刚刚那网上的迅速抓

显示全部楼层 · 发表于 2007-7-13 10:02:27

无限弹做得很是不错~ 我都全补丁了……

显示全部楼层 · 发表于 2007-7-13 10:04:15

Starting the file scan:

Begin scan in 'F:\病毒样本\Ignore.rar'
F:\病毒样本\Ignore.rar
  [0] Archive type: RAR
  --> 1326[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> downloader1[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> ifuckhackerdewife[1].js
   [DETECTION] Contains signature of the HTML script virus HTML/JSAdob
  --> 1093[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 19008[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 62205[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 802[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> s5888[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 10021[1].htm
   [DETECTION] Contains signature of the exploits EXP/Adodb.1273
  --> hst[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> community[1].htm
   [DETECTION] Contains signature of the HTML script virus HTML/Agent.C
  --> dodolook264[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 2209[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 1064[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> ah[1].c
   [DETECTION] Contains signature of the exploits EXP/Ani.Gen
  --> kehu0785[1].htm
   [DETECTION] Contains signature of the HTML script virus HTML/Dldr.Agent.FG
  --> pv0018[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> 80325[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> vip[1].js
   [DETECTION] Contains signature of the Java script virus JS/Dldr.Agent.E.6
  --> kehu0783[1].htm
   [DETECTION] Contains signature of the HTML script virus HTML/Dldr.Agent.FG
  --> 1[1].gif
   [DETECTION] Contains signature of the exploits EXP/Ani.Gen
  --> Server.exe
   [DETECTION] Is the Trojan horse TR/PSW.Steal.27210
  --> mm.exe
   [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.40
  --> db[1].htm
   [DETECTION] Contains signature of the VBS script virus VBS/Dldr.Psyme.GV
   [INFO]    The file was deleted!

End of the scan: 2007年7月13日  10:04
Used time: 00:06 min

The scan has been done completely.

   0 Scanning directories
   26 Files were scanned
   24 viruses and/or unwanted programs were found
   13 classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
-11 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-7-13 10:05:04

看红伞的报法都是靠漏洞的....我补丁全打好鸟..哈哈,来咬我啊

显示全部楼层 · 发表于 2007-7-13 10:05:33

刚才进去我怎么不弹呢???好象被IE7拦截了

显示全部楼层 · 发表于 2007-7-13 10:05:46

原帖由 tracydk 于 2007-7-13 10:04 发表
-11 Files not concerned

这个bug antivir至今未修复

显示全部楼层 · 发表于 2007-7-13 10:06:33

原帖由 tracydk 于 2007-7-13 10:05 发表
刚才进去我怎么不弹呢???好象被IE7拦截了

弹了两个 IE7也阻止了

显示全部楼层 · 发表于 2007-7-13 10:07:49

不是靠漏洞是他们自己的“新”技术（其实是n差劲）报成利用漏洞~
如果你打了补丁他这个文件还是要下来的（网页）只是下载的东西不起作用了

显示全部楼层 · 发表于 2007-7-13 10:08:26

那个假的BAIDU也太没意思了,起码也要搜索了会转到另一个毒网或者下载病毒什么的才好玩

显示全部楼层 · 发表于 2007-7-13 10:11:25

D:\download\t3\Ignore.rar:\1326[1].htm - Signature 'Generic.XPL.ADODB' found
D:\download\t3\Ignore.rar:\downloader1[1].htm - Signature 'Generic.XPL.ADODB' found
D:\download\t3\Ignore.rar:\ifuckhackerdewife[1].js - Signature 'Trojan-Downloader.JS.Psyme.gw' found
D:\download\t3\Ignore.rar

      4 Files scanned
      (1 Archive with 3 files)
      3 Signatures found
      0 Suspect code-parts found
      Used time: 0:00.130

汗死什么情况……

解包没解开？！

[ 本帖最后由 jimmyleo 于 2007-7-13 10:12 编辑 ]

显示全部楼层 · 发表于 2007-7-13 10:12:40

total 24, found 22

2007-7-13 10:10:01 Scan Started On-Demand Scan
D:\Downloads\Ignore.rar\1326[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\DOWNLOADER1[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\IFUCKHACKERDEWIFE[1].JS VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\1093[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\19008[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\62205[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\802[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\S5888[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\10021[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\HST[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\DODOLOOK264[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\2209[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\1064[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\AH[1].C Exploit-ANIfile.c(Trojan)
D:\Downloads\Ignore.rar\KEHU0785[1].HTM ObfuscatedHtml(Trojan)
D:\Downloads\Ignore.rar\PV0018[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\80325[1].HTM VBS/Psyme(Trojan)
D:\Downloads\Ignore.rar\KEHU0783[1].HTM ObfuscatedHtml(Trojan)
D:\Downloads\Ignore.rar\1[1].GIF Exploit-ANIfile.c(Trojan)
D:\Downloads\Ignore.rar\SERVER.EXE\SERVER.EXE PWS-QQPass(Trojan)
D:\Downloads\Ignore.rar\MM.EXE\MM.EXE\0000b4f0.EXE PWS-QQPass.dll(Trojan)
D:\Downloads\Ignore.rar\DB[1].HTM ObfuscatedHtml(Trojan)

[病毒样本] 刚刚那网上的迅速抓

本帖子中包含更多资源

回复 #3 tracydk 的帖子

[病毒样本] 刚刚那网上的 迅速抓

本帖子中包含更多资源

回复 #3 tracydk 的帖子

[病毒样本] 刚刚那网上的迅速抓