华中师大被挂

显示全部楼层 · 发表于 2008-6-5 21:25:26

Starting the file scan:

Begin scan in 'E:\virus.rar'
E:\virus.rar
  [0] Archive type: RAR
--> Baidu.cab
   [1] Archive type: CAB (Microsoft)
   --> Baidu.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.rqj
  --> bak.css
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.rqj
   [NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-6-5 21:31:04

BD全挂

显示全部楼层 · 发表于 2008-6-5 21:35:46

D:\firefox download\virus.rar > RAR > Baidu.cab > CAB > Baidu.exe - 可能是 Win32/TrojanDownloader.Small.WGA 特洛伊木马的变种 - 是已删除对象的一部分
D:\firefox download\virus.rar > RAR > bak.css - 可能是 Win32/TrojanDownloader.Small.WGA 特洛伊木马的变种 - 是已删除对象的一部分

显示全部楼层 · 发表于 2008-6-5 22:05:34

高校一般都比较没人管

显示全部楼层 · 发表于 2008-6-5 22:10:01

现在好了？
怎么我的畅游巡警和红伞还有微点都没报？

显示全部楼层 · 发表于 2008-6-5 23:34:48

原帖由 asinasina 于 2008-6-5 22:10 发表
现在好了？
怎么我的畅游巡警和红伞还有微点都没报？

牛人...什么都有...竟然还包括畅游...

高校被挂正常，我的学校上个月也被，而且还是几年前的木马...因为根本没有人管的，而且，几十不打一次补丁，不死才怪

显示全部楼层 · 发表于 2008-6-5 23:38:54

我一直在进....还是没反应....一直在试东东....多点没太大问题...不知道会坚持多久..

显示全部楼层 · 发表于 2008-6-5 23:54:04

卡巴

前者

已删除：木马程序 Trojan-Downloader.Win32.Agent.rqj 文件　: E:\virus.rar/Baidu.cab/Baidu.exe
已删除：木马程序 Trojan-Downloader.Win32.Agent.rqj 文件　: E:\virus.rar/bak.css

后者

已删除：木马程序 Trojan-PSW.Win32.OnLineGames.alcm 文件　: E:\样本（33个）.rar/soft1.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amas 文件　: E:\样本（33个）.rar/soft2.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amoo 文件　: E:\样本（33个）.rar/soft3.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.Agent.amb 文件　: E:\样本（33个）.rar/soft4.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amor 文件　: E:\样本（33个）.rar/soft5.exe//PE_Patch.UPX//UPX
已删除：恶意程序 Flooder.Win32.PortFlooder.b 文件　: E:\样本（33个）.rar/soft6.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.almc 文件　: E:\样本（33个）.rar/soft7.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ampf 文件　: E:\样本（33个）.rar/soft8.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ahnr 文件　: E:\样本（33个）.rar/soft9.exe//FSG
已删除：木马程序 Rootkit.Win32.Agent.apk 文件　: E:\样本（33个）.rar/soft10.exe//PE_Patch//MEW
已删除：木马程序 Trojan-PSW.Win32.Agent.amp 文件　: E:\样本（33个）.rar/soft11.exe
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.aloc 文件　: E:\样本（33个）.rar/soft12.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.almz 文件　: E:\样本（33个）.rar/soft13.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.alna 文件　: E:\样本（33个）.rar/soft14.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amno 文件　: E:\样本（33个）.rar/soft15.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ajsr 文件　: E:\样本（33个）.rar/soft16.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amey 文件　: E:\样本（33个）.rar/soft17.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ahsh 文件　: E:\样本（33个）.rar/soft18.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.akyh 文件　: E:\样本（33个）.rar/soft19.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.adup 文件　: E:\样本（33个）.rar/soft20.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.alvt 文件　: E:\样本（33个）.rar/soft21.exe//PE_Patch.UPX//UPX
已删除：病毒 Worm.Win32.Downloader.no 文件　: E:\样本（33个）.rar/soft22.exe//FSG
已删除：病毒 Worm.Win32.Downloader.mw 文件　: E:\样本（33个）.rar/soft23.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ajti 文件　: E:\样本（33个）.rar/soft24.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.alxu 文件　: E:\样本（33个）.rar/soft25.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amey 文件　: E:\样本（33个）.rar/soft26.exe//PE_Patch//UPack
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.ajtl 文件　: E:\样本（33个）.rar/soft27.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.akxv 文件　: E:\样本（33个）.rar/soft28.exe//FSG
已删除：木马程序 Trojan-PSW.Win32.Agent.aob 文件　: E:\样本（33个）.rar/soft29.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan-PSW.Win32.OnLineGames.amnl 文件　: E:\样本（33个）.rar/soft30.exe//PE_Patch.UPX//UPX
已删除：木马程序 Trojan.Win32.Agent.nbj 文件　: E:\样本（33个）.rar/soft31.exe
已删除：木马程序 Trojan.Win32.Agent.nbl 文件　: E:\样本（33个）.rar/softd.exe
已删除：木马程序 Trojan.Win32.Agent.nbj 文件　: E:\样本（33个）.rar/soft0.exe

显示全部楼层 · 发表于 2008-6-6 00:09:26

那可是我的母校啊

显示全部楼层 · 发表于 2008-6-6 11:10:39

Begin scan in 'C:\Documents and Settings\haha\桌面\样本（33个）.rar'
C:\Documents and Settings\haha\桌面\样本（33个）.rar
  [0] Archive type: RAR
  --> soft1.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.alcm
--> soft2.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amfb
--> soft3.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.275
--> soft4.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
--> soft5.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ampm
  --> soft6.exe
   [DETECTION] Is the Trojan horse TR/Flood.PortFlooder.B
  --> soft7.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.almc
  --> soft8.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ampf
  --> soft9.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ahnr
--> soft11.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.YC.4
  --> soft12.exe
   [DETECTION] Is the Trojan horse TR/PSW.16493
  --> soft13.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.almz
  --> soft14.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.alna
--> soft15.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.264
--> soft16.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> soft17.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
  --> soft18.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ahsh
  --> soft19.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.akyh.1
--> soft20.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.adwk
--> soft21.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.253
  --> soft22.exe
   [DETECTION] Contains detection pattern of the worm WORM/Downloader.NO
--> soft23.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.akjk
      --> Object
         [DETECTION] Is the Trojan horse TR/Agent.qqx
--> soft24.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> soft25.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.alpo
--> soft26.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.amdt
--> soft27.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ajtm
      --> Object
         [DETECTION] Contains detection pattern of the worm WORM/Downloader.MM
  --> soft28.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.akxv
--> soft29.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.252
--> soft30.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.277
  --> soft31.exe
   [DETECTION] Is the Trojan horse TR/Agent.NBJ.1
  --> softd.exe
   [DETECTION] Is the Trojan horse TR/Agent.nbl
  --> soft0.exe
   [DETECTION] Is the Trojan horse TR/Agent.nbj
   [NOTE]    A backup was created as '475111c6.qua'  ( QUARANTINE )

End of the scan: 2008年6月6日  11:10
Used time: 00:03 min

The scan has been done completely.

   0 Scanning directories
   34 Files were scanned
   40 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -6 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes

[已鉴定] 华中师大被挂

回复 6楼 qigang 的帖子

回复 16楼 liangjming 的帖子