挂着的一个下载者和若干产物

zane_xzz

[MD5: CC7FCA 0C8596 1DC07F EAB99C 5B9830 43C0E8 272974 0C4D2F B31324 720926 E6EA3F 348887 7AC69B B4F320 E0B118 D8531B 991628 53FA75 B563BB 75B743 91B013]

FBAV

MicroVita AntiSpyware 100 C
_____________________________________________
                                          
             风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]                  
                   http://221.10.254.214/
----------------------------------------------
开始扫描……


正在检查启动……
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\1.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\10.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\10.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\10.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\11.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\11.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\11.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\12.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\12.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\13.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\13.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\13.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\14.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\14.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\14.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\15.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\15.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\16.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\16.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\17.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\17.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\19.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\19.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\2.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\3.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\3.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\4.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\5.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\5.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\5.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\6.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\6.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\6.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\7.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\8.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\8.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\8.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\9.exe]
                    …………引擎[3]发现Suspicious file
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\9.exe]
                    …………特征码引擎[1]发现病毒
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\9.exe]
                    …………引擎[2]发现病毒:Win32.Unknow
[C:\Documents and Settings\Administrator\桌面\virus\新建文件夹 (2)\桌面\桌面\momo.exe]
                    …………特征码引擎[1]发现病毒
文件数:21   病毒数:21  比重:1
OK  扫描完毕！什么叫做疯狂

[ 本帖最后由 FBAV 于 2007-9-6 15:49 编辑 ]

The EQs

Scan performed at: 2007-9-6 15:45:41
Scanning Log
NOD32 version 2508 (20070906) NT
Command line: C:\Documents and Settings\Don johnson\桌面\桌面
Operating memory - is OK

Date: 6.9.2007  Time: 15:45:50
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\桌面\
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\1.exe - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\10.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\11.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\12.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\13.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\14.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\15.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\16.exe - Win32/Agent.NEM trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\17.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\18.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\19.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\2.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\3.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\4.exe - probably a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\5.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\6.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\7.exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\8.exe - a variant of Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\9.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\momo.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\桌面\桌面\system22.exe - probably a variant of Win32/Viking virus
Number of scanned files: 21
Number of threats found: 21
Number of files cleaned: 21
Time of completion: 15:45:56 Total scanning time: 6 sec (00:00:06)

Notes:
[7] File is probably infected with an unknown virus.

微点卫士

微点：
木马名称:Trojan-Spy.Win32.Delf.drv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\10.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jvy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\11.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kbs

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\13.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.cam

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kay

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\15.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Dropper.Win32.Agent.dxx

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\16.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.drh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\19.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jwd

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\2.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kax

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\4.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.drr

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\5.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jmt

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\6.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jml

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\7.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.WOW.avh

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\9.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Vikings.gxu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\SYSTEM22.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kbf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\1.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\3.EXE
1) C:\DFD10251906.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\3.EXE
1) C:\DFD10251906.BAT
是否删除可疑程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\12.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\WMSJ.EXE
2) C:\WINDOWS.0\VIDEO.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\17.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\WINWM.EXE
2) C:\WINDOWS.0\KULIONWM.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\18.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\DBGHLP32.EXE
2) C:\WINDOWS.0\SYSTEM32\DBGHLP32.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\桌面\MOMO.EXE
是否删除木马程序及其衍生物?

8挂了，启动即退出

qqq000@qq.com

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)
[病毒库列表]
病毒总数=21577
20070726_dw0001.axx | 病毒数:12684
20070726_kv0001.axx | 病毒数:1115
20070729_ny0001.axx | 病毒数:1317
20070801_ny0002.axx | 病毒数:302
20070802_ny0003.axx | 病毒数:383
20070802_ny0004.axx | 病毒数:196
20070811_ny0005.axx | 病毒数:469
20070816_ny0006.axx | 病毒数:1232
20070816_ny0007.axx | 病毒数:49
20070819_ny0008.axx | 病毒数:570
20070820_ny0009.axx | 病毒数:108
20070822_ny0010.axx | 病毒数:728
20070824_ny0011.axx | 病毒数:340
20070830_ny0012.axx | 病毒数:929
20070906_ny0013.axx | 病毒数:1155

       [凝逸.扫描病毒引擎-日志]       2007.9.6 15:50:20
文件:F:\070906\桌面[1]\桌面\1.exe | 感染:MULDROP.Trojan [36>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\10.exe | 感染:virus [579>20070906_ny0013.axx]3(1.3)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\11.exe | 感染:virus [581>20070906_ny0013.axx]3(1.3)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\12.exe | 感染:virus [585>20070906_ny0013.axx]3(2.3)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\13.exe | 感染:virus [580>20070906_ny0013.axx]3(1.6)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\14.exe | 感染:virus [578>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\15.exe | 感染:virus [576>20070906_ny0013.axx]3(1.5)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\16.exe | 感染:virus [513>20070819_ny0008.axx]3(1.3)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\17.exe | 感染:virus [584>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\18.exe | 感染:BINARYRES [20>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\19.exe | 感染:virus [720>20070830_ny0012.axx]3(2.4)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\2.exe | 感染:virus [596>20070906_ny0013.axx]3(3.8)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\4.exe | 感染:BINARYRES [27>20070906_ny0013.axx]3(1.3)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\5.exe | 感染:virus [577>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\6.exe | 感染:MULDROP.Trojan [192>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\7.exe | 感染:BINARYRES [439>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\8.exe | 感染:virus [587>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\9.exe | 感染:Trojan.PWS.Gamania.3451 [216>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\momo.exe | 感染:BackDoor.WebDor [44>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070906\桌面[1]\桌面\system22.exe | 感染:Win32.HLLW.Gavir.66 [133>20070819_ny0008.axx]3(5.5)
操作:删除文件
扫描完成|病毒:20 文件:21|耗时:6019
----------

wangjay1980

detected: Trojan program Trojan-Spy.Win32.Delf.ach        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\10.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.blx        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\11.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.box        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\12.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bmj        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\13.exe//UPack
detected: Trojan program Trojan-PSW.Win32.Agent.pl        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\14.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bou        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\15.exe//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.aqq        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\16.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bwr        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\18.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-Spy.Win32.Delf.abi        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\19.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.blb        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\2.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bnx        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\4.exe
detected: Trojan program Trojan-Spy.Win32.Delf.aci        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\5.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.aqw        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\6.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bgr        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\7.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bjo        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\8.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.bjo        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\8.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.sa        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\9.exe//UPack
detected: virus Virus.Win32.AutoRun.hw        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\momo.exe//PE_Patch.UPX//UPX
detected: virus Worm.Win32.Viking.lz        File: C:\Documents and Settings\Owner\×ÀÃæ\×ÀÃæ\system22.exe//PE_Patch

hahacomcn

Begin scan in 'C:\Documents and Settings\Administrator\桌面\桌面.part2.rar'
C:\Documents and Settings\Administrator\桌面\桌面.part2.rar
  [0] Archive type: RAR
  --> ×ÀÃæ\8.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> ×ÀÃæ\9.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> ×ÀÃæ\momo.exe
      [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> ×ÀÃæ\system22.exe
      [DETECTION] Contains detection pattern of the worm WORM/Viking.DLL.1
Begin scan in 'C:\Documents and Settings\Administrator\桌面\桌面.part1.rar'
C:\Documents and Settings\Administrator\桌面\桌面.part1.rar
  [0] Archive type: RAR
  --> ×ÀÃæ\1.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ×ÀÃæ\10.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.acb
  --> ×ÀÃæ\11.exe
      [DETECTION] Is the Trojan horse TR/Agent.12767
  --> ×ÀÃæ\12.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> ×ÀÃæ\13.exe
      [DETECTION] Is the Trojan horse TR/Agent.12580
  --> ×ÀÃæ\14.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.PL
  --> ×ÀÃæ\15.exe
      [DETECTION] Is the Trojan horse TR/Agent.11800
  --> ×ÀÃæ\16.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.37 Backdoor server programs
  --> ×ÀÃæ\17.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> ×ÀÃæ\18.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ×ÀÃæ\19.exe
      [DETECTION] Is the Trojan horse TR/Agent.12366
  --> ×ÀÃæ\2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.blb
  --> ×ÀÃæ\3.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> ×ÀÃæ\4.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ×ÀÃæ\5.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.aci
  --> ×ÀÃæ\6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aqw


End of the scan: 2007年9月6日  17:11
Used time: 00:05 min

The scan has been done completely.

      0 Scanning directories
     24 Files were scanned
     19 viruses and/or unwanted programs were found
      1 Files were classified as suspicious:

king6808

F:\桌面[1].rar >>RAR >>桌面[1]\桌面\1.exe - Win32/PSW.Agent.NEC 木马的变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\10.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\11.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\12.exe - 未查明的 NewHeur_PE 病毒 [7]
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\13.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\14.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\15.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\16.exe - Win32/Agent.NEM 木马
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\17.exe - 未查明的 NewHeur_PE 病毒 [7]
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\18.exe - Win32/PSW.OnLineGames.YA 木马的变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\19.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\2.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\3.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\\桌面[1].rar >>RAR >>桌面[1]\桌面\4.exe - 可能是 Win32/PSW.OnLineGames.YA 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\5.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\6.exe - Win32/PSW.OnLineGames.YA 木马的变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\7.exe - Win32/PSW.OnLineGames.YA 木马的变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\8.exe - Win32/PSW.Legendmir.NEP 木马的变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\9.exe - 未查明的 NewHeur_PE 病毒 [7]
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\momo.exe - 可能是 Win32/Genetik 木马 的一个变种
F:\桌面[1].rar >>RAR >>桌面[1]\桌面\system22.exe - 可能是 Win32/Viking 病毒 的一个变种

timhas266

Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\桌面.part1.rar'
C:\Documents and Settings\tim\桌面\桌面.part1.rar
  [0] Archive type: RAR
  --> ×ÀÃæ\1.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> ×ÀÃæ\10.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.acb
  --> ×ÀÃæ\11.exe
      [DETECTION] Is the Trojan horse TR/Agent.12767
  --> ×ÀÃæ\12.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> ×ÀÃæ\13.exe
      [DETECTION] Is the Trojan horse TR/Agent.12580
  --> ×ÀÃæ\14.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.PL
  --> ×ÀÃæ\15.exe
      [DETECTION] Is the Trojan horse TR/Agent.11800
  --> ×ÀÃæ\16.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.37 Backdoor server programs
  --> ×ÀÃæ\17.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agen.26778.A
  --> ×ÀÃæ\18.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ×ÀÃæ\19.exe
      [DETECTION] Is the Trojan horse TR/Agent.12366
  --> ×ÀÃæ\2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.blb
  --> ×ÀÃæ\3.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> ×ÀÃæ\4.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> ×ÀÃæ\5.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.aci
  --> ×ÀÃæ\6.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aqw
      [INFO]      A backup was created as '470e6d36.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Paranoia Database - 3303
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\桌面

C:\Documents and Settings\uhthn\Desktop\桌面\1.exe - Infected with PDB-1362 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\10.exe - Infected with PDB-1930 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\11.exe - Infected with PDB-1106 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\12.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\桌面\13.exe - Infected with PDB-1830 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\14.exe - Infected with PDB-263 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\15.exe - Infected with PDB-2427 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\16.exe - Infected with PDB-1221 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\17.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\桌面\18.exe - Suspicious of Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\桌面\19.exe - Infected with PDB-2936 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\2.exe - Infected with PDB-3031 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\3.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\桌面\4.exe - Infected with PDB-220 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\5.exe - Infected with PDB-2951 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\6.exe - Infected with PDB-2118 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\7.exe - Infected with PDB-3136 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\8.exe - Infected with PDB-1106 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\9.exe - Infected with PDB-779 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\momo.exe - Infected with Win32.PDB-2408 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\桌面\system22.exe - Infected with Win32.PDB-3036 Malware program - Deleted

21 Files scanned
17 Infected files found
4 Suspicious files found
0 Files cured
17 Files deleted