本帖最后由 小飞侠.net 于 2018-7-8 20:39 编辑
X-Sec Antivirus ---(Windows 10 Creators Update(Redstone 4)....1803):
Basic Info:
---------------------
Database Version: 2018.07.02.01
Program Version: 2.1.1.0
Heuristic Engine: Enabled
Cloud Engine: Enabled
Enhanced Mode: Disabled
Backup Before Resolve: Yes
Resolve Threats: Scan only
Scan Priority: Normal
---------------------
Targets:
---------------------
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588
---------------------
2018-07-08 20:32:54 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(10).exe -- [Heuristic] Heur:Trojan.Injector.Gen.4
2018-07-08 20:33:40 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(11).exe -- [Heuristic] Heur:Trojan.Injector.Gen.11
2018-07-08 20:34:27 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(14).exe -- [Cloud] Cloud:Malware.Win32.QRSGeneric.1
2018-07-08 20:35:21 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(17).exe -- [Cloud] Cloud:Malware.Win32.QRSGeneric.2
2018-07-08 20:36:12 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(3).exe -- [Classic] Virus.Win32.Ramnit.$ab
2018-07-08 20:36:20 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(2).exe -- [Heuristic] Heur:Trojan.Win32.Gen.4
2018-07-08 20:36:36 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(4).exe -- [Cloud] Cloud:Malware.Win32.QRSGeneric.1
2018-07-08 20:36:49 Threat Detected: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(9).exe -- [Cloud] Cloud:Malware.Win32.QRSGeneric.1
瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Sep 22 2017 15:07:50
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180708202800.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588
* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4549
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Sun Jul 08 20:28:57 2018
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(14).exe","infect":{"engine":"md5","signature":"bWQ1OtYh0atQkirR6h/UkgBvY+c","threat":"Trojan.Tiggre!8.ED98"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(10).exe","infect":{"engine":"md5","signature":"bWQ1OiDG5U6Z5ZokWuWmRECLv5U","threat":"Trojan.Injector!1.A1C3"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(1).exe","infect":{"engine":"md5","signature":"bWQ1Oo9KjiW0BEnVW0NCPgoN1hk","threat":"Trojan.Tiggre!8.ED98"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(15).exe","infect":{"engine":"rdmk","signature":"cmRtazqwjrxAGc8nyr/78OsbHDPY","threat":"Malware.Heuristic!ET#91%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(12).exe","infect":{"engine":"md5","signature":"bWQ1OkeJhk6umgT3ZojbnkB+l6w","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(11).exe","infect":{"engine":"rdmk","signature":"cmRtazqnkgkLNRlqDc+s0pHBd6w+","threat":"Malware.Heuristic!ET#95%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(16).exe","infect":{"engine":"tfe","signature":"dGZlOgWB1xm4F103VQ","threat":"Trojan.Fuery!8.EAFB"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(3).exe","infect":{"engine":"rdmk","signature":"cmRtazrD2bZkTcgt5g8dyr878G2V","threat":"Malware.Heuristic!ET#98%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(5).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(13).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(4).exe","infect":{"engine":"md5","signature":"bWQ1OrvktbmBukBYY6IorfsfKdg","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(17).exe","infect":{"engine":"md5","signature":"bWQ1Oix9ZGwdCHgwcBQ5P9B+iwA","threat":"PUA.Presenoker!8.F608"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(8).exe","infect":{"engine":"md5","signature":"bWQ1Oro5PpwaETDwocwGk56MVis","threat":"Dropper.Win32.Undef.uw"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(9).exe","infect":{"engine":"md5","signature":"bWQ1OoNm5K+Ml9bAtIfXhsF9Wck","threat":"Trojan.Tiggre!8.ED98"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(2).exe","infect":{"engine":"rdmk","signature":"cmRtazrIlkMgjwozb0OkB6M1yRWG","threat":"Malware.Heuristic!ET#93%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(7).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\InterestingRamnit54ad63d6a34ba588\\Interesting\\国产特色(6).exe","type":"scan"}
扫描结束: Sun Jul 08 20:29:03 2018
总扫描耗时: 0:5:700(m:s:ms)
总扫描对象: 19
总扫描文件: 17
总恶意文件: 13
有效检出率: 76.47%--有人上传VirusTotal ???
ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):
日志
正在扫描日志
检测引擎的版本: 17680P (20180708)
日期: 2018-07-08 时间: 20:14:19
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(10).exe - Win32/Injector.BBYK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(12).exe - Generik.KKUDTFS 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(3).exe - Win32/Ramnit.H 病毒 - 已清除
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(4).exe - Win32/Packed.VMProtect.AV 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(8).exe - Win32/TrojanDropper.Agent.OBM 特洛伊木马 的变种 - 通过删除清除 [1]
已扫描的对象数: 20
发现的威胁数: 5
已清除对象数: 5--很好没人上传VirusTotal
完成时间: 20:16:37 总扫描时间: 138 秒 (00:02:18)
备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。
Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):
Anti-rootkit module version ( ver: 11.5.201806181, api: 8.07 )
Using 137803332 as Dr.Web (R) Key file
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\1B0914622 -rpcpr:np
Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(13).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(1).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(2).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(3).exe - infected with Win32.Rmnet.8
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(3).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(10).exe - infected with Trojan.DownLoader16.34676
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(10).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(6).exe - packed by UPX
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(5).exe - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe is BINARYRES container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(8).exe - packed by UPX
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(7).exe - packed by UPX
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(4).exe - packed by PESTUB
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe is BINARYRES container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data001 is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data003 is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data005 is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data006 is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data007 is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe\data001 - packed by UPX
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(15).exe - packed by PESTUB
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data008 is NET container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(14).exe - packed by PESTUB
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(12).exe - packed by MEW
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe\data008\FF - infected with Trojan.MulDrop8.28131
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(17).exe - infected container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(4).exe - packed by FLY-CODE
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(4).exe - packed by VMPROTECT
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(6).exe - packed by BINARYRES
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(6).exe - Ok
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(15).exe - packed by FLY-CODE
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(14).exe - packed by FLY-CODE
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(9).exe - packed by PESTUB
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(15).exe - packed by VMPROTECT
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(14).exe - packed by VMPROTECT
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(12).exe - Ok
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(7).exe - packed by BINARYRES
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(9).exe - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(7).exe - Ok
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe\data002 - packed by PESTUB
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(9).exe - packed by VMPROTECT
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe\data002 - packed by FLY-CODE
>>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe\data002 - packed by VMPROTECT
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(8).exe - infected with Trojan.MulDrop.32183
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(8).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(16).exe - packed by UPX
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(15).exe - Ok
>>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(4).exe is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(4).exe - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(16).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe\data003 - infected with Trojan.DownLoader24.62529
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe - infected container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(9).exe - infected with Trojan.PWS.Banker1.26258
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(9).exe - infected
>>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(14).exe is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(14).exe - container
Total 33909111 bytes in 17 files scanned (32 objects)
Total 11 files (23 objects) are clean
Total 6 files are infected--很好没人上传VirusTotal
Scan time is 00:00:14.545
Error to send CureIt! statistics: (12002)
Error to send CureIt! statistics: (12002)
火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。
病毒库:2018-07-08 15:09
开始时间:2018-07-08 19:38
总计用时:00:00:16
扫描对象:129个
扫描文件:17个
发现风险:4个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个
病毒详情
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(11).exe, 病毒名:Trojan/Generic!C48DAC04DF6090A9, 病毒ID:[c48dac04df6090a9], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(2).exe, 病毒名:Trojan/Generic!19A7A58D2C97D91D, 病毒ID:[19a7a58d2c97d91d], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(3).exe, 病毒名:Virus/Ramnit.jj, 病毒ID:[54ad63d6a34ba588], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting\国产特色(8).exe, 病毒名:TrojanDownloader/Agent.nj, 病毒ID:[9c9717fecd5c2a77], 处理结果:已忽略
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\Interesting.zip
文件大小: 29.4 MB (30,855,421 字节)
修改时间: 2018年07月08日,19:35:45
MD5: 6452D4F9D14AB55002E1E633BC817A89
SHA1: CA2F92FD13079AC014FB386B9347E339F47CF106
SHA256: C1254FDCB3D7C4AECB9EF5F721FE20BE5FFD39C50EA554CD4C03841291D31AF8
SHA512: 07AE12E14E029F0A877F00C9DCA294E37BF4B86A614961E8EBA36470C677EF4FFB6C746CE4EEEDB76A3278A4AC1352A690E8D9944E58638C2F8C720AF33B17B0
CRC32: 91B29C6A
计算时间: 1.31s (23.54 MB/s)
Emsisoft Emergency Kit - 版本 2018.6
上次更新: 2018-07-08 17:25:45
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10 x64
Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
Bitdefender(B)+Emsisoft(A) 双引擎
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, 内存, 恶意残留, C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2018-07-08 20:20:41
C:\Users\Admin\AppData\Roaming\baidu 发现风险: Application.AppInstall (A) [224507]
C:\Users\Admin\AppData\Local\baidu 发现风险: Application.AppInstall (A) [226898]
C:\Users\Admin\AppData\Local\sysassistbyhotwheel 发现风险: Application.Toolbar (A) [230313]
Key: HKEY_USERS\S-1-5-21-1320124207-2627790254-4257915705-1001\SOFTWARE\PPSTREAM 发现风险: Application.Toolbar (A) [281127]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(10).exe 发现风险: Gen:Variant.Strictor.159719 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(15).exe 发现风险: Gen:Variant.Strictor.162485 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(12).exe 发现风险: Gen:Variant.Symmi.15895 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(8).exe 发现风险: Trojan.Generic.11920208 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(3).exe 发现风险: Win32.Ramnit.N (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(16).exe 发现风险: Gen:Variant.Graftor.Elzob.25133 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(4).exe 发现风险: Gen:Variant.Symmi.87205 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(14).exe 发现风险: Gen:Variant.Symmi.87205 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\InterestingRamnit54ad63d6a34ba588\Interesting\国产特色(9).exe 发现风险: Gen:Trojan.Heur.PT.TSW@biVP8jab (B) [krnl.xmd]
已扫描 62891
发现 13
扫描完成后: 2018-07-08 20:21:48
扫描时间: 0:01:07
|
楼主: Jerry.Lin
[复制链接]
发表于 2018-7-8 08:14:17
真是没谁了……