76

woai_jolin

2008-6-24 15:50:17        Real-time file system protection        file        G:\v\c\DNT\xsxw7.exe2        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:16        Real-time file system protection        file        G:\v\c\DNT\userinit.exe43        Win32/TrojanDownloader.Agent.NYP trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:15        Real-time file system protection        file        G:\v\c\DNT\ujzb7.exe2        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:12        Real-time file system protection        file        G:\v\c\DNT\stormliv.exe5        probably unknown NewHeur_PE virus        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:09        Real-time file system protection        file        G:\v\c\DNT\RavNT.e1xe        Win32/Agent.NXB trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:08        Real-time file system protection        file        G:\v\c\DNT\qqshel.exe2        Win32/Agent.NXB trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:06        Real-time file system protection        file        G:\v\c\DNT\od.exe2        a variant of Win32/Inject.NBE trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:05        Real-time file system protection        file        G:\v\c\DNT\nkly6.exe2        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:04        Real-time file system protection        file        G:\v\c\DNT\mspcexp.dll        Win32/Agent.NXB trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:03        Real-time file system protection        file        G:\v\c\DNT\mcdcsrv32_080602.dll        a variant of Win32/Spy.Delf.NHF trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:02        Real-time file system protection        file        G:\v\c\DNT\jfrwdh.dll        a variant of Win32/PSW.OnLineGames.NOA trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:50:01        Real-time file system protection        file        G:\v\c\DNT\hjsv10.exe2        probably a variant of Win32/PSW.OnLineGames.NML trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:59        Real-time file system protection        file        G:\v\c\DNT\FireFoxUpdater.exe5        probably unknown NewHeur_PE virus        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:59        Real-time file system protection        file        G:\v\c\DNT\eoms19.exe2        a variant of Win32/PSW.QQPass.NCZ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:58        Real-time file system protection        file        G:\v\c\DNT\ddddd.exe6        Win32/TrojanDownloader.Agent.NYP trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:57        Real-time file system protection        file        G:\v\c\DNT\ctfmon.exe2        probably a variant of Win32/Genetik trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:55        Real-time file system protection        file        G:\v\c\DNT\conime.exe4        probably a variant of Win32/Genetik trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:54        Real-time file system protection        file        G:\v\c\DNT\bwpr0.exe1        a variant of Win32/Agent.NOS trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:52        Real-time file system protection        file        G:\v\c\DNT\ad7553.exe2        a variant of Win32/Adware.Cinmus application        deleted - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:48        Real-time file system protection        file        G:\v\c\DNT\ad7546.exe2        a variant of Win32/Adware.Cinmus application        deleted - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:45        Real-time file system protection        file        G:\v\c\DNT\Access.exe2        probably unknown NewHeur_PE virus        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:44        Real-time file system protection        file        G:\v\c\DNT\6to4.dll        Win32/Agent.NXB trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:43        Real-time file system protection        file        G:\v\c\DNT\360safe.exe2        Win32/Agent.NXB trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:41        Real-time file system protection        file        G:\v\c\DNT\2.tmp        probably a variant of Win32/TrojanDropper.Agent.NHD trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:40        Real-time file system protection        file        G:\v\c\DNT\11135.dat        a variant of Win32/Agent.NQM trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:39        Real-time file system protection        file        G:\v\c\DNT\10156.dat        a variant of Win32/Agent.NQM trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.
2008-6-24 15:49:38        Real-time file system protection        file        G:\v\c\DNT\033.exe2        a variant of Win32/TrojanDownloader.Adload.NFC trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe.

woai_jolin

3157.exe
2008-6-24 15:51:52        Real-time file system protection        file        C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\jyv8f.dll        a variant of Win32/BHO.NDW trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\tempaq.
2008-6-24 15:51:48        Real-time file system protection        file        C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\system32\drivers\o0ce1b4.sys        probably a variant of Win32/Rootkit.Agent.NBQ trojan        cleaned by deleting - quarantined        NT AUTHORITY\SYSTEM        Event occurred on a new file created by the application: C:\Sandbox\Administrator\DefaultBox\drive\C\WINDOWS\tempaq.

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Undef.iip   
病毒： Trojan.Win32.Undef.iio   
病毒： Trojan.DL.Win32.Undef.tv
病毒： Trojan.DL.Win32.Undef.tv
病毒： Trojan.Win32.Undef.iid   
病毒： Trojan.Win32.Undef.iia   
病毒： Trojan.Win32.Undef.iiv   
病毒： Trojan.Win32.Undef.iis   
病毒： Trojan.DL.Win32.Mnless.ala
病毒： Worm.Win32.PaBug.ht      
病毒： Trojan.PSW.Win32.GameOL.ofr
病毒： Trojan.Win32.Undef.iig   
病毒： Trojan.PSW.Win32.GameOL.ofu
病毒： Harm.Win32.DownLoader.b  
病毒： Trojan.Clicker.Win32.PopHot.dyy
病毒： Trojan.Win32.Undef.iil   
病毒： Trojan.Win32.Undef.iih   
病毒： Trojan.Win32.Undef.iif   
病毒： Backdoor.Win32.Mnless.ay
病毒： AdWare.Win32.Agent.byd   
病毒： Trojan.Win32.Undef.iia   
病毒： Trojan.DL.Win32.Mnless.alv
病毒： Harm.Win32.DownLoader.d  
病毒： Trojan.Win32.Undef.iie   

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.50.10

tanlimo

AhnLab V3 IS 2008  11个

2008年6月24日 22:37:54 无信息 D:\DNT.rar 完成清除(删除) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:51 Win-Trojan/Agent.17680 D:\DNT.rar(userinit.exe43) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:50 Win-Trojan/Agent.172032.AG D:\DNT.rar(ticw.exe2) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:49 Win-Trojan/Bho.69746 D:\DNT.rar(qqshel.exe2) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:47 Win-Trojan/Agent.241664.AU D:\DNT.rar(Jack.exe2) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:45 Win-Trojan/QQPass.Gen D:\DNT.rar(eoms19.exe2) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:44 Win-Trojan/Agent.56360 D:\DNT.rar(ddddd.exe6) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:43 Win-Trojan/Agent.4928.E D:\DNT.rar(ctfmon.exe2) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:43 Win-Trojan/Agent.977920.B D:\DNT.rar(conime.exe4) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:41 Win-Trojan/OnlineGameHack.242688 D:\DNT.rar(11135.dat) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息
2008年6月24日 22:37:41 Win-Trojan/OnlineGameHack.242688 D:\DNT.rar(10156.dat) 压缩文件(请解压缩后重新检查) 系统检查 Everyone 无信息 无信息

Palkia

1.文件名：perfc009.dat
    不是病毒

    2.文件名：perfh009.dat
    不是病毒

    3.文件名：pid.PNF
    不是病毒

    4.文件名：prfc0804.dat
    不是病毒

    5.文件名：prfh0804.dat
    不是病毒

    6.文件名：pub_store.dat
    不是病毒

    7.文件名：reg.exe6
    不是病毒

    8.文件名：sc.exe4
    不是病毒

    9.文件名：spssvr.exe5
    不是病毒

    10.文件名：systome.dll
    不是病毒

    11.文件名：TElem32.dll
    不是病毒

    12.文件名：Thunder1.dll2
    不是病毒

    13.文件名：usmsho.dll
    不是病毒

    14.文件名：winabc.GID
    不是病毒

    15.文件名：avtapit.dll
    不是病毒

    16.文件名：wpa.dbl
    不是病毒

    17.文件名：wsock32.dll
    不是病毒

    18.文件名：wv.dat
    不是病毒

    19.文件名：xavengine.dll
    不是病毒

    20.文件名：xlhcc.dat
    不是病毒

    21.文件名：YQL_Lyrics_Common.dll
    不是病毒




1.文件名：-90393359
    不是病毒

    2.文件名：b.dll.zgx
    病毒名：AdWare.Win32.Agent.byb

    3.文件名：ad7546.exe2
    不是病毒

    4.文件名：ad7553.exe2
    不是病毒

    5.文件名：ansi.sys
    不是病毒

    6.文件名：aoqnabib.sys
    不是病毒

    7.文件名：bootcfg.exe12
    不是病毒

    8.文件名：cid_store.dat
    不是病毒

    9.文件名：comarshal.dat
    不是病毒

    10.文件名：comspring.dat
    不是病毒

    11.文件名：conime.exe4
    病毒名：Win32.ExplorerDL.d

    12.文件名：ctfmon.exe2
    病毒名：Win32.ExplorerDL.d

    13.文件名：ddddd.exe6
    病毒名：Trojan.DL.Win32.Agent.ntx

    14.文件名：gtwatch.exe1
    不是病毒

    15.文件名：ICBCNetSignG.dll
    不是病毒

    16.文件名：jcutilgem101101.dll
    不是病毒

    17.文件名：JCUTILGEM102K.dll
    不是病毒

    18.文件名：jcutilHUAUK.dll
    不是病毒

    19.文件名：mspcexp.dll
    不是病毒

    20.文件名：myiecfg.ini.tmp
    不是病毒

    您所上报的病毒文件将在瑞星2008的20.50.22版本(瑞星2007的19.81.22版本)中处理解决。

凝逸反毒

凝逸反毒 病毒11个,正常8个



              [凝逸反毒] (http://hi.baidu.com/503165656)
       [凝逸反毒.扫描病毒引擎3.4-日志]       20080626_084956
----------


扫描目录:z:\999\76[1]\|
文件总数:76
报告 | virus [175>20080618_ny0848.axx] | z:\999\76[1]\DNT\360safe.exe2
报告 | virus [348>20080618_ny0848.axx] | z:\999\76[1]\DNT\conime.exe4
报告 | virus [654>20080618_ny0848.axx] | z:\999\76[1]\DNT\ctfmon.exe2
报告 | virus [563>20080606_tx0002.axx] | z:\999\76[1]\DNT\ddddd.exe6
报告 | virus [305>20080615_ny0847.axx] | z:\999\76[1]\DNT\mspcexp.dll
报告 | virus [419>20080618_ny0848.axx] | z:\999\76[1]\DNT\qqshel.exe2
报告 | virus [56>20080618_ny0848.axx] | z:\999\76[1]\DNT\ravnt.e1xe
报告 | virus [533>20080618_ny0848.axx] | z:\999\76[1]\DNT\telem32.dll
报告 | virus [280>20080618_ny0848.axx] | z:\999\76[1]\DNT\usmsho.dll
报告 | virus [411>20080618_ny0848.axx] | z:\999\76[1]\DNT\usmsvc.exe14
报告 | virus [326>20080618_ny0848.axx] | z:\999\76[1]\DNT\yql_lyrics_common.dll


正常 | ok | z:\999\76[1]\DNT\ansi.sys
正常 | ok | z:\999\76[1]\DNT\bootcfg.exe12
正常 | ok | z:\999\76[1]\DNT\icbcnetsigng.dll
正常 | ok | z:\999\76[1]\DNT\jcutilgem101101.dll
正常 | ok | z:\999\76[1]\DNT\jcutilgem102k.dll
正常 | ok | z:\999\76[1]\DNT\jcutilhuauk.dll
正常 | ok | z:\999\76[1]\DNT\reg.exe6
正常 | ok | z:\999\76[1]\DNT\sc.exe4