收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 164个一包
1234567下一页
返回列表 发新帖
楼主: promised
 收起左侧

[病毒样本] 164个一包

[复制链接]
hj5abc
发表于 2007-8-11 22:41:52 | 显示全部楼层

回复 #40 风野胤 的帖子

加了利用好才有用,脱兔和fg不是有跨协议嘛..反映速度比老前辈btcomet不知要快多少..
回复

举报

风野胤
发表于 2007-8-11 23:04:23 | 显示全部楼层

回复 #41 hj5abc 的帖子

貌似bitcomet最新版也加了跨协议
回复

举报

yinxuchina
发表于 2007-8-12 01:53:14 | 显示全部楼层
扫描结果:
                 文件数 :170                                 病毒体 :74        
                   删除 :0                                     解毒 :0         
    扫描速度(千字节/秒) :3073                              扫描时间 :00:00:05
    扫描文件速度(个/秒) :34
回复

举报

The EQs
发表于 2007-8-12 04:48:02 | 显示全部楼层
Scan performed at: 2007-8-12 4:45:23
Scanning Log
NOD32 version 2451 (20070811) NT
Command line: C:\Documents and Settings\EQ2\桌面\583516
Operating memory - is OK
Date: 12.8.2007  Time: 04:45:29
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\583516\
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\0.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\1.1 - probably a variant of Win32/Agent.AAC trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\10.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\103.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\105.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\105[1].exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\11.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\112.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\1231.exe ?NSIS ?acpidisk.sys - a variant of Win32/Adware.Cinmus application - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\1560.exe ?NSIS ?acpidisk.sys - a variant of Win32/Adware.Cinmus application - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\172[1].exe - a variant of Win32/Agent.ABE trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\2.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\3.exe - probably a variant of Win32/Agent.AAC trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\34805C67.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\4.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\5.exe - Win32/TrojanDownloader.VB.APY trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\506.exe - Win32/Adware.MoKeAD application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\5jhf2gt3a.dll - a variant of Win32/TrojanDownloader.Agent.NPO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\6.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\7.exe - a variant of Win32/Agent.NAU worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\71.exe - a variant of Win32/TrojanDownloader.VB.APY trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\7793EF25.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\7[1].exe - a variant of Win32/TrojanDownloader.VB.APY trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\8.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\859.31 - probably a variant of Win32/Agent.AAC trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\9.exe - a variant of Win32/Agent.NAU worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\A65461A2.EXE - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\aabb.exe - Win32/TrojanDownloader.Agent.BYS trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\acpidisk.sys - a variant of Win32/Adware.Cinmus application
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\allworld.exe - a variant of Win32/TrojanDownloader.Busky trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\AlxRes070806.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\AntiAdwa.exe - a variant of Win32/TrojanDownloader.Agent.TL trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\BAA781E3.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\CD0FFED6.EXE - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\cxkumuewtblnx.dll - a variant of Win32/TrojanDownloader.Ieser trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\d03.exe ?NSIS ?cpush.dll - probably a variant of Win32/Adware.BHO.AV application - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\dllhosts.dll - Win32/Agent.NJK trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\DxcUpdater3.exe - Win32/Adware.SurfSideKick application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\DXC_B5[1].exe - Win32/Adware.SurfSideKick application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\EE99C835.EXE - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\f06WtR1083.exe - a variant of Win32/TrojanDownloader.VB.AW trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\gdnOT2904[1].exe - Win32/Dialer.NAD trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\guyi1234.exe - Win32/TrojanDownloader.Small.DXM trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\husjdd8s.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\kernelwind32.exe - Win32/Nuwar.Gen worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\ldcore.dll - probably a variant of Win32/TrojanDownloader.Small trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\Lejxq.exe - a variant of Win32/Agent.NAU worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\li01.exe ?NSIS ?Local.dll - Win32/TrojanDownloader.Agent.NQH trojan - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\load1.exe - Win32/Virut.NAJ virus - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\loadadv579.exe - a variant of Win32/TrojanDownloader.Small.NUS trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\ma1x1dd1v.game - Win32/Dialer.NAD trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\max1d1164v.exe - Win32/Dialer.NAD trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\mclient.exe - a variant of Win32/TrojanDownloader.Ieser trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\mst8E9.tmp - probably a variant of Win32/Agent.QT trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\mstdmc.exe - a variant of Win32/TrojanDownloader.Nurech.BG trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\myplayer.com - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\myself.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\myself[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\netdde32.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\novel.exe - Win32/Agent.NEF trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\parD5F2.tmp - a variant of Win32/TrojanProxy.Xorpix trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\parDB66.tmp - a variant of Win32/TrojanProxy.Xorpix trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\pojet.exe - a variant of Win32/TrojanDownloader.VB.APY trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\QQ2007β3.exe - a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\retadpu20.exe - a variant of Win32/TrojanDownloader.Agent.BLS trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\Rpcs.dll - a variant of Win32/PSW.QQRob.NAQ trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\runtime.sys - Win32/Rootkit.Agent.DW trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\safdsa.exe - a variant of Win32/Agent.ABE trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\sb.exe - probably a variant of Win32/TrojanDownloader.QQHelper.NDD trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\scrsys070806.scr - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\services.exe - a variant of Win32/Agent.NEY trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\sh.exe - Win32/Adware.MoKeAD application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\spnvup.dll - Win32/Small.PJ trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\spooldr.sys - Win32/Nuwar.AE worm - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\stdrun1.exe ?NSIS ?f06WtR1083.exe - a variant of Win32/TrojanDownloader.VB.AW trojan - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\stdrun5.exe - Win32/Adware.SurfSideKick application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\svchost.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\SysWin64.Jmp - a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\v3xd1.g22me - a variant of Win32/Agent.OH trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\v4xd3.ga2me - Win32/TrojanDownloader.Small.EQN trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\v5xd2.g3ame - Win32/TrojanDownloader.Small.AWA trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\vedxga1me4t1.exe - Win32/TrojanDownloader.Small.AWA trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\vedxga3me2.exe - Win32/TrojanDownloader.Small.AWA trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\vedxga4me1.exe - a variant of Win32/Agent.OH trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\vedxga5me3.exe - Win32/TrojanDownloader.Small.EQN trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\vx1dt1.game - Win32/TrojanDownloader.Small.AWA trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\wdfmgrnt.exe - Win32/TrojanDownloader.VB.APY trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\win32.exe - Win32/Nuwar.Gen worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\winamps.dll - Win32/TrojanDownloader.Agent.TL trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\winhwa32.dll - probably a variant of Win32/Agent.QT trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\winjok[1].exe - a variant of Win32/TrojanDownloader.Agent.BRK trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\winsys32_070806.dll - probably a variant of Win32/Spy.Delf.NEN trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\WinSys64.Sys - a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\win[1].exe - Win32/Agent.QT trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\wr-1-20.exe - Win32/TrojanDownloader.Small.EQN trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\xx - a variant of Win32/Agent.NEY trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\xxx.exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\zgame1[1] - a variant of Win32/Agent.OH trojan
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\zgame2[1] - Win32/TrojanDownloader.Small.AWA trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\zgame3[1] - Win32/TrojanDownloader.Small.EQN trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\583516\PLUGINS\ztool1[1] - Win32/TrojanDownloader.Small.AWA trojan - quarantined - unable to clean - deleted
Number of scanned files: 182
Number of threats found: 101
Number of files cleaned: 101
Time of completion: 04:47:15 Total scanning time: 106 sec (00:01:46)
Notes:
[7] File is probably infected with an unknown virus.
回复

举报

woai_jolin
发表于 2007-8-12 07:03:38 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

微点卫士
发表于 2007-8-12 12:48:40 | 显示全部楼层
微点:

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\2.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\9F28F200.DLL
是否删除木马程序及其衍生物?
蠕虫名称:Worm.Win32.Agent.dnv

程序:
C:\WINDOWS.0\SYSTEM32\88.38
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Agent.dnv

程序:
C:\WINDOWS.0\SYSTEM32\825.38
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\7[1].EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\__1A.TMP
2) C:\WINDOWS.0\SYSTEM32\POJET.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\8.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\2CFB87C4.EXE
2) C:\WINDOWS.0\SYSTEM32\730E1040.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\8.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\2CFB87C4.EXE
2) C:\WINDOWS.0\SYSTEM32\730E1040.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\8.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\10.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\31[1].EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\CSRSS.EXE
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\71.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\103.EXE
被修改文件:
C:\WINDOWS.0\SYSTEM32\DLLCACHE\SVCHOST.EXE
是否阻止文件被修改?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\103.EXE
是否删除病毒程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\FE14C8B0.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\FE14C8B0.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
删除失败!

延迟删除文件!
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\172[1].EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\WGYYPA91.DLL
2) C:\WINDOWS.0\SYSTEM32\DRIVERS\WGYYPA91.SYS
是否删除木马程序及其衍生物?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是可疑程序,是否阻止该进程继续运行?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是否删除病毒程序?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
删除失败!

延迟删除文件!
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\506.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET

FILES\CONTENT.IE5\S9E709A7\SEFINSTALL506[1].TXT
2) C:\WINDOWS\SYSTEM32\WCGLRWBGLQVB.DLL
3) C:\WINDOWS\SYSTEM32\FKPVAFKPUAFJOTY.DLL
4) C:\WINDOWS\SYSTEM32\YCHLRXCHMQVAF.EXE
5) C:\DWNSETUP\PPSTREAMSETUP.EXE
6) C:\DWNSETUP\STORM.EXE
7) C:\DWNSETUP\SOUGOU.EXE
8) C:\DWNSETUP\SETUPOL_3109.EXE
9) C:\DWNSETUP\ALEXAINSTALLER.EXE
10) C:\WINDOWS.0\SYSTEM32\ALXRES.DLL
11) C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\666.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\RPCS.EXE
2) C:\WINDOWS.0\SYSTEM32\RPCS.DLL
3) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
4) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
5) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\666.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\RPCS.EXE
2) C:\WINDOWS.0\SYSTEM32\RPCS.DLL
是否删除木马程序及其衍生物?
木马名称:Trojan-DDoS.Win32.Agent.bh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DOSSSETUP.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\666.EXE
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
3) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
是否删除可疑程序?
广告软件名称:AdWare.Win32.Cinmus.um

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\ACPIDISK.SYS
是广告软件!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.Cinmus.apv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\ACPIDISK.SYS
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\A65461A2.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\A65461A2.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:Trojan.Win32.Agent.fpj

程序:
C:\WINDOWS.0\SYSTEM32\SYSTEM\SYSBACKS\DLLHOSTS.TMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.hhg

程序:
C:\WINDOWS.0\SYSTEM32\SYSTEM\SYSBACKS\WINAMPS.TMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\CD0FFED6.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\LOAD1.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\LOADADV579.EXE
是否删除木马程序及其衍生物?
木马名称:Trojan-Downloader.Win32.Ieser.be

程序:
C:\WINDOWS.0\SYSTEM32\GRFNOSAKPXJKP.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\MSTDMC.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\MSTDMC.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\NETDDE32.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\NETDDE32.EXE
2) C:\WINDOWS.0\SYSTEM32\NETDDE32.EXE
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\POJET.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\QQ2007β3.EXE

E:\AUTORUN.INF
自启动运行!
并生成以下文件:
1) E:\AUTORUN.EXE
2) E:\AUTORUN.INF
以及可由此INF文件引导自启的文件:
E:\AUTORUN.EXE
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\RPCS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SAFDSA.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SB.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPAQ
2) C:\WINDOWS.0\SYSTEM32\DRIVERS\V9HUS11J7.SYS
是否删除木马程序及其衍生物?


先来这么多
回复

举报

微点卫士
发表于 2007-8-12 12:56:19 | 显示全部楼层
微点:

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\2.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\9F28F200.DLL
是否删除木马程序及其衍生物?
蠕虫名称:Worm.Win32.Agent.dnv

程序:
C:\WINDOWS.0\SYSTEM32\88.38
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Agent.dnv

程序:
C:\WINDOWS.0\SYSTEM32\825.38
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\7[1].EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\__1A.TMP
2) C:\WINDOWS.0\SYSTEM32\POJET.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\8.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\2CFB87C4.EXE
2) C:\WINDOWS.0\SYSTEM32\730E1040.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\8.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\2CFB87C4.EXE
2) C:\WINDOWS.0\SYSTEM32\730E1040.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\8.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\10.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\31[1].EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\CSRSS.EXE
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\71.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\103.EXE
被修改文件:
C:\WINDOWS.0\SYSTEM32\DLLCACHE\SVCHOST.EXE
是否阻止文件被修改?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\103.EXE
是否删除病毒程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\FE14C8B0.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\727EE3FC.EXE
2) C:\WINDOWS.0\SYSTEM32\FE14C8B0.DLL
3) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
删除失败!

延迟删除文件!
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105.EXE
1) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\105[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\172[1].EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\WGYYPA91.DLL
2) C:\WINDOWS.0\SYSTEM32\DRIVERS\WGYYPA91.SYS
是否删除木马程序及其衍生物?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是可疑程序,是否阻止该进程继续运行?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是否删除病毒程序?
程序:
C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
删除失败!

延迟删除文件!
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\506.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET

FILES\CONTENT.IE5\S9E709A7\SEFINSTALL506[1].TXT
2) C:\WINDOWS\SYSTEM32\WCGLRWBGLQVB.DLL
3) C:\WINDOWS\SYSTEM32\FKPVAFKPUAFJOTY.DLL
4) C:\WINDOWS\SYSTEM32\YCHLRXCHMQVAF.EXE
5) C:\DWNSETUP\PPSTREAMSETUP.EXE
6) C:\DWNSETUP\STORM.EXE
7) C:\DWNSETUP\SOUGOU.EXE
8) C:\DWNSETUP\SETUPOL_3109.EXE
9) C:\DWNSETUP\ALEXAINSTALLER.EXE
10) C:\WINDOWS.0\SYSTEM32\ALXRES.DLL
11) C:\WINDOWS.0\SYSTEM32\ALXTB1.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\666.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\RPCS.EXE
2) C:\WINDOWS.0\SYSTEM32\RPCS.DLL
3) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
4) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
5) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\666.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\RPCS.EXE
2) C:\WINDOWS.0\SYSTEM32\RPCS.DLL
是否删除木马程序及其衍生物?
木马名称:Trojan-DDoS.Win32.Agent.bh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DOSSSETUP.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\666.EXE
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
3) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\DELMEEXE.BAT
是否删除可疑程序?
广告软件名称:AdWare.Win32.Cinmus.um

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\ACPIDISK.SYS
是广告软件!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.Cinmus.apv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\ACPIDISK.SYS
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\A65461A2.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\A65461A2.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\8B583230.EXE
2) C:\WINDOWS.0\SYSTEM32\DELME.BAT
是否删除可疑程序?
木马名称:Trojan.Win32.Agent.fpj

程序:
C:\WINDOWS.0\SYSTEM32\SYSTEM\SYSBACKS\DLLHOSTS.TMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.hhg

程序:
C:\WINDOWS.0\SYSTEM32\SYSTEM\SYSBACKS\WINAMPS.TMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\CD0FFED6.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\LOAD1.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\LOADADV579.EXE
是否删除木马程序及其衍生物?
木马名称:Trojan-Downloader.Win32.Ieser.be

程序:
C:\WINDOWS.0\SYSTEM32\GRFNOSAKPXJKP.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\MSTDMC.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\MSTDMC.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\NETDDE32.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\NETDDE32.EXE
2) C:\WINDOWS.0\SYSTEM32\NETDDE32.EXE
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\POJET.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\QQ2007β3.EXE

E:\AUTORUN.INF
自启动运行!
并生成以下文件:
1) E:\AUTORUN.EXE
2) E:\AUTORUN.INF
以及可由此INF文件引导自启的文件:
E:\AUTORUN.EXE
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\RPCS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SAFDSA.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SB.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\TEMPAQ
2) C:\WINDOWS.0\SYSTEM32\DRIVERS\V9HUS11J7.SYS
是否删除木马程序及其衍生物?
恶意程序名称:Packed.Win32.Tibs.tw
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\VEDXGA4ME1.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\PARB8DD.TMP
是否删除木马程序及其衍生物?


程序:
C:\WINDOWS.0\SYSTEM32\SPOOLDR.SYS
是恶意程序!
已成功阻止其运行,是否要删除此文件?
恶意程序名称:Packed.Win32.Tibs.tw

程序:
C:\WINDOWS.0\SYSTEM32\SPOOLDR.SYS
是恶意程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SPOOLDR.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SPOOLDR.EXE
2) C:\WINDOWS.0\SYSTEM32\SPOOLDR.SYS
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\STDRUN2.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\ONLINE SERVICES\MEHEWOKE2.EXE
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\STDRUN3.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.SurfSide.a

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\I46.TMP
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\STDRUN6.EXE
修改注册表项:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
是否阻止?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\STDRUN6.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\KERNELWIND32.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SVCHOST.EXE
被修改文件:
C:\WINDOWS.0\SYSTEM32\DLLCACHE\SVCHOST.EXE
是否阻止文件被修改?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\SVCHOST.EXE
是否删除病毒程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\TTX.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\VEDXG3AM1ET3.EXE
是否删除病毒程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\VEDXG4AM1ET2.EXE
是否删除蠕虫程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\VEDXG6AME4.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\VEDXGA4ME1.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\PARB8DD.TMP
是否删除木马程序及其衍生物?
木马名称:Trojan-Downloader.Win32.Agent.itl

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0LI7K96N\RETADPU[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.itl

程序:
C:\WINDOWS.0\RETADPU27.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\VEDXGA5ME3.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\RETADPU27.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\WIN32.EXE
修改注册表项:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
是否阻止?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\WIN32.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\KERNELWIND32.EXE
是否删除木马程序及其衍生物?
木马名称:未知木马

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\WIN32[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\PLUGINS\WINJOK[1].EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\DRIVERS\RUNTIME.SYS
是否删除木马程序及其衍生物?


测试到这里,微点被病毒KILL了,需要重新启动计算机,晕死
回复

举报

abin5288
发表于 2007-8-12 17:15:46 | 显示全部楼层
小红伞P版142个
Starting the file scan:
Begin scan in 'G:\TDDOWNLOAD\583516.rar'
G:\TDDOWNLOAD\583516.rar
  [0] Archive type: RAR
  --> PLUGINS\0.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\1.1
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.buv.1
  --> PLUGINS\10.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\103.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\105.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\105[1].exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\11.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\112.exe
      [DETECTION] Is the Trojan horse TR/Dldr.VB.atk.58
  --> PLUGINS\172[1].exe
      [DETECTION] Is the Trojan horse TR/Spy.Agent.ABE
  --> PLUGINS\2.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Flux.A.2
  --> PLUGINS\3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> PLUGINS\34805C67.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> PLUGINS\4.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\5.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\506.exe
      [DETECTION] Is the Trojan horse TR/Adload.L.10
  --> PLUGINS\5jhf2gt3a.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\6.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\666.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> PLUGINS\7.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\71.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\7793EF25.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> PLUGINS\7[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\8.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\859.31
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\9.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\A65461A2.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\aabb.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.bys
  --> PLUGINS\acpidisk.sys
      [DETECTION] Contains signature of the rootkit RKIT/Cinmus.M
  --> PLUGINS\advkuerm.exe
      [DETECTION] Is the Trojan horse TR/Crypt.PCMM.Gen
  --> PLUGINS\allworld.exe
      [DETECTION] Is the Trojan horse TR/Small.Crypted.Gen
  --> PLUGINS\AlxRes070806.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\AntiAdwa.exe
      [DETECTION] Is the Trojan horse TR/Agent.TL.53
  --> PLUGINS\avps.exe
      [DETECTION] Is the Trojan horse TR/Small.83968.A
  --> PLUGINS\BAA781E3.DLL
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> PLUGINS\CD0FFED6.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\cdnprh.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Tiny.HU.2
  --> PLUGINS\Changer.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> PLUGINS\china.exe
      [DETECTION] Is the Trojan horse TR/Agent.arp.1
  --> PLUGINS\combspn.dll
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Small.BQ.19 Backdoor server programs
  --> PLUGINS\cxkumuewtblnx.dll
      [DETECTION] Is the Trojan horse TR/Ieser.A.1
  --> PLUGINS\d03.exe
      [DETECTION] Contains signature of the dropper DR/BHO.CX.17
  --> PLUGINS\dllh8jkd1q1.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> PLUGINS\dllh8jkd1q5.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\dllh8jkd1q6.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\dllh8jkd1q7.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\dllhosts.dll
      [DETECTION] Is the Trojan horse TR/Agent.die.2
  --> PLUGINS\dodolook133.exe
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Cinmus.HV
  --> PLUGINS\DoSSSetup.dll
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Cinmus.JH
  --> PLUGINS\DxcUpdater3.exe
      [DETECTION] Contains signature of the dropper DR/SurfSide.AY
  --> PLUGINS\DXC_B5[1].exe
      [DETECTION] Is the Trojan horse TR/Dldr.DollarRev.F
  --> PLUGINS\EE99C835.EXE
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\f06WtR1083.exe
      [DETECTION] Is the Trojan horse TR/Dldr.AW.awj
  --> PLUGINS\gdnOT2904[1].exe
      [DETECTION] Contains signature of the dial-up program DIAL/Generic
  --> PLUGINS\guyi1234.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Small.dxm.4
  --> PLUGINS\home.exe.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\husjdd8s.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\i2omgmt.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> PLUGINS\internat.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.buv.1
  --> PLUGINS\jkxdxq38.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\kernelwind32.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\lbrtfdc.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> PLUGINS\ldcore.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Small.dxm.3
  --> PLUGINS\Lejxq.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\load1.exe
      [DETECTION] Contains code of the Windows virus W32/Virut.P
  --> PLUGINS\loadadv579.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> PLUGINS\ma1x1dd1v.game
      [DETECTION] Contains signature of the dial-up program DIAL/Generic
  --> PLUGINS\max1d1164v.exe
      [DETECTION] Contains signature of the dial-up program DIAL/Generic
  --> PLUGINS\mclient.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\mst8E9.tmp
      [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> PLUGINS\mstdmc.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Banload.cil
  --> PLUGINS\myplayer.com
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\myself.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\myself[1].exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\m[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> PLUGINS\m[2].exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> PLUGINS\netdde32.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\novel.exe
      [DETECTION] Is the Trojan horse TR/Agent.AABF.1
  --> PLUGINS\osiesd3.dll
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> PLUGINS\parD5F2.tmp
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\parDB66.tmp
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\PCIDump.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> PLUGINS\pojet.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\QQ2007¦Â3.exe
      [DETECTION] Contains signature of the dropper DR/Delphi.Gen
  --> PLUGINS\retadpu20.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\Rpcs.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\Rpcs.exe
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> PLUGINS\runtime.sys
      [DETECTION] Contains signature of the rootkit RKIT/Agent.DW.5
  --> PLUGINS\safdsa.exe
      [DETECTION] Is the Trojan horse TR/Spy.Agent.ABE
  --> PLUGINS\sb.exe
      [DETECTION] Is the Trojan horse TR/Dldr.QQHelper.WD.6
  --> PLUGINS\SCardSevr.exe
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Small.BQ.18 Backdoor server programs
  --> PLUGINS\scrsys070806.scr
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\services.exe
      [DETECTION] Is the Trojan horse TR/Agent.15360.48
  --> PLUGINS\sh.exe
      [DETECTION] Is the Trojan horse TR/Adload.L.11
  --> PLUGINS\spnvup.dll
      [DETECTION] Is the Trojan horse TR/Agent.8192.176
  --> PLUGINS\spooldr.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\spooldr.sys
      [DETECTION] Is the Trojan horse TR/PCK.Tibs.AP.166
  --> PLUGINS\stdrun2.exe
      [DETECTION] Is the Trojan horse TR/Dldr.AW.awm
  --> PLUGINS\stdrun5.exe
      [DETECTION] Is the Trojan horse TR/Dldr.DollarRev.F
  --> PLUGINS\stdrun6.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\svchost.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\SysWin64.Jmp
      [DETECTION] Contains signature of the dropper DR/Delphi.Gen
  --> PLUGINS\tcpip.sys
      [DETECTION] Is the Trojan horse TR/Patched.AD.10
    --> PLUGINS\tmp20.cab
      [1] Archive type: CAB (Microsoft)
      --> cdnprh.dll
          [DETECTION] Is the Trojan horse TR/Dldr.Tiny.HU.2
      --> host.exe
          [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Cdnup.G
    --> PLUGINS\tmp949.cab
      [1] Archive type: CAB (Microsoft)
      --> live.dll
          [DETECTION] Contains suspicious code HEUR/Malware
    --> PLUGINS\tmp94A.cab
      [1] Archive type: CAB (Microsoft)
      --> live.sys
          [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> PLUGINS\TTX.exe
      [DETECTION] Is the Trojan horse TR/Dldr.AW.awk
  --> PLUGINS\v3xd1.g22me
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\v4xd3.ga2me
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\v4xd6.gam5e
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\v5xd2.g3ame
      [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> PLUGINS\v5xd4.ga2me
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\vedxg3am1et3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\vedxg4am1et2.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\vedxg6ame4.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\vedxga1me4t1.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> PLUGINS\vedxga3me2.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> PLUGINS\vedxga4me1.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\vedxga5me3.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\vx1dt1.game
      [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> PLUGINS\vx1dt3.game
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\vx3dt2.game
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\wdfmgrnt.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\WDICA.sys
      [DETECTION] Is the Trojan horse TR/Rootkit.Gen
  --> PLUGINS\win32.exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\win32[1].exe
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\winamps.dll
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> PLUGINS\winhwa32.dll
      [DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
  --> PLUGINS\winsys32_070806.dll
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> PLUGINS\WinSys64.Sys
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\winu8[1].exe
      [DETECTION] Is the Trojan horse TR/Crypt.PCMM.Gen
  --> PLUGINS\win[1].exe
      [DETECTION] Is the Trojan horse TR/Dldr.Agen.QT.3
  --> PLUGINS\wr-1-20.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\xx
      [DETECTION] Is the Trojan horse TR/Agent.15360.48
  --> PLUGINS\xxx.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> PLUGINS\zgame1[1]
      [DETECTION] Contains suspicious code HEUR/Malware
  --> PLUGINS\zgame2[1]
      [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> PLUGINS\zgame3[1]
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> PLUGINS\ztool1[1]
      [DETECTION] Is the Trojan horse TR/Dldr.Small.agq.4
  --> PLUGINS\ztool2[1]
      [DETECTION] Contains signature of the worm WORM/Zhelatin.Gen
  --> PLUGINS\ztool3[1]
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
      [INFO]      The file was moved to '46f1cfba.qua'!
回复

举报

woai_jolin
发表于 2007-8-12 17:36:22 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hj5abc
发表于 2007-8-12 17:43:41 | 显示全部楼层

回复 #49 woai_jolin 的帖子

你怎么又换啦?这是panda吧.
回复

举报

下一页 »
1234567下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-21 22:58 , Processed in 0.090073 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表