本帖最后由 191196846 于 2018-10-16 11:47 编辑
- VirusTotal Smart Scanner 1.08
- ======================================================================================
- Scan Time: 2018-10-16-11-44-27
- Scan Duration: 53 seconds
- Scan Target: C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C
- Number of Scan Files: 7
- Number of Infected Files: 7
- engine_threshold_slider : 80
- upload_check : True
- log_check : True
- menu_check : True
- menu_file_check : True
- scan_pe_check : False
- grayware_check : True
- black_check : True
- white_check : True
- crawler_check : True
- ======================================================================================
- Threat(s):
- Exploit.Generic sha256: 6300fa9fcef55f5064d158c07ef34a46edf721f32dfe9d8437ab82321613a39b Path: C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\csrss\smb\e7.exe
- Trojan.Generic sha256: db5c8723225193a47487cb444e81db99b10e43b8ec76a23d5056b26b59ed1d67 Path: C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\csrss\scheduled.exe
- Grayware.CoinMiner sha256: 658c3a82b874ea48b10c51bfa2a8891331fd31227a41fb1ed2df0ec6ea4e420d Path: C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\wup\wup.exe
- Malware.Confidence:33% sha256: 0dedb703da8d7aeae5d6f6da3e37b3d3fc42d0872b8470a81066a4491f2455f2 Path: C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\csrss\winboxls-1008-2.exe
- Trojan.Downloader sha256: 915c3f7f640478f0a91bc206ef56cf7ec347b5ed42594fa226c46f425506956c Path: C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Windows\Sysnative\Tasks\ScheduledUpdate
复制代码 [BUG]VTSS日志未写入重复文件
- 360木马查杀扫描日志
- 开始时间: 2018-10-16 11:45:52
- 扫描用时: 00:00:02
- 扫描类型: 自定义扫描
- 扫描引擎:360云查杀引擎(本地木马库) 360启发式引擎 QEX脚本查杀引擎
- QVM Ⅱ人工智能引擎
- 扫描文件数: 7
- 系统关键位置文件: 0
- 系统内存运行模块: 0
- 压缩包文件: 0
- 安全的文件数: 1
- 发现安全威胁: 6
- 已处理安全威胁: 0
- 扫描选项
- ----------------------
- 扫描后自动关机: 否
- 扫描模式: 速度最快
- 扫描内容
- ----------------------
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\
- 白名单设置
- ----------------------
- license.avira.com安全杀毒类网站跳转到指定IP
- c:\program files\listary\listary.exe 130ae6d12d35c8567f971dddc94b626b
- c:\program files (x86)\internet download manager\idman.exe 15f05bb525143bb83cd0ca100cd100f0
- c:\users\zhong\downloads\20180308ssr\shadowsocksr-win-4.9.0\shadowsocksr-dotnet4.0.exe 6b3bc2866f16d4a89b8deef01d5cba89
- c:\program files\winrar\rarext32.dll c923f2bf295c1046bc715aa16722d5b9
- c:\program files\winrar\rarext.dll 0239ddd03c8ae208bf0dad7532293497
- 扫描结果
- ======================
- 危险文件:6个
- ----------------------------------------------------------------
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\csrss\scheduled.exe a746c776a0a69b231f52b9d1f83d3bee 70,3,70 [云安全引擎][木马-Win32/Trojan.5a2][隔离文件][未处理]
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\csrss\smb\e7.exe 6fcab2dbdcf5529cf9958d4c50524159 70,3,70 [云安全引擎][木马-Trojan.Generic][隔离文件][未处理]
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\csrss\winboxls-1008-2.exe ff753beefa2f24c0df8b685af8b9fc21 70,3,70 [云安全引擎][木马-Win32/Trojan.c0f][隔离文件][未处理]
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\wup\wup.exe ca2c7e857ee3088b0812ecd53053532f 70,3,70 [云安全引擎][木马-Win32/Virus.RiskTool.d14][隔离文件][未处理]
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Users\Administrator\AppData\Local\Temp\wup\wup.exe2 ca2c7e857ee3088b0812ecd53053532f 70,3,70 [云安全引擎][木马-Win32/Virus.RiskTool.d14][隔离文件][未处理]
- C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\C2\C\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BC57A654564A8863B168A02DD6B97555 a746c776a0a69b231f52b9d1f83d3bee 70,3,70 [云安全引擎][木马-Win32/Trojan.5a2][隔离文件][未处理]
复制代码
|