偶然遇到的可疑文件，请大家测试一下

lovelive10010

密码123 卡巴KILL大半https://share.weiyun.com/53zTbUl

a233

分流 https://send.firefox.com/downloa ... lI3kJqG4z3XkqHhWUIA

a233

Avast Kill 4X(实杀)
* Avast Scan Report
* This file is generated automatically
*
* Scan name: Scan from Windows Explorer
* Started on: Tuesday, May 7, 2019 10:24:19 PM
* VPS: 190507-2, 2019/05/07
*
C:\Users\Administrator\Desktop\新建文件夹\WINDOWS\temp\dqpsxzx.exe [L] Win32:Adware-gen [Adw] (0)
C:\Users\Administrator\Desktop\新建文件夹\WINDOWS\mcpl.exe [L] Win32:Malware-gen (0)
C:\Users\Administrator\Desktop\新建文件夹\WINDOWS\system32\~satcb.del|>[Embedded_R#078cb8]|>>>>AUTOIT SCRIPT<<< [L] AutoIt:AutoRun-B@BC [Wrm] (0)
C:\Users\Administrator\Desktop\新建文件夹\WINDOWS\system32\~satcb.del|>[Embedded_R#078cb8] [L] Win32:Malware-gen (0)
C:\Users\Administrator\Desktop\新建文件夹\Program Files\shoucang\淘宝网.exe [L] FileRepMalware (0)
Infected files: 5
Total files: 137
Total folders: 15
Total size: 78.0 MB

lovelive10010

a233 发表于 2019-5-7 22:23
分流 https://send.firefox.com/download/8134a7d79938e443/#rPslI3kJqG4z3XkqHhWUIA

谢谢

a233

火绒Kill 1X

a233

lovelive10010 发表于 2019-5-7 22:28
谢谢

可能会有误报 PS：你这系统是Ghost封装版本的？

lovelive10010

a233 发表于 2019-5-7 22:31
可能会有误报 PS：你这系统是Ghost封装版本的？

网上下载的，才装上卡巴就一通报毒，那个淘宝EXE和百度EXE是我用另外扫描器扫描出来的，卡巴不杀

Jerry.Lin

1. Malwarebytes
   
2. www.malwarebytes.com
   
3. 
   
4. -Log Details-
   
5. Scan Date: 5/7/19
   
6. Scan Time: 10:43 PM
   
7. Log File: 766dbbf6-70d6-11e9-bc79-985fd3d3c7d2.json
   
8. 
   
9. -Software Information-
   
10. Version: 3.7.1.2839
    
11. Components Version: 1.0.586
    
12. Update Package Version: 1.0.10502
    
13. License: Premium
    
14. 
    
15. -System Information-
    
16. OS: Windows 10 (Build 17763.475)
    
17. CPU: x64
    
18. File System: NTFS
    
19. User: DESKTOP-VPBE70N\zhong
    
20. 
    
21. -Scan Summary-
    
22. Scan Type: Custom Scan
    
23. Scan Initiated By: Manual
    
24. Result: Completed
    
25. Objects Scanned: 18
    
26. Threats Detected: 4
    
27. Threats Quarantined: 0
    
28. Time Elapsed: 1 min, 7 sec
    
29. 
    
30. -Scan Options-
    
31. Memory: Disabled
    
32. Startup: Disabled
    
33. Filesystem: Enabled
    
34. Archives: Enabled
    
35. Rootkits: Disabled
    
36. Heuristics: Enabled
    
37. PUP: Detect
    
38. PUM: Detect
    
39. 
    
40. -Scan Details-
    
41. Process: 0
    
42. (No malicious items detected)
    
43. 
    
44. Module: 0
    
45. (No malicious items detected)
    
46. 
    
47. Registry Key: 0
    
48. (No malicious items detected)
    
49. 
    
50. Registry Value: 0
    
51. (No malicious items detected)
    
52. 
    
53. Registry Data: 0
    
54. (No malicious items detected)
    
55. 
    
56. Data Stream: 0
    
57. (No malicious items detected)
    
58. 
    
59. Folder: 0
    
60. (No malicious items detected)
    
61. 
    
62. File: 4
    
63. Trojan.Downloader.AutoIt, C:\USERS\ZHONG\DOWNLOADS\COMPRESSED\卡饭\新建文件夹_2\新建文件夹\C\PROGRAM FILES\SHOUCANG\百度一下.EXE, No Action By User, [6123], [671353],1.0.10502
    
64. Generic.Malware/Suspicious, C:\USERS\ZHONG\DOWNLOADS\COMPRESSED\卡饭\新建文件夹_2\新建文件夹\C\PROGRAM FILES\SHOUCANG\淘宝网.EXE, No Action By User, [0], [392686],1.0.10502
    
65. Generic.Malware/Suspicious, C:\USERS\ZHONG\DOWNLOADS\COMPRESSED\卡饭\新建文件夹_2\新建文件夹\C\WINDOWS\MCPL.EXE, No Action By User, [0], [392686],1.0.10502
    
66. Generic.Malware/Suspicious, C:\USERS\ZHONG\DOWNLOADS\COMPRESSED\卡饭\新建文件夹_2\新建文件夹\C\WINDOWS\TEMP\DQPSXZX.EXE, No Action By User, [0], [392686],1.0.10502
    
67. 
    
68. Physical Sector: 0
    
69. (No malicious items detected)
    
70. 
    
71. WMI: 0
    
72. (No malicious items detected)
    
73. 
    
74. 
    
75. (end)

复制代码

zh7000047

eset kill3个

www-tekeze

总共12个文件，智量kill 4X 。