精睿样本测试（16.8.24）

轩夏

地址：

http://pan.baidu.com/s/1qYSvoCW  提取密码  4y12

http://www.vdisk.cn/down/index/19731685

密码：bbs.vc52.cn
数量：50

Eset小粉絲

Avira 41X

[mw_shl_code=css,true]Start of the scan: Wednesday, 24 August, 2016  09:18

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.8.24'
C:\Users\User\Desktop\2016.8.24\01.vir
  [DETECTION] Is the TR/Dropper.MSIL.oamz Trojan
C:\Users\User\Desktop\2016.8.24\02.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\03.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\05.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/Amonetize.Gen7
C:\Users\User\Desktop\2016.8.24\06.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.8.24\07.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\08.vir
  [DETECTION] Is the TR/Dropper.MSIL.tqnk Trojan
C:\Users\User\Desktop\2016.8.24\11.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.8.24\12.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.081916 Java script virus
C:\Users\User\Desktop\2016.8.24\13.vir
  [DETECTION] Is the TR/Dldr.Small.nxpi Trojan
C:\Users\User\Desktop\2016.8.24\14.vir
  [DETECTION] Is the TR/Crypt.ZPACK.trku Trojan
C:\Users\User\Desktop\2016.8.24\15.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.081916 Java script virus
C:\Users\User\Desktop\2016.8.24\17.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\18.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\19.vir
  [DETECTION] Is the TR/Agent.htgc Trojan
C:\Users\User\Desktop\2016.8.24\20.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\22.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\23.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\24.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\25.vir
  [DETECTION] Is the TR/Exxroute.lgxl Trojan
C:\Users\User\Desktop\2016.8.24\26.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/DealPly.kicu
C:\Users\User\Desktop\2016.8.24\27.vir
  [DETECTION] Is the TR/AD.ProjectCryptXXX.diuv Trojan
C:\Users\User\Desktop\2016.8.24\28.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2010-3333 exploit
C:\Users\User\Desktop\2016.8.24\30.vir
  [DETECTION] Is the TR/Dropper.VB.teeb Trojan
C:\Users\User\Desktop\2016.8.24\31.vir
  [DETECTION] Is the TR/Crypt.Xpack.vave Trojan
C:\Users\User\Desktop\2016.8.24\32.vir
  [DETECTION] Is the TR/AD.Fareit.lkkq Trojan
C:\Users\User\Desktop\2016.8.24\34.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.8.24\35.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\36.vir
  [DETECTION] Contains code of the W2000M/Agent.41840 macro virus
C:\Users\User\Desktop\2016.8.24\37.vir
  [DETECTION] Contains recognition pattern of the VBS/Agent.23747 VBS script virus
C:\Users\User\Desktop\2016.8.24\38.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\39.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.221520 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\40.vir
  [DETECTION] Is the TR/Crypt.Xpack.izbw Trojan
C:\Users\User\Desktop\2016.8.24\41.vir
  [DETECTION] Is the TR/Crypt.Xpack.qwfe Trojan
C:\Users\User\Desktop\2016.8.24\42.vir
  [DETECTION] Is the TR/Crypt.ZPACK.3754 Trojan
C:\Users\User\Desktop\2016.8.24\43.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.CG.1002 macro virus
C:\Users\User\Desktop\2016.8.24\44.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\46.vir
  [DETECTION] Is the TR/Crypt.ZPACK.yqly Trojan
C:\Users\User\Desktop\2016.8.24\47.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.0628244 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.24\49.vir
  [DETECTION] Contains recognition pattern of the EXP/CVE-2010-3333 exploit
C:\Users\User\Desktop\2016.8.24\50.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus[/mw_shl_code]

alfred0156

瑞星新引擎（断网）
总扫描文件: 50
总恶意文件: 23
有效检出率: 46.00%
[mw_shl_code=css,true]扫描目标 : (1) C:\Users\alfred\Desktop\2016.8.24
扫描开始: Wed Aug 24 09:51:31 2016
"C:\\Users\\alfred\\Desktop\\2016.8.24\\02.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\05.vir","infect":{"engine":"thunder","threat":"Malware.Generic!UTC8Qzx6UpO@5","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\03.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\01.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\06.vir","infect":{"engine":"classic","threat":"Trojan.HTML!1.A65C","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\04.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\10.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\11.vir","infect":{"engine":"classic","threat":"Trojan.Kryptik!1.A3A5","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\09.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\13.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\12.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\15.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\08.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\14.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\07.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\19.vir","infect":{"engine":"thunder","threat":"Malware.Generic!q3wXWhBKXZJ@5","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\16.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\21.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\18.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\17.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\20.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\23.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\25.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\27.vir","infect":{"engine":"thunder","threat":"Malware.Generic!NvSj1X8zx9G@2","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\28.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\22.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\26.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\24.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\29.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\31.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\34.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\32.vir","infect":{"engine":"classic","threat":"Malware.XPACK-HIE/Heur!1.9C48","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\33.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\36.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\37.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\30.vir","infect":{"engine":"classic","threat":"Malware.XPACK-HIE/Heur!1.9C48","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\40.vir","infect":{"engine":"thunder","threat":"Malware.Generic!NKFWKZnqGFC@4","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\38.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\39.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\35.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\43.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\45.vir","infect":{"engine":"classic","threat":"Worm.Jenxcus!1.A30E","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\42.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\47.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\46.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\48.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\49.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\50.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\41.vir","type":"scan"
"C:\\Users\\alfred\\Desktop\\2016.8.24\\44.vir","infect":{"engine":"classic","threat":"Trojan.Obfus/VBA!1.A60A","type":"scan"
扫描结束: Wed Aug 24 09:51:32 2016
总共耗时: 0:0:968(m:s:ms)[/mw_shl_code]

蓝天二号

AVG  39X

轩夏

MSE

[mw_shl_code=css,true]Scan started on Wed Aug 24 09:17:34 2016

C:\Users\XuanXia\Desktop\2016.8.24\01.vir                                      Infected: TrojanSpy:MSIL/Tinclex.A
C:\Users\XuanXia\Desktop\2016.8.24\02.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\03.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\06.vir                                      Infected: TrojanDownloader:JS/Nemucod.HH
C:\Users\XuanXia\Desktop\2016.8.24\07.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\08.vir                                      Infected: TrojanSpy:Win32/Plimrost.B
C:\Users\XuanXia\Desktop\2016.8.24\11.vir                                      Infected: TrojanDownloader:JS/Nemucod.AR
C:\Users\XuanXia\Desktop\2016.8.24\12.vir->[WsfCmtOut]->(SCRIPT0000)->[WSF]    Infected: TrojanDownloader:JS/Swabfex.P [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.24\15.vir->[WsfCmtOut]->(SCRIPT0000)->[WSF]    Infected: TrojanDownloader:JS/Swabfex.P [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.24\17.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\18.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\20.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\22.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\23.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\24.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\27.vir                                      Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.24\28.vir                                      Infected: Exploit:Win32/CVE-2010-3333
C:\Users\XuanXia\Desktop\2016.8.24\31.vir                                      Infected: Ransom:Win32/Locky
C:\Users\XuanXia\Desktop\2016.8.24\35.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\36.vir                                      Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.24\38.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\39.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\40.vir                                      Infected: Ransom:Win32/Ranscrape
C:\Users\XuanXia\Desktop\2016.8.24\43.vir                                      Infected: TrojanDownloader:O97M/Donoff.CF
C:\Users\XuanXia\Desktop\2016.8.24\44.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\45.vir                                      Infected: Worm:VBS/Jenxcus.K
C:\Users\XuanXia\Desktop\2016.8.24\46.vir                                      Infected: Trojan:Win32/Matsnu.Q
C:\Users\XuanXia\Desktop\2016.8.24\47.vir->word/vbaProject.bin                 Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.24\49.vir                                      Infected: Exploit:Win32/CVE-2010-3333
Successfully checked: C:\Users\XuanXia\Desktop\2016.8.24

Scan ended on Wed Aug 24 09:17:47 2016

Time: 13 second(s). [0h:00m:13s]
Files/second: 24 (855 Kb/s).
Objects scanned: 324.
Infected: 29. Suspicious: 0. Clean: 295. Different virus bodies: 14.
Files: 50. Directories: 1. Archives: 16. Packed: 7. Mail files: 0.
Warnings: 29. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.[/mw_shl_code]

蓝天二号

火绒 20X

T.Yoshiyuki

目前（9:30分左右）BD的新库貌似还没出 先扫一波看看

结果 kill 44x 其中修复14x（宏病毒日常送肉）



[mw_shl_code=css,true]D:\TEST\daily\2016.8.24\44.vir.docx=>word/vbaProject.bin W97M.Downloader.EET Disinfected
D:\TEST\daily\2016.8.24\45.vir Worm.VBS.Dunihi.B Moved to Quarantine
D:\TEST\daily\2016.8.24\25.vir.dll Trojan.GenericKD.3484084 Deleted
D:\TEST\daily\2016.8.24\01.vir.exe Trojan.GenericKD.3473902 Deleted
D:\TEST\daily\2016.8.24\31.vir.exe Trojan.GenericKD.3479313 Deleted
D:\TEST\daily\2016.8.24\13.vir.exe Trojan.GenericKD.3479318 Deleted
D:\TEST\daily\2016.8.24\49.vir.rtf Exploit.CVE-2010-3333.Gen Moved to Quarantine
D:\TEST\daily\2016.8.24\34.vir Trojan.VBS.Downloader.TP Deleted
D:\TEST\daily\2016.8.24\47.vir.docx Trojan.Agent.BXJJ Deleted
D:\TEST\daily\2016.8.24\50.vir=>(INFECTED_JS) JS:Trojan.JS.Downloader.FGT Deleted
D:\TEST\daily\2016.8.24\41.vir.exe Trojan.GenericKD.3477037 Deleted
D:\TEST\daily\2016.8.24\05.vir.exe Gen:Variant.Strictor.111557 Deleted
D:\TEST\daily\2016.8.24\28.vir.rtf Exploit.CVE-2010-3333.Gen Moved to Quarantine
D:\TEST\daily\2016.8.24\38.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\46.vir.exe Trojan.GenericKD.3475468 Deleted
D:\TEST\daily\2016.8.24\43.vir.doc W97M.Downloader.EEM Deleted
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)=>(Embedded DocFile g)=>(Package)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\42.vir.dll Trojan.GenericKD.3478247 Deleted
D:\TEST\daily\2016.8.24\12.vir.html=>(INFECTED_JS) JS:Trojan.Crypt.PM Deleted
D:\TEST\daily\2016.8.24\40.vir.exe Trojan.GenericKD.3474445 Deleted
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\39.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\36.vir.doc W97M.Bendis.FC Disinfected
D:\TEST\daily\2016.8.24\17.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\35.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\37.vir Trojan.VBS.UUO Deleted
D:\TEST\daily\2016.8.24\14.vir.exe Trojan.GenericKD.3481291 Deleted
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)=>(otkloadr.WRLoader.1) Trojan.RTF-COM-Dropper.Gen Moved to Quarantine
D:\TEST\daily\2016.8.24\32.vir.exe Trojan.GenericKD.3479118 Deleted
D:\TEST\daily\2016.8.24\19.vir.exe Trojan.GenericKD.3479908 Deleted
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)=>(otkloadr.WRLoader.1) Trojan.RTF-COM-Dropper.Gen Moved to Quarantine
D:\TEST\daily\2016.8.24\07.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\08.vir.exe Trojan.GenericKD.3476546 Deleted
D:\TEST\daily\2016.8.24\26.vir.exe Gen:Variant.Application.Bundler.DealPly.11 Deleted
D:\TEST\daily\2016.8.24\15.vir.html=>(INFECTED_JS) JS:Trojan.Crypt.PM Deleted
D:\TEST\daily\2016.8.24\27.vir.dll Trojan.GenericKD.3479232 Deleted
D:\TEST\daily\2016.8.24\24.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\18.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\23.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\22.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\20.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)=>(Embedded DocFile g)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)=>(Word.Document.12)=>(Package)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\06.vir.html=>(INFECTED_JS) JS:Trojan.Crypt.PO Deleted
D:\TEST\daily\2016.8.24\30.vir.exe Trojan.GenericKD.3478237 Deleted
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)=>(Word.Document.12)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\11.vir.JS=>(INFECTED_JS) JS:Trojan.JS.Downloader.BQ Deleted
D:\TEST\daily\2016.8.24\02.vir.docx=>word/vbaProject.bin W97M.Downloader.EET Disinfected
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)=>(Embedded DocFile g)=>(Package)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\03.vir.docx=>word/vbaProject.bin W97M.Downloader.EER Disinfected
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)=>(Embedded DocFile g)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)=>(Word.Document.12)=>(Package)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)=>(Word.Document.12)=>word/document.xml Exploit.CVE-2015-1641.Gen Deleted
D:\TEST\daily\2016.8.24\10.vir.rtf=>(objdata)  Moved to Quarantine
D:\TEST\daily\2016.8.24\33.vir.rtf=>(objdata)  Moved to Quarantine

Scanned items : 412
Infected items : 54
Suspicious items : 0 (no suspected items have been detected)
Resolved items : 56
Unresolved items : 0 [/mw_shl_code]

@蓝天二号 颤抖吧 AVG
@Eset小粉絲 颤抖吧 小红伞

T.Yoshiyuki

蓝天二号 发表于 2016-8-24 09:33
火绒 20X

可怕 火绒配AVG？

xcvbaby

金山毒霸：12                                                                                 电脑管家国内版：4（未开BD引擎）


[mw_shl_code=css,true]发现威胁：12个
清除威胁：12个
=============================================
[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\01.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\05.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\08.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\13.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\19.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\26.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\30.vir
类型：win32.troj.vbkryjetor.ab.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\32.vir
类型：win32.pswtroj.tepfer.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\40.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\41.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\42.vir
类型：win32.troj.inject.(kcloud)
处理方式：删除

[2016-08-24 09:49:32]
威胁：d:\我的文档\desktop\2016.8.24\2016.8.24\46.vir
类型：win32.troj.nymaim.k.(kcloud)
处理方式：删除
[/mw_shl_code]

蓝天二号

T.Yoshiyuki 发表于 2016-8-24 09:48
可怕 火绒配AVG？

恩，暂未发现任何冲突的，，