f8f034e0929e32a918878bdb453131d9a28c69cf51f972ef9b554b9f1d4954db

360Tencent

https://www.welivesecurity.com/2 ... ain-attack-elmedia/

链接: https://pan.baidu.com/s/1kU6X8n9 密码: u3g5

和泉纱雾

剩余

bbs2811125

ESET 剩余2x
Version of virus signature database: 16281P (20171021)
Date: 2017/10/22  Time: 15:40:48
Scanned disks, folders and files: C:\Users\Administrator\Desktop\9x(11)\9x
C:\Users\Administrator\Desktop\9x(11)\9x\061f056338e00d38cdfb6b1f40d8e4f8d3f1d7214f6d9a48d0d91d766b7574b7 - a variant of OSX/Proton.C trojan - cleaned by deleting [1]
C:\Users\Administrator\Desktop\9x(11)\9x\2e6bb8fd7f983dd06fa0c5314a7b105354888f63c60a3205ade6d467cc620dc5 - OSX/Proton.D trojan - cleaned by deleting [1]
C:\Users\Administrator\Desktop\9x(11)\9x\2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7 » ZIP » Updater.app/Contents/MacOS/Updater - a variant of OSX/Proton.C trojan - deleted
C:\Users\Administrator\Desktop\9x(11)\9x\2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7 » ZIP » Updater.app/Contents/Resources/cb.py - OSX/Proton.C trojan - deleted
C:\Users\Administrator\Desktop\9x(11)\9x\2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7 » ZIP » Updater.app/Contents/Resources/ch.py - OSX/Proton.C trojan - deleted
C:\Users\Administrator\Desktop\9x(11)\9x\4d33f4a3c1cbf9cded6a3a096025d0b44905e0308bd3662a496a0701f2ec942d - OSX/Proton.D trojan - cleaned by deleting [1]
C:\Users\Administrator\Desktop\9x(11)\9x\553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad » ZIP » Updater.app/Contents/MacOS/Updater - OSX/Proton.C trojan - deleted
C:\Users\Administrator\Desktop\9x(11)\9x\553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad » ZIP » Updater.app/Contents/Resources/cb.py - OSX/Proton.C trojan - deleted
C:\Users\Administrator\Desktop\9x(11)\9x\553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad » ZIP » Updater.app/Contents/Resources/ch.py - OSX/Proton.C trojan - deleted
C:\Users\Administrator\Desktop\9x(11)\9x\c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b - OSX/Proton.C trojan - cleaned by deleting [1]
C:\Users\Administrator\Desktop\9x(11)\9x\cb3be20d5de9ae45ec959bc9afa93018ec5f4dd80368a707bc654fab87378452 - OSX/Proton.C trojan - cleaned by deleting [1]

FS清空剩余

结果: 发现 2 个恶意软件[size=13.3333px]Trojan.MAC.Proton.F[size=13.3333px] (病毒)

• C:\Users\Administrator\Desktop\9x(11)\9x\f9933dfc18107383b4093206daba283d106f86acb6284c92632f5a43143040c6 操作： 删除
  

[size=13.3333px]Trojan.MAC.Proton.E[size=13.3333px] (病毒)

• C:\Users\Administrator\Desktop\9x(11)\9x\247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff 操作： 删除
  

Jirehlov1234

bd2018

1. BitDefender Log File
   
2. 
   
3. 
   
4. Product : Bitdefender Total Security
   
5. Scanning task : Contextual Scan
   
6. Log date : 2017年10月22日 星期日 15:41:16
   
7. Log path : C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\S-1-5-21-599675597-2432450030-2575149376-500\2ab858ed-450b-4bb6-b67c-8e3c45ec13ac\1508658050_1_02.xml
   
8. 
   
9. 
   
10. Scan Paths:
    
11. Path : E:\TEST\9x
    
12. 
    
13. 
    
14. [-]Scan Results
    
15. 
    
16. [-]Resolved issues:
    
17. Object Path Threat Name Final Status
    
18. 
    
19. E:\TEST\9x\553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad=>Updater.app/Contents/Resources/cb.py Trojan.MAC.Proton.F Deleted
    
20. E:\TEST\9x\2e6bb8fd7f983dd06fa0c5314a7b105354888f63c60a3205ade6d467cc620dc5 Trojan.MAC.Proton.F Deleted
    
21. E:\TEST\9x\553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad=>Updater.app/Contents/MacOS/Updater Trojan.MAC.Proton.F Deleted
    
22. E:\TEST\9x\061f056338e00d38cdfb6b1f40d8e4f8d3f1d7214f6d9a48d0d91d766b7574b7 Trojan.MAC.Proton.F Deleted
    
23. E:\TEST\9x\247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff=>(Disk Image)=>(disk image)=>=>Elmedia Player=>Elmedia Player.app=>Contents=>Resources=>.pl.zip=>Updater.app/Contents/MacOS/Updater Trojan.MAC.Proton.F Moved to Quarantine
    
24. E:\TEST\9x\4d33f4a3c1cbf9cded6a3a096025d0b44905e0308bd3662a496a0701f2ec942d Trojan.MAC.Proton.F Deleted
    
25. E:\TEST\9x\247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff=>(Disk Image)=>(disk image)=>/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player Trojan.MAC.Proton.E Moved to Quarantine
    
26. E:\TEST\9x\553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad=>Updater.app/Contents/Resources/ch.py Trojan.MAC.Proton.F Deleted
    
27. E:\TEST\9x\cb3be20d5de9ae45ec959bc9afa93018ec5f4dd80368a707bc654fab87378452 Trojan.MAC.Proton.F Deleted
    
28. E:\TEST\9x\2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7=>Updater.app/Contents/MacOS/Updater Trojan.MAC.Proton.F Deleted
    
29. E:\TEST\9x\247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff=>(Disk Image)=>(disk image)=>=>Elmedia Player=>Elmedia Player.app=>Contents=>Resources=>.pl.zip=>Updater.app/Contents/Resources/cb.py Trojan.MAC.Proton.F Moved to Quarantine
    
30. E:\TEST\9x\f9933dfc18107383b4093206daba283d106f86acb6284c92632f5a43143040c6 Trojan.MAC.Proton.F Deleted
    
31. E:\TEST\9x\c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b=>(Disk Image)=>(disk image)=>/Elmedia Player/Elmedia Player.app/Contents/MacOS/Elmedia Player Trojan.MAC.Proton.F Moved to Quarantine
    
32. E:\TEST\9x\c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b=>(Disk Image)=>(disk image)=>=>Elmedia Player=>Elmedia Player.app=>Contents=>Resources=>.pl.zip=>Updater.app/Contents/Resources/ch.py Trojan.MAC.Proton.F Moved to Quarantine
    
33. E:\TEST\9x\2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7=>Updater.app/Contents/Resources/cb.py Trojan.MAC.Proton.F Deleted
    
34. E:\TEST\9x\c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b=>(Disk Image)=>(disk image)=>=>Elmedia Player=>Elmedia Player.app=>Contents=>Resources=>.pl.zip=>Updater.app/Contents/MacOS/Updater Trojan.MAC.Proton.F Moved to Quarantine
    
35. E:\TEST\9x\2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7=>Updater.app/Contents/Resources/ch.py Trojan.MAC.Proton.F Deleted
    
36. E:\TEST\9x\c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b=>(Disk Image)=>(disk image)=>=>Elmedia Player=>Elmedia Player.app=>Contents=>Resources=>.pl.zip=>Updater.app/Contents/Resources/cb.py Trojan.MAC.Proton.F Moved to Quarantine
    
37. E:\TEST\9x\247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff=>(Disk Image)=>(disk image)=>=>Elmedia Player=>Elmedia Player.app=>Contents=>Resources=>.pl.zip=>Updater.app/Contents/Resources/ch.py Trojan.MAC.Proton.F Moved to Quarantine
    
38. E:\TEST\9x\247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff=>(Disk Image)=>(disk image)=>/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player Trojan.MAC.Proton.F Moved to Quarantine
    
39. E:\TEST\9x\c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b=>(Disk Image)=>(disk image)=>/Elmedia Player/Elmedia Player.app/Contents/Resources/Elmedia Player.app/Contents/MacOS/Elmedia Player Trojan.MAC.Proton.F Moved to Quarantine
    
40. 
    
41. 
    
42. [-]Detailed Scan Summary
    
43. 
    
44. [-]Basic
    
45. Scanned items : 1715
    
46. Infected items : 21
    
47. Suspicious items : 0 (no suspected items have been detected)
    
48. Resolved items : 21
    
49. Unresolved items : 0 (no issues remained unresolved)
    
50. 
    
51. [-]Advanced
    
52. Scan time : 0: 0: 10
    
53. Files per second : 171
    
54. Skipped items : 0
    
55. Password-protected items : 0
    
56. Overcompressed items : 0
    
57. Scanned archives : 2
    
58. Input-output errors : 0
    
59. Scanned boot sectors : 0
    
60. Scanned processes : 0
    
61. Infected processes : 0
    
62. Scanned registry keys : 0
    
63. Infected registry keys : 0
    
64. Scanned cookies : 0
    
65. Infected cookies : 0
    
66. 
    
67. 
    
68. [-]Scan Options
    
69. 
    
70. [-]Target Threat Types:
    
71. Scan for viruses : Yes
    
72. Scan for adware : Yes
    
73. Scan for spyware : Yes
    
74. Scan for applications : Yes
    
75. Scan for dialers : Yes
    
76. Scan for rootkits : No
    
77. Scan for keyloggers : Yes
    
78. 
    
79. [-]Target Selection Options:
    
80. Scan registry keys : No
    
81. Scan cookies : No
    
82. Scan boot sectors : No
    
83. Scan memory processes : No
    
84. Scan archives : Yes
    
85. Scan runtime packers : Yes
    
86. Scan emails : Yes
    
87. Scan all files : Yes
    
88. Heuristic Scan : Yes
    
89. Scanned extensions : none configured
    
90. Excluded extensions : none configured
    
91. 
    
92. [-]Target Processing:
    
93. Default primary action for infected objects : None
    
94. Default secondary action for infected objects : None
    
95. Default primary action for suspicious objects : None
    
96. Default secondary action for suspicious objects : None
    
97. Default action for hidden objects : None
    
98. Default action for password-protected objects : Prompt for password
    
99. 
    
100. [-]Scan engines summary
     
101. Number of virus signatures : 10623775
     

复制代码

心醉咖啡

火绒扫描miss

和泉纱雾

剩余

ELOHIM

WIEP MISSED ALL FILES

zst470396853

360杀毒扫描日志

病毒库版本：2017-10-22 18:52
扫描时间：2017-10-22 19:42:39
扫描用时：00:00:01
扫描类型：右键扫描
扫描文件总数：9
项目总数：0
清除项目数：0

扫描选项
----------------------
扫描所有文件：是
扫描压缩包：否
发现病毒处理方式：由用户选择处理
扫描磁盘引导区：是
扫描 Rootkit：是
使用云查杀引擎：是
使用QVM人工智能引擎：是
扫描建议修复项：是
常规引擎设置：Avira(小红伞)

扫描内容
----------------------
C:\Users\Administrator\Desktop\9x(11)


白名单设置
----------------------


扫描结果
======================
未发现威胁文件