一大包新货

显示全部楼层 · 发表于 2007-9-7 19:35:04

奇怪了，没有超过31个的？

显示全部楼层 · 发表于 2007-9-7 19:43:12

Begin scan in
\IG[1].rar
  [0] Archive type: RAR
  --> IG[1]\3.EXE
   [DETECTION] Contains suspicious code HEUR/Malware
  --> IG[1]\4.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> IG[1]\A.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
  --> IG[1]\AUTORUN.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> IG[1]\BSLRIA.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\DISKMAN32.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\DISKMAN32.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\FAVIUP.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\IG.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> IG[1]\JZIINS.EXE
   [DETECTION] Is the Trojan horse TR/PSW.Lmir.bjx
  --> IG[1]\JZIPRI.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aki
  --> IG[1]\LAONPK.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> IG[1]\LYMANGR.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLine.agb.2
  --> IG[1]\MSDEG32.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> IG[1]\NSLOOKUPI.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.25 Backdoor server programs
  --> IG[1]\NTSOKELE.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Kolmat.B.11 Backdoor server programs
  --> IG[1]\NUHJNK.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\SERT.EXE
   [DETECTION] Is the Trojan horse TR/Hijack.Explor.4117
  --> IG[1]\SYSWIN64.JMP
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> IG[1]\WDKBNN.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\WINSYS64.SYS
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> IG[1]\WINSYS64.TAO
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> IG[1]\WLHINS.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Delf.UV.125
  --> IG[1]\WLHPRI.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Delf.UV.128
  --> IG[1]\WNUUVO.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\YOETSY.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\YYWPTE.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> IG[1]\ZTMINS.EXE
   [DETECTION] Is the Trojan horse TR/Agent.12521
  --> IG[1]\ZTMPRI.DLL
   [DETECTION] Is the Trojan horse TR/Agent.19497.1
  --> IG[1]\ZXHINS.EXE
   [DETECTION] Is the Trojan horse TR/Agent.12412
  --> IG[1]\ZXHPRI.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Delf.YH
   [INFO]    The file was deleted!

End of the scan: 2007年9月7日  19:42
Used time: 00:15 min

The scan has been done completely.

   0 Scanning directories
   37 Files were scanned
   31 viruses and/or unwanted programs were found
   1 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   6 Files not concerned
   1 Archives were scanned
   0 Warnings
   0 Notes

显示全部楼层 · 发表于 2007-9-7 20:22:55

----------
[凝逸反毒] (http://hi.baidu.com/503165656)

[凝逸.扫描病毒引擎-日志] 2007.9.7 20:22:51

文件:F:\070907\IG[1]\LAONPK.EXE | 感染:Trojan.PWS.Wsgame.1182 [333>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\WNUUVO.EXE | 感染:Trojan.PWS.Wsgame.1182 [333>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\YYWPTE.EXE | 感染:Trojan.PWS.Wsgame.1182 [333>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\DISKMAN32.DLL | 感染:Trojan.PWS.Wsgame.1182 [407>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\ZTMINS.EXE | 感染:virus [263>20070822_ny0010.axx]3(1.3)
操作:删除文件
文件:F:\070907\IG[1]\4.EXE | 感染:Trojan.PWS.Qqpass.1350 [88>20070906_ny0013.axx]3(2.7)
操作:删除文件
文件:F:\070907\IG[1]\AUTORUN.EXE | 感染:Trojan.PWS.Qqpass.1350 [88>20070906_ny0013.axx]3(2.7)
操作:删除文件
文件:F:\070907\IG[1]\ZXHINS.EXE | 感染:virus [180>20070824_ny0011.axx]3(3.3)
操作:删除文件
文件:F:\070907\IG[1]\BSLRIA.DLL | 感染:Trojan.PWS.Wsgame.1182 [407>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\FAVIUP.DLL | 感染:Trojan.PWS.Wsgame.1182 [407>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\NUHJNK.DLL | 感染:Trojan.PWS.Wsgame.1182 [407>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\WDKBNN.DLL | 感染:Trojan.PWS.Wsgame.1182 [407>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\YOETSY.DLL | 感染:Trojan.PWS.Wsgame.1182 [407>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\NSLOOKUPI.EXE | 感染:virus [11093>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\JZIINS.EXE | 感染:virus [637>20070830_ny0012.axx]3(1.3)
操作:删除文件
文件:F:\070907\IG[1]\WLHINS.EXE | 感染:Trojan.PWS.Gamania.3565 [205>20070830_ny0012.axx]3(7.8)
操作:删除文件
文件:F:\070907\IG[1]\NTSOKELE.EXE | 感染:Trojan.Inject.263 [6941>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\SYSWIN64.JMP | 感染:Trojan.PWS.Qqpass.1350 [88>20070906_ny0013.axx]3(2.7)
操作:删除文件
文件:F:\070907\IG[1]\WINSYS64.SYS | 感染:virus [932>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\LYMANGR.DLL | 感染:virus [714>20070906_ny0013.axx]2(1.1)
操作:删除文件
文件:F:\070907\IG[1]\MSDEG32.DLL | 感染:virus [904>20070906_ny0013.axx]2(1.1)
操作:删除文件
文件:F:\070907\IG[1]\WINSYS64.TAO | 感染:virus [932>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\LYLOADER.EXE | 感染:virus [903>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\SERT.EXE | 感染:BackDoor.WebDor [213>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070907\IG[1]\DISKMAN32.EXE | 感染:Trojan.PWS.Wsgame.1182 [333>20070830_ny0012.axx]3(1.1)
操作:删除文件

扫描完成|病毒:25 文件:36|耗时:34200
----------

显示全部楼层 · 发表于 2007-9-8 00:29:30

卡巴还是31个

已删除: 木马程序 Trojan-Spy.Win32.Delf.yh 文件: D:\IG[1]\ZXHINS.EXE//UPack
已删除: 木马程序 Trojan-Spy.Win32.Delf.yh 文件: D:\IG[1]\ZXHPRI.DLL
已删除: 木马程序 Trojan-Spy.Win32.Delf.uv 文件: D:\IG[1]\WLHINS.EXE//UPack
已删除: 木马程序 Trojan-Spy.Win32.Delf.uv 文件: D:\IG[1]\WLHPRI.DLL
已删除: 木马程序 Trojan-PSW.Win32.WOW.vd 文件: D:\IG[1]\IG.exe//ASPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.yn 文件: D:\IG[1]\ZTMPRI.DLL
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.bmv 文件: D:\IG[1]\MSDEG32.DLL//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.bmu 文件: D:\IG[1]\LYMANGR.DLL//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.bmt 文件: D:\IG[1]\LYLOADER.EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.bjo 文件: D:\IG[1]\A.EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.aki 文件: D:\IG[1]\JZIPRI.DLL
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.ajd 文件: D:\IG[1]\ZTMINS.EXE//UPack
已删除: 木马程序 Trojan-PSW.Win32.Lmir.bjx 文件: D:\IG[1]\JZIINS.EXE//UPack
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\DISKMAN32.DLL
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\WNUUVO.EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\FAVIUP.DLL
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\WDKBNN.DLL
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\NUHJNK.DLL
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\DISKMAN32.EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\LAONPK.EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\YOETSY.DLL
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\BSLRIA.DLL
已删除: 木马程序 Trojan-Downloader.Win32.Zlob.cdg 文件: D:\IG[1]\YYWPTE.EXE//PE_Patch//UPack
已删除: 木马程序 Backdoor.Win32.WinterLove.bj 文件: D:\IG[1]\WINSYS64.TAO
已删除: 木马程序 Backdoor.Win32.WinterLove.bj 文件: D:\IG[1]\WINSYS64.SYS
已删除: 木马程序 Backdoor.Win32.WinterLove.bi 文件: D:\IG[1]\AUTORUN.EXE//UPX
已删除: 木马程序 Backdoor.Win32.WinterLove.bi 文件: D:\IG[1]\SYSWIN64.JMP//UPX
已删除: 木马程序 Backdoor.Win32.WinterLove.bi 文件: D:\IG[1]\4.EXE//UPX
已删除: 木马程序 Backdoor.Win32.Kolmat.b 文件: D:\IG[1]\NTSOKELE.EXE
已删除: 木马程序 Backdoor.Win32.Agent.alh 文件: D:\IG[1]\NSLOOKUPI.EXE//UPack
已删除: 病毒 Virus.Win32.AutoRun.ke 文件: D:\IG[1]\SERT.EXE//PE_Patch

显示全部楼层 · 发表于 2007-9-8 00:35:12

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Paranoia Database - 3800
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\LAONPK.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\WNUUVO.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\3.EXE - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\DELETEME.BAT - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\YYWPTE.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\DISKMAN32.DLL - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\ZTMINI.DLL - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\ZTMINS.EXE - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\ZTMPRI.DLL - Suspicious of Win32.Trojan-PSW.OnLineGames.3
C:\Documents and Settings\uhthn\Desktop\New Folder\ZXGINI.DLL - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\ZXHPRI.DLL - Suspicious of Win32.Trojan-PSW.OnLineGames.3
C:\Documents and Settings\uhthn\Desktop\New Folder\IG.exe - Suspicious of Win32.Trojan-PSW.Game.8
C:\Documents and Settings\uhthn\Desktop\New Folder\4.EXE - Suspicious of Win32.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\AUTORUN.EXE - Suspicious of Win32.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\ZXHINS.EXE - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\BSLRIA.DLL - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\FAVIUP.DLL - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\NUHJNK.DLL - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\WDKBNN.DLL - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\YOETSY.DLL - Suspicious of Trojan-PSW.OnLineGames.1
C:\Documents and Settings\uhthn\Desktop\New Folder\NSLOOKUPI.EXE - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\JZIINS.EXE - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\JZIPRI.DLL - Suspicious of Win32.Trojan-PSW.OnLineGames.3
C:\Documents and Settings\uhthn\Desktop\New Folder\WLHINS.EXE - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\WLHPRI.DLL - Suspicious of Win32.Trojan-PSW.OnLineGames.3
C:\Documents and Settings\uhthn\Desktop\New Folder\NTSOKELE.EXE - Suspicious of Win32.Trojan-PSW.Game.13
C:\Documents and Settings\uhthn\Desktop\New Folder\SYSWIN64.JMP - Suspicious of Win32.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\WINSYS64.SYS - Suspicious of Win32.Trojan-PSW.QQPass.1
C:\Documents and Settings\uhthn\Desktop\New Folder\LYMANGR.DLL - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\MSDEG32.DLL - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\WINSYS64.TAO - Suspicious of Win32.Trojan-PSW.QQPass.1
C:\Documents and Settings\uhthn\Desktop\New Folder\LYLOADER.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\A.EXE - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\AUTORUN.INF - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\SERT.EXE - Infected with Win32.PDB-3387 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\DISKMAN32.EXE - Suspicious of Trojan-PSW.OnLineGames.2

36 Files scanned
1 Infected files found
31 Suspicious files found
0 Files cured
1 Files deleted

显示全部楼层 · 发表于 2007-9-8 08:13:44

Starting the file scan:

Begin scan in 'C:\Documents and Settings\tim\桌面\IG.part1.rar'
C:\Documents and Settings\tim\桌面\IG.part1.rar
  [0] Archive type: RAR
  --> LAONPK.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> WNUUVO.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> 3.EXE
   [DETECTION] Contains suspicious code HEUR/Malware
  --> YYWPTE.EXE
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> DISKMAN32.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> ZTMINS.EXE
   [DETECTION] Is the Trojan horse TR/Agent.12521
  --> ZTMPRI.DLL
   [DETECTION] Is the Trojan horse TR/Agent.19497.1
  --> ZXHPRI.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Delf.YH
  --> IG.exe
   [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> 4.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> AUTORUN.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> ZXHINS.EXE
   [DETECTION] Is the Trojan horse TR/Agent.12412
  --> BSLRIA.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> FAVIUP.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> NUHJNK.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> WDKBNN.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> YOETSY.DLL
   [DETECTION] Is the Trojan horse TR/Dldr.Zlob.cdg.5
  --> NSLOOKUPI.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alh.25 Backdoor server programs
  --> JZIINS.EXE
   [DETECTION] Is the Trojan horse TR/PSW.Lmir.bjx
  --> JZIPRI.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.aki
  --> WLHINS.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Delf.UV.125
  --> WLHPRI.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Delf.UV.128
  --> NTSOKELE.EXE
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Kolmat.B.11 Backdoor server programs
  --> SYSWIN64.JMP
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> WINSYS64.SYS
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> LYMANGR.DLL
   [DETECTION] Is the Trojan horse TR/PSW.OnLine.agb.2
  --> MSDEG32.DLL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> WINSYS64.TAO
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/WinterLove.BJ.1 Backdoor server programs
  --> LYLOADER.EXE
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [INFO]    A backup was created as '470fe967.qua'  ( QUARANTINE )
   [INFO]    The file was deleted!

显示全部楼层 · 发表于 2007-9-8 08:47:07

扫描报告
2007年9月8日 8:46:18 - 8:46:32
计算机名称: 2FF87FC2B9AB46F
扫描类型: 扫描目标
目标: F:\v

--------------------------------------------------------------------------------

结果: 找到 31 恶意软件
Backdoor.Win32.WinterLove.bi (病毒)
F:\v\4.EXE 操作: 删除
F:\v\AUTORUN.EXE 操作: 删除
F:\v\SYSWIN64.JMP 操作: 删除
Trojan-PSW.Win32.OnLineGames.bjo (病毒)
F:\v\A.EXE 操作: 删除
Trojan-Downloader.Win32.Zlob.cdg (病毒)
F:\v\BSLRIA.DLL 操作: 删除
F:\v\DISKMAN32.DLL 操作: 删除
F:\v\DISKMAN32.EXE 操作: 删除
F:\v\FAVIUP.DLL 操作: 删除
F:\v\LAONPK.EXE 操作: 删除
F:\v\NUHJNK.DLL 操作: 删除
F:\v\WDKBNN.DLL 操作: 删除
F:\v\WNUUVO.EXE 操作: 删除
F:\v\YOETSY.DLL 操作: 删除
F:\v\YYWPTE.EXE 操作: 删除
Trojan-PSW.Win32.WOW.vd (病毒)
F:\v\IG.exe 操作: 删除
Trojan-PSW.Win32.Lmir.bjx (病毒)
F:\v\JZIINS.EXE 操作: 删除
Trojan-PSW.Win32.OnLineGames.aki (病毒)
F:\v\JZIPRI.DLL 操作: 删除
Trojan-PSW.Win32.OnLineGames.bmt (病毒)
F:\v\LYLOADER.EXE 操作: 删除
Trojan-PSW.Win32.OnLineGames.bmu (病毒)
F:\v\LYMANGR.DLL 操作: 删除
Trojan-PSW.Win32.OnLineGames.bmv (病毒)
F:\v\MSDEG32.DLL 操作: 删除
Backdoor.Win32.Agent.alh (病毒)
F:\v\NSLOOKUPI.EXE 操作: 删除
Backdoor.Win32.Kolmat.b (病毒)
F:\v\NTSOKELE.EXE 操作: 删除
Virus.Win32.AutoRun.ke (病毒)
F:\v\SERT.EXE 操作: 删除
Backdoor.Win32.WinterLove.bj (病毒)
F:\v\WINSYS64.SYS 操作: 删除
F:\v\WINSYS64.TAO 操作: 删除
Trojan-Spy.Win32.Delf.uv (病毒)
F:\v\WLHINS.EXE 操作: 删除
F:\v\WLHPRI.DLL 操作: 删除
Trojan-PSW.Win32.OnLineGames.ajd (病毒)
F:\v\ZTMINS.EXE 操作: 删除
Trojan-PSW.Win32.OnLineGames.yn (病毒)
F:\v\ZTMPRI.DLL 操作: 删除
Trojan-Spy.Win32.Delf.yh (病毒)
F:\v\ZXHINS.EXE 操作: 删除
F:\v\ZXHPRI.DLL 操作: 删除

--------------------------------------------------------------------------------

统计信息
已扫描:
文件: 70
未扫描: 0
结果:
病毒: 31
间谍软件: 0
可疑项目: 0
危险软件: 0
操作:
已杀毒: 0
已重命名: 0
删除: 31
已隔离: 0
失败: 0
启动扇区:
已扫描: 0
受感染: 0
可疑项目: 0
已杀毒: 0

--------------------------------------------------------------------------------

选项
定义版本:
病毒: 2007-09-07_08
间谍软件: 2007-09-07_07
扫描引擎:
F-Secure AVP: 7.00.171, 2007-09-07
F-Secure Libra: 2.04.01, 2007-09-07
F-Secure Orion: 1.02.37, 2007-09-07
F-Secure Draco: 1.00.35, 2007-09-03
扫描选项:
扫描所有文件
扫描内部存档
操作:
病毒: 扫描后询问
间谍软件: 扫描后询问

显示全部楼层 · 发表于 2007-9-8 11:11:16

微点：
木马名称:Trojan-Downloader.Win32.Zlob.btl

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\LAONPK.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Zlob.btl

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\WNUUVO.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Zlob.btl

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\YYWPTE.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.bsj

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\ZTMINS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.WinterLove.di

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\4.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.WinterLove.di

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\AUTORUN.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dma

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\ZXHINS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Agent.ekc

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\NSLOOKUPI.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Lmir.dgq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\JZIINS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dkv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\WLHINS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Kolmat.i

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\NTSOKELE.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.WinterLove.di

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\SYSWIN64.JMP
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jzi

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\LYMANGR.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.bzs

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\SERT.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Zlob.btl

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\DISKMAN32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\3.EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\PROTVIST.EXE
2) C:\WINDOWS.0\215366WO.DLL
3) C:\WINDOWS.0\IG.EXE
是否删除木马程序及其衍生物?
木马名称:Trojan-PSW.Win32.OnLineGames.jzi

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYMANGR.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\LYLOADER.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\LYLOADER.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\MSDEG32.DLL
3) C:\WINDOWS.0\SYSTEM32\MSDEG32.DLL
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\IG[1]\MSDEG32.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?

IG和A都是死的

显示全部楼层 · 发表于 2007-9-8 12:25:42

费尔扫描剩了6个

显示全部楼层 · 发表于 2007-9-8 12:43:08

Virus infection found

File which you are trying download contains virus. Loading has been interrupted.
Technical data:
Error name: Virus Alert
Virus description Generic.PWS.Games.4.6EB2A0D0, Generic.PWS.Games.4.6EB2A0D0, Generic.PWS.Games.4.6EB2A0D0, DeepScan:Generic.Onlinegames.2.BC3A0810, DeepScan:Generic.Dld.Agent.B32727D4, DeepScan:Generic.Dld.Agent.67EE4CDB, BehavesLike:Trojan.WUDisable, Generic.PWStealer.C8F6BC6
Error code: -1602
Requested URL: /attachment.php?aid=124862
Requested HTTP method: GET
Requested ContentType: application/octet-stream

[病毒样本] 一大包新货

浏览过的版块