73个

显示全部楼层 · 发表于 2007-10-1 22:04:25

D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 0.exe - probably a variant of Win32/TrojanDownloader.Delf.BHO trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 1(2).exe - a variant of Win32/PSW.Agent.NEC trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 1(3).exe - a variant of Win32/PSW.Agent.NEC trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 1.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 2(1).exe - probably a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 2(2).exe - probably a variant of Win32/PSW.OnLineGames.NEN trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 2.exe - a variant of Win32/PSW.WOW.YB trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 3(1).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 3(2).exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 3(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 4(1).exe - probably a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 4(2).exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 4(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 5(1).exe - probably a variant of Win32/PSW.OnLineGames.NEN trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 5(2).exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 5(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 6(1).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 6(2).exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 6(3).exe - Win32/PSW.WOW.XP trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 7(1).exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 7(3).exe - a variant of Win32/PSW.Legendmir.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 8(3).exe - Win32/PSW.WOW.WZ trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 9(1).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 9(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 10(2).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 10.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 11(1).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 11(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 12(1).exe - probably a variant of Win32/AutoRun.Q worm
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 12(2).exe - probably a variant of Win32/AutoRun.Q worm
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 12(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 13(1).exe - probably unknown NewHeur_PE virus
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 13(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 14(1).exe - a variant of Win32/PSW.Legendmir.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 14(3).exe - probably a variant of Win32/PSW.OnLineGames.NEN trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 15(2).exe - Win32/Agent.NEM trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 15(3).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 16(2).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 16.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 17(3).exe - probably a variant of Win32/PSW.OnLineGames.NEN trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 18(1).exe - Win32/Delf.NFD trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 18(2).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 19(1).exe - Win32/Delf.NFD trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 20(2).exe - Win32/Agent.NEM trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 21.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 22.exe - Win32/Drowor.NAE virus
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 23.exe - probably a variant of Win32/Agent.NEO trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 24.exe - Win32/Drowor.NAE virus
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 25.exe - a variant of Win32/Delf.NDL worm
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » 444.exe - Win32/TrojanDownloader.Agent.UE trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » dh.exe - a variant of Win32/PSW.OnLineGames.NEN trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » fy.exe - Win32/Delf.NFD trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » jh.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » ma.exe - probably unknown NewHeur_PE virus
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » mh.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » my.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » pk.exe - probably a variant of Win32/TrojanDownloader.Delf.NSA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » qj.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » qqhx.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » qst.exe - probably a variant of Win32/AutoRun.Q worm
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » tl.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » window.exe - probably a variant of Win32/PSW.Delf.NHI trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » wl.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » wow.exe - probably a variant of Win32/TrojanDownloader.Delf.NSA trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » zt.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar » RAR » zx.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\73.rar - multiple threats - deleted - quarantined

显示全部楼层 · 发表于 2007-10-1 22:11:14

显示全部楼层 · 发表于 2007-10-1 22:13:57

AVAST54

显示全部楼层 · 发表于 2007-10-1 22:27:52

TrustPort Antivirus On-Demand Scanner

   Status       Quarantined
   Target       G:\v\73.rar
                           Options
                                             , Requested action: Move to quarantine, Excluded extensions
                           disabled, Excluded objects disabled, Heuristics enabled, Sandbox enabled,
                           Scan archives

            Statistics       Details

                                                Files             Boot sectorsRegistry key

                           Scanned             75                      0                            0
                           Infected             68                      0                            0
                           Repaired             0                      0                            0
                           Renamed             0                      -                            -
                        Quarantined             1                      -                            -
                              Deleted             0                      -                            0

显示全部楼层 · 发表于 2007-10-1 22:37:46

72
detected: virus Virus.Win32.AutoRun.ms File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/0.exe
detected: Trojan program Trojan.Win32.StartPage.bab File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/1(1).exe//FSG//PEPatch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dvy File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/1(2).exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dvx File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/1(3).exe
detected: Trojan program Trojan-Downloader.Win32.Baser.w File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/1.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxx File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/2(1).exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dqt File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/2(2).exe//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.xu File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/2.exe//FSG
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dvw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/3(1).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dru File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/3(2).exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxn File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/3(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dsm File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/4(1).exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dok File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/4(2).exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dvn File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/4(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dqt File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/5(1).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.doj File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/5(2).exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dvo File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/5(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dfs File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/6(1).exe//UPack
detected: Trojan program Trojan-PSW.Win32.Nilage.bqe File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/6(2).exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.WOW.xp File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/6(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dok File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/7(1).exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.Lmir.bmz File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/7(2).exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.djv File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/7(3).exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.ym File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/8(2).exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.WOW.wz File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/8(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dpd File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/9(1).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxq File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/9(2).exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dpd File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/9(3).exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Zlob.czf File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/10(1).exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dyq File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/10(2).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dvo File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/10.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.cey File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/11(1).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/11(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.QQPass.afw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/12(1).exe//UPX
detected: Trojan program Trojan-PSW.Win32.QQPass.afw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/12(2).exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dgx File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/12(3).exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Small.czl File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/13(1).exe//NSPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxp File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/13(2).exe//PE_Patch//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.bxi File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/13(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.czg File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/14(1).exe//ASPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dun File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/14(3).exe//UPack
detected: Trojan program Trojan-Dropper.Win32.Agent.bvb File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/15(2).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/15(3).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dte File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/16(2).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.ddw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/16.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxi File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/17(3).exe//UPack
detected: Trojan program Backdoor.Win32.Delf.awy File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/18(1).exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxu File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/18(2).exe//UPack
detected: Trojan program Backdoor.Win32.Delf.awy File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/19(1).exe
detected: Trojan program Trojan-Dropper.Win32.Agent.bvb File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/20(2).exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.drc File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/21.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Agent.dex File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/22.exe//UPack
detected: virus Heur.Trojan.Generic (modification) File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/23.exe
detected: Trojan program Trojan-Downloader.Win32.Agent.dex File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/24.exe//UPack
detected: virus Heur.Trojan.Generic File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/25.exe//PE_Patch.PECompact//PecBundle//PECompact//PE_Patch.MaskPE
detected: Trojan program Trojan-Downloader.Win32.Agent.dku File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/444.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dpd File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/dh.exe//UPack
detected: Trojan program Backdoor.Win32.Delf.awy File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/fy.exe
detected: Trojan program Trojan-PSW.Win32.OnLineGames.drc File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/jh.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Small.fsl File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/ma.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtz File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/mh.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dxe File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/mir.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dye File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/my.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Delf.cfx File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/pk.exe//PE_Patch.UPX//UPX//PE_Patch.MaskPE
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dyq File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/qj.exe//UPack
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dcw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/qqhx.exe//PE_Patch//UPack
detected: Trojan program Trojan-PSW.Win32.QQGame.ai File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/qst.exe//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dte File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/tl.exe//UPack
detected: virus Worm.Win32.QQPass.w File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/window.exe//UPX//PEPatch
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dtw File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/wl.exe//UPack
detected: Trojan program Trojan-Downloader.Win32.Agent.dll File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/wow.exe//PE_Patch.UPX//UPX
detected: Trojan program Trojan-PSW.Win32.OnLineGames.dte File: C:\Documents and Settings\Owner\×ÀÃæ\73.rar/zt.exe//UPack

显示全部楼层 · 发表于 2007-10-1 22:54:32

为什么7.0很多报是可能
6.0报确切病毒名

显示全部楼层 · 发表于 2007-10-1 23:11:58

你指什么，什么报可能？

显示全部楼层 · 发表于 2007-10-1 23:12:00

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 282
Paranoia Database - 6345
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\uhthn\Desktop\New Folder

C:\Documents and Settings\uhthn\Desktop\New Folder\0.exe - Infected with SDB:Win32.Backdoor.Agent.1 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1(1).exe - Infected with PDB:e8d Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1(2).exe - Infected with SDB:Trojan-PSW.OnLineGames.u - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1(3).exe - Infected with SDB:Trojan-PSW.OnLineGames.u - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\1.exe - Infected with PDB:Win32.536 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\2(1).exe - Infected with SDB:Trojan-PSW.OnLineGames.8 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\2(2).exe - Infected with SDB:Trojan-PSW.OnLineGames.38 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\2.exe - Infected with PDB:f12 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\3(1).exe - Infected with PDB:23b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\3(2).exe - Infected with PDB:7ed Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\3(3).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\4(1).exe - Infected with SDB:Trojan-PSW.OnLineGames.8 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\4(2).exe - Infected with PDB:826 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\4(3).exe - Infected with PDB:a82 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\5(1).exe - Infected with SDB:Trojan-PSW.OnLineGames.38 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\5(2).exe - Infected with PDB:5e9 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\5(3).exe - Infected with PDB:bed Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\6(1).exe - Infected with SDB:Trojan-PSW.OnLineGames.t - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\6(2).exe - Infected with PDB:54f Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\6(3).exe - Infected with PDB:d49 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\7(1).exe - Infected with PDB:42b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\7(2).exe - Infected with SDB:Trojan-PSW.OnLineGames.39 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\7(3).exe - Infected with SDB:Trojan-PSW.OnLineGames.g - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\8(2).exe - Infected with SDB:Trojan-PSW.OnLineGames.39 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\8(3).exe - Infected with PDB:0b7 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\9(1).exe - Infected with PDB:f2b Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\9(2).exe - Infected with SDB:Trojan-PSW.OnLineGames.39 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\9(3).exe - Infected with PDB:a92 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\10(1).exe - Infected with SDB:Trojan-PSW.OnLineGames.39 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\10(2).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\10.exe - Infected with PDB:b98 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\11(1).exe - Infected with PDB:f3a Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\11(3).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\12(1).exe - Infected with SDB:Win32.Trojan-PSW.QQPass.a - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\12(2).exe - Infected with SDB:Win32.Trojan-PSW.QQPass.a - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\12(3).exe - Infected with PDB:1bf Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\13(1).exe - Infected with PDB:MalwareSpy.d28 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\13(2).exe - Infected with SDB:Trojan-PSW.OnLineGames.39 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\13(3).exe - Infected with SDB:Trojan-Dropper.Agent.a - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\14(1).exe - Infected with SDB:Win32.Trojan-PSW.OnLineGames.f - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\14(3).exe - Infected with PDB:0fd Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\15(2).exe - Infected with PDB:aa5 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\15(3).exe - Infected with PDB:48d Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\16(2).exe - Infected with PDB:e93 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\16.exe - Infected with SDB:Trojan-PSW.OnLineGames.25 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\17(3).exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\18(1).exe - Infected with PDB:Win32.39e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\18(2).exe - Infected with PDB:953 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\19(1).exe - Infected with PDB:Win32.39e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\20(2).exe - Infected with PDB:aa5 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\21.exe - Infected with PDB:7c2 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\22.exe - Infected with SDB:Trojan-Downloader.Agent.4 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\23.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\24.exe - Infected with SDB:Trojan-Downloader.Agent.4 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\25.exe - Suspicious of Win32.Trojan-PSW.Game.16
C:\Documents and Settings\uhthn\Desktop\New Folder\444.exe - Infected with SDB:MalwareSpy.Trojan-Downloader.Agent.3 - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\dh.exe - Infected with PDB:e68 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\fy.exe - Infected with PDB:Win32.745 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\jh.exe - Infected with PDB:caf Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\ma.exe - Infected with PDB:Win32.1dc Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\mh.exe - Infected with PDB:706 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\mir.exe - Infected with PDB:89f Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\my.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\pk.exe - Infected with PDB:Win32.33e Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\qj.exe - Suspicious of Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\New Folder\qqhx.exe - Infected with PDB:218 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\qst.exe - Infected with SDB:Win32.Trojan-PSW.QQPass.a - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\tl.exe - Infected with PDB:496 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\window.exe - Infected with SDB:Win32.Trojan-PSW.Delf.b - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\wl.exe - Infected with PDB:bd4 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\wow.exe - Infected with PDB:Win32.d87 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\zt.exe - Infected with PDB:c87 Malware program - Deleted
C:\Documents and Settings\uhthn\Desktop\New Folder\zx.exe - Suspicious of Trojan-PSW.Game.3

73 Files scanned
65 Infected files found
8 Suspicious files found
0 Files cured
65 Files deleted

显示全部楼层 · 发表于 2007-10-2 11:38:56

===================================================================================================
On-demand scanner 7.0.0.9

NSE revision 5.91.07
nvcbin.def revision 5.90.00 of 2007/09/28 15:46:54 (967863 variants)
nvcmacro.def revision 5.90.00 of 2007/09/25 15:36:51 (20411 variants)
Total number of variants: 988274
===================================================================================================

   Time  Filename                                                    Virus name
---------------------------------------------------------------------------------------------------

- Scanning drive: G:\
- Scanning system areas of drive: G:\
- Scanning files in the directory: G:\v\
   31 ms G:\v\0.exe                                                 Trojan Hupigon.gen114 ()
- File G:\v\0.exe quarantined.
- File G:\v\0.exe deleted.
   297 ms G:\v\1(1).exe                                              Security Risk Suspicious_F.gen ()
- File G:\v\1(1).exe quarantined.
- File G:\v\1(1).exe deleted.
   1625 ms G:\v\1(2).exe                                              Virus W32/Suspicious_U.gen.dropper ( [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Accesses executable file from resource section.
* Creating several executable files on hard-drive.
* File length:       15360 bytes.

[ Changes to filesystem ]
* Creates file C:\WINDOWS\TEMP\LYLOADER.EXE.
* Deletes file c:\sample.exe.
* Creates file C:\Privilege.dat.
* Creates file C:\WINDOWS\SYSTEM32\LYLOADER.EXE.
* Deletes file C:\Privilege.dat.
* Creates file C:\WINDOWS\TEMP\LYMANGR.DLL.
* Creates file C:\WINDOWS\SYSTEM32\LYMANGR.DLL.
* Creates file C:\WINDOWS\TEMP\MSDEG32.DLL.
* Creates file C:\WINDOWS\SYSTEM32\MSDEG32.DLL.
* Creates file C:\WINDOWS\SYSTEM32\REGKEY.hiv.

[ Signature Scanning ]
* C:\WINDOWS\TEMP\LYLOADER.EXE (11900 bytes) : W32/Suspicious_U.gen.

)
- File G:\v\1(2).exe quarantined.
- File G:\v\1(2).exe deleted.
   1468 ms G:\v\1(3).exe                                              Virus W32/Suspicious_U.gen.dropper ( [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Accesses executable file from resource section.
* Creating several executable files on hard-drive.
* File length:       15360 bytes.

[ Changes to filesystem ]
* Creates file C:\WINDOWS\TEMP\LYLOADER.EXE.
* Deletes file c:\sample.exe.
* Creates file C:\Privilege.dat.
* Creates file C:\WINDOWS\SYSTEM32\LYLOADER.EXE.
* Deletes file C:\Privilege.dat.
* Creates file C:\WINDOWS\TEMP\LYMANGR.DLL.
* Creates file C:\WINDOWS\SYSTEM32\LYMANGR.DLL.
* Creates file C:\WINDOWS\TEMP\MSDEG32.DLL.
* Creates file C:\WINDOWS\SYSTEM32\MSDEG32.DLL.
* Creates file C:\WINDOWS\SYSTEM32\REGKEY.hiv.

[ Signature Scanning ]
* C:\WINDOWS\TEMP\LYLOADER.EXE (11900 bytes) : W32/Suspicious_U.gen.

)
- File G:\v\1(3).exe quarantined.
- File G:\v\1(3).exe deleted.
      0 ms G:\v\1.exe                                                 Trojan W32/Malware.AMWF ()
- File G:\v\1.exe quarantined.
- File G:\v\1.exe deleted.
      0 ms G:\v\10(1).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\10(1).exe quarantined.
- File G:\v\10(1).exe deleted.
      0 ms G:\v\10(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\10(2).exe quarantined.
- File G:\v\10(2).exe deleted.
      0 ms G:\v\10.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\10.exe quarantined.
- File G:\v\10.exe deleted.
      0 ms G:\v\11(1).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\11(1).exe quarantined.
- File G:\v\11(1).exe deleted.
      0 ms G:\v\11(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\11(3).exe quarantined.
- File G:\v\11(3).exe deleted.
   234 ms G:\v\12(1).exe
   250 ms G:\v\12(2).exe
      0 ms G:\v\12(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\12(3).exe quarantined.
- File G:\v\12(3).exe deleted.
      0 ms G:\v\13(1).exe                                              Trojan W32/DLoader.DJKA ()
- File G:\v\13(1).exe quarantined.
- File G:\v\13(1).exe deleted.
      0 ms G:\v\13(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\13(2).exe quarantined.
- File G:\v\13(2).exe deleted.
      0 ms G:\v\13(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\13(3).exe quarantined.
- File G:\v\13(3).exe deleted.
      0 ms G:\v\14(1).exe                                              Trojan W32/OnLineGames.LKB ()
- File G:\v\14(1).exe quarantined.
- File G:\v\14(1).exe deleted.
      0 ms G:\v\14(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\14(3).exe quarantined.
- File G:\v\14(3).exe deleted.
      0 ms G:\v\15(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\15(2).exe quarantined.
- File G:\v\15(2).exe deleted.
      0 ms G:\v\15(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\15(3).exe quarantined.
- File G:\v\15(3).exe deleted.
      0 ms G:\v\16(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\16(2).exe quarantined.
- File G:\v\16(2).exe deleted.
      0 ms G:\v\16.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\16.exe quarantined.
- File G:\v\16.exe deleted.
      0 ms G:\v\17(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\17(3).exe quarantined.
- File G:\v\17(3).exe deleted.
      0 ms G:\v\18(1).exe                                              Backdoor W32/Delf.ANMT ()
- File G:\v\18(1).exe quarantined.
- File G:\v\18(1).exe deleted.
      0 ms G:\v\18(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\18(2).exe quarantined.
- File G:\v\18(2).exe deleted.
      0 ms G:\v\19(1).exe                                              Backdoor W32/Delf.ANMT ()
- File G:\v\19(1).exe quarantined.
- File G:\v\19(1).exe deleted.
   6828 ms G:\v\2(1).exe
   16 ms G:\v\2(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\2(2).exe quarantined.
- File G:\v\2(2).exe deleted.
   15 ms G:\v\2.exe                                                 Trojan W32/Wow.BOO ()
- File G:\v\2.exe quarantined.
- File G:\v\2.exe deleted.
      0 ms G:\v\20(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\20(2).exe quarantined.
- File G:\v\20(2).exe deleted.
      0 ms G:\v\21.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\21.exe quarantined.
- File G:\v\21.exe deleted.
   16 ms G:\v\22.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\22.exe quarantined.
- File G:\v\22.exe deleted.
      0 ms G:\v\23.exe                                                 Trojan W32/Malware.AUUK ()
- File G:\v\23.exe quarantined.
- File G:\v\23.exe deleted.
      0 ms G:\v\24.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\24.exe quarantined.
- File G:\v\24.exe deleted.
   1890 ms G:\v\25.exe                                                 Virus W32/Malware ( [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing PEC2.
* **Locates window "Windows Security Center [class NULL]" on desktop.
* **Locates window "NULL [class NOD32KrnSvcWndClass]" on desktop.
* **Locates window "Symantec AntiVirus 企业版 [class NULL]" on desktop.
* **Locates window "Symantec AntiVirus [class LANDeskVPC32]" on desktop.
* **Locates window "NULL [class TfLockDownMain]" on desktop.
* **Locates window "ZoneAlarm [class ZAFrameWnd]" on desktop.
* **Locates window "天网防火墙个人版 [class Tapplication]" on desktop.
* **Locates window "天网防火墙企业版 [class Tapplication]" on desktop.
* **Locates window "瑞星个人防火墙下载版 [class #32770]" on desktop.
* **Locates window "NULL [class TFireWall_Form]" on desktop.
* **Locates window "NULL [class Q360SafeMainClass]" on desktop.
* **Locates window "NULL [class TForm1]" on desktop.
* File length:       20992 bytes.

[ Changes to filesystem ]
* Creates file C:\WINDOWS\SYSTEM32\DirectX10.dll.

[ Process/window information ]
* Creates a mutex %$#&**(%$#))(*&^%@#AS.
* Enumerates running processes.
* Enumerates running processes several parses....
* Modifies other process memory.
* Creates a remote thread.

)
- File G:\v\25.exe quarantined.
- File G:\v\25.exe deleted.
      0 ms G:\v\3(1).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\3(1).exe quarantined.
- File G:\v\3(1).exe deleted.
   10578 ms G:\v\3(2).exe
      0 ms G:\v\3(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\3(3).exe quarantined.
- File G:\v\3(3).exe deleted.
   6844 ms G:\v\4(1).exe
   141 ms G:\v\4(2).exe                                              Virus W32/Malware ( [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length:       18432 bytes.

[ Process/window information ]
* Creates an event called 85762541.
* Enumerates running processes.
* Attempts to access service "KWatchSvc".
* Attempts to access service "KPfwSvc".
* Attempts to access service "McShield".
* Disables security related services.

)
- File G:\v\4(2).exe quarantined.
- File G:\v\4(2).exe deleted.
      0 ms G:\v\4(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\4(3).exe quarantined.
- File G:\v\4(3).exe deleted.
   47 ms G:\v\444.exe                                              Trojan Hupigon.gen66 ()
- File G:\v\444.exe quarantined.
- File G:\v\444.exe deleted.
      0 ms G:\v\5(1).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\5(1).exe quarantined.
- File G:\v\5(1).exe deleted.
      0 ms G:\v\5(2).exe                                              Trojan W32/OnLineGames.MLY ()
- File G:\v\5(2).exe quarantined.
- File G:\v\5(2).exe deleted.
      0 ms G:\v\5(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\5(3).exe quarantined.
- File G:\v\5(3).exe deleted.
      0 ms G:\v\6(1).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\6(1).exe quarantined.
- File G:\v\6(1).exe deleted.
   10609 ms G:\v\6(2).exe
   16 ms G:\v\6(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\6(3).exe quarantined.
- File G:\v\6(3).exe deleted.
   125 ms G:\v\7(1).exe                                              Virus W32/Malware ( [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length:       18432 bytes.

[ Process/window information ]
* Creates an event called 85762541.
* Enumerates running processes.
* Attempts to access service "KWatchSvc".
* Attempts to access service "KPfwSvc".
* Attempts to access service "McShield".
* Disables security related services.

)
- File G:\v\7(1).exe quarantined.
- File G:\v\7(1).exe deleted.
   16 ms G:\v\7(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\7(2).exe quarantined.
- File G:\v\7(2).exe deleted.
      0 ms G:\v\7(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\7(3).exe quarantined.
- File G:\v\7(3).exe deleted.
      0 ms G:\v\8(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\8(2).exe quarantined.
- File G:\v\8(2).exe deleted.
      0 ms G:\v\8(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\8(3).exe quarantined.
- File G:\v\8(3).exe deleted.
   16 ms G:\v\9(1).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\9(1).exe quarantined.
- File G:\v\9(1).exe deleted.
      0 ms G:\v\9(2).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\9(2).exe quarantined.
- File G:\v\9(2).exe deleted.
      0 ms G:\v\9(3).exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\9(3).exe quarantined.
- File G:\v\9(3).exe deleted.
   16 ms G:\v\dh.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\dh.exe quarantined.
- File G:\v\dh.exe deleted.
   47 ms G:\v\fy.exe                                                 Trojan W32/Malware.SMA ()
- File G:\v\fy.exe quarantined.
- File G:\v\fy.exe deleted.
      0 ms G:\v\jh.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\jh.exe quarantined.
- File G:\v\jh.exe deleted.
   671 ms G:\v\ma.exe
      0 ms G:\v\mh.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\mh.exe quarantined.
- File G:\v\mh.exe deleted.
      0 ms G:\v\mir.exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\mir.exe quarantined.
- File G:\v\mir.exe deleted.
      0 ms G:\v\my.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\my.exe quarantined.
- File G:\v\my.exe deleted.
   313 ms G:\v\pk.exe
      0 ms G:\v\qj.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\qj.exe quarantined.
- File G:\v\qj.exe deleted.
      0 ms G:\v\qqhx.exe                                              Security Risk W32/Suspicious_U.gen ()
- File G:\v\qqhx.exe quarantined.
- File G:\v\qqhx.exe deleted.
   172 ms G:\v\qst.exe
      0 ms G:\v\tl.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\tl.exe quarantined.
- File G:\v\tl.exe deleted.
   219 ms G:\v\window.exe                                           Virus W32/Malware ( [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* Accesses executable file from resource section.
* **Locates window "1616116 [class ListBox]" on desktop.
* **Locates window "1818118 [class ListBox]" on desktop.
* File length:       27182 bytes.

[ Changes to filesystem ]
* Deletes file 矷?競O矷鍡▊_.
* Deletes file C:\Program Files\Internet Explorer\PLUGINS\NewTemp.bak.
* Creates file C:\Program Files\Internet Explorer\PLUGINS\NewTemp.bak.
* Deletes file C:\Program Files\Internet Explorer\PLUGINS\NewTemp.dll.
* Creates file C:\Program Files\Internet Explorer\PLUGINS\NewTemp.dll.

[ Network ]
* Hooks into Shell explorer.

)
- File G:\v\window.exe quarantined.
- File G:\v\window.exe deleted.
      0 ms G:\v\wl.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\wl.exe quarantined.
- File G:\v\wl.exe deleted.
   15 ms G:\v\wow.exe                                              Trojan W32/Malware.ALMB ()
- File G:\v\wow.exe quarantined.
- File G:\v\wow.exe deleted.
      0 ms G:\v\zt.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\zt.exe quarantined.
- File G:\v\zt.exe deleted.
      0 ms G:\v\zx.exe                                                 Security Risk W32/Suspicious_U.gen ()
- File G:\v\zx.exe quarantined.
- File G:\v\zx.exe deleted.

===================================================================================================

The scanning started: 2007/10/02 11:37:49
            ended: 2007/10/02 11:38:33
Logged on as       : Administrator
on hostname       : C3EF58622174424

Scanning results:
Total number of files found..............................:    73
Number of files scanned..................................:    73
Number of files/directories skipped due to exclude list..:    0
Number of files that could not be opened.................:    0
Number of archive files unpacked.........................:    0
Number of archive files not unpacked.....................:    0
Number of infections.....................................:    64

Copyright (c) 1993-2005 Norman ASA.

显示全部楼层 · 发表于 2007-10-2 15:18:39

。。。迅雷卡巴模块全报……小红伞报了没注意多少……费尔只报两个……咖啡56个……微点就没试了……

[病毒样本] 73个

本帖子中包含更多资源

回复 16楼 PlayBoy 的帖子