一些……

显示全部楼层 · 发表于 2009-7-23 17:41:54

Kaspersky Lab
拒绝访问
无法返回请求的网页

试图访问的网页：

http://bbs.kafan.cn/attachment.php?aid=
587166&k=592f5434743b52b250851699059d90f
2&t=1248341992

被以下病毒感染：Backdoor.Win32.Agent.aixh

创建日期：
2009-7-23 17:41:05
Kaspersky Lab

2009-7-23 17:40:44 检测到威胁: Trojan-Dropper.Win32.Agent.avww Internet Explorer http://bbs.kafan.cn/attachment.p ... 1248341992//b/a/002[1].exe//ASPack
2009-7-23 17:40:44 被拒绝: Trojan-Dropper.Win32.Agent.avww Internet Explorer http://bbs.kafan.cn/attachment.p ... 1248341992//b/a/002[1].exe//ASPack
2009-7-23 17:41:05 检测到威胁: Backdoor.Win32.Agent.aixh Internet Explorer http://bbs.kafan.cn/attachment.p ... 92//b/a/RtmgtxC.dll
2009-7-23 17:41:05 被拒绝: Backdoor.Win32.Agent.aixh Internet Explorer http://bbs.kafan.cn/attachment.p ... 92//b/a/RtmgtxC.dll

显示全部楼层 · 发表于 2009-7-23 17:46:07

a2 kill 27

显示全部楼层 · 发表于 2009-7-23 18:50:30

drweb found 31 threats

显示全部楼层 · 发表于 2009-7-23 19:04:23

descript.ion-CLEAN

dr.web清空

002.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.31967;Deleted.;
002[1].exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.31967;Deleted.;
002____0.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.31967;Deleted.;
003.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.31967;Deleted.;
003[1].exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.31967;Deleted.;
J001.exe\data001;C:\Documents and Settings\all\桌面\b\b\a\J001.exe;BackDoor.Siggen.138;;
J001.exe\data002;C:\Documents and Settings\all\桌面\b\b\a\J001.exe;Trojan.DownLoad.12520;;
J001.exe;C:\Documents and Settings\all\桌面\b\b\a;Container contains infected objects;Invalid path to file ;
J001.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.origin;Renamed.;
J002.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002[1].exe;C:\Documents and Settings\all\桌面\b\b\a;Probably DLOADER.Trojan;Renamed.;
J002___0.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___1.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___2.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___3.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___4.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___5.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___6.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
J002___7.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.23267;Deleted.;
oasnp.exe;C:\Documents and Settings\all\桌面\b\b\a;Probably DLOADER.Trojan;Deleted.;
RemrtmC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RimvtcC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RjmwtrC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RjmwttC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RlmqtvC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RtmgtxC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RumjtgC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
RwmbtwC.dll;C:\Documents and Settings\all\桌面\b\b\a;BackDoor.Siggen.138;Deleted.;
Scanner[1].dll;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.32750;Deleted.;
scanner[2].dll;C:\Documents and Settings\all\桌面\b\b\a;Trojan.MulDrop.32750;Deleted.;
svchost.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.DownLoad.40392;Deleted.;
svchost0.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.DownLoad.40392;Deleted.;
svchost1.exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.DownLoad.40392;Deleted.;
svchost[2].exe;C:\Documents and Settings\all\桌面\b\b\a;Trojan.DownLoad.40392;Deleted.;

[ 本帖最后由黑衣~魂于 2009-7-23 19:05 编辑 ]

显示全部楼层 · 发表于 2009-7-24 12:32:28

您好，

descript.ion

以上文件不包含恶意代码。

J001.exe - Backdoor.Win32.Agent.ajdg

以上文件包含恶意代码，下次更新即可查杀。感谢您的上报。

J002.exe,
J002___0.exe,
J002___1.exe,
J002___2.exe,
J002___3.exe,
J002___4.exe,
J002___5.exe,
J002___6.exe,
J002___7.exe - Backdoor.Win32.Agent.ajcg
Scanner[1].dll,
scanner[2].dll - Exploit.Win32.SqlShell.i

以上文件卡巴斯基已经可以查杀，请您更新病毒库。

显示全部楼层 · 发表于 2009-7-24 13:20:44

伊卡璐斯漏三个
descript.ion,Scanner[1].dll,
scanner[2].dll

[病毒样本] 一些……