用KC时遇到的下载者

显示全部楼层 · 发表于 2008-7-17 23:50:34

打开一个聊天窗口时突然弹出脚本错误，接着红伞报警
现在连下载物+本体一起放出...

显示全部楼层 · 发表于 2008-7-17 23:54:10

本体和生成物都杀了

[ 本帖最后由 ssy275 于 2008-7-17 23:55 编辑 ]

显示全部楼层 · 发表于 2008-7-18 00:05:49

Avira kill all

显示全部楼层 · 发表于 2008-7-18 00:13:42

Scan Log
Version of virus signature database: 3276 (20080717)
Date: 2008-7-18 Time: 0:13:24
Scanned disks, folders and files: G:\v\sin17.rar
G:\v\sin17.rar » RAR » sin17.exe - Win32/TrojanDownloader.Agent.OAD trojan
G:\v\sin17.rar:Zone.Identifier - is OK
Number of scanned objects: 2
Number of threats found: 1
Number of cleaned objects: 0
Time of completion: 0:13:25 Total scanning time: 1 sec (00:00:01)

显示全部楼层 · 发表于 2008-7-18 00:13:50

Scan Log
Version of virus signature database: 3276 (20080717)
Date: 2008-7-18 Time: 0:13:30
Scanned disks, folders and files: G:\v\download.rar
G:\v\download.rar » RAR » vie1.exe - a variant of Win32/PSW.Legendmir.NFX trojan
G:\v\download.rar » RAR » vie2.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie3.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie4.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie5.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie6.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie7.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie8.exe - Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie9.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie10.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie11.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie12.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie13.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie14.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie15.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie16.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie17.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie18.exe - Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie19.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie20.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar » RAR » vie21.exe - probably a variant of Win32/PSW.OnLineGames.NML trojan
G:\v\download.rar:Zone.Identifier - is OK
Number of scanned objects: 22
Number of threats found: 21
Number of cleaned objects: 0
Time of completion: 0:13:35 Total scanning time: 5 sec (00:00:05)

显示全部楼层 · 发表于 2008-7-18 00:27:08

显示全部楼层 · 发表于 2008-7-18 00:38:15

直接被avira for linux的监控干掉，并把病毒文件改名备份到指定文件夹。如图：

[ 本帖最后由 cosly222 于 2008-7-18 00:43 编辑 ]

显示全部楼层 · 发表于 2008-7-18 07:11:02

卡巴全砍

显示全部楼层 · 发表于 2008-7-18 09:03:44

Access to the data has been denied!
Warning: A virus or unwanted program has been found in the HTTP Data.

Requested URL: http://bbs.kafan.cn/attachment.p ... 5a&t=1216343014
Information: Is the TR/Dldr.Small.xtg.5 Trojan

Generated by AntiVir WebGuard 8.0.15.0, AVE 8.1.1.9, VDF 7.0.5.134

显示全部楼层 · 发表于 2008-7-18 09:04:04

Access to the data has been denied!
Warning: A virus or unwanted program has been found in the HTTP Data.

Requested URL: http://bbs.kafan.cn/attachment.p ... f0&t=1216343025
Information: Is the TR/Dropper.Gen Trojan

Generated by AntiVir WebGuard 8.0.15.0, AVE 8.1.1.9, VDF 7.0.5.134

[病毒样本] 用KC时遇到的下载者

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

回复 1楼 aarwwefdds 的帖子