又一窝病毒包

显示全部楼层 · 发表于 2008-7-16 15:22:07

又一窝病毒包

显示全部楼层 · 发表于 2008-7-16 15:26:47

实时防毒（按时间降序排列）
病毒 2008-07-16 15:24:51 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\wszjeax.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:51 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\WSockDrv32.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\WinForm.exE中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\uusee107444.exe中 Win32.Troj.DownloaderT.er.80909 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\upxdnd.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\tfw1.exe中 Win32.Troj.DownLoaderT.hq.114688 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\svchost.exe中 Worm.Troj.Wogue.ax.20992 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\SSLDyn.exE中 Win32.PSWTroj.OnLineGames.18345 处理成功（操作：删除）
病毒 2008-07-16 15:24:50 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\sa.jpg.exe中 Win32.Troj.Agent.bz.90251 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\rundll.exe中 Win32.Troj.Undef.ca.36864 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\rsjzbsp.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\rbnnil.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\ratbutl.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\rarjftl.exe中 Win32.Troj.OnlineGamesT.zy.90112 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\raqjmtl.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\raqjltl.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\PTSShell.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\okmhfaz.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:49 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\NvSys_55.Sys中 Win32.Troj.QQThiefT.ty.48283 处理成功（操作：删除）
病毒 2008-07-16 15:24:48 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\NVDispDRV.EXE中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:48 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\my_70411.exe中 Win32.TrojDownloader.Small.20480 处理成功（操作：删除）
病毒 2008-07-16 15:24:48 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\MsPrint32D.exe中 Win32.Troj.OnlineGames.qv.16102 处理成功（操作：删除）
病毒 2008-07-16 15:24:48 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\MsIMMs32.exE中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:48 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\LYLOADER.EXE中 Win32.Troj.OnlineGamesT.sm.90112 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\luyzgj.exe中 Win32.PSWTroj.OnLineGames.16118 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\lsassj.exe中 Win32.PSWTroj.Lmir.29891 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\LotusHlp.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\lkzspn.exe中 Win32.Troj.OnlineGames.av.17530 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\Kvsc3.exE中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\kvdxsois.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\kvdxsnis.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\kashmaz.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\kafymaz.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\jsqxbzc.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:47 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\jdwmsjvv.exe中 Win32.Troj.DownloaderT.m.101715 处理成功（操作：删除）
病毒 2008-07-16 15:24:46 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\inaxvs.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:46 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\in26.exe中 Win32.Troj.DownloaderT.m.101715 处理成功（操作：删除）
病毒 2008-07-16 15:24:46 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\houffw.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:46 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\gjfhbzc.exe中 Win32.Troj.AgentT.fm.14452 处理成功（操作：删除）
病毒 2008-07-16 15:24:45 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\explorer.exe中 Win32.PSWTroj.OnLineGames.7529 处理成功（操作：删除）
病毒 2008-07-16 15:24:45 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\DbgHlp32.exe中 Win32.Troj.OnLineGamesT.gr.2637 处理成功（操作：删除）
病毒 2008-07-16 15:24:45 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\dbctac.exe中 Win32.Troj.OnlineGames.av.17530 处理成功（操作：删除）
病毒 2008-07-16 15:24:45 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\csrssq.exe中 Win32.Troj.DownloaderT.m.101715 处理成功（操作：删除）
病毒 2008-07-16 15:24:45 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\cmdbcs.exe中 Win32.Troj.OnlineGameT.bc.270336 处理成功（操作：删除）
病毒 2008-07-16 15:24:44 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\avzxnst.exe中 Win32.Troj.OnlineGamesT.zy.90112 处理成功（操作：删除）
病毒 2008-07-16 15:24:44 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\avwljst.exe中 Win32.PSWTroj.OnLineGames.17408 处理成功（操作：删除）
病毒 2008-07-16 15:24:44 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\avwgist.exe中 Win32.Troj.OnlineGamesT.zy.90112 处理成功（操作：删除）
病毒 2008-07-16 15:24:43 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\AVPSrv.exE中 Win32.Troj.OnlineGames.m.17419 处理成功（操作：删除）
病毒 2008-07-16 15:24:43 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\98032D.exe中 Win32.VirInstaller.Win32.99825 处理成功（操作：删除）
病毒 2008-07-16 15:24:43 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\867348M.exe中 Win32.Troj.LmirT.by.9900 处理成功（操作：删除）
病毒 2008-07-16 15:24:43 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\867348L.exe中 Win32.Troj.OnlineGamesT.gn.48511 处理成功（操作：删除）
病毒 2008-07-16 15:24:43 病毒在文件C:\Documents and Settings\Jerry\桌面\du[1]\du\3ACD3900.EXE中 Win32.TrojDownloader.Flux.bz.151552 处理成功（操作：删除）

显示全部楼层 · 发表于 2008-7-16 15:29:06

显示全部楼层 · 发表于 2008-7-16 15:33:05

木马名称:Trojan-PSW.Win32.OLGames.cnj
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\867348L.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.Lmir.dkk
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\867348M.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Dropper.Win32.Agent.fnq
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\98032D.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.els
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\AVPSRV.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.gdm
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\AVWLJST.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Spy.Win32.Delf.exu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\C8.JPG.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.dry
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\CMDBCS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.eiu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\DBCTAC.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.ddv
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\DBGHLP32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fng
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\HOUFFW.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fng
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\INAXVS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fqc
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\JSQXBZC.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.gdn
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\KASHMAZ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.ghu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\KVDXSNIS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.hvk
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\KVDXSOIS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.ega
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\KVSC3.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.eiu
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\LKZSPN.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.gee
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\LOTUSHLP.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.QQPass.hhq
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\LSASSJ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.eex
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\LUYZGJ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.dlx
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\MSIMMS32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fcg
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\MSPRINT32D.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Small.spt
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\MY_70411.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.QQHelper.gco
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\MY_70414.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fng
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\NVDISPDRV.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.hko
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\OKMHFAZ.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.eya
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\PTSSHELL.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fng
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\RBNNIL.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.hwy
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\RSJZBSP.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Spy.Win32.Delf.eyq
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\SA.JPG.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.eit
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\SSLDYN.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan.Win32.Genetik.ezf
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\SVCHOST.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fza
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\UPXDND.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-Downloader.Win32.Delf.jhh
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\UUSEE107444.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fkg
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\WINFORM.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fkh
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\WSOCKDRV32.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

木马名称:Trojan-PSW.Win32.OLGames.fqa
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\DU[1]\DU\WSZJEAX.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

显示全部楼层 · 发表于 2008-7-16 15:37:05

Start of the scan: 2008年7月15日星期二  22:47

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\du'
C:\Documents and Settings\Administrator\桌面\du\du\3ACD3900.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
   [NOTE]    The file was moved to '48bfb8c8.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\867348L.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was moved to '48b3b8be.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\867348M.exe
   [DETECTION] Is the Trojan horse TR/Spy.Gen
   [NOTE]    The file was moved to '493a7c9f.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\98032D.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.dko
   [NOTE]    The file was moved to '48acb8c0.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\AVPSrv.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48ccb8df.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\avwgist.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48f3b8ff.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\avwljst.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.C
   [NOTE]    The file was moved to '497a7d20.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\avzxnst.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48f6b900.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\c8.jpg.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Delf.awx
   [NOTE]    The file was moved to '48aab8c2.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\ck3.jpg.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Delf.awv
   [NOTE]    The file was moved to '48afb8f5.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\cmdbcs.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48e0b8f8.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\csrssq.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nde
   [NOTE]    The file was moved to '48eeb8fe.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\dbctac.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48dfb8ed.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\DbgHlp32.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48e3b8ee.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\explorer.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.ode.4
   [NOTE]    The file was moved to '48ecb904.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\gjfhbzc.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48e2b8f6.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\houffw.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48f1b8fc.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\in26.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nix
   [NOTE]    The file was moved to '48aeb8fb.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\inaxvs.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48ddb8fb.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\jdwmsjvv.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.myf
   [NOTE]    The file was moved to '48f3b8f1.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\jsqxbzc.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48edb901.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\kafymaz.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48e2b8ef.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\kashmaz.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48efb8ef.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\kvdxsnis.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48e0b905.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\kvdxsois.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '49697d26.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\Kvsc3.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48efb905.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\lkzspn.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48f6b8fb.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\LotusHlp.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48f0b8ff.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\lsassj.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.QQpass.aqp
   [NOTE]    The file was moved to '48ddb903.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\luyzgj.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48f5b905.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\LYLOADER.EXE
--> Object
   [1] Archive type: RSRC
   --> Object
         [DETECTION] Is the Trojan horse TR/PSW.Online.agb.2
   --> Object
         [DETECTION] Is the Trojan horse TR/PSW.Online.gyo.2
   [NOTE]    The file was moved to '48c8b8ea.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\MsIMMs32.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48c5b904.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\MsPrint32D.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48ccb904.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\my_70411.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.cfh
   [NOTE]    The file was moved to '48dbb90b.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\my_70414.exe
   [DETECTION] Is the Trojan horse TR/Dldr.QQHelper.akk
   [NOTE]    The file was moved to '49527d2c.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\NVDispDRV.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48c0b8e8.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\NvSys_55.Sys
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.aqp
   [NOTE]    The file was moved to '48cfb908.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\okmhfaz.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48e9b8fe.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\PTSShell.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48cfb8e7.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\raqjltl.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48edb8f4.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\raqjmtl.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48edb8f5.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\rarjftl.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nkk
   [NOTE]    The file was moved to '48eeb8f5.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\ratbutl.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48f0b8f5.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\rbnnil.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48eab8f7.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\rsjzbsp.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.F
   [NOTE]    The file was moved to '48e6b908.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\rundll.exe
   [DETECTION] Is the Trojan horse TR/Agent.DUJ
   [NOTE]    The file was moved to '48eab90a.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\sa.jpg.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Spy.Delf.NHF.12
   [NOTE]    The file was moved to '48aab8f7.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\SSLDyn.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48c8b8e9.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\svchost.exe
   [DETECTION] Is the Trojan horse TR/Agent.20992.23
   [NOTE]    The file was moved to '48dfb90c.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\tfw1.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.hhm.2
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '48f3b8fd.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48f4b907.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\uusee107444.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
   [NOTE]    The file was moved to '48efb90c.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\WinForm.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48eab901.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\WSockDrv32.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48ebb8eb.qua'!
C:\Documents and Settings\Administrator\桌面\du\du\wszjeax.exe
--> Object
   [1] Archive type: RSRC
   --> Object
      [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was moved to '48f6b90b.qua'!

End of the scan: 2008年7月15日星期二  22:47
Used time: 00:26 min

The scan has been done completely.

   2 Scanning directories
   56 Files were scanned
   57 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   55 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   -1 Files not concerned
   0 Archives were scanned
   0 Warnings
   55 Notes

显示全部楼层 · 发表于 2008-7-16 15:48:20

用G DATA AntiVirus检测病毒
版本 18.5.8071.731
病毒特征库日期 2008/7/16
开始时间： 2008/7/16 15:47
引擎：引擎A (AVK 18.4511), 引擎B (AVKB 18.349)
启发式：开启
档案文件：开启
系统区域：开启

检测系统区域...
检测以下目录和文件：
检测执行时间： 2008/7/16 15:47
56个文件已检测
55个受感染文件
0个可疑文件被发现

显示全部楼层 · 发表于 2008-7-16 15:58:31

费尔54个

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Trojan.PSW.Win32.GameOL.gbk
病毒： Trojan.PSW.Win32.GamesOnline.ek
病毒： Trojan.DL.Win32.Mnless.so
病毒： Trojan.DL.Win32.Mnless.zp
病毒： Trojan.PSW.Win32.QQPass.zfo
病毒： Trojan.PSW.Win32.GameOL.olw
病毒： Trojan.Win32.Undef.ca
病毒： Trojan.PSW.Win32.GameOL.llv
病毒： Trojan.DL.Win32.Autorun.yyn
病毒： Trojan.Win32.Edog.q
病毒： Trojan.DL.Win32.Delf.fwj
病毒： Trojan.Win32.Undef.dr
病毒： Trojan.PSW.Win32.GamesOnline.gn
病毒： Trojan.PSW.Win32.LMir.yys
病毒： Dropper.Win32.Agent.zbx
病毒： AdWare.Win32.Agent.zoi
病毒： Trojan.PSW.Win32.GameOL.llw
病毒： Trojan.PSW.Win32.GameOL.ldi
病毒： Trojan.PSW.Win32.OnlineGames.GEN
病毒： Trojan.PSW.Win32.GamesOnline.fx
病毒： Trojan.PSW.Win32.GamesOnline.ey
病毒： Worm.Win32.PaBug.fy

用户来源：互联网

软件版本：20.53.20

53个

显示全部楼层 · 发表于 2008-7-16 17:16:41

我也测试一下啊。

显示全部楼层 · 发表于 2008-7-16 17:28:24

EAV 53个

C:\Documents and Settings\Administrator\桌面\du\du\3ACD3900.EXE - Win32/TrojanDownloader.Flux 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\867348L.exe - Win32/PSW.WOW.WU 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\867348M.exe - Win32/PSW.WOW.WU 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\98032D.exe - Win32/TrojanClicker.BHO.NAT 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\AVPSrv.exE - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\avwgist.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\avwljst.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\avzxnst.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\c8.jpg.exe - 可能是 Win32/Genetik 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\ck3.jpg.exe - 可能是 Win32/Spy.Delf.PG 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\cmdbcs.exe - Win32/PSW.OnLineGames.YA 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\csrssq.exe - Win32/PSW.OnLineGames.NMN 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\dbctac.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\DbgHlp32.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\explorer.exe - Win32/TrojanDownloader.Small.NZL 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\gjfhbzc.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\houffw.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\in26.exe - Win32/PSW.OnLineGames.NMN 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\inaxvs.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\jdwmsjvv.exe - Win32/PSW.OnLineGames.NMN 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\jsqxbzc.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\kafymaz.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\kashmaz.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\kvdxsnis.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\kvdxsois.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\Kvsc3.exE - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\lkzspn.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\LotusHlp.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\lsassj.exe - Win32/PSW.QQPass.NCZ 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\luyzgj.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\LYLOADER.EXE - Win32/PSW.Agent.NEC 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\MsIMMs32.exE - Win32/PSW.OnLineGames.OAR 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\MsPrint32D.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\my_70411.exe - 可能是 Win32/TrojanDownloader.Small 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\my_70414.exe - Win32/TrojanDownloader.QQHelper.NED 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\NVDispDRV.EXE - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\NvSys_55.Sys - Win32/PSW.QQPass.NCZ 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\okmhfaz.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\PTSShell.exe - 可能是 Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\raqjltl.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\raqjmtl.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\rarjftl.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\ratbutl.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\rbnnil.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\rsjzbsp.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\SSLDyn.exE - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\svchost.exe - 可能是 Win32/PSW.OnLineGames.NMO 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\tfw1.exe - Win32/TrojanDownloader.Small.HLV 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\upxdnd.exe - Win32/PSW.OnLineGames.OAR 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\uusee107444.exe - Win32/TrojanDownloader.Delf.OCQ 特洛伊木马
C:\Documents and Settings\Administrator\桌面\du\du\WinForm.exE - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\WSockDrv32.exe - Win32/PSW.OnLineGames.NFL 特洛伊木马的变种
C:\Documents and Settings\Administrator\桌面\du\du\wszjeax.exe - Win32/PSW.OnLineGames.FDY 特洛伊木马的变种

显示全部楼层 · 发表于 2008-7-17 08:44:04

Start of the scan: 2008年7月17日  08:43

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\du.part3.rar'
C:\Documents and Settings\Administrator\桌面\du.part3.rar
  [0] Archive type: RAR
  --> du\MsIMMs32.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\MsPrint32D.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\my_70411.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.cfh
  --> du\my_70414.exe
   [DETECTION] Is the Trojan horse TR/Dldr.QQHelper.akk
  --> du\NVDispDRV.EXE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\NvSys_55.Sys
   [DETECTION] Is the Trojan horse TR/PSW.QQpass.aqp
--> du\okmhfaz.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> du\PTSShell.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> du\raqjltl.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\raqjmtl.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\rarjftl.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nkk
--> du\ratbutl.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> du\rbnnil.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> du\rsjzbsp.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.F
  --> du\rundll.exe
   [DETECTION] Is the Trojan horse TR/Agent.DUJ
--> du\sa.jpg.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Spy.Delf.NHF.12
  --> du\SSLDyn.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\svchost.exe
   [DETECTION] Is the Trojan horse TR/Agent.20992.23
--> du\tfw1.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Dldr.Agent.hhm.2
  --> du\upxdnd.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\uusee107444.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Delphi.Gen
  --> du\WinForm.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\WSockDrv32.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> du\wszjeax.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
   [NOTE]    The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\du[1].part1.rar'
C:\Documents and Settings\Administrator\桌面\du[1].part1.rar
  [0] Archive type: RAR
  --> du\3ACD3900.EXE
   [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> du\98032D.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.dko
  --> du\AVPSrv.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> du\avwgist.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\avwljst.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.C
--> du\avzxnst.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\c8.jpg.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Spy.Delf.awx
--> du\ck3.jpg.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/Spy.Delf.awv
  --> du\cmdbcs.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\csrssq.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nde
  --> du\dbctac.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\DbgHlp32.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!
Begin scan in 'C:\Documents and Settings\Administrator\桌面\du[1].part2.rar'
C:\Documents and Settings\Administrator\桌面\du[1].part2.rar
  [0] Archive type: RAR
--> du\gjfhbzc.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> du\houffw.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\in26.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.nix
  --> du\inaxvs.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\jdwmsjvv.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.myf
--> du\jsqxbzc.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\kafymaz.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\kashmaz.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\kvdxsnis.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
--> du\kvdxsois.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/WuDisable.B
  --> du\Kvsc3.exE
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\lkzspn.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> du\LotusHlp.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
--> du\lsassj.exe
   --> Object
      [2] Archive type: RSRC
      --> Object
         [DETECTION] Is the Trojan horse TR/PSW.QQpass.aqp
  --> du\luyzgj.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was deleted!

[病毒样本] 又一窝病毒包

本帖子中包含更多资源

mcafee

本帖子中包含更多资源

本帖子中包含更多资源

回复 1楼 chabosh 的帖子