f7377fc38d5863df31b98324e09ac625

显示全部楼层 · 发表于 2016-2-25 13:38:28

infected

显示全部楼层 · 发表于 2016-2-25 13:40:32

name="C:\Users\XuanXia\Desktop\f7377fc38d5863df31b98324e09ac625\a5dbef4c208431e5e94ba32cf522a636.EXE", threat="a variant of Win32/Filecoder.Locky.A trojan", action="", info=""
name="C:\Users\XuanXia\Desktop\f7377fc38d5863df31b98324e09ac625\f7377fc38d5863df31b98324e09ac625.EXE", threat="a variant of Win32/Filecoder.TeslaCrypt.I trojan", action="", info=""

显示全部楼层 · 发表于 2016-2-25 13:41:39

360 Win32/Trojan.101

显示全部楼层 · 发表于 2016-2-25 14:11:35

显示全部楼层 · 发表于 2016-2-25 14:26:43

wd的报毒名还是很好的啊

显示全部楼层 · 发表于 2016-2-25 14:29:52

解压bg秒

显示全部楼层 · 发表于 2016-2-25 17:04:08

AVG解压全部删除

显示全部楼层 · 发表于 2016-2-25 19:57:28

卡巴解压杀

25.02.2016 19.56.30;检测到的对象（文件）已删除。;C:\Users\Administrator\Downloads\f7377fc38d5863df31b98324e09ac625.EXE;C:\Users\Administrator\Downloads\f7377fc38d5863df31b98324e09ac625.EXE;Trojan-Ransom.Win32.Bitman.jur;木马程序;02/25/2016 19:56:30
25.02.2016 19.56.30;检测到的对象（文件）已删除。;C:\Users\Administrator\Downloads\a5dbef4c208431e5e94ba32cf522a636.EXE;C:\Users\Administrator\Downloads\a5dbef4c208431e5e94ba32cf522a636.EXE;HEUR:Trojan.Win32.Generic;木马程序;02/25/2016 19:56:30

显示全部楼层 · 发表于 2016-2-25 20:44:30

显示全部楼层 · 发表于 2016-2-25 21:46:33

AVG：

扫描：kill all files；

"";"Trojan horse Generic_r.HNR, C:\Users\killer\Desktop\f7377fc38d5863df31b98324e09ac625.EXE";"Unresolved"

"";"Could be a Trojan horse Rozena, C:\Users\killer\Desktop\a5dbef4c208431e5e94ba32cf522a636.EXE";"Unresolved"

双击：关闭监控，实机双击，IDP kill all（不过那个加密的拦截慢了，被全部加密。。。。。。）。

"";"IDP.ALEXA.51, C:\USERS\KILLER\DESKTOP\F7377FC38D5863DF31B98324E09AC625.EXE";"Deleted";"File or Directory";"2016/2/25, 21:37:10"
"";", C:\USERS\KILLER\DESKTOP\F7377FC38D5863DF31B98324E09AC625.EXE";"Object was blocked";"Process";"2016/2/25, 21:37:10"

"";", C:\Windows\phrdhisfgaht.exe";"Object was blocked";"Process";"2016/2/25, 21:37:10"

"";", C:\Windows\System32\cmd.exe";"Object was blocked";"Process";"2016/2/25, 21:37:10"

"";", C:\Windows\phrdhisfgaht.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2016/2/25, 21:37:10"

"";", HKEY_USERS\S-1-5-21-540828005-2055914412-3868506426-1000\SOFTWARE\EBD15A7D189AD69";"Deleted, Moved to Virus Vault";"Registry key";"2016/2/25, 21:37:10"

"";", HKEY_USERS\S-1-5-21-540828005-2055914412-3868506426-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\DAWRCNPWPPHN";"Deleted, Moved to Virus Vault";"Registry value";"2016/2/25, 21:37:10"

"";"IDP.ALEXA.51, C:\Users\killer\Desktop\a5dbef4c208431e5e94ba32cf522a636.EXE";"Deleted, Moved to Virus Vault";"File or Directory";"2016/2/25, 21:26:59"

"";", C:\Users\killer\Desktop\a5dbef4c208431e5e94ba32cf522a636.EXE";"Object was blocked";"Process";"2016/2/25, 21:26:59"

"";", C:\Windows\System32\vssadmin.exe";"Object was blocked";"Process";"2016/2/25, 21:26:59"

"";", C:\Users\killer\Desktop\360compkill5.0\4F9849B4DC46D819082FC37985862F7E.locky";"Deleted, Moved to Virus Vault";"File or Directory";"2016/2/25, 21:26:59"

"";", HKEY_USERS\S-1-5-21-540828005-2055914412-3868506426-1000\SOFTWARE\LOCKY";"Deleted, Moved to Virus Vault";"Registry key";"2016/2/25, 21:26:59"

"";", HKEY_USERS\S-1-5-21-540828005-2055914412-3868506426-1000\CONTROL PANEL\DESKTOP\\WALLPAPER";"Deleted, Moved to Virus Vault";"Registry value";"2016/2/25, 21:26:59"

[病毒样本] f7377fc38d5863df31b98324e09ac625

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源