样本 9X 建议双击

ICzcz

Eset小粉絲 发表于 2022-1-1 15:38
别误会了 EIS右键扫描全杀

ELG杀后会上传LiveGuard

杀毒名如果是机器自动分类那就是ELG联动杀

onedrive

NS 清空。

东南大学

Total virus records: 12596748
Key file: e:\GitHub\drwebwcl\drweb32u.key
License key number: 0010001862
License key activates on: 2000-05-25
License key expires on: unlimited
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd39b66a49_Wed21b2a734bc.exe infected with Trojan.PWS.Stealer.31945
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd39c69b8d_Wed21d4c3d7014c.exe infected with Trojan.Siggen16.711
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd39cc721a_Wed2109c432.exe infected with Trojan.Siggen16.21611
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd39e2d6be_Wed21d1a7ec40b.exe infected with Trojan.Inject4.22786
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd39f89ddb_Wed21116b92d2bd.exe\data002\cng1eLo2.NqM - read error!
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd3a1666d6_Wed218f7cc086.exe infected with Trojan.Siggen15.49720
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd3a273093_Wed21ef27adb87.exe\data002 is hacktool program Tool.PassView.1946
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd3a273093_Wed21ef27adb87.exe - archive contains infected objects
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd3a312b7c_Wed214688038.exe infected with Trojan.PWS.Stealer.30979
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd3a6a4c81_Wed21c81218e20.exe infected with Trojan.Siggen16.21678
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe\61ccd3a776e96_Wed21c10b0d50f6.exe infected with Trojan.PWS.Stealer.31713
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll\setup_installer.exe - archive contains infected objects
z:\VM\home\kafan\Downloads\test\9x\5140995a8c59efebdeb98bc22de7bb1482b59b67133e6ee73dad4bdb539c25d3.dll - archive contains infected objects
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed172d49eb873e.exe infected with Trojan.Siggen15.49720
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed172f9b636cafe9487.exe infected with Trojan.PWS.Stealer.31945
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed173b7a19cab3aff.exe infected with Trojan.Inject4.22786
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed175a9a82eb5a246d.exe\data002\~hue5Q.cpl - read error!
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed177ef1744829d3.exe infected with Trojan.PWS.Stealer.31713
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed1785156a2728.exe infected with Trojan.Siggen16.711
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed17a18d335fd3.exe\data002 is hacktool program Tool.PassView.1946
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed17a18d335fd3.exe - archive contains infected objects
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe\Wed17ac2d48d3.exe infected with Trojan.Siggen16.21468
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll\setup_installer.exe - archive contains infected objects
z:\VM\home\kafan\Downloads\test\9x\d15d6a843a7cdc423f1fe18b6abed37562139de2f1d85c2c9e8ee67a6562fec0.dll - archive contains infected objects
z:\VM\home\kafan\Downloads\test\9x\af890b72e50681eee069a7024c0649ac99f60e781cb267d4849dae4b310d59c1 infected with Trojan.PWS.Stealer.31713
z:\VM\home\kafan\Downloads\test\9x\K62331XTH2.tmp infected with Trojan.Siggen13.63807
Scan report for "z:\VM\home\kafan\Downloads\test\9x\*.*":
        Scanned:        341/333                 Cured: 0
Infected found:         18/16                Deleted: 0
  Modifications:          0/0                 Renamed: 0
     Suspicious:          0/0                   Moved: 0
         Adware:          0/0                 Ignored: 0
        Dialers:          0/0         
          Jokes:          0/0               Scan time: 0:02:18
       Riskware:          0/0              Scan speed: 10759 Kb/s
      Hacktools:          2/2              Scan ended: 16:30:00

大蜘蛛

swizzer

锁库智量kill all（其中一个dropper杀衍生物）
病毒库日期为12/8，如图：

anhthjeugja

emisoft kill all

ytysh

Ahnlab V3 Lite Kill All