15个

wu19934718

费尔 14个  

风中漫步

avk
卡巴+bd引擎
12个

clovedsm

norton 12

风中漫步

刚用赛门铁克企业版也杀了下，扫描16个文件，发现风险12个

lic

norman 9

- Scanning files in the directory: C:\Documents and Settings\Owner\桌面\1228\
       47 ms C:\Documents and Settings\Owner\桌面\1228\32490312.dll       Trojan W32/Agent.DQWK ()
     5688 ms C:\Documents and Settings\Owner\桌面\1228\adkseimop43855.exe
       47 ms C:\Documents and Settings\Owner\桌面\1228\cncc.exe           Trojan W32/Agent.DROR ()
      875 ms C:\Documents and Settings\Owner\桌面\1228\dls0523pmw.exe   
      157 ms C:\Documents and Settings\Owner\桌面\1228\fcafedv.exe        Trojan W32/Agent.BRIY ()
      156 ms C:\Documents and Settings\Owner\桌面\1228\fcafedvA.exe       Trojan W32/DLoader.DZFG ()
       47 ms C:\Documents and Settings\Owner\桌面\1228\ldcore.dll         Trojan W32/DLoader.DAEO ()
       47 ms C:\Documents and Settings\Owner\桌面\1228\LYLOADER.EXE       Trojan W32/OnLineGames.ACTD ()
        0 ms C:\Documents and Settings\Owner\桌面\1228\LYMANGR.DLL        Trojan W32/OnLineGames.ACTS ()
      172 ms C:\Documents and Settings\Owner\桌面\1228\meso43855.dll     
       16 ms C:\Documents and Settings\Owner\桌面\1228\MSDEG32.DLL        Trojan W32/OnLineGames.SZH ()
       15 ms C:\Documents and Settings\Owner\桌面\1228\offun.exe          Trojan W32/DLoader.BJUN ()
      500 ms C:\Documents and Settings\Owner\桌面\1228\rau001978.exe     
       16 ms C:\Documents and Settings\Owner\桌面\1228\Sy_Win7k.Jmp      
       32 ms C:\Documents and Settings\Owner\桌面\1228\Wn_Sys8x.Sys      
- File C:\Documents and Settings\Owner\桌面\1228\32490312.dll quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\32490312.dll deleted.
- File C:\Documents and Settings\Owner\桌面\1228\cncc.exe quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\cncc.exe deleted.
- File C:\Documents and Settings\Owner\桌面\1228\fcafedv.exe quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\fcafedv.exe deleted.
- File C:\Documents and Settings\Owner\桌面\1228\fcafedvA.exe quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\fcafedvA.exe deleted.
- File C:\Documents and Settings\Owner\桌面\1228\ldcore.dll quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\ldcore.dll deleted.
- File C:\Documents and Settings\Owner\桌面\1228\LYLOADER.EXE quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\LYLOADER.EXE deleted.
- File C:\Documents and Settings\Owner\桌面\1228\LYMANGR.DLL quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\LYMANGR.DLL deleted.
- File C:\Documents and Settings\Owner\桌面\1228\MSDEG32.DLL quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\MSDEG32.DLL deleted.
- File C:\Documents and Settings\Owner\桌面\1228\offun.exe quarantined.
- File C:\Documents and Settings\Owner\桌面\1228\offun.exe deleted.

lic

nod32 9

Scanned disks, folders and files: C:\Documents and Settings\Owner\桌面\1228.rar
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?rau001978.exe ?UPX v12_m2 - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?ldcore.dll - Win32/TrojanDownloader.Small.DXM trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?32490312.dll - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?cncc.exe - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?LYMANGR.DLL - a variant of Win32/PSW.OnLineGames.DTR trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?MSDEG32.DLL - a variant of Win32/PSW.OnLineGames.DVV trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?Sy_Win7k.Jmp - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?meso43855.dll - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?adkseimop43855.exe ?NSIS ?Entries.bin - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?adkseimop43855.exe ?NSIS ?Strings.txt - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?adkseimop43855.exe ?NSIS ?TTC.dll - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?adkseimop43855.exe ?NSIS ?System.dll - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?adkseimop43855.exe ?NSIS ?folder.js - is OK
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?fcafedv.exe - Win32/Agent.NEL trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?dls0523pmw.exe - probably a variant of Win32/TrojanDownloader.Obfuscated trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?fcafedvA.exe - probably a variant of Win32/TrojanDownloader.VB trojan
C:\Documents and Settings\Owner\桌面\1228.rar ?RAR ?offun.exe - Win32/VB.NFO trojan
C:\Documents and Settings\Owner\桌面\1228.rar:Zone.Identifier - is OK

zwl2828

C:\Users\Wesley\Downloads\1228.rar » RAR » ldcore.dll - Win32/TrojanDownloader.Small.DXM trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » LYLOADER.EXE - a variant of Win32/PSW.Agent.NEC trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » LYMANGR.DLL - a variant of Win32/PSW.OnLineGames.DTR trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » MSDEG32.DLL - a variant of Win32/PSW.OnLineGames.DVV trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » Wn_Sys8x.Sys - probably a variant of Win32/AutoRun.Q worm
C:\Users\Wesley\Downloads\1228.rar » RAR » fcafedv.exe - Win32/Agent.NEL trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » dls0523pmw.exe - probably a variant of Win32/TrojanDownloader.Obfuscated trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » fcafedvA.exe - probably a variant of Win32/TrojanDownloader.VB trojan
C:\Users\Wesley\Downloads\1228.rar » RAR » offun.exe - Win32/VB.NFO trojan

Graybird

---------------------------------------------------------
ewido anti-spyware - 扫描报告
---------------------------------------------------------

+ 创建时间:        20:20:28 2007-12-29

+ 扫描结果:       



E:\1228.rar/offun.exe -> Adware.Bagon : 未进行操作.
E:\1228.rar/adkseimop43855.exe -> Adware.TTC : 未进行操作.
E:\1228.rar/meso43855.dll -> Adware.TTC : 未进行操作.
E:\1228.rar/ldcore.dll -> Downloader.Small.dxm : 未进行操作.
E:\1228.rar/dls0523pmw.exe -> Downloader.Zlob.bqw : 未进行操作.
E:\1228.rar/fcafedv.exe -> Dropper.Agent.mu : 未进行操作.
E:\1228.rar/rau001978.exe -> Trojan.Small : 未进行操作.


::报告结束

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Agent.ahg         
病毒： Trojan.DL.Win32.Agent.xes
病毒： Trojan.Win32.Undef.acb   
病毒： Trojan.PSW.Win32.XYOnline.yq
病毒： Trojan.PSW.Win32.OnlineGames.xmp
病毒： Trojan.PSW.Win32.XYOnline.yq
病毒： Worm.Win32.PaBug.fu      
病毒： Adware.Win32.Agent.nra   
病毒： Dropper.Win32.Agent.mu   
病毒： Trojan.DL.Agent.ctp      
病毒： Trojan.Clicker.Win32.VB.zwv
病毒： Trojan.Agent.xzy         

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.24.52

yangpizhi

-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.4.2
Virus signature file from: 2007-12-29, 1:27

Scan name: [Custom Scan]
Path to scan: C:\样本 yangpizhi\1228.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-12-29, 20:42:59
---------------------------------------------------------------------

[Found downloader]         <W32/Downldr2.ATNU (exact, not disinfectable)>        C:\样本 yangpizhi\1228.rar->rau001978.exe
[Found downloader]         <W32/Downldr2.MUV (exact, not disinfectable)>        C:\样本 yangpizhi\1228.rar->ldcore.dll
[Clean]        C:\样本 yangpizhi\1228.rar->32490312.dll
[Clean]        C:\样本 yangpizhi\1228.rar->cncc.exe
[Found possible security risk]         <W32/Heuristic-114!Eldorado (damaged, not disinfectable)>        C:\样本 yangpizhi\1228.rar->LYLOADER.EXE->(UPack)
[Found possible virus]         <W32/Downloader-SmlInject-based!Maximus (not disinfectable)>        C:\样本 yangpizhi\1228.rar->LYMANGR.DLL->(UPack)
[Clean]        C:\样本 yangpizhi\1228.rar->MSDEG32.DLL->(UPack)
[Found virus]         <W32/InfoStealer!Generic (not disinfectable)>        C:\样本 yangpizhi\1228.rar->Wn_Sys8x.Sys
[Clean]        C:\样本 yangpizhi\1228.rar->Sy_Win7k.Jmp
[Found adware]         <W32/Adware.LQO (exact, not disinfectable)>        C:\样本 yangpizhi\1228.rar->meso43855.dll
[Found adware]         <W32/AdwareX.FID (exact, not disinfectable)>        C:\样本 yangpizhi\1228.rar->adkseimop43855.exe
[Found possible security risk]         <W32/Heuristic-162!Eldorado (not disinfectable)>        C:\样本 yangpizhi\1228.rar->fcafedv.exe->(TeLock)->(TeLock)
[Found possible virus]         <W32/NewMalware-Rootkit-I-based!Maximus (not disinfectable)>        C:\样本 yangpizhi\1228.rar->dls0523pmw.exe
[Clean]        C:\样本 yangpizhi\1228.rar->fcafedvA.exe->(TeLock)
[Found downloader]         <W32/Downloader.AHVC (exact, not disinfectable)>        C:\样本 yangpizhi\1228.rar->offun.exe
[Contains infected objects]        C:\样本 yangpizhi\1228.rar
[Quarantined]        C:\样本 yangpizhi\1228.rar->offun.exe

---------------------------------------------------------------------
Scan ended:        2007-12-29, 20:43:05
Duration:        0:00:06

Scan result:

Scanned files:                 1
Infected objects:         10
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------