收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【05.21】#VirusPackage 9x + Modified Samples
12345
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] 【05.21】#VirusPackage 9x + Modified Samples

[复制链接]
aboringman
发表于 2018-5-22 08:49:51 | 显示全部楼层
klinxun 发表于 2018-5-22 01:16
蜘蛛,eset,红伞之类的库的质量还是可以的。其实作为应急先拉黑也无可厚非,但是后续还是得真正入库才行 ...

蜘蛛是那种不入库就绝对不杀的那种,靠DPD,DPH强撑效果也并不怎么好。

偷懒不一定,可能根本就没有想认真做这件事【一些小厂或大厂】
回复

举报

ziyerain2015
发表于 2018-5-22 10:13:38 | 显示全部楼层
aboringman 发表于 2018-5-22 00:27
你的特征库是不是太老了,我这边杀了6个,双击DPH杀了两个。

只是个扫描器而已,难道和大蜘蛛现在不一样了?5-18的病毒库,以前3个都杀的一样,还是因为XP下运行的关系?WIN10我这个也启动不了。。
回复

举报

XZ8SM7Sx0bVkoUV
发表于 2018-5-22 10:26:26 | 显示全部楼层
火绒

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

klinxun
发表于 2018-5-22 15:33:00 | 显示全部楼层
本帖最后由 klinxun 于 2018-5-22 15:38 编辑
aboringman 发表于 2018-5-22 08:49
蜘蛛是那种不入库就绝对不杀的那种,靠DPD,DPH强撑效果也并不怎么好。

偷懒不一定,可能根本就 ...

蜘蛛就是没有应急拉黑,双击效果也是一般,所以蜘蛛面对新威胁还是容易晚一步。我就试过在蜘蛛的保护下中过招,就一天之后入库但已经太晚。某些小厂甚至大厂或者真的如你所说不是偷懒,而是直接“堕落”了……美系三大,卡巴之类的还算有不错的云和主防,入侵防护等方式来联合防御。

评分

参与人数 1人气 +1 收起 理由
aboringman + 1 一切都是浮云,安慰下

查看全部评分

回复

举报

小飞侠.net
发表于 2018-5-25 09:29:14 | 显示全部楼层
本帖最后由 小飞侠.net 于 2018-5-25 10:11 编辑

X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 4)....1803):

Basic Info:
---------------------
Database Version: 2018.05.21.01
Program Version: [图片]2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521
---------------------
2018/05/25 10:10:08 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(2).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018/05/25 10:10:11 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(3).exe -- [Classic] [图片]Trojan.Win32.Kryptic.Al!GEN
2018/05/25 10:10:14 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(1).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018/05/25 10:10:15 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(4).exe -- [Cloud] Cloud:Trojan.Win32.LokiBot
2018/05/25 10:10:16 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(6).exe -- [Cloud] Cloud:Backdoor.Win32.ImmiRat
2018/05/25 10:10:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(7).exe -- [Cloud] Cloud:Trojan.Win32.Ransom
2018/05/25 10:10:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(8).exe -- [Cloud] Cloud:Backdoor.Win32.Generic
2018/05/25 10:10:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(9).exe -- [Classic] Backdoor.Win32.IRCBot.Aj
2018/05/25 10:10:18 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(5).exe -- [Cloud] Cloud:Trojan.Win32.Crypted
2018/05/25 10:10:25 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(2).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018/05/25 10:10:28 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(3).exe -- [Classic] [图片]Trojan.Win32.Kryptic.Al!GEN
2018/05/25 10:10:32 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(1).exe -- [Cloud] Cloud:Trojan.Win32.Injector
2018/05/25 10:10:32 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(4).exe -- [Cloud] Cloud:Trojan.Win32.LokiBot
2018/05/25 10:10:33 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(6).exe -- [Cloud] Cloud:Backdoor.Win32.ImmiRat
2018/05/25 10:10:34 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(7).exe -- [Cloud] Cloud:Trojan.Win32.Ransom
2018/05/25 10:10:34 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(8).exe -- [Cloud] Cloud:Backdoor.Win32.Generic
2018/05/25 10:10:34 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(9).exe -- [Classic] Backdoor.Win32.IRCBot.Aj
2018/05/25 10:10:36 Threat Detected: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(5).exe -- [Cloud] Cloud:Trojan.Win32.Crypted



  瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)   
                瑞星反恶软引擎命令行扫描器(社区交流版)                 


编译于:Sep 22 2017   15:07:50

提示:
  - 本工具供社区交流使用,请勿用于其他用途
  - 本工具没有恶意软件删除、清除、隔离功能
  - 本工具包含开发中的新特性,结果仅供参考

* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180525100610.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521

* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4297
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Fri May 25 10:06:27 2018

{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(6).exe","infect":{"engine":"rdmk","signature":"cmRtazob/+tXJ3ImD6RNto8YC8y3","threat":"Malware.Heuristic!ET#90%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(7).exe","infect":{"engine":"sha1","signature":"c2hhMToX3IYkcixRAR7fhOXqC9Q2+YFukA","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(3).exe","infect":{"engine":"sha1","signature":"c2hhMTrxspP02vpG1cO1h47g4zQiec1SFQ","threat":"Backdoor.Bladabindi!8.B1F"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(4).exe","infect":{"engine":"rdmk","signature":"cmRtazqug+jHiWKgc+pobzLO9OJp","threat":"Backdoor.Androm!8.113"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(8).exe","infect":{"engine":"sha1","signature":"c2hhMToJQHBc8nbm0yJ8Mw2Bg/x+PUtt5A","threat":"Backdoor.Bladabindi!8.B1F"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(1).exe","infect":{"engine":"sha1","signature":"c2hhMTpK5JHAIkZKe7pJtJDWr+KGmtdLyg","threat":"Trojan.Generic!8.C3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(5).exe","infect":{"engine":"sha1","signature":"c2hhMTrXoMD08zuOMLR3MEDjVNau0DSgJw","threat":"Trojan.Injector!1.AFE3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(2).exe","infect":{"engine":"sha1","signature":"c2hhMToBiXplXLS6/proQ1IrsXFyq0a0nQ","threat":"Trojan.Injector!1.AFE3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Modified Samples\\(9).exe","infect":{"engine":"sha1","signature":"c2hhMTpPakfqqNnsgyySDPTh/bT1zYQgGg","threat":"Trojan.Generic!8.C3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(3).exe","infect":{"engine":"sha1","signature":"c2hhMTp1ijkJ77hnz2wlHZrf+WKe1npTDg","threat":"Backdoor.Bladabindi!8.B1F"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(4).exe","infect":{"engine":"sha1","signature":"c2hhMTqU96Z1WggQiFlGzzb0wcrb8pzB1A","threat":"Backdoor.Androm!8.113"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(6).exe","infect":{"engine":"sha1","signature":"c2hhMTobKgQk9lsBnYR1+xP8akQ17OX4Cw","threat":"Dropper.Generic!8.35E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(7).exe","infect":{"engine":"sha1","signature":"c2hhMTo/hTL5G2LOPDuXzd/sVA2p/wQScw","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(1).exe","infect":{"engine":"sha1","signature":"c2hhMTqp5W1IkbhrgxbH3LkfvgGzNo7oGg","threat":"Trojan.Generic!8.C3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(2).exe","infect":{"engine":"rdmk","signature":"cmRtazqVST/1nIuk2bgRBFlBFA9b","threat":"Trojan.Injector!1.AFE3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(8).exe","infect":{"engine":"sha1","signature":"c2hhMTrA6/9b7JYmMwFA1YZTabO/QlKXgw","threat":"Backdoor.Bladabindi!8.B1F"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(5).exe","infect":{"engine":"sha1","signature":"c2hhMTpmRcMMtSWjZjMEaP79MuIJkAjVZg","threat":"Trojan.Injector!1.AFE3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\SmallVirus9x 0521\\Virus9x 0521\\Samples\\(9).exe","infect":{"engine":"sha1","signature":"c2hhMTpgFkctH8fj3E/XgwFYVxQrGrsbfQ","threat":"Trojan.Malex!8.657"},"type":"scan"}

扫描结束: Fri May 25 10:06:28 2018

总扫描耗时: 0:0:700(m:s:ms)
总扫描对象: 18
总扫描文件: 18
总恶意文件: 18
有效检出率: 100.00%



Emsisoft Emergency Kit - 版本 2018.4
上次更新: 2018/5/25 9:58:48
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10x64

Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
    Bitdefender(B)+Emsisoft(A) 双引擎


扫描设置:

扫描方式: 自定义扫描
对象: Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\

检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off

扫描开始于:        2018/5/25 10:02:01
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(4).exe         发现风险: Trojan.Injector (A) [293963]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(3).exe         发现风险: Gen:Heur.MSIL.Krypt.2 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(6).exe         发现风险: Trojan.GenericKD.30842585 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(2).exe         发现风险: Gen:Variant.Zusy.285593 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(5).exe         发现风险: Gen:Variant.Zusy.285593 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(7).exe         发现风险: Trojan.Agent.CZIB (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(1).exe         发现风险: Gen:Variant.Strictor.88478 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(8).exe         发现风险: Gen:Heur.MSIL.Androm.9 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(2).exe         发现风险: Trojan.GenericKD.30835569 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(4).exe         发现风险: Trojan.Injector (A) [293963]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(3).exe         发现风险: Gen:Heur.MSIL.Krypt.2 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(6).exe         发现风险: Trojan.GenericKD.30842585 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(1).exe         发现风险: Gen:Variant.Strictor.88478 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(7).exe         发现风险: Trojan.Agent.CZIB (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(5).exe         发现风险: Trojan.GenericKD.30835114 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(8).exe         发现风险: Gen:Heur.MSIL.Androm.9 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(9).exe         发现风险: Gen:Win32.IRC-Backdoor.amX@aW1EYvk (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(9).exe         发现风险: Gen:Win32.IRC-Backdoor.amW@aW1EYvk (B) [krnl.xmd]

已扫描        1864
发现        18

扫描完成后:        2018/5/25 10:02:22
扫描时间:        0:00:21



ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):

日志
正在扫描日志
检测引擎的版本: 17441P (20180524)
日期: 2018/5/25  时间: 9:48:18
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(1).exe - MSIL/Kryptik.LBI 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(2).exe - Win32/Injector.DYDK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(3).exe - MSIL/TrojanDropper.Agent.AHC 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(4).exe - Win32/Injector.DYCL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(5).exe - Win32/Injector.DYDK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(6).exe - MSIL/Kryptik.NCF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(7).exe - Win32/Kryptik.GGXD 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(8).exe - MSIL/Kryptik.KSF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Modified Samples\(9).exe - Win32/IRCBot.AVT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(1).exe - MSIL/Kryptik.LBI 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(2).exe - Win32/Injector.DYDK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(3).exe - MSIL/TrojanDropper.Agent.AHC 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(4).exe - Win32/Injector.DYCL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(5).exe - Win32/Injector.DYDK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(6).exe - MSIL/Kryptik.NCF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(7).exe - Win32/Kryptik.GGXD 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(8).exe - MSIL/Kryptik.KSF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\SmallVirus9x 0521\Virus9x 0521\Samples\(9).exe - Win32/IRCBot.AVT 特洛伊木马 的变种 - 通过删除清除 [1]
已扫描的对象数: 18
发现的威胁数: 18
已清除对象数: 18
完成时间: 9:48:46  总扫描时间: 28 秒 (00:00:28)

备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。



Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):

-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\21584BCD9 -rpcpr:np

Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521


C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(9).exe - infected with Trojan.DownLoader26.46709
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(9).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(6).exe - infected with Trojan.Inject3.4015
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(6).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(8).exe - infected with BackDoor.Bifrost.19762
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(3).exe - infected with Trojan.DownLoader23.27334
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(3).exe - infected with Trojan.DownLoader23.27334
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(1).exe - infected with Trojan.Starter.7472
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(1).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(6).exe - infected with Trojan.Inject3.4015
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(6).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(4).exe - infected with Trojan.Inject1.54688
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(4).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(5).exe - infected with Trojan.PWS.Stealer.23881
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(5).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(8).exe - infected with BackDoor.Bifrost.19762
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(9).exe - infected with Trojan.DownLoader26.46741
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(9).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(4).exe - infected with Trojan.Inject1.54688
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(4).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(7).exe - infected with Trojan.Encoder.24384
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(7).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(2).exe - infected with Trojan.PWS.Stealer.23881
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(2).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(2).exe - infected with Trojan.PWS.Stealer.23881
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(2).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(7).exe - infected with Trojan.Encoder.24384
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(7).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(5).exe - infected with Trojan.PWS.Stealer.23881
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(5).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(1).exe - infected with Trojan.Starter.7472
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(1).exe - infected

Total 13020230 bytes in 18 files scanned
There are no clean objects detected
Total 18 files are infected
Scan time is 00:00:01.633




文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521.rar
文件大小: 8.78 MB (9,211,763 字节)
修改时间: 2018年05月25日,09:24:07
MD5: F70E32DC9064BB278A263EA0E64C933D
SHA1: 5A67786D637FE10B819B7500C70D9017F420AAE2
SHA256: 039FFCAF9CCA7608820365ED51AB305DDF8BED18BDF34B10739539A21BB07733
SHA512: A53B4E18177000F7ADF9B2C28773000A7C24334AF674C29C584E9B8B9FF6A5B9315B457D1F2CC97B5CC979A93D52DBB77DBC8F81BC7EB4EE24B935AE7685413F
CRC32: 567D0E74
计算时间: 0.44s



火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。

病毒库:2018-05-24 15:04
开始时间:2018-05-25 09:26
总计用时:00:00:05
扫描对象:18个
扫描文件:18个
发现风险:18个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个

病毒详情

风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(1).exe, 病毒名:Trojan/Generic!822BDFF6AB2B47B9, 病毒ID:[822bdff6ab2b47b9], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(4).exe, 病毒名:Trojan/Generic!7361664334C808F8, 病毒ID:[7361664334c808f8], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(2).exe, 病毒名:Trojan/Generic!D8E03D6A1A494E0A, 病毒ID:[d8e03d6a1a494e0a], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(5).exe, 病毒名:Trojan/Generic!A20210E538A066AE, 病毒ID:[a20210e538a066ae], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(3).exe, 病毒名:TrojanDropper/MSIL.Agent.q, 病毒ID:[2954e0ae8ec6f632], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(8).exe, 病毒名:Trojan/MSIL.Injector.en, 病毒ID:[817d0226072c6120], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(7).exe, 病毒名:Trojan/Generic!F26364A0722FC600, 病毒ID:[f26364a0722fc600], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(6).exe, 病毒名:Trojan/Generic!B4D883AD97F3565F, 病毒ID:[b4d883ad97f3565f], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(2).exe, 病毒名:Trojan/Generic!21AAF4528FD8D15B, 病毒ID:[21aaf4528fd8d15b], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(3).exe, 病毒名:TrojanDropper/MSIL.Agent.q, 病毒ID:[2954e0ae8ec6f632], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Modified Samples\(9).exe, 病毒名:HVM:TrojanDownloader/Small.gen!A, 病毒ID:[3771d7b34ee4be40], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(4).exe, 病毒名:Trojan/Generic!965F9A132E83BA35, 病毒ID:[965f9a132e83ba35], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(6).exe, 病毒名:Trojan/Generic!E1DC16BE9792EB33, 病毒ID:[e1dc16be9792eb33], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(5).exe, 病毒名:Trojan/Generic!AE97E350B4D89D8A, 病毒ID:[ae97e350b4d89d8a], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(1).exe, 病毒名:Trojan/Generic!098BC55A8AE6B896, 病毒ID:[98bc55a8ae6b896], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(8).exe, 病毒名:Trojan/MSIL.Injector.en, 病毒ID:[817d0226072c6120], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(7).exe, 病毒名:Trojan/Generic!F2C28AAC9A642B30, 病毒ID:[f2c28aac9a642b30], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus9x 0521\Samples\(9).exe, 病毒名:HVM:TrojanDownloader/Small.gen!A, 病毒ID:[3771d7b34ee4be40], 处理结果:已忽略
回复

举报

xique666
头像被屏蔽
发表于 2018-5-26 13:32:38 | 显示全部楼层
火绒全部kill
回复

举报

12345
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-11 03:47 , Processed in 0.107055 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表