一吨

显示全部楼层 · 发表于 2007-9-13 15:56:04

Scan performed at: 2007-9-13 15:55:20
Scanning Log
NOD32 version 2527 (20070913) NT
Command line: C:\Documents and Settings\Don johnson\桌面\070913
Operating memory - is OK

Date: 13.9.2007 Time: 15:55:24
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\070913\
C:\Documents and Settings\Don johnson\桌面\070913\1630[1].exe - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\Don johnson\桌面\070913\1631.exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\070913\1631[1].exe - probably unknown NewHeur_PE virus [7]
C:\Documents and Settings\Don johnson\桌面\070913\1632[1].exe - a variant of Win32/PSW.OnLineGames.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\1633.exe - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\Don johnson\桌面\070913\1633[1].exe - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\Don johnson\桌面\070913\1634.exe - a variant of Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\1634[1].exe - a variant of Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\1636[1].exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\070913\1637[1].exe - a variant of Win32/PSW.OnLineGames.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\1638[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\1639[1].exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\070913\163a[1].exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\163b[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\163c[1].exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\070913\163d[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\163e[1].exe - a variant of Win32/PSW.OnLineGames.YA trojan
C:\Documents and Settings\Don johnson\桌面\070913\163f[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\163g.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\163g[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\163h[1].exe - Win32/Agent.NEM trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\070913\163i[1].exe - Win32/Delf.NGD trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\Don johnson\桌面\070913\163j[1].exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\163k.exe - probably a variant of Win32/Viking virus
C:\Documents and Settings\Don johnson\桌面\070913\16Sy.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\070913\1[1].exe - a variant of Win32/PSW.Delf.NIY trojan
C:\Documents and Settings\Don johnson\桌面\070913\1[1]2.exe - probably a variant of Win32/Drowor virus
C:\Documents and Settings\Don johnson\桌面\070913\2.exe - a variant of Win32/PSW.Legendmir.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\20ff2c4c19a31224[1].exe - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\070913\3.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
C:\Documents and Settings\Don johnson\桌面\070913\7CFB95B0.EXE - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\070913\~Temp6482.tmp - a variant of Win32/PSW.OnLineGames.NBR trojan
C:\Documents and Settings\Don johnson\桌面\070913\~tmp2065.exe - probably a variant of Win32/PSW.Delf.NHI trojan
Number of scanned files: 65
Number of threats found: 33
Number of files cleaned: 33
Time of completion: 15:55:34 Total scanning time: 10 sec (00:00:10)

Notes:
[7] File is probably infected with an unknown virus.

显示全部楼层 · 发表于 2007-9-13 17:49:06

F:\070913[1].rar >>RAR >>070913[1]\~Temp6482.tmp - Win32/PSW.OnLineGames.NBR 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\~tmp2065.exe - 可能是 Win32/PSW.Delf.NHI 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\1[1]2.exe - 可能是 Win32/Drowor 病毒的一个变种
F:\070913[1].rar >>RAR >>070913[1]\1[1].exe - Win32/PSW.Delf.NIY 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\2.exe - Win32/PSW.Legendmir.NEP 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\3.exe - 可能是 Win32/PSW.OnLineGames.NEP 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\7CFB95B0.EXE - 可能是 Win32/Agent.NEO 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\16Sy.exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\20ff2c4c19a31224[1].exe - 可能是 Win32/Agent.NEO 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163a[1].exe - 可能是 Win32/PSW.OnLineGames.NEP 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163b[1].exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163c[1].exe - Win32/PSW.OnLineGames.YA 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\163d[1].exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163e[1].exe - Win32/PSW.OnLineGames.YA 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\163f[1].exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163g.exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163g[1].exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163h[1].exe - Win32/Agent.NEM 木马
F:\070913[1].rar >>RAR >>070913[1]\163i[1].exe - Win32/Delf.NGD 木马
F:\070913[1].rar >>RAR >>070913[1]\163j[1].exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\163k.exe - 可能是 Win32/Viking 病毒的一个变种
F:\070913[1].rar >>RAR >>070913[1]\1630[1].exe - Win32/PSW.Agent.NEC 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\1631.exe - 未查明的 NewHeur_PE 病毒 [7]
F:\070913[1].rar >>RAR >>070913[1]\1631[1].exe - 未查明的 NewHeur_PE 病毒 [7]
F:\070913[1].rar >>RAR >>070913[1]\1632[1].exe - Win32/PSW.OnLineGames.NEP 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\1633.exe - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
F:\070913[1].rar >>RAR >>070913[1]\1633[1].exe - 可能是 Win32/AutoRun.Q 蠕虫的一个变种
F:\070913[1].rar >>RAR >>070913[1]\1634.exe - Win32/PSW.Legendmir.NEP 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\1634[1].exe - Win32/PSW.Legendmir.NEP 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\1636[1].exe - Win32/PSW.OnLineGames.YA 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\1637[1].exe - Win32/PSW.OnLineGames.NEP 木马的变种
F:\070913[1].rar >>RAR >>070913[1]\1638[1].exe - 可能是 Win32/Genetik 木马的一个变种
F:\070913[1].rar >>RAR >>070913[1]\1639[1].exe - Win32/PSW.OnLineGames.YA 木马的变种

显示全部楼层 · 发表于 2007-9-13 17:56:47

----------
[凝逸反毒] (http://hi.baidu.com/503165656)

[凝逸.扫描病毒引擎-日志] 2007.9.13 17:55:10

文件:F:\070914\070913[1]\~tmp65.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\~tmp764.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\~tmp1644.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\~tmp2065.exe | 感染:Win32.HLLW.Autoruner.249 [4>20070913_ny0018.axx]3(5.5)
操作:删除文件
文件:F:\070914\070913[1]\~tmp4557.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\~tmp6263.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\~tmp6557.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\~tmp7800.exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1[1]2.exe | 感染:Win32.HLLW.Autoruner.473 [22>20070911_ny0016.axx]3(9.9)
操作:删除文件
文件:F:\070914\070913[1]\1[1].exe | 感染:virus [365>20070911_ny0016.axx]3(4.7)
操作:删除文件
文件:F:\070914\070913[1]\3[1].exe | 感染:virus [259>20070913_ny0018.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\3[2].exe | 感染:virus [626>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\7CFB95B0.EXE | 感染:BINARYRES [67>20070906_ny0013.axx]3(2.3)
操作:删除文件
文件:F:\070914\070913[1]\9BA1E96A.DLL | 感染:Trojan.Click.1956 [188>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\11.exe | 感染:virus [264>20070911_ny0016.axx]2(1.1)
操作:删除文件
文件:F:\070914\070913[1]\16Sy.exe | 感染:virus [463>20070910_ny0015.axx]3(2.5)
操作:删除文件
文件:F:\070914\070913[1]\20ff2c4c19a31224[1].exe | 感染:BINARYRES [67>20070906_ny0013.axx]3(2.3)
操作:删除文件
文件:F:\070914\070913[1]\163a[1].exe | 感染:BACKDOOR.Trojan [93>20070913_ny0018.axx]3(1.2)
操作:删除文件
文件:F:\070914\070913[1]\163b[1].exe | 感染:virus [448>20070906_ny0014.axx]3(3.15)
操作:删除文件
文件:F:\070914\070913[1]\163c[1].exe | 感染:BINARYRES [31>20070906_ny0014.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\163d[1].exe | 感染:virus [252>20070913_ny0018.axx]3(2.3)
操作:删除文件
文件:F:\070914\070913[1]\163e[1].exe | 感染:virus [161>20070802_ny0003.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\163f[1].exe | 感染:Trojan.PWS.Gamania.3696 [87>20070906_ny0013.axx]3(1.2)
操作:删除文件
文件:F:\070914\070913[1]\163g.exe | 感染:virus [463>20070910_ny0015.axx]3(2.5)
操作:删除文件
文件:F:\070914\070913[1]\163g[1].exe | 感染:virus [463>20070910_ny0015.axx]3(2.5)
操作:删除文件
文件:F:\070914\070913[1]\163h[1].exe | 感染:virus [12631>20070726_dw0001.axx]3(1.2)
操作:删除文件
文件:F:\070914\070913[1]\163i[1].exe | 感染:Worm.Agent.hc [1066>20070726_kv0001.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\163j[1].exe | 感染:BACKDOOR.Trojan [305>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\163k.exe | 感染:Win32.HLLW.Gavir.66 [113>20070910_ny0015.axx]3(7.8)
操作:删除文件
文件:F:\070914\070913[1]\1630[1].exe | 感染:MULDROP.Trojan [208>20070911_ny0016.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1631.exe | 感染:Trojan.PWS.Gamania.3861 [82>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1631[1].exe | 感染:Trojan.PWS.Gamania.3861 [82>20070906_ny0013.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1632[1].exe | 感染:Trojan.PWS.Gamania.3699 [31>20070906_ny0013.axx]3(2.3)
操作:删除文件
文件:F:\070914\070913[1]\1633.exe | 感染:virus [363>20070911_ny0016.axx]3(2.5)
操作:删除文件
文件:F:\070914\070913[1]\1633[1].exe | 感染:virus [363>20070911_ny0016.axx]3(2.5)
操作:删除文件
文件:F:\070914\070913[1]\1634.exe | 感染:virus [629>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1634[1].exe | 感染:virus [629>20070910_ny0015.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1636[1].exe | 感染:BINARYRES [464>20070830_ny0012.axx]3(1.1)
操作:删除文件
文件:F:\070914\070913[1]\1637[1].exe | 感染:UPACK [146>20070819_ny0008.axx]3(1.2)
操作:删除文件
文件:F:\070914\070913[1]\1638[1].exe | 感染:Trojan.PWS.Gamania.3910 [105>20070910_ny0015.axx]3(3.3)
操作:删除文件
文件:F:\070914\070913[1]\1639[1].exe | 感染:virus [107>20070912_ny0017.axx]3(1.1)
操作:删除文件

扫描完成|病毒:41 文件:65|耗时:20640
----------

显示全部楼层 · 发表于 2007-9-13 17:58:16

还有 3个没杀
其余是文本

显示全部楼层 · 发表于 2007-9-13 18:06:58

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Paranoia Database - 4671
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\1639[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\~Temp6482.tmp - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp65.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp764.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp1644.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp2065.exe - Infected with Win32.PDB-3a4 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp4557.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp6263.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp6557.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~tmp7800.exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\~up.log - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1[1]2.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\1[1].exe - Suspicious of Win32.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\2.exe - Infected with Win32.PDB-b0b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\3.exe - Infected with PDB-c58 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\3[1].exe - Suspicious of Win32.Trojan.Dialer.1
C:\Documents and Settings\uhthn\Desktop\New Folder\3[2].exe - Suspicious of Win32.Trojan-Downloader.Zlob.1
C:\Documents and Settings\uhthn\Desktop\New Folder\7CFB95B0.EXE - Suspicious of Trojan-PSW.Game.8
C:\Documents and Settings\uhthn\Desktop\New Folder\9BA1E96A.DLL - Suspicious of Trojan-Downloader.VB.1
C:\Documents and Settings\uhthn\Desktop\New Folder\11.exe - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\16Sy.exe - Infected with PDB-ff0 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\20ff2c4c19a31224[1].exe - Suspicious of Trojan-PSW.Game.8
C:\Documents and Settings\uhthn\Desktop\New Folder\163a[1].exe - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\163a[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163b[1].exe - Infected with PDB-da6 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163b[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163c[1].exe - Infected with PDB-31c Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163c[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163d[1].exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\163d[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163e[1].exe - Infected with PDB-8a6 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163e[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163f[1].exe - Infected with PDB-c53 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163f[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163g.exe - Infected with PDB-ff0 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163g[1].exe - Infected with PDB-ff0 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163g[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163h[1].exe - Infected with PDB-572 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163h[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163i[1].exe - Infected with Win32.PDB-1f4 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\163i[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163j[1].exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\163j[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\163k.exe - Infected with Win32.PDB-d61 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1630[1].exe - Suspicious of Trojan-PSW.OnLineGames.2
C:\Documents and Settings\uhthn\Desktop\New Folder\1630[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1631.exe - Infected with PDB-9eb Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1631[1].exe - Infected with PDB-9eb Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1631[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1632[1].exe - Infected with PDB-a1c Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1632[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1633.exe - Suspicious of Win32.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\1633[1].exe - Suspicious of Win32.Trojan-PSW.Game.1
C:\Documents and Settings\uhthn\Desktop\New Folder\1633[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1634.exe - Infected with PDB-d07 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1634[1].exe - Infected with PDB-d07 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1634[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1635[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1636[1].exe - Infected with PDB-a09 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1636[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1637[1].exe - Infected with PDB-965 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1637[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1638[1].exe - Infected with PDB-87e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1638[1].txt - OK
C:\Documents and Settings\uhthn\Desktop\New Folder\1639[1].exe - Suspicious of Trojan-PSW.Game.1

65 Files scanned
21 Infected files found
23 Suspicious files found
0 Files cured
21 Files deleted

显示全部楼层 · 发表于 2007-9-13 20:07:57

微点：
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP65.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP764.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP1644.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP4557.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP6263.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP6557.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP7800.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.fcr

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.ktm

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\2.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.joy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\3.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.ezy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\3[2].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Agent.ekf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\7CFB95B0.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.faq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\16SY.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Agent.ekf

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\20FF2C4C19A31224[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163A[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Dropper.Win32.Killav.e

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163C[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dyy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163D[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OnLineGames.hmt

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163E[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.drn

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163F[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.faq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163G.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Delf.faq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163G[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

蠕虫名称:Worm.Win32.Agent.dfz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163H[1].EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Backdoor.Win32.Kolmat.bc

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163I[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.cfc

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163J[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Vikings.hyv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163K.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.WOW.aze

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1631.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.WOW.aze

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1631[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:未知间谍软件

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1632[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.QQShou.bla

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1633.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.QQShou.bla

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1633[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kvu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1634.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.kvu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1634[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.jmo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1636[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.ipy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1637[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dtu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1638[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.lat

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1639[1].EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\~TMP2065.EXE
由
C:\AUTORUN.INF
自启动运行!
并生成以下文件:
1) C:\PROGRAM FILES\INTERNET EXPLORER\PLUGINS\NEWTEMP.BAK
2) C:\PROGRAM FILES\INTERNET EXPLORER\PLUGINS\NEWTEMP.DLL
3) C:\PEGEFILE.PIF
4) C:\AUTORUN.INF
以及可由此INF文件引导自启的文件:
C:\PEGEFILE.PIF

是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\1[1]2.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM\LOGOGO.EXE
2) C:\SETUP.EXE
3) D:\SETUP.EXE
4) E:\SETUP.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\3[1].EXE
木马程序生成以下文件:
1) C:\PROGRAM FILES\COMMON FILES\SYSTEM.DT2
2) C:\PROGRAM FILES\COMMON FILES\SYINFO.BPS
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163B[1].EXE
1) C:\DFD1704921.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\070913[1]\163B[1].EXE
1) C:\DFD1704921.BAT
是否删除可疑程序?
木马名称:Trojan-PSW.Win32.OnLineGames.koo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LYLOADER.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

上报11

显示全部楼层 · 发表于 2007-9-15 21:45:19

如今病毒都论“吨”卖了……

显示全部楼层 · 发表于 2007-9-16 09:39:28

扫描报告
2007年9月16日 9:38:32 - 9:38:34
计算机名称: C3EF58622174424
扫描类型: 扫描目标
目标: G:\v

--------------------------------------------------------------------------------

结果: 找到 43 恶意软件
Trojan-PSW.Win32.OnLineGames.aci (病毒)
G:\v\11.exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.cny (病毒)
G:\v\1630[1].exe 操作: 删除
Trojan-PSW.Win32.WOW.uw (病毒)
G:\v\1631.exe 操作: 删除
G:\v\1631[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.bgc (病毒)
G:\v\1632[1].exe 操作: 删除
Trojan-PSW.Win32.QQShou.le (病毒)
G:\v\1633.exe 操作: 删除
G:\v\1633[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.cnf (病毒)
G:\v\1634.exe 操作: 删除
G:\v\1634[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.bgr (病毒)
G:\v\1636[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.aia (病毒)
G:\v\1637[1].exe 操作: 删除
Trojan-Spy.Win32.Delf.afu (病毒)
G:\v\1638[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.cul (病毒)
G:\v\1639[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.cqb (病毒)
G:\v\163a[1].exe 操作: 删除
Trojan-Spy.Win32.Delf.agk (病毒)
G:\v\163b[1].exe 操作: 删除
Trojan-Dropper.Win32.Killav.e (病毒)
G:\v\163c[1].exe 操作: 删除
Trojan-Spy.Win32.Delf.bab (病毒)
G:\v\163d[1].exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.wp (病毒)
G:\v\163e[1].exe 操作: 删除
Trojan-Spy.Win32.Delf.abi (病毒)
G:\v\163f[1].exe 操作: 删除
Trojan-PSW.Win32.Delf.aaw (病毒)
G:\v\163g.exe 操作: 删除
G:\v\163g[1].exe 操作: 删除
G:\v\16Sy.exe 操作: 删除
Trojan-Dropper.Win32.Agent.bvb (病毒)
G:\v\163h[1].exe 操作: 删除
Trojan-Downloader.Win32.Agent.cac (病毒)
G:\v\163i[1].exe 操作: 删除
Trojan-Downloader.Win32.Small.fsb (病毒)
G:\v\163j[1].exe 操作: 删除
Worm.Win32.Viking.mc (病毒)
G:\v\163k.exe 操作: 删除
Trojan-PSW.Win32.Delf.abt (病毒)
G:\v\1[1].exe 操作: 删除
Trojan-Downloader.Win32.Agent.dex (病毒)
G:\v\1[1]2.exe 操作: 删除
Trojan-PSW.Win32.OnLineGames.adn (病毒)
G:\v\2.exe 操作: 删除
Backdoor.Win32.Agent.beu (病毒)
G:\v\20ff2c4c19a31224[1].exe 操作: 删除
G:\v\7CFB95B0.EXE 操作: 删除
Trojan-PSW.Win32.OnLineGames.cov (病毒)
G:\v\3.exe 操作: 删除
Trojan-Spy.Win32.QQLogger.b (病毒)
G:\v\3[1].exe 操作: 删除
Trojan-PSW.Win32.Delf.aax (病毒)
G:\v\3[2].exe 操作: 删除
G:\v\~tmp1644.exe 操作: 删除
G:\v\~tmp4557.exe 操作: 删除
G:\v\~tmp6263.exe 操作: 删除
G:\v\~tmp65.exe 操作: 删除
G:\v\~tmp6557.exe 操作: 删除
G:\v\~tmp764.exe 操作: 删除
G:\v\~tmp7800.exe 操作: 删除
Trojan-Downloader.Win32.Agent.diy (病毒)
G:\v\9BA1E96A.DLL 操作: 删除
Worm.Win32.QQPass.a (病毒)
G:\v\~tmp2065.exe 操作: 删除

--------------------------------------------------------------------------------

统计信息
已扫描:
文件: 43
未扫描: 0
结果:
病毒: 43
间谍软件: 0
可疑项目: 0
危险软件: 0
操作:
已杀毒: 0
已重命名: 0
删除: 43
已隔离: 0
失败: 0
启动扇区:
已扫描: 0
受感染: 0
可疑项目: 0
已杀毒: 0

--------------------------------------------------------------------------------

选项
定义版本:
病毒: 2007-09-15_01
间谍软件: 2007-09-15_01
扫描引擎:
F-Secure AVP: 7.00.171, 2007-09-15
F-Secure Libra: 2.04.01, 2007-09-14
F-Secure Orion: 1.02.37, 2007-09-15
F-Secure Draco: 1.00.35, 2007-09-03
扫描选项:
扫描定义的文件: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ANI AVB BAT CEO CMD LSP MAP MHT MIF PHP POT WMF NWS TAR TGZ ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2 HQX
扫描内部存档
操作:
病毒: 扫描后询问
间谍软件: 扫描后询问

[病毒样本] 一吨