一包

显示全部楼层 · 发表于 2007-5-9 17:47:42

在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\00.exe 中发现 Trojan/PSW.GamePass.gzm 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\cmdbs.dll 中发现 Trojan/PSW.GamePass.gxr 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\cmdbs.exe 中发现 Trojan/PSW.GamePass.gqn 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\Ghook.dll 中发现 Trojan/PSW.LMir.gtp 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\MY.exe 中发现 Trojan/PSW.GamePass.hzn 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\QQ.exe 中发现 TrojanDropper.Agent.bdk 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\RemoteDbg.dll 中发现 Trojan/PSW.Agent.dal 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\svchost.exe 中发现 Trojan/PSW.OnLineGames.axk 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\SVCHOS.EXE 中发现 Backdoor/Delf.azi 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\upnpsvc.exe 中发现 Trojan/PSW.Lmir.ccl 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\upxdnd.dll 中发现 Trojan/PSW.OnLineGames.awu 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\upxdnd.exe 中发现 Trojan/PSW.GamePass.hqq 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\winform.dll 中发现 Trojan/PSW.OnLineGames.aud 病毒, 已删除
在 D:\Documents and Settings\Administrator\桌面\桌面[1]\桌面\winform.exe 中发现 Trojan/PSW.OnLineGames.atw 病毒, 已删除
正常结束。

扫描结果:
               文件数 :510                               病毒体 :14
               删除 :14                                  解毒 :0
扫描速度(千字节/秒) :4900                            扫描时间 :00:00:26
扫描文件速度(个/秒) :19

显示全部楼层 · 发表于 2007-5-9 17:52:36

金山在线报8个

金山在线不= 金山杀软

显示全部楼层 · 发表于 2007-5-9 18:21:38

显示全部楼层 · 发表于 2007-5-9 18:39:43

显示全部楼层 · 发表于 2007-5-9 20:53:10

PCC 2007

显示全部楼层 · 发表于 2007-5-9 22:49:44

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\桌面'
C:\Documents and Settings\morgan\My Documents\桌面\桌面\
  00.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
   [INFO]    The file was deleted!
  8888-521ww.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.amx
   [INFO]    The file was deleted!
  cmdbs.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2312
   [INFO]    The file was deleted!
  cmdbs.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ES.2317
   [INFO]    The file was deleted!
  Ghook.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.JJ.80
   [INFO]    The file was deleted!
  MY.exe
   [DETECTION] Is the Trojan horse TR/Agent.22016.B
   [INFO]    The file was deleted!
  npptools.dll
  Packet.dll
  QQ.exe
   [DETECTION] Is the Trojan horse TR/Drop.Spy.Pca.A.1
   [INFO]    The file was deleted!
  RemoteDbg.dll
   [DETECTION] Is the Trojan horse TR/Agent.22016.B
   [INFO]    The file was deleted!
  shualai.dll
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '46b6e028.qua'!
  shualai.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was moved to '471f5aed.qua'!
  SVCHOS.EXE
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Delf.LS Backdoor server programs
   [INFO]    The file was deleted!
  svchost.exe
   [DETECTION] Is the Trojan horse TR/PSW.Onlinegames.EU.9
   [INFO]    The file was deleted!
  UPnPSvc.dll
  upnpsvc.exe
   [DETECTION] Is the Trojan horse TR/PSW.Lmir.amj.23
   [INFO]    The file was deleted!
  upxdnd.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.RC.21
   [INFO]    The file was deleted!
  upxdnd.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.RC.30
   [INFO]    The file was deleted!
  WanPacket.dll
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/ForBot.T Backdoor server programs
   [INFO]    The file was deleted!
  windhcp.ocx
   [DETECTION] Is the Trojan horse TR/Agent.22016.B
   [INFO]    The file was deleted!
  winform.dll
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.QY.21
   [INFO]    The file was deleted!
  winform.exe
   [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.QY.16
   [INFO]    The file was deleted!
  wpcap.dll
C:\Documents and Settings\morgan\My Documents\桌面\桌面\system\sysbacks\
  AntiAdwa.exe
   [DETECTION] Contains suspicious code HEUR/Crypted
   [INFO]    The file was moved to '46b5e030.qua'!
  avps.exe
   [DETECTION] Is the Trojan horse TR/Drop.Agent.amx
   [INFO]    The file was deleted!
  dllhosts.dll
   [DETECTION] Is the Trojan horse TR/Agent.die.2
   [INFO]    The file was deleted!
  novel.exe
   [DETECTION] Is the Trojan horse TR/Agent.TL.42
   [INFO]    The file was deleted!

End of the scan: 2007年5月9日  07:50
Used time: 00:12 min

The scan has been done completely.

   4 Scanning directories
   27 Files were scanned
   23 viruses and/or unwanted programs were found
   3 classified as suspicious:
   20 files were deleted
   0 files were repaired
   3 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   1 Files not concerned
   0 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-5-10 04:07:23

扫描引擎 10.00.600
病毒库日期 2007-05-09
更新日期 2007-05-10

扫描目标 C:\Documents and Settings\mrly\My Documents\桌面\

开始时间 2007-05-10 04:07:14

在 C:\Documents and Settings\mrly\My Documents\桌面\cmdbs.dll 中发现 Trojan/PSW.GamePass.gxr 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\cmdbs.exe 中发现 Trojan/PSW.GamePass.gqn 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\Ghook.dll 中发现 Trojan/PSW.LMir.gtp 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\00.exe 中发现 Trojan/PSW.GamePass.gzm 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\MY.exe 中发现 Trojan/PSW.GamePass.hzn 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\QQ.exe 中发现 TrojanDropper.Agent.bdk 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\RemoteDbg.dll 中发现 Trojan/PSW.Agent.dal 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\svchost.exe 中发现 Trojan/PSW.OnLineGames.axk 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\SVCHOS.EXE 中发现 Backdoor/Delf.azi 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\upnpsvc.exe 中发现 Trojan/PSW.Lmir.ccl 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\upxdnd.exe 中发现 Trojan/PSW.GamePass.hqq 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\upxdnd.dll 中发现 Trojan/PSW.OnLineGames.awu 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\winform.dll 中发现 Trojan/PSW.OnLineGames.aud 病毒, 已删除
在 C:\Documents and Settings\mrly\My Documents\桌面\winform.exe 中发现 Trojan/PSW.OnLineGames.atw 病毒, 已删除
正常结束。

扫描结果:
               文件数 :27                               病毒体 :14
               删除 :14                                  解毒 :0
扫描速度(千字节/秒) :1014                            扫描时间 :00:00:01
扫描文件速度(个/秒) :27

显示全部楼层 · 发表于 2007-5-11 10:45:14

木马名称:Trojan.Win32.Agent.fpj
程序:
I:\TEST\070509\4\桌面[1]\桌面\SYSTEM\SYSBACKS\DLLHOSTS.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Agent.clf
程序:
I:\TEST\070509\4\桌面[1]\桌面\CMDBS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Agent.fpb
程序:
I:\TEST\070509\4\桌面[1]\桌面\MY.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Agent.fht
程序:
I:\TEST\070509\4\桌面[1]\桌面\SVCHOS.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Magania.kh
程序:
I:\TEST\070509\4\桌面[1]\桌面\SVCHOST.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.cxk
程序:
I:\TEST\070509\4\桌面[1]\桌面\UPXDND.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.coq
程序:
I:\TEST\070509\4\桌面[1]\桌面\WINFORM.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

[病毒样本] 一包

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

如图

本帖子中包含更多资源