今天先来19个 MD5内

微点卫士

驱逐舰15个

微点：
木马名称:Trojan-PSW.Win32.Agent.ekl
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1633.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.hgs
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1636.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.hrw
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163D.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Small.kjy
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163H.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Kolmat.bc
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163I.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.hmt
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163E.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Agent.dfz
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163J.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Vikings.dmt
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163K.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.hgu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1631.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.LipGame.r
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1632.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163A.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\UPXDND.EXE
2) C:\WINDOWS.0\SYSTEM32\UPXDND.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163B.EXE
1) C:\DFD406781.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163B.EXE
1) C:\DFD406781.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163C.EXE
1) C:\DELETEFILEDOS.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163C.EXE
1) C:\DELETEFILEDOS.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163F.EXE
1) C:\DELETEFILEDOS.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\163F.EXE
1) C:\DELETEFILEDOS.BAT
是否删除可疑程序?
木马名称:Trojan-PSW.Win32.Agent.ekx
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Agent.ekx
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1637.EXE
1) C:\DFD497187.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1637.EXE
1) C:\DFD497187.BAT
是否删除可疑程序?木马名称:Trojan-PSW.Win32.OnLineGames.hkf
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\QJSO0.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1638.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\QJSO.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1639.EXE
1) C:\DFD540437.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\163\1639.EXE
1) C:\DFD540437.BAT
是否删除可疑程序?

1634.exe运行后消失了，不过召唤出了CMD，上报先

woai_jolin

Started scanning at 2007-8-11 18:54:47. Engine Ver: 31.1.0. Sig Ver:5050. Sig Date: 2007-8-11. ArcLib Ver: 7.3.0.9.
F:\v\163.1.3A1400.efw <1633.exe> - Win32/QQPass.EI worm. Quarantined.
F:\v\163.1.3A1400.efw <1636.exe> - Win32/Frethog!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <1638.exe> - Win32/Frethog.TM trojan. Quarantined.
F:\v\163.1.3A1400.efw <1639.exe> - Win32/Storark!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <163b.exe> - Win32/Storark!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <163c.exe> - Win32/Storark!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <163f.exe> - Win32/Storark!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <163h.exe> - Win32/Lemir.MO trojan. Quarantined.
F:\v\163.1.3A1400.efw <163i.exe> - Win32/Sauratol.B trojan. Quarantined.
F:\v\163.1.3A1400.efw <163e.exe> - Win32/Frethog!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <163j.exe> - Win32/Snarlpi.P trojan. Quarantined.
F:\v\163.1.3A1400.efw <163k.exe> - Win32/Looked.JL trojan. Quarantined.
F:\v\163.1.3A1400.efw <1631.exe> - Win32/Frethog!generic trojan. Quarantined.
F:\v\163.1.3A1400.efw <1632.exe> - Win32/Frethog!generic trojan. Quarantined.
F:\v\16313A~1.EFW - Could not open the file.

Files Scanned: 20
Files Infected: 14
Files Cleaned \ Deleted: 0
Files Quarantined: 1
Memory Infections: 0
Memory Infections Cleaned: 0
Boot Infections: 0
Boot Infections Cleaned: 0

Top infections found during scan (Limited to 10).
        Win32/Frethog!generic
        Win32/Storark!generic
        Win32/Frethog.TM
        Win32/Lemir.MO
        Win32/Looked.JL
        Win32/QQPass.EI
        Win32/Sauratol.B
        Win32/Snarlpi.P

Files not Cleaned\Deleted\Quarantined (Limit 100): 0

Finished scanning at 2007-8-11 18:54:49.

barth

瑞星2008只能发现12个

taihuxian

C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\1633.exe [L] Win32:Small-DJC [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
http://bbs.kafan.cn/attachment.php?aid=112204\1633.exe [L] Win32:Small-DJC [Trj] (0)
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\1634.exe\[Upack]\[Embedded#IDR_DATA0] [L] Win32:Lmir-FR [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\1636.exe\[Upack]\[Embedded#4060] [L] Win32:Onlinegames-ASX [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\1638.exe [L] Win32:OnLineGames-WK [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163a.exe [L] Win32:Small-HKX [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163b.exe\[Upack]\[Embedded#MAIN] [L] Win32:Small-HHY [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163c.exe\[Upack]\[Embedded#MAIN] [L] Win32:Small-HHY [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163d.exe\[Upack]\[Embedded#3030]\[Upack] [L] Win32:Onlinegames-ATC [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163f.exe\[Upack] [L] Win32:Delf-FJH [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163h.exe\[NsPack] [L] Win32:Small-EKC [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163i.exe [L] Win32:Agent-JWV [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163e.exe\[UPX]\[Embedded#2260] [L] Win32:Onlinegames-ASX [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163j.exe\[Upack]\[Embedded#DATEINF5]\[Upack] [L] Win32:Agent-JOM [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\163k.exe [L] Win32:Lineage-377 [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...
C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\opr0018Z.rar\1630.exe [L] Win32:OnLineGames-SR [Trj] (0)
During the file repair, error occurred: The file was not repaired.
File was successfully moved to chest...

uhthn2002

C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1633.exe : infected MalwareScope.Trojan-PSW.Game.7
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1634.exe : is suspected of Trojan-PSW.Game.80 (paranoid heuristics)
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1636.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1638.exe : infected MalwareScope.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\163a.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\163d.exe : is suspected of Embedded.Trojan-PSW.Win32.OnLineGames.zc
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\163i.exe : infected Trojan.Inject.263
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\163e.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\163j.exe : infected Trojan.Arpspoof
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\163k.exe : infected MalwareScope.Worm.Viking.5
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1630.exe : infected Trojan-PSW.Win32.OnLineGames.nn
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1631.exe : infected MalwareScope.Trojan-PSW.Game.12
C:\Documents and Settings\uhthn\Desktop\163.rar:<RAR>\1632.exe : infected MalwareScope.Trojan-PSW.Game.3


Directories       : 0       Files in archives:      Files on disks:
Archives:                   - total       : 19      - total       : 1     
- scanned         : 1       -  scanned    : 19      - scanned     : 1     
- contain viruses : 1       -  infected   : 11      - infected    : 1     
- deleted         : 0       -  suspicious : 2       - suspicious  : 0

yashoo

小卡全灭

已检测到: 木马程序 Trojan-PSW.Win32.Agent.mi        文件: E:\test\163.rar/1633.exe//FSG
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.mk        文件: E:\test\163.rar/1634.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.acx        文件: E:\test\163.rar/1636.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-Spy.Win32.Delf.uv        文件: E:\test\163.rar/1637.exe//UPack
已检测到: 木马程序 Trojan-PSW.Win32.Small.cf        文件: E:\test\163.rar/1638.exe
已检测到: 木马程序 Trojan-Spy.Win32.Delf.uv        文件: E:\test\163.rar/1639.exe//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.yn        文件: E:\test\163.rar/163a.exe
已检测到: 木马程序 Trojan-Spy.Win32.Delf.uv        文件: E:\test\163.rar/163b.exe//UPack
已检测到: 木马程序 Trojan-Spy.Win32.Delf.uv        文件: E:\test\163.rar/163c.exe//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.zc        文件: E:\test\163.rar/163d.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.uo        文件: E:\test\163.rar/163f.exe//UPack//#
已检测到: 木马程序 Trojan-Downloader.Win32.Small.czl        文件: E:\test\163.rar/163h.exe//NSPack
已检测到: 木马程序 Trojan-Downloader.Win32.Agent.cac        文件: E:\test\163.rar/163i.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.aef        文件: E:\test\163.rar/163e.exe//PE_Patch.UPX//UPX
已检测到: 木马程序 Backdoor.Win32.Agent.alh        文件: E:\test\163.rar/163j.exe//UPack
已检测到: 病毒 Worm.Win32.Viking.lu        文件: E:\test\163.rar/163k.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.nn        文件: E:\test\163.rar/1630.exe
已检测到: 木马程序 Trojan-PSW.Win32.OnLineGames.wt        文件: E:\test\163.rar/1631.exe//PE_Patch//UPack
已检测到: 木马程序 Trojan.Win32.LipGame.cd        文件: E:\test\163.rar/1632.exe//PE_Patch.UPX//UPX

[ 本帖最后由 yashoo 于 2007-8-12 00:47 编辑 ]

yinxuchina

北京江民新科技术有限公司

        扫描引擎 11.00.700
        病毒库日期 2007-08-10
        更新日期 2007-08-12

扫描目标 C:\Documents and Settings\yin\My Documents\163.rar

开始时间 2007-08-12 00:33:17

在 C:\Documents and Settings\yin\My Documents\163.rar->1633.exe 中发现 Trojan/PSW.Agent.dst 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->1636.exe 中发现 Trojan/PSW.GamePass.tkn 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->1638.exe 中发现 TrojanSpy.Delf.lg 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163a.exe 中发现 Trojan/PSW.GamePass.uzp 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163d.exe 中发现 Trojan/Agent.kxp 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163f.exe 中发现 TrojanDownloader.Agent.mvr 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163h.exe 中发现 Trojan/PSW.GamePass.uou 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163i.exe 中发现 Worm/Agent.hc 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163e.exe 中发现 Trojan/PSW.OnLineGames.eeb 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163j.exe 中发现 Trojan/PSW.GamePass.txo 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->163k.exe 中发现 Worm/Viking.auw 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->1630.exe 中发现 Trojan/PSW.OnLineGames.ejk 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->1631.exe 中发现 Trojan/PSW.GamePass.ujl 病毒, 已删除
在 C:\Documents and Settings\yin\My Documents\163.rar->1632.exe 中发现 Trojan/PSW.GamePass.uep 病毒, 已删除
正常结束。

扫描结果:
                 文件数 :20                                  病毒体 :14        
                   删除 :14                                    解毒 :0         
    扫描速度(千字节/秒) :1010                              扫描时间 :00:00:01
    扫描文件速度(个/秒) :20

yurius

[Scan path] C:\virus\163.rar
>>C:\virus\163.rar\1633.exe infected with Trojan.PWS.Qqpass.1200
>>>C:\virus\163.rar\1634.exe infected with Trojan.PWS.Legmir.976
>>>>C:\virus\163.rar\1636.exe infected with Trojan.PWS.Wsgame
>>>>>>C:\virus\163.rar\1637.exe - Ok
>>>>>>C:\virus\163.rar\1638.exe infected with Trojan.PWS.Wsgame
>>>>>>>>C:\virus\163.rar\1639.exe - Ok
>>>>>>>>C:\virus\163.rar\163a.exe infected with Trojan.DownLoader.29465
>>>>>>>>>>C:\virus\163.rar\163b.exe - Ok
>>>>>>>>>>>C:\virus\163.rar\163c.exe infected with Trojan.PWS.Lineage.2986
>>>>>>>>>>>>C:\virus\163.rar\163d.exe infected with Trojan.PWS.Maran
>>>>>>>>>>>>>>C:\virus\163.rar\163f.exe - Ok
>>>>>>>>>>>>>>>C:\virus\163.rar\163h.exe infected with BackDoor.Twin
>>>>>>>>>>>>>>>C:\virus\163.rar\163i.exe infected with Trojan.Inject.263
>>>>>>>>>>>>>>>>C:\virus\163.rar\163e.exe infected with Trojan.PWS.Wsgame
>>>>>>>>>>>>>>>>>>C:\virus\163.rar\163j.exe\data001 - Ok
>>>>>>>>>>>>>>>>>>C:\virus\163.rar\163j.exe\data002 - Ok
>>>>>>>>>>>>>>>>>>C:\virus\163.rar\163j.exe\data003 - Ok
>>>>>>>>>>>>>>>>>>>C:\virus\163.rar\163j.exe\data004 infected with Trojan.Arpspoof
>>>>>>>>>>>>>>>>>>>C:\virus\163.rar\163j.exe\data005 - Ok
>C:\virus\163.rar\163j.exe - archive contains infected objects
>C:\virus\163.rar\163k.exe infected with Win32.HLLW.Gavir.72
>C:\virus\163.rar\1630.exe infected with Trojan.MulDrop.8221
>>C:\virus\163.rar\1631.exe infected with Trojan.MulDrop.8220
>>>C:\virus\163.rar\1632.exe infected with Trojan.PWS.Wsgame
C:\virus\163.rar - archive contains infected objects
C:\virus\163.rar:Zone.Identifier - Ok