凝逸反毒virus-有19个过蜘蛛.瑞星.卡巴.江民,15个今天样本

显示全部楼层 · 发表于 2007-9-24 16:45:32

凝逸反毒virus

http://uploadingit.com/files/67701_iy8p7/070923.zip
http://uploadingit.com/files/67633_do6w9/070923.zip
zip: hi.baidu.com/503165656

------------------

2个都是一个的,有一个下不了
有19个过蜘蛛.瑞星.卡巴.江民,15个今天样本
------------------

显示全部楼层 · 发表于 2007-9-24 16:53:47

确定是病毒？

显示全部楼层 · 发表于 2007-9-24 16:54:17

密码多少？

显示全部楼层 · 发表于 2007-9-24 16:55:03

第二个才能下。。。
包里的第二部分都杀了，第一部分都是毒么？？

扫描进行于：2007-9-24 16:54:20
日期： 24.9.2007 时间：16:54:26
已开启反隐藏功能.
已扫描的磁盘，文件夹及文件：C:\Documents and Settings\Administrator\桌面\070923\
C:\Documents and Settings\Administrator\桌面\070923\2\(1)9(1).exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(1)s3682.exe - Win32/TrojanDownloader.Tiny.Y 木马的变种
C:\Documents and Settings\Administrator\桌面\070923\2\(2)11.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(2)3(1).exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(2)5(1).exe - 可能是 Win32/PSW.OnLineGames.NDV 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(3)12.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(3)7(1).exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(4)10.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(4)8.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(5)1.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(5)10.exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\(5)15.exe - 未查明的 NewHeur_PE 病毒 [7]
C:\Documents and Settings\Administrator\桌面\070923\2\119.exe - 可能是 Win32/PSW.OnLineGames.NEP 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\8(1).exe - 可能是 Win32/Genetik 木马的一个变种
C:\Documents and Settings\Administrator\桌面\070923\2\downloader(2).exe - Win32/TrojanDownloader.VB.APY 木马 - 已删除
已扫描的文件数目：34
已发现的病毒数目：15
已清除病毒的文件数目：15
完成时间： 16:54:44 总扫描时间：18 秒 (00:00:18)

注意：
[7] 该文件可能感染上未知病毒。

[ 本帖最后由 Kav6.0 于 2007-9-24 16:56 编辑 ]

显示全部楼层 · 发表于 2007-9-24 16:56:29

密码不对呀

显示全部楼层 · 发表于 2007-9-24 16:56:51

密码zip: hi.baidu.com/503165656
1 是蜘蛛.瑞星.卡巴.江民杀剩的,

显示全部楼层 · 发表于 2007-9-24 16:59:34

2007-9-24 16:59:25 1190624365 Administrator 3968 Sign of "Win32:Killreg-F [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\1\0817.exe" file.
2007-9-24 16:59:29 1190624369 Administrator 3968 Sign of "Win32:Baidubar-B [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\1\0145.exe\[UPX]" file.
2007-9-24 16:59:29 1190624369 Administrator 3968 Sign of "Win32:Agent-LQN [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\1\0674.exe" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Hupigon-BQO [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\1\0987.exe" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Cryptic-OU [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\downloader(2).exe" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:OnLineGames-FN [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\(2)5(1).exe\[UPX]\[Embedded#1270]" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Onlinegames-ALL [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\(3)12.exe\[UPX]\[Embedded#1270]" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Onlinegames-AUA [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\119.exe\[Upack]\[Embedded#9060]\[Upack]" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Onlinegames-ARI [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\(4)10.exe\[UPX]\[Embedded#1470]" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\(5)10.exe\[Upack]\[Embedded#MUSIC]" file.
2007-9-24 16:59:31 1190624371 Administrator 3968 Sign of "Win32:Onlinegames-BCC [Trj]" has been found in "C:\Documents and Settings\Administrator\桌面\新建文件夹 (2)\2\(1)9(1).exe\[Upack]\[Embedded#MUSIC]" file.

显示全部楼层 · 发表于 2007-9-24 17:01:35

第1个文件坏的压缩

显示全部楼层 · 发表于 2007-9-24 17:04:28

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\070923'
C:\Documents and Settings\Administrator\桌面\070923\1\0674.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.71582
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\1\0735.sys
   [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.GZ
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\1\0817.exe
   [DETECTION] Is the Trojan horse TR/Click.A.844488.A
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\1\0956.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '472c7d80.qua'!
C:\Documents and Settings\Administrator\桌面\070923\1\0962.dll
   [DETECTION] Contains detection pattern of the SPR/YFlood.A.2 program
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(1)9(1).exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ddl
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(1)s3682.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '47207d7c.qua'!
C:\Documents and Settings\Administrator\桌面\070923\2\(2)11.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(2)3(1).exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(2)5(1).exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(3)12.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(3)7(1).exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(4)10.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(4)8.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(5)1.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(5)10.exe
   [DETECTION] Is the Trojan horse TR/Agent.18008
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\(5)15.exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\119.exe
   [DETECTION] Is the Trojan horse TR/Hijack.Explor.4407
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\8(1).exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLine.ddm.1
   [INFO]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\070923\2\downloader(2).exe
   [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
   [INFO]    The file was deleted!

End of the scan: 2007年9月24日  17:03
Used time: 00:31 min

The scan has been done completely.

   3 Scanning directories
   35 Files were scanned
   18 viruses and/or unwanted programs were found
   2 Files were classified as suspicious:
   18 files were deleted
   0 files were repaired
   2 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   17 Files not concerned
   2 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-24 17:06:18

密码是？

[病毒样本] 凝逸反毒virus-有19个过蜘蛛.瑞星.卡巴.江民,15个今天样本

浏览过的版块

[病毒样本] 凝逸反毒virus-有19个过 蜘蛛.瑞星.卡巴.江民,15个今天样本

浏览过的版块

[病毒样本] 凝逸反毒virus-有19个过蜘蛛.瑞星.卡巴.江民,15个今天样本