AVG:
扫描:kill all files;
"";"Trojan horse Ransom_r.SJ, C:\Users\Killer\Desktop\Cerber.exe";"Unresolved"
"";"Trojan horse Crypt5.BOQA, C:\Users\Killer\Desktop\Locky.exe";"Unresolved"
双击:关闭监控,实机双击,IDP击杀Cerber.exe【Locky.exe运行后不久自己挂掉了,未被加密】
"";"IDP.ALEXA.51, C:\Users\Killer\Desktop\Cerber.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2016/7/20, 16:53:20"
"";", C:\Users\Killer\AppData\Roaming\{7BD6BFAF-095E-0C2D-1534-B9629ADB78CC}\FlashPlayerApp.exe";"Object was blocked";"Process";"2016/7/20, 16:53:20"
"";", C:\Windows\System32\cmd.exe";"Object was blocked";"Process";"2016/7/20, 16:53:20"
"";", C:\Users\Killer\AppData\Roaming\{7BD6BFAF-095E-0C2D-1534-B9629ADB78CC}\FlashPlayerApp.exe";"Deleted, Moved to Virus Vault";"File or Directory";"2016/7/20, 16:53:20"
"";", C:\Users\Killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FlashPlayerApp.lnk";"Healed, Moved to Virus Vault";"File or Directory";"2016/7/20, 16:53:20"
"";", C:\Users\Killer\Desktop\Cerber.exe";"Object was blocked";"Process";"2016/7/20, 16:53:20"
"";", HKEY_USERS\S-1-5-21-3481082169-311058013-23538480-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\FLASHPLAYERAPP";"Deleted, Moved to Virus Vault";"Registry value";"2016/7/20, 16:53:20"
"";", HKEY_USERS\S-1-5-21-3481082169-311058013-23538480-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE\\FLASHPLAYERAPP";"Deleted, Moved to Virus Vault";"Registry value";"2016/7/20, 16:53:20"
"";", HKEY_USERS\S-1-5-21-3481082169-311058013-23538480-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER";"Deleted, Moved to Virus Vault";"Registry key";"2016/7/20, 16:53:20"
"";", HKEY_USERS\S-1-5-21-3481082169-311058013-23538480-1000\SOFTWARE\MICROSOFT\COMMAND PROCESSOR\\AUTORUN";"Deleted, Moved to Virus Vault";"Registry value";"2016/7/20, 16:53:20"
"";", HKEY_USERS\S-1-5-21-3481082169-311058013-23538480-1000\CONTROL PANEL\DESKTOP\\SCRNSAVE.EXE";"Deleted, Moved to Virus Vault";"Registry value";"2016/7/20, 16:53:20"
|
发表于 2016-7-20 15:03:15
