收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #Ransomware (2020-04-22)
12
返回列表 发新帖
楼主: QVM360
 收起左侧

[病毒样本] #Ransomware (2020-04-22)

[复制链接]
嗜血大叔
发表于 2020-4-22 19:05:26 | 显示全部楼层
ESET KILL

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

病毒探索者
发表于 2020-4-22 19:26:14 | 显示全部楼层
Malwarebytes

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

病毒探索者
发表于 2020-4-22 22:27:03 | 显示全部楼层
Acronis轻松拿下

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

病毒探索者
发表于 2020-4-22 22:48:14 | 显示全部楼层
本帖最后由 病毒探索者 于 2020-4-22 22:50 编辑

App Check
  1. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Users\virus\Downloads\#Ransomware (2020-04-22)\s.bat,,Removed,RansomGuard
  2. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\PerfLogs\readMe!.txt,,Removed,RansomGuard
  3. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\readMe!.txt,,Removed,RansomGuard
  4. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Bandizip\readMe!.txt,,Removed,RansomGuard
  5. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Bandizip\data\readMe!.txt,,Removed,RansomGuard
  6. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Bandizip\icons\readMe!.txt,,Removed,RansomGuard
  7. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Bandizip\icons\default\readMe!.txt,,Removed,RansomGuard
  8. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Bandizip\langs\readMe!.txt,,Removed,RansomGuard
  9. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Bandizip\shellicons\readMe!.txt,,Removed,RansomGuard
  10. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\CheckMAL\readMe!.txt,,Removed,RansomGuard
  11. 04/22/2020 10:47:25 下午,File Created by Ransomware,File,C:\Program Files\Common Files\readMe!.txt,,Removed,RansomGuard
  12. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\readMe!.txt,,Removed,RansomGuard
  13. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\readMe!.txt,,Removed,RansomGuard
  14. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\ar-SA\readMe!.txt,,Removed,RansomGuard
  15. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\bg-BG\readMe!.txt,,Removed,RansomGuard
  16. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\cs-CZ\readMe!.txt,,Removed,RansomGuard
  17. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\da-DK\readMe!.txt,,Removed,RansomGuard
  18. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\de-DE\readMe!.txt,,Removed,RansomGuard
  19. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\el-GR\readMe!.txt,,Removed,RansomGuard
  20. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\en-GB\readMe!.txt,,Removed,RansomGuard
  21. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\en-US\readMe!.txt,,Removed,RansomGuard
  22. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\es-ES\readMe!.txt,,Removed,RansomGuard
  23. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\es-MX\readMe!.txt,,Removed,RansomGuard
  24. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\et-EE\readMe!.txt,,Removed,RansomGuard
  25. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fi-FI\readMe!.txt,,Removed,RansomGuard
  26. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fr-CA\readMe!.txt,,Removed,RansomGuard
  27. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fr-FR\readMe!.txt,,Removed,RansomGuard
  28. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\readMe!.txt,,Removed,RansomGuard
  29. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\auxpad\readMe!.txt,,Removed,RansomGuard
  30. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\insert\readMe!.txt,,Removed,RansomGuard
  31. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\keypad\readMe!.txt,,Removed,RansomGuard
  32. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\readMe!.txt,,Removed,RansomGuard
  33. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskclearui\readMe!.txt,,Removed,RansomGuard
  34. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\readMe!.txt,,Removed,RansomGuard
  35. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\readMe!.txt,,Removed,RansomGuard
  36. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknumpad\readMe!.txt,,Removed,RansomGuard
  37. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskpred\readMe!.txt,,Removed,RansomGuard
  38. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\symbols\readMe!.txt,,Removed,RansomGuard
  39. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\he-IL\readMe!.txt,,Removed,RansomGuard
  40. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\hr-HR\readMe!.txt,,Removed,RansomGuard
  41. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\hu-HU\readMe!.txt,,Removed,RansomGuard
  42. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\HWRCustomization\readMe!.txt,,Removed,RansomGuard
  43. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\it-IT\readMe!.txt,,Removed,RansomGuard
  44. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\ja-JP\readMe!.txt,,Removed,RansomGuard
  45. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\ko-KR\readMe!.txt,,Removed,RansomGuard
  46. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\LanguageModel\readMe!.txt,,Removed,RansomGuard
  47. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\lt-LT\readMe!.txt,,Removed,RansomGuard
  48. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\lv-LV\readMe!.txt,,Removed,RansomGuard
  49. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\nb-NO\readMe!.txt,,Removed,RansomGuard
  50. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\nl-NL\readMe!.txt,,Removed,RansomGuard
  51. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\pl-PL\readMe!.txt,,Removed,RansomGuard
  52. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\pt-BR\readMe!.txt,,Removed,RansomGuard
  53. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\pt-PT\readMe!.txt,,Removed,RansomGuard
  54. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\ro-RO\readMe!.txt,,Removed,RansomGuard
  55. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\ru-RU\readMe!.txt,,Removed,RansomGuard
  56. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\sk-SK\readMe!.txt,,Removed,RansomGuard
  57. 04/22/2020 10:47:24 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\sl-SI\readMe!.txt,,Removed,RansomGuard
  58. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\sr-Latn-RS\readMe!.txt,,Removed,RansomGuard
  59. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\sv-SE\readMe!.txt,,Removed,RansomGuard
  60. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\th-TH\readMe!.txt,,Removed,RansomGuard
  61. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\tr-TR\readMe!.txt,,Removed,RansomGuard
  62. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\uk-UA\readMe!.txt,,Removed,RansomGuard
  63. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\zh-CN\readMe!.txt,,Removed,RansomGuard
  64. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\ink\zh-TW\readMe!.txt,,Removed,RansomGuard
  65. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\MSInfo\readMe!.txt,,Removed,RansomGuard
  66. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\readMe!.txt,,Removed,RansomGuard
  67. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\MSInfo\zh-CN\readMe!.txt,,Removed,RansomGuard
  68. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\Stationery\readMe!.txt,,Removed,RansomGuard
  69. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\TextConv\readMe!.txt,,Removed,RansomGuard
  70. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\TextConv\en-US\readMe!.txt,,Removed,RansomGuard
  71. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\Triedit\readMe!.txt,,Removed,RansomGuard
  72. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\Triedit\en-US\readMe!.txt,,Removed,RansomGuard
  73. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\microsoft shared\VGX\readMe!.txt,,Removed,RansomGuard
  74. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\Services\readMe!.txt,,Removed,RansomGuard
  75. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\readMe!.txt,,Removed,RansomGuard
  76. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\ado\readMe!.txt,,Removed,RansomGuard
  77. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\ado\en-US\readMe!.txt,,Removed,RansomGuard
  78. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\ado\zh-CN\readMe!.txt,,Removed,RansomGuard
  79. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\en-US\readMe!.txt,,Removed,RansomGuard
  80. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\msadc\readMe!.txt,,Removed,RansomGuard
  81. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\msadc\en-US\readMe!.txt,,Removed,RansomGuard
  82. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\msadc\zh-CN\readMe!.txt,,Removed,RansomGuard
  83. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\Ole DB\readMe!.txt,,Removed,RansomGuard
  84. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\Ole DB\en-US\readMe!.txt,,Removed,RansomGuard
  85. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\Ole DB\zh-CN\readMe!.txt,,Removed,RansomGuard
  86. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\System\zh-CN\readMe!.txt,,Removed,RansomGuard
  87. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\readMe!.txt,,Removed,RansomGuard
  88. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\readMe!.txt,,Removed,RansomGuard
  89. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\efifw\readMe!.txt,,Removed,RansomGuard
  90. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\efifw\Win8\readMe!.txt,,Removed,RansomGuard
  91. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\hgfs\readMe!.txt,,Removed,RansomGuard
  92. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\hgfs\Win8\readMe!.txt,,Removed,RansomGuard
  93. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\memctl\readMe!.txt,,Removed,RansomGuard
  94. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\memctl\Win8\readMe!.txt,,Removed,RansomGuard
  95. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\mouse\readMe!.txt,,Removed,RansomGuard
  96. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\mouse\Win8\readMe!.txt,,Removed,RansomGuard
  97. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\pvscsi\readMe!.txt,,Removed,RansomGuard
  98. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\pvscsi\Win8\readMe!.txt,,Removed,RansomGuard
  99. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\rawdsk\readMe!.txt,,Removed,RansomGuard
  100. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\rawdsk\Win8\readMe!.txt,,Removed,RansomGuard
  101. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\video_wddm\readMe!.txt,,Removed,RansomGuard
  102. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\video_wddm\Vista\readMe!.txt,,Removed,RansomGuard
  103. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmci\readMe!.txt,,Removed,RansomGuard
  104. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmci\device\readMe!.txt,,Removed,RansomGuard
  105. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmci\device\Win8\readMe!.txt,,Removed,RansomGuard
  106. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmci\sockets\readMe!.txt,,Removed,RansomGuard
  107. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmci\sockets\include\readMe!.txt,,Removed,RansomGuard
  108. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmci\sockets\Win8\readMe!.txt,,Removed,RansomGuard
  109. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmxnet3\readMe!.txt,,Removed,RansomGuard
  110. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vmxnet3\Win8\readMe!.txt,,Removed,RansomGuard
  111. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\Drivers\vss\readMe!.txt,,Removed,RansomGuard
  112. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Common Files\VMware\InstallerCache\readMe!.txt,,Removed,RansomGuard
  113. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Internet Explorer\readMe!.txt,,Removed,RansomGuard
  114. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Internet Explorer\en-US\readMe!.txt,,Removed,RansomGuard
  115. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Internet Explorer\images\readMe!.txt,,Removed,RansomGuard
  116. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Internet Explorer\SIGNUP\readMe!.txt,,Removed,RansomGuard
  117. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Internet Explorer\zh-CN\readMe!.txt,,Removed,RansomGuard
  118. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\MSBuild\readMe!.txt,,Removed,RansomGuard
  119. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\MSBuild\Microsoft\readMe!.txt,,Removed,RansomGuard
  120. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\readMe!.txt,,Removed,RansomGuard
  121. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\readMe!.txt,,Removed,RansomGuard
  122. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\readMe!.txt,,Removed,RansomGuard
  123. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\readMe!.txt,,Removed,RansomGuard
  124. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\readMe!.txt,,Removed,RansomGuard
  125. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\readMe!.txt,,Removed,RansomGuard
  126. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\readMe!.txt,,Removed,RansomGuard
  127. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\readMe!.txt,,Removed,RansomGuard
  128. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\zh-CHS\readMe!.txt,,Removed,RansomGuard
  129. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\readMe!.txt,,Removed,RansomGuard
  130. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\readMe!.txt,,Removed,RansomGuard
  131. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\zh-CHS\readMe!.txt,,Removed,RansomGuard
  132. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Uninstall Information\readMe!.txt,,Removed,RansomGuard
  133. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\readMe!.txt,,Removed,RansomGuard
  134. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\readMe!.txt,,Removed,RansomGuard
  135. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\readMe!.txt,,Removed,RansomGuard
  136. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\de\readMe!.txt,,Removed,RansomGuard
  137. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\es\readMe!.txt,,Removed,RansomGuard
  138. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\fr\readMe!.txt,,Removed,RansomGuard
  139. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\it\readMe!.txt,,Removed,RansomGuard
  140. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\ja\readMe!.txt,,Removed,RansomGuard
  141. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\ko\readMe!.txt,,Removed,RansomGuard
  142. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\zh_CN\readMe!.txt,,Removed,RansomGuard
  143. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\messages\zh_TW\readMe!.txt,,Removed,RansomGuard
  144. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\plugins\readMe!.txt,,Removed,RansomGuard
  145. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\plugins\common\readMe!.txt,,Removed,RansomGuard
  146. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\plugins\vmsvc\readMe!.txt,,Removed,RansomGuard
  147. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\plugins\vmusr\readMe!.txt,,Removed,RansomGuard
  148. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\VMware VGAuth\readMe!.txt,,Removed,RansomGuard
  149. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\VMware VGAuth\schemas\readMe!.txt,,Removed,RansomGuard
  150. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\win32\readMe!.txt,,Removed,RansomGuard
  151. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\VMware\VMware Tools\win64\readMe!.txt,,Removed,RansomGuard
  152. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Defender\Offline\readMe!.txt,,Removed,RansomGuard
  153. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Defender\zh-CN\readMe!.txt,,Removed,RansomGuard
  154. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Defender Advanced Threat Protection\readMe!.txt,,Removed,RansomGuard
  155. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Defender Advanced Threat Protection\Classification\readMe!.txt,,Removed,RansomGuard
  156. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Defender Advanced Threat Protection\zh-CN\readMe!.txt,,Removed,RansomGuard
  157. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Mail\readMe!.txt,,Removed,RansomGuard
  158. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Media Player\readMe!.txt,,Removed,RansomGuard
  159. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Media Player\Media Renderer\readMe!.txt,,Removed,RansomGuard
  160. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Media Player\Network Sharing\readMe!.txt,,Removed,RansomGuard
  161. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Media Player\Skins\readMe!.txt,,Removed,RansomGuard
  162. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Media Player\Visualizations\readMe!.txt,,Removed,RansomGuard
  163. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Media Player\zh-CN\readMe!.txt,,Removed,RansomGuard
  164. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Multimedia Platform\readMe!.txt,,Removed,RansomGuard
  165. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\readMe!.txt,,Removed,RansomGuard
  166. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\Accessories\readMe!.txt,,Removed,RansomGuard
  167. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\Accessories\en-US\readMe!.txt,,Removed,RansomGuard
  168. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\Accessories\zh-CN\readMe!.txt,,Removed,RansomGuard
  169. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\TableTextService\readMe!.txt,,Removed,RansomGuard
  170. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\TableTextService\en-US\readMe!.txt,,Removed,RansomGuard
  171. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows NT\TableTextService\zh-CN\readMe!.txt,,Removed,RansomGuard
  172. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Photo Viewer\readMe!.txt,,Removed,RansomGuard
  173. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Photo Viewer\zh-CN\readMe!.txt,,Removed,RansomGuard
  174. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Portable Devices\readMe!.txt,,Removed,RansomGuard
  175. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Security\readMe!.txt,,Removed,RansomGuard
  176. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Security\BrowserCore\readMe!.txt,,Removed,RansomGuard
  177. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Security\BrowserCore\en-US\readMe!.txt,,Removed,RansomGuard
  178. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Sidebar\readMe!.txt,,Removed,RansomGuard
  179. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Sidebar\Gadgets\readMe!.txt,,Removed,RansomGuard
  180. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\Windows Sidebar\Shared Gadgets\readMe!.txt,,Removed,RansomGuard
  181. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\readMe!.txt,,Removed,RansomGuard
  182. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Configuration\readMe!.txt,,Removed,RansomGuard
  183. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Configuration\Registration\readMe!.txt,,Removed,RansomGuard
  184. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Configuration\Schema\readMe!.txt,,Removed,RansomGuard
  185. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Modules\readMe!.txt,,Removed,RansomGuard
  186. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\readMe!.txt,,Removed,RansomGuard
  187. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\readMe!.txt,,Removed,RansomGuard
  188. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\Diagnostics\readMe!.txt,,Removed,RansomGuard
  189. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\Diagnostics\Comprehensive\readMe!.txt,,Removed,RansomGuard
  190. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files\WindowsPowerShell\Modules\Microsoft.PowerShell.Operation.Validation\1.0.1\Diagnostics\Simple\readMe!.txt,,Removed,RansomGuard
  191. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\3d_largeHot_3.bmp,,Restored,RansomGuard
  192. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\3d_largeHot_3_hdpi15.bmp,,Restored,RansomGuard
  193. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\3d_large_3.bmp,,Restored,RansomGuard
  194. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\3d_large_3_hdpi15.bmp,,Restored,RansomGuard
  195. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\3d_smallHot_3.bmp,,Restored,RansomGuard
  196. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\3d_small_3.bmp,,Restored,RansomGuard
  197. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\black-Over.bmp,,Restored,RansomGuard
  198. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\black.bmp,,Restored,RansomGuard
  199. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\Blue_Arrow_Disable.bmp,,Restored,RansomGuard
  200. 04/22/2020 10:47:23 下午,File Created by Ransomware,File,C:\Program Files (x86)\Internet Download Manager\Toolbar\Blue_Arrow_Hot.bmp,,Restored,RansomGuard
  201. 04/22/2020 10:47:23 下午,Ransomware Behavior Detected,File,C:\Users\virus\Downloads\#Ransomware (2020-04-22)\пункты назначения и грузы.xlsx.exe,f6a6a95be78d0c7ee9f68cc71a265d27,Blocked,RansomGuard

复制代码
回复

举报

病毒探索者
发表于 2020-4-22 23:21:46 | 显示全部楼层
瑞星之剑

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

abc277399
头像被屏蔽
发表于 2020-4-23 18:59:40 | 显示全部楼层
火绒
毒库时间:2020-04-23 17:29
开始时间:2020-04-23 18:58
总计用时:00:00:01
扫描对象:1
扫描文件:1
发现风险:1
已处理风险:1
病毒详情:
风险路径:C:\Users\aaa\Desktop\#Ransomware (2020-04-22)\пункты назначения и грузы.xlsx.exe, 病毒名:Trojan/Generic!B2FFE2C890C8773C, 病毒ID:b2ffe2c890c8773c, 处理结果:已处理,删除文件
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-1 09:41 , Processed in 0.117201 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表