將惡意程式碼和非惡意程式碼提交給 Microsoft 進行分析Submit malware and non-malware to Microsoft for analysis

重要

改良的 Microsoft 365 安全性中心現在可供公開預覽。The improved Microsoft 365 security center is now available in public preview. 這個新的體驗將適用於端點的 Defender、適用於 Office 365 的 Defender、Microsoft 365 Defender 和更多功能帶到 Microsoft 365 安全性中心裡面。This new experience brings Defender for Endpoint, Defender for Office, 365 Microsoft 365 Defender, and more into the Microsoft 365 security center. 了解新功能Learn what's new. 本主題僅適合適用於 Office 365 的 Microsoft Defender 和 Microsoft 365 Defender。This topic might apply to both Microsoft Defender for Office 365 and Microsoft 365 Defender. 請參閱 [適用於] 區段,並且尋找此文章中可能有所不同的特定圖說文字。Refer to the Applies To section and look for specific call outs in this article where there might be differences.

適用於Applies to

注意

如果您是 Exchange Online 信箱組織中的系統管理員,建議您在安全性 & 規範中心內使用提交入口網站。If you're an admin in an organization with Exchange Online mailboxes, we recommend that you use the Submissions portal in the Security & Compliance Center. 如需詳細資訊,請參閱 使用系統管理員提交將可疑的垃圾郵件、網路釣魚、URLs 和檔案提交給 MicrosoftFor more information, see Use Admin Submission to submit suspected spam, phish, URLs, and files to Microsoft.

在有信箱在 Exchange Online 或獨立 Exchange Online Protection 中的 Microsoft 365 組織中 (EOP) 不含 Exchange Online 信箱的組織,EOP 包含自動啟用的反惡意程式碼保護。In Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, EOP includes anti-malware protection that's automatically enabled. 如需詳細資訊,請參閱 EOP 中的反惡意程式碼保護For more information, see Anti-malware protection in EOP.

您可能已聽說下列各年最佳作法:You've probably heard the following best practices for years:

  • 避免開啟看似可疑的郵件。Avoid opening messages that look suspicious.
  • 請勿從您不知道的某人開啟附件。Never open an attachment from someone you don't know.
  • 避免在需要開啟或按一下的郵件中開啟附件。Avoid opening attachments in messages that urge you to open or click them.

不過,如果您收到的郵件有可疑附件,該怎麼辦?But what can you do if you receive a message with a suspicious attachment? 或者,如果您懷疑您的電腦或裝置受到超過我們篩選的電子郵件附件的感染,該怎麼辦?Or what if you suspect that your computer or device was infected by an email attachment that made it past our filters? 在這些情況下,您應該將惡意程式碼附件提交給 Microsoft。In these cases, you should submit the malware attachment to Microsoft. 相反地,如果電子郵件訊息中的附件被錯誤地辨識為惡意程式碼,您也可以提交該郵件。Conversely, if an attachment in an email message was incorrectly identified as malware, you can submit that, too.

開始之前有哪些須知?What do you need to know before you begin?

  • 附件包含腳本或其他惡意可執行檔的郵件會被視為惡意程式碼,您也可以使用本文中的程式進行報告。Messages with attachments that contain scripts or other malicious executables are considered malware, and you can use the procedures in this article to report them.

  • 具有惡意網站連結的郵件會被視為垃圾郵件。Messages with links to malicious sites are considered spam. 如需報告垃圾郵件和非垃圾郵件的詳細資訊,請參閱 將郵件和檔案報告給 MicrosoftFor more information about reporting spam and non-spam, see Report messages and files to Microsoft.

將惡意程式碼檔提交給 MicrosoftSubmit malware files to Microsoft

移至 Microsoft Security 情報網站, https://www.microsoft.com/wdsi/filesubmission 以提交檔案。Go to the Microsoft Security Intelligence website at https://www.microsoft.com/wdsi/filesubmission to submit the file. 若要接收分析更新,請登入網站,或輸入有效的電子郵件地址。To receive analysis updates, sign into the website, or enter a valid email address. 建議您使用 Microsoft 工作或學校帳戶。We recommend that you use your Microsoft work or school account.

上傳檔案之後,請記下為您的範例提交所建立的 提交識別碼 (例如, 7c6c214b-17d4-4703-860b-7f1e9da03f7f) 。After you've uploaded the file or files, note the Submission ID that's created for your sample submission (for example, 7c6c214b-17d4-4703-860b-7f1e9da03f7f).

Windows Defender 安全性智慧網站中的提交詳細資料

在我們收到範例後,我們會進行調查。After we receive the sample, we'll investigate. 如果我們判斷範例檔案是惡意的,我們會採取糾正動作,以防止惡意程式碼無法被發現。If we determine that the sample file is malicious, we'll take corrective action to prevent the malware from going undetected.

如果您繼續接收染毒的郵件或附件,您應該從電子郵件中複製郵件頭,並與 Microsoft 客戶服務和支援部門聯繫,以取得進一步的協助。If you continue receiving infected messages or attachments, then you should copy the message headers from the email message, and contact Microsoft Customer Service and Support for further assistance. 請務必同時準備您的 提交識別碼Be sure to have your Submission ID ready as well.

將非惡意程式碼檔提交給 MicrosoftSubmit non-malware files to Microsoft

您也可以提交您認為已不正確辨識為網站之惡意程式碼的檔案 (只要對問題選取 [ ], 則表示您認為此檔案包含惡意程式碼?) 。You can also submit a file that you believe was incorrectly identified as malware to the website (just select No for the question, Do you believe this file contains malware?).

在我們收到範例後,我們會進行調查。After we receive the sample, we'll investigate. 如果我們決定清理範例檔案,我們會採取糾正動作,以防止檔案被偵測為惡意程式碼。If we determine that the sample file is clean, we'll take corrective action to prevent the file from being detected as malware.