本帖最后由 小飞侠.net 于 2018-5-18 00:50 编辑
,,, ,,,
X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 4)....1803):
Basic Info:
---------------------
Database Version: 2018.05.09.01
Program Version: [图片]2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool
---------------------
2018/05/18 00:50:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(1).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018/05/18 00:50:17 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(2).exe -- [Cloud] Cloud:Trojan.Win32.LokiBot
2018/05/18 00:50:18 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(4).exe -- [Cloud] Cloud:Trojan.Win32.Infostealer
2018/05/18 00:50:19 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(5).exe -- [Cloud] Cloud:Trojan.Win32.Generic
2018/05/18 00:50:19 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(6).exe -- [Cloud] Cloud:Trojan.Win32.Emotet
2018/05/18 00:50:20 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(7).exe -- [Cloud] Cloud:Trojan.Win32.Emotet
2018/05/18 00:50:21 Threat Detected: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(3).exe -- [Cloud] Cloud:Trojan.Win32.Generic
瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Sep 22 2017 15:07:50
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180518003527.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool
* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4255
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Fri May 18 00:36:06 2018
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(6).exe","infect":{"engine":"sha1","signature":"c2hhMTr3vI2nKxZp6n7ZEMCG+9w3qO0BpQ","threat":"Ransom.Spora!8.E3EE"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(1).exe","infect":{"engine":"sha1","signature":"c2hhMTrCKb2E/bVrnBF7o7hyzPppiwhCsg","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(7).exe","infect":{"engine":"sha1","signature":"c2hhMToNWKOlDVxpSzK+qUUtSTcmtyLZmg","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(3).exe","infect":{"engine":"sha1","signature":"c2hhMTpnDBPKRql1+L7niiBZFGVDvBcEXA","threat":"Trojan.Win32.Generic.19F19A86"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(4).exe","infect":{"engine":"sha1","signature":"c2hhMTrJy/zhmVW3co9+ovT8EGW/GmF5OQ","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(2).exe","infect":{"engine":"sha1","signature":"c2hhMTrQupWlM01MWotX2kOWL2oMl0RXTg","threat":"Backdoor.Fynloski!8.1FD"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\Virus7x 0516VirTool\\Virus7x 0516\\(5).exe","infect":{"engine":"c64","signature":"YzY0Oi13oY1m5wn+","threat":"Trojan.Win32.Generic.19F19A87"},"type":"scan"}
扫描结束: Fri May 18 00:36:06 2018
总扫描耗时: 0:0:463(m:s:ms)
总扫描对象: 7
总扫描文件: 7
总恶意文件: 7
有效检出率: 100.00%
Emsisoft Emergency Kit - 版本 2018.3
上次更新: 2018/5/17 22:53:40
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10x64
Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
Bitdefender(B)+Emsisoft(A) 双引擎
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, 内存, C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2018/5/18 0:27:25
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(5).exe 发现风险: Trojan-Spy.Bebloh (A) [293919]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(6).exe 发现风险: Trojan.GenericKD.30806030 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(3).exe 发现风险: Trojan.GenericKD.30808801 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(7).exe 发现风险: Trojan.GenericKD.30809221 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(1).exe 发现风险: Trojan.GenericKD.30807290 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(2).exe 发现风险: Trojan.GenericKD.40251595 (B) [krnl.xmd]
已扫描 1864
发现 6
扫描完成后: 2018/5/18 0:27:45
扫描时间: 0:00:20
火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。
病毒库:2018-05-16 15:08
开始时间:2018-05-16 21:21
总计用时:00:00:02
扫描对象:17个
扫描文件:7个
发现风险:2个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516.rar
文件大小: 2.25 MB (2,368,357 字节)
修改时间: 2018年05月16日,21:11:42
MD5: 1FCAA44E95AFD4FC0FA5B6DE8A86309C
SHA1: B4D475B8CFF52E8C6212C6BC6AA2E2C7B59994AF
SHA256: 1CB8B82DB33FE8ABDD9F5D06B589CCAEFB9EABA0356CA4B026C993012E00B147
SHA512: CEFD33B38032F27C42E5D6D1859D297A0026FCB69E20D0D8695A37CE0759D55A3BD140DF59E0E1CC6ADC4D5C92287AEF3B7671486AF25C305D342307F3404927
CRC32: 34D93B3D
计算时间: 0.17s
病毒详情
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(5).exe, 病毒名:VirTool/Kovter.p, 病毒ID:[e92bbf97494898d2], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(6).exe, 病毒名:HEUR:VirTool/Obfuscator.gen!L, 病毒ID:[e5545ef0e01350], 处理结果:已忽略
Dr.Web CureIt! 简体中文绿色免费版---(Windows 10 Creators Update(Redstone 4)....1803):
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\34B1DAB32 -rpcpr:np
Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(1).exe - infected with Trojan.PWS.Stealer.13025
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(1).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(7).exe - infected with Trojan.Emotet.215
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(7).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(6).exe - infected with Trojan.Emotet.207
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(6).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(2).exe - infected with Trojan.PWS.Stealer.18836
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(2).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(3).exe - infected with Trojan.PWS.Stealer.23680
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(5).exe - infected with BackDoor.Bebloh.310
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(5).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(4).exe - infected with Trojan.Inject1.54688
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Virus7x 0516\(4).exe - infected
Total 4038656 bytes in 7 files scanned
There are no clean objects detected
Total 7 files are infected
Scan time is 00:00:00.677
ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):
日志
正在扫描日志
检测引擎的版本: 17401P (20180517)
日期: 2018/5/18 时间: 0:22:42
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(1).exe - MSIL/Kryptik.NIB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(2).exe - Win32/Injector.DXZT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(3).exe - Generik.FCRENKN 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(4).exe - MSIL/Kryptik.NGX 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(5).exe - Win32/Spy.Bebloh.O 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(6).exe - Win32/Kryptik.GGUO 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\Virus7x 0516VirTool\Virus7x 0516\(7).exe - Win32/[图片]Emotet.BH 特洛伊木马 - 通过删除清除 [1]
已扫描的对象数: 7
发现的威胁数: 7
已清除对象数: 7
完成时间: 0:22:53 总扫描时间: 11 秒 (00:00:11)
备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。
|