小红伞、卡吧7.0全挂！！！！微点也够呛！【181个病毒已上传】

显示全部楼层 · 发表于 2007-6-29 13:17:21

一台电脑能中成这样，弓虽口牙。也算古今第一人啦。[:27:]

显示全部楼层 · 发表于 2007-6-29 14:09:37

ArcaMicroScan - Scanning report [2007.06.29 14:02:38]
Base date : 2007.06.28 15:56:53

[Scanning : C:\Documents and Settings\fg\桌面\badguy]
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20328.exe:a.sys <- Adware.Newweb.W : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20328.exe:winA.dll <- Adware.Agent.Bz : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20328.exe:autolive.sys <- Adware.Newweb.M : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20328.exe:Setup.exe <- Adware.Newweb.Y : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20363.exe:a.sys <- Adware.Agent.Bz : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20363.exe:autolive.sys <- Adware.Newweb.M : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\20363.exe:Setup.exe <- Adware.Newweb.Y : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\3024.exe:3024.exe <- Trojan.Clicker.Bho.N : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\6266D071.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\8A4CD76B.EXE <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\AVPSrv.exe <- Trojan.Psw.Onlinegames.Zb : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\BBB7F1D0.EXE <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\b[1].exe <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\d.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\dc.exe:dodolook133.exe:1189.exe:DoSSSetup.dll <- Adware.Cinmus.J : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1266.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1266.exe:Dc1266.exe:res0.exe <- Trojan.Psw.Onlinegames.Zc : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1273.exe <- Trojan.Psw.Onlinegames.Wz : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1273.exe:Dc1273.exe:res0.exe <- Trojan.Psw.Onlinegames.Zn : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1276.exe <- Trojan.Proxy.Small.Du : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1276.exe:Dc1276.exe:res0.exe <- Trojan.Pakes : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1299.exe <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc13.exe <- Worm.Viking.Lj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc13.exe:DLL10.exe <- Worm.Viking.Lj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1400.exe:dodolook133.exe:1189.exe:DoSSSetup.dll <- Adware.Cinmus.J : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1403.exe:res0.exe <- Trojan.Psw.Onlinegames.Zj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1412.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1688.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1700.exe <- Trojan.Agent.Fs : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1700.exe:Dc1700.exe:MYDLL0.exe <- Trojan.Agent.Fs : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1709.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1740.exe <- Trojan.Psw.Onlinegames.Es : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1740.exe:Dc1740.exe:res0.exe <- Trojan.Psw.Onlinegames.Es : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1742.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1747.exe <- Trojan.Psw.Onlinegames.Yr : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1747.exe:res0.exe <- Trojan.Psw.Onlinegames.Yr : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1874.exe <- Trojan.Psw.Onlinegames.Es : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1874.exe:res0.exe <- Trojan.Psw.Onlinegames.Es : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1980.exe <- Trojan.Psw.Onlinegames.Fq : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc1990.exe <- Adware.Iehlpr.E : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2003.exe <- Trojan.Delf.Awy : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2003.exe:EXE0.exe <- Trojan.Delf.Awy : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2021.exe <- Adware.Cdnhelper.B : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2070.exe:1189.exe:DoSSSetup.dll <- Adware.Cinmus.J : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2080.exe <- Trojan.Downloader.Delf.Bmz : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2124.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2130.exe <- Trojan.Psw.Onlinegames.Zx : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2133.exe <- Trojan.Autorun.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc2134.exe <- Trojan.Autorun.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc329.exe:Dc329.exe <- Trojan.Clicker.Bho.N : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc330.exe <- Trojan.Downloader.Qqhelper.Rb : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc332.exe:Dc332.exe <- Trojan.Clicker.Bho.N : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc334.exe:945.exe:DoSSSetup.dll <- Adware.Cinmus.G : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc334.exe:945.exe:acpidisk.sys <- Adware.Cinmus.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc337.exe <- Trojan.Downloader.Qqhelper.Wq : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc339.exe:945.exe:DoSSSetup.dll <- Adware.Cinmus.G : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc339.exe:945.exe:acpidisk.sys <- Adware.Cinmus.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc345.exe <- Trojan.Downloader.Delf.Bmz : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc440.exe:netdde32.exe <- Trojan.Downloader.Qqhelper.Vn : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc442.exe:a.sys <- Adware.Newweb.W : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc442.exe:winA.dll <- Adware.Agent.Bz : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc442.exe:autolive.sys <- Adware.Newweb.M : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc442.exe:Setup.exe <- Adware.Newweb.Y : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc443.exe <- Trojan.Downloader.Delf.Bgp : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc456.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc587.exe <- Trojan.Proxy.Small.Du : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc674.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc735.exe <- Trojan.Downloader.Qqhelper.Wq : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc753.exe <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc784.exe <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc787.exe:1089.exe <- Adware.Cinmus.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc787.exe:1089.exe:acpidisk.sys <- Adware.Cinmus.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Dc939.exe <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\dllhost32.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\dodolook169.exe:945.exe:DoSSSetup.dll <- Adware.Cinmus.G : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\dodolook169.exe:945.exe:acpidisk.sys <- Adware.Cinmus.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\ee.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\fctatie.exe <- Trojan.Autorun.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\fd012.exe:netdde32.exe <- Trojan.Downloader.Qqhelper.Vn : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\IEXPLORE.EXE <- Trojan.Packed.Klone.Af : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\k5615455142.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\k5615455375.exe <- Trojan.Agent.Ahj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\mplay.com <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\mppds.exe <- Trojan.Psw.Onlinegames.Zx : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\MsIMMs32.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\nwizdh.exe:nwizdh.exe:res0.exe <- Trojan.Psw.Nilage.Bjp : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\nwiztlbu.exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\okt[1].exe <- Trojan.Autorun.F : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\s117.exe <- Trojan.Downloader.Delf.Bgp : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\scvhost.exe <- Trojan.Delf.Awy : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\Setup.exe <- Adware.Newweb.Y : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\system.exe <- Trojan.Delf.Awy : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\TIMHost.exe <- Trojan.Psw.Onlinegames.Yn : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\TIMHost.exe:res0.exe <- Trojan.Psw.Onlinegames.Yn : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\upxdnd.exe <- Trojan.Psw.Onlinegames.Es : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\upxdnd.exe:res0.exe <- Trojan.Psw.Onlinegames.Es : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\WinForm.exe:res0.exe <- Trojan.Psw.Onlinegames.Zj : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\wm[1].exe <- Heur.Win32.I : No action
C:\Documents and Settings\pot\桌面\badguy\新建文件夹\x105.exe:x105.exe <- Trojan.Clicker.Bho.N : No action Scanned objects : 415 Infected objects : 99
可怜的AVG Antispyware……

更可怜的AVZ ~~
Scanning disks
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\AVPSrv.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.yn ( 0A18DEAD 0198826B 00072CCB 0017F598 22016)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\c8.exe.exe >>> suspicion for Trojan-Spy.Win32.Delf.pg ( 0A53D46E 040F0A9A 0020E6A0 001CB853 23660)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\ck3.exe.exe >>> suspicion for Trojan-Spy.Win32.Delf.pg ( 0A39BA85 04AAF368 00211AC1 00207847 26767)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\cmdbcs.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.yn ( 0A1655FA 03D6F52A 00074ADB 001ACA91 26112)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc1276.exe >>>>> Trojan-Proxy.Win32.Small.du
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc13.exe >>>>> Worm.Win32.Viking.lj
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc1874.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.wz ( 0A0A195D 031638A8 00072CCB 00186394 29696)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc1980.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.xz ( 04774740 09668451 002AC5F8 00156E6E 33800)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc1990.exe >>> suspicion for AdvWare.Win32.IEHlpr.e ( 005AEFF8 00000000 001A7E6B 001DA97B 81920)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc2003.exe >>>>> Backdoor.Win32.Delf.awy
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc2126.exe >>> suspicion for Trojan-Downloader.Win32.Delf.bkx ( 0A55D840 035F74D0 0020EC63 001DBE13 18944)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc2130.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.wz ( 0A212B81 02704B4C 00072CCB 0019E520 29696)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Dc587.exe >>>>> Trojan-Proxy.Win32.Small.du
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\mppds.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.wz ( 0A212B81 02704B4C 00072CCB 0019E520 29696)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\Setup.exe >>>>> AdvWare.Win32.NewWeb.y
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\shua.exe.exe >>> suspicion for Trojan-Spy.Win32.Delf.pg ( 0A5AAA61 039F0CCC 0020E6A0 001C6AE5 24200)
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\TIMHost.exe >>>>> Trojan-PSW.Win32.OnLineGames.yn
C:\Documents and Settings\fg\桌面\badguy\新建文件夹\upxdnd.exe >>> suspicion for Trojan-PSW.Win32.OnLineGames.wz ( 0A0A195D 031638A8 00072CCB 00186394 29696)

显示全部楼层 · 发表于 2007-6-29 17:51:05

我用kis6,只扫到95个

显示全部楼层 · 发表于 2007-6-29 18:17:37

Virus: Win32:Adware-gen. [Adw], Win32:Agent-GRW [Trj]

Virus found while downloading Web content.

Address: bbs.kafan.cn

Virus: Win32:Agent-EXD [Trj], Win32:Agent-HFX [Trj] (2x), Win32:Adloader-JQ [Trj], Win32:Agent-GRW [Trj]

Virus found while downloading Web content.

Address: bbs.kafan.cn

Virus: Win32:Adloader-JQ [Trj], Win32:Agent-GRW [Trj]

Virus found while downloading Web content.

Address: bbs.kafan.cn

显示全部楼层 · 发表于 2007-6-29 18:27:04

可怜的F-Secure Anti-Virus5.44。。。。

[ 本帖最后由抽风超人于 2007-6-29 18:29 编辑 ]

显示全部楼层 · 发表于 2007-6-29 19:33:45

重活啊！后面再来...

显示全部楼层 · 发表于 2007-6-29 19:59:17

原帖由 抽风超人 于 2007-6-29 18:27 发表
可怜的F-Secure Anti-Virus5.44。。。。
94582
94583

是不是没升级啊?这个结果让我有点惊讶,甚至不能接受.

显示全部楼层 · 发表于 2007-6-29 21:10:18

Start of the scan: 2007年6月29日  21:08

Starting the file scan:

…………………………

End of the scan: 2007年6月29日  21:08
Used time: 00:11 min

The scan has been done completely.

   0 Scanning directories
188 Files were scanned
130 viruses and/or unwanted programs were found
   10 classified as suspicious:
   1 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   48 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-6-29 21:31:33

扫描完成: 2007-6-29 21:29
已检查 186 个文件
已发现 122 个染毒文件
发现 16 个可疑文件

AVK06

显示全部楼层 · 发表于 2007-6-30 00:00:37

186-138-48=0
包括隐藏文件共186（1个autorun.inf+2个隐藏+183个正常文件=186个）

微点查杀情况

138个有害样本被微点删除（已知特征44+未知特征94）

余下48个文件
1个autorun.inf文件，非病毒，手动删除了
4个自动退出
17个无法运行
8个不是有效的win32
14个下载者手动放行后下载的木马拦截成功并删除（注：下载者本身未予以删除有些奇怪）
2个等了N久无动作
1个工具运行后未报

总结：有三个样本未能确认是否有危害

[ 本帖最后由野马于 2007-6-30 00:04 编辑 ]

[病毒样本] 小红伞、卡吧7.0全挂！！！！微点也够呛！【181个病毒已上传】

本帖子中包含更多资源

本帖子中包含更多资源