今天在我硬盘中捉出来的家伙

显示全部楼层 · 发表于 2008-11-5 15:03:29

今天在我硬盘中捉出来的家伙
这个附件需要把后辍改为rar，不然看不了。因为上传附件时被挡了。（不好意思）

显示全部楼层 · 发表于 2008-11-5 15:06:15

压缩包损坏...

显示全部楼层 · 发表于 2008-11-5 15:14:40

哦，这样又不行。再试试分压的

又试了一下这次记得改后辍，压缩档有198K为好的。

[ 本帖最后由 zhangcobi 于 2008-11-5 15:21 编辑 ]

显示全部楼层 · 发表于 2008-11-5 15:21:41

加密码啊大哥
virus或者infected

显示全部楼层 · 发表于 2008-11-5 15:26:04

正在扫描日志
病毒库版本: 3584 (20081105)
日期: 2008/11/5 时间: 15:25:34
已扫描的磁盘、文件夹和文件: C:\Users\Administrator\Desktop\bindu
C:\Users\Administrator\Desktop\bindu\come_system.bak.bak - Win32/PSW.OnLineGames.NQV 特洛伊木马 - 已删除 - 已隔离
C:\Users\Administrator\Desktop\bindu\come_system.dll.dll - Win32/PSW.QQShou 特洛伊木马 - 已删除 - 已隔离
C:\Users\Administrator\Desktop\bindu\eyi.sys - 正常
C:\Users\Administrator\Desktop\bindu\eyioreans32.sys - 正常
C:\Users\Administrator\Desktop\bindu\good.dat.dat - 正常
C:\Users\Administrator\Desktop\bindu\mfc.bat.bat - BAT/Agent.GC 特洛伊木马 - 已删除 - 已隔离
C:\Users\Administrator\Desktop\bindu\mmchost.dll~.dll~ - 正常
C:\Users\Administrator\Desktop\bindu\orz.exe.exe - 可能是 Win32/Genetik 特洛伊木马的变种 - 已删除 - 已隔离
C:\Users\Administrator\Desktop\bindu\silvergod.exe.exe - Win32/TrojanClicker.Agent.NDJ 特洛伊木马的变种 - 已删除 - 已隔离
已扫描的对象数: 9
发现的威胁数: 5
已清除对象数:5

显示全部楼层 · 发表于 2008-11-5 15:27:22

剩三个...一个DAT 两个SYS
TO KL

[ 本帖最后由 lingbo110120 于 2008-11-5 15:33 编辑 ]

显示全部楼层 · 发表于 2008-11-5 15:32:03

小红伞有三只没清掉.....

Begin scan in 'Z:\bindu'
Z:\bindu\come_system.bak.bak
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    The file was moved to '497e4bf2.qua'!
Z:\bindu\come_system.dll.dll
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    The file was moved to '48f316f3.qua'!
Z:\bindu\good.dat.dat
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE]    The file was moved to '49804bf2.qua'!
Z:\bindu\mmchost.dll~.dll~
[DETECTION] Is the TR/Thief.Magania.aimg Trojan
[NOTE]    The file was moved to '49744bf0.qua'!
Z:\bindu\orz.exe.exe
[DETECTION] Is the TR/Agent.AIYW.2 Trojan
[NOTE]    The file was moved to '498b4bf5.qua'!
Z:\bindu\silvergod.exe.exe
   [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
[NOTE]    The file was moved to '497d4bec.qua'!

The scan has been done completely.

   1 Scanning directories
   9 Files were scanned
   6 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   6 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   3 Files not concerned
   0 Archives were scanned
   0 Warnings
   6 Notes

显示全部楼层 · 发表于 2008-11-5 16:25:42

NIS2009 miss两个sys和mmchost.dll~.dll~

显示全部楼层 · 发表于 2008-11-5 16:33:12

ris2009报5个

显示全部楼层 · 发表于 2008-11-5 17:02:38

微点拦截

[病毒样本] 今天在我硬盘中捉出来的家伙

本帖子中包含更多资源

本帖子中包含更多资源

回复 3楼 zhangcobi 的帖子

本帖子中包含更多资源