精睿样本测试（16.8.12）

显示全部楼层 · 发表于 2016-8-12 09:12:00

地址：

http://pan.baidu.com/s/1qXOa93I 提取密码 ch9f
http://www.vdisk.cn/down/index/19730187

密码：bbs.vc52.cn
数量：50

不分流了啊

显示全部楼层 · 发表于 2016-8-12 09:16:01

MSE

[mw_shl_code=css,true]Scan started on Fri Aug 12 09:14:24 2016

C:\Users\XuanXia\Desktop\2016.8.12\02.vir                               Infected: TrojanDownloader:Win32/Terdot.A
C:\Users\XuanXia\Desktop\2016.8.12\03.vir                               Infected: Ransom:Win32/Teerac
C:\Users\XuanXia\Desktop\2016.8.12\04.vir->word/vbaProject.bin          Infected: TrojanDownloader:O97M/Donoff.BG
C:\Users\XuanXia\Desktop\2016.8.12\10.vir                               Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.8.12\11.vir->(JSNORM)                      Infected: TrojanDownloader:JS/Swabfex.P [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.12\13.vir                               Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.12\14.vir->word/vbaProject.bin          Infected: TrojanDownloader:O97M/Donoff.BG
C:\Users\XuanXia\Desktop\2016.8.12\16.vir->word/vbaProject.bin          Infected: Trojan:O97M/Macrobe.D
C:\Users\XuanXia\Desktop\2016.8.12\18.vir                               Infected: Ransom:Win32/HydraCrypt.A
C:\Users\XuanXia\Desktop\2016.8.12\19.vir->word/vbaProject.bin          Infected: Trojan:O97M/Macrobe.D
C:\Users\XuanXia\Desktop\2016.8.12\21.vir->word/vbaProject.bin          Infected: TrojanDownloader:O97M/Donoff.BG
C:\Users\XuanXia\Desktop\2016.8.12\22.vir                               Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.12\23.vir                               Infected: TrojanDownloader:Win32/Terdot.A
C:\Users\XuanXia\Desktop\2016.8.12\26.vir                               Infected: Ransom:Win32/Tovicrypt.A
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/m.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/e.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/q.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/p.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/y.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/j.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/u.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/t.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/z.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/b.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/St.class                   Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/a.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/h.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/s.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/k.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/c.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/d.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/o.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/w.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/n.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/r.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/l.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\32.vir->j/g.class                      Infected: Trojan:Java/Adwind.AA
C:\Users\XuanXia\Desktop\2016.8.12\33.vir                               Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.12\33.vir->(RarSfx)->Pnmsiy.exe          Infected: Trojan:Win32/Skeeyah.A!rfn [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.12\35.vir                               Infected: Trojan:Java/Adwind.P
C:\Users\XuanXia\Desktop\2016.8.12\36.vir                               Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.12\37.vir                               Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.12\39.vir                               Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.12\40.vir->(pdf0001:Web Design Skills.pdf) Infected: Trojan:Win32/Swrort.A [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.12\42.vir                               Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.12\43.vir->word/vbaProject.bin          Infected: Trojan:O97M/Macrobe.D
C:\Users\XuanXia\Desktop\2016.8.12\45.vir                               Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.12\46.vir                               Infected: TrojanSpy:Win32/Ursnif.HN
C:\Users\XuanXia\Desktop\2016.8.12\50.vir                               Infected: Trojan:Java/Adwind.P
Successfully checked: C:\Users\XuanXia\Desktop\2016.8.12

Scan ended on Fri Aug 12 09:14:39 2016

Time: 15 second(s). [0h:00m:15s]
Files/second: 30 (4985 Kb/s).
Objects scanned: 458.
Infected: 49. Suspicious: 0. Clean: 409. Different virus bodies: 14.
Files: 50. Directories: 1. Archives: 170. Packed: 10. Mail files: 2.
Warnings: 49. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.[/mw_shl_code]

显示全部楼层 · 发表于 2016-8-12 09:16:34

KIS

[mw_shl_code=css,true]12.08.2016 09.15.06;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\40.vir//data0007;D:\Users‘ Documents\Desktop\2016.8.12\40.vir//data0007;HEUR:Trojan.Win32.Generic
12.08.2016 09.15.18;可选择扫描;完成任务;08/12/2016 09:15:18
12.08.2016 09.15.06;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\40.vir//data0007;D:\Users‘ Documents\Desktop\2016.8.12\40.vir//data0007;HEUR:Trojan.Win32.Generic
12.08.2016 09.15.06;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/__AUX.class;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/__AUX.class;Backdoor.Java.Adwind.bd
12.08.2016 09.15.06;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\40.vir//data0007;D:\Users‘ Documents\Desktop\2016.8.12\40.vir//data0007;HEUR:Trojan.Win32.Generic
12.08.2016 09.15.04;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/Start.class;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/Start.class;Backdoor.Java.Adwind.bd
12.08.2016 09.15.04;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/Start.class;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/Start.class;Backdoor.Java.Adwind.bd
12.08.2016 09.15.03;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/Start.class;D:\Users‘ Documents\Desktop\2016.8.12\50.vir//main/Start.class;Backdoor.Java.Adwind.bd
12.08.2016 09.15.00;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\45.vir;D:\Users‘ Documents\Desktop\2016.8.12\45.vir;Trojan-Downloader.JS.Agent.lxa
12.08.2016 09.15.00;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\45.vir;D:\Users‘ Documents\Desktop\2016.8.12\45.vir;Trojan-Downloader.JS.Agent.lxa
12.08.2016 09.14.59;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\45.vir;D:\Users‘ Documents\Desktop\2016.8.12\45.vir;Trojan-Downloader.JS.Agent.lxa
12.08.2016 09.14.57;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Cryptoload.j
12.08.2016 09.14.57;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin//Module2;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin//Module2;Trojan-Downloader.MSWord.Cryptoload.j
12.08.2016 09.14.57;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.amw
12.08.2016 09.14.57;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin//Module;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin//Module;Trojan-Downloader.MSWord.Agent.amw
12.08.2016 09.14.56;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\42.vir;D:\Users‘ Documents\Desktop\2016.8.12\42.vir;Trojan-Downloader.JS.Agent.lyi
12.08.2016 09.14.56;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\42.vir;D:\Users‘ Documents\Desktop\2016.8.12\42.vir;Trojan-Downloader.JS.Agent.lyi
12.08.2016 09.14.56;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin//Module;D:\Users‘ Documents\Desktop\2016.8.12\43.vir//word/vbaProject.bin//Module;Trojan-Downloader.MSWord.Agent.amw
12.08.2016 09.14.56;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\42.vir;D:\Users‘ Documents\Desktop\2016.8.12\42.vir;Trojan-Downloader.JS.Agent.lyi
12.08.2016 09.14.55;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\39.vir;D:\Users‘ Documents\Desktop\2016.8.12\39.vir;Trojan-Dropper.MSWord.Agent.nc
12.08.2016 09.14.55;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\39.vir//ThisDocument;D:\Users‘ Documents\Desktop\2016.8.12\39.vir//ThisDocument;Trojan-Dropper.MSWord.Agent.nc
12.08.2016 09.14.55;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\39.vir//ThisDocument;D:\Users‘ Documents\Desktop\2016.8.12\39.vir//ThisDocument;Trojan-Dropper.MSWord.Agent.nc
12.08.2016 09.14.55;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\38.vir//de/sogomn/rat/RattyClient.class;D:\Users‘ Documents\Desktop\2016.8.12\38.vir//de/sogomn/rat/RattyClient.class;Trojan.Java.Ratty.a
12.08.2016 09.14.55;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\38.vir//de/sogomn/rat/RattyClient.class;D:\Users‘ Documents\Desktop\2016.8.12\38.vir//de/sogomn/rat/RattyClient.class;Trojan.Java.Ratty.a
12.08.2016 09.14.55;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\33.vir//Pnmsiy.exe;D:\Users‘ Documents\Desktop\2016.8.12\33.vir//Pnmsiy.exe;Trojan-Ransom.MSIL.Wildfire.a
12.08.2016 09.14.55;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\33.vir//Pnmsiy.exe;D:\Users‘ Documents\Desktop\2016.8.12\33.vir//Pnmsiy.exe;Trojan-Ransom.MSIL.Wildfire.a
12.08.2016 09.14.54;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\36.vir;D:\Users‘ Documents\Desktop\2016.8.12\36.vir;Backdoor.Win32.Farfli.alja
12.08.2016 09.14.54;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\36.vir;D:\Users‘ Documents\Desktop\2016.8.12\36.vir;Backdoor.Win32.Farfli.alja
12.08.2016 09.14.54;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\38.vir//de/sogomn/rat/RattyClient.class;D:\Users‘ Documents\Desktop\2016.8.12\38.vir//de/sogomn/rat/RattyClient.class;Trojan.Java.Ratty.a
12.08.2016 09.14.54;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\36.vir;D:\Users‘ Documents\Desktop\2016.8.12\36.vir;Backdoor.Win32.Farfli.alja
12.08.2016 09.14.54;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\33.vir//Pnmsiy.exe;D:\Users‘ Documents\Desktop\2016.8.12\33.vir//Pnmsiy.exe;Trojan-Ransom.MSIL.Wildfire.a
12.08.2016 09.14.53;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\35.vir;D:\Users‘ Documents\Desktop\2016.8.12\35.vir;HEUR:Backdoor.Java.Generic
12.08.2016 09.14.53;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\35.vir;D:\Users‘ Documents\Desktop\2016.8.12\35.vir;HEUR:Backdoor.Java.Generic
12.08.2016 09.14.53;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\26.vir;D:\Users‘ Documents\Desktop\2016.8.12\26.vir;UDS:DangerousPattern.Multi.Generic
12.08.2016 09.14.53;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\26.vir;D:\Users‘ Documents\Desktop\2016.8.12\26.vir;UDS:DangerousPattern.Multi.Generic
12.08.2016 09.14.53;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\07.vir;D:\Users‘ Documents\Desktop\2016.8.12\07.vir;HEUR:Hoax.Win32.ArchSMS.gen
12.08.2016 09.14.53;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\07.vir;D:\Users‘ Documents\Desktop\2016.8.12\07.vir;HEUR:Hoax.Win32.ArchSMS.gen
12.08.2016 09.14.53;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\35.vir;D:\Users‘ Documents\Desktop\2016.8.12\35.vir;HEUR:Backdoor.Java.Generic
12.08.2016 09.14.52;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\26.vir;D:\Users‘ Documents\Desktop\2016.8.12\26.vir;UDS:DangerousPattern.Multi.Generic
12.08.2016 09.14.52;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\07.vir;D:\Users‘ Documents\Desktop\2016.8.12\07.vir;HEUR:Hoax.Win32.ArchSMS.gen
12.08.2016 09.14.51;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/St.class;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/St.class;Backdoor.Java.Agent.bg
12.08.2016 09.14.51;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/b.class;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/b.class;Backdoor.Java.Agent.bg
12.08.2016 09.14.51;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/b.class;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/b.class;Backdoor.Java.Agent.bg
12.08.2016 09.14.50;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/b.class;D:\Users‘ Documents\Desktop\2016.8.12\32.vir//j/b.class;Backdoor.Java.Agent.bg
12.08.2016 09.14.49;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\31.vir;D:\Users‘ Documents\Desktop\2016.8.12\31.vir;HEUR:Backdoor.Java.Generic
12.08.2016 09.14.49;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\31.vir;D:\Users‘ Documents\Desktop\2016.8.12\31.vir;HEUR:Backdoor.Java.Generic
12.08.2016 09.14.49;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\28.vir//JIM;D:\Users‘ Documents\Desktop\2016.8.12\28.vir//JIM;HEUR:Exploit.Script.Generic
12.08.2016 09.14.49;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\28.vir//JIM;D:\Users‘ Documents\Desktop\2016.8.12\28.vir//JIM;HEUR:Exploit.Script.Generic
12.08.2016 09.14.49;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\31.vir;D:\Users‘ Documents\Desktop\2016.8.12\31.vir;HEUR:Backdoor.Java.Generic
12.08.2016 09.14.48;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\28.vir//JIM;D:\Users‘ Documents\Desktop\2016.8.12\28.vir//JIM;HEUR:Exploit.Script.Generic
12.08.2016 09.14.47;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\23.vir;D:\Users‘ Documents\Desktop\2016.8.12\23.vir;Trojan.Win32.Inject.aalfi
12.08.2016 09.14.47;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\23.vir;D:\Users‘ Documents\Desktop\2016.8.12\23.vir;Trojan.Win32.Inject.aalfi
12.08.2016 09.14.47;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\24.vir;D:\Users‘ Documents\Desktop\2016.8.12\24.vir;Trojan-Downloader.VBS.Agent.byl
12.08.2016 09.14.47;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\24.vir;D:\Users‘ Documents\Desktop\2016.8.12\24.vir;Trojan-Downloader.VBS.Agent.byl
12.08.2016 09.14.45;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\24.vir;D:\Users‘ Documents\Desktop\2016.8.12\24.vir;Trojan-Downloader.VBS.Agent.byl
12.08.2016 09.14.45;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\23.vir;D:\Users‘ Documents\Desktop\2016.8.12\23.vir;Trojan.Win32.Inject.aalfi
12.08.2016 09.14.44;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\21.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\21.vir//word/vbaProject.bin;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.44;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/a.class;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/a.class;Backdoor.Java.Adwind.cc
12.08.2016 09.14.44;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\21.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\21.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.44;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/c.class;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/c.class;Backdoor.Java.Adwind.cc
12.08.2016 09.14.44;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/c.class;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/c.class;Backdoor.Java.Adwind.cc
12.08.2016 09.14.43;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\21.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\21.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.43;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/c.class;D:\Users‘ Documents\Desktop\2016.8.12\20.vir//skywaker/c.class;Backdoor.Java.Adwind.cc
12.08.2016 09.14.43;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\19.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\19.vir//word/vbaProject.bin;Trojan-Downloader.MSWord.Agent.anw
12.08.2016 09.14.43;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\19.vir//word/vbaProject.bin//ThisDocument;D:\Users‘ Documents\Desktop\2016.8.12\19.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.anw
12.08.2016 09.14.43;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\19.vir//word/vbaProject.bin//ThisDocument;D:\Users‘ Documents\Desktop\2016.8.12\19.vir//word/vbaProject.bin//ThisDocument;Trojan-Downloader.MSWord.Agent.anw
12.08.2016 09.14.42;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\16.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\16.vir//word/vbaProject.bin;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.42;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\16.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\16.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.41;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\16.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\16.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.41;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\11.vir;D:\Users‘ Documents\Desktop\2016.8.12\11.vir;Trojan-Downloader.JS.Agent.lzp
12.08.2016 09.14.41;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\11.vir;D:\Users‘ Documents\Desktop\2016.8.12\11.vir;Trojan-Downloader.JS.Agent.lzp
12.08.2016 09.14.41;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\14.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\14.vir//word/vbaProject.bin;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.41;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\14.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\14.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.40;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\11.vir;D:\Users‘ Documents\Desktop\2016.8.12\11.vir;Trojan-Downloader.JS.Agent.lzp
12.08.2016 09.14.40;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\14.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\14.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.40;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\10.vir;D:\Users‘ Documents\Desktop\2016.8.12\10.vir;Trojan.Win32.Yakes.qlnd
12.08.2016 09.14.40;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\10.vir;D:\Users‘ Documents\Desktop\2016.8.12\10.vir;Trojan.Win32.Yakes.qlnd
12.08.2016 09.14.39;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\09.vir;D:\Users‘ Documents\Desktop\2016.8.12\09.vir;not-a-virus:HEUR:Downloader.Win32.LMN.gen
12.08.2016 09.14.39;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\10.vir;D:\Users‘ Documents\Desktop\2016.8.12\10.vir;Trojan.Win32.Yakes.qlnd
12.08.2016 09.14.38;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\06.vir;D:\Users‘ Documents\Desktop\2016.8.12\06.vir;Exploit.MSWord.Agent.hi
12.08.2016 09.14.38;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\06.vir;D:\Users‘ Documents\Desktop\2016.8.12\06.vir;Exploit.MSWord.Agent.hi
12.08.2016 09.14.38;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\02.vir;D:\Users‘ Documents\Desktop\2016.8.12\02.vir;Trojan-Spy.Win32.Zbot.wypn
12.08.2016 09.14.38;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\02.vir;D:\Users‘ Documents\Desktop\2016.8.12\02.vir;Trojan-Spy.Win32.Zbot.wypn
12.08.2016 09.14.38;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\03.vir;D:\Users‘ Documents\Desktop\2016.8.12\03.vir;UDS:DangerousPattern.Multi.Generic
12.08.2016 09.14.38;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\03.vir;D:\Users‘ Documents\Desktop\2016.8.12\03.vir;UDS:DangerousPattern.Multi.Generic
12.08.2016 09.14.36;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\06.vir;D:\Users‘ Documents\Desktop\2016.8.12\06.vir;Exploit.MSWord.Agent.hi
12.08.2016 09.14.36;检测到的对象 ( 文件 ) 已删除。;D:\Users‘ Documents\Desktop\2016.8.12\01.vir;D:\Users‘ Documents\Desktop\2016.8.12\01.vir;not-a-virus:HEUR:AdWare.Win32.iBryte.gen
12.08.2016 09.14.36;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\01.vir;D:\Users‘ Documents\Desktop\2016.8.12\01.vir;not-a-virus:HEUR:AdWare.Win32.iBryte.gen
12.08.2016 09.14.35;检测到的对象 ( 文件 ) 已被清除。;D:\Users‘ Documents\Desktop\2016.8.12\04.vir//word/vbaProject.bin;D:\Users‘ Documents\Desktop\2016.8.12\04.vir//word/vbaProject.bin;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.35;检测到的对象 ( 文件 ) 已移动至隔离区。;D:\Users‘ Documents\Desktop\2016.8.12\04.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\04.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.26;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\03.vir;D:\Users‘ Documents\Desktop\2016.8.12\03.vir;UDS:DangerousPattern.Multi.Generic
12.08.2016 09.14.24;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\01.vir;D:\Users‘ Documents\Desktop\2016.8.12\01.vir;not-a-virus:HEUR:AdWare.Win32.iBryte.gen
12.08.2016 09.14.23;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\02.vir;D:\Users‘ Documents\Desktop\2016.8.12\02.vir;Trojan-Spy.Win32.Zbot.wypn
12.08.2016 09.14.23;检测到对象 ( 文件 ) 。;D:\Users‘ Documents\Desktop\2016.8.12\04.vir//word/vbaProject.bin//Module1;D:\Users‘ Documents\Desktop\2016.8.12\04.vir//word/vbaProject.bin//Module1;Trojan-Downloader.VBS.Agent.byk
12.08.2016 09.14.21;可选择扫描;启动任务;08/12/2016 09:14:21
[/mw_shl_code]

显示全部楼层 · 发表于 2016-8-12 09:16:45

本帖最后由 540923555 于 2016-8-12 11:58 编辑

wd占位，回来测
抱歉，中午才回来
联网查杀+修复=26个。未处理24个

显示全部楼层 · 发表于 2016-8-12 09:22:34

管家国际版（BD）
[mw_shl_code=html,true][Scan information]

Start time:2016-8-12 09:21:58
Elapsed time:00:00:02
Scan type:Custom scan
Antivirus engines:Tencent cloud protection engine Tencent antivirus engine II Tencent system repair engine Bitdefender local antivirus engine
Scan status:Scan complete

[Scan Report]

Files scanned:50
Threats detected:43
Threats processed:43

---------------------
2016-8-12 09:22:02 MD5:5d5edd05664342c13746a88b4d0ac5fe C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\20.vir --> skywaker/l.class [Java.Adwind.L]  [Delete success]
2016-8-12 09:22:02 MD5:1a5bb1721a46c82b0176b18f2d4ba323 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\14.vir --> word/vbaProject.bin [W97M.Downloader.ECV]  [Delete success]
2016-8-12 09:22:02 MD5:4001237db65e092c2b75a20f61f65a4e C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\49.vir [Trojan.Generic.17832106]  [Delete success]
2016-8-12 09:22:02 MD5:68506d761f04a98e8113088aa19c0da1 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\33.vir [Trojan.GenericKD.3437684]  [Delete success]
2016-8-12 09:22:02 MD5:4867b302062ec1d33bd8f876c13f8866 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\27.vir [Trojan.GenericKD.3415537]  [Delete success]
2016-8-12 09:22:02 MD5:1a43efa3d77e3ff21df1968a780c4186 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\32.vir --> j/l.class [Java.Trojan.Adwind.CC]  [Delete success]
2016-8-12 09:22:02 MD5:b0d13e72cf3bf9ad3aa5351aa5a3c0eb C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\09.vir --> (Quarantine-PE) [Gen:Variant.Razy.87948]  [Delete success]
2016-8-12 09:22:03 MD5:5d5edd05664342c13746a88b4d0ac5fe C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\20.vir --> skywaker/a.class [Trojan.Java.Agent.GT]  [Delete success]
2016-8-12 09:22:03 MD5:5e79d5bdabb8caf883a1212fc7fb1bef C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\43.vir --> word/vbaProject.bin [w97m.Downloader.EBH]  [Delete success]
2016-8-12 09:22:03 MD5:e68c5f3edc8a9097e29b5e2137774b2e C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\35.vir --> main/__Aux.class [Java.Trojan.Adwind.AT]  [Delete success]
2016-8-12 09:22:03 MD5:64205003fc61d474821f6a2db788c8ba C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\03.vir [Trojan.GenericKD.3452048]  [Delete success]
2016-8-12 09:22:03 MD5:d6b69affd38b82c6fdffd6c9a089769a C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\17.vir --> (Embedded EXE g) [Gen:Variant.Graftor.294718]  [Delete success]
2016-8-12 09:22:03 MD5:338cedc73eb1fee01372b0746f0e0f09 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\36.vir [Gen:Variant.Strictor.111388]  [Delete success]
2016-8-12 09:22:03 MD5:334c9f6c9bb9542c2b5c085c77d460ce C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\40.vir --> Web Design Skills.pdf [Gen:Variant.Zusy.Elzob.8031]  [Delete success]
2016-8-12 09:22:03 MD5:1a43efa3d77e3ff21df1968a780c4186 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\32.vir --> j/w.class [Java.Trojan.Adwind.CC]  [Delete success]
2016-8-12 09:22:03 MD5:b1d325604c7979b0cd9d18b8aaa84b55 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\18.vir [Trojan.GenericKD.3452110]  [Delete success]
2016-8-12 09:22:03 MD5:5d5edd05664342c13746a88b4d0ac5fe C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\20.vir --> skywaker/r.class [Trojan.Java.Agent.GT]  [Delete success]
2016-8-12 09:22:04 MD5:3fbdb6112990397a79c3b728d4ae7225 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\11.vir [Trojan.JS.Downloader.FDH]  [Delete success]
2016-8-12 09:22:04 MD5:5ebb5547b707a92859ea98f35f03bbc5 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\50.vir --> main/__aux.class [Java.Trojan.Adwind.AT]  [Delete success]
2016-8-12 09:22:04 MD5:dd2ed80f5eeec2f5daec2b26c3c31f41 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\26.vir [Gen:Variant.Symmi.67570]  [Delete success]
2016-8-12 09:22:04 MD5:270cf57615e1b7f960f11dd247e03b13 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\38.vir --> de/sogomn/rat/RattyClient.class [Trojan.Ratty.A]  [Delete success]
2016-8-12 09:22:04 MD5:1a43efa3d77e3ff21df1968a780c4186 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\32.vir --> j/g.class [Java.Trojan.Adwind.CC]  [Delete success]
2016-8-12 09:22:04 MD5:bf6b4c6c5ccae9487504e170d29eda15 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\30.vir [Gen:Variant.MSILPerseus.45646]  [Delete success]
2016-8-12 09:22:04 MD5:b5e44a50031b6b4a4830e3eb2538d8eb C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\08.vir [Trojan.JS.Agent.NMK]  [Delete success]
2016-8-12 09:22:04 MD5:5d5edd05664342c13746a88b4d0ac5fe C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\20.vir --> skywaker/y.class [Trojan.Java.Agent.GT]  [Delete success]
2016-8-12 09:22:04 MD5:f9e4f8adc99785e79ac2eabc0a6c70dc C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\42.vir [Trojan.JS.Downloader.EZK]  [Delete success]
2016-8-12 09:22:04 MD5:e68c5f3edc8a9097e29b5e2137774b2e C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\35.vir --> main/__aux.class [Java.Trojan.Adwind.AT]  [Delete success]
2016-8-12 09:22:05 MD5:b4e8728236f5178dbe55542404dea528 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\07.vir [Gen:Trojan.Heur.TP.biX@bq68wql]  [Delete success]
2016-8-12 09:22:05 MD5:8c69f44d64a9ab496c95d715d3a59b0d C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\46.vir [Gen:Variant.Graftor.283898]  [Delete success]
2016-8-12 09:22:05 MD5:b4b3c9f577cd8340b096e5b41dbb044b C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\16.vir --> word/vbaProject.bin [W97M.Downloader.ECT]  [Delete success]
2016-8-12 09:22:05 MD5:a79253bc70e22d033d70f712926e10d9 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\39.vir [W97M.Downloader.EBS]  [Clean success]
2016-8-12 09:22:05 MD5:e970672e76c4732a65676bcd1b2848ed C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\23.vir [Trojan.GenericKD.3386456]  [Delete success]
2016-8-12 09:22:05 MD5:1a43efa3d77e3ff21df1968a780c4186 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\32.vir --> j/r.class [Java.Trojan.Adwind.CC]  [Delete success]
2016-8-12 09:22:05 MD5:5d5edd05664342c13746a88b4d0ac5fe C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\20.vir --> skywaker/c.class [Trojan.Java.Agent.GT]  [Delete success]
2016-8-12 09:22:05 MD5:00d7fada41f0734d416a6bc51db40c19 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\45.vir [Trojan.JS.Downloader.EMC]  [Delete success]
2016-8-12 09:22:05 MD5:93c2b3e564e891fe29c970fc78a4509a C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\02.vir [Trojan.GenericKD.3428130]  [Delete success]
2016-8-12 09:22:06 MD5:e68c5f3edc8a9097e29b5e2137774b2e C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\35.vir --> main/__CON.class [Java.Trojan.Adwind.AT]  [Delete success]
2016-8-12 09:22:06 MD5:85b2b91b7ffcedd61e09384a0b66312f C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\21.vir --> word/vbaProject.bin [W97M.Downloader.ECV]  [Delete success]
2016-8-12 09:22:06 MD5:3ac2219e8ce3ea9dd3464fe65ee143c5 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\04.vir --> word/vbaProject.bin [W97M.Downloader.ECV]  [Delete success]
2016-8-12 09:22:06 MD5:5d5edd05664342c13746a88b4d0ac5fe C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\20.vir --> skywaker/p.class [Trojan.Java.Agent.GT]  [Delete success]
2016-8-12 09:22:06 MD5:334c9f6c9bb9542c2b5c085c77d460ce C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\40.vir --> (URI) [Exploit.PDF-Dropper.Gen]  [Delete success]
2016-8-12 09:22:06 MD5:1a43efa3d77e3ff21df1968a780c4186 C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\32.vir --> j/e.class [Java.Adwind.K]  [Delete success]
2016-8-12 09:22:06 MD5:b0a1d13017d41390d595a3ff0da4c25f C:\Users\Joyzz_Android01\Desktop\样本\2016.8.12\10.vir [Trojan.RanSerKD.3450244]  [Delete success]
---------------------
[/mw_shl_code]

显示全部楼层 · 发表于 2016-8-12 09:25:49

Avira 32X

[mw_shl_code=css,true]Start of the scan: Friday, 12 August, 2016  09:24

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.8.12'
C:\Users\User\Desktop\2016.8.12\01.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/iBryte.Gen7
C:\Users\User\Desktop\2016.8.12\02.vir
  [DETECTION] Is the TR/Crypt.Xpack.tfxv Trojan
C:\Users\User\Desktop\2016.8.12\03.vir
  [DETECTION] Is the TR/Crypt.Xpack.rjrk Trojan
C:\Users\User\Desktop\2016.8.12\04.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.51950 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\06.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2012-0158 exploit
C:\Users\User\Desktop\2016.8.12\07.vir
  [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Users\User\Desktop\2016.8.12\09.vir
  [DETECTION] Is the TR/Crypt.ZPACK.givh Trojan
C:\Users\User\Desktop\2016.8.12\10.vir
  [DETECTION] Is the TR/Crypt.ZPACK.pdhx Trojan
C:\Users\User\Desktop\2016.8.12\11.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.VS Java script virus
C:\Users\User\Desktop\2016.8.12\14.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.51950 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\15.vir
  [DETECTION] Contains recognition pattern of the EXP/FLASH.Pubenush.T.Gen exploit
C:\Users\User\Desktop\2016.8.12\16.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.CG.542 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\18.vir
  [DETECTION] Is the TR/AD.Tobfy.kddx Trojan
C:\Users\User\Desktop\2016.8.12\19.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains suspicious code HEUR/Macro.Downloader
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\20.vir
[0] Archive type: ZIP
--> skywaker/l.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.8 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/t.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.13 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/r.class
      [DETECTION] Contains recognition pattern of the EXP/JAVA.Adwind.BA.Gen exploit
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/w.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.15 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/b.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.3 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/q.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.11 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/m.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.9 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/x.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.16 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/c.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.4 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/a.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/z.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.18 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/d.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.5 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/y.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.17 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/v.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.14 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/f.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.6 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/p.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.10 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/j.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.7 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> skywaker/Allan.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.tujr.2 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\21.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.51950 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\26.vir
  [DETECTION] Is the TR/ATRAPS.cnun Trojan
C:\Users\User\Desktop\2016.8.12\27.vir
  [DETECTION] Is the TR/Crypt.ZPACK.vyby Trojan
C:\Users\User\Desktop\2016.8.12\32.vir
[0] Archive type: ZIP
--> j/m.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.4 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/e.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.1 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/q.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.2 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/p.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.7 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/y.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.14 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/j.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.1 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/u.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.12 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/t.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.11 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/z.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.3 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/b.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/St.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.10 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/a.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.46546 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/h.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/s.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.9 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/k.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.2 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/c.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.65656 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/d.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.5656 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/o.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.6 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/w.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.13 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/n.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.5 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/r.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.8 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/l.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.3 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> j/g.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.5778888 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\33.vir
[0] Archive type: RAR SFX (self extracting)
--> Pnmsiy.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\35.vir
[0] Archive type: ZIP
--> main/__nuL.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.732 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__CON.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.65672 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/Start.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.54743 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__cOn.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.65433 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__COn.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.8643 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__NUl.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.74432 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__Aux.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.9333 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__NUL.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.53356 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__AUx.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.6362 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__AUX.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.64773 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__cON.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.535636 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> main/__aux.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.67473 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\36.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.vsss back-door program
C:\Users\User\Desktop\2016.8.12\37.vir
  [DETECTION] Contains code of the W2000M/Agent.1999781 macro virus
C:\Users\User\Desktop\2016.8.12\39.vir
  [DETECTION] Contains code of the W2000M/Agent.1999787 macro virus
C:\Users\User\Desktop\2016.8.12\40.vir
  [DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\Users\User\Desktop\2016.8.12\42.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.25668 Java script virus
C:\Users\User\Desktop\2016.8.12\43.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Agent.248543 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.12\44.vir
  [DETECTION] Contains code of the W2000M/Agent.4858505 macro virus
C:\Users\User\Desktop\2016.8.12\45.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.25668 Java script virus
C:\Users\User\Desktop\2016.8.12\46.vir
  [DETECTION] Is the TR/Spy.Ursnif.ndqu Trojan
C:\Users\User\Desktop\2016.8.12\49.vir
  [DETECTION] Is the TR/Crypt.Xpack.yofd Trojan
C:\Users\User\Desktop\2016.8.12\50.vir
[0] Archive type: ZIP
--> main/__aux.class
      [DETECTION] Contains recognition pattern of the JS/Agent.EB.84 Java script virus
      [WARNING] Infected files in archives cannot be repaired[/mw_shl_code]

显示全部楼层 · 发表于 2016-8-12 10:00:20

火绒18X

显示全部楼层 · 发表于 2016-8-12 10:03:23

金山毒霸：12

[mw_shl_code=css,true][2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\01.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\02.vir
类型：win32.troj.zbot.wy.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\03.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\29.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\33.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\33.vir/<a:rarsfx>/33/<a:rar>/pnmsiy.exe
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\07.vir
类型：win32.torj.hoax.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\10.vir
类型：win32.troj.yakes.ql.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\23.vir
类型：win32.troj.inject.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\26.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\36.vir
类型：win32.heur.kvml200046.a.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\41.vir
类型：win32.troj.agent.uu.(kcloud)
处理方式：删除

[2016-08-12 10:01:45]
威胁：d:\我的文档\desktop\2016.8.12\2016.8.12\49.vir
类型：win32.troj.generic.v.(kcloud)
处理方式：删除
[/mw_shl_code]

显示全部楼层 · 发表于 2016-8-12 10:03:39

ESS
[mw_shl_code=css,true]
日志
正在扫描日志
病毒库版本: 13948 (20160811)
日期: 2016/8/12 时间: 10:01:21
已扫描的磁盘、文件夹和文件: C:\Users\Mistet\Desktop\2016.8.12
C:\Users\Mistet\Desktop\2016.8.12\01.vir > NSIS > Script.nsi - Win32/Adware.InstallFaster.A 应用程序 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\02.vir - Win32/TrojanDownloader.Agent.CKQ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\03.vir - Win32/Kryptik.FEBO 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\04.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.12\05.vir - PHP/Agent.BI 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\07.vir - Win32/TrojanDownloader.Wauchos.BD 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\08.vir - JS/TrojanDownloader.Nemucod.AQA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\10.vir - Win32/Filecoder.Locky.C 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\11.vir - JS/TrojanDownloader.Nemucod.AOW 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\14.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.12\15.vir > CWS > file.swf - SWF/Exploit.ExKit.ASI 特洛伊木马的变种 - 已删除
C:\Users\Mistet\Desktop\2016.8.12\16.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.12\18.vir - Win32/TrojanDownloader.Small.AHI 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/l.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/t.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/r.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/w.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/b.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/q.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/m.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/x.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/c.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/a.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/z.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/d.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/y.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/v.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/f.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/e.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/p.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/k.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/h.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/i.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/j.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/n.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\20.vir > ZIP > skywaker/Allan.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\21.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.12\23.vir - Win32/Injector.DBRG 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\26.vir - Win32/Kryptik.FDVU 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\27.vir - Win32/Kryptik.FCNZ 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\28.vir - VBS/Obfuscated.G 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\29.vir > AUTOIT - 压缩文件已损坏
C:\Users\Mistet\Desktop\2016.8.12\31.vir > ZIP > MinusOneArabSixCroreFiftySixLakhNineThousandNinetyTwo/MinusOneArabSixtyEightCroreSixtySixLakhEightyFourThousandFiveHundredNinetyFour/EightyTwoCroreNinetyNineLakhTwentyEightThousandOneHundredNinetySeven.class - Java/Agent.GX 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\31.vir > ZIP > MinusOneArabSixCroreFiftySixLakhNineThousandNinetyTwo/MinusOneArabSixtyEightCroreSixtySixLakhEightyFourThousandFiveHundredNinetyFour/MinusEightySixCroreTwentyTwoLakhTwentyThreeThousandSevenHundredFourtyEight.class - Java/Adwind.WE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\31.vir > ZIP > MinusOneArabSixCroreFiftySixLakhNineThousandNinetyTwo/MinusOneArabSixtyEightCroreSixtySixLakhEightyFourThousandFiveHundredNinetyFour/MinusOneArabTwentyNineCroreTwentyFiveLakhSeventyFiveThousandSixHundredTwentySix.class - Java/Agent.GW 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/m.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/e.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/q.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/p.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/y.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/j.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/u.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/t.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/z.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/b.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/St.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/a.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/h.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/s.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/k.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/c.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/d.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/o.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/w.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/n.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/r.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/l.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\32.vir > ZIP > j/g.class - Java/Adwind.XB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\33.vir > WINRARSFX > Pnmsiy.exe - MSIL/Injector.PYH 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__nuL.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__CON.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/Start.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__cOn.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__COn.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__NUl.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__Aux.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__NUL.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__AUx.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__AUX.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__cON.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\35.vir > ZIP > main/__aux.class - Java/Adwind.QA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\36.vir - Win32/Farfli.BXP 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\37.vir - VBA/TrojanDropper.Agent.MP 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.8.12\38.vir > ZIP > de/sogomn/rat/RattyClient.class - Java/Ratty.A 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\39.vir - VBA/TrojanDropper.Agent.MO 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.8.12\40.vir - PDF/TrojanDropper.Agent.D 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\42.vir - JS/TrojanDownloader.Nemucod.AOH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\43.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMH 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.12\44.vir - VBA/Obfuscated.T 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.8.12\45.vir - JS/TrojanDownloader.Nemucod.AOB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\49.vir - Win32/Kryptik.FCVS 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__aUx.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__auX.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__Nul.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__nul.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__aUX.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__aux.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__NuL.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__nUl.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__AUX.class - Java/Adwind.QE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__Con.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\50.vir > ZIP > main/__CON.class - Java/Adwind.QF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.12\04.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.12\14.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.12\16.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.12\21.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOB 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.12\43.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BMH 特洛伊木马 - 已删除
已扫描的对象数: 456
发现的威胁数: 101
已清除对象数: 101
完成时间: 10:01:33 总扫描时间: 12 秒 (00:00:12)

备注:
[1] 由于对象中仅包含病毒主体，因此已被删除。
[/mw_shl_code]

显示全部楼层 · 发表于 2016-8-12 10:12:28

Zemana AntiMalware 扫描 14X

[病毒样本] 精睿样本测试（16.8.12）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块