11x

hddu

11x

Sebastian

Starting the file scan:

Begin scan in 'D:\kafan\新建文件夹'
D:\kafan\新建文件夹\102964.exe
    [DETECTION] Is the TR/Obfuscated.E.32 Trojan
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\1204.exe
  [0] Archive type: RAR SFX (self extracting)
    [DETECTION] Contains recognition pattern of the DR/Agent.AT.1 dropper
    --> xboxcenter.dll
      [DETECTION] Contains recognition pattern of the DR/Agent.UT.4.B dropper
    --> ehuupdate.exe
      [DETECTION] Contains recognition pattern of the DR/Agent.UT.4.A dropper
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\166.exe
    [DETECTION] Is the TR/Drop.Cdnup.A.3 Trojan
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\bg_JW.exe
  [0] Archive type: NSIS
    [DETECTION] Is the TR/Drop.Boran.I.3 Trojan
    --> [ProgramFilesDir]/baigoo/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/Boran.I.16.B adware or spyware
    --> [ProgramFilesDir]/baigoo/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/Boran.I.16.D adware or spyware
    --> [ProgramFilesDir]/baigoo/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/Boran.I.12 adware or spyware
    --> [ProgramFilesDir]/baigoo/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/Boran.I.16.E adware or spyware
    --> [ProgramFilesDir]/baigoo/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/Agent.90112.A adware or spyware
    --> [ProgramFilesDir]/baigoo/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/Boran.I.9 adware or spyware
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\boba_super_update-1.0.0.1_zy_003.exe
    [DETECTION] Is the TR/Drop.Agent.YZ.2 Trojan
    --> Settings/update.exe
      [DETECTION] Is the TR/Dldr.Agent.YZ.1 Trojan
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\caishow.exe
  [0] Archive type: RAR SFX (self extracting)
    [DETECTION] Contains recognition pattern of the DR/Agent.asa.2 dropper
    --> tool.exe
      [DETECTION] Contains recognition pattern of the ADSPY/Dm.G.2 adware or spyware
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\newweb10291.EXE
    [DETECTION] Is the TR/Drop.NewWeb.A.2 Trojan
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\RssInstaller.exe
    [DETECTION] Contains recognition pattern of the ADSPY/AdMedia.G.1 adware or spyware
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\setup.exe
    [DETECTION] Contains recognition pattern of the ADSPY/Wsearch.K adware or spyware
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\setup10.exe
    [DETECTION] Contains recognition pattern of the ADSPY/Bho.I adware or spyware
    [NOTE]      The file was deleted!
D:\kafan\新建文件夹\wd2_051117_nbcr153_mini.exe
    [DETECTION] Contains recognition pattern of the ADSPY/Drop.AllSum.A adware or spyware
    --> [UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/AllSum.C.2 adware or spyware
    --> [SystemDir]/msicn/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/AllSum.A.7 adware or spyware
    --> [SystemDir]/msicn/[UnknownDir]
      [DETECTION] Contains recognition pattern of the ADSPY/AllSum.D adware or spyware
    [NOTE]      The file was deleted!


End of the scan: 2009年5月14日  13:15
Used time: 00:02 Minute(s)

The scan has been done completely.

      1 Scanned directories
     32 Files were scanned
     24 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
     11 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      8 Files not concerned
      5 Archives were scanned
      0 Warnings
     11 Notes


D:\kafan\新建文件夹\166.exe         已检测: Trojan-Dropper.Agent!IK
D:\kafan\新建文件夹\1204.exe/xboxcenter.dll         已检测: Trojan.Win32.Agent!IK
D:\kafan\新建文件夹\1204.exe/ehuupdate.exe         已检测: Trojan.Win32.Agent!IK
D:\kafan\新建文件夹\102964.exe         已检测: Trojan-Spy.Win32.Agent.om!IK
D:\kafan\新建文件夹\bg_JW.exe/$R0         已检测: AdWare.Win32.Baigoo!IK
D:\kafan\新建文件夹\boba_super_update-1.0.0.1_zy_003.exe/update.exe         已检测: Trojan-Downloader.Win32.Podcast!IK
D:\kafan\新建文件夹\caishow.exe/tool.exe         已检测: Riskware.AdWare.Win32.Dm.g!IK
D:\kafan\新建文件夹\newweb10291.EXE         已检测: Riskware.AdWare.Win32.NewWeb!IK
D:\kafan\新建文件夹\RssInstaller.exe         已检测: Riskware.AdWare.Win32.AdMedia.g!IK
D:\kafan\新建文件夹\setup10.exe/MSHLP.DLL         已检测: Riskware.AdWare.Win32.IEHlpr!IK
D:\kafan\新建文件夹\setup.exe         已检测: Riskware.AdWare.Win32.WSearch.j!IK
D:\kafan\新建文件夹\wd2_051117_nbcr153_mini.exe/$R0         已检测: Riskware.AdWare.Win32.AllSum.c!IK

[ 本帖最后由 Sebastian 于 2009-5-14 13:16 编辑 ]

kingmuro

2009-05-14 13:20:57        gxf        2548        Sign of "Win32:Dynk [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\102964.exe\[UPX]" file.  
2009-05-14 13:21:01        gxf        2548        Sign of "Win32:Agent-AMC [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\1204.exe\xboxcenter.dll" file.  
2009-05-14 13:21:01        gxf        2548        Sign of "Win32:Agent-AMB [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\1204.exe\ehuupdate.exe" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\166.exe\[ASPack]\[Embedded_I#17da8]" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Baigoo [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe\$INSTDIR\plugin\bgoobar\$R0" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe\$INSTDIR\plugin\bgoobar\$R0" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Boran-T [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe\$INSTDIR\plugin\bgoobar\$R0" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe\$INSTDIR\plugin\bgoobar\$R0" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe\$INSTDIR\plugin\bgoobar\$R0" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Baigoo-B [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe\$INSTDIR\plugin\bgoobar\$R0" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\bg_JW.exe" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\boba_super_update-1.0.0.1_zy_003.exe\$INSTDIR\update.exe" file.  
2009-05-14 13:21:02        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\boba_super_update-1.0.0.1_zy_003.exe" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\newweb10291.EXE\Wise0007.bin" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\newweb10291.EXE\Wise0008.bin\$WINDIR\system\java.exe" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Agent-BFD [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\RssInstaller.exe" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\setup10.exe\$INSTDIR\MSHLP.DLL" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\setup10.exe" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\wd2_051117_nbcr153_mini.exe\$SYSDIR\spoolsv\$R0" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Agent-GII [Trj]" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\wd2_051117_nbcr153_mini.exe\$INSTDIR\$R0" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\wd2_051117_nbcr153_mini.exe\$INSTDIR\$R0" file.  
2009-05-14 13:21:03        gxf        2548        Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\gxf\桌面\110\新建文件夹[1]\新建文件夹\wd2_051117_nbcr153_mini.exe" file.

einnawy

微点扫描报10

黑衣~魂

DW KILL ALL
102964.exe;D:\Documents and Settings\Administrator\桌面\tr03;Trojan.DownLoader.37952;Deleted.;
1204.exe\xboxcenter.dll;D:\Documents and Settings\Administrator\桌面\tr03\1204.exe;Adware.Filmweb;;
1204.exe\ehuupdate.exe;D:\Documents and Settings\Administrator\桌面\tr03\1204.exe;Trojan.Ehu;;
1204.exe;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;Deleted.;
166.exe;D:\Documents and Settings\Administrator\桌面\tr03;Adware.Cdn.503;Deleted.;
bg_JW.exe\data002;D:\Documents and Settings\Administrator\桌面\tr03\bg_JW.exe;Adware.Baigoo;;
bg_JW.exe\data004;D:\Documents and Settings\Administrator\桌面\tr03\bg_JW.exe;Adware.Baigoo;;
bg_JW.exe\data005;D:\Documents and Settings\Administrator\桌面\tr03\bg_JW.exe;Adware.Baigoo;;
bg_JW.exe\data006;D:\Documents and Settings\Administrator\桌面\tr03\bg_JW.exe;Adware.Baigoo;;
bg_JW.exe\data007;D:\Documents and Settings\Administrator\桌面\tr03\bg_JW.exe;Adware.Baigoo;;
bg_JW.exe\data008;D:\Documents and Settings\Administrator\桌面\tr03\bg_JW.exe;Adware.Baigoo;;
bg_JW.exe;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;Deleted.;
boba_super_update-1.0.0.1_zy_003.exe\data005;D:\Documents and Settings\Administrator\桌面\tr03\boba_super_update-1.0.0.1_zy_003.exe;Trojan.DownLoader.10376;;
boba_super_update-1.0.0.1_zy_003.exe;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;Deleted.;
caishow.exe\tool.exe;D:\Documents and Settings\Administrator\桌面\tr03\caishow.exe;Adware.Caishow;;
caishow.exe;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;Deleted.;
newweb10291.EXE\data007;D:\Documents and Settings\Administrator\桌面\tr03\newweb10291.EXE;Adware.Newweb;;
newweb10291.EXE/data008\data002;D:\Documents and Settings\Administrator\桌面\tr03\newweb10291.EXE/data008;Trojan.Ehu;;
data008;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;;
newweb10291.EXE;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;Deleted.;
RssInstaller.exe;D:\Documents and Settings\Administrator\桌面\tr03;Adware.Dodoor;Deleted.;
setup.exe;D:\Documents and Settings\Administrator\桌面\tr03;Adware.Msearch;Deleted.;
setup10.exe\data003;D:\Documents and Settings\Administrator\桌面\tr03\setup10.exe;Adware.Cacb;;
setup10.exe;D:\Documents and Settings\Administrator\桌面\tr03;Archive contains infected objects;Deleted.;
wd2_051117_nbcr153_mini.exe;D:\Documents and Settings\Administrator\桌面\tr03;Adware.CFS;Deleted.;

BING126

McAfee 全灭。。