id.exe

显示全部楼层 · 发表于 2009-2-6 22:54:07

病毒下载地址：

http://sharonlam.com/registros/registro.exe（失效）

http://www.relatoriomensal.mail333.su/id.exe

Files to delete:
%systemdrive%\Arquivos de programas\GbPlugin\scpsssh2.dll
%systemdrive%\Arquivos de programas\GbPlugin\gbiehuni.dll
%systemdrive%\Arquivos de programas\GbPlugin\gbpdist.dll
%systemdrive%\Arquivos de programas\GbPlugin\isg.gpc
%systemdrive%\Arquivos de programas\GbPlugin\uni.gpc
%systemdrive%\Arquivos de programas\GbPlugin\gbiehisg.dll
%systemdrive%\Arquivos de programas\GbPlugin\GBIEHCEF.DLL
%systemdrive%\Arquivos de programas\GbPlugin\scpVista.exe
%systemdrive%\Arquivos de programas\GbPlugin\gbiehabn.dll
%systemdrive%\Arquivos de programas\GbPlugin\GBIEHABN.DLL
%systemdrive%\Arquivos de programas\GbPlugin\LOGOF.DLL
%systemdrive%\Arquivos de programas\GbPlugin\abn.gpc
%systemdrive%\Arquivos de programas\GbPlugin\AtmCap.ocx
%systemdrive%\Arquivos de programas\GbPlugin\gbpsv.exe
%systemdrive%\Arquivos de programas\GbPlugin\GbpSv.exe
%systemdrive%\Arquivos de programas\GbPlugin\GbpSrv.exe
%systemdrive%\Arquivos de programas\GbPlugin\gbpsrv.exe
%systemdrive%\Arquivos de programas\GbPlugin\gbieh.dll
%systemdrive%\Arquivos de programas\GbPlugin\gbieh.dll
%systemdrive%\Arquivos de programas\GbPlugin\gbieh.gmd
%systemdrive%\Arquivos de programas\GbPlugin\bb.gpc
%systemdrive%\Arquivos de Programas\Scpad\scpMIB.dll
%systemdrive%\program files\Scpad\scpsssh2.dll
%systemdrive%\program files\Scpad\sshib.dll
%systemdrive%\program files\Scpad\scpIBCfg.bin
%systemdrive%\program files\Scpad\scpLIB.dll
%systemdrive%\program files\scpsssh2.dll
%systemdrive%\program files\gbiehuni.dll
%systemdrive%\program files\gbpdist.dll
%systemdrive%\program files\isg.gpc
%systemdrive%\program files\uni.gpc
%systemdrive%\program files\gbiehisg.dll
%systemdrive%\program files\GBIEHCEF.DLL
%systemdrive%\program files\gbiehabn.dll
%systemdrive%\program files\GBIEHABN.DLL
%systemdrive%\program files\LOGOF.DLL
%systemdrive%\program files\abn.gpc
%systemdrive%\program files\AtmCap.ocx
%systemdrive%\program files\gbpsv.exe
%systemdrive%\program files\GbpSv.exe
%systemdrive%\program files\GbpSrv.exe
%systemdrive%\program files\gbpsrv.exe
%systemdrive%\program files\gbieh.dll
%systemdrive%\program files\gbieh.gmd
%systemdrive%\program files\bb.gpc
%systemdrive%\program files\GbPlugin\Scpad\scpsssh2.dll
%systemdrive%\program files\GbPlugin\Scpad\sshib.dll
%systemdrive%\program files\GbPlugin\Scpad\scpIBCfg.bin
%systemdrive%\program files\GbPlugin\Scpad\scpLIB.dll
%systemdrive%\program files\GbPlugin\scpsssh2.dll
%systemdrive%\program files\GbPlugin\gbiehuni.dll
%systemdrive%\program files\GbPlugin\gbpdist.dll
%systemdrive%\program files\GbPlugin\isg.gpc
%systemdrive%\program files\GbPlugin\uni.gpc
%systemdrive%\program files\GbPlugin\gbiehisg.dll
%systemdrive%\program files\GbPlugin\GBIEHCEF.DLL
%systemdrive%\program files\GbPlugin\gbiehabn.dll
%systemdrive%\program files\GbPlugin\GBIEHABN.DLL
%systemdrive%\program files\GbPlugin\LOGOF.DLL
%systemdrive%\program files\GbPlugin\abn.gpc
%systemdrive%\program files\GbPlugin\AtmCap.ocx
%systemdrive%\program files\GbPlugin\gbpsv.exe
%systemdrive%\program files\GbPlugin\GbpSv.exe
%systemdrive%\program files\GbPlugin\GbpSrv.exe
%systemdrive%\program files\GbPlugin\gbpsrv.exe
%systemdrive%\program files\GbPlugin\gbieh.dll
%systemdrive%\program files\GbPlugin\gbieh.gmd
%systemdrive%\program files\GbPlugin\bb.gpc
%systemdrive%\WINDOWS\Downloaded Program Files\GbPluginObj Class
%systemdrive%\WINDOWS\Downloaded Program Files\GBPLUGINUNI.INF
%systemdrive%\WINDOWS\Downloaded Program Files\GBPLUGINABN.INF
%systemdrive%\WINDOWS\Downloaded Program Files\GBPLUGINISG.INF
%systemdrive%\WINDOWS\Downloaded Program Files\GBIEHUNI.DLL
%systemdrive%\WINDOWS\Downloaded Program Files\GBIEHABN.DLL
%systemdrive%\WINDOWS\Downloaded Program Files\GBIEHISG.DLL
%systemdrive%\WINDOWS\Downloaded Program Files\UNI.GPC
%systemdrive%\WINDOWS\Downloaded Program Files\ABN.GPC
%systemdrive%\WINDOWS\Downloaded Program Files\ISG.GPC
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Gbp.pro
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\gbpsv.exe.upd.AD5F9EFF
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\GbpDist.dll.upd.AD5F9EFF
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\gbpsv.exe.upd
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\GbpDist.dll.upd
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\gbpsv.exe.upd
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\GbpDist.dll.upd
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\gbpsv.exe
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\GbpDist.dll
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\GbpDist.dll.updc
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Abn\Abn.gdt
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\gbiehisg.dll
%systemdrive%\Arquivos de Programas\GbPlugin\isg.gpc
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Gbp.pro
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Isg\Isg.gdt
%systemdrive%\WINDOWS\Downloaded Program Files\GbPlugin0bj Class
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Isg\gbieh.gmd
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Isg\gbphist
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Isg\GbpMid3.gbp
%systemdrive%\WINDOWS\Downloaded Program Files\GbPluginObj Class
%windir%\scpVista.exe
%windir%\gbpsv.exe
%windir%\gbpsrv.exe
%systemdrive%\Arquivos de programas\GbPlugin\GbpSrv.exe
%systemdrive%\Arquivos de programas\GbPlugin\scpVista.exe

Folders to delete:
%systemdrive%\program files\GbPlugin\
%systemdrive%\Arquivos de programas\GbPlugin\
%systemdrive%\program files\Scpad\
%systemdrive%\Arquivos de programas\Scpad\
%systemdrive%\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\
%systemdrive%\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\GbPlugin\

显示全部楼层 · 发表于 2009-2-6 22:54:57

上报ESET

显示全部楼层 · 发表于 2009-2-6 22:57:32

Requested URL: http://bbs.kafan.cn/attachment.p ... 2a&t=1233932172
Information: Is the TR/Banker.Banker.adrr Trojan
Generated by AntiVir WebGuard 8.0.15.0, AVE 8.2.0.74, VDF 7.1.1.234

显示全部楼层 · 发表于 2009-2-6 22:58:16

mcafee8.5 0

显示全部楼层 · 发表于 2009-2-6 23:12:34

to VB

显示全部楼层 · 发表于 2009-2-6 23:13:56

不用上报了，是误报

显示全部楼层 · 发表于 2009-2-6 23:14:05

2009-2-6 23:14:02 http://bbs.kafan.cn/attachment.p ... 199//id.exe//Petite Firefox 拒绝: Trojan-Banker.Win32.Banker.adrr

显示全部楼层 · 发表于 2009-2-6 23:15:10

原帖由 EQ2 于 2009-2-6 23:13 发表
不用上报了，是误报

喔。[:1:]

显示全部楼层 · 发表于 2009-2-6 23:15:45

Access to the data has been denied!
Warning: A virus or unwanted program has been found in the HTTP Data.

Requested URL: http://bbs.kafan.cn/attachment.p ... 12&t=1233933242
Information: Is the TR/Banker.Banker.adrr Trojan

--------------------------------------------------------------------------------
Generated by AntiVir WebGuard 8.0.15.0, AVE 8.2.0.74, VDF 7.1.1.235

显示全部楼层 · 发表于 2009-2-6 23:18:45

恩貌似是正常的

[病毒样本] id.exe

本帖子中包含更多资源

回复 6楼 EQ2 的帖子

浏览过的版块