精睿样本测试（16.8.11）

轩夏

地址：

http://pan.baidu.com/s/1eRAhK8U  提取密码  ecuh

密码：bbs.vc52.cn
数量：50

分流……

轩夏

MSE
[mw_shl_code=css,true]Scan started on Thu Aug 11 09:32:28 2016

C:\Users\XuanXia\Desktop\2016.8.11\01.vir                                        Infected: Trojan:Win32/Usicabac.B
C:\Users\XuanXia\Desktop\2016.8.11\02.vir                                        Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.11\05.vir                                        Infected: PWS:HTML/Phish.LG
C:\Users\XuanXia\Desktop\2016.8.11\06.vir->word/vbaProject.bin                   Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.11\07.vir                                        Infected: TrojanDownloader:Win32/Upatre.AA
C:\Users\XuanXia\Desktop\2016.8.11\08.vir->[WsfCmtOut]->(SCRIPT0000)->(JSNORM)   Infected: TrojanDownloader:JS/Swabfex.P [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.11\11.vir                                        Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.11\14.vir->word/vbaProject.bin                   Infected: TrojanDownloader:O97M/Donoff.BG
C:\Users\XuanXia\Desktop\2016.8.11\15.vir                                        Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.11\16.vir                                        Infected: Trojan:VBS/Movanide.A
C:\Users\XuanXia\Desktop\2016.8.11\18.vir                                        Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.8.11\22.vir                                        Infected: Backdoor:MSIL/Bladabindi.B
C:\Users\XuanXia\Desktop\2016.8.11\23.vir->z.class                               Infected: Backdoor:Java/Adwind
C:\Users\XuanXia\Desktop\2016.8.11\24.vir                                        Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.8.11\25.vir                                        Infected: Trojan:VBS/Movanide.B
C:\Users\XuanXia\Desktop\2016.8.11\30.vir                                        Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.11\31.vir                                        Infected: TrojanSpy:MSIL/Omaneat!rfn
C:\Users\XuanXia\Desktop\2016.8.11\33.vir->word/vbaProject.bin                   Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.11\34.vir                                        Infected: Trojan:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.11\35.vir                                        Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.8.11\36.vir                                        Infected: TrojanDownloader:JS/Nemucod
C:\Users\XuanXia\Desktop\2016.8.11\37.vir                                        Infected: Worm:VBS/Jenxcus
C:\Users\XuanXia\Desktop\2016.8.11\38.vir                                        Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.11\39.vir                                        Infected: Backdoor:MSIL/Bladabindi.AL
C:\Users\XuanXia\Desktop\2016.8.11\40.vir                                        Infected: Backdoor:MSIL/Bladabindi
C:\Users\XuanXia\Desktop\2016.8.11\41.vir                                        Infected: TrojanSpy:Win32/Skeeyah.A!rfn
C:\Users\XuanXia\Desktop\2016.8.11\42.vir->(VFS:AD27EBAAF07A)                    Infected: Ransom:Win32/Vaultcrypt.A [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.11\42.vir->(7zSfx)->AD27EBAAF07A                 Infected: Ransom:Win32/Vaultcrypt.A [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.11\44.vir->mt_103_swft_pdf.exe                   Infected: Trojan:Win32/Usicabac.B
C:\Users\XuanXia\Desktop\2016.8.11\45.vir                                        Infected: Trojan:O97M/Madeba.A!det
C:\Users\XuanXia\Desktop\2016.8.11\46.vir                                        Infected: TrojanDownloader:JS/Swabfex.P
C:\Users\XuanXia\Desktop\2016.8.11\47.vir->[txtmzhextobin]                       Infected: Trojan:Win32/Swrort.A [non_writable_container]
C:\Users\XuanXia\Desktop\2016.8.11\48.vir->word/vbaProject.bin                   Infected: Trojan:O97M/Macrobe.D
C:\Users\XuanXia\Desktop\2016.8.11\48.vir->word/media/image1.jpeg                Infected: TrojanDownloader:O97M/Donoff
C:\Users\XuanXia\Desktop\2016.8.11\49.vir                                        Infected: Trojan:Win32/Kovter!rfn
C:\Users\XuanXia\Desktop\2016.8.11\50.vir                                        Infected: Trojan:Java/Adwind.AA
Successfully checked: C:\Users\XuanXia\Desktop\2016.8.11

Scan ended on Thu Aug 11 09:32:38 2016

Time: 10 second(s). [0h:00m:10s]
Files/second: 19 (1174 Kb/s).
Objects scanned: 193.
Infected: 36. Suspicious: 0. Clean: 157. Different virus bodies: 23.
Files: 50. Directories: 1. Archives: 29. Packed: 9. Mail files: 0.
Warnings: 36. Scan errors: 0. Protected: 0. Damaged: 0. Unknown method: 0. Spanned: 0.[/mw_shl_code]

km2002

卡巴2016扫描 28X    卡巴扫完 Zemana AntiMalware 再扫 补 6X               话说 轩夏 又开始过上分流的日子了  

轩夏

km2002 发表于 2016-8-11 09:46
卡巴2016占个位  话说 轩夏又开始过上分流的日子了

紫薯补丁

蓝天二号

斗牛犬  31X



再次扫描。右键 4X

km2002

Zemana AntiLogger 和 Zemana AntiMalware 扫描都是 16X   

PS：新版破解补丁卡巴 X   卡巴不是不怎么杀破解的么

Eset小粉絲

Avira 32X

[mw_shl_code=css,true]Start of the scan: Thursday, 11 August, 2016  10:10

Starting the file scan:

Begin scan in 'C:\Users\User\Desktop\2016.8.11'
C:\Users\User\Desktop\2016.8.11\01.vir
  [DETECTION] Is the TR/Dropper.MSIL.dvod Trojan
C:\Users\User\Desktop\2016.8.11\02.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.IC.75 Java script virus
C:\Users\User\Desktop\2016.8.11\03.vir
  [DETECTION] Is the TR/Crypt.ZPACK.mlec Trojan
C:\Users\User\Desktop\2016.8.11\06.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.128919 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\07.vir
  [DETECTION] Is the TR/Yarwi.AD.113 Trojan
C:\Users\User\Desktop\2016.8.11\08.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen6 HTML script virus
C:\Users\User\Desktop\2016.8.11\09.vir
  [DETECTION] Contains recognition pattern of the EXP/FLASH.Pubenush.T.Gen exploit
C:\Users\User\Desktop\2016.8.11\11.vir
  [DETECTION] Contains code of the W2000M/Agent.1999781 macro virus
C:\Users\User\Desktop\2016.8.11\12.vir
  [DETECTION] Is the TR/Agent.gymp Trojan
C:\Users\User\Desktop\2016.8.11\13.vir
  [DETECTION] Contains virus patterns of Adware ADWARE/iBryte.Gen7
C:\Users\User\Desktop\2016.8.11\14.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.72960 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\15.vir
  [DETECTION] Contains code of the W2000M/Agent.1999787 macro virus
C:\Users\User\Desktop\2016.8.11\18.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.CF Java script virus
C:\Users\User\Desktop\2016.8.11\22.vir
  [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bladabindi.ajoqj back-door program
C:\Users\User\Desktop\2016.8.11\23.vir
    [0] Archive type: ZIP
    --> d.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssd.14 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> z.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssd.16 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> k.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.ssd.15 Java virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\29.vir
  [DETECTION] Is the TR/Agent.nwlq Trojan
C:\Users\User\Desktop\2016.8.11\30.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.CF Java script virus
C:\Users\User\Desktop\2016.8.11\31.vir
  [DETECTION] Is the TR/Dropper.MSIL.xiiz Trojan
C:\Users\User\Desktop\2016.8.11\33.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Dldr.Agent.AM.128919 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\34.vir
  [DETECTION] Is the TR/Dropper.MSIL.vbch Trojan
C:\Users\User\Desktop\2016.8.11\35.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Locky.CF Java script virus
C:\Users\User\Desktop\2016.8.11\36.vir
  [DETECTION] Contains recognition pattern of the HTML/ExpKit.Gen2 HTML script virus
C:\Users\User\Desktop\2016.8.11\38.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.25668 Java script virus
C:\Users\User\Desktop\2016.8.11\39.vir
  [DETECTION] Is the TR/Dldr.Agent.aangvo Trojan
C:\Users\User\Desktop\2016.8.11\40.vir
    [0] Archive type: RAR SFX (self extracting)
    --> Yrdbix.exe
        [DETECTION] Is the TR/Dropper.Gen Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\42.vir
    [0] Archive type: 7-Zip SFX (self extracting)
    --> AD27EBAAF07A
        [DETECTION] Is the TR/Dropper.Gen Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\44.vir
    [0] Archive type: ZIP
    --> mt_103_swft_pdf.exe
        [DETECTION] Is the TR/Dropper.MSIL.bxdc Trojan
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\45.vir
  [DETECTION] Contains code of the W2000M/Agent.1999781 macro virus
C:\Users\User\Desktop\2016.8.11\46.vir
  [DETECTION] Contains recognition pattern of the JS/Dldr.Agent.25668 Java script virus
C:\Users\User\Desktop\2016.8.11\47.vir
  [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus
C:\Users\User\Desktop\2016.8.11\48.vir
    [0] Archive type: ZIP
    --> word/vbaProject.bin
        [DETECTION] Contains code of the W2000M/Agent.41910 macro virus
        [WARNING]   Infected files in archives cannot be repaired
C:\Users\User\Desktop\2016.8.11\50.vir
    [0] Archive type: ZIP
    --> j/m.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.4 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/e.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.1 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/q.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/p.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.7 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/y.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.14 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/j.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.1 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/u.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.12 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/t.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.11 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/z.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/b.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.shj Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/St.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.10 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/a.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.46546 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/h.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/s.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.9 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/k.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.2 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/c.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.65656 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/d.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5656 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/o.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.6 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/w.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.13 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/n.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.5 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/r.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.8 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/l.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.68876.3 Java virus
        [WARNING]   Infected files in archives cannot be repaired
    --> j/g.class
        [DETECTION] Contains recognition pattern of the JAVA/Adwind.5778888 Java virus
        [WARNING]   Infected files in archives cannot be repaired[/mw_shl_code]

心醉咖啡

火绒kill13X

zgl623

G DATA 扫描36

540923555

WD查杀+修复=34个，未处理样本16个