最近流行的那堆木马群42个

显示全部楼层 · 发表于 2007-11-10 08:36:58

MicroVita AntiSpyware 100 C
_____________________________________________

         风暴微塔反间谍
[强力查杀各种Win32位的病毒,木马,蠕虫,恶意软件]
               http://221.10.254.214/
----------------------------------------------
开始扫描……

正在检查启动……
[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\e1.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:9216  MD5:94b540447445a7acfb2ab2a408d4122f

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\scvhost.exe]
                  …………发现Spy！报告:[1] Win32.NkHack.FSG.A
文件信息:  大小:11081  MD5:059725b53772a916f11e27517edb6bf0

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\MsPrint32D.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:12668  MD5:69522557b6665431e820f1f62a355d87

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\NVDispDrv.exE]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:13140  MD5:d823999fbdf7b4b3850702677eb94b24

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\upxdnd.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:13436  MD5:9fcb9d32fabcc4535af0b5ed2dff1393

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\e17.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:13893  MD5:efa60fe74c2c265757be40d6340a2927

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\e18.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:14796  MD5:f4eef983448b8fe7e3754ca04de173d1

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\avwgest.exe]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:15016  MD5:80ae1891f1de1c2d4f640526b5ac2a35

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\DbgHlp32.exe]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15780  MD5:0f05d2019b316678ce6a4ed7f72fba3b

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\WinForm.exE]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15884  MD5:5d4268eb45201ac6e9d874e5cc00dcbc

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\AVPSrv.exE]
                  …………发现Spy！报告:[1] Win32.Unknow
文件信息:  大小:15988  MD5:cc8c71d3eff3704f8b6041c4aa3b48af

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\avzxfst.exe]
                  …………发现Spy！报告:[1] Win32.F/S.ByDwing
文件信息:  大小:16073  MD5:3ef60b81b993196d62049a52174d0158

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\cmdbcs.exe]
                  …………发现Spy！报告:[2] [1] Win32.Unknow
文件信息:  大小:16604  MD5:8b0434234a2ad41787f3a73491832b45

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\NVDispDrv.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:18944  MD5:0c450f663dbb0bb5641a655f52d33682

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\MsPrint32D.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:19456  MD5:cd5aa56aa08366dd3eea1dbff8d41737

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\upxdnd.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:20480  MD5:8c0f36d6c286f7cc31ca8f286766ad63

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\WanPacket.dll]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:21745  MD5:ca2b864f5c78393138530773af7a6873

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\diovcinsxc.dll]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:21970  MD5:9074335153ccc0fe7e93cac1dedfc9b3

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\avwgemn.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:22612  MD5:30553cb5e77f427c86deef07957dce1d

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\DbgHlp32.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:24064  MD5:0e8b68bd86bc6791be0c238bcff4e68e

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\WinForm.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:24576  MD5:af1fce5ff1273759113a97a657ef78ff

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\AVPSrv.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:25088  MD5:93133f20d6a728433d4d66d1b480ff79

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\cmdbcs.dll]
                  …………发现Spy！报告:[8] HOOK者
文件信息:  大小:26112  MD5:2ee0c6653146000308e7341d4328fb9e

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\avzxfmn.dll]
                  …………发现Spy！报告: [4] [6] 注入者[8] HOOK者
文件信息:  大小:26442  MD5:2e4bbb3eccb6cc870a75d3d2015e4211

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\Packet.dll]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:26956  MD5:a04f24d9b37898ee9a738ac89f43aeef

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\e15.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:30329  MD5:29ed6518c4c69b47723caa7ab68e1419

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\NvWin75.Jmp]
                  …………发现Spy！报告:[2]
文件信息:  大小:30329  MD5:29ed6518c4c69b47723caa7ab68e1419

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\e13.exe]
                  …………发现Spy！报告:[2] [1] Win32.NkHack.FSG.A
文件信息:  大小:33625  MD5:a01dd6a6da0070306b7e88799fe32464

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\mswmp32.dll]
                  …………发现Spy！报告:[2] [1] Win32.NkHack.FSG.A
文件信息:  大小:33625  MD5:a01dd6a6da0070306b7e88799fe32464

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\IGM.exe]
                  …………发现Spy！报告: [4]
文件信息:  大小:41777  MD5:f7c70d5e52c274f905dc19617b3c1824

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\NvSys74.Sys]
                  …………发现Spy！报告: [4] [8] HOOK者
文件信息:  大小:44153  MD5:da44a5bb3d80ceb1339f0cc30e7a3409

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\608769MM.DLL]
                  …………发现Spy！报告: [4]
文件信息:  大小:44849  MD5:b2db5a860d67d513a9a3a30aa64e6ab2

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\e7.exe]
                  …………发现Spy！报告:[2]
文件信息:  大小:49152  MD5:a37163d3033ebaad14065de941118cba

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\swchost.exe]
                  …………发现Spy！报告: [4] [2]
文件信息:  大小:51505  MD5:677b305d97d1d40596343ccaf1375f0d

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\wpcap.dll]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:82512  MD5:cc207b8798e1abfacbf33294ac795395

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\svchost.exe]
                  …………发现Spy！报告:[2] [1] Win32.NkHack.FSG.A
文件信息:  大小:176825  MD5:3e40a019eb5d9c4fb32b1925f1cf0839

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\sqmapi32.dll]
                  …………发现Spy！报告:[2] [1] Win32.F/S.ByDwing
文件信息:  大小:4083  MD5:97dcbe5aff3387b7adc36f7ff974a877

[C:\Documents and Settings\Administrator\桌面\Virus\viru4222s\wlatl.dll]
                  …………发现Spy！报告: [4] [2] [1] Win32.F/S.ByDwing
文件信息:  大小:6934  MD5:56a18be9d4b38ee4cfcd62d02b211332

文件数:42 病毒数:38  比重:0.9047619047619
OK  扫描完毕！

  ***日志解释
[4] 集中有害分析引擎
[3] 全局系统判断引擎
[2] 文件特征码引擎
[1] 文件启发式引擎

显示全部楼层 · 发表于 2007-11-11 02:20:45

Uhthn Anti-Spyware V3 Alpha
Version - 3.0.0
Standard Database - 814
Paranoia Database - 48608
Heuristics Analysis - Excessive
Scan in - C:\Documents and Settings\Uhthn\Desktop\virus

C:\Documents and Settings\Uhthn\Desktop\virus\e1.exe - Infected WIN32.GENERIC.MALWARE.49F.2400 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\scvhost.exe - Infected BACKDOOR.DELF.3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\MsPrint32D.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\virus\NVDispDrv.exE - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\virus\upxdnd.exe - Infected GENERIC.MALWARE.A93.347C - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e17.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e18.exe - Infected TROJAN-PSW.ONLINEGAMES.48 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\avwgest.exe - Infected GENERIC.MALWARE.185.3AA8 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\DbgHlp32.exe - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\virus\WinForm.exE - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\virus\AVPSrv.exE - Suspected TROJAN-PSW.ONLINEGAMES.2
C:\Documents and Settings\Uhthn\Desktop\virus\avzxfst.exe - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\virus\cmdbcs.exe - Infected GENERIC.MALWARE.A85.40DC - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e6.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\NVDispDrv.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\MsPrint32D.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e5.exe - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\upxdnd.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\WanPacket.dll - Infected GENERIC.MALWARE.CC3.54F1 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\diovcinsxc.dll - Suspected MaliciousScope:GENERIC.MALWARE.3
C:\Documents and Settings\Uhthn\Desktop\virus\avwgemn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\DbgHlp32.dll - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\WinForm.dll - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\AVPSrv.dll - Infected TROJAN-PSW.ONLINEGAMES.43 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\cmdbcs.dll - Infected TROJAN-PSW.ONLINEGAMES.12 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\avzxfmn.dll - Infected WIN32.TROJAN-PSW.ONLINEGAMES.AF - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\Packet.dll - Infected GENERIC.MALWARE.3AF.694C - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e15.exe - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\NvWin75.Jmp - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e13.exe - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\virus\mswmp32.dll - Suspected MaliciousScope:GENERIC.MALWARE.2
C:\Documents and Settings\Uhthn\Desktop\virus\IGM.exe - Suspected MaliciousScope:WIN32.GENERIC.MALWARE.8
C:\Documents and Settings\Uhthn\Desktop\virus\608769WL.DLL - Infected WIN32.TROJAN-PSW.ONLINEGAMES.G - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\NvSys74.Sys - Infected WIN32.TROJAN-PSW.QQPASS.A - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\608769MM.DLL - Infected WIN32.MALWARE.AGENT.6 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\e7.exe - Infected TROJAN-DOWNLOADER.AGENT.5 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\swchost.exe - Infected WIN32.TROJAN-PSW.ONLINEGAMES.G - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\wpcap.dll - Infected BACKDOOR.DELF.4 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\svchost.exe - Infected BACKDOOR.DELF.4 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\sqmapi32.dll - Infected GENERIC.MALWARE.F97.FF3 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\pcihdd.sys - Infected GENERIC.MALWARE.623.1A70 - Deleted
C:\Documents and Settings\Uhthn\Desktop\virus\wlatl.dll - Infected GENERIC.MALWARE.452.1B16 - Deleted

42 Files scanned
32 Infected files found
10 Suspected files found
0 Files disinfected
32 Files deleted

[病毒样本] 最近流行的那堆木马群42个