44个，质量不行

显示全部楼层 · 发表于 2007-9-22 06:57:56

----------
[凝逸反毒] (http://hi.baidu.com/503165656)

[凝逸.扫描病毒引擎-日志] 2007.9.22 6:57:10

文件:F:\070922\virus\0.exe | 感染:virus [264>20070921_ny0022.axx]3(3.3)
操作:删除文件
文件:F:\070922\virus\1.exe | 感染:virus [148>20070802_ny0003.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\10.exe | 感染:Trojan.Popwin.634 [8>20070822_ny0010.axx]3(4.6)
操作:删除文件
文件:F:\070922\virus\11.exe | 感染:virus [12628>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\12.exe | 感染:virus [12569>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\13.exe | 感染:virus [10845>20070726_dw0001.axx]3(1.2)
操作:删除文件
文件:F:\070922\virus\14.exe | 感染:Trojan.Popwin [5129>20070726_dw0001.axx]3(2.5)
操作:删除文件
文件:F:\070922\virus\2.exe | 感染:MULDROP.Trojan [104>20070801_ny0002.axx]3(2.3)
操作:删除文件
文件:F:\070922\virus\3.exe | 感染:Trojan.Popwin.629 [68>20070819_ny0008.axx]3(1.3)
操作:删除文件
文件:F:\070922\virus\34805C67.DLL | 感染:Trojan.Popwin [432>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\4.exe | 感染:MULDROP.Trojan [104>20070801_ny0002.axx]3(2.3)
操作:删除文件
文件:F:\070922\virus\5.exe | 感染:virus [255>20070802_ny0003.axx]3(2.2)
操作:删除文件
文件:F:\070922\virus\6.exe | 感染:Trojan.Popwin [174>20070916_ny0019.axx]3(3.4)
操作:删除文件
文件:F:\070922\virus\624.exe | 感染:DDoS.Bonke [45>20070916_ny0019.axx]2(2.2)
操作:删除文件
文件:F:\070922\virus\7.exe | 感染:TrojanDownloader.Small.cam [630>20070729_ny0001.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\9.exe | 感染:DLOADER.Trojan [44>20070801_ny0002.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\A65461A2.EXE | 感染:MULDROP.Trojan [104>20070801_ny0002.axx]3(2.3)
操作:删除文件
文件:F:\070922\virus\BAA781E3.DLL | 感染:Trojan.Popwin [164>20070822_ny0010.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\CD0FFED6.EXE | 感染:Trojan.Popwin.634 [8>20070822_ny0010.axx]3(4.6)
操作:删除文件
文件:F:\070922\virus\combspn.dll | 感染:virus [256>20070802_ny0003.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\DocProp1.dll | 感染:DLOADER.Trojan [6993>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\EE99C835.EXE | 感染:Trojan.Popwin [5129>20070726_dw0001.axx]3(2.5)
操作:删除文件
文件:F:\070922\virus\hhneqa38.dll | 感染:virus [12477>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\husjdd8s.exe | 感染:Trojan.Popwin.629 [68>20070819_ny0008.axx]3(1.3)
操作:删除文件
文件:F:\070922\virus\jshelp.exe | 感染:virus [329>20070921_ny0022.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\jsshow.dll | 感染:virus [212>20070921_ny0022.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\kbfz.dll | 感染:virus [460>20070822_ny0010.axx]3(1.5)
操作:清除病毒
文件:F:\070922\virus\kbfz.exe | 感染:BackDoor.Rpcs [122>20070921_ny0022.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\kusn33sd.exe | 感染:Trojan.Popwin [6992>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\kusn433sd3.dll | 感染:Trojan.Popwin [23>20070920_ny0021.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\msv1_1.dll | 感染:TrojanDownloader.Agent.lnf [991>20070726_kv0001.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\osiesd3.dll | 感染:Trojan.Click.1956 [144>20070819_ny0008.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\SCardSevr.exe | 感染:virus [265>20070802_ny0003.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\spnvup.dll | 感染:virus [267>20070802_ny0003.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\system.dat | 感染:Trojan.DownLoader.32712 [353>20070916_ny0019.axx]3(4.4)
操作:删除文件
文件:F:\070922\virus\unofja81.dll | 感染:Adware.Newweb.161 [6987>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\uvhftp14.dll | 感染:virus [12478>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\wdfmgrnt.exe | 感染:Trojan.DownLoader.14143 [5082>20070726_dw0001.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\wineqa38.dll | 感染:virus [12475>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\winftp14.dll | 感染:virus [12476>20070726_dw0001.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\565.exe | 感染:virus [154>20070802_ny0003.axx]2(1.1)
操作:删除文件
文件:F:\070922\virus\cmd.exe | 感染:virus [244>20070802_ny0003.axx]3(1.1)
操作:删除文件
文件:F:\070922\virus\aabb.exe | 感染:Trojan.DownLoader.27534 [6999>20070726_dw0001.axx]3(1.1)
操作:删除文件

扫描完成|病毒:43 文件:44|耗时:12908
----------

显示全部楼层 · 发表于 2007-9-22 09:54:06

瑞星08 42个

显示全部楼层 · 发表于 2007-9-22 10:04:49

微点：
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\VIRUS\JSHELP.EXE
是否删除木马程序及其衍生物?

挂了2个，上报

显示全部楼层 · 发表于 2007-9-22 11:53:41

KIS7.0.0.125报42个

显示全部楼层 · 发表于 2007-9-22 13:22:46

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 190
Paranoia Database - 5489
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder (2)

C:\Documents and Settings\uhthn\Desktop\New Folder (2)\0.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\1.exe - Infected with PDB:767 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\10.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\11.exe - Infected with PDB:Win32.d76 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\12.exe - Infected with PDB:Win32.2b4 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\13.exe - Infected with PDB:Win32.b0c Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\14.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\2.exe - Infected with PDB:f70 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\3.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\34805C67.DLL - Infected with SDB:Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\4.exe - Infected with PDB:f70 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\5.exe - Infected with PDB:c68 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\6.exe - Infected with PDB:896 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\624.exe - Infected with PDB:84a Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\7.exe - Infected with PDB:cbe Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\7793EF25.DLL - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\9.exe - Infected with PDB:Win32.8f2 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\A65461A2.EXE - Infected with PDB:f70 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\BAA781E3.DLL - Infected with SDB:Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\CD0FFED6.EXE - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\combspn.dll - Infected with PDB:c3f Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\DocProp1.dll - Infected with SDB:Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\EE99C835.EXE - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\hhneqa38.dll - Infected with PDB:859 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\husjdd8s.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\jshelp.exe - Suspicious of Win32.Worm.Viking.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\jsshow.dll - Suspicious of Win32.Worm.Viking.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\kbfz.dll - Infected with SDB:Win32.Backdoor.Delf.bkt - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\kbfz.exe - Infected with SDB:Win32.Backdoor.Delf.bkt - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\kusn33sd.exe - Infected with SDB:MalwareSpy.Worm.winko.i - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\kusn433sd3.dll - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.ue - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\msv1_1.dll - Infected with PDB:380 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\osiesd3.dll - Infected with SDB:MalwareSpy.Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\SCardSevr.exe - Infected with PDB:059 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\spnvup.dll - Infected with SDB:Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\system.dat - Infected with SDB:Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\unofja81.dll - Infected with PDB:034 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\uvhftp14.dll - Infected with PDB:816 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\wdfmgrnt.exe - Infected with PDB:41e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\wineqa38.dll - Suspicious of Trojan-Downloader.Small.2
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\winftp14.dll - Infected with PDB:94b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\565.exe - Infected with PDB:3d7 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\cmd.exe - Infected with SDB:Trojan-Dropper.Small.ayg - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder (2)\aabb.exe - Infected with PDB:ef8 Malware program - Deleted

44 Files scanned
41 Infected files found
3 Suspicious files found
0 Files cured
41 Files deleted

显示全部楼层 · 发表于 2007-9-22 13:32:41

光华扫描发现了4个，文件监视发现了不少

[ 本帖最后由镭风于 2007-9-22 13:35 编辑 ]

显示全部楼层 · 发表于 2007-9-22 14:03:36

bitdefender 43个,剩下的那个MS死了

显示全部楼层 · 发表于 2007-9-22 21:59:05

21时59分1秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\4.exe] 发现病毒,已经删除
21时59分1秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\4.exe] 发现病毒,已经删除
21时59分1秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\14.exe] 发现病毒,已经删除
21时59分1秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\10.exe] 发现病毒,已经删除
21时59分1秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\10.exe] 发现病毒,已经删除
21时59分0秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\0.exe] 发现病毒,已经删除
21时59分0秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\CD0FFED6.EXE] 发现病毒,已经删除
21时59分0秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\A65461A2.EXE] 发现病毒,已经删除
21时59分0秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\A65461A2.EXE] 发现病毒,已经删除
21时59分0秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\7793EF25.DLL] 发现病毒,已经删除
21时59分0秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\2.exe] 发现病毒,已经删除
21时58分59秒:  [C:\Documents and Settings\Administrator\桌面\virus\33333333333\1.exe] 发现病毒,已经删除
            ______MicroVita 防护____________

显示全部楼层 · 发表于 2007-9-23 04:23:20

北信源 8个

显示全部楼层 · 发表于 2007-9-23 09:05:45

扫描开始于 2007-9-23 9:06:01。引擎版本: 31.1.0。特征码版本: 5154。特征码日期: 2007-9-21。ArcLib 版本: 7.3.0.9。
G:\v\virus.rar <0.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <10.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <14.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <2.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <3.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <34805C67.DLL> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <4.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <5.exe> - Win32/VMalum.GUI 未知类型。已隔离。
G:\v\virus.rar <624.exe> - Win32/Veslorn.CF 特洛伊木马。已隔离。
G:\v\virus.rar <A65461A2.EXE> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <BAA781E3.DLL> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <CD0FFED6.EXE> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <EE99C835.EXE> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <hhneqa38.dll> - Win32/Livuto!generic 特洛伊木马。已隔离。
G:\v\virus.rar <husjdd8s.exe> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <kbfz.dll> - Win32/Puppetcorpse!generic 特洛伊木马。已隔离。
G:\v\virus.rar <osiesd3.dll> - Win32/Pipown!generic 蠕虫。已隔离。
G:\v\virus.rar <unofja81.dll> - Win32/Livuto!generic 特洛伊木马。已隔离。
G:\v\virus.rar <uvhftp14.dll> - Win32/Livuto!generic 特洛伊木马。已隔离。
G:\v\virus.rar <wineqa38.dll> - Win32/Livuto.BN 特洛伊木马。已隔离。
G:\v\virus.rar <winftp14.dll> - Win32/Livuto 特洛伊木马。已隔离。
G:\v\virus.rar <565.exe> - Win32/Matcash.AO 特洛伊木马。已隔离。
G:\v\virus.rar <cmd.exe> - Win32/Harnig!generic 特洛伊木马。已隔离。
G:\v\virus.rar <aabb.exe> - Win32/SillyDl.DAT 特洛伊木马。已隔离。
G:\v\virus.rar - 无法打开该文件。

已扫描的文件数: 45
受感染的文件数: 24
已清除\已删除的文件数: 0
已隔离的文件数: 1
内存感染项目数: 0
已清除的内存感染项目数: 0
引导区感染项目数: 0
已清除的引导区感染项目数: 0

在扫描过程中发现的数量最多的感染项目 (不超过 10)。
Win32/Pipown!generic
Win32/Livuto!generic
Win32/Harnig!generic
Win32/Livuto
Win32/Livuto.BN
Win32/Matcash.AO
Win32/Puppetcorpse!generic
Win32/SillyDl.DAT
Win32/VMalum.GUI
Win32/Veslorn.CF

未清除\未删除\未隔离的文件数 (不超过 100): 0

扫描结束于 2007-9-23 9:06:05。

[病毒样本] 44个，质量不行

回复 1楼 promised 的帖子