本帖最后由 aboringman 于 2016-2-15 00:45 编辑
再战样本!
AVG:
双击:关闭监控,实机双击,这次没有再次忘记备份MBR。。。。。。于是开始冒死双击。
1.exe:被IDP击杀,但MBR被样本kill,最后由我恢复;
"";"IDP.Trojan.942BC142, C:\Users\killer\Desktop\Wip\1.exe";"Deleted";"File or Directory";"2016/2/15, 0:35:20"
"";", C:\Windows\System32\taskkill.exe";"Object was blocked";"Process";"2016/2/15, 0:35:20"
"";", C:\Windows\System32\taskkill.exe";"Object was blocked";"Process";"2016/2/15, 0:35:20"
"";", C:\Users\killer\Desktop\Wip\1.exe";"Object was blocked";"Process";"2016/2/15, 0:35:20"
2.exe:被IDP击杀,MBR未被样本kill,没有造成损失。
"";"IDP.Trojan.04A31325, C:\Users\killer\Desktop\Wip\2.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2016/2/15, 0:37:03"
"";", C:\Windows\System32\taskkill.exe";"Object was blocked";"Process";"2016/2/15, 0:37:03"
"";", C:\Windows\System32\taskkill.exe";"Object was blocked";"Process";"2016/2/15, 0:37:03"
"";", C:\Users\killer\Desktop\Wip\2.exe";"Object was blocked";"Process";"2016/2/15, 0:37:03"
|
楼主: Benji
发表于 2016-2-15 00:43:21
