|
|
|
| 进程文件: | intenat.exe | |
| 进程名称: | Backdoor.W32.Delf | |
| 英文描述: | intenat.exe is a process registered as a bac信骸息禹进皱程暴库宙息要processlib.net剩bbs.processlib.net耀www.processlib.net风www.processlib.net芽kdoor vulnerability which may be installed for malicious purposes by an attacker allowing access to your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system. | |
| 进程分析: | Troj_Nuclear-J木马程序。该病毒修改注册表创建Ru信骸息禹进皱程暴库宙息要processlib.net剩bbs.processlib.net耀www.processlib.net风www.processlib.net芽n/system项实现intenat.exe自启动,修改注册表创建Run/Autosystem实现directdb.exe自启动,并将病毒模块regsvr1.dll注入进程运行,运行后连接特定服务器接受恶意攻击者指令,并允许恶意攻击者远程控制计算机。病毒文件包括funcwin.dll,bsnviewer.dll,bsecoder.dll,ehuupdate.exe,config32等等。 |
|
| 进程位置: | unknown | |
| 程序用途: | unknown | |
| 作者: | unknown | |
| 属于: | Backdoor.W32.Delf | |
| 安全等级 (0-5): | 2 (N/A无危险 5最危险) | |
| 间碟软件: | 是 | |
| 广告软件: | 否 | |
| 病毒: | 否 | |
| 木马: | 否 | |
| 系统进程: | 否 | |
| 应用程序: | 否 | |
| 后台程序: | 是 | |
| 使用访问: | 是 | |
| 访问互联网: | 是 | |
