收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 老毒 勒索word.exe
12
返回列表 发新帖
楼主: sanhu35
 收起左侧

[病毒样本] 老毒 勒索word.exe

[复制链接]
病毒探索者
发表于 2020-4-22 22:23:38 | 显示全部楼层
Acronis轻松拿下

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

病毒探索者
发表于 2020-4-22 22:45:16 | 显示全部楼层
App Check
  1. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  2. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  3. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  4. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  5. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\PerfLogs\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  6. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\PerfLogs\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  7. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Program Files\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  8. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Program Files\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  9. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Program Files (x86)\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  10. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Program Files (x86)\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  11. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Recovery\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  12. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Recovery\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  13. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Recovery\WindowsRE\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  14. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Recovery\WindowsRE\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  15. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  16. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  17. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  18. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  19. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  20. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  21. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  22. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows\History\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  23. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows\History\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  24. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  25. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  26. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\InputPersonalization\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  27. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\InputPersonalization\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  28. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\InputPersonalization\TrainedDataStore\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  29. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\InputPersonalization\TrainedDataStore\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  30. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows Sidebar\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  31. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows Sidebar\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  32. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows Sidebar\Gadgets\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  33. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows Sidebar\Gadgets\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  34. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Temp\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  35. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Temp\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  36. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  37. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  38. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  39. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  40. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  41. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  42. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  43. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  44. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  45. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  46. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  47. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  48. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  49. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Desktop\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  50. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Desktop\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  51. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Documents\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  52. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Documents\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  53. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Music\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  54. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Music\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  55. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Pictures\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  56. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Pictures\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  57. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Videos\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  58. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Videos\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  59. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Downloads\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  60. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Downloads\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  61. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Favorites\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  62. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Favorites\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  63. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Links\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  64. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Links\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  65. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Music\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  66. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Documents\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  67. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  68. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  69. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Pictures\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  70. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  71. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  72. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  73. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  74. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Saved Games\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  75. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Saved Games\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  76. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  77. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  78. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  79. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  80. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\Videos\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  81. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  82. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  83. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Default\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  84. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  85. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  86. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\AccountPictures\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  87. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\AccountPictures\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  88. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Desktop\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  89. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Desktop\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  90. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Documents\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  91. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Documents\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  92. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Music\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  93. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Music\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  94. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Pictures\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  95. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Pictures\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  96. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Videos\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  97. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Videos\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  98. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Downloads\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  99. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Downloads\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  100. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Libraries\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  101. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Libraries\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  102. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Music\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  103. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Pictures\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  104. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\Public\Videos\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  105. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  106. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  107. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\3D Objects\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  108. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\3D Objects\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  109. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  110. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  111. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  112. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  113. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\Adobe\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  114. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\Adobe\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  115. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\Adobe{过}{滤}Flash Player\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  116. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\Adobe{过}{滤}Flash Player\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  117. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\Adobe{过}{滤}Flash Player\NativeCache\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  118. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\Adobe{过}{滤}Flash Player\NativeCache\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  119. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\DMCache\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  120. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\DMCache\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  121. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  122. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  123. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\DwnlData\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  124. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\DwnlData\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  125. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\DwnlData\virus\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  126. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\DwnlData\virus\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  127. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\foldresHistory.txt,,Restored,RansomGuard
  128. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\foldresHistory.txt,,Restored,RansomGuard
  129. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\foldresHistory.txt.qkdytyopoz,,Removed,RansomGuard
  130. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\Grabber\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  131. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\Grabber\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  132. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\Grabber\Projects\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  133. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\Grabber\Projects\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  134. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  135. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  136. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\chrome\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  137. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\chrome\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  138. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\components\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  139. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\components\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  140. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\components12\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  141. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\components12\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  142. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\components2\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  143. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\components2\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  144. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\icon.png,,Restored,RansomGuard
  145. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\icon.png,,Restored,RansomGuard
  146. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\icon.png.qkdytyopoz,,Removed,RansomGuard
  147. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\META-INF\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  148. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\idmmzcc5\META-INF\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  149. 04/22/2020 10:44:32 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\Scheduler\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  150. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\Scheduler\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  151. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\UrlHistory.txt,,Restored,RansomGuard
  152. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\UrlHistory.txt,,Restored,RansomGuard
  153. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM\UrlHistory.txt.qkdytyopoz,,Removed,RansomGuard
  154. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM Backup Manager\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  155. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\IDM Backup Manager\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  156. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  157. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  158. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\hiddenfonts\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  159. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\hiddenfonts\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  160. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\kaccountsdk\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  161. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\kaccountsdk\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  162. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\kdynsdk\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  163. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\kdynsdk\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  164. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\nse\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  165. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\nse\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  166. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\nse\WPS网盘使用帮助.doc,,Restored,RansomGuard
  167. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\nse\WPS网盘使用帮助.doc,,Restored,RansomGuard
  168. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\nse\WPS网盘使用帮助.doc.qkdytyopoz,,Removed,RansomGuard
  169. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  170. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  171. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\backup\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  172. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\backup\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  173. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\cache\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  174. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\cache\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  175. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  176. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  177. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appcommonconfig\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  178. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appcommonconfig\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  179. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appicon\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  180. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appicon\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  181. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appidlistconfig\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  182. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appidlistconfig\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  183. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appinfoconfig\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  184. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\appinfoconfig\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  185. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\applistconfig\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  186. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\applistconfig\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  187. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\componentconfig\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  188. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\componentconfig\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  189. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\recappconfig\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  190. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\configs\recappconfig\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  191. 04/22/2020 10:44:31 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\customui\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  192. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\customui\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  193. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\homepage\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  194. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\homepage\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  195. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\kugs\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  196. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\kugs\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  197. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\kugs\qtcache\QKDYTYOPOZ-MANUAL.txt,,Removed,RansomGuard
  198. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\kugs\qtcache\dec8adfedec8aa1d41e.lock,,Removed,RansomGuard
  199. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\office6\wpsassist\onlinetemplates\online\componentlayout\text_uint_calculation.pptx,,Restored,RansomGuard
  200. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\wps\addons\pool\win-i386\cloudpushsdk_1.0.0.8\download.7z,,Restored,RansomGuard
  201. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\wps\addons\pool\win-i386\kaiwpp_1.0.0.97\download.7z,,Restored,RansomGuard
  202. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\wps\addons\pool\win-i386\kaiwpp_1.0.0.97\mui\zh_CN\res\smartchart\defaulteffectshape.pptx,,Restored,RansomGuard
  203. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\wps\addons\pool\win-i386\kaiwpp_1.0.0.97\mui\zh_CN\res\smartchart\mark.pptx,,Restored,RansomGuard
  204. 04/22/2020 10:44:30 下午,File Created by Ransomware,File,C:\Users\virus\AppData\Roaming\kingsoft\wps\addons\pool\win-i386\kaiwpp_1.0.0.97\mui\zh_CN\res\smartchart\markthumbimg\1_3.png,,Restored,RansomGuard
  205. 04/22/2020 10:44:30 下午,Ransomware Behavior Detected,File,C:\Users\virus\Downloads\word.exe,25dc3086de8bdd780b89b0a7cd9d51bb,Blocked,RansomGuard
复制代码
回复

举报

病毒探索者
发表于 2020-4-22 23:15:57 | 显示全部楼层
瑞星之剑

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-11 10:20 , Processed in 0.092562 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表