8884016b2f6bb692e046df87ebcbdc44c394a0f9

显示全部楼层 · 发表于 2016-12-4 21:33:04

http://blog.airbuscybersecurity. ... the-Hancitor-Maldoc

显示全部楼层 · 发表于 2016-12-4 21:46:11

诺顿清空

显示全部楼层 · 发表于 2016-12-4 21:46:59

panda
木马 Trj/GdSda.A 0f102b25c7c900a370b8d1c4a1d357fb6ea0de2c7b26261d49674fce32ad80b2.exe
木马 Trj/GdSda.A 8db8eecc7a3c3c907e5d125b9e0bcb85089ff104f73ba08d8e4670e4b204e1bb.exe
miss
d84b585409fb4f538cde666cefc7980ba3a927dc292dfb391bdcd8765d4ce0c8.DOC
b506faff00ae557056d387442e9d4d2a53e87c5f9cd59f75db9ba5525ffa0ba3.DOC

显示全部楼层 · 发表于 2016-12-4 22:16:44

扫描时间：[2016-12-04 22:16:12]
扫描用时：[00:00:05]
扫描类型：自定义查杀
扫描文件总数：4
扫描速度：1文件/秒
发现威胁：2个
清除威胁：2个
=============================================
[2016-12-04 22:16:26]
威胁：f:\浏览器下载\4x\0f102b25c7c900a370b8d1c4a1d357fb6ea0de2c7b26261d49674fce32ad80b2
类型：win32.heur.kvmh017.a.(kcloud)
处理方式：删除

[2016-12-04 22:16:26]
威胁：f:\浏览器下载\4x\8db8eecc7a3c3c907e5d125b9e0bcb85089ff104f73ba08d8e4670e4b204e1bb
类型：win32.heur.kvmh017.a.(kcloud)
处理方式：删除

显示全部楼层 · 发表于 2016-12-4 22:18:14

趋势

显示全部楼层 · 发表于 2016-12-4 22:30:17

Bitdefender 4/4

显示全部楼层 · 发表于 2016-12-5 02:46:13

[mw_shl_code=css,true]结果: 找到 4 恶意软件

Gen:Trojan.Heur.FU.bqW@ay3mnQfi (病毒)
C:\Users\caizh\Desktop\4x\4x\0f102b25c7c900a370b8d1c4a1d357fb6ea0de2c7b26261d49674fce32ad80b2 操作：已隔离
Trojan:W97M/Nastjencro.A (病毒)
C:\Users\caizh\Desktop\4x\4x\b506faff00ae557056d387442e9d4d2a53e87c5f9cd59f75db9ba5525ffa0ba3 操作：已杀毒
C:\Users\caizh\Desktop\4x\4x\d84b585409fb4f538cde666cefc7980ba3a927dc292dfb391bdcd8765d4ce0c8
Gen:Trojan.Heur.FU.bqW@aaoSOwhi (病毒)
C:\Users\caizh\Desktop\4x\4x\8db8eecc7a3c3c907e5d125b9e0bcb85089ff104f73ba08d8e4670e4b204e1bb 操作：已隔离[/mw_shl_code]

FS跳过1，修复1，隔离2，找到4，算是全找到了。只是处理差一些

显示全部楼层 · 发表于 2016-12-5 07:37:50

WD全干掉

显示全部楼层 · 发表于 2016-12-5 09:32:12

卡巴

0f102b25c7c900a370b8d1c4a1d357fb6ea0de2c7b26261d49674fce32ad80b2
Trojan-PSW.Win32.Fareit.cfuv
8db8eecc7a3c3c907e5d125b9e0bcb85089ff104f73ba08d8e4670e4b204e1bb
Trojan-PSW.Win32.Fareit.ceei
b506faff00ae557056d387442e9d4d2a53e87c5f9cd59f75db9ba5525ffa0ba3
Trojan-Downloader.MSWord.Agent.atg
d84b585409fb4f538cde666cefc7980ba3a927dc292dfb391bdcd8765d4ce0c8
Trojan-Downloader.MSWord.Agent.atp

显示全部楼层 · 发表于 2016-12-5 11:08:05

Avira
[mw_shl_code=css,true]
Type: File
Source: C:\Users\Downloads\4x\8db8eecc7a3c3c907e5d125b9e0bcb85089ff104f73ba08d8e4670e4b204e1bb
Status: Infected
Quarantine object: 300142da.qua
Restored: NO
Uploaded to Avira: NO
Operating system: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.03.42.80
Virus definition file: 8.12.139.66
Detection: TR/Crypt.Xpack.hsunj
Date/Time: 5/12/2016, 11:07

Type: File
Source: C:\Users\Downloads\4x\d84b585409fb4f538cde666cefc7980ba3a927dc292dfb391bdcd8765d4ce0c8
Status: Infected
Quarantine object: 51415188.qua
Restored: NO
Uploaded to Avira: NO
Operating system: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.03.42.80
Virus definition file: 8.12.139.66
Detection: W2000M/Agent.55570
Date/Time: 5/12/2016, 11:07

Type: File
Source: C:\Users\Downloads\4x\b506faff00ae557056d387442e9d4d2a53e87c5f9cd59f75db9ba5525ffa0ba3
Status: Infected
Quarantine object: 218f171b.qua
Restored: NO
Uploaded to Avira: NO
Operating system: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.03.42.80
Virus definition file: 8.12.139.66
Detection: W2000M/Agent.40111
Date/Time: 5/12/2016, 11:07

Type: File
Source: C:\Users\Downloads\4x\0f102b25c7c900a370b8d1c4a1d357fb6ea0de2c7b26261d49674fce32ad80b2
Status: Infected
Quarantine object: 20a66f0b.qua
Restored: NO
Uploaded to Avira: NO
Operating system: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.03.42.80
Virus definition file: 8.12.139.66
Detection: TR/Crypt.Xpack.qtjrt
Date/Time: 5/12/2016, 11:07[/mw_shl_code]

[其他相关] 8884016b2f6bb692e046df87ebcbdc44c394a0f9

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块