精睿样本测试（16.8.4）

xcvbaby

金山毒霸：20

Eset小粉絲

Avira 35X

[mw_shl_code=css,true]Start of the scan: Thursday, 4 August, 2016  11:19

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.8.4'
C:\Users\User\Desktop\2016.8.4\01.vir
  [DETECTION] Is the TR/AD.Swrort.jccz Trojan
C:\Users\User\Desktop\2016.8.4\02.vir
  [DETECTION] Is the TR/Dldr.Paph.huav Trojan
C:\Users\User\Desktop\2016.8.4\04.vir
    [0] Archive type: ZIP
    --> j/m.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.4 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/e.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.1 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/q.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/p.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.7 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/y.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.14 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/j.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.1 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/u.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.12 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/t.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.11 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/z.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/b.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/St.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.10 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/a.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.46546 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/h.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/s.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.9 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/k.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/c.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.65656 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/d.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5656 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/o.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.6 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/w.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.13 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/n.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.5 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/r.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.8 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/l.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/g.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5778888 Java virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\05.vir
  [DETECTION] Is the TR/Symmi.sfkl Trojan
C:\Users\User\Desktop\2016.8.4\07.vir
  [DETECTION] Contains recognition pattern of the EXP/FLASH.Pubenush.T.Gen exploit
C:\Users\User\Desktop\2016.8.4\08.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.CF Java script virus
C:\Users\User\Desktop\2016.8.4\09.vir
  [DETECTION] Is the TR/Dropper.MSIL.mfin Trojan
C:\Users\User\Desktop\2016.8.4\11.vir
  [DETECTION] Is the TR/ATRAPS.ebts Trojan
C:\Users\User\Desktop\2016.8.4\12.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.25668 Java script virus
C:\Users\User\Desktop\2016.8.4\13.vir
  [DETECTION] Is the TR/Downloader.rvga Trojan
C:\Users\User\Desktop\2016.8.4\14.vir
  [DETECTION] Is the TR/Dldr.Small.zssj Trojan
C:\Users\User\Desktop\2016.8.4\15.vir
  [DETECTION] Is the TR/Dropper.MSIL.wzzy Trojan
C:\Users\User\Desktop\2016.8.4\17.vir
  [DETECTION] Is the TR/Delf.Agent.jexj Trojan
C:\Users\User\Desktop\2016.8.4\19.vir
  [DETECTION] Is the TR/Dropper.VB.zswk Trojan
C:\Users\User\Desktop\2016.8.4\20.vir
    [0] Archive type: ZIP
    --> filedata
        [DETECTION] Is the TR/Spy.Agent.1117184.1 Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\21.vir
  [DETECTION] Is the TR/Crypt.ZPACK.prwp Trojan
C:\Users\User\Desktop\2016.8.4\22.vir
    [0] Archive type: ZIP
    --> jrat/g.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.sdfk Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/x.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.sdfj Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/io.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.47858 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/s.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.44167 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/t.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.8546 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/d.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.44636 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/v.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.sdfi Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/z.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.sdfh Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/q.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.8588 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/i.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.47577 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/r.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.6477 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> jrat/o.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.sdfl Java virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\23.vir
  [DETECTION] Is the TR/Dropper.VB.yysq Trojan
C:\Users\User\Desktop\2016.8.4\25.vir
  [DETECTION] Is the TR/Injector.85899 Trojan
C:\Users\User\Desktop\2016.8.4\26.vir
  [DETECTION] Is the TR/Crypt.ZPACK.itqz Trojan
C:\Users\User\Desktop\2016.8.4\28.vir
    [0] Archive type: ZIP
    --> l.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssf Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> p.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssd.13 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> g.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.4 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> v.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.11 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> k.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.6 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> e.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> Lop.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.7 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> o.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssd.12 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> d.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.1 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> n.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.8 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> r.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.9 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> f.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> h.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.5 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> b.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> z.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.12 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> u.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.76667.10 Java virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\30.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.8.4\31.vir
  [DETECTION] Is the TR/Dropper.MSIL.bxfa Trojan
C:\Users\User\Desktop\2016.8.4\32.vir
    [0] Archive type: OLE
    --> AV00000073.AV$
        [1] Archive type: ZIP
      --> word/vbaProject.bin
          [DETECTION] Contains code of the W2000M/Agent.00951 macro virus
          [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\33.vir
  [DETECTION] Contains recognition pattern of the PERL/Shellbot.N Perl virus
C:\Users\User\Desktop\2016.8.4\35.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\36.vir
  [DETECTION] Is the TR/Crypt.ZPACK.noqz Trojan
C:\Users\User\Desktop\2016.8.4\37.vir
    [0] Archive type: GZ
    --> Object
        [DETECTION] Is the TR/Dropper.VB.izuv Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\39.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\41.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen7
C:\Users\User\Desktop\2016.8.4\42.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.8.4\44.vir
    [0] Archive type: XAR
    --> Plugins/Offers.bundle/Contents/MacOS/Offers
        [DETECTION] Contains virus patterns of Adware ADWARE/OSX.VSearch.qujk
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\45.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.4\47.vir
  [DETECTION] Is the TR/Dropper.MSIL.ctpl Trojan
C:\Users\User\Desktop\2016.8.4\48.vir
  [DETECTION] Is the TR/Drop.Scheduler.ano Trojan[/mw_shl_code]

望人在天北

ESS：25

tmcss

望人在天北 发表于 2016-8-4 11:22
ESS：25

解压杀25个，右键清除12个，剩13个，病毒库：13906（20160803）

Microsoftheihei

sep kill17

我要打十個

waymark

wu5920 发表于 2016-8-4 09:49
火绒

Huorong Network Security Suite v3.0.42.2 (Last update: 2016-08-03 16:33)
Copyright (C) Huorong Borui (Beijing) Technology Co., Ltd. All rights reserved.

Scan engine version:v3.0.4.0
Signature database fingerprint: f2a3446:6e6241c:6e6241c:6e6241c
Signature database timestamp: 2016-08-03 16:33

Scan started at:   2016-08-04 12:14:53

E:\Download\2016.8.4\01.vir: HVM:Trojan/Swrort.gen!A
E:\Download\2016.8.4\10.vir >> ?\nsDialogs.dll: Adware/MyWebSearch.g
E:\Download\2016.8.4\11.vir: HEUR:VirTool/Obfuscator.gen!C
E:\Download\2016.8.4\12.vir: TrojanDownloader/JS.Nemucod.dl
E:\Download\2016.8.4\19.vir: Trojan/Injector.dl
E:\Download\2016.8.4\25.vir: HEUR:VirTool/Obfuscator.gen!C
E:\Download\2016.8.4\26.vir: HEUR:VirTool/Obfuscator.gen!B
E:\Download\2016.8.4\32.vir >> word\vbaProject.bin: OMacro/Dropper
E:\Download\2016.8.4\35.vir >> word\vbaProject.bin: OMacro/Downloader.iv
E:\Download\2016.8.4\39.vir >> word\vbaProject.bin: OMacro/Downloader.iv
E:\Download\2016.8.4\43.vir >> [NSIS].nsi: TrojanDownloader/Agent.oh
E:\Download\2016.8.4\45.vir >> word\vbaProject.bin: OMacro/Downloader.iv

Scan completed at: 2016-08-04 12:15:35

Total:             50 file(s), 607 objects(s)
Infected:          12 file(s), 12 objects(s)
Deleted:           0 file(s), 0 failure(s)
Disinfected:       0 file(s), 0 failure(s)
Duration:          00:00:42

waymark

EAV，日志中有35个文件记录，但10号应该算没扫出来？
日志
E:\Download\2016.8.4\04.vir > ZIP > j/m.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/e.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/q.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/p.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/y.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/j.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/u.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/t.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/z.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/b.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/St.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/a.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/h.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/s.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/k.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/c.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/d.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/o.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/w.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/n.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/r.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/l.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\04.vir > ZIP > j/g.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\07.vir > CWS > file.swf - SWF/Exploit.ExKit.AWD 特洛伊木马 的变种 - 已删除
E:\Download\2016.8.4\08.vir - JS/TrojanDownloader.Nemucod.AON 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\09.vir - MSIL/Agent.YW 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\10.vir > NSIS > nsDialogs.dll - 正常
E:\Download\2016.8.4\11.vir - Win32/Kryptik.FDGJ 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\12.vir - JS/TrojanDownloader.Nemucod.AOH 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\13.vir - Win32/TrojanDownloader.Banload.XLO 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\14.vir - MSIL/TrojanDownloader.Small.AOK 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\15.vir - MSIL/Kryptik.GWF 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\17.vir - Win32/Delf.SSI 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\18.vir - Win32/Injector.DDGU 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\19.vir - Win32/Injector.DCZW 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\21.vir - Win32/Kovter.D 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/f.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/g.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/x.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/l.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/io.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/s.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/j.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/t.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/d.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/v.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/z.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/h.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/u.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/q.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/y.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/m.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/a.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/i.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/r.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/p.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\22.vir > ZIP > jrat/o.class - Java/Adwind.WY 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\23.vir - Win32/Remtasu.Y 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\24.vir > NSIS > Script.nsi - 正常
E:\Download\2016.8.4\24.vir > NSIS > Albite.W - 压缩文件已损坏 － 文件无法解压。
E:\Download\2016.8.4\24.vir > NSIS > CDRom.dll - Win32/Injector.DDFK 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\25.vir - Win32/Injector.DDFL 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\26.vir - Win32/Kryptik.FDPQ 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\27.vir - Win32/KillMBR.NBQ 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > l.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > p.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > g.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > v.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > k.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > e.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > Lop.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > o.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > d.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > n.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > r.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > f.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > h.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > b.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > z.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\28.vir > ZIP > u.class - Java/Adwind.XA 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\31.vir - MSIL/Kryptik.GSZ 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\33.vir - Perl/Shellbot.NAL.Gen 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\34.vir > CWS > file.swf - 解压错误
E:\Download\2016.8.4\35.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMK 特洛伊木马 - 扫描完成后再选择处理方式
E:\Download\2016.8.4\36.vir - Win32/Injector.DDAT 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\37.vir > GZIP > 37.vir - Win32/Filecoder.CTBLocker.A 特洛伊木马 - 已删除
E:\Download\2016.8.4\38.vir - Win32/Filecoder.Locky.C 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\39.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMK 特洛伊木马 - 扫描完成后再选择处理方式
E:\Download\2016.8.4\40.vir - VBS/Kryptik.GC 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\43.vir > NSIS > Script.nsi - NSIS/TrojanDownloader.Grinidou.B 特洛伊木马 - 通过删除清除 [1]
E:\Download\2016.8.4\44.vir > XAR > Plugins\Offers.bundle\Contents\MacOS\Offers - OSX/Adware.VSearch.S 应用程序 的变种 - 扫描完成后再选择处理方式
E:\Download\2016.8.4\45.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMK 特洛伊木马 - 扫描完成后再选择处理方式
E:\Download\2016.8.4\47.vir - MSIL/Injector.PYF 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\48.vir - Win32/Agent.RNM 特洛伊木马 的变种 - 通过删除清除 [1]
E:\Download\2016.8.4\35.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMK 特洛伊木马 - 已删除
E:\Download\2016.8.4\39.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMK 特洛伊木马 - 已删除
E:\Download\2016.8.4\44.vir > XAR > Plugins\Offers.bundle\Contents\MacOS\Offers - OSX/Adware.VSearch.S 应用程序 的变种 - 已删除
E:\Download\2016.8.4\45.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMK 特洛伊木马 - 已删除
已扫描的对象数: 222
发现的威胁数: 90
已清除对象数: 90
完成时间: 12:19:51  总扫描时间: 22 秒 (00:00:22)

Llano_心情

百度【关闭大B引擎

断网 kill x 18
[mw_shl_code=css,true]扫描结果
扫描文件数:50
发现风险数:18
已处理风险数:0


风险情况详情:

病毒木马名:JS.Trojan-Downloader.Nemucod.cj.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\30.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Perl.Backdoor.Shellbot.f.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\33.vir  病毒木马类型:后门程序 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoz.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\35.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9985.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\20.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoz.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\39.vir  病毒木马类型:下载者木马 未处理
病毒木马名:JS.Trojan-Downloader.Nemucod.cj.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\42.vir  病毒木马类型:下载者木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoz.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\45.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\37.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9996.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\14.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\15.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\18.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9985.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\13.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.Cerber.b.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\21.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\26.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\31.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9985.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\36.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9998.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\47.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9962.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\48.vir  病毒木马类型:恶意木马 未处理[/mw_shl_code]

联网 kill x 20
[mw_shl_code=css,true]扫描结果
扫描文件数:50
发现风险数:20
已处理风险数:0


风险情况详情:

病毒木马名:Win32.Gen.CCE03.cdq.cav  路径:C:\Users\魔法llano\Documents\2016.8.4\01.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Gen.CCE03.cdq.cav  路径:C:\Users\魔法llano\Documents\2016.8.4\21.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Gen.CCE03.cdq.cav  路径:C:\Users\魔法llano\Documents\2016.8.4\23.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Gen.CCE03.cdq.cav  路径:C:\Users\魔法llano\Documents\2016.8.4\26.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9996.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\14.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\15.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9985.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\13.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\18.vir  病毒木马类型:恶意木马 未处理
病毒木马名:JS.Trojan-Downloader.Nemucod.cj.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\30.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Perl.Backdoor.Shellbot.f.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\33.vir  病毒木马类型:后门程序 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9985.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\20.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoz.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\35.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\37.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9999.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\31.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoz.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\39.vir  病毒木马类型:下载者木马 未处理
病毒木马名:JS.Trojan-Downloader.Nemucod.cj.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\42.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9985.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\36.vir  病毒木马类型:恶意木马 未处理
病毒木马名:VBA.Trojan-Downloader.Agent.aoz.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\45.vir  病毒木马类型:下载者木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9998.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\47.vir  病毒木马类型:恶意木马 未处理
病毒木马名:Win32.Trojan.WisdomEyes.150615.9950.9962.bav  路径:C:\Users\魔法llano\Documents\2016.8.4\48.vir  病毒木马类型:恶意木马 未处理[/mw_shl_code]

蓝天二号

mcafee  21X