本帖最后由 小飞侠.net 于 2017-10-10 10:16 编辑
X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 2)....):
Start Time: Tue Oct 10 10:12:21 2017
Scan Type: Custom Scan
Scan Target: C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009
Heuristic Engine: Enabled
Cloud Engine: Enabled
Resolve Threats: Scan only
Database Version: 2017.10.09.01
[mw_shl_code=javascript,true]C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-1.Ransom.Locky.exe.infected -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-10.Trojan.Nanocore.exe.infected -> Cloud:Backdoor.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-2.Exploit.Powerload.doc.infected -> Cloud:Macro.MSWord.Downloader
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-3.Ransom.Refinka.exe.infected -> Cloud:Trojan.Win32.Ransom
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-4.Trojan.Autoit.exe.infected -> Trojan.Win32.Autoit.Bc
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-5.Exploit.Powerload.xls.infected -> Cloud:Macro.MSExcel.Downloader
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-6.Phishing.Generic.pdf.infected -> Cloud:Trojan.PDF.Phishing
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-7.Trojan.Coinminer.exe.infected -> Trojan.Win32.CoinMiner.Ad
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-9.Ransom.Locky.exe.infected -> Cloud:Trojan.Win32.Ransom[/mw_shl_code]
Elapsed Time: 00:00:15
Total File: 10
Skipped File: 1
Infected File: 9
Emsisoft Emergency Kit - 版本 2017.8
上次更新: 2017/10/10 10:00:22
用户帐号: TECLAST\Admin
Computer name: TECLAST
OS version: Windows 10x64
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: On
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2017/10/10 10:10:06
[mw_shl_code=javascript,true]C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-10.Trojan.Nanocore.exe.infected 发现病毒: Trojan.Crypt (A) [290751]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-1.Ransom.Locky.exe.infected 发现病毒: Trojan.Agent (A) [290750]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-3.Ransom.Refinka.exe.infected 发现病毒: Trojan.GenericKDZ.40579 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-5.Exploit.Powerload.xls.infected 发现病毒: X97m.Downloader.DM
(B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-2.Exploit.Powerload.doc.infected 发现病毒: Trojan.Agent.COEO (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-4.Trojan.Autoit.exe.infected 发现病毒: Trojan.Agent.COEP (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-6.Phishing.Generic.pdf.infected 发现病毒: Trojan.Agent.COEQ (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-8.Java.Adwind.jar.infected 发现病毒: Trojan.Agent.COES (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-9.Ransom.Locky.exe.infected 发现病毒: Trojan.GenericKD.12468067 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-7.Trojan.Coinminer.exe.infected 发现病毒: Trojan.Agent.COER (B) [krnl.xmd][/mw_shl_code]
已扫描 2155
发现 10
扫描完成后: 2017/10/10 10:10:24
扫描时间: 0:00:18
瑞星---(Windows 10 Creators Update(Redstone 2)....):云引擎(开)RDM+(开)
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Sep 22 2017 15:07:50
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\community.x64.release\ScanLog_171010100735.log
* 获取恶软签名库最新版本 ...
* 恶软签名库升级失败
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009
* 加载恶软签名库: C:\瑞星RDM+引擎\community.x64.release/malware.rmd
* 恶软签名库加载成功,发布序号为 2927
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Tue Oct 10 10:07:37 2017
[mw_shl_code=javascript,true]{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-5.Exploit.Powerload.xls.infected","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-2.Exploit.Powerload.doc.infected","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-1.Ransom.Locky.exe.infected","infect":{"engine":"sha1","signature":"c2hhMToP2xkubPjBDDrFQhVfUJNOwnDCZg","threat":"Trojan.Ransom-Locky!8.4655"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-3.Ransom.Refinka.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTrY62gF4MOctYpFnccbMujT94XmAw","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-10.Trojan.Nanocore.exe.infected","infect":{"engine":"rdmk","signature":"cmRtazpNja+P/4o9jyo+ORDLFWCi","threat":"Malware.Heuristic!ET#97%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-4.Trojan.Autoit.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTrfP7D49FMX8VaAX1UgDqmRVTIEbw","threat":"Trojan.Autoit!8.150"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-9.Ransom.Locky.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTp/0ajaVamaZybt6ySXN4rNGhlD8A","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-7.Trojan.Coinminer.exe.infected","infect":{"engine":"sha1","signature":"c2hhMTrn7/uS7UAfqfxXGgcgDHJ0gsyh+w","threat":"Malware.Heuristic!ET#100%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-6.Phishing.Generic.pdf.infected","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\84A2D531Up1009\\17.10.9\\171009-8.Java.Adwind.jar.infected","type":"scan"}[/mw_shl_code]
扫描结束: Tue Oct 10 10:07:39 2017
总扫描耗时: 0:1:276(m:s:ms)
总扫描对象: 116
总扫描文件: 10
总恶意文件: 6
有效检出率: 60.00%
360 Total Security扫描日志
扫描时间:2017-10-10 10:04:42
扫描用时:00:00:21
扫描项目总数:10
威胁总数:3
处理威胁数:0
扫描选项
----------------------
扫描压缩包:是
常规引擎设置:Bitdefender引擎, 小红伞引擎
扫描内容
----------------------
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\
扫描结果
======================
高风险项目
----------------------
[mw_shl_code=javascript,true]C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-4.Trojan.Autoit.exe.infected Win32/Trojan.97a 未处理
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-9.Ransom.Locky.exe.infected Trojan.Generic 未处理
C:\Users\Admin\Desktop\AVtest100\84A2D531Up1009\17.10.9\171009-3.Ransom.Refinka.exe.infected Win32/Trojan.Generic.060 未处理
[/mw_shl_code]
火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。
病毒库:2017/10/09 15:58
开始时间:2017/10/10 09:52
总计用时:00:00:17
扫描对象:298个
扫描文件:10个
发现风险:4个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\刘\艾\61647309\85014225\孙\Windows Defender\AVTestZipX\17.10.9.7z
文件大小: 4.90 MB (5,138,537 字节)
修改时间: 2017年10月10日,09:52:12
MD5: ABB82E3330BF7654EF3CEC38A9FA84E0
SHA1: 72FBF1B2900F2B644E85543FEB5DFEBF1784FD1D
SHA256: 47B71BCEC109ACEFD3B870798B34D93394FBD803AAB66B2807F647E16C4B75C4
SHA512: 432DC5DF1FBCDF72FF70580ED8C693B7C88B001A6CF1FD20DB55E49AABB05903698AD9F4C286104BB7F2BF143F8D1231F1034E6BB7EB846BEE725EDAEAAB474D
CRC32: 84A2D531
计算时间: 0.14s
病毒详情
[mw_shl_code=javascript,true]风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘0\艾2\61647309\85014225\孙在\Windows Defender\AVTestZipX\17.10.9\171009-1.Ransom.Locky.exe.infected, 病毒名:VirTool/Kovter.p, 病毒ID:[e92bbf97494898d2], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘0\艾2\61647309\85014225\孙在\Windows Defender\AVTestZipX\17.10.9\171009-5.Exploit.Powerload.xls.infected, 病毒名:HEUR:OMacro/Obfuscated.c, 病毒ID:[7e6f1720bf6936fa], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘0\艾2\61647309\85014225\孙在\Windows Defender\AVTestZipX\17.10.9\171009-3.Ransom.Refinka.exe.infected, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘0\艾2\61647309\85014225\孙在\Windows Defender\AVTestZipX\17.10.9\171009-9.Ransom.Locky.exe.infected, 病毒名:HVM:Trojan/MalBehav.gen!E, 病毒ID:[8d1593ba2838fa52], 处理结果:已忽略[/mw_shl_code]
|
楼主: 神龟Turmi
[复制链接]
发表于 2017-10-9 22:06:31
