精睿样本测试（16.9.8）

显示全部楼层 · 发表于 2016-9-8 09:51:52

地址：

https://pan.baidu.com/s/1i4IQDEH 提取密码 mwmc

http://www.vdisk.cn/down/index/19733503

密码：bbs.vc52.cn
数量：50

显示全部楼层 · 发表于 2016-9-8 09:52:22

本帖最后由 tomochan 于 2016-9-8 09:55 编辑

卡巴检出24X，剩余26X

[mw_shl_code=css,true]08.09.2016 09.54.26 可选择扫描完成任务完成时间: 今天, 2016/9/8 9:54
08.09.2016 09.54.26 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\50.vir 文件: C:\Users\shin3\Desktop\2016.9.8\50.vir 对象名称: Trojan-Downloader.JS.Agent.mhk
08.09.2016 09.54.26 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\50.vir 文件: C:\Users\shin3\Desktop\2016.9.8\50.vir 对象名称: Trojan-Downloader.JS.Agent.mhk
08.09.2016 09.54.26 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\49.vir 文件: C:\Users\shin3\Desktop\2016.9.8\49.vir 对象名称: HEUR:Backdoor.Linux.Gafgyt.b
08.09.2016 09.54.26 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\49.vir 文件: C:\Users\shin3\Desktop\2016.9.8\49.vir 对象名称: HEUR:Backdoor.Linux.Gafgyt.b
08.09.2016 09.54.26 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\48.vir 文件: C:\Users\shin3\Desktop\2016.9.8\48.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.26 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\48.vir 文件: C:\Users\shin3\Desktop\2016.9.8\48.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.26 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\49.vir 文件: C:\Users\shin3\Desktop\2016.9.8\49.vir 对象名称: HEUR:Backdoor.Linux.Gafgyt.b
08.09.2016 09.54.26 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\50.vir 文件: C:\Users\shin3\Desktop\2016.9.8\50.vir 对象名称: Trojan-Downloader.JS.Agent.mhk
08.09.2016 09.54.25 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\43.vir//d/androidm.class 文件: C:\Users\shin3\Desktop\2016.9.8\43.vir//d/androidm.class 对象名称: Trojan.Java.Agent.gt
08.09.2016 09.54.25 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\43.vir//d/androidm.class 文件: C:\Users\shin3\Desktop\2016.9.8\43.vir//d/androidm.class 对象名称: Trojan.Java.Agent.gt
08.09.2016 09.54.25 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\45.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\45.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.25 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\45.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\45.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.24 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\45.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\45.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.24 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\48.vir 文件: C:\Users\shin3\Desktop\2016.9.8\48.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.24 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\41.vir//seeded 文件: C:\Users\shin3\Desktop\2016.9.8\41.vir//seeded 对象名称: Trojan-Downloader.MSWord.Agent.apn
08.09.2016 09.54.24 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\40.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\40.vir//ThisDocument 对象名称: Trojan-Downloader.MSWord.Agent.anx
08.09.2016 09.54.24 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\40.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\40.vir//ThisDocument 对象名称: Trojan-Downloader.MSWord.Agent.anx
08.09.2016 09.54.24 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\43.vir//d/androidm.class 文件: C:\Users\shin3\Desktop\2016.9.8\43.vir//d/androidm.class 对象名称: Trojan.Java.Agent.gt
08.09.2016 09.54.24 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\41.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\41.vir//ThisDocument 对象名称: Trojan.MSWord.Agent.ey
08.09.2016 09.54.24 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\41.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\41.vir//ThisDocument 对象名称: Trojan.MSWord.Agent.ey
08.09.2016 09.54.23 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\39.vir 文件: C:\Users\shin3\Desktop\2016.9.8\39.vir 对象名称: Trojan.SWF.Agent.gff
08.09.2016 09.54.23 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\39.vir 文件: C:\Users\shin3\Desktop\2016.9.8\39.vir 对象名称: Trojan.SWF.Agent.gff
08.09.2016 09.54.22 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\41.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\41.vir//ThisDocument 对象名称: Trojan.MSWord.Agent.ey
08.09.2016 09.54.22 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\40.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\40.vir//ThisDocument 对象名称: Trojan-Downloader.MSWord.Agent.anx
08.09.2016 09.54.22 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\35.vir 文件: C:\Users\shin3\Desktop\2016.9.8\35.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.22 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\35.vir 文件: C:\Users\shin3\Desktop\2016.9.8\35.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.21 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\39.vir 文件: C:\Users\shin3\Desktop\2016.9.8\39.vir 对象名称: Trojan.SWF.Agent.gff
08.09.2016 09.54.21 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\34.vir 文件: C:\Users\shin3\Desktop\2016.9.8\34.vir 对象名称: Trojan-Downloader.JS.Agent.mhy
08.09.2016 09.54.21 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\34.vir 文件: C:\Users\shin3\Desktop\2016.9.8\34.vir 对象名称: Trojan-Downloader.JS.Agent.mhy
08.09.2016 09.54.20 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\35.vir 文件: C:\Users\shin3\Desktop\2016.9.8\35.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.20 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\32.vir 文件: C:\Users\shin3\Desktop\2016.9.8\32.vir 对象名称: Trojan-Downloader.JS.Agent.mhk
08.09.2016 09.54.20 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\32.vir 文件: C:\Users\shin3\Desktop\2016.9.8\32.vir 对象名称: Trojan-Downloader.JS.Agent.mhk
08.09.2016 09.54.20 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\34.vir 文件: C:\Users\shin3\Desktop\2016.9.8\34.vir 对象名称: Trojan-Downloader.JS.Agent.mhy
08.09.2016 09.54.20 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\31.vir 文件: C:\Users\shin3\Desktop\2016.9.8\31.vir 对象名称: Trojan-Downloader.JS.Agent.mhy
08.09.2016 09.54.20 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\31.vir 文件: C:\Users\shin3\Desktop\2016.9.8\31.vir 对象名称: Trojan-Downloader.JS.Agent.mhy
08.09.2016 09.54.18 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\32.vir 文件: C:\Users\shin3\Desktop\2016.9.8\32.vir 对象名称: Trojan-Downloader.JS.Agent.mhk
08.09.2016 09.54.18 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\30.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\30.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.18 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\30.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\30.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.18 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\31.vir 文件: C:\Users\shin3\Desktop\2016.9.8\31.vir 对象名称: Trojan-Downloader.JS.Agent.mhy
08.09.2016 09.54.18 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\28.vir 文件: C:\Users\shin3\Desktop\2016.9.8\28.vir 对象名称: HEUR:Trojan.Win32.Generic
08.09.2016 09.54.18 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\28.vir 文件: C:\Users\shin3\Desktop\2016.9.8\28.vir 对象名称: HEUR:Trojan.Win32.Generic
08.09.2016 09.54.17 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\30.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\30.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.16 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\25.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\25.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.16 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\25.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\25.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.16 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\28.vir 文件: C:\Users\shin3\Desktop\2016.9.8\28.vir 对象名称: HEUR:Trojan.Win32.Generic
08.09.2016 09.54.16 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\26.vir 文件: C:\Users\shin3\Desktop\2016.9.8\26.vir 对象名称: HEUR:Exploit.Script.Generic
08.09.2016 09.54.16 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\26.vir 文件: C:\Users\shin3\Desktop\2016.9.8\26.vir 对象名称: HEUR:Exploit.Script.Generic
08.09.2016 09.54.16 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\24.vir//word/document.xml 文件: C:\Users\shin3\Desktop\2016.9.8\24.vir//word/document.xml 对象名称: Trojan.MSWord.Fraud.c
08.09.2016 09.54.16 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\24.vir//word/document.xml 文件: C:\Users\shin3\Desktop\2016.9.8\24.vir//word/document.xml 对象名称: Trojan.MSWord.Fraud.c
08.09.2016 09.54.15 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\26.vir 文件: C:\Users\shin3\Desktop\2016.9.8\26.vir 对象名称: HEUR:Exploit.Script.Generic
08.09.2016 09.54.15 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\25.vir//word/vbaProject.bin//Module1 文件: C:\Users\shin3\Desktop\2016.9.8\25.vir//word/vbaProject.bin//Module1 对象名称: Trojan-Downloader.MSWord.Agent.app
08.09.2016 09.54.14 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\24.vir//word/document.xml 文件: C:\Users\shin3\Desktop\2016.9.8\24.vir//word/document.xml 对象名称: Trojan.MSWord.Fraud.c
08.09.2016 09.54.14 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\16.vir//l/??e.class 文件: C:\Users\shin3\Desktop\2016.9.8\16.vir//l/??e.class 对象名称: Backdoor.Java.Adwind.cf
08.09.2016 09.54.14 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\16.vir//l/??e.class 文件: C:\Users\shin3\Desktop\2016.9.8\16.vir//l/??e.class 对象名称: Backdoor.Java.Adwind.cf
08.09.2016 09.54.13 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\10.vir//classes.dex 文件: C:\Users\shin3\Desktop\2016.9.8\10.vir//classes.dex 对象名称: Trojan-Banker.AndroidOS.Agent.san
08.09.2016 09.54.13 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\10.vir//classes.dex 文件: C:\Users\shin3\Desktop\2016.9.8\10.vir//classes.dex 对象名称: Trojan-Banker.AndroidOS.Agent.san
08.09.2016 09.54.12 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\16.vir//l/??e.class 文件: C:\Users\shin3\Desktop\2016.9.8\16.vir//l/??e.class 对象名称: Backdoor.Java.Adwind.cf
08.09.2016 09.54.12 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\11.vir 文件: C:\Users\shin3\Desktop\2016.9.8\11.vir 对象名称: Trojan-Downloader.JS.Agent.miu
08.09.2016 09.54.12 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\11.vir 文件: C:\Users\shin3\Desktop\2016.9.8\11.vir 对象名称: Trojan-Downloader.JS.Agent.miu
08.09.2016 09.54.11 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\10.vir//classes.dex 文件: C:\Users\shin3\Desktop\2016.9.8\10.vir//classes.dex 对象名称: Trojan-Banker.AndroidOS.Agent.san
08.09.2016 09.54.11 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\11.vir 文件: C:\Users\shin3\Desktop\2016.9.8\11.vir 对象名称: Trojan-Downloader.JS.Agent.miu
08.09.2016 09.54.10 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\04.vir 文件: C:\Users\shin3\Desktop\2016.9.8\04.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.10 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\04.vir 文件: C:\Users\shin3\Desktop\2016.9.8\04.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.54.10 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\06.vir//l/??e.class 文件: C:\Users\shin3\Desktop\2016.9.8\06.vir//l/??e.class 对象名称: Backdoor.Java.Adwind.cf
08.09.2016 09.54.10 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\06.vir//l/??e.class 文件: C:\Users\shin3\Desktop\2016.9.8\06.vir//l/??e.class 对象名称: Backdoor.Java.Adwind.cf
08.09.2016 09.54.10 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\07.vir 文件: C:\Users\shin3\Desktop\2016.9.8\07.vir 对象名称: Trojan-Ransom.Win32.Crusis.br
08.09.2016 09.54.10 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\07.vir 文件: C:\Users\shin3\Desktop\2016.9.8\07.vir 对象名称: Trojan-Ransom.Win32.Crusis.br
08.09.2016 09.54.10 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\07.vir 文件: C:\Users\shin3\Desktop\2016.9.8\07.vir 对象名称: Trojan-Ransom.Win32.Crusis.br
08.09.2016 09.54.09 检测到的对象 ( 文件 ) 已删除。 C:\Users\shin3\Desktop\2016.9.8\05.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\05.vir//ThisDocument 对象名称: Trojan-Downloader.MSWord.Agent.apu
08.09.2016 09.54.09 检测到的对象 ( 文件 ) 已移动至隔离区。 C:\Users\shin3\Desktop\2016.9.8\05.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\05.vir//ThisDocument 对象名称: Trojan-Downloader.MSWord.Agent.apu
08.09.2016 09.53.47 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\06.vir//l/??e.class 文件: C:\Users\shin3\Desktop\2016.9.8\06.vir//l/??e.class 对象名称: Backdoor.Java.Adwind.cf
08.09.2016 09.53.46 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\05.vir//ThisDocument 文件: C:\Users\shin3\Desktop\2016.9.8\05.vir//ThisDocument 对象名称: Trojan-Downloader.MSWord.Agent.apu
08.09.2016 09.53.46 检测到的对象 ( 文件 ) C:\Users\shin3\Desktop\2016.9.8\04.vir 文件: C:\Users\shin3\Desktop\2016.9.8\04.vir 对象名称: Trojan-Downloader.JS.Agent.mif
08.09.2016 09.53.45 可选择扫描启动任务时间: 今天, 2016/9/8 9:53
[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-8 09:53:36

AVG 35X

显示全部楼层 · 发表于 2016-9-8 09:54:01

毒霸kill12X

扫描时间：[2016-09-08 09:53:00]
扫描用时：[00:00:08]
扫描类型：自定义查杀
扫描文件总数：242
扫描速度：26文件/秒
发现威胁：13个
清除威胁：13个
=============================================
[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\02.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\07.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\09.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\09.vir/<a:rarsfx>/09/<a:rar>/viyyksslpj.exe
类型：win32.heur.kvm008.a
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\17.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\19.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\20.vir
类型：win32.troj.generic_a.a.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\23.vir
类型：win32.heur.kvm100.a
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\28.vir
类型：win32.troj.undef.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\29.vir
类型：win32.heur.kvm099.a.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\36.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\37.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

[2016-09-08 09:53:26]
威胁：f:\浏览器下载\2016.9.8\42.vir
类型：win32.troj.generickd.v.(kcloud)
处理方式：删除

显示全部楼层 · 发表于 2016-9-8 09:58:28

火绒 19X
[mw_shl_code=css,true]Huorong Network Security Suite v3.0.47.2 (Last update: 2016-09-07 16:49)
Copyright (C) Huorong Borui (Beijing) Technology Co., Ltd. All rights reserved.

Scan engine version:v3.0.4.0
Signature database fingerprint: 988ab08:07609f6:07609f6:07609f6
Signature database timestamp: 2016-09-07 16:49

Scan started at: 2016-09-08 09:56:19

D:\vc52\2016.9.8\04.vir: TrojanDownloader/JS.Nemucod.ei
D:\vc52\2016.9.8\08.vir: Ransom/Locky.b
D:\vc52\2016.9.8\11.vir: TrojanDownloader/JS.Nemucod.ei
D:\vc52\2016.9.8\14.vir: Trojan/JS.Phishing.a
D:\vc52\2016.9.8\02.vir: HVM:Trojan/Bayrob.d
D:\vc52\2016.9.8\26.vir: TrojanDownloader/JS.Nemucod.eh
D:\vc52\2016.9.8\25.vir >> word\vbaProject.bin: OMacro/Downloader.ja
D:\vc52\2016.9.8\30.vir >> word\vbaProject.bin: OMacro/Downloader.ja
D:\vc52\2016.9.8\31.vir: TrojanDownloader/JS.Nemucod.ek
D:\vc52\2016.9.8\32.vir: TrojanDownloader/JS.Nemucod.ek
D:\vc52\2016.9.8\34.vir: TrojanDownloader/JS.Nemucod.ek
D:\vc52\2016.9.8\35.vir: TrojanDownloader/JS.Nemucod.ei
D:\vc52\2016.9.8\29.vir: HVM:VirTool/Obfuscator.gen!A
D:\vc52\2016.9.8\41.vir: OMacro/Downloader
D:\vc52\2016.9.8\43.vir >> oldjfuiuf\McMc.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidv.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidt.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidm.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androide.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidk.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androida.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidi.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidj.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidu.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidq.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidn.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidz.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidc.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidd.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidx.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidw.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidf.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidy.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androido.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidr.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidg.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidh.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidl.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androidb.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\43.vir >> d\androids.class: Trojan/Java.Adwind
D:\vc52\2016.9.8\47.vir: OMacro/Downloader
D:\vc52\2016.9.8\48.vir: TrojanDownloader/JS.Nemucod.ei
D:\vc52\2016.9.8\45.vir >> word\vbaProject.bin: OMacro/Downloader.ja
D:\vc52\2016.9.8\50.vir: TrojanDownloader/JS.Nemucod.ek

Scan completed at: 2016-09-08 09:56:28

Total:          50 file(s), 432 objects(s)
Infected:       19 file(s), 44 objects(s)
Deleted:          0 file(s), 0 failure(s)
Disinfected:    0 file(s), 0 failure(s)
Duration:       00:00:09
[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-8 10:06:18

ESS Kill 31X Fix 3X
[mw_shl_code=css,true]日志
正在扫描日志
病毒库版本: 14087 (20160907)
日期: 2016/9/8 时间: 10:05:26
已扫描的磁盘、文件夹和文件: C:\Users\Mistet\Desktop\2016.9.8
C:\Users\Mistet\Desktop\2016.9.8\02.vir - Win32/Bayrob.CE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\04.vir - JS/TrojanDownloader.Nemucod.AVG 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\05.vir - VBA/TrojanDropper.Agent.OL 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.9.8\06.vir > ZIP > l/??m.class - Java/Adwind.YF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\07.vir - Win32/Filecoder.Crysis.H 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\08.vir - Win32/Filecoder.Locky.H 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\09.vir > WINRARSFX > Viyyksslpj.exe - MSIL/Injector.QFE 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\10.vir > ZIP > classes.dex - Android/Spy.Banker.FU 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.9.8\11.vir - JS/TrojanDownloader.Nemucod.AVR 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\13.vir > ZIP > chrome/WindowsLook.class - Java/TrojanDownloader.Banload.BD 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\15.vir - JS/TrojanDownloader.Nemucod.AVW 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\16.vir > ZIP > l/??m.class - Java/Adwind.YF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\17.vir - MSIL/Injector.QFM 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\19.vir - Win32/Injector.DETO 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\20.vir - MSIL/Injector.QFP 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\25.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRV 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.9.8\26.vir - JS/TrojanDownloader.Nemucod.ATP 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\29.vir - Win32/TrojanDownloader.Banload.XOQ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\30.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRV 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.9.8\31.vir - JS/TrojanDownloader.Nemucod.AUT 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\32.vir - JS/TrojanDownloader.Nemucod.AUP 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\33.vir - Win32/Injector.Autoit.CNF 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\34.vir - JS/TrojanDownloader.Nemucod.AUT 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\35.vir - JS/TrojanDownloader.Nemucod.AUU 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\37.vir - Win32/Injector.DEMJ 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\39.vir > CWS > file.swf - SWF/Exploit.ExKit.BDN 特洛伊木马的变种 - 已删除
C:\Users\Mistet\Desktop\2016.9.8\40.vir - VBA/TrojanDownloader.Agent.BOM 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.9.8\42.vir - MSIL/Kryptik.HFA 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > oldjfuiuf/McMc.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidv.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidt.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidm.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androide.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidk.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androida.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidi.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidj.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidu.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidq.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidn.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidz.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidc.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidd.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidx.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidw.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidf.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidy.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androido.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidr.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidg.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidh.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidl.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androidb.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\43.vir > ZIP > d/androids.class - Java/Adwind.YB 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\45.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRV 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Mistet\Desktop\2016.9.8\47.vir - VBA/TrojanDropper.Agent.OF 特洛伊木马 - 已清除
C:\Users\Mistet\Desktop\2016.9.8\48.vir - JS/TrojanDownloader.Nemucod.AUU 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\49.vir - Linux/Gafgyt.C 特洛伊木马的变种 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\50.vir - JS/TrojanDownloader.Nemucod.AUP 特洛伊木马 - 通过删除清除 [1]
C:\Users\Mistet\Desktop\2016.9.8\10.vir > ZIP > classes.dex - Android/Spy.Banker.FU 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.9.8\25.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRV 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.9.8\30.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRV 特洛伊木马 - 已删除
C:\Users\Mistet\Desktop\2016.9.8\45.vir > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.BRV 特洛伊木马 - 已删除
已扫描的对象数: 217
发现的威胁数: 59
已清除对象数: 59
完成时间: 10:05:39 总扫描时间: 13 秒 (00:00:13)

备注:
[1] 由于对象中仅包含病毒主体，因此已被删除。
[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-8 10:24:11

本帖最后由驭龙于 2016-9-8 13:23 编辑

占位，SEP 14.0.1723正在努力下载中，新版本可调整机器学习等级，所以下午测试样本包
======================================
无奈，客户端无法设置机器学习的等级，依然是用默认MRL级别，查杀惨不忍睹的19个。

剩余12个EXE，本想双击，结果双击到一半，虚拟机程序死了，不是系统蓝屏，是VB崩溃。

所以放弃双击

显示全部楼层 · 发表于 2016-9-8 11:30:18

显示全部楼层 · 发表于 2016-9-8 11:42:06

Avira 31X

[mw_shl_code=css,true]Start of the scan: Thursday, 8 September, 2016  11:41

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.9.8'
C:\Users\User\Desktop\2016.9.8\02.vir
  [DETECTION] Is the TR/Crypt.Xpack.ctr Trojan
C:\Users\User\Desktop\2016.9.8\04.vir
  [DETECTION] Contains recognition pattern of the EXP/Locky.A exploit
C:\Users\User\Desktop\2016.9.8\05.vir
  [DETECTION] Contains code of the W2000M/Agent.81230 macro virus
C:\Users\User\Desktop\2016.9.8\06.vir
[0] Archive type: ZIP
--> l/??n.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.12 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??b.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.2 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??q.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.15 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??v.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.20 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??s.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.17 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??r.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.16 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??a.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??c.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.3 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??f.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.6 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??d.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.4 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??m.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.11 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??o.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.13 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??j.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.10 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??z.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.24 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??i.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.9 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??h.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.8 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??p.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.14 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??t.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.18 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??u.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.19 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??e.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.5 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??w.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.21 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??x.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.22 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??g.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.7 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??y.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.23 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\08.vir
  [DETECTION] Is the TR/Crypt.ZPACK.ulyuy Trojan
C:\Users\User\Desktop\2016.9.8\09.vir
[0] Archive type: RAR SFX (self extracting)
--> Viyyksslpj.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\11.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.9.8\16.vir
[0] Archive type: ZIP
--> l/??n.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.12 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??b.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.2 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??q.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.15 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??v.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.20 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??s.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.17 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??r.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.16 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??a.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??c.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.3 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??f.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.6 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??d.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.4 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??m.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.11 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??o.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.13 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??j.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.10 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??z.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.24 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??i.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.9 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??h.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.8 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??p.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.14 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??t.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.18 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??u.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.19 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??e.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.5 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??w.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.21 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??x.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.22 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??g.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.7 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> l/??y.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.klos.23 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\17.vir
  [DETECTION] Is the TR/Dropper.MSIL.jagd Trojan
C:\Users\User\Desktop\2016.9.8\19.vir
  [DETECTION] Is the TR/AD.VBInject.kdxn Trojan
C:\Users\User\Desktop\2016.9.8\20.vir
  [DETECTION] Is the TR/Spy.Omaneat.ieo Trojan
C:\Users\User\Desktop\2016.9.8\21.vir
  [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus
C:\Users\User\Desktop\2016.9.8\23.vir
  [DETECTION] Is the TR/Barys.xdbxe Trojan
C:\Users\User\Desktop\2016.9.8\25.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.38379 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\26.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.9.8\29.vir
  [DETECTION] Is the TR/Dldr.Banload.iyo Trojan
C:\Users\User\Desktop\2016.9.8\30.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.38379 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\31.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71668 Java script virus
C:\Users\User\Desktop\2016.9.8\32.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.VMB Java script virus
C:\Users\User\Desktop\2016.9.8\34.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.71668 Java script virus
C:\Users\User\Desktop\2016.9.8\35.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.XLW Java script virus
C:\Users\User\Desktop\2016.9.8\36.vir
  [DETECTION] Is the TR/Fsysna.gzpw Trojan
C:\Users\User\Desktop\2016.9.8\37.vir
  [DETECTION] Is the TR/Dropper.VB.vsirq Trojan
C:\Users\User\Desktop\2016.9.8\40.vir
  [DETECTION] Contains code of the W2000M/Agent.67921915 macro virus
C:\Users\User\Desktop\2016.9.8\41.vir
  [DETECTION] Contains code of the W2000M/Agent.3380165 macro virus
C:\Users\User\Desktop\2016.9.8\42.vir
  [DETECTION] Is the TR/Dropper.MSIL.ppxy Trojan
C:\Users\User\Desktop\2016.9.8\43.vir
[0] Archive type: ZIP
--> oldjfuiuf/McMc.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.14 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidv.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.9 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidt.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.7 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidm.class
      [DETECTION] Contains recognition pattern of the EXP/JAVA.Adwind.BC.Gen exploit
      [WARNING] Infected files in archives cannot be repaired
--> d/androide.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssh Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidk.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.sig Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androida.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssd.20 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidi.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.18 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidj.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.19 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidu.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.8 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidq.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.4 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidn.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.2 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidz.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.13 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidc.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.21 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidd.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.sldf Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidx.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.11 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidw.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.10 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidf.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.15 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidy.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.12 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androido.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.3 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidr.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.5 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidg.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.16 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidh.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.17 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidl.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.1 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androidb.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.20 Java virus
      [WARNING] Infected files in archives cannot be repaired
--> d/androids.class
      [DETECTION] Contains recognition pattern of the JAVA/Adwind.Sig.6 Java virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\45.vir
[0] Archive type: ZIP
--> word/vbaProject.bin
      [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.38379 macro virus
      [WARNING] Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.9.8\47.vir
  [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.79410 macro virus
C:\Users\User\Desktop\2016.9.8\48.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.XLW Java script virus
C:\Users\User\Desktop\2016.9.8\50.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.VMB Java script virus[/mw_shl_code]

显示全部楼层 · 发表于 2016-9-8 12:18:55

a1121611810 发表于 2016-9-8 11:30

国内版？还是国际版？

[病毒样本] 精睿样本测试（16.9.8）

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块