本帖最后由 ELOHIM 于 2015-8-22 17:47 编辑
Microsoft 反恶意软件 已检测到恶意软件或其他可能不需要的软件。
有关更多信息,请查看下列内容:
http://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Zegost.BW&threatid=2147686661&enterprise=1
名称: Backdoor:Win32/Zegost.BW
ID: 2147686661
严重性: 严重
类别: 后门程序
路径:
containerfile:_C:\Documents and Settings\^\桌面\x\1100\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\1111\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\1258\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\2222\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\3333\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\3366\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\5566\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\6666\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\6677\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\6789\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\7766\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\9876\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\x\9999\wc.dat;
containerfile:_C:\Documents and Settings\^\桌面\首页.folder.tar;
file:_C:\Documents and Settings\^\桌面\x\1100\wc.dat->(OleData);
file:_C:\Documents and Settings\^\桌面\x\1111\wc.dat->(OleData);
file:_C:\Documents and Sett
检测原点: 本地计算机
检测类型: 具体
检测源: 下载和附件
用户: ^\^
进程名称: C:\Program Files\7-Zip\7zFM.exe
签名版本: AV: 1.205.188.0, AS: 1.205.188.0, NIS: 0.0.0.0
引擎版本: AM: 1.1.12002.0, NIS: 0.0.0.0
有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持
-----
Alert level: Severe
First detected by definition: 1.173.304.0
Latest detected by definition: 1.205.144.0 and higher
First detected on: Apr 22, 2014
This entry was first published on: May 20, 2014
This entry was updated on: May 21, 2014
This threat is also detected as:
BackDoor-FBZT!52D84425CDF2 (McAfee)
Trojan.Win32.Staser.ytq (Kaspersky) ------- Trojan:Win32/Hitbrovi!dha 类别: 特洛伊木马 描述: 这个程序很危险,而且执行来自攻击者的命令。 推荐的操作: 立即删除这个软件。 项目:
containerfile:C:\Documents and Settings\^\桌面\首页.folder.tar
file:C:\Documents and Settings\^\桌面\x\1100\PotPlayer.dll
file:C:\Documents and Settings\^\桌面\x\5566\PotPlayer.dll
file:C:\Documents and Settings\^\桌面\x\6677\PotPlayer.dll
file:C:\Documents and Settings\^\桌面\首页.folder.tar->1100/PotPlayer.dll
file:C:\Documents and Settings\^\桌面\首页.folder.tar->5566/PotPlayer.dll
file:C:\Documents and Settings\^\桌面\首页.folder.tar->6677/PotPlayer.dll
webfile:C:\Documents and Settings\^\桌面\首页.folder.tar|http://103.40.161.145:8888/?mode=archive&recursive
webfile:C:\Program Files\Microsoft Security Client\Microsoft Antimalware\LocalCopy\{BC74ED6B-B4D8-42DF-BB1F-AA00ECC30585}-首页.folder.tar|http://103.40.161.145:8888/?mode=archive&recursive 联机获取此项的详细信息。
-----
Alert level: Severe
First detected by definition: 1.201.1342.0
Latest detected by definition: 1.203.1825.0 and higher
First detected on: Jul 09, 2015 This entry was first published on: Jul 11, 2015
This entry was updated on: Not available
This threat is also detected as:
No known aliases
| 
发表于 2015-8-22 16:06:06
楼主
韩文表示阅读困难