收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 精睿样本测试(16.2.7)
12下一页
返回列表 发新帖
查看: 3806|回复: 15
收起左侧

[病毒样本] 精睿样本测试(16.2.7)

[复制链接]
神迹般存在
发表于 2016-2-7 10:52:09 | 显示全部楼层 |阅读模式
本帖最后由 神迹般存在 于 2016-2-7 10:56 编辑

地址:

http://kuai.xunlei.com/d/zuh.AcscM3.2VgQA824

http://pan.baidu.com/s/1o6Z5nOQ  提取密码  agf2

密码:bbs.vc52.cn

数量:50

======================================

卡巴斯基安全软件2016:

删除23个,清除8个。

已上报。

评分

参与人数 1人气 +1 收起 理由
dongwenqi + 1 版区有你更精彩: )

查看全部评分

回复

举报

windows7爱好者
发表于 2016-2-7 10:53:00 | 显示全部楼层
本帖最后由 windows7爱好者 于 2016-2-7 10:55 编辑

蜘蛛处理23个,删除22个,修复1



给各位拜年了

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
神迹般存在 + 1 拜年了。

查看全部评分

回复

举报

毛豆新人
发表于 2016-2-7 11:08:28 | 显示全部楼层
CIS   9x

12.vir         Application.Win32.DomaIQ.CC@319331321
14.vir|SKMT2010209089777888700.exe         Malware@#391s07w2272ur
15.vir         Malware@#3b9ac5zfgcjur        
25.vir|word/document.xml         Malware@#30pb2ij1cynqv        
26.vir|forsendelse_20375.exe         Malware@#1sg57dclgno1y
27.vir         Malware@#2fakoorins1fm        
34.vir|Unsfx|#Gerador De Cash v4.0000000.exe         Malware@#30ker7todqudz        
39.vir         TrojWare.Win32.Ponmocup.BC@300729604        
50.vir|word/vbaProject.bin         Malware@#10aehn734nku2
回复

举报

欧阳宣
头像被屏蔽
发表于 2016-2-7 11:12:47 | 显示全部楼层
诺顿检测24,修复3个。
[mw_shl_code=css,true]Resolved Threats:
Trojan.Gen.2
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
- Deleted


Trojan.Gen
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
- Deleted


W97M.Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
4 Files
d:\virus\2016.2.7\10.vir - Deleted
d:\virus\2016.2.7\50.vir - Repaired
d:\virus\2016.2.7\43.vir - Deleted
d:\virus\2016.2.7\44.vir - Deleted
1 Browser Cache



Trojan.Gen
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
2 Files
d:\virus\2016.2.7\06.vir - Deleted
d:\virus\2016.2.7\47.vir - Deleted
1 Browser Cache



JS.Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
2 Files
d:\virus\2016.2.7\15.vir - Deleted
d:\virus\2016.2.7\49.vir - Deleted
1 Browser Cache



Trojan.Gen.2
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
3 Files
d:\virus\2016.2.7\11.vir - Deleted
d:\virus\2016.2.7\03.vir - Deleted
d:\virus\2016.2.7\35.vir - Deleted
1 Browser Cache



PUA.MyPCBackup
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)  
Categories: Security Risk
Status: Fully Resolved
-----------
82 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{F03955F1-309E-34E9-A021-1399C3532273} - No Action Required
HKEY_CLASSES_ROOT\CLSID\{F03955F1-309E-34E9-A021-1399C3532273} - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MyPC Backup - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MyPC Backup - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MyPC Backup - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MyPC Backup - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MyPC Backup - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MyPC Backup - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BackupGenie - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BackupGenie - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackupGenie - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackupGenie - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\BackupGenie - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\BackupGenie - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\BackupGenie - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\BackupGenie - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BackupGenie - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BackupGenie - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BackupGenie - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BackupGenie - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\JustCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\JustCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JustCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JustCloud - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\JustCloud - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\JustCloud - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\JustCloud - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\JustCloud - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\JustCloud - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\JustCloud - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\JustCloud - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\JustCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ZipCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ZipCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZipCloud - No Action Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZipCloud - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ZipCloud - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ZipCloud - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ZipCloud - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\ZipCloud - No Action Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZipCloud - No Action Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZipCloud - No Action Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZipCloud - No Action Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZipCloud - No Action Required
21 Files
C:\Users\jeff6\Desktop\MyPC Backup.lnk - No Action Required
C:\Users\Public\Desktop\MyPC Backup.lnk - No Action Required
C:\Users\jeff6\Start Menu\Programs\Startup\MyPC Backup.lnk - No Action Required
C:\Users\jeff6\AppData\Local\virtualstore\programdata\microsoft\windows\start menu\programs\startup\mypc backup.lnk - No Action Required
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk - No Action Required
C:\Users\Public\Desktop\JustCloud.lnk - No Action Required
C:\Users\jeff6\Desktop\JustCloud.lnk - No Action Required
C:\Users\jeff6\Start Menu\Programs\Startup\JustCloud.lnk - No Action Required
C:\Users\jeff6\AppData\Local\virtualstore\programdata\microsoft\windows\start menu\programs\startup\justcloud.lnk - No Action Required
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk - No Action Required
C:\Users\Public\Desktop\ZipCloud.lnk - No Action Required
C:\Users\jeff6\Desktop\ZipCloud.lnk - No Action Required
C:\Users\jeff6\Start Menu\Programs\Startup\ZipCloud.lnk - No Action Required
C:\Users\jeff6\AppData\Local\virtualstore\programdata\microsoft\windows\start menu\programs\startup\zipcloud.lnk - No Action Required
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ZipCloud.lnk - No Action Required
C:\Users\Public\Desktop\BackupGenie.lnk - No Action Required
C:\Users\jeff6\Desktop\BackupGenie.lnk - No Action Required
C:\Users\jeff6\Start Menu\Programs\Startup\BackupGenie.lnk - No Action Required
C:\Users\jeff6\AppData\Local\virtualstore\programdata\microsoft\windows\start menu\programs\startup\backupgenie.lnk - No Action Required
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupGenie.lnk - No Action Required
d:\virus\2016.2.7\12.vir - Deleted
1 Browser Cache



Trojan.Cryptolocker.H
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\20.vir - Deleted
1 Browser Cache



Infostealer.Limitail
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
8 Registry Entries
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\->NofolderOptions:0 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\Parameters\->FirstRun:0 - Repaired
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - Repaired
2 Files
d:\virus\2016.2.7\13.vir - Deleted
d:\virus\2016.2.7\17.vir - Deleted
1 Browser Cache



W32.Pilleuz
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\31.vir - Deleted
1 Browser Cache



Trojan.Zbot
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Restart Required
-----------
41 Registry Entries
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\gHcq8R9 - Restart Required
HKEY_USERS\S-1-5-19\Software\gHcq8R9 - Restart Required
HKEY_USERS\S-1-5-20\Software\gHcq8R9 - Restart Required
HKEY_USERS\.DEFAULT\Software\gHcq8R9 - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DE7CBE17-0368-40E2-8357-1639DA027BAB} - Restart Required
HKEY_CLASSES_ROOT\PPT_Test.Application - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Userinit:C:\WINDOWS\SysWOW64\userinit.exe, - Restart Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->userinit - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion->Win32 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network->UID - Restart Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} - Restart Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299} - Restart Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} - Restart Required
HKEY_CLASSES_ROOT\Cad.Document - Restart Required
HKEY_CLASSES_ROOT\.max - Restart Required
HKEY_CLASSES_ROOT\.max - Restart Required
HKEY_CLASSES_ROOT\Matrix.Document - Restart Required
HKEY_CLASSES_ROOT\Matrix.Document - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.max - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Matrix.Document - Restart Required
HKEY_USERS\S-1-5-21-1523581685-1367262481-2280446090-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System\->DisableTaskMgr:0 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system->EnableLUA:1 - Restart Required
9 Files
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\ntos.exe - Restart Required
C:\WINDOWS\SysWOW64\ntos.exe - Restart Required
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\wsnpoem\audio.dll - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem\audio.dll - Restart Required
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\wsnpoem\video.dll - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem\video.dll - Restart Required
C:\Users\jeff6\AppData\Local\virtualstore\windows\syswow64\wsnpoem - Restart Required
C:\WINDOWS\SysWOW64\wsnpoem - Restart Required
d:\virus\2016.2.7\39.vir - Deleted
1 Browser Cache



Trojan.Potao
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\16.vir - Deleted
1 Browser Cache



Suspicious.Cloud.5
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\42.vir - Deleted
1 Browser Cache



Trojan.Cryptlock.N!g1
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\46.vir - Deleted
1 Browser Cache



Trojan.Gen.SMH
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\27.vir - Deleted
1 Browser Cache



SAPE.Heur.AAF10
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
d:\virus\2016.2.7\28.vir - Deleted
1 Browser Cache[/mw_shl_code]
回复

举报

xyz0703
发表于 2016-2-7 11:17:34 | 显示全部楼层
bitdefender killed 38
[mw_shl_code=xml,true]<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="E:\Program Files\Bitdefender\Bitdefender 2016\ondemand.xsl"?>
<ScanSession creator="Bitdefender Internet Security 2016" name="Contextual Scan" installPath="E:\Program Files\Bitdefender\Bitdefender 2016\" creationDate="2016年2月7日 星期日 11:15:53" originalPath="E:\Users\xyz11\AppData\Roaming\Bitdefender\Desktop\Profiles\Logs\2ab858ed-450b-4bb6-b67c-8e3c45ec13ac\1454814731_1_02.xml" >
        <ScanSettings
                statisticsRefreshInterval="1000"
                scanSpeed="1.000000"
                lowPriority="0"
                enableExclusions="0"
                enableTaskExclusions="0"
                scanAdware="1"
                scanSpyware="1"
                scanApplications="1"
                scanDialers="1"
                scanKeyloggers="1"
                scanFiles="1"
                scanAllFiles="1"
                scanProgramsOnly="0"
                useCustomPrograms="0"
                customPrograms=""
                scanUserDefined="0"
                scanPacked="1"
                scanArchives="1"
                useSmartScan="1"
                scanEmails="1"
                scanRootkits="0"
                scanAllRootkits="0"
                scanBoot="0"
                scanMemory="0"
                scanRegistry="0"
                quickScan="0"
                quickScanMemory="0"
                quickScanAutoruns="0"
                quickScanPlugins="0"
                scanCookies="0"
                shutdownAfter="0"
                passwordPrompt="1"
                onlyAllowedActions="1"
                deepArchiveScan="1"
                maxArchiveLevel="15"
                maxArchiveSize="0"
                infectedAction1="1"
                infectedAction2="1"
                suspectAction1="1"
                suspectAction2="1"
                rootkitAction="1"
                userDefinedExtensions=""
                scanPua="-1"
        >

                <ScanPaths>
                        <path>E:\Users\xyz11\Desktop\2016.2.7</path>
                </ScanPaths>

                <ExcludedPaths>
                </ExcludedPaths>

                <ExcludedExtensions>
                </ExcludedExtensions>

        </ScanSettings>

        <EngineSummary
                totalSignatures="6122591"
                />

        <ScanSummary
                scannedArchives="4"
                scannedPacked="3"
                startTime="1454814731"
                duration="213703"
        >

                <TypeSummary type="1"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="4"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="0"
                        scanned="146"
                        infected="38"
                        suspicious="0"
                        disinfected="4"
                        deleted="32"
                        moved="2"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="5"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="2"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="3"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="6"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

        </ScanSummary>

        <ScanDetails>
                <UnresolvedDetails>
                </UnresolvedDetails>

                <ResolvedDetails>
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\32.vir=&gt;(application)=&gt;(Active Mime)" threatType="0" threatName="Trojan.Msword.NUE" action="1" allActions="1" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\01.vir=&gt;$21,000.scr" threatType="0" threatName="Trojan.GenericKD.3028584" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\49.vir=&gt;(INFECTED_JS)" threatType="0" threatName="JS:Trojan.JS.Downloader.BV" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\11.vir" threatType="0" threatName="Trojan.GenericKD.3025218" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\50.vir=&gt;word/vbaProject.bin" threatType="0" threatName="W97M.Downloader.ASU" action="3" allActions="1 3" initialStatus="3" finalStatus="2" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\31.vir" threatType="0" threatName="Trojan.GenericKD.3028262" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\13.vir" threatType="0" threatName="Trojan.GenericKD.3023585" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\44.vir=&gt;(application)=&gt;(Active Mime)" threatType="0" threatName="Trojan.Msword.NUE" action="1" allActions="1" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\01.vir=&gt;$15,000.scr" threatType="0" threatName="Trojan.GenericKD.3028593" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\45.vir=&gt;(INFECTED_JS)" threatType="0" threatName="JS:Trojan.JS.Downloader.CB" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\27.vir" threatType="0" threatName="Trojan.GenericKD.3002033" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\12.vir" threatType="6" threatName="Application.Bundler.DomaIQ.Q" action="7" allActions="3 7" initialStatus="3" finalStatus="6" quarId="8fbec42d-e704-455b-a3af-7df4ed793818" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\44.vir=&gt;(REMOVED_NULLS)=&gt;(application)=&gt;(Active Mime)" threatType="0" threatName="Trojan.Msword.NUE" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\47.vir" threatType="0" threatName="Trojan.GenericKD.3023063" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\28.vir" threatType="0" threatName="Trojan.GenericKD.3027373" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\46.vir" threatType="0" threatName="Trojan.GenericKD.3025524" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\43.vir" threatType="0" threatName="W97M.Downloader.ASO" action="3" allActions="1 3" initialStatus="3" finalStatus="2" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\39.vir" threatType="0" threatName="Gen:Variant.Symmi.25595" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\38.vir" threatType="0" threatName="Trojan.GenericKD.3017187" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\17.vir" threatType="0" threatName="Gen:Variant.Strictor.101984" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\35.vir" threatType="0" threatName="Trojan.Generic.15635121" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\36.vir" threatType="0" threatName="Gen:Trojan.Heur.WmTfruFxKclO" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\32.vir=&gt;(REMOVED_NULLS)=&gt;(application)=&gt;(Active Mime)" threatType="0" threatName="Trojan.Msword.NUE" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\34.vir=&gt;(RAR Sfx o)=&gt;#Gerador De Cash v4.0000000.exe" threatType="0" threatName="Gen:Variant.Kazy.710259" action="9" allActions="1 9 1 9" initialStatus="3" finalStatus="6" quarId="1198cf95-34a4-44d6-82ed-d08fafacbb5c" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\16.vir" threatType="0" threatName="Gen:Variant.Strictor.85461" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\26.vir=&gt;forsendelse_20375.exe" threatType="0" threatName="Trojan.GenericKD.3025298" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\06.vir" threatType="0" threatName="Gen:Variant.Zusy.177672" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\24.vir" threatType="0" threatName="Backdoor.Agent.ABUN" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\22.vir=&gt;(INFECTED_JS)" threatType="0" threatName="JS:Trojan.JS.Downloader.CB" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\04.vir" threatType="0" threatName="Trojan.Script.157093" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\02.vir" threatType="0" threatName="Trojan.GenericKD.3028665" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\20.vir" threatType="0" threatName="Trojan.GenericKD.3024891" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\19.vir" threatType="0" threatName="W97M.Downloader.ASO" action="3" allActions="1 3" initialStatus="3" finalStatus="2" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\15.vir=&gt;(INFECTED_JS)" threatType="0" threatName="JS:Trojan.Script.CQJ" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\10.vir" threatType="0" threatName="W97M.Downloader.ARZ" action="3" allActions="1 3" initialStatus="3" finalStatus="2" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\08.vir=&gt;(SCRENC)" threatType="0" threatName="Generic.XPL.ADODB.0814B935" action="5" allActions="1 3 5" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\14.vir=&gt;SKMT2010209089777888700.exe" threatType="0" threatName="Gen:Variant.Symmi.43786" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                        <Item type="0" objectType="0" path="E:\Users\xyz11\Desktop\2016.2.7\03.vir" threatType="0" threatName="Trojan.GenericKD.3028235" action="3" allActions="1 3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
                </ResolvedDetails>

                <IgnoredDetails>
                </IgnoredDetails>

                <QuickScanDetails>
                </QuickScanDetails>
                <NotScannedDetails
                        skipped="0"
                        ioerrors="0"
                        archiveBombs="0"
                        passwordProtected="0"
                >

                </NotScannedDetails>
        </ScanDetails>

</ScanSession>
[/mw_shl_code]
回复

举报

电脑发烧友
发表于 2016-2-7 11:22:14 | 显示全部楼层



统计结果


   原始文件数量: 50


   处理项目数量: 12


   删除项目数量: 10


   修复项目数量: 2


   近似查杀率: 24.00 %








Huorong Network Security Suite v3.0.11.2 (Last update: 2016-02-05 13:19)
Copyright (C) Huorong Borui (Beijing) Technology Co., Ltd. All rights reserved.

Scan engine version:v2.0.3.0
Signature database fingerprint: 40162d0:96a63d3:965e05b:965e05b
Signature database timestamp: 2016-02-05 13:19

Scan started at:   2016-02-07 11:20:55

C:\Users\wuliao\Desktop\2016.2.7\07.vir: Trojan/JS.Phishing.b
C:\Users\wuliao\Desktop\2016.2.7\12.vir: TrojanDownloader/Tugspay
C:\Users\wuliao\Desktop\2016.2.7\15.vir: TrojanDownloader/JS.Nemucod.a
C:\Users\wuliao\Desktop\2016.2.7\18.vir: Trojan/JS.Agent.g
C:\Users\wuliao\Desktop\2016.2.7\20.vir: HEUR:VirTool/Obfuscator.gen!C
C:\Users\wuliao\Desktop\2016.2.7\25.vir >> word\document.xml: OMacro/Downloader.ci
C:\Users\wuliao\Desktop\2016.2.7\26.vir >> forsendelse_20375.exe: HEUR:VirTool/Obfuscator.gen!C
C:\Users\wuliao\Desktop\2016.2.7\27.vir: Trojan/Generic!021E6B831394BBEE
C:\Users\wuliao\Desktop\2016.2.7\24.vir: HVM:VirTool/Obfuscator.gen!A
C:\Users\wuliao\Desktop\2016.2.7\36.vir: HEUR:Trojan/Delf.c
C:\Users\wuliao\Desktop\2016.2.7\46.vir: HEUR:VirTool/Obfuscator.gen!C
C:\Users\wuliao\Desktop\2016.2.7\50.vir >> word\document.xml: OMacro/Downloader.ci
C:\Users\wuliao\Desktop\2016.2.7\50.vir >> word\vbaProject.bin: OMacro/Downloader.dl

Scan completed at: 2016-02-07 11:21:08

Total:             50 file(s), 395 objects(s)
Infected:          12 file(s), 13 objects(s)
Deleted:           0 file(s), 0 failure(s)
Disinfected:       0 file(s), 0 failure(s)
Duration:          00:00:13
回复

举报

icedream89
发表于 2016-2-7 11:31:57 | 显示全部楼层
ess9
日志
正在扫描日志
病毒库版本: 12989 (20160206)
日期: 2016/2/7 星期日  时间: 11:29:55
已扫描的磁盘、文件夹和文件: D:\个人文件\桌面\2016.2.7.rar
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\01.vir > ZIP > $21,000.scr - Win32/Injector.CRNW 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\01.vir > ZIP > $15,000.scr - Win32/Injector.CRKY 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\02.vir - Win32/TrojanDownloader.Banload.WXW 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\03.vir - Win32/Kryptik.EMWX 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\06.vir - Win32/Spy.Banker.ACUI 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\07.vir - HTML/Phishing.Agent.Q 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\08.vir - VBS/TrojanDownloader.Agent.NMQ 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\09.vir > NSIS > cruor.dll - Win32/Injector.CRRC 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\10.vir - VBA/TrojanDownloader.Agent.ARB 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\11.vir - Win32/Filecoder.DI 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\12.vir - Win32/DomaIQ.BB 潜在的不受欢迎应用程序 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\13.vir - MSIL/Kryptik.FAH 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\14.vir > ZIP > SKMT2010209089777888700.exe - Win32/Injector.CRHV 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\15.vir - JS/TrojanDownloader.Nemucod.BK 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\16.vir - Win32/Potao.G 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\19.vir - VBA/TrojanDownloader.Agent.ARE 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\20.vir - Win32/Injector.CRIU 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\22.vir - JS/TrojanDownloader.Nemucod.DS 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\23.vir - 正常
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\24.vir - Win32/TrojanDownloader.Agent.BXE 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\25.vir > ZIP > word/document.xml - VBA/TrojanDownloader.Agent.AQW 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\26.vir > ZIP > forsendelse_20375.exe - Win32/Injector.CRLT 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\27.vir - Win32/TrojanDownloader.Banload.WXD 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\28.vir > SMARTINSTALLMAKER - 错误 - 未知的压缩方法
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\30.vir - VBA/TrojanDownloader.Agent.APP 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\31.vir - Win32/Injector.CRLC 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\34.vir > RAR > #Gerador De Cash v4.0000000.exe > CONFUSER > uncompressed.exe - MSIL/TrojanDropper.Agent.AKH 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\34.vir > RAR > #Gerador De Cash v4.0000000.exe > CONFUSER > deobfuscated.exe - MSIL/TrojanDropper.Agent.AKH 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\35.vir - MSIL/Packed.Confuser.J 可疑应用程序 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\36.vir - Win32/Injector.TLN 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\38.vir - MSIL/Injector.MRU 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\39.vir - Win32/Ponmocup.GU.Gen 特洛伊木马 的变种 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\42.vir > MPRESS > EZIRIZ > protected.exe > DOTNETREACTOR - 不支持的选项
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\42.vir > EZIRIZ - 不支持的选项
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\43.vir - VBA/TrojanDownloader.Agent.ARE 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\45.vir - JS/TrojanDownloader.Nemucod.DS 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\46.vir - Win32/Filecoder.TeslaCrypt.I 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\47.vir - Win32/PSW.Papras.EH 特洛伊木马 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\48.vir - Win32/Elef.A 病毒 - 扫描完成后再选择处理方式
D:\个人文件\桌面\2016.2.7.rar > RAR > 2016.2.7\2016.2.7\50.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.ARG 特洛伊木马 - 扫描完成后再选择处理方式
已扫描的对象数: 90
发现的威胁数: 36
已清除对象数: 0
完成时间: 11:30:01  总扫描时间: 6 秒 (00:00:06)
回复

举报

心痛的伤不起
发表于 2016-2-7 13:02:57 | 显示全部楼层
wd

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

共和时代
发表于 2016-2-7 13:17:49 | 显示全部楼层
wd kill 26x and fix 7x
共33x
回复

举报

z2009
发表于 2016-2-7 14:15:41 | 显示全部楼层
avg杀29,修复一个,共30
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-7-26 08:08 , Processed in 0.141619 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表