U盘带回来的，不知道什么东西

Love=卡巴+费尔

VISN

Thank you for your submission. Below you can see the current status of the uploaded files.


--------------------------------------------------------------------------------

A listing of files alongside their results can be found below:

File ID  Filename Size (Byte) Result
25495581  jiaqiang.exe  36 KB  MALWARE


Please find a detailed report concerning each individual sample below:

Filename Result
jiaqiang.exe  MALWARE

The file 'jiaqiang.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Agent.36864.221. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.


--------------------------------------------------------------------------------
Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.

jayavira

eav启发全kill

失落的手链

瑞星2010

lip123

为什么我的小红伞不报呢？免费版的

左手

2009-11-13 09:54:00    修改注册表内容      操作:阻止
进程路径:C:\Documents and Settings\Administrator\桌面\viurs\jiaqiang.exe
注册表路径:HKEY_CLASSES_ROOT\exefile\shell\open\command
注册表名称:[Default]
触发规则:所有程序规则->018_系统文件关联x->*\exefile\shell\open\command


2009-11-13 09:54:06    创建注册表值      操作:阻止
进程路径:C:\Documents and Settings\Administrator\桌面\viurs\jiaqiang\jiaqiang.exe
注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
注册表名称:skd
触发规则:所有程序规则->015_注意x->*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*


2009-11-13 09:54:08    创建注册表值      操作:阻止
进程路径:C:\Documents and Settings\Administrator\桌面\viurs\jiaqiang\jiaqiang.exe
注册表路径:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
注册表名称:sk
触发规则:所有程序规则->015_注意x->*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run*


2009-11-13 09:54:10    修改注册表内容      操作:阻止
进程路径:C:\Documents and Settings\Administrator\桌面\viurs\jiaqiang\jiaqiang.exe
注册表路径:HKEY_CLASSES_ROOT\exefile\shell\open\command
注册表名称:[Default]
触发规则:所有程序规则->018_系统文件关联x->*\exefile\shell\open\command

依然寰随云

观望中

wzmrpg

我的红伞没有反映

Dirk

原帖由 lip123 于 2009-11-13 09:38 发表
为什么我的小红伞不报呢？免费版的

还没加入
下次升级吧

ronnie1987

NIS2010没有任何反应，嘿嘿~~~~~~~~~~