本帖最后由 小飞侠.net 于 2017-11-22 03:35 编辑
Emsisoft Emergency Kit - 版本 2017.10
上次更新: 2017/11/22 2:58:19
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10x64
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: On
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2017/11/22 3:23:27
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(17).vir.DOCM -> word/vbaProject.bin 发现病毒: W97M.Downloader.AIW (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(27).vir.DOCX -> word/embeddings/oleObject1.bin -> IMG_201701119_0001.exe 发现病毒: Gen:Variant.Graftor.430641 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(40).vir.JS -> (INFECTED_JS) 发现病毒: JS:Trojan.Cryxos.1381 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(41).vir.DOCX -> word/embeddings/oleObject1.bin -> Microsoft Ofice Opening.exe 发现病毒: Gen:Variant.MSIL.Mensa.8 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe -> (AutoIT r) -> (AutoIT Script) -> (unicode) 发现病毒: AIT:Trojan.GenericTKA.16 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe -> (AutoIT r) -> AutoUpdate.exe -> (AutoIT r) -> (AutoIT Script) -> (unicode) 发现病毒: AIT:Trojan.AutoIT.Agent.MR (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe -> (AutoIT r) -> AutoUpdate.exe -> (Dropped 0) -> (AutoIT Script) -> (unicode) 发现病毒: AIT:Trojan.AutoIT.Agent.MR (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe -> (Dropped 0) -> (AutoIT Script) -> (unicode) 发现病毒: AIT:Trojan.GenericTKA.16 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) 发现病毒: Exploit.CVE-2012-0158.AE (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Word.Document.12) -> (Package) 发现病毒: Exploit.CVE-2012-0158.AE (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) 发现病毒: Exploit.RTF-ObfsStrm.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (dummy) 发现病毒: Exploit.CVE-2012-2539.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX17.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX18.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX19.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX20.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX21.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX22.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX23.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX24.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX25.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX26.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX27.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX28.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX29.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX30.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX31.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX32.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX33.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX34.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX35.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX36.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX37.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX38.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX39.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX40.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX41.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX42.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX43.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX44.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX45.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX46.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX47.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX48.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX49.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX50.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX51.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> word/activex/activeX52.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX12.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX13.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX14.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX15.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX16.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX17.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX18.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX19.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX20.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX21.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX22.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX23.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX24.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX25.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX26.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX27.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX28.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX29.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX30.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX31.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX32.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX33.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX34.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX35.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX36.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX37.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX38.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX39.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX40.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX41.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX42.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX43.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX44.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX45.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX46.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX47.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX48.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX49.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX50.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX51.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> (Package) -> word/activex/activeX52.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX17.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX18.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX19.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX20.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX21.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX22.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX23.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX24.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX25.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX26.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX27.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX28.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX29.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX30.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX31.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX32.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX33.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX34.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> (objdata) -> (Embedded DocFile g) -> word/activex/activeX35.xml 发现病毒: Exploit.CVE-2012-1856.Gen (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(11).vir.DOC 发现病毒: VB:Trojan.Valyria.1010 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(12).vir.exe 发现病毒: Trojan.Injector.CWF (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(15).vir.js 发现病毒: Trojan-Downloader.Nemucod (A) [286559]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(16).vir.sys 发现病毒: Gen:Variant.Razy.222885 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(2).vir.XLS 发现病毒: VB:Trojan.Valyria.1010 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(18).vir.sys 发现病毒: Gen:Variant.Razy.222885 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(24).vir.DOC 发现病毒: VB:Trojan.Valyria.1012 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(19).vir.exe 发现病毒: Gen:Variant.Zusy.264946 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(3).vir.exe 发现病毒: Gen:Variant.Graftor.429701 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(32).vir.exe 发现病毒: Trojan.VB.Agent.AHM (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(33).vir.sys 发现病毒: Gen:Variant.Razy.222885 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(37).vir.exe 发现病毒: Trojan.Agent.CQRV (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(38).vir.exe 发现病毒: Gen:Trojan.Heur.JP.aqW@a0PR@dni (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(42).vir.exe 发现病毒: Gen:Variant.Graftor.429711 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(8).vir.sys 发现病毒: Gen:Variant.Razy.222885 (B) [krnl.xmd]
已扫描 1691
发现 123
扫描完成后: 2017/11/22 3:23:51
扫描时间: 0:00:24
瑞星---(Windows 10 Creators Update(Redstone 2)....):云引擎(开)RDM+(开) ,,, ,,,
######## :##. ;######' '##` ;### ##; '#######
######### :##. ;#######' '##` ;#### ##; #########
### ###: :##. ###` + '##` ;####. ##; ####` #
### :##+ :##. ### '##` ;##### ##; ,###
### '##: :##. #### '##` ;## ### ##; ###`
### ### :##. '####+ '##` ;## +## ##; ###
######## :##. +#####; '##` ;## ### ##; ### ######
####### :##. #####; '##` ;## ##' ##; ### ######
### ;### :##. #### '##` ;## ### ##; ### ###
### #### :##. ### '##` ;## #####; ###; ###
### ### :##. : ### '##` ;## `####; `###, ###
### .### :##. ###::#### '##` ;## ####; +##########
### ###; :##. ######## '##` ;## ###; ;#########
''' ''' ,''. '###'. :''` :'' ,'', :###+,
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Sep 22 2017 15:07:50
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_171122032847.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F
* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 3206
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Wed Nov 22 03:29:16 2017
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(11).vir.DOC","infect":{"engine":"topis","signature":"9T9g2My92HP","threat":"Downloader.Agent!8.B23"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(14).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTqPbeubVmnTeKjF4cNZbYLeT9mXtQ","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(16).vir.sys","infect":{"engine":"sha1","signature":"c2hhMTq37KipQD80NCSliC7WGrnyvOZtGA","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(15).vir.js","infect":{"engine":"classic","threat":"Trojan.JS/Nemucod!1.A9AB"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(2).vir.XLS","infect":{"engine":"topis","signature":"XYwFlBm7F4M","threat":"Downloader.Agent!8.B23"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(17).vir.DOCM","infect":{"engine":"sha1","signature":"c2hhMTp5ebGw7wRIE2eQBxlOmBMUBYr6ZA","threat":"Fraud.EnableDoc!1.A416"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(10).vir.JS","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(1).vir.js","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(12).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTpz4aVcBwRCgJq8ODlX5qYMLlBsSg","threat":"Backdoor.SpyGate!8.E154"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(18).vir.sys","infect":{"engine":"sha1","signature":"c2hhMTrLraBtVAXDOJj9xgDP0Nuydch5OA","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(20).vir.rtf","infect":{"engine":"sha1","signature":"c2hhMToLwIo8mvNx/7S+trpyS07erYrk7Q","threat":"Exploit.CVE-2012-0158!8.B68"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(21).vir.exe","infect":{"engine":"rdmk","signature":"cmRtazqUOyyWcaVsDbteVOW1U3ga","threat":"Malware.Heuristic!ET#98%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(22).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTq3oraUzr72MCyMypTL8wL0kQA9Xg","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(13).vir.DOC","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(25).vir.exe","infect":{"engine":"tfe","signature":"dGZlOgJUM//ljcMcqA","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(23).vir.exe","infect":{"engine":"rdmk","signature":"cmRtazpQcw++Df5X/e4AfMYCKNvg","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(28).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTqecUN1rnVVsUUvuk6b7g9iQAnzJw","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(19).vir.exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(31).vir.JS","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(3).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTrmkx/xWLNiizvrgQQkTrIwztgr7A","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(30).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTr0jJMRW3tFu4j4rMaxsbsAJxqC+w","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(32).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTohKgLrLZlGwGVJKFLUzYX0Noby3Q","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(26).vir.exe","infect":{"engine":"sha1","signature":"c2hhMToI2DLFAEzGPXPa6WePjrbHBjE85A","threat":"Trojan.ObfusJS/Heur!1.A4CA"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(33).vir.sys","infect":{"engine":"sha1","signature":"c2hhMTobtIumCzGlsXEmvV6jxYRl5VTWUg","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(29).vir.js","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(35).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTqUCu5BABHdtp1nDfHp0PRSi/1bjQ","threat":"Dropper.Generic!8.35E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(24).vir.DOC","infect":{"engine":"topis","signature":"JlOQs5StGYS","threat":"Downloader.Donoff!8.36C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(34).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTqcdK8aFUmADzfkaYe687AIv8qZdQ","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(27).vir.DOCX","infect":{"engine":"sha1","signature":"c2hhMTrwcz2xdKu+Qp+vXC3x6YnkSZv3Iw","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(40).vir.JS","infect":{"engine":"sha1","signature":"c2hhMToI4Gopi7taYHAKYjwZetmQ+sRLNA","threat":"Downloader.Banload!8.15B"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(38).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTo+4PJD0wDpHxuRxlj5+d5g++0c+Q","threat":"Trojan.BitCoinMiner!8.1342"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(4).vir.exe","infect":{"engine":"rdmk","signature":"cmRtazorG35RM4rzuM9IOH87crbK","threat":"Malware.Heuristic!ET#94%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(37).vir.exe","infect":{"engine":"classic","threat":"Trojan.Injector!1.AE48"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(6).vir.XLS","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(41).vir.DOCX","infect":{"engine":"sha1","signature":"c2hhMTopQs1IMth+/oJfKvM53B35uWsniw","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(42).vir.exe","infect":{"engine":"tfe","signature":"dGZlOgWCac1pKLunoQ","threat":"Trojan.Injector!1.AE48"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(39).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTpB3joyHp4Z4r0u8GdsGZGH57NT6w","threat":"Trojan.Adload!1.A18D"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(8).vir.sys","infect":{"engine":"sha1","signature":"c2hhMTrGK1ai/PISbsY1kqaJKKDpyNNSRA","threat":"Trojan.GenKryptik!8.AA55"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(7).vir.exe","infect":{"engine":"sha1","signature":"c2hhMTp9udj3mYRyxC0IL9XP3rWfDFzYGA","threat":"Spyware.Autoit!8.B6"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(9).vir.exe","infect":{"engine":"rdmk","signature":"cmRtazr7Uq9h4uAc6YWCTE6LJbW7","threat":"Malware.Heuristic!ET#83%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(36).vir.XLSM","infect":{"engine":"classic","threat":"Heur.Macro.Downloader.f"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\1121ToD711A07F\\Virus42x 1121\\Virus(5).vir.jar","type":"scan"}
扫描结束: Wed Nov 22 03:29:29 2017
总扫描耗时: 0:13:6(m:s:ms)
总扫描对象: 351
总扫描文件: 42
总恶意文件: 34
有效检出率: 80.95%
X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 2)....):
Start Time: Wed Nov 22 03:32:48 2017
Scan Type: Custom Scan
Scan Target: C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F
Heuristic Engine: Enabled
Cloud Engine: Enabled
Resolve Threats: Scan only
Database Version: 2017.11.20.01
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(1).vir.js -> Cloud:Trojan.Script.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(10).vir.JS -> Cloud:Trojan.Script.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(11).vir.DOC -> Cloud:Macro.MSWord.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(12).vir.exe -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(13).vir.DOC -> Cloud:Macro.MSWord.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(14).vir.exe -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(15).vir.js -> Cloud:Malware.Script.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(16).vir.sys -> Cloud:Trojan.Win32.Emotet
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(17).vir.DOCM -> Cloud:Macro.MSWord.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(18).vir.sys -> Cloud:Trojan.Win32.Emotet
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(19).vir.exe -> Cloud:Trojan.Win32.Dropper
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(2).vir.XLS -> Cloud:Macro.MSExcel.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf -> Cloud:Exploit.RTF.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(21).vir.exe -> Cloud:Trojan.Win32.Emotet
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(22).vir.exe -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(23).vir.exe -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(24).vir.DOC -> Cloud:Macro.MSWord.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(25).vir.exe -> Cloud:Trojan.Win32.Emotet
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(26).vir.exe -> Trojan.Win32.HiddenRun.Ab
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(27).vir.DOCX -> Cloud:Malware.MSOffice.Dropper
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(28).vir.exe -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(29).vir.js -> Cloud:Trojan.Script.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(3).vir.exe -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(30).vir.exe -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(31).vir.JS -> Cloud:Trojan.Script.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(32).vir.exe -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(33).vir.sys -> Cloud:Trojan.Win32.Emotet
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(34).vir.exe -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(35).vir.exe -> Trojan.Win32.Generic.Ec
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(36).vir.XLSM -> Cloud:Macro.MSExcel.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(37).vir.exe -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(38).vir.exe -> Cloud:Trojan.Win32.CoinMiner
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(39).vir.exe -> Cloud:Adware.Win32.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(4).vir.exe -> Cloud:Trojan.Win32.Injector
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(40).vir.JS -> Cloud:Trojan.Script.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(41).vir.DOCX -> Cloud:Malware.MSOffice.Dropper
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(42).vir.exe -> Cloud:Trojan.Win32.Generic
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(6).vir.XLS -> Cloud:Macro.MSExcel.Downloader
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe -> Trojan.Win32.Autoit.Di
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(8).vir.sys -> Cloud:Trojan.Win32.Emotet
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(9).vir.exe -> Cloud:Trojan.Win32.Injector
Elapsed Time: 00:00:43
Total File: 42
Skipped File: 1
Infected File: 41
ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNY智能签名(Y)++(Windows 10 Creators Update(Redstone 2)....):Found nothing
日志
正在扫描日志
检测引擎的版本: 16447P (20171121)
日期: 2017/11/22 时间: 3:17:30
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(11).vir.DOC - VBA/TrojanDownloader.Agent.FGU 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(12).vir.exe - Win32/Injector.DTRW 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(13).vir.DOC - VBA/TrojanDownloader.Agent.FKG 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(14).vir.exe - MSIL/Kryptik.LST 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(15).vir.js - JS/TrojanDownloader.Nemucod.CMC 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(16).vir.sys - Win32/Kryptik.FZHJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(17).vir.DOCM > ZIP > word/vbaProject.bin - VBA/TrojanDownloader.Agent.AJV 特洛伊木马 - 扫描完成后再选择处理方式
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(18).vir.sys - Win32/Kryptik.FZHJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(19).vir.exe - Win32/Farfli.CHU 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(2).vir.XLS - VBA/TrojanDownloader.Agent.FGU 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(20).vir.rtf - Win32/Exploit.CVE-2012-0158.AA 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(21).vir.exe - Win32/GenKryptik.BETT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(22).vir.exe - MSIL/Kryptik.LST 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(23).vir.exe - Win32/Injector.DTRM 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(24).vir.DOC - VBA/TrojanDownloader.Agent.FJY 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(25).vir.exe - Generik.NQZRUSD 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(27).vir.DOCX > ZIP > word/embeddings/oleObject1.bin > OLEDATA > IMG_201701119_0001.exe - Win32/Injector.DTSO 特洛伊木马 的变种 - 扫描完成后再选择处理方式
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(28).vir.exe - Win32/Injector.DTRM 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(3).vir.exe - Win32/Injector.DTQY 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(30).vir.exe - MSIL/Kryptik.LBD 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(31).vir.JS - JS/TrojanDownloader.Nemucod.DUZ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(32).vir.exe - Win32/Injector.DTQY 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(33).vir.sys - Win32/Kryptik.FZHJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(34).vir.exe - MSIL/Kryptik.LLL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(35).vir.exe - MSIL/Kryptik.LOA 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(37).vir.exe - Win32/Injector.DTSL 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(38).vir.exe - Win32/CoinMiner.AUL 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(39).vir.exe > NSIS > Script.nsi - NSIS/TrojanDownloader.Adload.R 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(4).vir.exe - Generik.KGJUQNB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(40).vir.JS - JS/TrojanDownloader.Banload.RI 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(41).vir.DOCX > ZIP > word/embeddings/oleObject1.bin > OLEDATA > Microsoft Ofice Opening.exe - MSIL/Kryptik.JKY 特洛伊木马 的变种 - 扫描完成后再选择处理方式
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(42).vir.exe - Win32/Injector.DTQW 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(5).vir.jar - Java/Adwind.AAU 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(6).vir.XLS - VBA/TrojanDownloader.Agent.FKY 特洛伊木马 - 已清除
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe > UPX v13_m8 > AUTOIT > AutoUpdate.exe > UPX v13_m8 > AUTOIT > script.bin - Win32/Spy.Autoit.BY 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe > UPX v13_m8 > AUTOIT > AutoUpdate.exe > AUTOIT - 正常
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe > UPX v13_m8 > AUTOIT > script.bin - Win32/Spy.Autoit.BY 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(7).vir.exe > AUTOIT - 正常
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(8).vir.sys - Win32/Kryptik.FZHJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\1121ToD711A07F\Virus42x 1121\Virus(9).vir.exe - Win32/PSW.Fareit.L 特洛伊木马 - 通过删除清除 [1]
已扫描的对象数: 119
发现的威胁数: 38
已清除对象数: 36
完成时间: 3:18:17 总扫描时间: 47 秒 (00:00:47)
备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。
火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。
病毒库:2017/11/20 16:09
开始时间:2017/11/22 03:10
总计用时:00:00:17
扫描对象:3408个
扫描文件:42个
发现风险:10个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121.rar
文件大小: 7.52 MB (7,888,218 字节)
修改时间: 2017年11月22日,03:05:30
MD5: 2354443C7BD031702AAAE3CBFD37F50E
SHA1: A862F14CF716FD3299EBBAF5D74B8BEE51802812
SHA256: 953FD77F6BAB55C1822D3136C60054B12871DD2AD9C5DDE989B4E82ACE25397F
SHA512: CBCD92EEF58FC800F267011880FF702C89538F87FFE7BC2C4C81E8CE3639AD8FDE0FC13FAFBC750AEFCD39325EBBC962E19D7541B713E25CAA700D56FCE2202D
CRC32: D711A07F
计算时间: 0.39s
病毒详情
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(11).vir.DOC, 病毒名:OMacro/Downloader.vm, 病毒ID:[473d1835839b1d4e], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(15).vir.js, 病毒名:TrojanDownloader/JS.Nemucod.gj, 病毒ID:[a967d06fa84944f6], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(17).vir.DOCM >> word\document.xml, 病毒名:OMacro/Downloader.ci, 病毒ID:[dbb93e367fab021e], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(2).vir.XLS, 病毒名:OMacro/Downloader.vm, 病毒ID:[473d1835839b1d4e], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(19).vir.exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(28).vir.exe, 病毒名:Trojan/Agent.ng, 病毒ID:[66b5ec0f890a18e3], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(39).vir.exe >> [NSIS].nsi, 病毒名:TrojanDownloader/Adload.x, 病毒ID:[824af4dba5411252], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(6).vir.XLS, 病毒名:OMacro/Downloader.vl, 病毒ID:[aa6756e5fac323a5], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(7).vir.exe, 病毒名:Trojan/AutoIT.Agent.a, 病毒ID:[f0a9201038aa8849], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\刘1\艾2\61647309\85014225\孙3\Windows Defender\AVTestZipX\Virus42x 1121\Virus(9).vir.exe, 病毒名:HVM:Trojan/Injector.gen!A, 病毒ID:[cc4a875f53a5d678], 处理结果:已忽略
|