微点交流论坛

标题: 误报 [打印本页]

作者: 纪念-蛋蛋 时间: 2009-3-21 13:56 标题: 误报

http://xunlei1.greendown.cn//200903/PowerISO.rar

时间处理结果木马名称木马进程名木马文件创建者
2009-03-21 13:57:34 处理成功未知木马 D:\PROGRAM FILES\POWERISO\POWERISO.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE
2009-03-21 13:57:07 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\安装.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:07 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\安装.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:07 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\影音播放\MPLAYER.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:07 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\影音播放\千千静听.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:07 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\SUPER_PI\SUPER_PI.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\MEMTEST\MEMTEST.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\FILEMON\FILEMON.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\EVEREST\EVEREST.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\DISPLAYX\DISPLAYX.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\CPUZ\CPUZ.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\CCD坏点检测\CCD_CHECK.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\系统检测\ATTO\DISK_BENCH32.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\微软中国日历\ICALCLK.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINRAR\WINRAR.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPM\BIONT.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPM\CHS_RC.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPM\HDM.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPM\WINPM.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\CLEANTEMP.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\LANSEEV1.59.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\PASSWDRENEW.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\RUNSCANNER.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\RUNSCANNERDLL.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\SERVICESPE.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\SETPAGEFILE.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\SETUPXP.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINPE_TOOLS\SYSTEMRESTORE.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINIMAGE\WINIMACN.T32 D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\WINIMAGE\WINIMAGE.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\VDM\VDD-X86.SYS D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:06 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\VDM\VDM1.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\VDM\VDM2.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\ULTRAISO\ULTRAISO.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\ULTRAEDIT\SSCE4332.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\ULTRAEDIT\UEDIT32.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\THUNDER\THUNDER5.0.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\REGSNAP\REGSNAP.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PTDD3.0\PTDD3.0.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PE_OUTERPART\INFCACHEBUILD.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PE_OUTERPART\MMC.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PE_OUTERPART\NET_PART.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PE_OUTERPART\OUTER_BASE.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PE_OUTERPART\OUTER_COMMON.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\PE_OUTERPART\SOUND_PART.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\NDD2006\NDD32.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\MSVCD\VCDROM.SYS D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\MSVCD\VCDTOOL.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\MINIQQ\MINIQQ.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\IE6.0\IE6_SETUP.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\HYPERSNAP6\HPRSNAP6.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\GHOST8\GHOST32.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\GHOST8\GHOSTEXP.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:57:05 处理成功未知木马 C:\DOCUMENTS AND

作者: 纪念-蛋蛋 时间: 2009-3-21 13:57
今天闲来无事，做一个U盘pe，没虚拟光驱，于是下一个就是帖子里给的地址，BootCD_XP_070418.ISO这个是pe的镜像文件名，上次还用的好好的，这次用工具一打开，报蠕虫，还是已命名的，吓我一跳啊

日志太长竟然贴不上来
------------------------------------------------------------------------------------------------
微点主动防御软件预升级
程序版本： 1.2.10580.0197
特征版本： 1.6.1050.090320
更新时间： 2009-03-20 17:39:22

版权所有 (C) 2005-2008 Micropoint Corporation

北京东方微点信息技术有限责任公司
福建东方微点信息安全有限责任公司

信箱：support@micropoint.com.cn
网址：http://www.micropoint.com.cn

作者: 纪念-蛋蛋 时间: 2009-3-21 14:00
时间处理结果蠕虫名称蠕虫进程名蠕虫文件创建者
2009-03-21 13:43:15 处理成功 Worm.Win32.Agent.goy C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\外置程序\REGSNAP\REGSNAP.EXE D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:43:04 处理成功 Worm.Win32.Agent.kcw C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\WINPE安装\MYINS\FORMATS\NEWHIT.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE
2009-03-21 13:42:57 用户取消 Worm.Win32.Agent.kcv C:\DOCUMENTS AND SETTINGS\VISTA\LOCAL SETTINGS\TEMP\$POWERISO$\WINPE安装\MYINS\CODECS\DEFLATE.DLL D:\PROGRAM FILES\POWERISO\POWERISO.EXE

作者: Legend 时间: 2009-3-21 14:01
请楼主将被报警文件“POWERISO.EXE”连同微点技术支持信息（微点主界面-->辅助功能-->生成技术支持信息）发送到我们support@micropoint.com.cn 邮箱，随信请附带此贴链接。我们会尽快分析处理。发送完请把您的邮箱地址用论坛短消息发给我们，便于对您的问题的跟踪处理。

[ Last edited by Legend on 2009-3-21 at 14:02 ]

作者: 纪念-蛋蛋 时间: 2009-3-21 14:05
你们不能自己去下载吗？地址已经给出了，

BootCD_XP_070418.ISO是老毛桃修改扬州烟花三月纪念版

我这人懒啊，嘿嘿:lol:

作者: 纪念-蛋蛋 时间: 2009-3-21 14:08
系统，xp sp2 所有补丁都打了

作者: 纪念-蛋蛋 时间: 2009-3-21 14:10
昨天装了个ie8

那个pe镜像年前还用过，不过虚拟光驱用的是demxxx tool那个

作者: Legend 时间: 2009-3-21 14:13
楼主提供的链接打不开，请楼主重新给我们提供一下，或者按照3楼提示发送相关信息

作者: stht1986 时间: 2009-3-21 14:17
迅雷下载连接

我用的也是绿色下载站的POWERISO，没有发现有问题

作者: 纪念-蛋蛋 时间: 2009-3-21 20:18
to：legend 用迅雷下载

欢迎光临微点交流论坛 (http://bbs.micropoint.com.cn/)

bbs.micropoint.com.cn