本帖最后由 小飞侠.net 于 2018-7-3 22:35 编辑
X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 4)....1803):
Basic Info:
---------------------
Database Version: 2018.06.27.01
Program Version: 2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131
---------------------
2018-07-03 22:28:29 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(14).exe -- [Heuristic] Heur:Trojan.Downloader.Gen.7
2018-07-03 22:28:30 Threat Detected: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(20).exe -- [Classic] Trojan.Win32.Generic.Ec
 [:xi25:][:xi25:][:xi25:][:xi25:]
瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开),
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Sep 22 2017 15:07:50
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180703222200.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131
* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4519
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Tue Jul 03 22:22:21 2018
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(13).exe","infect":{"engine":"rdmk","signature":"cmRtazpMknQogYk1FVEZ0W0HpPAJ","threat":"Malware.Heuristic!ET#83%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(12).exe","infect":{"engine":"rdmk","signature":"cmRtazp5adziEcgtywbRsqUT2Bky","threat":"Malware.Heuristic!ET#86%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(11).exe","infect":{"engine":"tfe","signature":"dGZlOgP4X7B09UN9Ug","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(1).exe","infect":{"engine":"rdmk","signature":"cmRtazqSFJgs0XPHVfImq7Jlt//L","threat":"Malware.Heuristic!ET#90%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(10).exe","infect":{"engine":"rdmk","signature":"cmRtazpELDRTUn6bQIaCKN9FChlS","threat":"Malware.Heuristic!ET#95%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(15).exe","infect":{"engine":"tfe","signature":"dGZlOgVpGLA1yVsJBg","threat":"Trojan.Generic!8.C3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(14).exe","infect":{"engine":"rdmk","signature":"cmRtazpq/v1kMDKbiCsXhe2yyXHB","threat":"Malware.Heuristic!ET#83%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(18).exe","infect":{"engine":"rdmk","signature":"cmRtazoX+vzRbbQMEUqt8LXfPSZq","threat":"Malware.Heuristic!ET#86%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(2).exe","infect":{"engine":"tfe","signature":"dGZlOgP4X7B09UN9Ug","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(20).exe","infect":{"engine":"rdmk","signature":"cmRtazocVSWU9M7tGpQJamC7IfpM","threat":"Malware.Heuristic!ET#87%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(17).exe","infect":{"engine":"rdmk","signature":"cmRtazoLTrMwDsxmqR1yUgsvaTMQ","threat":"Malware.Heuristic!ET#96%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(21).exe","infect":{"engine":"tfe","signature":"dGZlOgTy06kiIKVUtA","threat":"Backdoor.Mokes!8.619"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(25).exe","infect":{"engine":"rdmk","signature":"cmRtazrRYSkMlOQp2ew3rSXh4zbQ","threat":"Malware.Heuristic!ET#85%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(24).exe","infect":{"engine":"rdmk","signature":"cmRtazp2viTMuJzOcXL37klVd2jE","threat":"Malware.Heuristic!ET#98%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(22).exe","infect":{"engine":"rdmk","signature":"cmRtazprWfsT+vxG4HsQ4fSHHj9a","threat":"Malware.Heuristic!ET#89%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(3).exe","infect":{"engine":"tfe","signature":"dGZlOgU1CD/Cm7D36g","threat":"Trojan.Generic!8.C3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(5).exe","infect":{"engine":"tfe","signature":"dGZlOgP4X7B09UN9Ug","threat":"Trojan.Kryptik!8.8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(23).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(6).exe","infect":{"engine":"rdmk","signature":"cmRtazoKVXvf38BjynxI6SHLk5SH","threat":"Malware.Heuristic!ET#96%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(27).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(26).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(19).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(7).exe","infect":{"engine":"rdmk","signature":"cmRtazo3E7cKxW7AxrRtmIuV5JWs","threat":"Malware.Heuristic!ET#96%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(8).exe","infect":{"engine":"rdmk","signature":"cmRtazoDAMkVBmdTZA9iHWLcMMa7","threat":"Malware.Heuristic!ET#97%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(16).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(4).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0703HackTool2131\\PACKAGE 0703\\0703(9).exe","type":"scan"}
扫描结束: Tue Jul 03 22:22:24 2018
总扫描耗时: 0:2:875(m:s:ms)
总扫描对象: 30
总扫描文件: 27
总恶意文件: 20
有效检出率: 74.07%
Emsisoft Emergency Kit - 版本 2018.6
上次更新: 2018-07-03 20:40:34
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10 x64
Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
Bitdefender(B)+Emsisoft(A) 双引擎
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2018-07-03 22:17:43
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(10).exe 发现风险: Trojan.Emotet (A) [294528]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(11).exe 发现风险: Trojan.Emotet (A) [294457]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(12).exe 发现风险: Trojan.Injector (A) [294529]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(15).exe 发现风险: Trojan.Injector (A) [294509]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(1).exe 发现风险: Trojan.GenericKD.40302219 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(2).exe 发现风险: Trojan.Emotet (A) [294457]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(18).exe 发现风险: Trojan.Emotet (A) [294528]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(26).exe 发现风险: Trojan.Agent.DAWV (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(14).exe 发现风险: Gen:Variant.Zusy.205464 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(4).exe 发现风险: Trojan.GenericKD.31036676 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(5).exe 发现风险: Trojan.Emotet (A) [294457]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(6).exe 发现风险: Trojan.Injector (A) [294509]
已扫描 621
发现 12---用了BD,说明有一半没入库
扫描完成后: 2018-07-03 22:17:53
扫描时间: 0:00:10
ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):
日志
正在扫描日志
检测引擎的版本: 17653P (20180703)
日期: 2018-07-03 时间: 22:12:41
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(1).exe - Win32/GenKryptik.CEBU 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(10).exe - Win32/Emotet.BK 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(11).exe - Win32/Kryptik.GIKM 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(12).exe - Win32/Injector.DZAW 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(13).exe - Win32/GenKryptik.CEET 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(15).exe - Win32/Injector.DZAB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(16).exe - Win32/PSW.Fareit.L 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(17).exe - MSIL/Kryptik.OTE 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(18).exe - Win32/Kryptik.GIKR 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(19).exe - Win32/TrojanDropper.Binder.NBH 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(2).exe - Win32/Kryptik.GIKM 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(20).exe > SMARTASSEMBLY > deobfuscated.exe - MSIL/TrojanDownloader.Agent.BWN 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(21).exe - Suspicious Object - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(22).exe > EZIRIZ > protected.exe > DOTNETREACTOR - 压缩文件已损坏
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(23).exe - MSIL/Kryptik.NMB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(24).exe - Win32/Kryptik.BGHT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(25).exe - Win32/Kryptik.GIKZ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(26).exe - Win32/Injector.DZAP 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(27).exe - Suspicious Object - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(3).exe - Win32/Kryptik.GIJO 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(4).exe - Win32/Kryptik.GIKJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(5).exe - Win32/Kryptik.GIKM 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(6).exe - Win32/Injector.DZAQ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(7).exe - MSIL/Kryptik.OTE 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(8).exe - MSIL/Kryptik.OTE 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0703HackTool2131\PACKAGE 0703\0703(9).exe - Win32/PSW.Fareit.A 特洛伊木马 - 通过删除清除 [1]
已扫描的对象数: 27
发现的威胁数: 25
已清除对象数: 25
完成时间: 22:13:25 总扫描时间: 44 秒 (00:00:44)
备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。
Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\3934F7753 -rpcpr:np
Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(10).exe - packed by FLY-CODE
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(11).exe - packed by FLY-CODE
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(18).exe - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(11).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(1).exe - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(2).exe - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(12).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(13).exe - infected with Trojan.Inject3.8210
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(13).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(16).exe - packed by UPX
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(21).exe - infected with Trojan.MulDrop8.28384
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(21).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(20).exe is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(20).exe - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(15).exe - infected with Trojan.PWS.Stealer.15120
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(15).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(17).exe is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(23).exe - infected with Win32.HLLW.Autoruner.25074
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(23).exe - infected
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(17).exe\data003 is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(17).exe\data004 is NET container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(17).exe - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(16).exe - infected with Trojan.PWS.Stealer.1932
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(16).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(25).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(27).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(24).exe - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(5).exe - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(26).exe - infected with Trojan.PWS.Stealer.24188
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(26).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(5).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(3).exe - infected with Trojan.PWS.Stealer.23816
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(2).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(8).exe - infected with Trojan.DownLoader19.57204
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(7).exe - infected with Trojan.PWS.Stealer.1932
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(7).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(4).exe - packed by UPX
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(6).exe - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(9).exe - packed by UPX
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(4).exe - infected with BackDoor.Siggen2.2488
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(4).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(9).exe - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(14).exe is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(14).exe\data002 - is hacktool program Tool.BtcMine.758
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(14).exe - infected container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(19).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(22).exe - Ok
Error to send CureIt! statistics: (12002)
Error to send CureIt! statistics: (12002)
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(10).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(18).exe - Ok
Total 28790338 bytes in 27 files scanned (35 objects)
Total 16 files (23 objects) are clean
Total 11 files are infected---很好,没人上传VirusTotal
Scan time is 00:00:26.243
火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。
病毒库:2018-07-03 15:21
开始时间:2018-07-03 21:28
总计用时:00:00:19
扫描对象:171个
扫描文件:27个
发现风险:9个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个
病毒详情
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(1).exe, 病毒名:Trojan/VBInject.b, 病毒ID:[e4beee39ea2e9885], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(12).exe, 病毒名:HEUR:Trojan/VBCode.be, 病毒ID:[58ecd128ab121f57], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(13).exe, 病毒名:Trojan/Injector.dl, 病毒ID:[cec17aa3dea03ae5], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(14).exe >> c.exe, 病毒名:HackTool/CoinMiner.a, 病毒ID:[21cb8dc8777aca7], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(25).exe, 病毒名:HEUR:VirTool/Obfuscator.gen!C, 病毒ID:[9f7c74f7afee22c], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(3).exe, 病毒名:HEUR:VirTool/Obfuscator.gen!C, 病毒ID:[9f7c74f7afee22c], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(27).exe, 病毒名:VirTool/Kovter.p, 病毒ID:[e92bbf97494898d2], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(4).exe, 病毒名:VirTool/Kovter.p, 病毒ID:[e92bbf97494898d2], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703\0703(9).exe, 病毒名:VirTool/Kovter.p, 病毒ID:[e92bbf97494898d2], 处理结果:已忽略
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0703.zip
文件大小: 21.0 MB (22,078,910 字节)
修改时间: 2018年07月03日,21:27:26
MD5: 525EFD5FAA8967F04373F92A9A6F43EA
SHA1: 4B26B7706F008FFD4902782AE1826240307D82D9
SHA256: 27F4497F9D3F10FAFB20BE45F68B7E22333EB49C604C644643DEA78ACE35FB09
SHA512: 106019BF28885E845A22D1D02043C80E8D0FB7A82455100EA65BE662432F6B9305DC5911F28B5F5C548C935E93CE2DCC5FCBBFC07E29A32F7B1108647EC2B419
CRC32: CC8D5883
计算时间: 0.78s
|
楼主: Jerry.Lin
[复制链接]
发表于 2018-7-3 21:27:04
楼主