AVG:
扫描:miss;
双击:实机双击(不入沙),样本添加启动项后不久,IDP砍掉。
"";"IDP.ALEXA.51, C:\Users\killer.Killer-PC\Desktop\1f03fd67530f6c3be75ca69c316cc4c0e657827e4befeedb9859f3da6eac57eb.scr";"Deleted, Moved to Virus Vault";"File or Directory";"2015/12/10, 18:55:33"
"";", C:\Windows\explorer.exe";"Object was blocked";"Process";"2015/12/10, 18:55:33"
"";", C:\ProgramData\zKqoIyvTTVVo_L.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2015/12/10, 18:55:33"
"";", C:\Users\killer.Killer-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\360极速浏览器.lnk";"Healed, Moved to Virus Vault";"File or Directory";"2015/12/10, 18:55:33"
"";", C:\Users\killer.Killer-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\在沙盘中运行网页浏览器.lnk";"Healed, Moved to Virus Vault";"File or Directory";"2015/12/10, 18:55:33"
"";", C:\Users\killer.Killer-PC\Desktop\1f03fd67530f6c3be75ca69c316cc4c0e657827e4befeedb9859f3da6eac57eb.scr";"Object was blocked";"Process";"2015/12/10, 18:55:33"
"";", HKEY_USERS\S-1-5-21-1910074467-3606790842-1030588025-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\FTGWAYIDGNSITSZDOPMRUKSTPB";"Deleted, Moved to Virus Vault";"Registry value";"2015/12/10, 18:55:33"
|
楼主: 墨家小子
发表于 2015-12-10 18:28:55
楼主
但是,这个回复可以理解为废话吗?