本帖最后由 小飞侠.net 于 2017-7-9 22:50 编辑
,,, ,,,
瑞星---(Windows 10 Creators Update(Redstone 2)....):云引擎(开)RDM+(开)
22:39 2017/7/9
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Aug 10 2016 14:44:33
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 命令行中的选项开关:-output-json -log=C:\瑞星新引擎\ScanLog_170709223741.log
* 初始化云引擎组件 ...
* 加载恶软签名库: C:\瑞星新引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 2416
* 读取恶软签名库配置 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 扫描目标 : (1) C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42
扫描开始: Sun Jul 09 22:38:02 2017
[mw_shl_code=javascript,true]{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-1.Backdoor.Bladabindi.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-10.Hacktool.ZvRAT.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-2.Trojan.FGN-9abbf8.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-3.Backdoor.XTRat.exe.infected","infect":{"engine":"classic","threat":"Backdoor.Xtrat!1.6A25"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-1.Backdoor.Bladabindi.exe.infected","infect":{"engine":"classic","threat":"Backdoor.MSIL.Bladabindi!1.9E49"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-3.Backdoor.XTRat.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-4.Hacktool.BruteForce.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-2.Trojan.FGN-9abbf8.exe.infected","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-5.PUP.InstallCore.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-5.PUP.InstallCore.exe.infected","infect":{"engine":"cloud","threat":"PUA.InstallCore!8.8B-83tonvgNLjU"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-6.Trojan.Swrort.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-4.Hacktool.BruteForce.exe.infected","infect":{"engine":"cloud","threat":"Trojan.Generic-CtgHOGdwVsS"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-7.Trojan.FGN-520e30.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-10.Hacktool.ZvRAT.exe.infected","infect":{"engine":"thunder","threat":"Malware.Generic!OgqftVsoZWG@3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-8.Ransom.FBI.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-6.Trojan.Swrort.exe.infected","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-9.Spyware.Ursnif.exe.log","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-7.Trojan.FGN-520e30.exe.infected","infect":{"engine":"rdm+","threat":"Malware.Heuristic!ET"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-9.Spyware.Ursnif.exe.infected","infect":{"engine":"cloud","threat":"Malware.Undefined!8.C-NdvUaOmnvwO"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\卡巴斯基\\170709up39576a42\\170709\\170709-8.Ransom.FBI.exe.infected","infect":{"engine":"rdm+","threat":"Malware.Heuristic!ET"},"type":"scan"}[/mw_shl_code]
扫描结束: Sun Jul 09 22:38:05 2017
总共耗时: 0:2:382(m:s:ms)
总扫描文件: 20
总恶意文件: 8
有效检出率: 40.00%
火绒安全---(Windows 10 Creators Update(Redstone 2)....):
病毒库:2017/07/07 15:52
开始时间:2017/07/09 22:40
总计用时:00:00:14
扫描对象:70个
扫描文件:20个
发现风险:6个
已处理风险:6个
发现系统修复项:0个
处理系统修复项:0个
病毒详情
[mw_shl_code=javascript,true]风险路径:C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42\170709\170709-1.Backdoor.Bladabindi.exe.infected, 病毒名:Backdoor/Bladabindi.l, 病毒ID:[7debbd141a975060], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42\170709\170709-3.Backdoor.XTRat.exe.infected, 病毒名:Backdoor/Delf.f, 病毒ID:[d2fbe0f33cf44657], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42\170709\170709-5.PUP.InstallCore.exe.infected, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42\170709\170709-7.Trojan.FGN-520e30.exe.infected, 病毒名:HVM:Trojan/Injector.gen!A, 病毒ID:[cc4a875f53a5d678], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42\170709\170709-10.Hacktool.ZvRAT.exe.infected, 病毒名:Ransom/Genasom.f, 病毒ID:[ab94771133cbceff], 处理结果:已处理
风险路径:C:\Users\Admin\Desktop\卡巴斯基\170709up39576a42\170709\170709-9.Spyware.Ursnif.exe.infected, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已处理[/mw_shl_code]
360杀毒扫描日志
病毒库版本:2017-07-08 18:40
扫描时间:2017-07-09 22:15:35
扫描用时:00:00:15
扫描类型:右键扫描
扫描文件总数:20
项目总数:5
清除项目数:0
扫描选项
----------------------
扫描所有文件:是
扫描压缩包:是
发现病毒处理方式:由用户选择处理
扫描磁盘引导区:是
扫描 Rootkit:是
使用云查杀引擎:是
使用QVM人工智能引擎:是
扫描建议修复项:是
常规引擎设置:Avira(小红伞)
扫描内容
----------------------
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\刘3212\艾200\61647309\85014225\孙个5\Windows Defender\AVTestZipX\170709.zip
文件大小: 4.56 MB (4,786,262 字节)
修改时间: 2017年07月09日,22:13:32
MD5: 0ef09debbe6f3ce1e5787f8b6d4c794f
SHA1: 38db8023dabd95946977d318c5c983e8164e0fba
SHA256: aaa5ff6bb5b78efd446e479bed3c73194657d765cfe460b17c603dba52945ba3
CRC32: 39576a42
计算时间: 0.36s
扫描结果
======================
高危风险项
----------------------
[mw_shl_code=javascript,true]C:\Users\xfxnet2000\Desktop\MX Player Pro\刘3212\艾200\61647309\85014225\孙个5\Windows Defender\AVTestZipX\170709\170709-1.Backdoor.Bladabindi.exe.infected TR.Dropper.Gen7 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘3212\艾200\61647309\85014225\孙个5\Windows Defender\AVTestZipX\170709\170709-10.Hacktool.ZvRAT.exe.infected TR.Crypt.XPACK.Gen3 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘3212\艾200\61647309\85014225\孙个5\Windows Defender\AVTestZipX\170709\170709-3.Backdoor.XTRat.exe.infected 后门程序(Backdoor.Win32.Xtreme.A) 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘3212\艾200\61647309\85014225\孙个5\Windows Defender\AVTestZipX\170709\170709-7.Trojan.FGN-520e30.exe.infected QVM10.1.C1A5.Malware.Gen 未处理
C:\Users\xfxnet2000\Desktop\MX Player Pro\刘3212\艾200\61647309\85014225\孙个5\Windows Defender\AVTestZipX\170709\170709-9.Spyware.Ursnif.exe.infected QVM10.1.C1A5.Malware.Gen 未处理[/mw_shl_code]
|