收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0702
1234567下一页
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] #PACKAGE 0702

  [复制链接]
Picca
发表于 2018-7-2 22:49:11 | 显示全部楼层
pal家族 发表于 2018-7-2 22:35
vt我没传一个,可能是软件自动上传的

不是,那几个我说传了VT的,md5已经可以在VT上查的到了,肯定有人传了。因为有几个报UDS:Dangerous的VT上面是查不到md5的
回复

举报

Jirehlov1234
发表于 2018-7-2 22:50:38 来自手机 | 显示全部楼层
pal家族 发表于 2018-7-2 22:23
你确定现在的UDS+准确报毒名,不是比Dangerouspattern更高级东西吗?
至少根据我的测试,修改哈希前后不 ...

https://bbs.kafan.cn/forum.php?mod=viewthread&tid=2124677&page=1#pid42075212

参考3L,这个例子里一扫UDS改了哈希全过,无论是拉黑还是准确地特征杀
回复

举报

Picca
发表于 2018-7-2 22:52:14 | 显示全部楼层
191196846 发表于 2018-7-2 22:45
21 -  Win32/QQWare.AA

看报毒名应该是盗号的

电脑没QQ,而且那个程序可以退出,那个窗口很明显的,因为什么字都没有。
回复

举报

pal家族
发表于 2018-7-2 22:55:46 | 显示全部楼层
Jirehlov1234 发表于 2018-7-2 22:50
https://bbs.kafan.cn/forum.php?mod=viewthread&tid=2124677&page=1#pid42075212

参考3L,这个例子里 ...

(流量帝)过分了吧老哥。。。。。你凭什么让纯md5拉黑的Dangerousobject能防md5修改啊。。。。
你怎么不说,本来不报毒的,修改了md5也不报毒呢、、、、
回复

举报

WhiteCruel
发表于 2018-7-2 23:00:49 | 显示全部楼层
191196846 发表于 2018-7-2 22:49
好的,我看下
确认没有白文件

我虚拟机双击一下看看能不能跑出行为
回复

举报

Jirehlov1234
发表于 2018-7-2 23:03:13 来自手机 | 显示全部楼层
pal家族 发表于 2018-7-2 22:55
(流量帝)过分了吧老哥。。。。。你凭什么让纯md5拉黑的Dangerousobject能防md5修改啊。。。。
你怎么 ...

还有一些准确报法的也被过了
回复

举报

Picca
发表于 2018-7-2 23:32:51 | 显示全部楼层
本帖最后由 Karna 于 2018-7-3 00:23 编辑
pal家族 发表于 2018-7-2 22:55
(流量帝)过分了吧老哥。。。。。你凭什么让纯md5拉黑的Dangerousobject能防md5修改啊。。。。
你怎么 ...

卡巴有些准确报毒的入库病毒也是md5拉黑的,改了就过。我记得刚进来那会儿,卡饭有个帖子专门说了卡巴和md5拉黑那事儿。还有你说的那个部署的超级拉黑,很可能是我双击的结果,卡巴对客户端跑起来的未知程序敏感级较高
回复

举报

WhiteCruel
发表于 2018-7-2 23:45:33 | 显示全部楼层
191196846 发表于 2018-7-2 22:49
好的,我看下
确认没有白文件

已更新双击结果
回复

举报

,就一个.
发表于 2018-7-3 00:03:22 | 显示全部楼层
191196846 发表于 2018-7-2 21:55
默认设置吗?还是你云级别调到最高了?

我看不到图片……

云级别最高
回复

举报

fzshot
发表于 2018-7-3 04:40:32 | 显示全部楼层
本帖最后由 fzshot 于 2018-7-2 14:47 编辑

Avira 30/30 100%
其中 3 4 20 为 HEUR/AGEN 报法
  1. Start of the scan: 2018-07-02 16:35:28
  2. 07/02/2018,16-35-44        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(1).exe'
  3. 07/02/2018,16-35-44        [INFO]        The file 'c:\users\cheng\desktop\infected\(1).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = 890066E8226FB84691069E68D7214129275C7E15EA1FEEE04C1620776E21EE48
  4. 07/02/2018,16-35-44        [INFO]        c:\users\cheng\desktop\infected\(1).exe
  5. 07/02/2018,16-35-44        [INFO]        [DETECTION] file contains 'TR/Spy.Bebloh.890066'
  6. 07/02/2018,16-35-56        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(10).exe'
  7. 07/02/2018,16-35-56        [INFO]        The file 'c:\users\cheng\desktop\infected\(10).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = F0A63A9656A2F2B849275C0EF16D7BBAE85882F5757CD395EE534A41D11BAD1F
  8. 07/02/2018,16-35-56        [INFO]        c:\users\cheng\desktop\infected\(10).exe
  9. 07/02/2018,16-35-56        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.f0a63a'
  10. 07/02/2018,16-35-56        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(11).exe'
  11. 07/02/2018,16-35-56        [INFO]        c:\users\cheng\desktop\infected\(11).exe
  12. 07/02/2018,16-35-56        [INFO]        [DETECTION] file contains 'TR/AD.Fareit.xxleo'
  13. 07/02/2018,16-35-56        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(12).exe'
  14. 07/02/2018,16-35-56        [INFO]        c:\users\cheng\desktop\infected\(12).exe
  15. 07/02/2018,16-35-56        [INFO]        [DETECTION] file contains 'BDS/Androm.kpeli'
  16. 07/02/2018,16-35-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(13).exe'
  17. 07/02/2018,16-35-57        [INFO]        The file 'c:\users\cheng\desktop\infected\(13).exe' was scanned with the Protection Cloud. SHA256 = 9160E320F661880CBED2AC19A1CF8C22262AD0093B7A6CBBAF5736E453CF60B2
  18. 07/02/2018,16-35-57        [INFO]        c:\users\cheng\desktop\infected\(13).exe
  19. 07/02/2018,16-35-57        [INFO]        [DETECTION] file contains 'TR/Dropper.MSIL.9160e3'
  20. 07/02/2018,16-35-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(14).exe'
  21. 07/02/2018,16-35-57        [INFO]        The file 'c:\users\cheng\desktop\infected\(14).exe' was scanned with the Protection Cloud. SHA256 = CBD3CE340A465755F4E7F0E03C0085224E8F115EFC1DBB6C36888FB30180ECCE
  22. 07/02/2018,16-35-57        [INFO]        c:\users\cheng\desktop\infected\(14).exe
  23. 07/02/2018,16-35-57        [INFO]        [DETECTION] file contains 'TR/Dropper.VB.cbd3ce'
  24. 07/02/2018,16-35-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(15).exe'
  25. 07/02/2018,16-35-57        [INFO]        c:\users\cheng\desktop\infected\(15).exe
  26. 07/02/2018,16-35-57        [INFO]        [DETECTION] file contains 'TR/Crypt.Agent.rbxih'
  27. 07/02/2018,16-35-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(16).exe'
  28. 07/02/2018,16-35-57        [INFO]        c:\users\cheng\desktop\infected\(16).exe
  29. 07/02/2018,16-35-57        [INFO]        [DETECTION] file contains 'TR/Dropper.Gen'
  30. 07/02/2018,16-35-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(17).exe'
  31. 07/02/2018,16-35-57        [INFO]        c:\users\cheng\desktop\infected\(17).exe
  32. 07/02/2018,16-35-57        [INFO]        [DETECTION] file contains 'BDS/Zegost.zieds'
  33. 07/02/2018,16-35-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(18).exe'
  34. 07/02/2018,16-35-58        [INFO]        c:\users\cheng\desktop\infected\(18).exe
  35. 07/02/2018,16-35-58        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.Gen'
  36. 07/02/2018,16-35-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(19).exe'
  37. 07/02/2018,16-35-58        [INFO]        c:\users\cheng\desktop\infected\(19).exe
  38. 07/02/2018,16-35-58        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.Gen'
  39. 07/02/2018,16-35-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(2).exe'
  40. 07/02/2018,16-35-58        [INFO]        The file 'c:\users\cheng\desktop\infected\(2).exe' was scanned with the Protection Cloud. SHA256 = CB85970DFD9DEE12FED04C4958CBC029818FDE76C42783100B1B21DDF3702194
  41. 07/02/2018,16-35-58        [INFO]        c:\users\cheng\desktop\infected\(2).exe
  42. 07/02/2018,16-35-58        [INFO]        [DETECTION] file contains 'DR/Delphi.cb8597'
  43. 07/02/2018,16-35-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(20).exe'
  44. 07/02/2018,16-35-58        [INFO]        c:\users\cheng\desktop\infected\(20).exe
  45. 07/02/2018,16-35-58        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1016264'
  46. 07/02/2018,16-35-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(21).exe'
  47. 07/02/2018,16-35-58        [INFO]        c:\users\cheng\desktop\infected\(21).exe
  48. 07/02/2018,16-35-58        [INFO]        [DETECTION] file contains 'TR/Fraudster.vpxku'
  49. 07/02/2018,16-36-08        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(22).exe'
  50. 07/02/2018,16-36-08        [INFO]        The file 'c:\users\cheng\desktop\infected\(22).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = 0C785D7427005E60FCF230D3648F8450102B31CD14BFE416791D793D5E83DAEB
  51. 07/02/2018,16-36-08        [INFO]        c:\users\cheng\desktop\infected\(22).exe
  52. 07/02/2018,16-36-08        [INFO]        [DETECTION] file contains 'TR/PSW.Fareit.0c785d'
  53. 07/02/2018,16-36-21        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(23).exe'
  54. 07/02/2018,16-36-21        [INFO]        The file 'c:\users\cheng\desktop\infected\(23).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = 8875E87A7F3FC422B191C957F8546976B586A702527BF2FA12613AB11BDD4990
  55. 07/02/2018,16-36-21        [INFO]        c:\users\cheng\desktop\infected\(23).exe
  56. 07/02/2018,16-36-21        [INFO]        [DETECTION] file contains 'TR/Dropper.VB.8875e8'
  57. 07/02/2018,16-36-21        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(24).exe'
  58. 07/02/2018,16-36-21        [INFO]        The file 'c:\users\cheng\desktop\infected\(24).exe' was scanned with the Protection Cloud. SHA256 = 7F077BD16A83BC058F5C0BCDCB391DB1BAF3AC8A5411E7673086814E8F82F59F
  59. 07/02/2018,16-36-21        [INFO]        c:\users\cheng\desktop\infected\(24).exe
  60. 07/02/2018,16-36-21        [INFO]        [DETECTION] file contains 'DR/Delphi.7f077b'
  61. 07/02/2018,16-36-22        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(25).exe'
  62. 07/02/2018,16-36-22        [INFO]        The file 'c:\users\cheng\desktop\infected\(25).exe' was scanned with the Protection Cloud. SHA256 = 38B51E54B0168913C2A2A3765B6AD0DB127B2F0B9EE515872D5803BF8E0697DA
  63. 07/02/2018,16-36-22        [INFO]        c:\users\cheng\desktop\infected\(25).exe
  64. 07/02/2018,16-36-22        [INFO]        [DETECTION] file contains 'TR/Crypt.ZPACK.38b51e'
  65. 07/02/2018,16-36-33        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(26).exe'
  66. 07/02/2018,16-36-33        [INFO]        The file 'c:\users\cheng\desktop\infected\(26).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = E0CABFB63F89FAC3BB4010C0191CCF590764B3E93E86256246B08AC668E0CD5D
  67. 07/02/2018,16-36-33        [INFO]        c:\users\cheng\desktop\infected\(26).exe
  68. 07/02/2018,16-36-33        [INFO]        [DETECTION] file contains 'TR/Crypt.ZPACK.Gen8'
  69. 07/02/2018,16-36-34        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(27).exe'
  70. 07/02/2018,16-36-34        [INFO]        The file 'c:\users\cheng\desktop\infected\(27).exe' was scanned with the Protection Cloud. SHA256 = F0F0B4B826E118BCE1101194CD8D6807E59FE080C5BF0022AFBB01DC4408A390
  71. 07/02/2018,16-36-34        [INFO]        c:\users\cheng\desktop\infected\(27).exe
  72. 07/02/2018,16-36-34        [INFO]        [DETECTION] file contains 'TR/Crypt.ZPACK.f0f0b4'
  73. 07/02/2018,16-36-46        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(28).exe'
  74. 07/02/2018,16-36-46        [INFO]        The file 'c:\users\cheng\desktop\infected\(28).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = 78D0A1A83E6E5698A96630FE4E01AC1ACD686B863B112B3BDB4F1AFF543962D6
  75. 07/02/2018,16-36-46        [INFO]        c:\users\cheng\desktop\infected\(28).exe
  76. 07/02/2018,16-36-46        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.78d0a1'
  77. 07/02/2018,16-37-04        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(29).exe'
  78. 07/02/2018,16-37-04        [INFO]        The file 'c:\users\cheng\desktop\infected\(29).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = 2F6E721A47F0E0EE0F2833A3BA5B19C2A88FA5CD4AD94721FC0B17003E7B1D6E
  79. 07/02/2018,16-37-04        [INFO]        c:\users\cheng\desktop\infected\(29).exe
  80. 07/02/2018,16-37-04        [INFO]        [DETECTION] file contains 'DR/Delphi.2f6e72'
  81. 07/02/2018,16-37-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(3).exe'
  82. 07/02/2018,16-37-05        [INFO]        c:\users\cheng\desktop\infected\(3).exe
  83. 07/02/2018,16-37-05        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1006332'
  84. 07/02/2018,16-37-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(30).exe'
  85. 07/02/2018,16-37-05        [INFO]        The file 'c:\users\cheng\desktop\infected\(30).exe' was scanned with the Protection Cloud. SHA256 = FFC2BC2ADEC08C3F0890D04B69A03B079A3A96728DB3E39CE20178F7222961DB
  86. 07/02/2018,16-37-05        [INFO]        c:\users\cheng\desktop\infected\(30).exe
  87. 07/02/2018,16-37-05        [INFO]        [DETECTION] file contains 'TR/PSW.Fareit.ffc2bc'
  88. 07/02/2018,16-37-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(4).exe'
  89. 07/02/2018,16-37-05        [INFO]        c:\users\cheng\desktop\infected\(4).exe
  90. 07/02/2018,16-37-05        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1006332'
  91. 07/02/2018,16-37-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(5).exe'
  92. 07/02/2018,16-37-05        [INFO]        c:\users\cheng\desktop\infected\(5).exe
  93. 07/02/2018,16-37-05        [INFO]        [DETECTION] file contains 'TR/ATRAPS.Gen'
  94. 07/02/2018,16-37-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(6).exe'
  95. 07/02/2018,16-37-05        [INFO]        c:\users\cheng\desktop\infected\(6).exe
  96. 07/02/2018,16-37-05        [INFO]        [DETECTION] file contains 'TR/Crypt.Agent.hpdyr'
  97. 07/02/2018,16-37-06        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(7).exe'
  98. 07/02/2018,16-37-06        [INFO]        c:\users\cheng\desktop\infected\(7).exe
  99. 07/02/2018,16-37-06        [INFO]        [DETECTION] file contains 'TR/Dropper.MSIL.Gen'
  100. 07/02/2018,16-37-17        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(8).exe'
  101. 07/02/2018,16-37-17        [INFO]        The file 'c:\users\cheng\desktop\infected\(8).exe' has been uploaded to the Protection Cloud and analyzed. SHA256 = 99AAFB578E136DFBA9011F3ED6F68D25DF2F5F9C39220F08785C3EDF9D26FD88
  102. 07/02/2018,16-37-17        [INFO]        c:\users\cheng\desktop\infected\(8).exe
  103. 07/02/2018,16-37-17        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.99aafb'
  104. 07/02/2018,16-37-18        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\cheng\desktop\infected\(9).exe'
  105. 07/02/2018,16-37-18        [INFO]        The file 'c:\users\cheng\desktop\infected\(9).exe' was scanned with the Protection Cloud. SHA256 = 0A09D8BA43E5B681862901EFF1A67C2DE026F01AED3E3D7E633B93F3CCF9115D
  106. 07/02/2018,16-37-18        [INFO]        c:\users\cheng\desktop\infected\(9).exe
  107. 07/02/2018,16-37-18        [INFO]        [DETECTION] file contains 'TR/Dropper.VB.0a09d8'
  108. 07/02/2018,16-37-30        [INFO]        repair.rdf loaded (version: 1.0.42.56)
  109. 07/02/2018,16-37-30        [INFO]        Repair of Generic started.
  110. 07/02/2018,16-37-31        [INFO]        Repair of Generic finished successfully.
  111. 07/02/2018,16-37-31        [INFO]        Repair of TR/Spy.Bebloh.890066 started.
  112. 07/02/2018,16-37-34        [INFO]        Repair of TR/Spy.Bebloh.890066 finished successfully.
  113. 07/02/2018,16-37-35        [INFO]        c:\users\cheng\desktop\infected\(1).exe
  114. 07/02/2018,16-37-35        [INFO]        [ACTION] Clean
  115. 07/02/2018,16-37-35        [INFO]        Repair of TR/Crypt.XPACK.f0a63a started.
  116. 07/02/2018,16-37-37        [INFO]        Repair of TR/Crypt.XPACK.f0a63a finished successfully.
  117. 07/02/2018,16-37-38        [INFO]        c:\users\cheng\desktop\infected\(10).exe
  118. 07/02/2018,16-37-38        [INFO]        [ACTION] Clean
  119. 07/02/2018,16-37-38        [INFO]        Repair of TR/AD.Fareit.xxleo started.
  120. 07/02/2018,16-37-41        [INFO]        Repair of TR/AD.Fareit.xxleo finished successfully.
  121. 07/02/2018,16-37-41        [INFO]        c:\users\cheng\desktop\infected\(11).exe
  122. 07/02/2018,16-37-41        [INFO]        [ACTION] Clean
  123. 07/02/2018,16-37-41        [INFO]        Repair of BDS/Androm.kpeli started.
  124. 07/02/2018,16-37-44        [INFO]        Repair of BDS/Androm.kpeli finished successfully.
  125. 07/02/2018,16-37-44        [INFO]        c:\users\cheng\desktop\infected\(12).exe
  126. 07/02/2018,16-37-44        [INFO]        [ACTION] Clean
  127. 07/02/2018,16-37-44        [INFO]        Repair of TR/Dropper.MSIL.9160e3 started.
  128. 07/02/2018,16-37-47        [INFO]        Repair of TR/Dropper.MSIL.9160e3 finished successfully.
  129. 07/02/2018,16-37-47        [INFO]        c:\users\cheng\desktop\infected\(13).exe
  130. 07/02/2018,16-37-47        [INFO]        [ACTION] Clean
  131. 07/02/2018,16-37-47        [INFO]        Repair of TR/Dropper.VB.cbd3ce started.
  132. 07/02/2018,16-37-50        [INFO]        Repair of TR/Dropper.VB.cbd3ce finished successfully.
  133. 07/02/2018,16-37-50        [INFO]        c:\users\cheng\desktop\infected\(14).exe
  134. 07/02/2018,16-37-50        [INFO]        [ACTION] Clean
  135. 07/02/2018,16-37-50        [INFO]        Repair of TR/Crypt.Agent.rbxih started.
  136. 07/02/2018,16-37-53        [INFO]        Repair of TR/Crypt.Agent.rbxih finished successfully.
  137. 07/02/2018,16-37-53        [INFO]        c:\users\cheng\desktop\infected\(15).exe
  138. 07/02/2018,16-37-53        [INFO]        [ACTION] Clean
  139. 07/02/2018,16-37-53        [INFO]        Repair of TR/Dropper.Gen started.
  140. 07/02/2018,16-37-56        [INFO]        Repair of TR/Dropper.Gen finished successfully.
  141. 07/02/2018,16-37-56        [INFO]        c:\users\cheng\desktop\infected\(16).exe
  142. 07/02/2018,16-37-56        [INFO]        [ACTION] Clean
  143. 07/02/2018,16-37-56        [INFO]        Repair of BDS/Zegost.zieds started.
  144. 07/02/2018,16-37-59        [INFO]        Repair of BDS/Zegost.zieds finished successfully.
  145. 07/02/2018,16-37-59        [INFO]        c:\users\cheng\desktop\infected\(17).exe
  146. 07/02/2018,16-37-59        [INFO]        [ACTION] Clean
  147. 07/02/2018,16-37-59        [INFO]        Repair of TR/Crypt.XPACK.Gen started.
  148. 07/02/2018,16-38-02        [INFO]        Repair of TR/Crypt.XPACK.Gen finished successfully.
  149. 07/02/2018,16-38-03        [INFO]        c:\users\cheng\desktop\infected\(18).exe
  150. 07/02/2018,16-38-03        [INFO]        [ACTION] Clean
  151. 07/02/2018,16-38-03        [INFO]        Repair of TR/Crypt.XPACK.Gen started.
  152. 07/02/2018,16-38-05        [INFO]        Repair of TR/Crypt.XPACK.Gen finished successfully.
  153. 07/02/2018,16-38-06        [INFO]        c:\users\cheng\desktop\infected\(19).exe
  154. 07/02/2018,16-38-06        [INFO]        [ACTION] Clean
  155. 07/02/2018,16-38-06        [INFO]        Repair of DR/Delphi.cb8597 started.
  156. 07/02/2018,16-38-08        [INFO]        Repair of DR/Delphi.cb8597 finished successfully.
  157. 07/02/2018,16-38-09        [INFO]        c:\users\cheng\desktop\infected\(2).exe
  158. 07/02/2018,16-38-09        [INFO]        [ACTION] Clean
  159. 07/02/2018,16-38-09        [INFO]        Repair of HEUR/AGEN.1016264 started.
  160. 07/02/2018,16-38-12        [INFO]        Repair of HEUR/AGEN.1016264 finished successfully.
  161. 07/02/2018,16-38-12        [INFO]        c:\users\cheng\desktop\infected\(20).exe
  162. 07/02/2018,16-38-12        [INFO]        [ACTION] Clean
  163. 07/02/2018,16-38-12        [INFO]        Repair of TR/Fraudster.vpxku started.
  164. 07/02/2018,16-38-15        [INFO]        Repair of TR/Fraudster.vpxku finished successfully.
  165. 07/02/2018,16-38-15        [INFO]        c:\users\cheng\desktop\infected\(21).exe
  166. 07/02/2018,16-38-15        [INFO]        [ACTION] Clean
  167. 07/02/2018,16-38-15        [INFO]        Repair of TR/PSW.Fareit.0c785d started.
  168. 07/02/2018,16-38-18        [INFO]        Repair of TR/PSW.Fareit.0c785d finished successfully.
  169. 07/02/2018,16-38-18        [INFO]        c:\users\cheng\desktop\infected\(22).exe
  170. 07/02/2018,16-38-18        [INFO]        [ACTION] Clean
  171. 07/02/2018,16-38-18        [INFO]        Repair of TR/Dropper.VB.8875e8 started.
  172. 07/02/2018,16-38-21        [INFO]        Repair of TR/Dropper.VB.8875e8 finished successfully.
  173. 07/02/2018,16-38-21        [INFO]        c:\users\cheng\desktop\infected\(23).exe
  174. 07/02/2018,16-38-21        [INFO]        [ACTION] Clean
  175. 07/02/2018,16-38-22        [INFO]        Repair of DR/Delphi.7f077b started.
  176. 07/02/2018,16-38-24        [INFO]        Repair of DR/Delphi.7f077b finished successfully.
  177. 07/02/2018,16-38-25        [INFO]        c:\users\cheng\desktop\infected\(24).exe
  178. 07/02/2018,16-38-25        [INFO]        [ACTION] Clean
  179. 07/02/2018,16-38-25        [INFO]        Repair of TR/Crypt.ZPACK.38b51e started.
  180. 07/02/2018,16-38-27        [INFO]        Repair of TR/Crypt.ZPACK.38b51e finished successfully.
  181. 07/02/2018,16-38-28        [INFO]        c:\users\cheng\desktop\infected\(25).exe
  182. 07/02/2018,16-38-28        [INFO]        [ACTION] Clean
  183. 07/02/2018,16-38-28        [INFO]        Repair of TR/Crypt.ZPACK.Gen8 started.
  184. 07/02/2018,16-38-31        [INFO]        Repair of TR/Crypt.ZPACK.Gen8 finished successfully.
  185. 07/02/2018,16-38-31        [INFO]        c:\users\cheng\desktop\infected\(26).exe
  186. 07/02/2018,16-38-31        [INFO]        [ACTION] Clean
  187. 07/02/2018,16-38-31        [INFO]        Repair of TR/Crypt.ZPACK.f0f0b4 started.
  188. 07/02/2018,16-38-34        [INFO]        Repair of TR/Crypt.ZPACK.f0f0b4 finished successfully.
  189. 07/02/2018,16-38-34        [INFO]        c:\users\cheng\desktop\infected\(27).exe
  190. 07/02/2018,16-38-34        [INFO]        [ACTION] Clean
  191. 07/02/2018,16-38-34        [INFO]        Repair of TR/Crypt.XPACK.78d0a1 started.
  192. 07/02/2018,16-38-37        [INFO]        Repair of TR/Crypt.XPACK.78d0a1 finished successfully.
  193. 07/02/2018,16-38-37        [INFO]        c:\users\cheng\desktop\infected\(28).exe
  194. 07/02/2018,16-38-37        [INFO]        [ACTION] Clean
  195. 07/02/2018,16-38-37        [INFO]        Repair of DR/Delphi.2f6e72 started.
  196. 07/02/2018,16-38-40        [INFO]        Repair of DR/Delphi.2f6e72 finished successfully.
  197. 07/02/2018,16-38-40        [INFO]        c:\users\cheng\desktop\infected\(29).exe
  198. 07/02/2018,16-38-40        [INFO]        [ACTION] Clean
  199. 07/02/2018,16-38-40        [INFO]        Repair of HEUR/AGEN.1006332 started.
  200. 07/02/2018,16-38-43        [INFO]        Repair of HEUR/AGEN.1006332 finished successfully.
  201. 07/02/2018,16-38-43        [INFO]        c:\users\cheng\desktop\infected\(3).exe
  202. 07/02/2018,16-38-43        [INFO]        [ACTION] Clean
  203. 07/02/2018,16-38-43        [INFO]        Repair of TR/PSW.Fareit.ffc2bc started.
  204. 07/02/2018,16-38-46        [INFO]        Repair of TR/PSW.Fareit.ffc2bc finished successfully.
  205. 07/02/2018,16-38-46        [INFO]        c:\users\cheng\desktop\infected\(30).exe
  206. 07/02/2018,16-38-46        [INFO]        [ACTION] Clean
  207. 07/02/2018,16-38-46        [INFO]        Repair of HEUR/AGEN.1006332 started.
  208. 07/02/2018,16-38-49        [INFO]        Repair of HEUR/AGEN.1006332 finished successfully.
  209. 07/02/2018,16-38-49        [INFO]        c:\users\cheng\desktop\infected\(4).exe
  210. 07/02/2018,16-38-49        [INFO]        [ACTION] Clean
  211. 07/02/2018,16-38-49        [INFO]        Repair of TR/ATRAPS.Gen started.
  212. 07/02/2018,16-38-52        [INFO]        Repair of TR/ATRAPS.Gen finished successfully.
  213. 07/02/2018,16-38-52        [INFO]        c:\users\cheng\desktop\infected\(5).exe
  214. 07/02/2018,16-38-52        [INFO]        [ACTION] Clean
  215. 07/02/2018,16-38-52        [INFO]        Repair of TR/Crypt.Agent.hpdyr started.
  216. 07/02/2018,16-38-55        [INFO]        Repair of TR/Crypt.Agent.hpdyr finished successfully.
  217. 07/02/2018,16-38-55        [INFO]        c:\users\cheng\desktop\infected\(6).exe
  218. 07/02/2018,16-38-55        [INFO]        [ACTION] Clean
  219. 07/02/2018,16-38-55        [INFO]        Repair of TR/Dropper.MSIL.Gen started.
  220. 07/02/2018,16-38-58        [INFO]        Repair of TR/Dropper.MSIL.Gen finished successfully.
  221. 07/02/2018,16-38-58        [INFO]        c:\users\cheng\desktop\infected\(7).exe
  222. 07/02/2018,16-38-58        [INFO]        [ACTION] Clean
  223. 07/02/2018,16-38-58        [INFO]        Repair of TR/Crypt.XPACK.99aafb started.
  224. 07/02/2018,16-39-01        [INFO]        Repair of TR/Crypt.XPACK.99aafb finished successfully.
  225. 07/02/2018,16-39-01        [INFO]        c:\users\cheng\desktop\infected\(8).exe
  226. 07/02/2018,16-39-01        [INFO]        [ACTION] Clean
  227. 07/02/2018,16-39-01        [INFO]        Repair of TR/Dropper.VB.0a09d8 started.
  228. 07/02/2018,16-39-04        [INFO]        Repair of TR/Dropper.VB.0a09d8 finished successfully.
  229. 07/02/2018,16-39-05        [INFO]        c:\users\cheng\desktop\infected\(9).exe
  230. 07/02/2018,16-39-05        [INFO]        [ACTION] Clean

  232. ---------------------------------------------------------

  234. End of scan : 2018-07-02 16:39:05
  235. Duration : 03m:36s:550ms

  237. The scan has been done completely.

  239.       1 Scanned directories
  240.       5 Scanned archives
  241.      30 Scanned files
  242.       0 Skipped files
  243.       0 Ignored files
  244.      30 Detected files
  245.      30 Infected files cleaned
  246.       0 Warnings

  248. ---------------------------------------------------------
复制代码


回复

举报

下一页 »
1234567下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-1 02:44 , Processed in 0.116483 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表