一包~~费尔杀过的。。

显示全部楼层 · 发表于 2007-10-28 02:55:15

江民杀毒软件报告文件

北京江民新科技术有限公司

扫描引擎 11.00.702
病毒库日期 2007-10-27
更新日期 2007-10-28

扫描目标 V:\VirusDoc20071027\VirusMailAAA\101\样本包.rar

开始时间 2007-10-28 02:59:51

在 V:\VirusDoc20071027\VirusMailAAA\101\样本包.rar->样本包\614[1].js 中发现 TrojanDropper.Psyme.gje 病毒, 发现病毒
在 V:\VirusDoc20071027\VirusMailAAA\101\样本包.rar->样本包\ad[1].jpg 中发现 Exploit.ANIfile.y 病毒, 发现病毒
正常结束。

扫描结果:
               文件数 :15                               病毒体 :2
               删除 :0                                  解毒 :0
扫描速度(千字节/秒) :0                               扫描时间 :00:00:00

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -    - - - - - - - - - - - -

[ 本帖最后由小飞侠.net 于 2007-10-28 03:00 编辑 ]

显示全部楼层 · 发表于 2007-10-28 05:36:49

Starting the file scan:

Begin scan in 'C:\Users\morgan\Documents\样本包.rar'
C:\Users\morgan\Documents\
  样本包.rar
[0] Archive type: RAR
--> Ñù±¾°ü\bf[1].htm
--> Ñù±¾°ü\pop[1].htm
      [DETECTION] Contains suspicious code HEUR/Exploit.HTML
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾°ü\popup[1].htm
--> Ñù±¾°ü\web6[1].htm
      [DETECTION] Contains suspicious code HEUR/Exploit.HTML
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾°ü\ww4[1].htm
      [DETECTION] Contains suspicious code HEUR/Exploit.HTML
      [WARNING] Infected files in archives cannot be repaired!
--> Ñù±¾°ü\0002[1].js
--> Ñù±¾°ü\614[1].js
--> Ñù±¾°ü\6143[1].js
--> Ñù±¾°ü\nick[1].js
--> Ñù±¾°ü\s10[1].js
--> Ñù±¾°ü\s11[1].js
--> Ñù±¾°ü\xunlei[1].js
--> Ñù±¾°ü\ad[1].jpg
      [DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
      [WARNING] Infected files in archives cannot be repaired!
      [WARNING] The file was ignored!

End of the scan: 2007年10月27日  14:36
Used time: 00:05 min

The scan has been done completely.

   0 Scanning directories
   14 Files were scanned
   1 viruses and/or unwanted programs were found
   3 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   13 Files not concerned
   1 Archives were scanned
   5 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-28 07:05:06

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Hack.Exploit.Script.JS.Agent.aj
病毒： Trojan.DL.Script.VBS.Small.b
病毒： Trojan.DL.Script.JS.Agent.lps
病毒： Trojan.DL.Script.Small.a
病毒： Trojan.DL.Script.JS.Agent.lpo
病毒： Trojan.DL.Script.JS.Agent.loe
病毒： Hack.SuspiciousAni

显示全部楼层 · 发表于 2007-10-28 08:13:34

F:\virus\样本包.rar » RAR » 样本包\bf[1].htm - is OK
F:\virus\样本包.rar » RAR » 样本包\pop[1].htm - is OK
F:\virus\样本包.rar » RAR » 样本包\popup[1].htm - is OK
F:\virus\样本包.rar » RAR » 样本包\web6[1].htm - is OK
F:\virus\样本包.rar » RAR » 样本包\ww4[1].htm - is OK
F:\virus\样本包.rar » RAR » 样本包\0002[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\614[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\6143[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\nick[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\s10[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\s11[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\xunlei[1].js - is OK
F:\virus\样本包.rar » RAR » 样本包\ad[1].jpg - a variant of Win32/TrojanDownloader.Ani.Gen trojan

显示全部楼层 · 发表于 2007-10-28 11:38:32

全是网页、脚本病毒。
有的是病毒，有的好象不是。

显示全部楼层 · 发表于 2007-10-28 12:28:32

AntiVir PersonalEdition Classic
Report file date: 2007年10月28日星期日  11:55

Scanning for 904194 virus strains and unwanted programs.

Licensed to:    Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform:       Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Username:       Administrator
Computer name: 4B2BF2164F8D404

Version information:
BUILD.DAT : 270          15603 Bytes 2007-9-19 13:32:00
AVSCAN.EXE : 7.0.6.1    290856 Bytes 2007-8-23 06:16:30
AVSCAN.DLL : 7.0.6.0    49192 Bytes 2007-8-16 05:23:52
LUKE.DLL    : 7.0.5.3    147496 Bytes 2007-8-14 08:32:48
LUKERES.DLL  : 7.0.6.1    10280 Bytes 2007-8-21 05:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-7-18 07:27:16
ANTIVIR1.VDF : 7.0.0.0    1640448 Bytes 2007-9-13 07:26:56
ANTIVIR2.VDF : 7.0.0.140 940544 Bytes  2007-10-26 02:47:12
ANTIVIR3.VDF : 7.0.0.142    3072 Bytes  2007-10-26 02:47:12
AVEWIN32.DLL : 7.6.0.30 3056128 Bytes  2007-10-28 02:47:14
AVWINLL.DLL  : 1.0.0.7    14376 Bytes 2007-2-26 03:36:28
AVPREF.DLL : 7.0.2.2    25640 Bytes 2007-7-18 00:39:18
AVREP.DLL : 7.0.0.1    155688 Bytes 2007-4-16 06:16:24
AVPACK32.DLL : 7.3.0.15    360488 Bytes 2007-8-3 01:46:02
AVREG.DLL : 7.0.1.6    30760 Bytes 2007-7-18 00:17:08
AVARKT.DLL : 1.0.0.20    278568 Bytes 2007-8-28 05:26:34
AVEVTLOG.DLL : 7.0.0.20    86056 Bytes 2007-7-18 00:10:20
NETNT.DLL : 7.0.0.0       7720 Bytes 2007-3-8 04:09:44
RCIMAGE.DLL  : 7.0.1.30 2342952 Bytes 2007-8-7 05:38:14
RCTEXT.DLL : 7.0.62.0    86056 Bytes 2007-8-21 05:50:38
SQLITE3.DLL  : 3.3.17.1    339968 Bytes 2007-7-23 02:37:22

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\a9ad1bb4.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2007年10月28日星期日  11:55

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\样本包.rar'
C:\Documents and Settings\Administrator\桌面\样本包.rar
  [0] Archive type: RAR
  --> Ñù±¾°ü\pop[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> Ñù±¾°ü\web6[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> Ñù±¾°ü\ww4[1].htm
   [DETECTION] Contains suspicious code HEUR/Exploit.HTML
  --> Ñù±¾°ü\ad[1].jpg
   [DETECTION] Contains detection pattern of the exploits EXP/Ani.Gen
   [INFO]    The file was moved to '9a296f7c.qua'!

End of the scan: 2007年10月28日星期日  11:56
Used time: 00:19 min

The scan has been done completely.

   0 Scanning directories
   14 Files were scanned
   1 viruses and/or unwanted programs were found
   3 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   13 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-10-28 16:59:56

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 727
Paranoia Database - 48285
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\本包

C:\Documents and Settings\Uhthn\Desktop\本包\bf[1].htm - Infected VIRUS.SCRIPT.5740 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\pop[1].htm - Infected VIRUS.SCRIPT.4720 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\popup[1].htm - Suspected Downloader
C:\Documents and Settings\Uhthn\Desktop\本包\web6[1].htm - OK
C:\Documents and Settings\Uhthn\Desktop\本包\ww4[1].htm - Infected VIRUS.SCRIPT.3937 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\0002[1].js - Infected TROJAN-DOWNLOADER.JS.PSYME.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\614[1].js - Infected VIRUS.SCRIPT.4128 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\6143[1].js - Infected TROJAN-DOWNLOADER.JS.PSYME.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\nick[1].js - Infected VIRUS.SCRIPT.3144 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\s10[1].js - Infected VIRUS.SCRIPT.9249 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\s11[1].js - Infected VIRUS.SCRIPT.5664 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\xunlei[1].js - Infected VIRUS.SCRIPT.1682 - Deleted
C:\Documents and Settings\Uhthn\Desktop\本包\ad[1].jpg - Infected EXPLOIT.IMG-ANI.GEN - Deleted

13 Files scanned
11 Infected files found
1 Suspected files found
0 Files cured
11 Files deleted

显示全部楼层 · 发表于 2007-10-28 18:09:37

deleted: Trojan program Trojan-Downloader.JS.Agent.aab File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\bf[1].htm
deleted: Trojan program Trojan-Downloader.VBS.Small.fv File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\pop[1].htm
deleted: Trojan program Trojan-Downloader.VBS.Small.fy File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\popup[1].htm
deleted: Trojan program Trojan-Downloader.VBS.Small.fx File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\web6[1].htm
deleted: Trojan program Trojan-Downloader.VBS.Small.fw File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\ww4[1].htm
deleted: Trojan program Trojan-Downloader.JS.Agent.aaa File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\0002[1].js
deleted: Trojan program Trojan-Downloader.JS.Psyme.qw File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\614[1].js
deleted: Trojan program Trojan-Downloader.JS.Agent.aaa File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\6143[1].js
deleted: Trojan program Trojan-Downloader.JS.Psyme.ri File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\nick[1].js//JSPack
deleted: Trojan program Trojan-Downloader.JS.Psyme.pz File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\s10[1].js//JSPack
deleted: Trojan program Trojan-Downloader.JS.Agent.aaa File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\s11[1].js//JSPack
deleted: Trojan program Trojan-Downloader.JS.Psyme.ra File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\xunlei[1].js
deleted: malware Exploit.Win32.IMG-ANI.gen (modification) File: C:\Users\Jack Jones\Desktop\Ñù±¾°ü.rar/Ñù±¾°ü\ad[1].jpg

显示全部楼层 · 发表于 2007-10-29 13:08:40

杀猪声起，不让下

显示全部楼层 · 发表于 2007-10-29 15:57:19

微点砍掉

[病毒样本] 一包~~费尔杀过的。。

本帖子中包含更多资源

KIS7.0 13个

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块