VT，2个报~

schumi小粉

邮件上报eset

Result:
2/ 43 (4.7%)




点击下载

wankui163

卡巴无反映

minchaovip

我是 毛豆+小A+红伞+360卫视的 看报不报  3M的包我的宽带要下半个小时~~~~~~~~~ 铁通网络可以让你戒掉网瘾~~~~

hddu

2010-12-01 21:14:12    创建文件      操作:允许
进程路径:F:\virus\sjshu_txt003\sjshu_txt003.exe
文件路径:C:\Documents and Settings\All Users\桌面\网络电话.exe
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\桌面\*.exe

2010-12-01 21:14:12    修改文件      操作:阻止
进程路径:F:\virus\sjshu_txt003\sjshu_txt003.exe
文件路径:C:\Documents and Settings\All Users\桌面\网络电话.exe
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\桌面\*.exe

2010-12-01 21:14:15    创建文件      操作:允许
进程路径:F:\virus\sjshu_txt003\sjshu_txt003.exe
文件路径:C:\Program Files\ymLevel2_Taste
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*

2010-12-01 21:14:19    创建文件      操作:允许
进程路径:F:\virus\sjshu_txt003\sjshu_txt003.exe
文件路径:C:\Program Files\ymLevel2_Taste\wl0617171.exe
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:21    创建文件      操作:允许
进程路径:F:\virus\sjshu_txt003\sjshu_txt003.exe
文件路径:C:\Program Files\ymLevel2_Taste\Green.exe
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:23    创建文件      操作:允许
进程路径:F:\virus\sjshu_txt003\sjshu_txt003.exe
文件路径:C:\Program Files\ymLevel2_Taste\setup_29803.exe
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:27    创建文件      操作:允许
进程路径:C:\Program Files\ymLevel2_Taste\Green.exe
文件路径:C:\Program Files\Green
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*

2010-12-01 21:14:29    创建文件      操作:允许
进程路径:C:\Program Files\ymLevel2_Taste\setup_29803.exe
文件路径:C:\Program Files\快捷栏
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*

2010-12-01 21:14:31    创建文件      操作:允许
进程路径:C:\Program Files\ymLevel2_Taste\Green.exe
文件路径:C:\Program Files\Green\Green.exe
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:33    创建文件      操作:允许
进程路径:C:\Program Files\ymLevel2_Taste\setup_29803.exe
文件路径:C:\Program Files\快捷栏\KDocks.exe
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:38    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\WINDOWS\system32\GLBSINST.%$D
触发规则:所有程序规则->WINDOWS全局设置->%windir%\*

2010-12-01 21:14:38    删除文件      操作:使用任务隔离区操作
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\WINDOWS\system32\GLBSINST.%$D
触发规则:所有程序规则->WINDOWS全局设置->%windir%\*

2010-12-01 21:14:39    创建文件      操作:允许
进程路径:C:\Program Files\ymLevel2_Taste\Green.exe
文件路径:C:\Documents and Settings\Administrator\桌面\.绿色上网..lnk
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\桌面\*.lnk

2010-12-01 21:14:40    创建文件      操作:阻止
进程路径:C:\Program Files\ymLevel2_Taste\Green.exe
文件路径:C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\.绿色上网..lnk
触发规则:应用程序规则->%ProgramFiles%文件设置->%ProgramFiles%\*.exe->*\*Internet*Explorer*

2010-12-01 21:14:42    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\UNWISE.EXE
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:44    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\UNWISE.EXE
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:45    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\Coder2.dll
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.dll

2010-12-01 21:14:46    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\DownLoad.dll
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.dll

2010-12-01 21:14:48    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\L2LC.exe
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.exe

2010-12-01 21:14:53    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\PROGRA~1\YMLEVE~1\L2LC.exe
触发规则:所有程序规则->%ProgramFiles%设置->C:\PROGRA~1\*.exe

2010-12-01 21:14:55    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\MFC71.dll
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.dll

2010-12-01 21:14:56    修改文件      操作:阻止
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\WINDOWS\system32\msvcr71.dll
触发规则:所有程序规则->WINDOWS文件设置->%windir%\system32\*.dll

2010-12-01 21:14:57    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\msvcr71.dll
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.dll

2010-12-01 21:14:59    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Program Files\ymLevel2_Taste\UnzipDll.dll
触发规则:所有程序规则->%ProgramFiles%设置->%ProgramFiles%\*.dll

2010-12-01 21:15:06    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\「开始」菜单\程序\益盟软件
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\*菜单\*

2010-12-01 21:15:09    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\「开始」菜单\程序\益盟软件\益盟操盘手
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\*菜单\*

2010-12-01 21:15:12    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\「开始」菜单\程序\益盟软件\益盟操盘手\益盟操盘手.lnk
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\*菜单\程序\*.lnk

2010-12-01 21:15:19    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\桌面\益盟操盘手.lnk
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\桌面\*.lnk

2010-12-01 21:15:22    创建文件      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\「开始」菜单\程序\益盟软件\益盟操盘手\卸载益盟操盘手.lnk
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\*菜单\程序\*.lnk

2010-12-01 21:15:23    创建文件      操作:使用任务隔离区操作
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\All Users\「开始」菜单\程序\启动\益盟操盘手.lnk
触发规则:所有程序规则->Documents and Settings设置（二）->?:\Documents and Settings\*\*菜单\程序\启动\*.lnk

2010-12-01 21:15:24    运行应用程序      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLJE.tmp
命令行:C:\Program Files\ymLevel2_Taste\Coder2.dll
触发规则:所有程序规则->其它程序设置->*\Temp\*

2010-12-01 21:15:25    运行应用程序      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLJE.tmp
命令行:C:\Program Files\ymLevel2_Taste\DownLoad.dll
触发规则:所有程序规则->其它程序设置->*\Temp\*

2010-12-01 21:15:26    运行应用程序      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLJE.tmp
命令行:C:\Program Files\ymLevel2_Taste\MFC71.dll
触发规则:所有程序规则->其它程序设置->*\Temp\*

2010-12-01 21:15:28    运行应用程序      操作:允许
进程路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLBC.tmp
文件路径:C:\Documents and Settings\Administrator\Local Settings\Temp\GLJE.tmp
命令行:C:\Program Files\ymLevel2_Taste\UnzipDll.dll
触发规则:所有程序规则->其它程序设置->*\Temp\*

猪头大队

360网盾未知，红伞无视

minchaovip

毛豆AV没报。。小A  没报      红伞没报 运行360卫视没报 由于我用的沙盘所以360网盾是失效的

hddu

只是安装程序，看不出问题，有可能自己水平低。

pipi1987

to AVG

s8706042

已上報趨勢~

fatezero

KIS

已删除: UDS:DangerousObject.Multi.Generic                E:\download\sjshu_txt003.exe            

96563868_341906931_sjshu_txt003.exe_ - Trojan-Dropper.Win32.Agent.dowv