12
返回列表 发新帖
楼主: macross
收起左侧

[已鉴定] 硅谷动力被挂的马,好几个!

 关闭 [复制链接]
a256886572008
发表于 2007-10-13 23:20:17 | 显示全部楼层
http://218.75.91.248/window.exe
capsshift
发表于 2007-10-13 23:30:27 | 显示全部楼层
红伞报。
Virus or unwanted program 'Worm/Downloader.B.1 [WORM/Downloader.B.1]'
detected in file 'C:\Users\lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57M8UU1Q\window[1].exe.
Action performed: Deny access
454651860
发表于 2007-10-13 23:54:53 | 显示全部楼层
恩恩~是被挂了
NOD32直接拦……
毒霸当接力~把没拦到的那个也杀了
macross
 楼主| 发表于 2007-10-14 01:30:00 | 显示全部楼层
原帖由 capsshift 于 2007-10-13 23:11 发表
看来还是红伞报的多一些,一共9个。
index.htm
forum-94-1.htm
xs.htm
new09.htm
nick.js
ww6.htm
ww4.htm
614.js
bb.js
楼主,在脚本的拦截上,小红伞真的要强很多哦。

卡巴不停的报,最后我直接结束了浏览器进程,所以后面几个没发现
残缺的唯美
发表于 2007-10-14 02:52:10 | 显示全部楼层
Result: 5 malware found
Trojan-Downloader.JS.Psyme.pv (virus)
C:\Users\Administrator\Desktop\virus.rar\nick.js
Trojan-Downloader.VBS.Psyme.jg (virus)
C:\Users\Administrator\Desktop\virus.rar\ww4.htm
Trojan-Downloader.VBS.Agent.ex (virus)
C:\Users\Administrator\Desktop\virus.rar\ww6.htm
Trojan-Downloader.JS.Agent.wr (virus)
C:\Users\Administrator\Desktop\virus.rar\webxl.js
Trojan-Downloader.VBS.Psyme.jh (virus)
C:\Users\Administrator\Desktop\virus.rar\614.js
貌似比较老了
uhthn2002
发表于 2007-10-14 03:21:32 | 显示全部楼层
Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 521
Paranoia Database - 10427
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder (2)

C:\Documents and Settings\uhthn\Desktop\New Folder (2)\nick.js - Infected Trojan-Downloader.js.psyme.1
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\ww4.htm - Infected Virus.Script/Exploit.6239
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\ww6.htm - Infected Virus.Script/Exploit.548
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\webxl.js - Infected Virus.Script/Exploit.1685
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\614.js - Infected Virus.Script/Exploit.3703

5 Files scanned
5 Infected files found
0 Suspected files found
0 Files cured
5 Files deleted
完美孤儿
发表于 2007-10-14 08:09:19 | 显示全部楼层
我刚刚还在上面看教程呢
timhas266
发表于 2007-10-14 08:56:07 | 显示全部楼层
Start of the scan: Sunday, 14 October, 2007  08:55

Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\virus.rar'
C:\Documents and Settings\tim\桌面\virus.rar
  [0] Archive type: RAR
  --> nick.js
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.NS
  --> ww4.htm
      [DETECTION] Contains detection pattern of the VBS script virus VBS/Dldr.ADODB.A
  --> ww6.htm
      [DETECTION] Contains detection pattern of the VBS script virus VBS/Dldr.Psyme.HJ
  --> 614.js
      [DETECTION] Contains detection pattern of the Java script virus JS/Dldr.Psyme.NQ
      [INFO]      A backup was created as '4783695d.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!


End of the scan: Sunday, 14 October, 2007  08:55
Used time: 00:02 min

The scan has been done completely.

      0 Scanning directories
      6 Files were scanned
      4 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-16 17:46 , Processed in 0.085221 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表