精睿样本测试（16.8.29）

轩夏

地址：

http://pan.baidu.com/s/1dE0Hwyd 提取密码  9aw3

http://www.vdisk.cn/down/index/19732329

密码：bbS.vc52.cn
数量：50

Eset小粉絲

Avira 40X

[mw_shl_code=css,true]Start of the scan: Monday, 29 August, 2016  09:57

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.8.29'
C:\Users\User\Desktop\2016.8.29\01.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.8.29\02.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.71773 Java script virus
C:\Users\User\Desktop\2016.8.29\03.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.826165 Java script virus
C:\Users\User\Desktop\2016.8.29\04.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.839010 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\05.vir
  [DETECTION] Is the TR/Inject.tnqa Trojan
C:\Users\User\Desktop\2016.8.29\07.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.826164 Java script virus
C:\Users\User\Desktop\2016.8.29\08.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.826164 Java script virus
C:\Users\User\Desktop\2016.8.29\09.vir
  [DETECTION] Is the TR/Dropper.Gen Trojan
C:\Users\User\Desktop\2016.8.29\10.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.71773 Java script virus
C:\Users\User\Desktop\2016.8.29\11.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.82416 Java script virus
C:\Users\User\Desktop\2016.8.29\12.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.8.29\14.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.71773 Java script virus
C:\Users\User\Desktop\2016.8.29\16.vir
  [DETECTION] Is the TR/Crypt.Xpack.ntod Trojan
C:\Users\User\Desktop\2016.8.29\17.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.111777 Java script virus
C:\Users\User\Desktop\2016.8.29\18.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.237112 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\19.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.78240 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\20.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.111777 Java script virus
C:\Users\User\Desktop\2016.8.29\21.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.111777 Java script virus
C:\Users\User\Desktop\2016.8.29\22.vir
  [DETECTION] Contains code of the W2000M/Agent.42680 macro virus
C:\Users\User\Desktop\2016.8.29\23.vir
  [DETECTION] Contains recognition pattern of the SPR/QuickBatch.Gen program
C:\Users\User\Desktop\2016.8.29\24.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71187 Java script virus
C:\Users\User\Desktop\2016.8.29\25.vir
  [DETECTION] Is the TR/Dropper.MSIL.wdgg Trojan
C:\Users\User\Desktop\2016.8.29\27.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.111777 Java script virus
C:\Users\User\Desktop\2016.8.29\28.vir
  [DETECTION] Is the TR/Spy.Agent.lyoe Trojan
C:\Users\User\Desktop\2016.8.29\29.vir
    [0] Archive type: ZIP SFX (self extracting)
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.44801194 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\30.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.0628244 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\33.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.111777 Java script virus
C:\Users\User\Desktop\2016.8.29\34.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/OxyPumper.uzjg
C:\Users\User\Desktop\2016.8.29\35.vir
  [DETECTION] Contains code of the W2000M/Agent.2429545 macro virus
C:\Users\User\Desktop\2016.8.29\36.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71187 Java script virus
C:\Users\User\Desktop\2016.8.29\37.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71187 Java script virus
C:\Users\User\Desktop\2016.8.29\39.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71187 Java script virus
C:\Users\User\Desktop\2016.8.29\40.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.8.29\41.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.78240 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\43.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.488124 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\44.vir
  [DETECTION] Is the TR/Dropper.MSIL.lyrb Trojan
C:\Users\User\Desktop\2016.8.29\46.vir
    [0] Archive type: ZIP
    --> c/abcabcabcabcv.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.22 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcg.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.8 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabco.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.15 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcs.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.19 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabch.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.9 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcw.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.23 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabci.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.10 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabct.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.20 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcc.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.4 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcb.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcj.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.11 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcz.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.26 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcl.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.13 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcq.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.17 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcy.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.25 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabca.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcr.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.18 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcx.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.24 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcu.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.21 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabce.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.6 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcd.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.5 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcm.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.14 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcf.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.7 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabck.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.12 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> c/abcabcabcabcp.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas.16 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> player/file/DirectoryPlus.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.kmas Java virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\48.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.537862 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.29\49.vir
  [DETECTION] Is the TR/Agent.24576.1056 Trojan
C:\Users\User\Desktop\2016.8.29\50.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.111777 Java script virus[/mw_shl_code]

挥泪斩情思

NS检出25X，修复1X，剩余25X

230f4

Bitdefender 40/50

蓝天二号

首先密码里面，那个s，为什么要大写》？？

其次，，AVG  KILL 38X

tmcss

（密码第三位应该是小写的 s ）
ESS Kill 42X Fix 2X
[mw_shl_code=css,true]日志
正在扫描日志
病毒库版本: 14032 (20160828)
日期: 2016/8/29  时间: 9:53:34
已扫描的磁盘、文件夹和文件: C:\Users\Mistet\Desktop\2016.8.29
C:\Users\Mistet\Desktop\2016.8.29\01.vir - MSIL/Kryptik.GZS 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\02.vir - JS/TrojanDownloader.Nemucod.ASX 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\03.vir - JS/TrojanDownloader.Nemucod.APD 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\04.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRC 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\06.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > coop_bestellung.js - JS/ProxyChanger.BP 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\07.vir - JS/TrojanDownloader.Nemucod.ASZ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\08.vir - JS/TrojanDownloader.Nemucod.ASZ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\10.vir - JS/TrojanDownloader.Nemucod.ASX 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\11.vir - JS/TrojanDownloader.Nemucod.ASL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\12.vir - JS/TrojanDownloader.Nemucod.ARL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\14.vir - JS/TrojanDownloader.Nemucod.ASX 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\15.vir - JS/TrojanDownloader.Nemucod.ASA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\16.vir - Win32/TrojanDownloader.Zurgop.CB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\17.vir - JS/TrojanDownloader.Nemucod.ASH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\18.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\19.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQR 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\20.vir - JS/TrojanDownloader.Nemucod.ASB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\21.vir - JS/TrojanDownloader.Nemucod.ARY 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\23.vir > QUICKBATCH > SCRIPT - VBS/Agent.NFK 蠕虫 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\24.vir - JS/TrojanDownloader.Nemucod.ASF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\25.vir - MSIL/Injector.QAK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\26.vir > 7ZIP > install3.dat - Win32/Agent.VBE 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\26.vir > 7ZIP > install5.dat - Win64/Agent.BN 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\26.vir > 7ZIP > insta11.exe - Win32/Agent.VBE 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\27.vir - JS/TrojanDownloader.Nemucod.ASH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\28.vir - Win32/Spy.Agent.OXX 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\29.vir - Win32/Patched.NDM 特洛伊木马 的变种 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\30.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOJ 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\32.vir - Win32/Exploit.Agent.NSC 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\33.vir - JS/TrojanDownloader.Nemucod.ASB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\34.vir - Win32/Adware.OxyPumper.AV 应用程序 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\35.vir - VBA/TrojanDownloader.Agent.BQV 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.8.29\36.vir - JS/TrojanDownloader.Nemucod.ASF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\37.vir - JS/TrojanDownloader.Nemucod.ASF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\38.vir - VBA/TrojanDownloader.Agent.BQU 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.8.29\39.vir - JS/TrojanDownloader.Nemucod.ASF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\40.vir - VBS/TrojanDownloader.Banload.AQ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\41.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQR 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\42.vir - VBS/Kryptik.FT 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\43.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQK 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\44.vir - MSIL/Kryptik.EPS 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\45.vir > ZIP > word\media\image1.eps - Win32/Exploit.CVE-2015-2545.AR 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\45.vir > ZIP > word\media\image1.gif - DOC/Fraud.BM 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcv.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcg.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabco.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcs.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabch.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcw.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabci.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabct.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcc.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcb.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcj.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcz.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcl.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcq.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcy.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabca.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcr.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcx.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcu.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabce.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcd.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcm.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcf.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabck.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > c/abcabcabcabcp.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\46.vir > ZIP > player/file/DirectoryPlus.class - Java/Adwind.LL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\48.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BPQ 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.8.29\49.vir - Win32/Agent.PZD 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\50.vir - JS/TrojanDownloader.Nemucod.ASB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.8.29\04.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRC 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\06.vir > ZIP > word/embeddings/oleObject1.bin > OLEDATA > coop_bestellung.js - JS/ProxyChanger.BP 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\18.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQI 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\19.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQR 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\26.vir > 7ZIP > install3.dat - Win32/Agent.VBE 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\26.vir > 7ZIP > install5.dat - Win64/Agent.BN 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\26.vir > 7ZIP > insta11.exe - Win32/Agent.VBE 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\29.vir - Win32/Patched.NDM 特洛伊木马 的变种 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\30.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BOJ 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\41.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQR 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\43.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BQK 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\45.vir > ZIP > word\media\image1.eps - Win32/Exploit.CVE-2015-2545.AR 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\45.vir > ZIP > word\media\image1.gif - DOC/Fraud.BM 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.8.29\48.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BPQ 特洛伊木马 - 已删除
已扫描的对象数: 238
发现的威胁数: 72
已清除对象数: 72
完成时间: 9:53:51  总扫描时间: 17 秒 (00:00:17)

备注:
[1] 由于对象中仅包含病毒主体，因此已被删除。
[/mw_shl_code]

轩夏

MSE
[mw_shl_code=css,true]Scan started on Mon Aug 29 09:54:06 2016

C:\Users\XuanXia\Desktop\2016.8.29\04.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff.H
C:\Users\XuanXia\Desktop\2016.8.29\08.vir                                     Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.8.29\11.vir->(SCRIPT0000)                       Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.29\12.vir->[WsfCmtOut]->(SCRIPT0000)->[Eval]  Infected: TrojanDownloader:HTML/Adodb.gen!A [generic] [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.29\15.vir                                     Infected: TrojanDownloader:JS/Nemucod.PN
C:\Users\XuanXia\Desktop\2016.8.29\17.vir                                     Infected: TrojanDownloader:JS/Nemucod.GU
C:\Users\XuanXia\Desktop\2016.8.29\18.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.29\19.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.29\20.vir                                     Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.8.29\21.vir                                     Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.8.29\22.vir                                     Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.29\24.vir                                     Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.8.29\25.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.29\27.vir                                     Infected: TrojanDownloader:JS/Nemucod.GU
C:\Users\XuanXia\Desktop\2016.8.29\28.vir                                     Infected: TrojanSpy:Win32/Banker!rfn
C:\Users\XuanXia\Desktop\2016.8.29\29.vir->(ZipSfx)->word/vbaProject.bin      Infected: TrojanDownloader:O97M/Donoff.CG [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.29\30.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.29\33.vir                                     Infected: TrojanDownloader:JS/Swabfex.C
C:\Users\XuanXia\Desktop\2016.8.29\36.vir                                     Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.29\37.vir                                     Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.29\39.vir                                     Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.29\41.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.29\43.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.29\44.vir                                     Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.29\46.vir->c/abcabcabcabcq.class              Infected: Trojan:Java/Adwind
C:\Users\XuanXia\Desktop\2016.8.29\48.vir->word/vbaProject.bin                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.29\50.vir                                     Infected: TrojanDownloader:JS/Swabfex.C
Successfully checked: C:\Users\XuanXia\Desktop\2016.8.29

Scan ended on Mon Aug 29 09:54:14 2016

Time: 8 second(s). [0h:00m:08s]
Files/second: 35 (2019 Kb/s).
Objects scanned: 284.
Infected: 27. Suspicious: 0. Clean: 257. Different virus bodies: 13.
Files: 50. Directories: 1. Archives: 37. Packed: 14. Mail files: 0.
Warnings: 27. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.
[/mw_shl_code]

心醉咖啡

毒霸喜大普奔

扫描时间：[2016-08-29 09:57:34]
扫描用时：[00:00:05]
扫描类型：自定义查杀
扫描文件总数：259
扫描速度：43文件/秒
发现威胁：0个
清除威胁：0个
=============================================




更新：

扫描时间：[2016-08-29 10:34:06]
扫描用时：[00:00:05]
扫描类型：自定义查杀
扫描文件总数：259
扫描速度：43文件/秒
发现威胁：11个
清除威胁：11个
=============================================
[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\01.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\09.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\29.vir
类型：win32.trojdownloader.msword.a.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\16.vir
类型：win32.troj.sharik.x.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\23.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\25.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\26.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\28.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\34.vir
类型：win32.heur.kvmh017.a.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\44.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-08-29 10:34:35]
威胁：f:\浏览器下载\2016.8.29\49.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

轩夏

蓝天二号 发表于 2016-8-29 09:55
首先密码里面，那个s，为什么要大写》？？

其次，，AVG  KILL 38X

人家那边就是大写啊，我又没改

Eset小粉絲

轩夏 发表于 2016-8-29 09:59
人家那边就是大写啊，我又没改

可我用小寫爲毛成功解壓啊。。。