本帖最后由 小飞侠.net 于 2018-7-10 22:03 编辑
瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)
瑞星反恶软引擎命令行扫描器(社区交流版)
编译于:Sep 22 2017 15:07:50
提示:
- 本工具供社区交流使用,请勿用于其他用途
- 本工具没有恶意软件删除、清除、隔离功能
- 本工具包含开发中的新特性,结果仅供参考
* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180710220041.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom
* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4556
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Tue Jul 10 22:01:23 2018
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (16).vir","infect":{"engine":"classic","threat":"Downloader.BAT/Agent!1.B319"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (10).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (14).vir","infect":{"engine":"md5","signature":"bWQ1OubPejyYetoGJZgfKmVPUQY","threat":"Malware.Heuristic!ET#99%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (15).vir","infect":{"engine":"md5","signature":"bWQ1OoJKsyCFVtRV7Zm9tvM9ZMQ","threat":"PUF.InstallCore!1.AB2C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (1).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (11).vir","infect":{"engine":"md5","signature":"bWQ1OnKNv2K/HEGBXXqrRwR3fio","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (12).vir","infect":{"engine":"md5","signature":"bWQ1Ogd138y7XBzzKZeN8NooLQs","threat":"Trojan.Bitrep!8.F596"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (17).vir","infect":{"engine":"md5","signature":"bWQ1OoVKzLh7RP/jekaAuA4ls0c","threat":"Downloader.Banload!8.15B"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (23).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (13).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (18).vir","infect":{"engine":"md5","signature":"bWQ1OolcrhzX6/KGmJrv3wFaZM4","threat":"Trojan.Cloxer!8.F54F"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (20).vir","infect":{"engine":"md5","signature":"bWQ1OoHWr3RlK+KnJFoqNu1MphM","threat":"Ransom.FileCryptor!8.1A7"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (25).vir","infect":{"engine":"md5","signature":"bWQ1OjkjwDIMTgVkcVbyWI2mW0k","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (19).vir","infect":{"engine":"md5","signature":"bWQ1OpI7qwoBZKPDwdOLWrpah/Y","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (29).vir","infect":{"engine":"classic","threat":"Trojan.Win32.Ransom.Wannacry.a"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (24).vir","infect":{"engine":"md5","signature":"bWQ1Onj8IEBvemv4sQf4bB5ZpkA","threat":"Malware.Undefined!8.C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (21).vir","infect":{"engine":"md5","signature":"bWQ1OpkfPOQQgV3TaYlP8gN/OdY","threat":"PUF.InstallCore!1.AB2C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (22).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (26).vir","infect":{"engine":"md5","signature":"bWQ1OkRR/BzN+lE0xcsZE2aVGXI","threat":"Dropper.Generic!8.35E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (2).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (27).vir","infect":{"engine":"md5","signature":"bWQ1OncnCN+2Qt7fwIeYAcTLStY","threat":"Malware.Obscure/Heur!1.A89E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (28).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (3).vir","infect":{"engine":"md5","signature":"bWQ1Oka7Pzx4zM2tiUDRvH67KNE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (8).vir","infect":{"engine":"md5","signature":"bWQ1OjWczacz47Vb+ppoEyuSo2I","threat":"Malware.Obscure/Heur!1.9E03"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (7).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (6).vir","infect":{"engine":"md5","signature":"bWQ1OpLuq4SMZO5LBLhO2WeApJk","threat":"Malware.Obscure/Heur!1.A89E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (30).vir","infect":{"engine":"md5","signature":"bWQ1OqRPakaVZeWwwzhHdc56p8U","threat":"PUF.InstallCore!1.AB2C"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (4).vir","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (9).vir","infect":{"engine":"md5","signature":"bWQ1OgBQLjs1Oy5rCzhLDItAmCI","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\VirusSamples_161be9edd09119bdf5Ransom\\VirusSamples_16\\Samp (5).vir","type":"scan"}
扫描结束: Tue Jul 10 22:01:25 2018
总扫描耗时: 0:1:534(m:s:ms)
总扫描对象: 30
总扫描文件: 30
总恶意文件: 20
有效检出率: 66.67%
Emsisoft Emergency Kit - 版本 2018.6
上次更新: 2018-07-10 21:37:12
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10 x64
Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
Bitdefender(B)+Emsisoft(A) 双引擎
扫描设置:
扫描方式: 自定义扫描
对象: Rootkits, C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\
检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off
扫描开始于: 2018-07-10 21:57:19
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (11).vir 发现风险: Gen:Variant.MSILPerseus.137875 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (14).vir 发现风险: Trojan.Generic.22901838 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (10).vir 发现风险: Gen:Variant.Application.Downloader.Nezchi.1 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (18).vir 发现风险: Gen:Variant.Ursu.193509 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (19).vir 发现风险: Trojan.Injector (A) [294116]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (20).vir 发现风险: Trojan.Injector (A) [284358]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (17).vir 发现风险: Gen:Variant.Zusy.282057 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (23).vir 发现风险: Trojan.DOC.Downloader.AIM (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (22).vir 发现风险: Application.Chindo (A) [285504]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (24).vir 发现风险: Application.Downloader.ANE (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (27).vir 发现风险: Trojan.Agent.CZSL (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (29).vir 发现风险: Trojan.Rasftuby.Gen.14 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (3).vir 发现风险: Gen:Variant.Trojan.Liev.9 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (30).vir 发现风险: Application.DealAgent.AUR (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (6).vir 发现风险: Trojan.Agent.CZSL (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (7).vir 发现风险: Gen:Variant.Application.Zusy.226955 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (8).vir 发现风险: Application.AdFile (A) [289425]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (9).vir 发现风险: Trojan.GenericKD.31035978 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (26).vir 发现风险: Gen:Heur.NoobyProtect.1 (B) [krnl.xmd]
已扫描 624
发现 19
扫描完成后: 2018-07-10 21:57:36
扫描时间: 0:00:17
ESET Smart Security Premium 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):
日志
正在扫描日志
检测引擎的版本: 17691P (20180710)
日期: 2018-07-10 时间: 21:50:29
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (10).vir - Win32/Adware.Qjwmonkey.C 应用程序 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (11).vir - MSIL/Hoax.FakeHack.ATL 应用程序 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (16).vir - BAT/TrojanDownloader.Agent.NOK 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (17).vir - Win32/TrojanDownloader.Banload.YEZ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (18).vir - MSIL/Agent.SNX 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (19).vir - Win32/Injector.DYKZ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (20).vir > NSIS > Script.nsi - Win32/Filecoder.Cerber.B 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (23).vir - DOC/Agent.BJ 特洛伊木马 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (26).vir - Win32/Packed.NoobyProtect.M 可疑应用程序 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (27).vir - Win32/Kryptik.GHLJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (29).vir > WINRARSFX > eee.exe - CRC 校验和错误,文件可能已损坏
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (29).vir > WINRARSFX > - 压缩文件已损坏
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (3).vir - Win32/Agent.YXS 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (6).vir - Win32/Kryptik.GHLJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (7).vir - Win32/RiskWare.Khit.B 应用程序 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (8).vir - Win32/Kryptik.GHMH 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\VirusSamples_161be9edd09119bdf5Ransom\VirusSamples_16\Samp (9).vir > NSIS > WindowsUpdate.exe - MSIL/Agent.RPP 特洛伊木马 的变种 - 通过删除清除 [1]
已扫描的对象数: 635
发现的威胁数: 15
已清除对象数: 15
完成时间: 21:51:06 总扫描时间: 37 秒 (00:00:37)
备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。
Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\51CD00CE0 -rpcpr:np
Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (16).vir - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (18).vir - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (12).vir - infected with Trojan.PWS.Spy.18034
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (12).vir - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (20).vir - infected with Trojan.Boaxxe.484
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (20).vir - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (19).vir - infected with Trojan.Inject1.54688
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (19).vir - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (1).vir is ZIP archive
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (1).vir - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (1).vir - archive
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (23).vir - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (15).vir is INNO SETUP container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (15).vir\Script2.bin is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (11).vir - is hacktool program Tool.Siggen.11282
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (11).vir - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (15).vir - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (14).vir - is adware program Adware.Downware.17657
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (14).vir - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (25).vir - packed by PESTUB
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (25).vir - packed by PESTUB
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (10).vir - is adware program Adware.Qjwmonkey.92
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (10).vir - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (26).vir - packed by BINARYRES
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (26).vir - infected with Trojan.PWS.Siggen1.28608
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (26).vir - infected
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (25).vir - packed by PESTUB
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (25).vir - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (24).vir - is adware program Adware.Downware.18186
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (24).vir - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (29).vir is RAR archive
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (29).vir - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (29).vir - archive
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (21).vir is INNO SETUP container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (21).vir\Script2.bin is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (21).vir - container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (28).vir is SETUP FACTORY container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (17).vir is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (17).vir - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (27).vir - infected with Trojan.Vittalia.13656
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (27).vir - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (22).vir - infected with BackDoor.Gbot.2850
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (22).vir - infected
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (28).vir\help.htm is JS-HTML container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (6).vir - infected with Trojan.Vittalia.13656
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (6).vir - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (3).vir - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (28).vir - container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (13).vir is ZLIB container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (5).vir is INNO SETUP container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (13).vir - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (7).vir - infected with BackDoor.IRC.Bot.4101
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (7).vir - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (8).vir - infected with Trojan.InstallCube.3581
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (8).vir - infected
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (5).vir\Script2.bin is BINARYRES container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (5).vir - container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir is INNO SETUP container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\Script2.bin is BINARYRES container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (30).vir is INNO SETUP container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (30).vir\Script2.bin is BINARYRES container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\AtomicMailVerifier.exe - packed by ASPROTECT
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (4).vir is NSIS container
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir is NSIS container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (4).vir\聜nsProcess.dll - packed by FLY-CODE
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (4).vir\聜version.dll - packed by UPX
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (30).vir - container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\aa.msi is OLE container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (4).vir\Fotosizer.exe is BINARYRES container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\setup.exe is ZLIB container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\windowsdriver.exe is NET container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\Microsoft.AspNet.SignalR.Client.dll is NET container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (4).vir - container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\YouTube_Downloader.exe is BINARYRES container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\YouTube_Downloader.exe\data001 is NET container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir\YouTube_Downloader.exe\data002 is NET container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (9).vir - container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\AtomicMailVerifier.exe - packed by FLY-CODE
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\Help.chm is CHM container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\Help.chm\settings_DNS.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\Help.chm\style.css is JS-HTML container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpRu.chm is CHM container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpRu.chm\dl.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpRu.chm\settings_DNS.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpRu.chm\style.css is JS-HTML container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpIt.chm is CHM container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpIt.chm\settings_DNS.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpIt.chm\style.css is JS-HTML container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpEs.chm is CHM container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpEs.chm\settings_DNS.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpEs.chm\style.css is JS-HTML container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm is CHM container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\description.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\export_wizard.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\reg.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\settings_common.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\settings_DNS.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\settings_filters.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\settings_SMTP.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\style.css is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\verify.html is JS-HTML container
>>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir\{app}\HelpPt.chm\whyreg.html is JS-HTML container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (2).vir - container
Total 46644882 bytes in 30 files scanned (456 objects)
Total 17 files (443 objects) are clean
Total 13 files are infected--是谁又上传VirusTotal??建议PM楼主分享解压密码
Scan time is 00:00:14.909
火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):部分未知文件已发送到seclab@huorong.cn,等处理中。。。
病毒库:2018-07-09 15:14
开始时间:2018-07-09 21:12
总计用时:00:00:34
扫描对象:701个
扫描文件:30个
发现风险:1个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个
病毒详情
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16\Samp (20).vir, 病毒名:Ransom/Cerber.f, 病毒ID:[1be9edd09119bdf5], 处理结果:已忽略
文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\VirusSamples_16.rar
文件大小: 32.5 MB (34,154,533 字节)
修改时间: 2018年07月09日,21:11:30
MD5: 28403998DF26D9D4C5C84F8B2C4CAA5E
SHA1: 260CEBFC449BA9919301248128765C99F369F882
SHA256: 7312877C691B75C9C58F747AAB7D8121A7DBDA89E007F19D4EC9A5DEFC211B39
SHA512: 5C684849693ACC31B63753EF9CA824C92133333B424D68BE6795BDA623C260FC0E007F2E892545EA7DC8CA5DF0AA75A4FCA427EBA0D6E7D06010888331AC6E88
CRC32: 517850A4
计算时间: 0.91s
|