[病毒样本] 4

显示全部楼层 · 发表于 2008-8-6 13:59:58

下载地址：

http://2.juyjl.cn/versionie.swf

http://2.juyjl.cn/versionff.swf

http://2.juyjl.cn/Baidu.cab

http://www.36-10.net/bak.css

显示全部楼层 · 发表于 2008-8-6 14:05:16

2008/8/6 14:03:05 Deleted: Trojan-GameThief.Win32.OnLineGames.skmj C:\Users\Niya\Downloads\virus(2).rar/bak.css
2008/8/6 14:03:05 Deleted: Trojan.Win32.KillAV.abn C:\Users\Niya\Downloads\virus(2).rar/Baidu.cab/baidu.exe

显示全部楼层 · 发表于 2008-8-6 14:09:37

Begin scan in 'C:\Users\TOSHIBA\Downloads\virus'
C:\Users\TOSHIBA\Downloads\virus\Baidu.cab
[0] Archive type: CAB (Microsoft)
   --> baidu.exe
      [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49024043.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\virus\bak.css
   [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    A backup was created as '49044043.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2008年8月6日  14:08
Used time: 00:02 Minute(s)

The scan has been done completely.

   1 Scanning directories
   5 Files were scanned
   2 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   2 files were deleted
   0 files were repaired
   2 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   1 Archives were scanned
   0 Warnings
   2 Notes

显示全部楼层 · 发表于 2008-8-6 14:10:39

versionff.swf    SWF:Downloader [Trj]
versionie.swf    SWF:Downloader [Trj]
baidu.exe          Win32:Agent-ZMQ [Trj]
bak.css             Win32:Agent-ZMQ [Trj]

显示全部楼层 · 发表于 2008-8-6 14:13:18

UG5x2 SWF无视
UG6继续失败...
Baidu.cab//baidu.exe：Error.Crypted.Gen （按照 [UPX] 脱壳失败）
bak.css：Error.Crypted.Gen （按照 [UPX] 脱壳失败）
versionie.swf：Heur.SWFExploit.IE.Gen
versionff.swf：Heur.SWFExploit.Firefox.Gen

显示全部楼层 · 发表于 2008-8-6 14:16:24

Begin scan in 'C:\Documents and Settings\Nerazzurri\桌面\virus.rar'
C:\Documents and Settings\Nerazzurri\桌面\virus.rar
[0] Archive type: RAR
   --> Baidu.cab
      [1] Archive type: CAB (Microsoft)
      --> baidu.exe
         [DETECTION] Is the TR/Dropper.Gen Trojan
   --> bak.css
      [DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-8-6 14:19:58

微点拦截

显示全部楼层 · 发表于 2008-8-6 15:04:25

信息 2008-08-06  15:03:09 您此次查毒清除了1个病毒
信息 2008-08-06  15:03:09 您此次查毒共查出2个病毒以及危险代码
信息 2008-08-06  15:03:09 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件11个
信息 2008-08-06  15:03:09 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-8-6 15:15:39

费尔3个

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.Win32.Undef.jko
病毒： Trojan.Win32.Undef.kbw

用户来源：互联网

软件版本：20.56.20

显示全部楼层 · 发表于 2008-8-6 19:32:48

McAfee bak.css Downloader-BIS