再来20个

promised

[MD5: 73E3ED 38E431 C1982F 30802A 956D81 1852B2 519417 1A7FAE C625FF 35EE78 D935DF E3C717 8D2DC2 7F1B31 F1A370 4C6F2F AE9F4F 2162DA 1A6C6D 970E09]

kp2006

avast!都报

gho

卡巴报警，不让下

nosferatu

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\样本.rar'
C:\Documents and Settings\Administrator\桌面\样本.rar
  [0] Archive type: RAR
  --> 34805C67.DLL
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> 7793EF25.DLL
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> BAA781E3.DLL
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> combspn.dll
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Small.BQ.19 Backdoor server programs
  --> DocProp1.dll
      [DETECTION] Is the Trojan horse TR/Dloader.CCM
  --> gaiabu08.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/TCent.J
  --> gksfoo67.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/Agent.CK.27
  --> jsshow.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> kqtohw21.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/CnsMin.C
  --> kusn433sd3.dll
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> ldcore.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Small.dxm.3
  --> msv1_1.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.AF.12
  --> osiesd3.dll
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Exaal.45056 Backdoor server programs
  --> spnvup.dll
      [DETECTION] Is the Trojan horse TR/Agent.8192.176
  --> winabu08.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/NewWeb.Z.1
  --> winfoo67.dll
      [DETECTION] Contains detection pattern of the Ad- or Spyware ADSPY/SoduiSearch
  --> jshelp.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> wdfmgrnt.exe
      [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
  --> 0mkjvze.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!


End of the scan: 2007年9月18日  21:02
Used time: 00:32 min

The scan has been done completely.

      0 Scanning directories
     22 Files were scanned
     17 viruses and/or unwanted programs were found
      2 Files were classified as suspicious:
      1 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      5 Files not concerned
      1 Archives were scanned
      0 Warnings
      0 Notes

残缺的唯美

D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » combspn.dll - probably a variant of Win32/Small trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » BAA781E3.DLL - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 7793EF25.DLL - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 34805C67.DLL - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » kusn433sd3.dll - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » kqtohw21.dll - Win32/Adware.NewWeb application
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » jsshow.dll - a variant of Win32/Adware.MoKeAD application
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » gksfoo67.dll - Win32/Adware.NewWeb application
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » gaiabu08.dll - Win32/Adware.NewWeb application
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » winfoo67.dll - Win32/Adware.Toolbar.Baidu application
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » winabu08.dll - Win32/Adware.NewWeb application
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » spnvup.dll - Win32/Small.PJ trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » msv1_1.dll - probably a variant of Win32/TrojanDownloader.Agent trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » ldcore.dll - probably a variant of Win32/TrojanDownloader.Small trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar - multiple threats - deleted - quarantined
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » 0mkjvze.dll - a variant of Win32/TrojanDownloader.Agent.NPO trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » wdfmgrnt.exe - Win32/TrojanDownloader.VB.APY trojan
D:\Documents and Settings\EKINCHENG\桌面\样本.rar » RAR » jshelp.exe - a variant of Win32/Adware.MoKeAD application

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.IMMSG.Win32.TBMSG.kc
病毒： Trojan.IMMSG.Win32.TBMSG.yga
病毒： Trojan.Win32.Agent.vrx   
病毒： Trojan.Win32.Agent.tzn   
病毒： Trojan.DL.Win32.Agent.wxq
病毒： Adware.Win32.Agent.nsl   
病毒： Trojan.Win32.BHO.qo      
病毒： Adware.Win32.Agent.cc   
病毒： Trojan.DL.Win32.Agent.xes
病毒： Trojan.Win32.Agent.ioa   
病毒： Trojan.IMMSG.Win32.MsgSender.w
病毒： Trojan.Win32.Agent.tzn   
病毒： Adware.Win32.Agent.nsk   
病毒： Adware.Win32.Agent.npn   
病毒： Trojan.DL.Small.sdd      

MAC地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：19.41.12

wangjay1980

17
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/34805C67.DLL
detected: Trojan program Trojan-Downloader.Win32.Agent.djc        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/7793EF25.DLL
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/BAA781E3.DLL
detected: Trojan program Backdoor.Win32.Small.bq        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/combspn.dll//UPX
detected: virus Virus.Win32.AutoRun.dh        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/DocProp1.dll
detected: adware not-a-virus:AdWare.Win32.Agent.bz        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/gaiabu08.dll//UPX
detected: adware not-a-virus:AdWare.Win32.Agent.ck        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/gksfoo67.dll//UPX
detected: adware not-a-virus:AdWare.Win32.NewWeb.aa        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/kqtohw21.dll
detected: Trojan program Backdoor.Win32.Agent.atb        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/kusn433sd3.dll
detected: Trojan program Trojan-Downloader.Win32.Small.dxm        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/ldcore.dll
detected: Trojan program Trojan-Downloader.Win32.Agent.bze        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/msv1_1.dll
detected: Trojan program Backdoor.Win32.Agent.ahj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/osiesd3.dll
detected: Trojan program Backdoor.Win32.Small.pj        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/spnvup.dll//UPX
detected: adware not-a-virus:AdWare.Win32.Agent.bz        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/winabu08.dll//UPX
detected: adware not-a-virus:AdWare.Win32.Agent.ck        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/winfoo67.dll//UPX
detected: Trojan program Trojan-Downloader.Win32.Cryptic.gen        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/wdfmgrnt.exe
detected: Trojan program Trojan-Downloader.Win32.Hmir.e        File: C:\Documents and Settings\Owner\×ÀÃæ\Ñù±¾2.rar/0mkjvze.dll

qqq000@qq.com

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)

       [凝逸.扫描病毒引擎-日志]       2007.9.18 21:32:50

文件:F:\070918\样本\34805C67.DLL | 感染:Trojan.Popwin [432>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\7793EF25.DLL | 感染:DLOADER.Trojan [74>20070913_ny0018.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\BAA781E3.DLL | 感染:Trojan.Popwin [164>20070822_ny0010.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\combspn.dll | 感染:virus [256>20070802_ny0003.axx]2(1.1)
操作:删除文件
文件:F:\070918\样本\DocProp1.dll | 感染:DLOADER.Trojan [6993>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\gaiabu08.dll | 感染:virus [12478>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\gksfoo67.dll | 感染:virus [12477>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\idnreg.dll | 感染:virus [773>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\kqtohw21.dll | 感染:Adware.Newweb.161 [6987>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\ldcore.dll | 感染:Trojan.DownLoader.18468 [5334>20070726_dw0001.axx]2(1.2)
操作:删除文件
文件:F:\070918\样本\msv1_1.dll | 感染:TrojanDownloader.Agent.lnf [991>20070726_kv0001.axx]2(1.1)
操作:删除文件
文件:F:\070918\样本\osiesd3.dll | 感染:Trojan.Click.1956 [144>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\spnvup.dll | 感染:virus [267>20070802_ny0003.axx]2(1.1)
操作:删除文件
文件:F:\070918\样本\winabu08.dll | 感染:virus [12476>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\winfoo67.dll | 感染:virus [12475>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070918\样本\wdfmgrnt.exe | 感染:Trojan.DownLoader.14143 [5082>20070726_dw0001.axx]2(1.1)
操作:删除文件

扫描完成|病毒:16 文件:20|耗时:11737
----------

The EQs

Scan performed at: 2007-9-18 21:47:09
Scanning Log
NOD32 version 2537 (20070918) NT
Command line: C:\Documents and Settings\Don johnson\桌面\24.rar
Operating memory - is OK

Date: 18.9.2007  Time: 21:47:12
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\Don johnson\桌面\24.rar
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?34805C67.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?7793EF25.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?BAA781E3.DLL - probably a variant of Win32/Agent.NEO trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?combspn.dll - probably a variant of Win32/Small trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?gaiabu08.dll - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?gksfoo67.dll - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?jsshow.dll - a variant of Win32/Adware.MoKeAD application
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?kqtohw21.dll - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?kusn433sd3.dll - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?ldcore.dll - probably a variant of Win32/TrojanDownloader.Small trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?msv1_1.dll - probably a variant of Win32/TrojanDownloader.Agent trojan
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?spnvup.dll - Win32/Small.PJ trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?winabu08.dll - Win32/Adware.NewWeb application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?winfoo67.dll - Win32/Adware.Toolbar.Baidu application - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?jshelp.exe - a variant of Win32/Adware.MoKeAD application
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?wdfmgrnt.exe - Win32/TrojanDownloader.VB.APY trojan - was a part of the deleted object
C:\Documents and Settings\Don johnson\桌面\24.rar ?RAR ?0mkjvze.dll - a variant of Win32/TrojanDownloader.Agent.NPO trojan
Number of scanned files: 21
Number of threats found: 17
Number of files cleaned: 1
Time of completion: 21:47:14 Total scanning time: 2 sec (00:00:02)

uhthn2002

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 87
Paranoia Database - 5289
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder (2)

C:\Documents and Settings\uhthn\Desktop\New Folder (2)\34805C67.DLL - Infected with PDB:a72 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\7793EF25.DLL - Infected with PDB:b3e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\BAA781E3.DLL - Infected with PDB:ccd Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\combspn.dll - Infected with PDB:c3f Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\DocProp1.dll - Infected with PDB:394 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\gaiabu08.dll - Infected with PDB:816 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\gksfoo67.dll - Infected with PDB:859 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\idnreg.dll - Infected with SDB:Trojan.vb.bfb - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\jsshow.dll - Suspicious of Win32.Worm.Viking.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\kqtohw21.dll - Infected with PDB:034 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\kusn433sd3.dll - Suspicious of MalwareSpy.Trojan-Downloader.Delf.1
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\ldcore.dll - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\msv1_1.dll - Infected with PDB:380 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\osiesd3.dll - Infected with PDB:MalwareSpy.57b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\spnvup.dll - Infected with PDB:6f6 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\winabu08.dll - Infected with PDB:94b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\winfoo67.dll - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\jshelp.exe - Suspicious of Win32.Worm.Viking.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\wdfmgrnt.exe - Infected with PDB:41e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\0mkjvze.dll - Suspicious of Trojan-Downloader.Agent.1

20 Files scanned
14 Infected files found
6 Suspicious files found
0 Files cured
14 Files deleted