PCの修理が必要ですか?
専門家に頼む
Virus:VBS/Dldr.Nichgoo.A
Type:JavaScript
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:No
VDF version:7.11.108.254 - Tuesday, October 22, 2013
IVDF version:7.11.108.254 - Tuesday, October 22, 2013

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Mcafee: VBS/Autorun.worm.k
   •  TrendMicro: VBS_AGENTT.RGE
   •  Bitdefender: Trojan.VBE.Agent.D
   •  Avast: VBS:Agent-ASE [Trj]
   •  Microsoft: Worm:VBS/Serverons.A
   •  AVG: BackDoor.Generic_c.MUO
   •  DrWeb: VBS.DownLoader.78


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

 Files The following file is created:

– %userprofile%\Start Menu\Programs\Startup\help.vbe Furthermore it gets executed after it was fully created.

 Registry One of the following values is added in order to run the process after reboot:

–  [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "help.vbe"="\"%temp%\help.vbe\""



The following registry key is changed:

– [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\
   Shell Folders]
   New value:
   • "Startup"="%userprofile%\Start Menu\Programs\Startup"

 File details Programming language:
The malware program was written in Visual Basic.


Encryption:
Encrypted - The virus code inside the file is encrypted.

説明の挿入者 Soe-liang Tan の 2013年10月24日木曜日
説明の更新者 Soe-liang Tan の 2013年10月24日木曜日

戻る . . . .
https:// このウィンドウは暗号化されています。