精睿样本测试（16.4.13）

显示全部楼层 · 发表于 2016-4-13 09:28:55

地址：

http://pan.baidu.com/s/1jHUmhls 提取密码 gtkv

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-4-13 09:49:39

BD FREE

An On Demand scan has completed.
The scan took: 00:07:19
Files scanned: 184
Infected items detected: 31
Files known to be clean: 0
Scan Paths
Path Status
F:\TEMP\2016.4.13 completed
Scan Results
File Name Infection Action
f:\temp\2016.4.13\03.vir Gen:Variant.Barys.52848 Moved to Quarantine
f:\temp\2016.4.13\31.vir=>word/vbaproject.bin W97M.Downloader.BHC Disinfect
f:\temp\2016.4.13\22.vir Gen:Variant.Razy.38110 Moved to Quarantine
f:\temp\2016.4.13\04.vir Gen:Variant.Symmi.62269 Moved to Quarantine
f:\temp\2016.4.13\41.vir Trojan.GenericKD.3147480 Moved to Quarantine
f:\temp\2016.4.13\23.vir Gen:Variant.Zusy.187699 Moved to Quarantine
f:\temp\2016.4.13\05.vir Unknown Moved to Quarantine
f:\temp\2016.4.13\50.vir Gen:Variant.Trojan.Linux.XorDDoS.2 Moved to Quarantine
f:\temp\2016.4.13\05.vir=>(infected_js) JS:Trojan.JS.Downloader.FE Deleted
f:\temp\2016.4.13\36.vir W97M.Agent.AG Disinfect
f:\temp\2016.4.13\18.vir Unknown Moved to Quarantine
f:\temp\2016.4.13\27.vir Trojan.GenericKD.3145873 Moved to Quarantine
f:\temp\2016.4.13\18.vir=>(infected_js) JS:Trojan.Script.DDD Deleted
f:\temp\2016.4.13\09.vir Trojan.Generic.16061316 Moved to Quarantine
f:\temp\2016.4.13\10.vir Gen:Variant.Razy.38182 Moved to Quarantine
f:\temp\2016.4.13\15.vir Gen:Variant.Barys.52387 Moved to Quarantine
f:\temp\2016.4.13\24.vir Trojan.Generic.16262776 Moved to Quarantine
f:\temp\2016.4.13\19.vir Trojan.GenericKD.3146096 Moved to Quarantine
f:\temp\2016.4.13\46.vir Gen:Variant.Symmi.44724 Moved to Quarantine
f:\temp\2016.4.13\37.vir=>word/vbaproject.bin W97M.Downloader.BHC Disinfect
f:\temp\2016.4.13\28.vir Trojan.Agent.BSLE Moved to Quarantine
f:\temp\2016.4.13\20.vir=>word/vbaproject.bin W97M.Downloader.BHC Disinfect
f:\temp\2016.4.13\43.vir Gen:Variant.Zusy.86098 Moved to Quarantine
f:\temp\2016.4.13\25.vir Trojan.GenericKD.3147460 Moved to Quarantine
f:\temp\2016.4.13\34.vir Gen:Variant.MSILPerseus.27332 Moved to Quarantine
f:\temp\2016.4.13\44.vir Trojan.GenericKD.3148544 Moved to Quarantine
f:\temp\2016.4.13\26.vir Trojan.Generic.15333860 Moved to Quarantine
f:\temp\2016.4.13\35.vir Trojan.SWF.Agent.W Moved to Quarantine
f:\temp\2016.4.13\29.vir=>word/vbaproject.bin W97M.Downloader.BAU Disinfect
f:\temp\2016.4.13\47.vir Trojan.GenericKD.3146983 Moved to Quarantine
f:\temp\2016.4.13\49.vir Trojan.GenericKD.3145997 Moved to Quarantine

显示全部楼层 · 发表于 2016-4-13 10:03:24

本帖最后由 Llano_心情于 2016-4-13 10:06 编辑

百度杀毒国内版【联网，大B引擎关闭

kill x 19【不对啊。。。。今天百度云大姨妈了？？？没有cav报啊。。。。慧眼报一堆啊

[mw_shl_code=css,true]扫描结果
扫描文件数:50
发现风险数:19
已处理风险数:0

风险情况详情:

病毒木马名:JS.Trojan.Nemucod.by.bav  路径:D:\搜狗高速下载\2016.4.13\05.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9971.bav  路径:D:\搜狗高速下载\2016.4.13\02.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9977.bav  路径:D:\搜狗高速下载\2016.4.13\03.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:D:\搜狗高速下载\2016.4.13\04.vir  病毒木马类型:恶意木马未处理
病毒木马名:VBA.Trojan-Downloader.Agent.xi.bav  路径:D:\搜狗高速下载\2016.4.13\20.vir  病毒木马类型:下载者木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:D:\搜狗高速下载\2016.4.13\10.vir  病毒木马类型:恶意木马未处理
病毒木马名:MSIL.Trojan.Injector.n.bav  路径:D:\搜狗高速下载\2016.4.13\15.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:D:\搜狗高速下载\2016.4.13\22.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:D:\搜狗高速下载\2016.4.13\23.vir  病毒木马类型:恶意木马未处理
病毒木马名:VBA.Trojan-Downloader.Agent.ys.bav  路径:D:\搜狗高速下载\2016.4.13\29.vir  病毒木马类型:下载者木马未处理
病毒木马名:VBA.Trojan-Downloader.Agent.wv.bav  路径:D:\搜狗高速下载\2016.4.13\31.vir  病毒木马类型:下载者木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9987.bav  路径:D:\搜狗高速下载\2016.4.13\19.vir  病毒木马类型:恶意木马未处理
病毒木马名:VBA.Trojan-Downloader.Agent.xi.bav  路径:D:\搜狗高速下载\2016.4.13\37.vir  病毒木马类型:下载者木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9996.bav  路径:D:\搜狗高速下载\2016.4.13\27.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9984.bav  路径:D:\搜狗高速下载\2016.4.13\32.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9994.bav  路径:D:\搜狗高速下载\2016.4.13\41.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9995.bav  路径:D:\搜狗高速下载\2016.4.13\43.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:D:\搜狗高速下载\2016.4.13\44.vir  病毒木马类型:恶意木马未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:D:\搜狗高速下载\2016.4.13\47.vir  病毒木马类型:恶意木马未处理[/mw_shl_code]

显示全部楼层 · 发表于 2016-4-13 10:37:30

bg杀26，修复4，共30

显示全部楼层 · 发表于 2016-4-13 11:07:50

ESS 9
病毒库版本: 13325 (20160412)
日期: 2016-04-13 时间: 11:04:25
已扫描的磁盘、文件夹和文件: F:\Download\201641301
F:\Download\201641301\02.vir - MSIL/Amonetize.AE 潜在的不受欢迎应用程序的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\03.vir > CONFUSER > deobfuscated.exe - MSIL/DllInject.PC 潜在的不安全应用程序的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\04.vir - Win32/Kryptik.ETJW 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\05.vir - JS/TrojanDownloader.Nemucod.OL 特洛伊木马 - 通过删除清除 [1]
F:\Download\201641301\07.vir - PHP/Obfuscated.F 潜在的不受欢迎应用程序 - 扫描完成后再选择处理方式
F:\Download\201641301\08.vir > ZIP > config.xml - Java/Adwind.GQ 特洛伊木马 - 扫描完成后再选择处理方式
F:\Download\201641301\08.vir > ZIP > Adwind.class - Java/Adwind.SR 特洛伊木马的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\08.vir > ZIP > desinstalador/desins.class - Generik.IKBYNQZ 特洛伊木马的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\08.vir > ZIP > extra/ClassLoaderMod.class - Java/Adwind.EY 特洛伊木马的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\08.vir > ZIP > extra/Constante.class - Java/Adwind.ET 特洛伊木马的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\08.vir > ZIP > opciones/Archivo.class - 正常
F:\Download\201641301\08.vir > ZIP > opciones/interfaceInfo.class - 正常
F:\Download\201641301\08.vir > ZIP > plugins/AdwindServer.class - Java/Adwind.HO 特洛伊木马的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\10.vir - Win32/Filecoder.NGH 特洛伊木马 - 通过删除清除 [1]
F:\Download\201641301\15.vir - MSIL/Injector.AWA 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\18.vir - JS/TrojanDownloader.Nemucod.OR 特洛伊木马 - 通过删除清除 [1]
F:\Download\201641301\19.vir - Win32/TrojanDownloader.Banload.XCO 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\20.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AXA 特洛伊木马 - 扫描完成后再选择处理方式
F:\Download\201641301\22.vir - Win32/Kryptik.ETQG 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\23.vir - Win32/Kryptik.ETRE 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\24.vir - Win32/Injector.CVRJ 特洛伊木马 - 通过删除清除 [1]
F:\Download\201641301\26.vir - Win32/Ramnit.A 病毒 - 通过删除清除 [1]
F:\Download\201641301\27.vir - Win32/Agent.RTU 特洛伊木马 - 通过删除清除 [1]
F:\Download\201641301\29.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.ASH 特洛伊木马 - 扫描完成后再选择处理方式
F:\Download\201641301\30.vir - Win32/InstallCore.AFY 潜在的不受欢迎应用程序的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\31.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AXD 特洛伊木马 - 扫描完成后再选择处理方式
F:\Download\201641301\32.vir - Win32/IStartSurf.Q 潜在的不受欢迎应用程序的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\34.vir - MSIL/Injector.ORD 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\35.vir > CWS > file.swf - SWF/Exploit.CVE-2016-1019.A 特洛伊木马 - 已删除
F:\Download\201641301\37.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AXA 特洛伊木马 - 扫描完成后再选择处理方式
F:\Download\201641301\38.vir - JS/TrojanDownloader.Nemucod.QE 特洛伊木马 - 通过删除清除 [1]
F:\Download\201641301\39.vir - Win32/HackTool.Patcher.BN 潜在的不安全应用程序 - 扫描完成后再选择处理方式
F:\Download\201641301\40.vir - Win32/HackKMS.B 潜在的不安全应用程序 - 扫描完成后再选择处理方式
F:\Download\201641301\43.vir > CONFUSER > deobfuscated.exe - MSIL/Autorun.Spy.Agent.AU 蠕虫的变种 - 通过删除清除 [1]
F:\Download\201641301\44.vir - MSIL/Kryptik.FQF 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\47.vir - Win32/Filecoder.EZ 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\48.vir - Win32/InstallCore.ACH 潜在的不受欢迎应用程序的变种 - 扫描完成后再选择处理方式
F:\Download\201641301\49.vir - Win32/Exploit.CVE-2016-0034.P 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\50.vir - Linux/Xorddos.C 特洛伊木马的变种 - 通过删除清除 [1]
F:\Download\201641301\02.vir - MSIL/Amonetize.AE 潜在的不受欢迎应用程序的变种 - 通过删除清除 [1]
F:\Download\201641301\03.vir > CONFUSER > deobfuscated.exe - MSIL/DllInject.PC 潜在的不安全应用程序的变种 - 通过删除清除 [1]
F:\Download\201641301\07.vir - PHP/Obfuscated.F 潜在的不受欢迎应用程序 - 通过删除清除 [1]
F:\Download\201641301\08.vir > ZIP > config.xml - Java/Adwind.GQ 特洛伊木马 - 已删除
F:\Download\201641301\08.vir > ZIP > Adwind.class - Java/Adwind.SR 特洛伊木马的变种 - 已删除
F:\Download\201641301\08.vir > ZIP > desinstalador/desins.class - Generik.IKBYNQZ 特洛伊木马的变种 - 已删除
F:\Download\201641301\08.vir > ZIP > extra/ClassLoaderMod.class - Java/Adwind.EY 特洛伊木马的变种 - 已删除
F:\Download\201641301\08.vir > ZIP > extra/Constante.class - Java/Adwind.ET 特洛伊木马的变种 - 已删除
F:\Download\201641301\08.vir > ZIP > opciones/Archivo.class - 正常
F:\Download\201641301\08.vir > ZIP > opciones/interfaceInfo.class - 正常
F:\Download\201641301\08.vir > ZIP > plugins/AdwindServer.class - Java/Adwind.HO 特洛伊木马的变种 - 已删除
F:\Download\201641301\20.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AXA 特洛伊木马 - 已删除
F:\Download\201641301\29.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.ASH 特洛伊木马 - 已删除
F:\Download\201641301\30.vir - Win32/InstallCore.AFY 潜在的不受欢迎应用程序的变种 - 通过删除清除 [1]
F:\Download\201641301\31.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AXD 特洛伊木马 - 已删除
F:\Download\201641301\32.vir - Win32/IStartSurf.Q 潜在的不受欢迎应用程序的变种 - 通过删除清除 [1]
F:\Download\201641301\37.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AXA 特洛伊木马 - 已删除
F:\Download\201641301\39.vir - Win32/HackTool.Patcher.BN 潜在的不安全应用程序 - 通过删除清除 [1]
F:\Download\201641301\40.vir - Win32/HackKMS.B 潜在的不安全应用程序 - 通过删除清除 [1]
F:\Download\201641301\48.vir - Win32/InstallCore.ACH 潜在的不受欢迎应用程序的变种 - 通过删除清除 [1]
已扫描的对象数: 148
发现的威胁数: 37
已清除对象数: 37
完成时间: 11:04:38 总扫描时间: 13 秒 (00:00:13)

备注:
[1] 由于对象中仅包含病毒主体，因此已被删除。

显示全部楼层 · 发表于 2016-4-13 11:13:50

360杀毒国内际，开了AB引擎
360杀毒扫描日志

病毒库版本：2016-04-12 10:30
扫描时间：2016-04-13 11:12:02
扫描用时：00:00:13
扫描类型：右键扫描
扫描文件总数：50
项目总数：26
清除项目数：26

扫描选项
----------------------
扫描所有文件：是
扫描压缩包：是
发现病毒处理方式：由360杀毒自动处理
扫描磁盘引导区：是
扫描 Rootkit：是
使用云查杀引擎：是
使用QVM人工智能引擎：是
扫描建议修复项：是
常规引擎设置：BitDefender Avira(小红伞)

扫描内容
----------------------
F:\Download\2016.4.13

白名单设置
----------------------
D:\Game\英雄联盟\
\\fapai\本地磁盘 (f)\杀毒软件真实查杀结果统计工具 3.0 by hez2010.exe

扫描结果
======================
高危风险项
----------------------
F:\Download\2016.4.13\15.vir.exe 感染型病毒(Win32/Trojan.c25) 已删除
F:\Download\2016.4.13\19.vir.exe HEUR/QVM17.0.6D90.Malware.Gen 已删除
F:\Download\2016.4.13\28.vir.exe 感染型病毒(Win32/Trojan.00c) 已删除
F:\Download\2016.4.13\41.vir.exe HEUR/QVM07.1.6D90.Malware.Gen 已删除
F:\Download\2016.4.13\18.vir JS:Trojan.Script.DDD 已删除
F:\Download\2016.4.13\02.vir.exe 广告软件(ADWARE.Amonetize.Gen7) 已删除
F:\Download\2016.4.13\50.vir.Linux_ELF Gen:Variant.Trojan.Linux.XorDDoS.2 已删除
F:\Download\2016.4.13\04.vir.exe Gen:Variant.Symmi.62269 已删除
F:\Download\2016.4.13\03.vir.exe Gen:Variant.Barys.52848 已删除
F:\Download\2016.4.13\06.vir.exe HIDDENEXT.Crypted 已删除
F:\Download\2016.4.13\05.vir.JS JS:Trojan.JS.Downloader.FE 已删除
F:\Download\2016.4.13\09.vir.exe TR.Patched.Ren.Gen 已删除
F:\Download\2016.4.13\11.vir.exe 感染型病毒(Win32/Trojan.Dropper.b73) 已删除
F:\Download\2016.4.13\12.vir.dll TR.Crypt.ULPM.Gen 已删除
F:\Download\2016.4.13\23.vir.exe TR.Crypt.ZPACK.Gen2 已删除
F:\Download\2016.4.13\24.vir.exe 木马程序(Trojan.Generic.16262776) 已删除
F:\Download\2016.4.13\10.vir.dll Gen:Variant.Razy.38182 已删除
F:\Download\2016.4.13\27.vir.exe TR.Dropper.Gen 已删除
F:\Download\2016.4.13\34.vir.exe Gen:Variant.MSILPerseus.27332 已删除
F:\Download\2016.4.13\33.vir.exe TR.Patched.Gen 已删除
F:\Download\2016.4.13\26.vir.exe W32.Ramnit.A 已删除
F:\Download\2016.4.13\43.vir.exe TR.Dropper.Gen 已删除
F:\Download\2016.4.13\46.vir.exe HIDDENEXT.Crypted 已删除
F:\Download\2016.4.13\22.vir.exe Gen:Variant.Razy.38110 已删除
F:\Download\2016.4.13\39.vir.exe HIDDENEXT.Crypted 已删除
F:\Download\2016.4.13\47.vir.exe Gen:Variant.Zusy.187711 已删除

显示全部楼层 · 发表于 2016-4-13 11:23:28

KIS2016 是我设置有问题吗？看日志的话卡巴清除了很多啊，为什么统计结果那么少？

13.04.2016 11.21.58;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\50.vir;D:\源文件\2016.4.13\50.vir;HEUR:Trojan-DDoS.Linux.Xarcen.a
13.04.2016 11.21.58;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\50.vir;D:\源文件\2016.4.13\50.vir;HEUR:Trojan-DDoS.Linux.Xarcen.a
13.04.2016 11.21.57;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\50.vir;D:\源文件\2016.4.13\50.vir;HEUR:Trojan-DDoS.Linux.Xarcen.a
13.04.2016 11.21.57;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\23.vir;D:\源文件\2016.4.13\23.vir;UDS:DangerousPattern.Multi.Generic
13.04.2016 11.21.57;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\23.vir;D:\源文件\2016.4.13\23.vir;UDS:DangerousPattern.Multi.Generic
13.04.2016 11.21.57;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\41.vir;D:\源文件\2016.4.13\41.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.57;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\41.vir;D:\源文件\2016.4.13\41.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.55;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\23.vir;D:\源文件\2016.4.13\23.vir;UDS:DangerousPattern.Multi.Generic
13.04.2016 11.21.55;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\41.vir;D:\源文件\2016.4.13\41.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.54;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.aee
13.04.2016 11.21.53;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin//Module4;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin//Module4;Trojan-Downloader.MSWord.Agent.aee
13.04.2016 11.21.50;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\43.vir;D:\源文件\2016.4.13\43.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.50;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\43.vir;D:\源文件\2016.4.13\43.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.50;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\43.vir;D:\源文件\2016.4.13\43.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.49;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\42.vir;D:\源文件\2016.4.13\42.vir;HEUR:Worm.Win32.Generic
13.04.2016 11.21.49;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\42.vir;D:\源文件\2016.4.13\42.vir;HEUR:Worm.Win32.Generic
13.04.2016 11.21.49;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\42.vir;D:\源文件\2016.4.13\42.vir;HEUR:Worm.Win32.Generic
13.04.2016 11.21.48;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.aei
13.04.2016 11.21.48;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.48;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin//Module4;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin//Module4;Trojan-Downloader.MSWord.Agent.aei
13.04.2016 11.21.48;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin//ThisDocument;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.48;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin//ThisDocument;D:\源文件\2016.4.13\37.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.48;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\32.vir;D:\源文件\2016.4.13\32.vir;Trojan.Win32.Yakes.pmiv
13.04.2016 11.21.48;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\32.vir;D:\源文件\2016.4.13\32.vir;Trojan.Win32.Yakes.pmiv
13.04.2016 11.21.47;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.47;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin//ThisDocument;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.47;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\32.vir;D:\源文件\2016.4.13\32.vir;Trojan.Win32.Yakes.pmiv
13.04.2016 11.21.47;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin//ThisDocument;D:\源文件\2016.4.13\31.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.46;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\29.vir//word/vbaProject.bin;D:\源文件\2016.4.13\29.vir//word/vbaProject.bin;Trojan-Downloader.VBS.Agent.bfm
13.04.2016 11.21.46;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\29.vir//word/vbaProject.bin//Module1;D:\源文件\2016.4.13\29.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.bfm
13.04.2016 11.21.45;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\29.vir//word/vbaProject.bin//Module1;D:\源文件\2016.4.13\29.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.bfm
13.04.2016 11.21.44;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.aeh
13.04.2016 11.21.44;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin//Module4;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin//Module4;Trojan-Downloader.MSWord.Agent.aeh
13.04.2016 11.21.44;检测到的对象 ( 文件 ) 将在重启后被删除。;D:\源文件\2016.4.13\26.vir//data0015.res;D:\源文件\2016.4.13\26.vir//data0015.res;Virus.Win32.Nimnul.a
13.04.2016 11.21.44;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\26.vir//data0015.res;D:\源文件\2016.4.13\26.vir//data0015.res;Virus.Win32.Nimnul.a
13.04.2016 11.21.44;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\26.vir//data0015.res;D:\源文件\2016.4.13\26.vir//data0015.res;Virus.Win32.Nimnul.a
13.04.2016 11.21.41;检测到的对象 ( 文件 ) 已被清除。;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.41;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin//ThisDocument;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.41;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\22.vir;D:\源文件\2016.4.13\22.vir;Trojan.Win32.Inject.waoy
13.04.2016 11.21.41;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\22.vir;D:\源文件\2016.4.13\22.vir;Trojan.Win32.Inject.waoy
13.04.2016 11.21.40;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin//ThisDocument;D:\源文件\2016.4.13\20.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.aej
13.04.2016 11.21.39;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\22.vir;D:\源文件\2016.4.13\22.vir;Trojan.Win32.Inject.waoy
13.04.2016 11.21.38;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\15.vir//crs_0000//walid.exe;D:\源文件\2016.4.13\15.vir//crs_0000//walid.exe;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.38;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\15.vir//crs_0000//walid.exe;D:\源文件\2016.4.13\15.vir//crs_0000//walid.exe;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.38;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\15.vir//crs_0000//walid.exe;D:\源文件\2016.4.13\15.vir//crs_0000//walid.exe;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.37;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\04.vir;D:\源文件\2016.4.13\04.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.37;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\04.vir;D:\源文件\2016.4.13\04.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.36;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\04.vir;D:\源文件\2016.4.13\04.vir;HEUR:Trojan.Win32.Generic
13.04.2016 11.21.35;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\10.vir;D:\源文件\2016.4.13\10.vir;Trojan-PSW.Win32.Tepfer.psxibe
13.04.2016 11.21.35;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\10.vir;D:\源文件\2016.4.13\10.vir;Trojan-PSW.Win32.Tepfer.psxibe
13.04.2016 11.21.35;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\10.vir;D:\源文件\2016.4.13\10.vir;Trojan-PSW.Win32.Tepfer.psxibe
13.04.2016 11.21.11;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\07.vir;D:\源文件\2016.4.13\07.vir;Trojan.PHP.Agent.fx
13.04.2016 11.21.11;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\07.vir;D:\源文件\2016.4.13\07.vir;Trojan.PHP.Agent.fx
13.04.2016 11.21.09;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\07.vir;D:\源文件\2016.4.13\07.vir;Trojan.PHP.Agent.fx
13.04.2016 11.21.08;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\05.vir;D:\源文件\2016.4.13\05.vir;Trojan-Downloader.JS.Agent.jpc
13.04.2016 11.21.08;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\05.vir;D:\源文件\2016.4.13\05.vir;Trojan-Downloader.JS.Agent.jpc
13.04.2016 11.21.07;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\05.vir;D:\源文件\2016.4.13\05.vir;Trojan-Downloader.JS.Agent.jpc
13.04.2016 11.21.06;检测到的对象 ( 文件 ) 已删除。;D:\源文件\2016.4.13\01.vir;D:\源文件\2016.4.13\01.vir;HEUR:Worm.Win32.Generic
13.04.2016 11.21.06;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\源文件\2016.4.13\01.vir;D:\源文件\2016.4.13\01.vir;HEUR:Worm.Win32.Generic
13.04.2016 11.21.00;检测到对象 ( 文件 ) 。;D:\源文件\2016.4.13\01.vir;D:\源文件\2016.4.13\01.vir;HEUR:Worm.Win32.Generic

显示全部楼层 · 发表于 2016-4-13 12:30:34

FSCS: kill 26x

Gen:Variant.Symmi.44724 (病毒)
\2016.4.13\46.vir 操作：已隔离
Trojan.GenericKD.3146983 (病毒)
\2016.4.13\47.vir 操作：已隔离
Trojan.GenericKD.3145997 (病毒)
\2016.4.13\49.vir 操作：已隔离
Gen:Variant.Trojan.Linux.XorDDoS.2 (病毒)
\2016.4.13\50.vir 操作：已隔离
Gen:Variant.Barys.52848 (病毒)
\2016.4.13\03.vir 操作：已隔离
Gen:Variant.Symmi.62269 (病毒)
\2016.4.13\04.vir 操作：已隔离
JS:Trojan.JS.Downloader.FE (病毒)
\2016.4.13\05.vir 操作：已隔离
Trojan.Generic.16061316 (病毒)
\2016.4.13\09.vir 操作：已隔离
Gen:Variant.Razy.38182 (病毒)
\2016.4.13\10.vir 操作：已隔离
Gen:Variant.Kazy.335892 (病毒)
\2016.4.13\15.vir\walid.exe
Gen:Variant.Barys.52387 (病毒)
\2016.4.13\15.vir 操作：已隔离
JS:Trojan.Script.DDD (病毒)
\2016.4.13\18.vir 操作：已隔离
Trojan.GenericKD.3146096 (病毒)
\2016.4.13\19.vir 操作：已隔离
W97M.Downloader.BHC (病毒)
\2016.4.13\20.vir\word\vbaProject.bin
\2016.4.13\31.vir\word\vbaProject.bin
\2016.4.13\37.vir\word\vbaProject.bin
Trojan-Downloader:W97M/Dridex.Z (病毒)
\2016.4.13\20.vir 操作：已隔离
\2016.4.13\31.vir 操作：已隔离
\2016.4.13\37.vir 操作：已隔离
Gen:Variant.Razy.38110 (病毒)
\2016.4.13\22.vir 操作：已隔离
Trojan.Generic.16262776 (病毒)
\2016.4.13\24.vir 操作：已隔离
Trojan.GenericKD.3147460 (病毒)
\2016.4.13\25.vir 操作：已隔离
Trojan.Generic.15333860 (病毒)
\2016.4.13\26.vir 操作：已隔离
Trojan.GenericKD.3145873 (病毒)
\2016.4.13\27.vir 操作：已隔离
Trojan.Agent.BSLE (病毒)
\2016.4.13\28.vir 操作：已隔离
Trojan:W97M/MaliciousMacro.GEN (病毒)
\2016.4.13\29.vir\word\vbaProject.bin
\2016.4.13\29.vir 操作：已隔离
Gen:Variant.MSILPerseus.27332 (病毒)
\2016.4.13\34.vir 操作：已隔离
Trojan.GenericKD.3147480 (病毒)
\2016.4.13\41.vir 操作：已隔离
Gen:Variant.Zusy.86098 (病毒)
\2016.4.13\43.vir 操作：已隔离
找到危险软件

Gen:Variant.Application.Bundler (危险软件)
\2016.4.13\02.vir 操作：已隔离

HitmanPro: kill 24x

Malware _____________________________________________________________________

\2016.4.13\01.vir
   Size . . . . . . . : 111,169 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 5.5
   SHA-256  . . . . . : CA2E3BDA375A255B7B5891EDFB090A75306B87D24B9DE1C2BE64DB6F60131E0C
> Kaspersky  . . . . : HEUR:Worm.Win32.Generic

\2016.4.13\02.vir
   Size . . . . . . . : 383,490 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 7.9
   SHA-256  . . . . . : 6F099BB445C8632E3A44AF1CDDEE11C4213FFFBA82A26CCA7D4CF818404E5D7A
> Bitdefender  . . . : Gen:Variant.Application.Bundler.Amonetize.58

\2016.4.13\03.vir
   Size . . . . . . . : 687,618 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 6.5
   SHA-256  . . . . . : D29A477936F45B6A29C5330B7B4F32ADB4D31FEBD86E4E5FA9055B7920029B2F
   Needs elevation  . : Yes
   Product  . . . . . : ExKode Products
   LanguageID . . . . : 0
> Bitdefender  . . . : Gen:Variant.Barys.52848

\2016.4.13\04.vir
   Size . . . . . . . : 139,872 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 6.5
   SHA-256  . . . . . : C65DEAD16018FD4B4B26A4B24315D6BAFA3F8ACD649DCA6E6E99E15FDAA6EA12
> Bitdefender  . . . : Gen:Variant.Symmi.62269
> Kaspersky  . . . . : HEUR:Trojan.Win32.Generic

\2016.4.13\09.vir
   Size . . . . . . . : 48,885 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 7.4
   SHA-256  . . . . . : 4DF86821AAF363112ECF9F76A079CE49AA68288844830265DA1032FF9AB392CB
> Bitdefender  . . . : Trojan.Generic.16061316

\2016.4.13\10.vir
   Size . . . . . . . : 323,586 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 6.8
   SHA-256  . . . . . : BBE0A6D2BF458C30AA066AD099007642F693B01C8C015B9E2BC6ACC8682533E2
> Bitdefender  . . . : Gen:Variant.Razy.38182
> Kaspersky  . . . . : Trojan-PSW.Win32.Tepfer.psxibe

\2016.4.13\15.vir
   Size . . . . . . . : 111,618 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 7.9
   SHA-256  . . . . . : 6EACB1ECB890ABB6E26CC030DA402236E3A3511D1C4FC11C33E7A0076E89F8FE
   Product  . . . . . : alLhERit9e5d8LyL
   Publisher  . . . . : agV2PQqCNwXMp
   Description  . . . : abiWOK3IUNc
   Version  . . . . . : 12.16.20.82
   LanguageID . . . . : 0
> Bitdefender  . . . : Gen:Variant.Barys.52387
> Kaspersky  . . . . : HEUR:Trojan.MSIL.Tpyn.gen

\2016.4.13\19.vir
   Size . . . . . . . : 574,978 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 8.0
   SHA-256  . . . . . : C3244BB1CA12C64B7ABBD1D6575FE97D390A41F3BC3B360E0AE8D68DAE521EA1
> Bitdefender  . . . : Trojan.GenericKD.3146096

\2016.4.13\22.vir
   Size . . . . . . . : 290,818 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 7.1
   SHA-256  . . . . . : A6D3E40AFD56B65E6947903B5C9CDB372F83C44C7B1306A50A1F2E4FDBD27DBA
> Bitdefender  . . . : Gen:Variant.Razy.38110
> Kaspersky  . . . . : Trojan.Win32.Inject.waoy
> HitmanPro  . . . . : Mal/Qbot-N

\2016.4.13\23.vir
   Size . . . . . . . : 213,506 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 7.5
   SHA-256  . . . . . : 1E6E72E6D80A05D32B35217126CB3638CBA919A7DFC135A373295076A742EC17
   Product  . . . . . : Microsoft® Windows® Operating System
   Publisher  . . . . : Microsoft Corporation
   Description  . . . : US Multinational Keyboard Layout
   Version  . . . . . : 5.1.2600.0
   LanguageID . . . . : 0
> Bitdefender  . . . : Gen:Variant.Zusy.187699

\2016.4.13\24.vir
   Size . . . . . . . : 424,962 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:26)
   Entropy  . . . . . : 6.6
   SHA-256  . . . . . : EB016BA0C00B10B966CFA7D01AA86E7A07EF651CCE438965B1CB1305D5C8FC4C
   Product  . . . . . : Clover
   Publisher  . . . . : EJIE Technology
   Description  . . . : Clover
   Version  . . . . . : 3.0.406.0
   Copyright  . . . . : Copyright (C) 2012 EJIE Technology. All Rights Reserved.
   LanguageID . . . . : 1033
> Bitdefender  . . . : Trojan.Generic.16262776

\2016.4.13\25.vir
   Size . . . . . . . : 407,042 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 6.6
   SHA-256  . . . . . : D81E43231FA4EAF7B11072C5F38BA58EF44064FD22711C7AAA318BA148BE3E5E
   Product
   Publisher
   Description  . . . : Google Remote Desktop Service
   Version  . . . . . : 1.0.0.0
   LanguageID . . . . : 1049
> Bitdefender  . . . : Trojan.GenericKD.3147460

\2016.4.13\26.vir
   Size . . . . . . . : 547,330 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.4
   SHA-256  . . . . . : DAD6A14A76356258E6970C83AB290D1A1E51D6A99905C13357E5E1533525ABB3
   Needs elevation  . : Yes
   Product
   Publisher
   Description
   Version  . . . . . : 1.0.0.0
   LanguageID . . . . : 0
> Bitdefender  . . . : Trojan.Generic.15333860
> Kaspersky  . . . . : Virus.Win32.Nimnul.a

\2016.4.13\27.vir
   Size . . . . . . . : 135,170 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.0
   SHA-256  . . . . . : 76277D37CCD31DC3D32B92BD4E7E93AC0B5A2509BCCF1ADD9A246E17600A71F8
   Product  . . . . . : LOls
   Publisher  . . . . : kJN
   LanguageID . . . . : 0
> Bitdefender  . . . : Trojan.GenericKD.3145873

\2016.4.13\28.vir
   Size . . . . . . . : 704,514 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 6.9
   SHA-256  . . . . . : 6C14059C907B3E13C20B5A489FC4FA93797255177A80BE56B5B96262CB9904EC
   Version  . . . . . : 3.2.2.1
> Bitdefender  . . . : Trojan.Agent.BSLE

\2016.4.13\32.vir
   Size . . . . . . . : 163,842 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 6.6
   SHA-256  . . . . . : A3DFC4645D51BAC0875C17373D3855013EF6A6E1E6D09E7F47488C882ED48354
> Kaspersky  . . . . : Trojan.Win32.Yakes.pmiv

\2016.4.13\34.vir
   Size . . . . . . . : 714,754 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.5
   SHA-256  . . . . . : 866EDDE6DDFAFF80A3173A373D95C07F3A4777DEF340B76F8D45AA085BF92D7C
   Product  . . . . . : Microsoft® Windows® Operating System
   Publisher  . . . . : Microsoft Corporation
   Description  . . . : Function Discovery WS Discovery Provider Dll
   Version  . . . . . : 6.3.9600.17415
   Copyright  . . . . : © Microsoft Corporation. All rights reserved.
   LanguageID . . . . : 1033
> Bitdefender  . . . : Gen:Variant.MSILPerseus.27332

\2016.4.13\41.vir
   Size . . . . . . . : 299,010 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.0
   SHA-256  . . . . . : AF3515E7FB939E5CC302EB1C3CCB5C58FA574BCEEDA1B7098E8012BFFE80CF5F
> Bitdefender  . . . : Trojan.GenericKD.3147480
> Kaspersky  . . . . : HEUR:Trojan.Win32.Generic

\2016.4.13\42.vir
   Size . . . . . . . : 110,602 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 5.5
   SHA-256  . . . . . : 0770E9B2ECBD81B2906F0EF91FF1DCF825B80B9D2290846F27081D7586106AF7
> Kaspersky  . . . . : HEUR:Worm.Win32.Generic

\2016.4.13\43.vir
   Size . . . . . . . : 509,954 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.4
   SHA-256  . . . . . : 4E4545F93A8BEB76022BB4AD41A2938F0363A01DE4090DC9562DAC28CF2EED37
   Needs elevation  . : Yes
   Product  . . . . . : Microsoft
   LanguageID . . . . : 0
> Bitdefender  . . . : Gen:Variant.Zusy.86098
> Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
> HitmanPro  . . . . : Mal/MsilKlog-D

\2016.4.13\44.vir
   Size . . . . . . . : 299,738 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 6.5
   SHA-256  . . . . . : 862065CCB1782341FB770828FF62C43F035D22CC3CC87FBEC5D864DDB6E1ACDE
   Product  . . . . . : Facebook Automation.exe
   Publisher  . . . . : Facebook Automation.exe
   Description  . . . : Facebook Automation.exe
   Version  . . . . . : 3.0.0
   LanguageID . . . . : 0
> Bitdefender  . . . : Trojan.GenericKD.3148544

\2016.4.13\46.vir
   Size . . . . . . . : 105,474 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.8
   SHA-256  . . . . . : AE9CF8EC29F08496515CA5AF16839A63B0D4CAC9138858E594D95E99B10A0BDF
   Product  . . . . . : Project1
   Publisher  . . . . : Wenderoy
   Version  . . . . . : 1.00
   LanguageID . . . . : 1033
> Bitdefender  . . . : Gen:Variant.Symmi.44724

\2016.4.13\47.vir
   Size . . . . . . . : 528,386 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 6.8
   SHA-256  . . . . . : E94E6A50805014C9EEF524C30BBBF94DC0A4AE1F72EABF2258AEEBFE529FC29F
   Product  . . . . . : Installer
   Publisher  . . . . : Software Corp.
   Description  . . . : Installer
   Version  . . . . . : 1,0,0,0
   Copyright  . . . . : (C) Software Corp.
   LanguageID . . . . : 1033
> Bitdefender  . . . : Trojan.GenericKD.3146983

\2016.4.13\49.vir
   Size . . . . . . . : 209,410 bytes
   Age  . . . . . . . : 0.0 days (2016-04-13 12:20:27)
   Entropy  . . . . . : 7.7
   SHA-256  . . . . . : 30AF254C9E8D7F6D1E2802E1EAE068048E5140A59F62DF3485D5BFD2A9ABE38E
   Product  . . . . . : krmmL1LNhwx
   LanguageID . . . . : 0
> Bitdefender  . . . : Trojan.GenericKD.3145997

显示全部楼层 · 发表于 2016-4-13 14:40:59

微软

[mw_shl_code=css,true]Scan started on Wed Apr 13 14:39:37 2016

C:\Users\XuanXia\Desktop\2016.4.13\04.vir                                     Infected: Ransom:Win32/Locky!rfn
C:\Users\XuanXia\Desktop\2016.4.13\05.vir                                     Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.4.13\07.vir->[PHP]                               Infected: Backdoor:PHP/C99shell.I [non_writable_container]
C:\Users\XuanXia\Desktop\2016.4.13\10.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.4.13\15.vir                                     Infected: Backdoor:MSIL/Bladabindi!rfn
C:\Users\XuanXia\Desktop\2016.4.13\18.vir                                     Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.4.13\19.vir                                     Infected: TrojanDownloader:Win32/Banload!rfn
C:\Users\XuanXia\Desktop\2016.4.13\20.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.4.13\22.vir                                     Infected: Backdoor:Win32/Qakbot.T [submit_sample]
C:\Users\XuanXia\Desktop\2016.4.13\23.vir                                     Infected: Ransom:Win32/Tescrypt!rfn
C:\Users\XuanXia\Desktop\2016.4.13\24.vir                                     Infected: Backdoor:Win32/Fynloski.A
C:\Users\XuanXia\Desktop\2016.4.13\25.vir                                     Infected: Trojan:Win32/Malumpos.A
C:\Users\XuanXia\Desktop\2016.4.13\26.vir->[MSILRES:CcKiL.Resources.resources]  Infected: Virus:Win32/Ramnit.A [non_writable_container]
C:\Users\XuanXia\Desktop\2016.4.13\27.vir                                     Infected: Ransom:Win32/Cerber
C:\Users\XuanXia\Desktop\2016.4.13\29.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Adnel
C:\Users\XuanXia\Desktop\2016.4.13\31.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.4.13\34.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.4.13\37.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.4.13\38.vir                                     Infected: TrojanDownloader:JS/Nemucod.EA
C:\Users\XuanXia\Desktop\2016.4.13\43.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.4.13\47.vir                                     Infected: Ransom:Win32/Sarento
C:\Users\XuanXia\Desktop\2016.4.13\50.vir                                     Infected: DoS:Linux/Xorddos.A
Successfully checked: C:\Users\XuanXia\Desktop\2016.4.13

Scan ended on Wed Apr 13 14:40:07 2016[/mw_shl_code]

显示全部楼层 · 发表于 2016-4-13 16:29:49

本帖最后由 Eset小粉絲于 2016-4-13 16:34 编辑

Avira

[mw_shl_code=css,true]Start of the scan: Wednesday, April 13, 2016  16:16

Starting the file scan:

Begin scan in 'C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13'
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\01.vir
  [DETECTION] Contains recognition pattern of the WORM/Agent.111167.1 worm
  [NOTE]    The file was moved to the quarantine directory under the name '529f9321.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\02.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/Amonetize.Gen7
  [NOTE]    The file was moved to the quarantine directory under the name '71e6f80d.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\03.vir
  [DETECTION] Is the TR/Barys.wgmk Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '19f6829c.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\04.vir
  [DETECTION] Is the TR/Crypt.ZPACK.yiis Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '39808618.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\09.vir
  [DETECTION] Is the TR/Patched.Ren.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '6ca4c0a6.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\10.vir
  [DETECTION] Is the TR/Crypt.ZPACK.bnyt Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0d84e110.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\11.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '6828a39a.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\12.vir
  [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0dffd734.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\13.vir
  [DETECTION] Contains code of the W2000M/Agent.6046144 macro virus
  [NOTE]    The file was moved to the quarantine directory under the name '1e1beba6.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\14.vir
  [DETECTION] Is the TR/Crypt.Xpack.ogco Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0ca29718.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\15.vir
  [DETECTION] Is the TR/Dropper.MSIL.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '1bf2f4ab.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\19.vir
  [DETECTION] Is the TR/Dldr.Banload.fssf Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '41d0c63f.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\20.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.748742 macro virus
      [WARNING] Infected files in archives cannot be repaired
  [NOTE]    The file was moved to the quarantine directory under the name '64ddbc22.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\22.vir
  [DETECTION] Is the TR/Taranis.2831 Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '1086a45f.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\23.vir
  [DETECTION] Is the TR/Crypt.ZPACK.bvqh Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '3284f6d2.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\25.vir
  [DETECTION] Is the TR/Rogue.ecys Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '47178ece.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\26.vir
  [DETECTION] Contains code of the W32/Ramnit.A Windows virus
  [NOTE]    The file was moved to the quarantine directory under the name '6c40d2cf.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\27.vir
  [DETECTION] Is the TR/Dropper.vqyz Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0b279a73.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\29.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Downldr.C macro virus
      [WARNING] Infected files in archives cannot be repaired
  [NOTE]    The file was moved to the quarantine directory under the name '4057a39a.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\31.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.748742 macro virus
      [WARNING] Infected files in archives cannot be repaired
  [NOTE]    The file was moved to the quarantine directory under the name '40a9a933.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\32.vir
  [DETECTION] Is the TR/Crypt.ZPACK.frgp Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0a06fc20.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\33.vir
  [DETECTION] Is the TR/Patched.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '642fd3e9.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\34.vir
  [DETECTION] Is the TR/Dropper.MSIL.snme Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '290f8d9e.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\35.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2016-1019.A.Gen exploit
  [NOTE]    The file was moved to the quarantine directory under the name '412baaa4.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\36.vir
  [DETECTION] Contains code of the W2000M/Agent.6046915 macro virus
  [NOTE]    The file was moved to the quarantine directory under the name '3b9a906e.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\37.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.748742 macro virus
      [WARNING] Infected files in archives cannot be repaired
  [NOTE]    The file was moved to the quarantine directory under the name '4ac8cc2a.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\42.vir
  [DETECTION] Contains recognition pattern of the WORM/Agent.110600 worm
  [NOTE]    The file was moved to the quarantine directory under the name '415f9a6b.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\43.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0f04e906.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\44.vir
  [DETECTION] Is the TR/Dropper.MSIL.jdha Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '717f9221.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\46.vir
  [DETECTION] Is the TR/Symmi.jdqq Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '05e5ba50.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\47.vir
  [DETECTION] Is the TR/FileCoder.itna Trojan
  [NOTE]    The file was moved to the quarantine directory under the name '0ed1e6c6.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\05.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.LQ Java script virus
  [NOTE]    The file was moved to the quarantine directory under the name '514592f4.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\18.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
  [NOTE]    The file was moved to the quarantine directory under the name '49d2bd5f.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\21.vir
  [DETECTION] Contains recognition pattern of the BAT/Flood.C batch virus
  [NOTE]    The file was moved to the quarantine directory under the name '1b8de7b8.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\06.vir
[DETECTION] The file contains an executable program that is disguised by a harmless file extension (HIDDENEXT/Crypted)
  [NOTE]    The file was moved to the quarantine directory under the name '511190d0.qua'!
C:\Users\Vivian Lee\Desktop\New Folder\2016.4.13\39.vir
  [DETECTION] The file contains an executable program that is disguised by a harmless file extension (HIDDENEXT/Crypted)
  [NOTE]    The file was moved to the quarantine directory under the name '4986bf72.qua'![/mw_shl_code]

[病毒样本] 精睿样本测试（16.4.13）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块