本帖最后由 小飞侠.net 于 2017-8-28 09:38 编辑
金山毒霸--(Windows XP SP3)
扫描时间:[2017-08-28 09:21:39]
扫描用时:[00:00:06]
扫描类型:自定义查杀
扫描文件总数:10
扫描速度:1文件/秒
发现威胁:5个
清除威胁:5个
=============================================
[2017-08-28 09:21:51]
威胁:c:\users\admin\desktop\avtest100\218f9ed1up0825\170825\170825-8.ransom.russian.exe.infected
类型:win32.troj.undef.(kcloud)
处理方式:删除
[2017-08-28 09:21:51]
威胁:c:\users\admin\desktop\avtest100\218f9ed1up0825\170825\170825-9.ransom.kovter.exe.infected
类型:win32.heur.kvmh008.a.(kcloud)
处理方式:删除
[2017-08-28 09:21:51]
威胁:c:\users\admin\desktop\avtest100\218f9ed1up0825\170825\170825-3.backdoor.spamtool.exe.infected
类型:win32.troj.generic_a.a.(kcloud)
处理方式:删除
[2017-08-28 09:21:51]
威胁:c:\users\admin\desktop\avtest100\218f9ed1up0825\170825\170825-1.backdoor.bladabindi.exe.infected
类型:heur.ssc.1633263.1216.(kcloud)
处理方式:删除
[2017-08-28 09:21:51]
威胁:c:\users\admin\desktop\avtest100\218f9ed1up0825\170825\170825-2.backdoor.bladabindi.exe.infected
类型:heur.ssc.1621285.1216.(kcloud)
处理方式:删除
火绒安全---(Windows 10 Creators Update(Redstone 2)....):
病毒库:2017/08/25 16:20
开始时间:2017/08/26 22:46
总计用时:00:00:05
扫描对象:46个
扫描文件:10个
发现风险:6个
已处理风险:6个
发现系统修复项:0个
处理系统修复项:0个
病毒详情
[mw_shl_code=javascript,true]风险路径:C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-1.Backdoor.Bladabindi.exe.infected, 病毒名:Backdoor/Bladabindi.l, 病毒ID:[7debbd141a975060], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-2.Backdoor.Bladabindi.exe.infected, 病毒名:Backdoor/Bladabindi.l, 病毒ID:[7debbd141a975060], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-5.Backdoor.Trickster.exe.infected, 病毒名:Trojan/Generic!25895C7E3F937688, 病毒ID:[25895c7e3f937688], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-6.Ransom.Locky.exe.infected, 病毒名:HVM:Trojan/MalBehav.gen!E, 病毒ID:[8d1593ba2838fa52], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-3.Backdoor.SpamTool.exe.infected, 病毒名:Trojan/Spamzb, 病毒ID:[a6f63941f1ce5ab], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-9.Ransom.Kovter.exe.infected, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已处理
[/mw_shl_code]
瑞星---(Windows 10 Creators Update(Redstone 2)....):云引擎(开)RDM+(开)
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Aug 10 2016 14:44:33
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 命令行中的选项开关:-output-json -log=C:\瑞星新引擎\ScanLog_170826224002.log
* 初始化云引擎组件 ...
* 加载恶软签名库: C:\瑞星新引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 2703
* 读取恶软签名库配置 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825
扫描开始: Sat Aug 26 22:40:21 2017
[mw_shl_code=javascript,true]{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-3.Backdoor.SpamTool.exe.infected","infect":{"engine":"cloud","threat":"Malware.Generic.5!tfe-BW76cCr0GjP"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-10.Trojan.DarkSoda.exe.infected","infect":{"engine":"cloud","threat":"Trojan.Kryptik!8.8-79VYBtcy8LJ"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-4.Keylogger.NanoBot.exe.infected","infect":{"engine":"cloud","threat":"Backdoor.NanoBot!8.28C-IAFpSnQE96J"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-5.Backdoor.Trickster.exe.infected","infect":{"engine":"cloud","threat":"Trojan.GenKryptik!8.AA55-LxhK74Q9z9I"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-2.Backdoor.Bladabindi.exe.infected","infect":{"engine":"classic","threat":"Backdoor.MSIL.Bladabindi!1.9E49"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-1.Backdoor.Bladabindi.exe.infected","infect":{"engine":"classic","threat":"Backdoor.MSIL.Bladabindi!1.9E49"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-6.Ransom.Locky.exe.infected","infect":{"engine":"cloud","threat":"Malware.Undefined!8.C-k9l1MhJnZeP"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-7.Ransom.Gryphon.exe.infected","infect":{"engine":"cloud","threat":"Ransom.Betisrypt!8.E6B2-4WwgAbZbbYE"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-9.Ransom.Kovter.exe.infected","infect":{"engine":"cloud","threat":"Trojan.GenKryptik!8.AA55-rFTodBD5DFR"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\218F9ED1up0825\\170825\\170825-8.Ransom.Russian.exe.infected","infect":{"engine":"cloud","threat":"Malware.Generic.5!tfe-RAPLJza51IK"},"type":"scan"}[/mw_shl_code]
扫描结束: Sat Aug 26 22:40:22 2017
总共耗时: 0:0:636(m:s:ms)
总扫描文件: 10
总恶意文件: 10
有效检出率: 100.00%
X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 2)....):
Start Time: Sat Aug 26 22:36:16 2017
Scan Type: Custom Scan
Scan Target: C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825
Heuristic Engine: Enabled
Cloud Engine: Enabled
Resolve Threats: Scan only
Database Version: 2017.08.25.01
[mw_shl_code=javascript,true]C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-1.Backdoor.Bladabindi.exe.infected -> Backdoor.Win32.Bladabindi.A
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-10.Trojan.DarkSoda.exe.infected -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-2.Backdoor.Bladabindi.exe.infected -> Backdoor.Win32.Bladabindi.A
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-3.Backdoor.SpamTool.exe.infected -> Cloud:Trojan.Win32.Spammer
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-4.Keylogger.NanoBot.exe.infected -> Cloud:Backdoor.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-5.Backdoor.Trickster.exe.infected -> Cloud:Trojan.Win32.Trickbot
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-6.Ransom.Locky.exe.infected -> Cloud:Trojan.Win32.Ransom
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-7.Ransom.Gryphon.exe.infected -> Trojan.Win32.Ransom.BA
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-8.Ransom.Russian.exe.infected -> Malware.Win32.Generic!MS
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-9.Ransom.Kovter.exe.infected -> Cloud:Trojan.Win32.Injector[/mw_shl_code]
Elapsed Time: 00:00:24
Total File: 10
Skipped File: 0
Infected File: 10
Emsisoft Emergency Kit - 版本 2017.6
上次更新: 2017/8/26 22:26:15
用户帐号: TECLAST\Admin
Computer name: TECLAST
OS version: Windows 10x64
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: On
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2017/8/26 22:32:01
[mw_shl_code=javascript,true]C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-10.Trojan.DarkSoda.exe.infected 发现病毒: Trojan.Crypt (A) [290014]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-1.Backdoor.Bladabindi.exe.infected 发现病毒: Generic.MSIL.Bladabindi.BEB10081 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-2.Backdoor.Bladabindi.exe.infected 发现病毒: Generic.MSIL.Bladabindi.09294ECE (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-5.Backdoor.Trickster.exe.infected 发现病毒: Trojan.Trickbot (A) [289993]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-4.Keylogger.NanoBot.exe.infected 发现病毒: Gen:Variant.Razy.178832 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-7.Ransom.Gryphon.exe.infected 发现病毒: Generic.Ransom.BTCWare.F6469E53 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-9.Ransom.Kovter.exe.infected 发现病毒: Trojan.GenericKD.5893866 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-6.Ransom.Locky.exe.infected 发现病毒: Trojan.Ransom.BTI (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-8.Ransom.Russian.exe.infected 发现病毒: Gen:Trojan.Heur.2mKfXadFIYgc (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\218F9ED1up0825\170825\170825-3.Backdoor.SpamTool.exe.infected 发现病毒: Generic.Malware.FM!Ydoe.E68A6F99 (B) [krnl.xmd][/mw_shl_code]
已扫描 2012
发现 10
扫描完成后: 2017/8/26 22:32:17
扫描时间: 0:00:16
360 Total Security扫描日志
扫描时间:2017-08-26 22:17:02
扫描用时:00:00:34
扫描项目总数:10
威胁总数:8
处理威胁数:0
扫描选项
----------------------
扫描压缩包:是
常规引擎设置:Bitdefender引擎, 小红伞引擎
扫描内容
----------------------
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾1\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825.7z
文件大小: 3.69 MB (3,877,577 字节)
修改时间: 2017年08月26日,22:12:50
MD5: B3D6F74419C88C1D46AE415AA925B95C
SHA1: 4A9C9B0A11866AED01AB1C5847F202B139D584A1
SHA256: 9784A49BA79ECD72D200E2526B7DE78F7F38B82BA5FF80B0BAC77C27E36779B7
SHA512: 151ABECD1B4B1DA4CEF223964F743E1D7A26BC7A08B42A87E085477C89127AB92BAD9EA2216089CD918DB0264AC5475F10F78991FB2FEDCDC930D8C5E591B380
CRC32: 218F9ED1
计算时间: 0.11s
扫描结果
======================
高风险项目
----------------------
[mw_shl_code=javascript,true]C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-1.Backdoor.Bladabindi.exe.infected Win32/Trojan.Dropper.fae 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-2.Backdoor.Bladabindi.exe.infected Win32/Trojan.253 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-3.Backdoor.SpamTool.exe.infected Win32/Trojan.26f 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-4.Keylogger.NanoBot.exe.infected Win32/Trojan.a96 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-5.Backdoor.Trickster.exe.infected Trojan.Generic 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-6.Ransom.Locky.exe.infected Win32/Trojan.Multi.daf 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-7.Ransom.Gryphon.exe.infected Trojan.Generic 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\170825\170825-8.Ransom.Russian.exe.infected Win32/Trojan.e6d 未处理[/mw_shl_code]
|
楼主: 神龟Turmi
[复制链接]
发表于 2017-8-25 21:31:02
