顽固型木马

显示全部楼层 · 发表于 2008-4-16 20:46:29

信息 2008-04-16  20:45:49 您此次查毒隔离了11个文件
信息 2008-04-16  20:45:49 您此次查毒共查出11个病毒以及危险代码
信息 2008-04-16  20:45:49 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件44个
信息 2008-04-16  20:45:49 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\WSockDrv32.exe Win32.Hack.UpackT.a.15981 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\upxdnd.exe Win32.Troj.OnlineGames.tm.73897 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\ThunderHelper32.dll Win32.Troj.BHO.548864 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\tciocp32.exe Win32.PSWTroj.OnLineGames.69632 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\SHAProc.exe Win32.Troj.OnlineGameT.nf.77825 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\pbjoqdke.exe Win32.Troj.GameOnlineT.nf.73973 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\msccrt.exe Win32.PSWTroj.OnLineGames.69632 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\fmsbbqi.exe Win32.PSWTroj.GameOL.69632 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\DbgHlp32.exe Win32.PSWTroj.OnLineGames.69670 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\cmdbcs.exe Win32.Troj.OnlineGames.tm.69632 隔离成功
病毒 2008-04-16  20:45:49 D:\Desktop\widows)\widows)\AVPSrv.exE Win32.PSWTroj.GameOL.73728 隔离成功

信息 2008-04-16  20:43:38 您此次查毒隔离了30个文件
信息 2008-04-16  20:43:38 您此次查毒清除了7个病毒
信息 2008-04-16  20:43:38 您此次查毒共查出37个病毒以及危险代码
信息 2008-04-16  20:43:38 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件102个
信息 2008-04-16  20:43:38 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\ssdtdt.sys Win32.Adware.Agent.zv.163840 隔离成功
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\shelasv.exe Win32.Adware.Agent.20480 隔离成功
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\mseval.dll Win32.Adware.Agent.49152 隔离成功
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\dlbar.exe Win32.Adware.Cinmus.143360 隔离成功
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\cwebpage.dll Win32.Adware.NewWeb.bf.36864 隔离成功
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\cvshost.exe Win32.Adware.Agent.20480 隔离成功
风险程序 2008-04-16  20:43:38 D:\Desktop\New Folder (3)\system\system\52vip_yoyo1012.exe Win32.RiskWare.ZloQQ.hk.154875 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\zdwhwq.dll Win32.Troj.GameOnlineT.mg.27908 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\yzwvhp17.dll Win32.Troj.Agent.16384 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\yyplay.exe Win32.Troj.Delf.418304 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\WSockDrv32.dll Win32.PSWTroj.OnLineGames.33036 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\url2.exe Worm.DownLoaderT.at.180224 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\upxdnd.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\ttVUFVUF1011.exe Win32.Troj.OnlineGamesT.af.57344 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\ttQACQAC1035.exe Win32.Troj.OnlineGameT.pq.57344 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\ttNNBNNB1047.exe Win32.Troj.OnlineGameT.pq.57344 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\ttEZZEZZ1046.exe Win32.Troj.OnlineGameT.pq.57344 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\Transfer Sebvice.exe Worm.Delf.el.18944 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\tofsyy.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\tciocp32.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\sysloader.dll Win32.Troj.YsmarT.ea.183808 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\qqxyd.exe Win32.PSWTroj.Agent.110592 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\qqxyd.dll Win32.PSWTroj.Agent.17920 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\pydkxv.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\PTSShell.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\pjfzuf.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\msccrt.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\LotusHlp.dll Win32.Troj.OnlineGameT.nw.25872 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\jjyjhbid.dll Win32.Troj.OnLineGamesT.29968 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\ickpqn54.dll Win32.Troj.Agent.16384 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\fmsbbqi.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\Extensionsk.exe Worm.Delf.az.70144 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\dfqpnq31.dll Win32.Troj.Agent.16384 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\DbgHlp32.dlL Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\cmdbcs.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\ayFKKFKK1055.exe Win32.Troj.OnlineGamesT.af.57344 隔离成功
病毒 2008-04-16  20:43:37 D:\Desktop\New Folder (3)\system\system\AVPSrv.dll Win32.Troj.GameOnlineT.hc.31500 隔离成功

信息 2008-04-16  20:46:23 您此次查毒隔离了27个文件
信息 2008-04-16  20:46:23 您此次查毒共查出27个病毒以及危险代码
信息 2008-04-16  20:46:23 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件59个
信息 2008-04-16  20:46:23 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\soundma[1].exe Win32.Hack.Delf.m.221184 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\qq[1].exe Win32.Troj.QQPswT.bs.116858 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\lmmh[1].exe Win32.Troj.Small.uj.110592 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\game[1].exe Win32.TrojDownloader.Agent.192512 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\cc1[1].exe Win32.Hack.UpackT.a.15981 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\arp111[1].exe Win32.Hack.Agent.282624 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\90[1].exe Win32.Troj.AgentT.ea.159744 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\5[1].exe Win32.Hack.Delf.267776 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\202[1].exe Win32.Hack.UpackT.a.15981 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\1001[1].exe Worm.Delf.el.18944 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00035[1].exe Win32.Troj.OnLineGames.mx.57409 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00031[1].exe Win32.PSWTroj.Agent.110592 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00021[1].exe Win32.Troj.OnlineGameT.pq.57344 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00020[1].exe Win32.PSWTroj.OnLineGames.86016 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00019[1].exe Win32.PSWTroj.OnLineGames.69632 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00017[1].exe Win32.Troj.GameOnlineT.nf.73973 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00016[1].exe Win32.PSWTroj.GameOL.69632 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00015[1].exe Win32.Troj.OnlineGameT.pq.57344 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00012[1].exe Win32.Troj.OnlineGames.tm.73897 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00011[1].exe Win32.PSWTroj.OnLineGames.69632 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00008[1].exe Win32.PSWTroj.GameOL.73728 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00007[1].exe Win32.Hack.UpackT.a.15981 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00006[1].exe Win32.Troj.OnlineGameT.pq.57344 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00005[1].exe Win32.Troj.OnlineGameT.nf.77825 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00004[1].exe Win32.Troj.OnlineGamesT.af.57344 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00003[1].exe Win32.PSWTroj.OnLineGames.69670 隔离成功
病毒 2008-04-16  20:46:23 D:\Desktop\ÏÂÔØÂí\下载马\00002[1].exe Win32.PSWTroj.GameOL.61440 隔离成功

显示全部楼层 · 发表于 2008-4-16 21:38:03

2008-4-16 21:37:26 Real-time file system protection file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SYSTEM\MYCC32.DLL a variant of Win32/Spy.Delf.NHW trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: E:\micropoint\Micropoint\MPSVC2.exe.
2008-4-16 21:37:26 Real-time file system protection file C:\Documents and Settings\Administrator\桌面\system\mycc32.dll a variant of Win32/Spy.Delf.NHW trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-4-16 21:27:22 Real-time file system protection file C:\Documents and Settings\Administrator\桌面\Extensionsk.exe probably a variant of Win32/Genetik trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-4-16 21:27:22 Real-time file system protection file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\EXTENSIONSK.EXE probably a variant of Win32/Genetik trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: E:\micropoint\Micropoint\MPSVC2.exe.
2008-4-16 21:27:14 Real-time file system protection file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\TRANSFER SEBVICE.EXE Win32/AutoRun.IN worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: E:\micropoint\Micropoint\MPSVC2.exe.
2008-4-16 21:27:14 Real-time file system protection file C:\Documents and Settings\Administrator\桌面\Transfer Sebvice.exe Win32/AutoRun.IN worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

显示全部楼层 · 发表于 2008-4-16 21:38:43

2008-4-16 21:37:26 Real-time file system protection file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SYSTEM\MYCC32.DLL a variant of Win32/Spy.Delf.NHW trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: E:\micropoint\Micropoint\MPSVC2.exe.
2008-4-16 21:37:26 Real-time file system protection file C:\Documents and Settings\Administrator\桌面\system\mycc32.dll a variant of Win32/Spy.Delf.NHW trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-4-16 21:27:22 Real-time file system protection file C:\Documents and Settings\Administrator\桌面\Extensionsk.exe probably a variant of Win32/Genetik trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-4-16 21:27:22 Real-time file system protection file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\EXTENSIONSK.EXE probably a variant of Win32/Genetik trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: E:\micropoint\Micropoint\MPSVC2.exe.
2008-4-16 21:27:14 Real-time file system protection file C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\TRANSFER SEBVICE.EXE Win32/AutoRun.IN worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: E:\micropoint\Micropoint\MPSVC2.exe.
2008-4-16 21:27:14 Real-time file system protection file C:\Documents and Settings\Administrator\桌面\Transfer Sebvice.exe Win32/AutoRun.IN worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

显示全部楼层 · 发表于 2008-4-16 21:42:31

ＴＯ　ＡＢ

显示全部楼层 · 发表于 2008-4-16 23:30:09

已删除: 病毒 Worm.Win32.Delf.el 文件: F:\Download\Transfer Sebvice.rar\Transfer Sebvice.exe/PE_Patch.UPX/UPX
已删除: 病毒 IRC-Worm.Win32.Delf.bd 文件: F:\Download\Transfer Sebvice.rar\Extensionsk.exe
已删除: 病毒 IRC-Worm.Win32.Delf.bd 文件: F:\Download\Transfer Sebvice.rar\AutoRun.inf

显示全部楼层 · 发表于 2008-4-17 11:25:58

ESS 3.0

2008-4-17 11:24:59 文件系统实时防护文件 D:\Transfer Sebvice\Extensionsk.exe 可能是 Win32/Genetik 特洛伊木马的变种通过删除清除 - 已隔离 NT AUTHORITY\SYSTEM 在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe.
2008-4-17 11:24:50 文件系统实时防护文件 D:\Transfer Sebvice\Transfer Sebvice.exe Win32/AutoRun.IN 蠕虫通过删除清除 - 已隔离 NT AUTHORITY\SYSTEM 在应用程序新建的文件上发生事件: C:\Program Files\7-Zip\7zG.exe.

显示全部楼层 · 发表于 2008-4-19 14:11:57

第２和第３包：

已刪除: 特洛伊木馬程式 Trojan.Win32.BHO.bif 檔案: C:\Documents and Settings\kato9096\桌面\236099-3\system\system\newtn.dll
已刪除: 特洛伊木馬程式 Backdoor.Win32.Agent.gva 檔案: C:\Documents and Settings\kato9096\桌面\236099-3\system\system\url2.exe//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Delf.gtg 檔案: C:\Documents and Settings\kato9096\桌面\236099-3\system\system\Windows201.exe//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aazc 檔案: C:\Documents and Settings\kato9096\桌面\236099-3\system\system\zdwhwq.dll

显示全部楼层 · 发表于 2008-4-20 10:10:27

附件怎么下载不了？？

显示全部楼层 · 发表于 2008-4-21 09:48:27

不够权限，下不了。。

[病毒样本] 顽固型木马