已删除
1 个浏览器缓存



Infostealer
类型: 异常
风险: 高 (高 隐藏, 高 删除, 高 性能, 高 隐私)  
类别: 病毒
状态: 完全解决
-----------
10 个注册表项
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Internet Explorer\Main->Enable Browser Extensions:yes - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1 - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - 已修复
HKEY_USERS\S-1-5-21-1210211650-4209756102-4011342482-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:1 - 已修复
2 个文件
e:\迅雷下载\2016.2.5\a3f89df4cda356f70bd966cb3689eb90.exe - 已删除
e:\迅雷下载\2016.2.5\bc76da57cc7d86c16bb8561d1792afe0.exe - 已删除
1 个浏览器缓存



PUA.Yontoo.C!gen4
类型: 异常
风险: 低 (低 隐藏, 低 删除, 低 性能, 低 隐私)  
类别: 安全风险
状态: 完全解决
-----------
1 个文件
e:\迅雷下载\2016.2.5\85c10932db0755e6b86aeb580fba42f0.exe - 已删除
1 个浏览器缓存



PUA.Gen.2
类型: 异常
风险: 低 (低 隐藏, 低 删除, 低 性能, 低 隐私)  
类别: 安全风险
状态: 完全解决
-----------
1 个文件
e:\迅雷下载\2016.2.5\85c10932db0755e6b86aeb580fba42f0.exe - 不需要操作
1 个浏览器缓存



SecurityRisk.gen1
类型: 异常
风险: 低 (低 隐藏, 低 删除, 低 性能, 低 隐私)  
类别: 安全风险
状态: 完全解决
-----------
2 个文件
e:\迅雷下载\2016.2.5\123c58cd7d0ad2a18e13b09245d7c4a0.exe - 已删除
e:\迅雷下载\2016.2.5\11bed948eb05efd18c08bf2eca2bbe30.exe - 已删除
1 个浏览器缓存





未解决的威胁:
没有未解决的风险[/mw_shl_code]

电脑发烧友

外壳扩展扫描（Shell Extension Scan）
高严重性;"20";"0";"20"
中等严重性;"4";"0";"4"
已扫描：;"C:\Users\wuliao\Desktop\2016.2.5"
已启动：;"2016/2/5, 12:53:49"
已完成：;"2016/2/5, 12:53:51"
项目数：;"101"
启动者：;"wuliao"


名称;"说明";"状态";"状态";"优先级"
C:\Users\wuliao\Desktop\2016.2.5\77ca28d2c5b03dca1fc0cd1c48a5d1a0.EXE;"特洛伊木马 Generic_r.ZQ";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\01c263a0cc4cd3f7d4bd42fe38e530d0.EXE;"发现病毒 Win32/Heur";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\277211ca5606ca7fbd6346216ffca890.EXE;"特洛伊木马 Downloader.Generic14.AGIV";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\0359015556793afe16797edab1038b60.EXE;"特洛伊木马 Downloader.Agent2.NWE.dropper";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\2d7c1528a4283f32b7f323166bb41180.EXE;"特洛伊木马 Atros2.CGWR";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\2ad724e9ee0033688caba3d4f7224ea0.EXE;"特洛伊木马 Crypt_r.ASZ";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\85c10932db0755e6b86aeb580fba42f0.EXE;"发现 MalSign.Generic.AD9";"未解决";"未解决";"中等"
C:\Users\wuliao\Desktop\2016.2.5\8e4621ef007b8dca3220b52a2fb350e0.EXE;"特洛伊木马 Crypt5.GFU";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\d06368e4b04bb1fd37085256fd9231d0.EXE;"广告软件 Generic_r.AZN";"未解决";"未解决";"中等"
C:\Users\wuliao\Desktop\2016.2.5\048493303b40bbfc65690354bb39f100.EXE;"特洛伊木马 Generic2_c.MCA";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\02e3b57e78a21f2b66279f21055798c0.EXE;"特洛伊木马 Downloader.Generic14.AHRF";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\74cc0f7c8e4c5fdc3f6deba68f4431a0.EXE;"特洛伊木马 BackDoor.Generic_r.NJQ";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\123c58cd7d0ad2a18e13b09245d7c4a0.EXE;"特洛伊木马 PSW.Banker7.FLW";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\8b46e6b2b4ffc1df3e654e5d53fcb9e0.EXE;"特洛伊木马 Crypt5.YDN";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\6ed9cfdc48839c5fb39add0204c85850.EXE;"广告软件 Generic4.ATDU";"未解决";"未解决";"中等"
C:\Users\wuliao\Desktop\2016.2.5\bc76da57cc7d86c16bb8561d1792afe0.EXE;"特洛伊木马 Dropper.Generic9.AEXJ";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\6fe7d57346670bff703a3f6cd8861e80.EXE;"发现 MalSign.FakeCert.482";"未解决";"未解决";"中等"
C:\Users\wuliao\Desktop\2016.2.5\046879420a2cb2b1c98015c822de4880.EXE;"特洛伊木马 Generic_r.DC";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\80c958ac83820b4aa7ab611c7ae2f520.EXE;"特洛伊木马 Inject3.OTU";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\a3f89df4cda356f70bd966cb3689eb90.EXE;"特洛伊木马 Dropper.Generic9.AEXJ";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\11bed948eb05efd18c08bf2eca2bbe30.EXE;"发现病毒 Win32/Heur";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\b8bd5d92ab6f479a12f628a846429660.EXE;"发现病毒 Win32/Cryptor";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\117bd61e7f2e0efad040e37440ef8200.EXE;"特洛伊木马 Downloader.Generic_r.WB";"未解决";"未解决";"高"
C:\Users\wuliao\Desktop\2016.2.5\a361a3d47f11c2574e964a237d8f4770.EXE;"特洛伊木马 BackDoor.Generic_r.NJS";"未解决";"未解决";"高"

aiqinghe

ESET 扫描杀22个，剩余8个
360安全卫士补刀5个 剩余3个
余下的这三个双击测试，运行后几秒就自动结束了，没有检测到其他明显的行为痕迹。

xyz0703

卡巴斯基

轩夏

[mw_shl_code=css,true]name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\01c263a0cc4cd3f7d4bd42fe38e530d0.EXE", threat="a variant of Win32/Kryptik.NIC trojan", action="", inf
o=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\01c263a0cc4cd3f7d4bd42fe38e530d0.EXE » CAB » 1.exe", threat="a variant of Win32/Kryptik.NIC trojan",
action="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\02e3b57e78a21f2b66279f21055798c0.EXE", threat="a variant of Win32/TrojanDownloader.Agent.BNA trojan",
action="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\0359015556793afe16797edab1038b60.EXE", threat="Win32/AutoRun.Agent.TL worm", action="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\0359015556793afe16797edab1038b60.EXE » CAB » QVOD播~1.EXE", threat="Win32/AutoRun.Agent.TL worm", act
ion="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\046879420a2cb2b1c98015c822de4880.EXE", threat="Win32/StartPage.NWY trojan", action="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\277211ca5606ca7fbd6346216ffca890.EXE", threat="a variant of Generik.BHZOCQN trojan", action="", info=
""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\2ad724e9ee0033688caba3d4f7224ea0.EXE", threat="Win32/Dorkbot.B worm", action="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\2d7c1528a4283f32b7f323166bb41180.EXE", threat="a variant of Win32/ServStart.D worm", action="", info=
""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\2e5eb7f221e4b622c6bd07f4823ba150.EXE", threat="a variant of Win32/RiskWare.TsCenter.A application", a
ction="", info=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\6ed9cfdc48839c5fb39add0204c85850.EXE", threat="Win32/Adware.FakeAntiSpy.K application", action="", in
fo=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\74cc0f7c8e4c5fdc3f6deba68f4431a0.EXE", threat="a variant of Win32/Farfli.BVB trojan", action="", info
=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\80c958ac83820b4aa7ab611c7ae2f520.EXE", threat="a variant of Win32/Injector.CMFW trojan", action="", i
nfo=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\8b46e6b2b4ffc1df3e654e5d53fcb9e0.EXE", threat="a variant of Win32/Kryptik.EJXS trojan", action="", in
fo=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\8e4621ef007b8dca3220b52a2fb350e0.EXE", threat="a variant of Win32/Kryptik.EBOT trojan", action="", in
fo=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\9bf7dc5d01b1c20727f016f381ee1890.EXE", threat="a variant of Generik.IBKDIZ trojan", action="", info="
"
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\a361a3d47f11c2574e964a237d8f4770.EXE", threat="a variant of Win32/Farfli.GZ trojan", action="", info=
""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\a3f89df4cda356f70bd966cb3689eb90.EXE", threat="a variant of Win32/Injector.CMDF trojan", action="", i
nfo=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\b8bd5d92ab6f479a12f628a846429660.EXE", threat="a variant of Win32/Bayrob.AO trojan", action="", info=
""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\bc76da57cc7d86c16bb8561d1792afe0.EXE", threat="a variant of Win32/Injector.CMDF trojan", action="", i
nfo=""
name="C:\Users\XuanXia\Desktop\2016.2.5\2016.2.5\d06368e4b04bb1fd37085256fd9231d0.EXE", threat="a variant of Win32/Adware.PennyBee.AD application", ac
tion="", info=""[/mw_shl_code]

dongwenqi

xyz0703 发表于 2016-2-5 13:51
卡巴斯基

剩下的5个样本上报下吧

saga3721

文件 ID         文件名         大小(字节)         结果
28712968         2016.2.5.rar         1.96 MB         OK

以下位置提供了存档中包含的文件及其结果的列表:
文件 ID         文件名         大小(字节)         结果
28712969         81efef21745fe1460...80.EXE         571.72 KB         UNDER ANALYSIS
28712970         539134a6144b1687d...60.EXE         74.64 KB         UNDER ANALYSIS
28712971         aba3d122c6ef8e7b7...d0.EXE         98.51 KB         UNDER ANALYSIS
28712972         6fe7d57346670bff7...80.EXE         994.52 KB         RISK
28712973         11bed948eb05efd18...30.EXE         1.23 MB         UNDER ANALYSIS