81个

显示全部楼层 · 发表于 2008-5-1 20:37:53

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\system32.rar'
C:\Documents and Settings\Administrator\桌面\system32.rar
  [0] Archive type: RAR
--> system32\1.exe
      [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
  --> system32\1122.exe
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
  --> system32\2.exe
   [DETECTION] Contains detection pattern of the dropper DR/Drop.Agent.qoa.6
  --> system32\3.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
--> system32\4.exe
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Dldr.Small.uxb
   --> Object
      [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
--> system32\5.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> system32\6.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
--> system32\ad1.gif
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aceg
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aju
  --> system32\ad11.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ablo
--> system32\ad12.gif
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> system32\ad14.gif
   [1] Archive type: OVL
   --> Object
      [DETECTION] Is the Trojan horse TR/Agent.10985
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.ajv
  --> system32\ad15.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zfe
--> system32\ad17.gif
      [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
--> system32\ad2.gif
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abxk
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aji
--> system32\ad20.gif
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aij
--> system32\ad21.gif
   [1] Archive type: OVL
   --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\ad30.gif
   [DETECTION] Is the Trojan horse TR/PSW.16785
--> system32\ad31.gif
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
  --> system32\ad36.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.yip.19
--> system32\ad4.gif
   [1] Archive type: OVL
   --> Object
      [DETECTION] Is the Trojan horse TR/Agent.9852
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akc
--> system32\ad40.gif
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ydw
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.ajp
  --> system32\ad6.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ZFE.3
--> system32\an.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> system32\bincdwsa.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abln
  --> system32\conn.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\dbhlp32.dlL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\dev03.inf
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\dionpis.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\down.exe
   [DETECTION] Is the Trojan horse TR/Agent.12288.E
  --> system32\dqFKKFKK1063.dll
   [DETECTION] Is the Trojan horse TR/Agent.9852
  --> system32\dqWLVWLV1012.dll
   [DETECTION] Is the Trojan horse TR/Agent.10985
  --> system32\fiosectc.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\fmsbbqi.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\fmsjhif.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
--> system32\game.gif
      [DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
  --> system32\host.gif
   [DETECTION] Is the Trojan horse TR/Qhost.aef
  --> system32\inudhya.dll
   [DETECTION] Is the Trojan horse TR/Agent.95744
--> system32\lmmh.gif
      [DETECTION] Is the Trojan horse TR/Hijacker.Gen
  --> system32\mfchlp64.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.47
--> system32\mscomfix32.exe
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Gen
--> system32\msoscqit00.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\msosdohs00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abxk
  --> system32\msosmhfp00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aceg
--> system32\msosmnsf00.dll
      [DETECTION] Contains suspicious code HEUR/Malware
  --> system32\msosping00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ydw
--> system32\qq.gif
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.41
  --> system32\qqxyd.dll
   [DETECTION] Is the Trojan horse TR/PSW.Agent.afw.1
  --> system32\sfnqpewv.dll
   [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
--> system32\soundma.gif
      [DETECTION] Is the Trojan horse TR/Drop.Age.51042.A
  --> system32\tciocp32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\ticisms.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\ttEZZEZZ1046.dll
   [DETECTION] Is the Trojan horse TR/Agent.7807
  --> system32\ttNNBNNB1047.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zhy
--> system32\ttQACQAC1038.dll
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\ttVUFVUF1011.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zds
  --> system32\winhelp1.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.uxb
  --> system32\Winsp2.dll
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> system32\WinSys16.Sys
   [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.41
  --> system32\WSockDrv32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> system32\XNGAnti.sys
   [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.ajv
   [NOTE]    A backup was created as '488cba18.qua'  ( QUARANTINE )
   [NOTE]    The file was deleted!

Used time: 00:04 min

The scan has been done completely.

   0 Scanning directories
   82 Files were scanned
   72 viruses and/or unwanted programs were found
   4 Files were classified as suspicious:
   1 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   10 Files not concerned
   1 Archives were scanned
   0 Warnings
   1 Notes
Sent to AviraLab

[ 本帖最后由 Kitman 于 2008-5-1 20:43 编辑 ]

显示全部楼层 · 发表于 2008-5-1 20:51:54

Blink(NORMAN) 61个。。。
赞叹一声，启发万岁。。。和fp有的一拼。。。

显示全部楼层 · 发表于 2008-5-1 20:57:11

趋势只是说发现多重病毒，反应还蛮快的

显示全部楼层 · 发表于 2008-5-1 22:51:45

剩下7个
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\system32'
C:\Documents and Settings\Administrator\My Documents\system32\system32\
  1.exe
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Contains detection pattern of the worm WORM/Cekar.A
   [NOTE]    The file was deleted!
  1122.exe
   [DETECTION] Is the Trojan horse TR/Downloader.Gen
   [NOTE]    The file was deleted!
  2.exe
   [DETECTION] Contains detection pattern of the dropper DR/Drop.Agent.qoa.6
   [NOTE]    The file was deleted!
  3.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [NOTE]    The file was deleted!
  4.exe
[0] Archive type: RSRC
--> Object
      [DETECTION] Is the Trojan horse TR/Dldr.Small.uxb
--> Object
   [NOTE]    The file was deleted!
  5.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  6.exe
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [NOTE]    The file was deleted!
  ad1.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aceg
         [WARNING] Infected files in archives cannot be repaired!
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aju
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  ad10.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad11.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ablo
   [NOTE]    The file was deleted!
  ad12.gif
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  ad13.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad14.gif
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/Agent.10985
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.ajv
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  ad15.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zfe
   [NOTE]    The file was deleted!
  ad16.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad17.gif
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
   [NOTE]    The file was deleted!
  ad19.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad2.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abxk
         [WARNING] Infected files in archives cannot be repaired!
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aji
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  ad20.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aij
         [WARNING] Infected files in archives cannot be repaired!
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad21.gif
[0] Archive type: OVL
   --> Object
      [1] Archive type: Runtime Packed
      --> Object
--> Object
   [NOTE]    The file was deleted!
  ad3.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad30.gif
   [DETECTION] Is the Trojan horse TR/PSW.16785
   [NOTE]    The file was deleted!
  ad31.gif
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  ad35.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
      [2] Archive type: Runtime Packed
      --> Object
      --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
  ad36.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.yip.19
   [NOTE]    The file was deleted!
  ad4.gif
[0] Archive type: OVL
--> Object
      [DETECTION] Is the Trojan horse TR/Agent.9852
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.akc
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  ad40.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ydw
         [WARNING] Infected files in archives cannot be repaired!
      --> Object
         [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.ajp
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  ad5.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Contains suspicious code HEUR/Malware
   [NOTE]    The fund was classified as suspicious.
   [NOTE]    The file was moved to '484ed94a.qua'!
  ad6.gif
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ZFE.3
   [NOTE]    The file was deleted!
  ad7.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ad8.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: OVL
      --> Object
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  an.exe
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  bincdwsa.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abln
   [NOTE]    The file was deleted!
  COMMAND.COM
  conn.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  dbhlp32.dlL
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  dev03.inf
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  dionpis.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  DOSX.EXE
  down.exe
   [DETECTION] Is the Trojan horse TR/Agent.12288.E
   [NOTE]    The file was deleted!
  dqFKKFKK1063.dll
   [DETECTION] Is the Trojan horse TR/Agent.9852
   [NOTE]    The file was deleted!
  dqWLVWLV1012.dll
   [DETECTION] Is the Trojan horse TR/Agent.10985
   [NOTE]    The file was deleted!
  fiosectc.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  fmsbbqi.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  fmsjhif.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  game.gif
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  HIMEM.SYS
  host.gif
   [DETECTION] Is the Trojan horse TR/Qhost.aef
   [NOTE]    The file was deleted!
  huifitc.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.59
   [NOTE]    The file was deleted!
  inudhya.dll
   [DETECTION] Is the Trojan horse TR/Agent.95744
   [NOTE]    The file was deleted!
  KB16.COM
  lmmh.gif
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  lwias16_080427.dll
   [DETECTION] Is the Trojan horse TR/Spy.Pophot.asg.9
   [NOTE]    The file was deleted!
  lwizysy16_080428.dll
   [DETECTION] Is the Trojan horse TR/Spy.Pophot.asy.1
   [NOTE]    The file was deleted!
  mfchlp64.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NVI.47
   [NOTE]    The file was deleted!
  mscomfix32.exe
[0] Archive type: RSRC
--> Object
   [NOTE]    The file was deleted!
  msoscqit00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  msosdohs00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.abxk
   [NOTE]    The file was deleted!
  msosmhfp00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.aceg
   [NOTE]    The file was deleted!
  msosmnsf00.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  msosping00.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ydw
   [NOTE]    The file was deleted!
  mwasys32_080427.dll
   [DETECTION] Is the Trojan horse TR/Spy.Pophot.Ash.8
   [NOTE]    The file was deleted!
  mwiszcyys32_080428.dll
   [DETECTION] Is the Trojan horse TR/Spy.Pophot.asz.1
   [NOTE]    The file was deleted!
  qq.gif
[0] Archive type: Runtime Packed
   --> Object
      [1] Archive type: RSRC
      --> Object
         [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.41
         [WARNING] Infected files in archives cannot be repaired!
   [NOTE]    The file was deleted!
  qqxyd.dll
   [DETECTION] Is the Trojan horse TR/PSW.Agent.afw.1
   [NOTE]    The file was deleted!
  REDIR.EXE
  sfnqpewv.dll
   [DETECTION] Is the Trojan horse TR/Onlinegames.NVI
   [NOTE]    The file was deleted!
  soundma.gif
[0] Archive type: Runtime Packed
--> Object
      [DETECTION] Is the Trojan horse TR/Drop.Age.51042.A
   [NOTE]    The file was deleted!
  svch0st.exe
  tciocp32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ticisms.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  ttEZZEZZ1046.dll
   [DETECTION] Is the Trojan horse TR/Agent.7807
   [NOTE]    The file was deleted!
  ttNNBNNB1047.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zhy
   [NOTE]    The file was deleted!
  ttQACQAC1038.dll
[0] Archive type: Runtime Packed
--> Object
   [NOTE]    The file was deleted!
  ttVUFVUF1011.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zds
   [NOTE]    The file was deleted!
  verclsid.exe
  winhelp1.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.uxb
   [NOTE]    The file was deleted!
  Winsp2.dll
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
   [NOTE]    The file was deleted!
  WinSys16.Sys
   [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.41
   [NOTE]    The file was deleted!
  WSockDrv32.dll
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was deleted!
  XNGAnti.sys
   [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.ajv
   [NOTE]    The file was deleted!

End of the scan: 2008年5月1日  07:51
Used time: 00:06 min

The scan has been done completely.

   2 Scanning directories
   81 Files were scanned
   77 viruses and/or unwanted programs were found
   4 Files were classified as suspicious:
   73 files were deleted
   0 files were repaired
   1 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   4 Files not concerned
   0 Archives were scanned
   10 Warnings
   74 Notes

显示全部楼层 · 发表于 2008-5-2 00:08:33

费尔杀了74个，哈哈

显示全部楼层 · 发表于 2008-5-2 00:26:25

江民52个

显示全部楼层 · 发表于 2008-5-2 17:50:04

红伞，81个杀完

[病毒样本] 81个

本帖子中包含更多资源

本帖子中包含更多资源