精睿样本测试（16.10.19）

显示全部楼层 · 发表于 2016-10-19 09:49:28

地址：

http://pan.baidu.com/s/1jIlWV1G 提取密码 yb64

http://www.vdisk.cn/down/index/19739263

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-10-19 09:51:11

卡巴

[mw_shl_code=css,true]2016-10-19 09:45:51 C:\Users\XuanXia\Desktop\2016.10.19\01.vir ok
2016-10-19 09:45:51 C:\Users\XuanXia\Desktop\2016.10.19\02.vir error Object protected with password
2016-10-19 09:45:51 C:\Users\XuanXia\Desktop\2016.10.19\03.vir ok
2016-10-19 09:45:53 C:\Users\XuanXia\Desktop\2016.10.19\04.vir detected Trojan-Downloader.MSWord.Agent.asdftn
2016-10-19 09:45:53 C:\Users\XuanXia\Desktop\2016.10.19\05.vir ok
2016-10-19 09:45:54 C:\Users\XuanXia\Desktop\2016.10.19\06.vir ok
2016-10-19 09:45:55 C:\Users\XuanXia\Desktop\2016.10.19\07.vir detected Trojan.Win32.VBKryjetor.adrc
2016-10-19 09:45:55 C:\Users\XuanXia\Desktop\2016.10.19\08.vir ok
2016-10-19 09:45:55 C:\Users\XuanXia\Desktop\2016.10.19\09.vir ok
2016-10-19 09:45:56 C:\Users\XuanXia\Desktop\2016.10.19\10.vir detected Backdoor.Win32.Tofsee.yuw
2016-10-19 09:45:58 C:\Users\XuanXia\Desktop\2016.10.19\11.vir ok
2016-10-19 09:45:58 C:\Users\XuanXia\Desktop\2016.10.19\12.vir ok
2016-10-19 09:45:59 C:\Users\XuanXia\Desktop\2016.10.19\13.vir detected HEUR:Trojan.Win32.Generic
2016-10-19 09:46:00 C:\Users\XuanXia\Desktop\2016.10.19\14.vir ok
2016-10-19 09:46:01 C:\Users\XuanXia\Desktop\2016.10.19\15.vir detected HEUR:Trojan.Win32.Generic
2016-10-19 09:46:02 C:\Users\XuanXia\Desktop\2016.10.19\16.vir detected Backdoor.Java.Adwind.cr
2016-10-19 09:46:03 C:\Users\XuanXia\Desktop\2016.10.19\17.vir ok
2016-10-19 09:46:04 C:\Users\XuanXia\Desktop\2016.10.19\18.vir detected HEUR:Trojan-Downloader.Script.Generic
2016-10-19 09:46:05 C:\Users\XuanXia\Desktop\2016.10.19\19.vir detected Trojan-Downloader.JS.Agent.mgx
2016-10-19 09:46:05 C:\Users\XuanXia\Desktop\2016.10.19\20.vir ok
2016-10-19 09:46:08 C:\Users\XuanXia\Desktop\2016.10.19\21.vir ok
2016-10-19 09:46:09 C:\Users\XuanXia\Desktop\2016.10.19\22.vir ok
2016-10-19 09:46:10 C:\Users\XuanXia\Desktop\2016.10.19\23.vir detected Trojan-Banker.Win32.Banbra.tqxn
2016-10-19 09:46:10 C:\Users\XuanXia\Desktop\2016.10.19\24.vir ok
2016-10-19 09:46:11 C:\Users\XuanXia\Desktop\2016.10.19\25.vir ok
2016-10-19 09:46:12 C:\Users\XuanXia\Desktop\2016.10.19\26.vir detected Trojan-Dropper.MSWord.Agent.nx
2016-10-19 09:46:13 C:\Users\XuanXia\Desktop\2016.10.19\27.vir ok
2016-10-19 09:46:14 C:\Users\XuanXia\Desktop\2016.10.19\28.vir detected HEUR:Trojan.Win32.Generic
2016-10-19 09:46:14 C:\Users\XuanXia\Desktop\2016.10.19\29.vir ok
2016-10-19 09:46:15 C:\Users\XuanXia\Desktop\2016.10.19\30.vir detected HEUR:Trojan.Win32.Generic
2016-10-19 09:46:15 C:\Users\XuanXia\Desktop\2016.10.19\31.vir ok
2016-10-19 09:46:16 C:\Users\XuanXia\Desktop\2016.10.19\32.vir detected Trojan-Dropper.MSWord.Agent.nx
2016-10-19 09:46:17 C:\Users\XuanXia\Desktop\2016.10.19\33.vir ok
2016-10-19 09:46:18 C:\Users\XuanXia\Desktop\2016.10.19\34.vir ok
2016-10-19 09:46:19 C:\Users\XuanXia\Desktop\2016.10.19\35.vir detected Trojan-Downloader.MSWord.Agent.asdftj
2016-10-19 09:46:19 C:\Users\XuanXia\Desktop\2016.10.19\36.vir ok
2016-10-19 09:46:20 C:\Users\XuanXia\Desktop\2016.10.19\37.vir ok
2016-10-19 09:46:21 C:\Users\XuanXia\Desktop\2016.10.19\38.vir detected Trojan-Downloader.MSWord.Agent.ask
2016-10-19 09:46:23 C:\Users\XuanXia\Desktop\2016.10.19\39.vir detected Trojan.Win32.Bublik.elcx
2016-10-19 09:46:23 C:\Users\XuanXia\Desktop\2016.10.19\40.vir detected Backdoor.Win32.Tofsee.yuv
2016-10-19 09:46:27 C:\Users\XuanXia\Desktop\2016.10.19\41.vir ok
2016-10-19 09:46:28 C:\Users\XuanXia\Desktop\2016.10.19\42.vir detected Trojan-Downloader.JS.Agent.mgp
2016-10-19 09:46:29 C:\Users\XuanXia\Desktop\2016.10.19\43.vir ok
2016-10-19 09:46:29 C:\Users\XuanXia\Desktop\2016.10.19\44.vir ok
2016-10-19 09:46:29 C:\Users\XuanXia\Desktop\2016.10.19\45.vir ok
2016-10-19 09:46:32 C:\Users\XuanXia\Desktop\2016.10.19\46.vir detected HEUR:Exploit.Script.Generic
2016-10-19 09:46:42 C:\Users\XuanXia\Desktop\2016.10.19\47.vir detected HEUR:Trojan-Downloader.Script.Generic
2016-10-19 09:46:42 C:\Users\XuanXia\Desktop\2016.10.19\48.vir ok
2016-10-19 09:46:52 C:\Users\XuanXia\Desktop\2016.10.19\49.vir ok
2016-10-19 09:46:57 C:\Users\XuanXia\Desktop\2016.10.19\50.vir detected Trojan-Downloader.MSWord.Blu.b
; --- Statistics ---
; Time Start: 2016-10-19 09:45:50
; Time Finish: 2016-10-19 09:46:57
; Completion: 100%
; Processed objects: 50
; Total detected: 21
; Detected exact: 14
; Errors: 1
; ------------------
[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-19 09:53:08

轩夏发表于 2016-10-19 09:51
卡巴

[mw_shl_code=css,true]2016-10-19 09:45:51 C:%users\XuanXia\Desktop\2016.10.19\01.vir ok

你神速啊

我都不用测了

虽然我知道你是直接从精睿拿的包

显示全部楼层 · 发表于 2016-10-19 09:54:41

EEK kill 34x
坐等BD老爹

[mw_shl_code=css,true]D:\TEST\daily\2016.10.19\03.vir.JS 検出: Trojan.JS.Downloader.FXA (B)
D:\TEST\daily\2016.10.19\07.vir.exe 検出: Trojan.GenericKD.3598155 (B)
D:\TEST\daily\2016.10.19\10.vir.exe 検出: Trojan.GenericKD.3606009 (B)
D:\TEST\daily\2016.10.19\11.vir.exe 検出: Trojan.GenericKD.3598208 (B)
D:\TEST\daily\2016.10.19\13.vir.exe 検出: Gen:Variant.MSILPerseus.35097 (B)
D:\TEST\daily\2016.10.19\15.vir.exe 検出: Trojan.GenericKD.3600981 (B)
D:\TEST\daily\2016.10.19\16.vir.ZIP -> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlj.class 検出: Trojan.JAVA.Adwind.DR (B)
D:\TEST\daily\2016.10.19\16.vir.ZIP -> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlc.class 検出: Trojan.JAVA.Adwind.DR (B)
D:\TEST\daily\2016.10.19\18.vir.JS -> (INFECTED_JS) 検出: JS:Trojan.Downloader.Nemucod.BC (B)
D:\TEST\daily\2016.10.19\16.vir.ZIP -> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlt.class 検出: Trojan.JAVA.Adwind.DR (B)
D:\TEST\daily\2016.10.19\16.vir.ZIP -> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlx.class 検出: Trojan.JAVA.Adwind.DR (B)
D:\TEST\daily\2016.10.19\20.vir.exe 検出: Trojan.GenericKD.3603999 (B)
D:\TEST\daily\2016.10.19\17.vir.exe 検出: Gen:Variant.Application.Bundler.DealPly.164 (B)
D:\TEST\daily\2016.10.19\16.vir.ZIP -> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmle.class 検出: Trojan.JAVA.Adwind.DR (B)
D:\TEST\daily\2016.10.19\22.vir.exe 検出: Trojan.GenericKD.3591849 (B)
D:\TEST\daily\2016.10.19\21.vir.exe 検出: Trojan.GenericKD.3602513 (B)
D:\TEST\daily\2016.10.19\16.vir.ZIP -> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlda.class 検出: Trojan.JAVA.Adwind.DR (B)
D:\TEST\daily\2016.10.19\24.vir.exe 検出: Trojan.Generic.19086188 (B)
D:\TEST\daily\2016.10.19\19.vir.JS 検出: Trojan.JS.Agent.NPE (B)
D:\TEST\daily\2016.10.19\27.vir.pdf 検出: Trojan.PDF.Phishing.DR (B)
D:\TEST\daily\2016.10.19\25.vir.exe 検出: Trojan.RanSerKD.3599970 (B)
D:\TEST\daily\2016.10.19\23.vir.exe 検出: Trojan.GenericKD.3601231 (B)
D:\TEST\daily\2016.10.19\26.vir.DOC 検出: W97M.Downloader.ELO (B)
D:\TEST\daily\2016.10.19\32.vir.DOC 検出: W97M.Downloader.ELO (B)
D:\TEST\daily\2016.10.19\33.vir.exe 検出: Trojan.GenericKD.3609750 (B)
D:\TEST\daily\2016.10.19\35.vir.DOC 検出: Trojan.GenericKD.3598761 (B)
D:\TEST\daily\2016.10.19\36.vir.exe 検出: Trojan.GenericKD.3598985 (B)
D:\TEST\daily\2016.10.19\38.vir.DOCM -> word/vbaProject.bin 検出: W97m.Downloader.EOJ (B)
D:\TEST\daily\2016.10.19\34.vir.exe 検出: Trojan.GenericKD.3610364 (B)
D:\TEST\daily\2016.10.19\28.vir.exe 検出: Gen:Variant.MSILPerseus.54470 (B)
D:\TEST\daily\2016.10.19\40.vir.exe 検出: Trojan.GenericKD.3604015 (B)
D:\TEST\daily\2016.10.19\37.vir.exe 検出: Trojan.GenericKD.3604265 (B)
D:\TEST\daily\2016.10.19\30.vir.exe 検出: Trojan.GenericKD.3602389 (B)
D:\TEST\daily\2016.10.19\42.vir.html 検出: Trojan.JS.Agent.NQP (B)
D:\TEST\daily\2016.10.19\44.vir 検出: Trojan.BAT.AAJT (B)
D:\TEST\daily\2016.10.19\45.vir.JAR -> dffghdg3456dhgdfghdf/nxcsQ34SDFGsdfgsd.class 検出: Trojan.JAVA.Downloader.JV (B)
D:\TEST\daily\2016.10.19\46.vir.html 検出: Trojan.JS.Downloader.FUS (B)
D:\TEST\daily\2016.10.19\47.vir.html 検出: Trojan.JS.Agent.NOU (B)
D:\TEST\daily\2016.10.19\39.vir.exe 検出: Gen:Variant.Barys.944 (B)

検出数: 39[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-19 09:57:49

T.Yoshiyuki 发表于 2016-10-19 09:54
EEK kill 34x
坐等BD老爹

我换卡巴了

帮不了啦

显示全部楼层 · 发表于 2016-10-19 09:58:30

扫描时间：[2016-10-19 09:57:35]
扫描用时：[00:00:07]
扫描类型：自定义查杀
扫描文件总数：216
扫描速度：27文件/秒
发现威胁：24个
清除威胁：24个
=============================================
[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\06.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\11.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\22.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\25.vir
类型：win32.troj.ranserkd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\28.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\33.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\37.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\41.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\07.vir
类型：win32.troj.vbkryjetor.ad.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\09.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\10.vir
类型：win32.hack.tofsee.y.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\13.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\15.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\17.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\20.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\21.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\23.vir
类型：win32.troj.banker.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\24.vir
类型：win32.troj.generic.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\30.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\36.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\39.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\40.vir
类型：win32.hack.tofsee.y.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\43.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-10-19 09:58:10]
威胁：f:\浏览器下载\2016.10.19\49.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

显示全部楼层 · 发表于 2016-10-19 10:06:31

本帖最后由驭龙于 2016-10-19 10:22 编辑

WD测试时间2016年10月19日 10:10
测试版本和特征库

删除22个样本，加上2个修复，查杀24个。

今天我这里的云出问题，所以没有云杀，过一会儿再试一试。

查杀日志：
[mw_shl_code=css,true]Result Count:20
Threat Name:PWS:Win32/Dyzap.X
ID:2147717189
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\07.vir.exe
Extended Info:24632066032789
Threat Name:Ransom:Win32/Cerber
ID:2147709928
Severity:5
Number of Resources:2
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\33.vir.exe
Extended Info:24635310517102
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\11.vir.exe
Extended Info:24635919148103
Threat Name:Trojan:Java/Adwind.Q
ID:2147707636
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\16.vir.zip
Extended Info:140284793452467
Threat Name:TrojanDownloader:JS/Nemucod
ID:2147693147
Severity:5
Number of Resources:2
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\42.vir.html
Extended Info:60651310651755
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\19.vir.JS
Extended Info:82009661645667
Threat Name:Ransom:Win32/Ranscrape
ID:2147712474
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\21.vir.exe
Extended Info:24633332401850
Threat Name:Trojan:Win32/Miuref.R
ID:2147716203
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\22.vir.exe
Extended Info:24634070397540
Threat Name:TrojanDownloader:Win32/Banload
ID:2147549541
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\23.vir.exe
Extended Info:24635771201434
Threat Name:Trojan:Win32/Skeeyah.A!rfn
ID:2147694182
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\24.vir.exe
Extended Info:24634762576329
Threat Name:Ransom:Win32/Locky.A
ID:2147709170
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\25.vir.exe
Extended Info:24632263973480
Threat Name:TrojanDropper:O97M/Donoff
ID:2147707968
Severity:5
Number of Resources:2
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\32.vir.doc
Extended Info:14582759511003
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\26.vir.doc
Extended Info:14582759511003
Threat Name:TrojanDownloader:JS/Swabfex.C
ID:2147708152
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\47.vir.html
Extended Info:238139985700660
Threat Name:Ransom:Win32/Locky
ID:2147709440
Severity:5
Number of Resources:2
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\37.vir.exe
Extended Info:24634474573437
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\34.vir.exe
Extended Info:24633272883269
Threat Name:Trojan:O97M/Madeba.A!det
ID:2147708876
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\35.vir.doc
Extended Info:23380191919034
Threat Name:TrojanDownloader:O97M/Donoff!map
ID:2147717243
Severity:5
Number of Resources:2
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\38.vir.docx->word/vbaProject.bin
Extended Info:23633680731448
Resource Schema:containerfile
Resource Path:E:\VIR\VC52\2016.10.19\38.vir.docx
Extended Info:0
Threat Name:Worm:Win32/Rebhip.Z
ID:2147695549
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\39.vir.exe
Extended Info:67714678268653
Threat Name:Backdoor:Win32/Tofsee
ID:2147597359
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\40.vir.exe
Extended Info:24635196031723
Threat Name:TrojanDownloader:PowerShell/Wedinga.A
ID:2147707891
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\44.vir
Extended Info:15567065275908
Threat Name:Trojan:Java/Banload
ID:2147717789
Severity:5
Number of Resources:2
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\45.vir.zip->dffghdg3456dhgdfghdf/nxcsQ34SDFGsdfgsd.class
Extended Info:24632556762123
Resource Schema:containerfile
Resource Path:E:\VIR\VC52\2016.10.19\45.vir.zip
Extended Info:0
Threat Name:TrojanDownloader:HTML/Adodb.gen!C
ID:2147717723
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\46.vir.html
Extended Info:259032095663702
Threat Name:HackTool:MSIL/Noancooe.B
ID:2147708012
Severity:2
Number of Resources:1
Resource Schema:file
Resource Path:E:\VIR\VC52\2016.10.19\28.vir.exe
Extended Info:87380147387501
End Scan[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-19 10:12:55

Avira 28x

[mw_shl_code=css,true]Start of the scan: Wednesday, 19 October, 2016  10:09

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.10.19'
Successful Cloud SDK initialization and license check.
The file 'C:\Users\User\Desktop\2016.10.19\01.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 7E3E62A6130F051EE496D6DFB1E58478C4D517B3E1BC82FF3E059A45B4C403E1
C:\Users\User\Desktop\2016.10.19\01.vir (SHA-256: 7e3e62a6130f051ee496d6dfb1e58478c4d517b3e1bc82ff3e059a45b4c403e1)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.19\01.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\User\Desktop\2016.10.19\03.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.10.19\07.vir
  [DETECTION] Is the TR/Dropper.VB.pyweg Trojan
C:\Users\User\Desktop\2016.10.19\09.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.10.19\10.vir
  [DETECTION] Is the TR/AD.Tofsee.ivjuv Trojan
C:\Users\User\Desktop\2016.10.19\15.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.10.19\16.vir
[0] Archive type: ZIP
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmld.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123214 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlj.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123216 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmls.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123228 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlu.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123231 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlp.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123225 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlb.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123212 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlz.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123236 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlc.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123213 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmll.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123219 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlt.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123229 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlx.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123235 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlv.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123233 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlo.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123224 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlh.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123318 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlq.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123226 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmln.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123222 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlg.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123317 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlk.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123217 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmly.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123234 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlm.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123221 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlf.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123316 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlr.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123227 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmle.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123315 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmla.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123211 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmli.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123419 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlw.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123232 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlda.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123215 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlha.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123319 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlka.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123218 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlna.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123223 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlta.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123230 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> x/xmlxmxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmlxmllxmlxmlxmlla.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Adwind.123220 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.10.19\17.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.nutkf
C:\Users\User\Desktop\2016.10.19\18.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Nemucod.HC Java script virus
C:\Users\User\Desktop\2016.10.19\19.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Kript.830162 Java script virus
C:\Users\User\Desktop\2016.10.19\20.vir
  [DETECTION] Is the TR/Spy.ugzhu Trojan
The file 'C:\Users\User\Desktop\2016.10.19\21.vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 4E955EDEC05342228CCD3E3D35A2630B26F133F971C508081655C4C5B2BF0A9D
C:\Users\User\Desktop\2016.10.19\21.vir (SHA-256: 4e955edec05342228ccd3e3d35a2630b26f133f971c508081655c4c5b2bf0a9d)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.19\21.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\User\Desktop\2016.10.19\23.vir
  [DETECTION] Is the TR/Dldr.Banload.nhopq Trojan
C:\Users\User\Desktop\2016.10.19\24.vir
  [DETECTION] Is the TR/NetSeal.gczlw Trojan
C:\Users\User\Desktop\2016.10.19\26.vir
  [DETECTION] Contains code of the W2000M/Agent.44572835 macro virus
C:\Users\User\Desktop\2016.10.19\28.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.10.19\30.vir
  [DETECTION] Is the TR/Injector.knigb Trojan
C:\Users\User\Desktop\2016.10.19\32.vir
  [DETECTION] Contains code of the W2000M/Agent.44572835 macro virus
C:\Users\User\Desktop\2016.10.19\34.vir
  [DETECTION] Is the TR/Crypt.ZPACK.lkbxd Trojan
C:\Users\User\Desktop\2016.10.19\35.vir
  [DETECTION] Contains code of the W2000M/Agent.68142 macro virus
C:\Users\User\Desktop\2016.10.19\36.vir
  [DETECTION] Is the TR/Crypt.Xpack.smgix Trojan
C:\Users\User\Desktop\2016.10.19\38.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.12501577 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.10.19\39.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.alif back-door program
C:\Users\User\Desktop\2016.10.19\40.vir
  [DETECTION] Is the TR/Dropper.VB.gedaq Trojan
C:\Users\User\Desktop\2016.10.19\41.vir
  [DETECTION] Contains recognition pattern of the DR/Zlob.Gen dropper
C:\Users\User\Desktop\2016.10.19\42.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.aipinb Java script virus
C:\Users\User\Desktop\2016.10.19\44.vir
  [DETECTION] Contains code of the SCRIPT/PowerShell.Gen virus
C:\Users\User\Desktop\2016.10.19\45.vir
[0] Archive type: ZIP
--> dffghdg3456dhgdfghdf/nxcsQ34SDFGsdfgsd.class
      [DETECTION] Contains recognition pattern of the JAVA/Dldr.Agent.53532 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.10.19\47.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.XLX Java script virus
The Protection Cloud scan of file 'C:\Users\User\Desktop\2016.10.19\49.vir' completed with the error code 0x4C7. SHA256 = BFE4B1DA8D61F1C4540A92F942530AD9C457B81F6EA34D66C7B1223EDD465831
C:\Users\User\Desktop\2016.10.19\49.vir (SHA-256: bfe4b1da8d61f1c4540a92f942530ad9c457b81f6ea34d66c7b1223edd465831)
  [INFO]    The file 'C:\Users\User\Desktop\2016.10.19\49.vir' has been uploaded to the Protection Cloud and analyzed.
C:\Users\User\Desktop\2016.10.19\50.vir
[0] Archive type: ZIP
--> word/embeddings/oleObject1.bin
      [DETECTION] Contains recognition pattern of the VBS/Dldr.Agent.gdsg VBS script virus
      [WARNING] Infected files in archives cannot be repaired[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-19 10:14:52

ESET Online Scanner Kill 38x （其中修復3x）

話說這個掃描器真是良心啊……坐等ESET老爹

[mw_shl_code=css,true]D:\TEST\daily\2016.10.19\03.vir.JS JS/TrojanDownloader.Nemucod.BFO trojan cleaned by deleting
D:\TEST\daily\2016.10.19\06.vir.exe multiple threats,Win32/Adware.Agent.NQE application,a variant of Win32/BundleLoader.C potentially unwanted application cleaned by deleting
D:\TEST\daily\2016.10.19\07.vir.exe Win32/PSW.Fareit.L trojan cleaned by deleting
D:\TEST\daily\2016.10.19\10.vir.exe Win32/Tofsee.AZ trojan cleaned by deleting
D:\TEST\daily\2016.10.19\11.vir.exe NSIS/Injector.GO trojan cleaned by deleting
D:\TEST\daily\2016.10.19\14.vir.dll PowerShell/Agent.X trojan cleaned by deleting
D:\TEST\daily\2016.10.19\15.vir.exe a variant of MSIL/Kryptik.HNL trojan cleaned by deleting
D:\TEST\daily\2016.10.19\16.vir.ZIP multiple threats,a variant of Java/Adwind.ZX trojan,Java/Adwind.ZW trojan,a variant of Java/Adwind.ZY trojan cleaned by deleting
D:\TEST\daily\2016.10.19\17.vir.exe a variant of Win32/DealPly.EB potentially unwanted application cleaned by deleting
D:\TEST\daily\2016.10.19\18.vir.JS JS/TrojanDropper.Agent.NER trojan cleaned by deleting
D:\TEST\daily\2016.10.19\19.vir.JS JS/TrojanDownloader.Nemucod.ATU trojan cleaned by deleting
D:\TEST\daily\2016.10.19\20.vir.exe a variant of MSIL/PSW.Agent.OCH trojan cleaned by deleting
D:\TEST\daily\2016.10.19\21.vir.exe Win32/Agent.PZH trojan cleaned by deleting
D:\TEST\daily\2016.10.19\22.vir.exe NSIS/Injector.GK trojan cleaned by deleting
D:\TEST\daily\2016.10.19\23.vir.exe a variant of Win32/TrojanDownloader.Banload.XKV trojan cleaned by deleting
D:\TEST\daily\2016.10.19\24.vir.exe a variant of MSIL/Packed.NetSeal.A suspicious application cleaned by deleting
D:\TEST\daily\2016.10.19\25.vir.exe NSIS/Injector.GP trojan cleaned by deleting
D:\TEST\daily\2016.10.19\26.vir.DOC VBA/TrojanDropper.Agent.QR trojan cleaned
D:\TEST\daily\2016.10.19\28.vir.exe a variant of MSIL/NanoCore.K trojan cleaned by deleting
D:\TEST\daily\2016.10.19\30.vir.exe a variant of MSIL/Injector.VR trojan cleaned by deleting
D:\TEST\daily\2016.10.19\31.vir.JS JS/TrojanDownloader.Nemucod.BFS trojan cleaned by deleting
D:\TEST\daily\2016.10.19\32.vir.DOC VBA/TrojanDropper.Agent.QR trojan cleaned
D:\TEST\daily\2016.10.19\33.vir.exe Win32/Filecoder.Cerber.B trojan cleaned by deleting
D:\TEST\daily\2016.10.19\34.vir.exe a variant of Win32/Kryptik.FHZO trojan cleaned by deleting
D:\TEST\daily\2016.10.19\35.vir.DOC VBA/TrojanDownloader.Agent.BWT trojan cleaned
D:\TEST\daily\2016.10.19\36.vir.exe a variant of Win32/GenKryptik.GRX trojan cleaned by deleting
D:\TEST\daily\2016.10.19\37.vir.exe NSIS/Injector.GP trojan cleaned by deleting
D:\TEST\daily\2016.10.19\38.vir.DOCM VBS/TrojanDownloader.Agent.ONO trojan deleted
D:\TEST\daily\2016.10.19\39.vir.exe a variant of MSIL/TrojanDropper.Binder.CA trojan cleaned by deleting
D:\TEST\daily\2016.10.19\40.vir.exe Win32/Tofsee.AZ trojan cleaned by deleting
D:\TEST\daily\2016.10.19\41.vir.exe NSIS/TrojanClicker.Agent.CE trojan cleaned by deleting
D:\TEST\daily\2016.10.19\42.vir.html JS/TrojanDownloader.Nemucod.ATW trojan cleaned by deleting
D:\TEST\daily\2016.10.19\44.vir PowerShell/TrojanDownloader.Agent.J trojan cleaned by deleting
D:\TEST\daily\2016.10.19\45.vir.JAR a variant of Java/TrojanDownloader.Agent.NMV trojan cleaned by deleting
D:\TEST\daily\2016.10.19\46.vir.html JS/Kryptik.BBO trojan cleaned by deleting
D:\TEST\daily\2016.10.19\47.vir.html JS/TrojanDownloader.Nemucod.ATK trojan cleaned by deleting
D:\TEST\daily\2016.10.19\48.vir.html HTML/Phishing.PayPal.BC trojan cleaned by deleting
D:\TEST\daily\2016.10.19\50.vir.DOCX VBS/TrojanDownloader.Agent.ONZ trojan deleted[/mw_shl_code]

显示全部楼层 · 发表于 2016-10-19 10:15:15

NS 还剩下26X

扫描信息:
  病毒定义版本: 2016.10.18.008
  病毒定义序列 ID: 181194

扫描统计信息:
  扫描开始:
本地: 2016-10-19 10:09
UTC: 2016-10-19 2:09
  扫描时间: 97 秒
  扫描目标: C:\Documents and Settings\Administrator\桌面\2016.10.19
计数:
  扫描的项目总数: 143
  - 文件和目录: 143
  - 注册表条目: 0
  - 进程和启动项目: 0
  - 网络和浏览器项目: 0
  - 其他: 0
  - 受信任文件: 0
  - 跳过的文件: 0

  检测到的安全风险总数: 33
  已解决的项目总数: 33
  需要注意的项目总数: 0

已解决的威胁:
Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 压缩
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
- 已删除

Trojan.Gen.2
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
3 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\21.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\13.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\40.vir - 已删除
1 个浏览器缓存

Trojan Horse
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
4 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\01.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\07.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\17.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\34.vir - 已删除
1 个浏览器缓存

W32.Pilleuz
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\10.vir - 已删除
1 个浏览器缓存

JS.Downloader
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
5 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\12.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\18.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\19.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\42.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\47.vir - 已删除
1 个浏览器缓存

Infostealer.Limitail
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
10 个注册表项
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\->NofolderOptions:0 - 已修复
HKEY_USERS\S-1-5-21-4082868123-1837926261-3433535750-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\->NofolderOptions:0 - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\->NofolderOptions:0 - 已修复
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\->NofolderOptions:0 - 已修复
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\Parameters\->FirstRun:0 - 已修复
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - 已修复
HKEY_USERS\S-1-5-21-4082868123-1837926261-3433535750-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - 已修复
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - 已修复
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\->ShowSuperHidden:0 - 已修复
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusDisableNotify:0 - 已修复
1 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\15.vir - 已删除
1 个浏览器缓存

Trojan.Gen
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
5 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\20.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\23.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\24.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\30.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\36.vir - 已删除
1 个浏览器缓存

Trojan.Mdropper
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
2 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\26.vir - 已删除
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\32.vir - 已删除
1 个浏览器缓存

Heur.AdvML.B
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 启发式病毒
状态: 完全解决
-----------
1 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\28.vir - 已删除
1 个浏览器缓存

Backdoor.Trojan
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
2 个注册表项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\->EnableLUA:1 - 已修复
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile->DoNotAllowExceptions:1 - 已修复
1 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\39.vir - 已删除
1 个浏览器缓存

Downloader
类型: 异常
风险: 高 (高隐藏, 高删除, 高性能, 高隐私)
类别: 病毒
状态: 完全解决
-----------
1 个受感染文件
c:\documents and settings\administrator\桌面\2016.10.19\2016.10.19\44.vir - 已删除
1 个浏览器缓存

未解决的威胁:
没有未解决的风险

[病毒样本] 精睿样本测试（16.10.19）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源