avira
网页链接:网页监控+右键全部检测。其余死链
- 04/06/2018,11-42-49 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\swaveys.exe'
- 04/06/2018,11-42-49 [INFO] e:\virus\swaveys.exe
- 04/06/2018,11-42-49 [INFO] [DETECTION] file contains 'TR/Dropper.VB.ppfkm'
- 04/06/2018,11-42-50 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\cyy.exe'
- 04/06/2018,11-42-50 [INFO] e:\virus\cyy.exe
- 04/06/2018,11-42-50 [INFO] [DETECTION] file contains 'TR/Dropper.VB.lbxlx'
- 04/06/2018,11-42-50 [INFO] AUC login request succeed.
- 04/06/2018,11-42-54 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\adobe.exe'
- 04/06/2018,11-42-54 [INFO] The file 'e:\virus\adobe.exe' was scanned with the Protection Cloud. SHA256 = 0A3DFB7B1A8DD63B0E4C84B9FF800031D40C4A6FED42B1F7D35AE53E3D6D88FE
- 04/06/2018,11-42-54 [INFO] AUC reports URL: http://216.170.118.12/office/adobe.exe as 'Safe'.
- 04/06/2018,11-42-54 [INFO] e:\virus\adobe.exe
- 04/06/2018,11-42-54 [INFO] [DETECTION] file contains 'TR/Dropper.MSIL.0a3dfb'
- 04/06/2018,11-42-55 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\adobe.123'
- 04/06/2018,11-42-55 [INFO] The file 'e:\virus\adobe.123' was scanned with the Protection Cloud. SHA256 = 286285C1F6C55456B8C128F068854163A9CF70AB9BE6990C1C1D446E025D56A1
- 04/06/2018,11-42-55 [INFO] AUC reports URL: http://216.170.118.12/office/adobe.123 as 'Safe'.
- 04/06/2018,11-42-55 [INFO] e:\virus\adobe.123
- 04/06/2018,11-42-55 [INFO] [DETECTION] file contains 'TR/Dropper.MSIL.286285'
复制代码
样本包:
监控杀23,右键杀掉其余
- 04/06/2018,11-48-23 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(1).exe'
- 04/06/2018,11-48-23 [INFO] The file 'e:\virus\virus9x 0406\(1).exe' was scanned with the Protection Cloud. SHA256 = 4DA72551E7CD6C172E366135A7641CEB20FCD44DD64DF3974348062FE632AABF
- 04/06/2018,11-48-23 [INFO] e:\virus\virus9x 0406\(1).exe
- 04/06/2018,11-48-23 [INFO] [DETECTION] file contains 'TR/AD.Nymaim.Y'
- 04/06/2018,11-48-23 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(4).exe'
- 04/06/2018,11-48-23 [INFO] The file 'e:\virus\virus9x 0406\(4).exe' was scanned with the Protection Cloud. SHA256 = BC8155531644F246AB5E0FD7B15EF09172B6C759C5EC0DAA577BE107D891DAF6
- 04/06/2018,11-48-23 [INFO] e:\virus\virus9x 0406\(4).exe
- 04/06/2018,11-48-23 [INFO] [DETECTION] file contains 'TR/AD.Fareit.Y'
- 04/06/2018,11-48-24 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(5).exe'
- 04/06/2018,11-48-24 [INFO] The file 'e:\virus\virus9x 0406\(5).exe' was scanned with the Protection Cloud. SHA256 = D3AC9F2F4DDE967C2A0745BE48C028E001D98270C795B3EC88064CA581D5F385
- 04/06/2018,11-48-24 [INFO] e:\virus\virus9x 0406\(5).exe
- 04/06/2018,11-48-24 [INFO] [DETECTION] file contains 'TR/Dropper.VB.d3ac9f'
- 04/06/2018,11-48-25 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(6).exe'
- 04/06/2018,11-48-25 [INFO] The file 'e:\virus\virus9x 0406\(6).exe' was scanned with the Protection Cloud. SHA256 = D32DEBCBFD6F7C3B016C2E4E4529FBE62A2ACBED3AA637CE74A7B5B8AD215E3B
- 04/06/2018,11-48-25 [INFO] e:\virus\virus9x 0406\(6).exe
- 04/06/2018,11-48-25 [INFO] [DETECTION] file contains 'TR/AD.Inject.Y'
- 04/06/2018,11-48-25 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(7).exe'
- 04/06/2018,11-48-25 [INFO] The file 'e:\virus\virus9x 0406\(7).exe' was scanned with the Protection Cloud. SHA256 = 286285C1F6C55456B8C128F068854163A9CF70AB9BE6990C1C1D446E025D56A1
- 04/06/2018,11-48-25 [INFO] AUC reports URL: http://216.170.118.12/office/adobe.123 as 'Safe'.
- 04/06/2018,11-48-25 [INFO] e:\virus\virus9x 0406\(7).exe
- 04/06/2018,11-48-25 [INFO] [DETECTION] file contains 'TR/Dropper.MSIL.286285'
- 04/06/2018,11-48-26 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(8).exe'
- 04/06/2018,11-48-26 [INFO] The file 'e:\virus\virus9x 0406\(8).exe' was scanned with the Protection Cloud. SHA256 = 43086E97829C86EA58BF4726B580CA0992EF5118CBBF6A1807BEF7F4569CFF20
- 04/06/2018,11-48-26 [INFO] e:\virus\virus9x 0406\(8).exe
- 04/06/2018,11-48-26 [INFO] [DETECTION] file contains 'TR/AD.Emotet.43086e'
- 04/06/2018,11-48-26 [INFO] FP reports status 'NO False Positive' for file 'e:\virus\virus9x 0406\(9).exe'
- 04/06/2018,11-48-26 [INFO] The file 'e:\virus\virus9x 0406\(9).exe' was scanned with the Protection Cloud. SHA256 = 0A3DFB7B1A8DD63B0E4C84B9FF800031D40C4A6FED42B1F7D35AE53E3D6D88FE
- 04/06/2018,11-48-26 [INFO] AUC reports URL: http://216.170.118.12/office/adobe.exe as 'Safe'.
- 04/06/2018,11-48-26 [INFO] e:\virus\virus9x 0406\(9).exe
- 04/06/2018,11-48-26 [INFO] [DETECTION] file contains 'TR/Dropper.MSIL.0a3dfb'
- 4/6/2018,11:44:04 [INFO] FP reports status 'NO False Positive' for file 'E:\virus\Virus9x 0406\(2).exe'
- 4/6/2018,11:44:04 [DETECTION] Is the TR/Dropper.VB.ppfkm Trojan!
- E:\virus\Virus9x 0406\(2).exe
- 4/6/2018,11:44:04 [INFO] FP reports status 'NO False Positive' for file 'E:\virus\Virus9x 0406\(3).exe'
- 4/6/2018,11:44:04 [DETECTION] Is the TR/Dropper.VB.lbxlx Trojan!
复制代码
|