又来一个CBA722

显示全部楼层 · 发表于 2007-9-7 21:35:34

竟然是死的

显示全部楼层 · 发表于 2007-9-7 21:36:43

我这里没死

显示全部楼层 · 发表于 2007-9-7 21:37:33

a-squared	3.0.0.123	2007.09.06	2007-09-06	-	4.085
Arcavir	1.0.4	200709061952	2007-09-06	Trojan.Packed.Morphine.A	1.235
AVAST	1.0.8	000773-1	2007-09-06	-	3.043
AVG	7.5.48.442	269.13.7/992	2007-09-06	Generic6.MBG	1.510
BitDefender	7.60825.867474	7.14656	2007-09-07	Packer.Morphine.B	3.440
CA (VET)	8.4.0.24	31.1.5117	2007-09-07	-	1.000
ClamAV	0.91.1	4178	2007-09-07	Trojan.Packed-86	0.157
Comodo	2.11	2.0.0.277	2007-09-07	-	1.079
ewido	4.0.0.2	2007.09.06	2007-09-06	-	2.074
F-SECURE	5.51.6100	2007.09.07.06	2007-09-07	Packed.Win32.Morphine.a	3.141
IKARUS	T3.1.1.12	2007.09.07.69462	2007-09-07	MalwareScope.Trojan-Spy.BZub.1	1.361
MKS_VIR	2.01	2007.09.07	2007-09-07	-	1.962
NOD32	2.70.8	2512	2007-09-07	a variant of Win32/BHO.BO trojan	1.027
nProtect	2007-09-07.00	909334	2007-09-07	Packer.Morphine.B	13.808
QuickHeal	9.00	2007.09.06	2007-09-06	-	2.475
SOPHOS	2.49.1	4.21	2007-09-07	Mal/EncPk-M	4.271
The Hacker	6.1.9	v00180	2007-09-06	Trojan/Morphine.a	1.520
VBA32	3.12.2.4	20070907.0759	2007-09-07	Trojan.DownLoader.29569	0.692
VirusBuster	4.3.19:9	9.103.1/11.0	2007-09-07	Packed/Morphine	1.443
冰岛杀毒	3.16.16	2007.09.07	2007-09-07	-	0.455
卡巴斯基	5.5.10	2007.09.07	2007-09-07	-	0.350
大蜘蛛	4.33	2007.09.07	2007-09-07	Trojan.Click.3614	5.946
小红伞	7.6.0.5	6.39.1.103	2007-09-07	TR/Crypt.Morphine.Gen	2.344
江民杀毒	10.00.650	2007.09.06	2007-09-06	-	0.757
熊猫卫士	9.04.03.0001	2007.09.06	2007-09-06	Generic Trojan	3.290
瑞星	19.0	19.39.42.00	2007-09-07	-	2.084
诺曼	5.91.07	5.90	2007-09-07	W32/BHO.QG	2.824
赛门铁克	1.3.0.24	20070906.050	2007-09-06	Infostealer.Bzup	0.207
趋势	8.500-1001	4.701.00	2007-09-06	-	0.207
迈克菲	5.2.00	5114	2007-09-06	-	0.937
金山毒霸	2007.6.20.249	2007.9.7	2007-09-07	-	0.912

显示全部楼层 · 发表于 2007-9-7 21:39:08

贴EQ日志出来看看

显示全部楼层 · 发表于 2007-9-7 21:41:58

2007-09-07 21:40:22 应用程序保护(运行应用程序) 操作:阻止
进程路径:C:\ABC\installer\installer\installer.exe
文件路径:C:\windows\system32\regsvr32.exe
命令行:/u /s C:\windows\system32\ipv6mons.dl
l2007-09-07 21:40:17 创建文件操作:阻止
进程路径:C:\ABC\installer\installer\installer.exe
文件路径:C:\windows\system32\AClient.dll

显示全部楼层 · 发表于 2007-9-7 21:46:05

Scan performed at: 2007-9-7 21:45:56
Scanning Log
NOD32 version 2513 (20070907) NT
Command line: C:\Documents and Settings\Don johnson\桌面\installer.zip
Operating memory - is OK

Date: 7.9.2007 Time: 21:46:00
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\installer.zip
C:\Documents and Settings\Don johnson\桌面\installer.zip ?ZIP ?installer/installer.exe - a variant of Win32/BHO.BO trojan
Number of scanned files: 2
Number of threats found: 1
Number of files cleaned: 1
Time of completion: 21:46:01 Total scanning time: 1 sec (00:00:01)

显示全部楼层 · 发表于 2007-9-7 21:46:27

在我这里跑不动，也找不到那个aclient.dll

显示全部楼层 · 发表于 2007-9-7 21:49:32

估计系统差异
反正Petite我也脱不干净

显示全部楼层 · 发表于 2007-9-7 22:13:26

HEUR/Exploit.HTML
TR/Crypt.Morphine.Gen

显示全部楼层 · 发表于 2007-9-7 22:43:24

第一个kav 6.0已检测
------
状态对象
---- ----
已删除: 木马程序 Trojan-Downloader.VBS.Agent.p 文件: C:\Documents and Settings\Administrator\桌面\counter21.rar/counter21.php

[病毒样本] 又来一个CBA722

回复 9楼 solcroft 的帖子

回复 11楼 solcroft 的帖子

本帖子中包含更多资源

回复 12楼 promised 的帖子

回复 15楼 promised 的帖子

回复 17楼 solcroft 的帖子