qvod&other[update_629-638][567L]

显示全部楼层 · 发表于 2010-6-16 19:21:38

拿去给我的ＫＩＳ扫扫看～～

显示全部楼层 · 发表于 2010-6-17 07:51:42

247-248
ess kill2个

http://bbs.kafan.cn/forum.php?mo ... zY3MzIyNDV8NDAxODAz 多个威胁连接中断 - 已隔离通过应用程序访问 web 时检测到威胁: E:\谷歌浏览器\chrome.exe.
http://bbs.kafan.cn/forum.php?mo ... zY3MzIyNDV8NDAxODAz > RAR > 197728C0DD6FB5DAC17DC749B6C52996 Win32/TrojanDownloader.Adload.NGP 特洛伊木马的变种
http://bbs.kafan.cn/forum.php?mo ... zY3MzIyNDV8NDAxODAz > RAR > 2E0074B6849C758CC2527C27F8288E3C Win32/TrojanDownloader.Agent.PZU 特洛伊木马
http://bbs.kafan.cn/forum.php?mo ... zY3MzIyNDV8NDAxODAz > RAR > 2E0074B6849C758CC2527C27F8288E3C > NSIS > [国产无码]上海白领秘书办公室被老板骚扰.exe Win32/TrojanDownloader.Agent.PZU 特洛伊木马

显示全部楼层 · 发表于 2010-6-17 11:05:39

本帖最后由 lyqzg 于 2010.6.17 11:08 编辑

楼主给出的本论坛下载附件红伞全部拦截

显示全部楼层 · 发表于 2010-6-18 11:37:37

更新

显示全部楼层 · 发表于 2010-6-18 11:55:27

249-252
2x to xandora(panda)

显示全部楼层 · 发表于 2010-6-18 11:59:19

Trojan.MulDrop.origin
Trojan.NtRootKit.2909
Trojan.MulDrop.origin
Trojan.NtRootKit.2909

显示全部楼层 · 发表于 2010-6-18 14:20:07

249-252
ess kill4个

http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz 多个威胁连接中断 - 已隔离通过应用程序访问 web 时检测到威胁: E:\谷歌浏览器\chrome.exe.
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > 5044F9665AB6687C38F4DD2EBD0109A4 Win32/AutoRun.Delf.EP 蠕虫的变种
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > 5044F9665AB6687C38F4DD2EBD0109A4 > RAR > Server.exe Win32/AutoRun.Delf.EP 蠕虫的变种
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > 335A5A6E416B0BDF1FD6A2244E1AA703 Win32/AutoRun.Delf.EP 蠕虫的变种
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > 335A5A6E416B0BDF1FD6A2244E1AA703 > RAR > Server.exe Win32/AutoRun.Delf.EP 蠕虫的变种
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > A01641F1FC866EBD6325862A23A172DD Win32/TrojanDownloader.Adload.NGP 特洛伊木马的变种
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > 7B71DF686F228F1668B8BC2479B093D0 Win32/TrojanDownloader.Agent.PZU 特洛伊木马
http://bbs.kafan.cn/forum.php?mo ... zY4NDE5NDd8NDAxODAz > RAR > 7B71DF686F228F1668B8BC2479B093D0 > NSIS > [国产无码]上海白领秘书办公室被老板骚扰.exe Win32/TrojanDownloader.Agent.PZU 特洛伊木马

显示全部楼层 · 发表于 2010-6-18 16:49:46

249-252.rar (466.19 KB)
avast 拦截

显示全部楼层 · 发表于 2010-6-18 18:15:08

249-252
NIS&MSE all kill

MSE：
Name: TrojanDownloader:Win32/Netins.A
ID: 2147632269
Severity: Severe
Category: Trojan Downloader
Path: containerfile:C:\Users\Administrator\Downloads\249-252\A01641F1FC866EBD6325862A23A172DD;file:C:\Users\Administrator\Downloads\249-252\A01641F1FC866EBD6325862A23A172DD->(UPX)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Status: Unknown

Name: Worm:Win32/Autorun.DM
ID: 2147626007
Severity: Severe
Category: Worm
Path: containerfile:C:\Users\Administrator\Downloads\249-252\335A5A6E416B0BDF1FD6A2244E1AA703;containerfile:C:\Users\Administrator\Downloads\249-252\5044F9665AB6687C38F4DD2EBD0109A4;file:C:\Users\Administrator\Downloads\249-252\335A5A6E416B0BDF1FD6A2244E1AA703->(RarSfx)->Server.exe;file:C:\Users\Administrator\Downloads\249-252\5044F9665AB6687C38F4DD2EBD0109A4->(RarSfx)->Server.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Status: Unknown

NIS：
2010/6/18 18:05,低,7b71df686f228f1668b8bc2479b093d0 (Adware.Gen) 检测方 Auto-Protect,已阻止,已解决 - 不采取操作

显示全部楼层 · 发表于 2010-6-19 12:02:06

更新

[病毒样本] qvod&other[update_629-638][567L]