10X

就只穿秋裤

智量 0X更新 2021.8.22 8.30
智量 10X

846472713

就只穿秋裤 发表于 2021-8-21 23:20
智量 0X

没蹲

Nocria

IKARUS - 8/10

1. [21.08.2021 23:53:44] On-demand scan started: "user_defined"
   
2. [21.08.2021 23:53:44] Found, 0.94s, SigName: "Trojan.Win64.Rozena", SigId: 4095209, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\1451e1b90127c39b62017acf0e24a2e51fbec05d511bbd2c5acf6c21a98af2dd"
   
3. [21.08.2021 23:53:45] Found, 0.172s, SigName: "Trojan.WinGo.Rozena", SigId: 4141755, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\15279c81a517bc0c5360ae3b62bdef844abd52345e80026a7d8af58f94119714"
   
4. [21.08.2021 23:53:45] Found, 0.93s, SigName: "Trojan.WinGo.Rozena", SigId: 4141755, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\4507794cb49aecf676e18dc442525075eee714b93fc72765f1b7d77a385eb201"
   
5. [21.08.2021 23:53:45] Found, 0.63s, SigName: "Trojan.WinGo.Rozena", SigId: 4141755, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\4fae13004adf710edbc393aea75506d164206b4ad5d561b8f4181b11aed034bf"
   
6. [21.08.2021 23:53:45] Found, 0.78s, SigName: "Trojan.Win64.Rozena", SigId: 4095209, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\5127d318b91dce800563cb3e6ab00d4ed6cbf2f5d2721d9f277b3a9640a8323a"
   
7. [21.08.2021 23:53:45] Found, 0.78s, SigName: "Trojan.WinGo.Rozena", SigId: 4141755, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\520093df7732765871b0c59c316d2d7e842ce1f2ad0f3027571f62fc5cb6882f"
   
8. [21.08.2021 23:53:45] Found, 0.63s, SigName: "Trojan.Win64.Rozena", SigId: 4095209, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\8b051b7659186a44e1fce6ad43859d84170557231f3b6775e4ad5c18b0337124"
   
9. [21.08.2021 23:53:45] Found, 0.62s, SigName: "Trojan.WinGo.Rozena", SigId: 4141755, Type: "VIRUS", File: "C:\Users\promi\Desktop\10X\c5e6cee3b4600eaf3855b606946ff7c1fb7df1e20efe0d49824fce5f00e258f8"
   
10. [21.08.2021 23:53:45] On-demand scan FINISHED: "user_defined"
    
11. [21.08.2021 23:53:45] ----------------------------------------------------
    
12. [21.08.2021 23:53:45] Directories scanned: 1
    
13. [21.08.2021 23:53:45] Files scanned: 10
    
14. [21.08.2021 23:53:45] Virus found: 8
    
15. [21.08.2021 23:53:45] ----------------------------------------------------

复制代码

ANY.LNK

Microsoft Defender：解压+扫描杀3个，把后缀名更改为exe后清空

anthonyqian

BD 剩余4个

15279c81a517bc0c5360ae3b62bdef844abd52345e80026a7d8af58f94119714 is infected with DeepScan:Generic.Exploit.Shellcode.2.C06D124F
4507794cb49aecf676e18dc442525075eee714b93fc72765f1b7d77a385eb201 is infected with DeepScan:Generic.Exploit.Shellcode.2.3A51A905
520093df7732765871b0c59c316d2d7e842ce1f2ad0f3027571f62fc5cb6882f is infected with DeepScan:Generic.Exploit.Shellcode.2.E6E44B22
8b051b7659186a44e1fce6ad43859d84170557231f3b6775e4ad5c18b0337124 is infected with Gen:Variant.Bulz.303426
c5e6cee3b4600eaf3855b606946ff7c1fb7df1e20efe0d49824fce5f00e258f8 is infected with Gen:Variant.Bulz.225391
e53158fd922d87cbc9ec13a7c4f63d5b4da73d08c1470a4ea1b96c3b77174eaf is infected with Trojan.GenericKD.46821639

暗_黑

1. 扫描时间：[2021-08-22 07:39:33]
   
2. 扫描用时：[00:00:03]
   
3. 云查用时：[00:00:01]
   
4. 扫描类型：自定义扫描
   
5. 扫描文件总数：10个
   
6. 扫描速度：3个文件/秒
   
7. 发现威胁：9个
   
8. 清除威胁：9个
   
9. =============================================
   
10. 威胁：E:\10X\1451e1b90127c39b62017acf0e24a2e51fbec05d511bbd2c5acf6c21a98af2dd
    
11. 类型：Trojan/Win32.Wacatac(ACloud)
    
12. 文件 MD5：94CA1446278F11406C7F936736384326
    
13. 处理方式：删除
    
14. 
    
15. 威胁：E:\10X\15279c81a517bc0c5360ae3b62bdef844abd52345e80026a7d8af58f94119714
    
16. 类型：Trojan/Win64.Shelma(ACloud)
    
17. 文件 MD5：1C3E371DA2FF1A2242BA096CB1C21131
    
18. 处理方式：删除
    
19. 
    
20. 威胁：E:\10X\4507794cb49aecf676e18dc442525075eee714b93fc72765f1b7d77a385eb201
    
21. 类型：Trojan/Win64.Shelma(ACloud)
    
22. 文件 MD5：F882CB39B8A21BF58F070BB3F97B1DB8
    
23. 处理方式：删除
    
24. 
    
25. 威胁：E:\10X\4fae13004adf710edbc393aea75506d164206b4ad5d561b8f4181b11aed034bf
    
26. 类型：Trojan/Win64.Shelma(ACloud)
    
27. 文件 MD5：E9041284C45ABFAF76AB64E5C83761EC
    
28. 处理方式：删除
    
29. 
    
30. 威胁：E:\10X\5127d318b91dce800563cb3e6ab00d4ed6cbf2f5d2721d9f277b3a9640a8323a
    
31. 类型：Trojan/Win32.Wacatac(ACloud)
    
32. 文件 MD5：478C49247C526A943883D61AB2A0F464
    
33. 处理方式：删除
    
34. 
    
35. 威胁：E:\10X\520093df7732765871b0c59c316d2d7e842ce1f2ad0f3027571f62fc5cb6882f
    
36. 类型：Trojan/Win64.Shelma(ACloud)
    
37. 文件 MD5：9F2382EFBF1DB7053BE1E51A6B25E96A
    
38. 处理方式：删除
    
39. 
    
40. 威胁：E:\10X\8b051b7659186a44e1fce6ad43859d84170557231f3b6775e4ad5c18b0337124
    
41. 类型：Trojan/Win32.Wacatac(ACloud)
    
42. 文件 MD5：4F0510BE25861DD108968742EF74C544
    
43. 处理方式：删除
    
44. 
    
45. 威胁：E:\10X\c5e6cee3b4600eaf3855b606946ff7c1fb7df1e20efe0d49824fce5f00e258f8
    
46. 类型：Trojan/Win64.Shelma(ACloud)
    
47. 文件 MD5：3CDA1C69E8E112CBB0F9A17FA0922BF8
    
48. 处理方式：删除
    
49. 
    
50. 威胁：E:\10X\e7867d0d35cd92e58600af23d83cae9d2a68d412d87a6a76a7d168d63b4bf2f7
    
51. 类型：GrayWare/Win32.Wacapew(ACloud)
    
52. 文件 MD5：57F4A0CF64223BE517A39D138ABB35DE
    
53. 处理方式：删除

复制代码

就只穿秋裤

846472713 发表于 2021-8-21 23:22
没蹲

应该是蹲了 10X我刚刚测了一下

846472713

就只穿秋裤 发表于 2021-8-22 08:42
应该是蹲了 10X我刚刚测了一下

YYDS

ELOHIM

ANY.LNK 发表于 2021-8-22 01:26
Microsoft Defender：解压+扫描杀3个，把后缀名更改为exe后清空

啊？微软也后缀后识别了吗？？？这么低级了吗？咦。。。。

ANY.LNK

ELOHIM 发表于 2021-8-22 09:35
啊？微软也后缀后识别了吗？？？这么低级了吗？咦。。。。

微软不依赖于后缀名识别，它有自己的文件类型识别方法。这种状况似乎只出现在用exolorer.exe访问exe的情况下，explorer.exe在尝试加载文件的详细信息如文件图标，属性时会出现这种状况，可能是因为这种状况就像双击执行了文件，会启动额外的分析流程
PS：右键>属性似乎可以起到类似的作用（对所有文件有效）