File name: 92be…1e0a.exe Detection ratio: 4 / 53 记录键盘输入、监视剪贴版变更

显示全部楼层 · 发表于 2015-12-25 22:37:48

AVG：

扫描：miss；

双击：实机双击（不入沙），运行后不久，IDP击杀之。

"";"IDP.SMP.11, C:\Users\killer\Desktop\92bede1e22a90f8b7de899949099405022d85c6e30838c2c76a0c01771cc1e0a.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2015/12/25, 22:36:09"
"";", C:\Users\killer\Desktop\92bede1e22a90f8b7de899949099405022d85c6e30838c2c76a0c01771cc1e0a.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", C:\Windows\System32\cmd.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", C:\Windows\System32\cmd.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", C:\Windows\System32\notepad.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", C:\Windows\System32\attrib.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", C:\Windows\System32\attrib.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", C:\WINDOWS\SYSTEM32\QBAXEKZKPSQU\WINDOWS";"Deleted";"File or Directory";"2015/12/25, 22:36:09"
"";", C:\Users\killer\Desktop\92bede1e22a90f8b7de899949099405022d85c6e30838c2c76a0c01771cc1e0a.exe";"Object was blocked";"Process";"2015/12/25, 22:36:09"
"";", HKEY_USERS\S-1-5-21-1910074467-3606790842-1030588025-1005\SOFTWARE\DC3_FEXEC";"Deleted, Moved to Virus Vault";"Registry key";"2015/12/25, 22:36:09"
"";", HKEY_USERS\S-1-5-21-1910074467-3606790842-1030588025-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SYSTEM";"Deleted, Moved to Virus Vault";"Registry value";"2015/12/25, 22:36:09"

显示全部楼层 · 发表于 2015-12-25 22:54:38

感觉AVG还不错嘛

[可疑文件] File name: 92be…1e0a.exe Detection ratio: 4 / 53 记录键盘输入、监视剪贴版变更

本帖子中包含更多资源