下載者

显示全部楼层 · 发表于 2012-5-20 02:47:45

本帖最后由 a256886572008 于 2012-5-20 03:11 编辑

hxxp://tsx.ns02.us/o/zr.exe

2012-05-20 02:20:26 C:\Documents and Settings\Roger\桌面\virus\0xA25D5DBD\zr.exe Sandboxed As Partially Limited

2012-05-20 02:20:36 C:\WINDOWS\system32\sc.exe Sandboxed As Partially Limited

2012-05-20 02:20:36 C:\WINDOWS\system32\conime.exe Sandboxed As Partially Limited

2012-05-20 02:21:45 C:\Program Files\SPS.hta Sandboxed As Partially Limited

2012-05-20 02:21:48 C:\WINDOWS\system32\conime.exe Sandboxed As Partially Limited

2012-05-20 02:21:49 C:\WINDOWS\system32\taskkill.exe Sandboxed As Partially Limited

2012-05-20 02:22:26 C:\WINDOWS\system32\net1.exe Sandboxed As Partially Limited

2012-05-20 02:22:50 C:\WINDOWS\system32\cacls.exe Sandboxed As Partially Limited

2012-05-20 02:22:51 C:\Program Files\Common Files\PushWare\cpush.dll Sandboxed As Partially Limited

2012-05-20 02:23:07 C:\Documents and Settings\Roger\桌面\virus\0xA25D5DBD\13.bat Sandboxed As Partially Limited

2012-05-20 02:25:04 C:\WINDOWS\system32\360ubgc.exe Sandboxed As Partially Limited

2012-05-20 02:25:11 C:\Documents and Settings\Roger\桌面\virus\0xA25D5DBD\12.bat Sandboxed As Partially Limited

2012-05-20 02:25:11 C:\WINDOWS\system32\ping.exe Sandboxed As Partially Limited

zr.exe

2012-05-20 02:20:33 C:\Documents and Settings\Roger\桌面\virus\0xA25D5DBD\zr.exe Modify File C:\Program Files\Common Files\rgdltecq\ohoifz.pif

sc.exe

2012-05-20 02:22:34 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\Browser

2012-05-20 02:22:34 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\lanmanserver

2012-05-20 02:22:34 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\lanmanworkstation

2012-05-20 02:22:34 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\LmHosts

2012-05-20 02:22:34 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\RpcLocator

2012-05-20 02:22:34 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\NtLmSsp

2012-05-20 02:22:59 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\JavaServe

2012-05-20 02:22:59 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\LYTC

2012-05-20 02:22:59 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\Messenger

2012-05-20 02:22:59 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\IE_WinserverName

2012-05-20 02:22:59 C:\WINDOWS\system32\sc.exe Modify Key HKLM\SYSTEM\ControlSet???\Services\HidServ

ekv107*.tmp

2012-05-20 02:21:54 C:\Documents and Settings\All Users\Documents\ekv1071.tmp Modify File C:\Program Files\Common Files\sfbsbvy\coiome.exe

2012-05-20 02:22:59 C:\Documents and Settings\All Users\Documents\ekv1077.tmp Modify File C:\Program Files\Common Files\PushWare\cpush.dll

2012-05-20 02:23:10 C:\Documents and Settings\All Users\Documents\ekv107A.tmp Modify Key HKLM\SYSTEM\ControlSet???\Services\auek

2012-05-20 02:23:16 C:\Documents and Settings\All Users\Documents\ekv107B.tmp Modify File C:\WINDOWS\system32\iphlpapi.dll

訪問網路

显示全部楼层 · 发表于 2012-5-20 02:48:55

附件等卡飯修好

显示全部楼层 · 发表于 2012-5-20 03:30:02

a256886572008 发表于 2012-5-20 02:48
附件等卡飯修好

Malware detected

显示全部楼层 · 发表于 2012-5-20 03:54:17

STOP! Bitdefender blocked this web page.
The page you are trying to access contains malware.

Details:
Web Page: http://bbs.kafan.cn/forum.php?mo ... ;aid=MTY1MTQ5MHw...
Detected viruses: Gen:Variant.Graftor.20937

Access from your browser has been blocked.
Take me back to safety

显示全部楼层 · 发表于 2012-5-20 07:01:30

本帖最后由 Dust-;羅錠于 2012-5-20 07:04 编辑

大蜘蛛：
URL is blocked by SpIDer Gate
Threat detected (Trojan.Blockin.8)

显示全部楼层 · 发表于 2012-5-20 07:47:01

蜘蛛杀

显示全部楼层 · 发表于 2012-5-20 07:54:45

费尔V8查杀

显示全部楼层 · 发表于 2012-5-20 07:57:47

AVG殺

显示全部楼层 · 发表于 2012-5-20 08:01:03

小A网页防护拦截(下载一半就报毒了)

显示全部楼层 · 发表于 2012-5-20 08:07:28

360和Windows defender 同时报

[病毒样本] 下載者

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源