一大包 26个

qianwenxiang

[MD5: BC45F6 340C40 C40A56 34428F D40F9D 09C683 7AE1A5 6C63D0 0A1A82 295A7D F2B469 5C31A1 5C31A1 75D82F 084FB6 3F8465 40F224 ABC7C6 111EC7 43A3C6 D5D541 E3A2B6 76A2E5 4D749C A3B873 4156DA]

13exe 10dll 2ocx 1chm

The EQs

Scan performed at: 2007-7-24 15:54:24
Scanning Log
NOD32 version 2415 (20070723) NT
Command line: C:\Documents and Settings\EQ2\桌面\suspicious_(26)
Operating memory - is OK

Date: 24.7.2007  Time: 15:54:30
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\suspicious_(26)\
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (10).EXE - Win32/Agent.NEM trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (11).EXE - Win32/PSW.Agent.NEW trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (12).DLL - Win32/PSW.OnLineGames.NBW trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (13).OCX - a variant of Win32/Agent.NIK trojan
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (14).EXE - Win32/PSW.Agent.NFZ trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (16).dll - Win32/PSW.OnLineGames.NBD trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (18).DLL - Win32/PSW.OnLineGames.NBQ trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (19).EXE - a variant of Win32/PSW.OnLineGames.RC trojan
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (2).DLL - probably a variant of Win32/PSW.Delf.NDI trojan
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (21).EXE - Win32/PSW.OnLineGames.NBQ trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (24).exe - probably a variant of Win32/PSW.QQPass.VD trojan
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (25).exe - Win32/PSW.OnLineGames.UW trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (26).dll - probably a variant of Win32/Spy.Delf.PG trojan
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (6).exe - Win32/PSW.Agent.NDP trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (7).exe - a variant of Win32/PSW.OnLineGames.NDA trojan
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (8).exe - Win32/Virut.B virus - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\suspicious_(26)\Suspicious (9).EXE - Win32/Viking.CH virus - quarantined - unable to clean - deleted
Number of scanned files: 26
Number of threats found: 17
Number of files cleaned: 17
Time of completion: 15:54:34 Total scanning time: 4 sec (00:00:04)

dragonkf

Start of the scan: 2007年7月24日  15:54

Starting the file scan:

Begin scan in 'E:\测试'
E:\测试\suspicious (26)[1].part1.rar
  [0] Archive type: RAR
  --> Suspicious (7).exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Suspicious (9).EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
  --> Suspicious (10).EXE
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.4 Backdoor server programs
  --> Suspicious (11).EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.SL.146
  --> Suspicious (12).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.SL.151
  --> Suspicious (13).OCX
      [DETECTION] Is the Trojan horse TR/Agent.22016.B
  --> Suspicious (14).EXE
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
  --> Suspicious (15).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.TN.1
  --> Suspicious (17).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.TN.1
  --> Suspicious (18).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.SY.48
  --> Suspicious (19).EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
  --> Suspicious (21).EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.AUP.148
      [INFO]      The file was deleted!
E:\测试\suspicious (26)[1].part2.rar
  [0] Archive type: RAR
  --> Suspicious (24).exe
      [DETECTION] Is the Trojan horse TR/PSW.QQPass.WM.18
  --> Suspicious (25).exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
  --> Suspicious (26).dll
      [DETECTION] Is the Trojan horse TR/Adclicker.FD.1
  --> Suspicious (16).dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.LJ.14
  --> Suspicious (8).exe
      [DETECTION] Contains code of the Windows virus W32/Virut.B
  --> Suspicious (2).DLL
      [DETECTION] Contains suspicious code HEUR/Malware
  --> Suspicious (3).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was deleted!
E:\测试\suspicious (26)[1].part3.rar
  [0] Archive type: RAR
  --> Suspicious (6).exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!


End of the scan: 2007年7月24日  15:55
Used time: 00:19 min

dragonkf

suspicious (26)[1].part1.rar\Suspicious (9).EXE;E:\测试\suspicious (26)[1].part1.rar;Win32.HLLW.Gavir.54;;
suspicious (26)[1].part1.rar\Suspicious (10).EXE;E:\测试\suspicious (26)[1].part1.rar;Trojan.Sniff;;
suspicious (26)[1].part1.rar\Suspicious (11).EXE;E:\测试\suspicious (26)[1].part1.rar;Trojan.PWS.Wsgame;;
suspicious (26)[1].part1.rar\Suspicious (12).DLL;E:\测试\suspicious (26)[1].part1.rar;Trojan.DownLoader.23977;;
suspicious (26)[1].part1.rar\Suspicious (13).OCX;E:\测试\suspicious (26)[1].part1.rar;Trojan.Havedo;;
suspicious (26)[1].part1.rar\Suspicious (14).EXE;E:\测试\suspicious (26)[1].part1.rar;Trojan.PWS.Gamania.2799;;
suspicious (26)[1].part1.rar\Suspicious (18).DLL;E:\测试\suspicious (26)[1].part1.rar;Trojan.DownLoader.23978;;
suspicious (26)[1].part1.rar\Suspicious (19).EXE;E:\测试\suspicious (26)[1].part1.rar;Trojan.PWS.Wsgame;;
suspicious (26)[1].part1.rar\Suspicious (21).EXE;E:\测试\suspicious (26)[1].part1.rar;Trojan.PWS.Wsgame;;
suspicious (26)[1].part1.rar;E:\测试;档案文件已被病毒感染;已删除.;
suspicious (26)[1].part2.rar\Suspicious (24).exe;E:\测试\suspicious (26)[1].part2.rar;Trojan.PWS.Qqpass.845;;
suspicious (26)[1].part2.rar\Suspicious (25).exe;E:\测试\suspicious (26)[1].part2.rar;Win32.HLLW.Autoruner;;
suspicious (26)[1].part2.rar\Suspicious (26).dll;E:\测试\suspicious (26)[1].part2.rar;Trojan.PWS.Qqshou;;
suspicious (26)[1].part2.rar\Suspicious (16).dll;E:\测试\suspicious (26)[1].part2.rar;Trojan.PWS.Wsgame;;
suspicious (26)[1].part2.rar\Suspicious (8).exe;E:\测试\suspicious (26)[1].part2.rar;Win32.Virut.5131;;
suspicious (26)[1].part2.rar\Suspicious (2).DLL;E:\测试\suspicious (26)[1].part2.rar;Trojan.PWS.Gamania.2373;;
suspicious (26)[1].part2.rar\Suspicious (3).exe;E:\测试\suspicious (26)[1].part2.rar;Trojan.PWS.Wow.origin;;
suspicious (26)[1].part2.rar;E:\测试;档案文件已被病毒感染;已删除.;
suspicious (26)[1].part3.rar\Suspicious (6).exe;E:\测试\suspicious (26)[1].part3.rar;Trojan.PWS.Wsgame;;
suspicious (26)[1].part3.rar;E:\测试;档案文件已被病毒感染;已删除.;

promised

Starting the file scan:

Begin scan in 'D:\suspicious (26)[1]'
D:\suspicious (26)[1]\Suspicious (7).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (9).EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (10).EXE
      [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.alh.4 Backdoor server programs
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (11).EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.SL.146
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (12).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.SL.151
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (13).OCX
      [DETECTION] Is the Trojan horse TR/Agent.22016.B
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (14).EXE
      [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (15).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.TN.1
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (17).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.TN.1
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (18).DLL
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.SY.48
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (19).EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (21).EXE
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.AUP.148
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (22).OCX
      [DETECTION] Is the Trojan horse TR/Laidbho.A
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (24).exe
      [DETECTION] Is the Trojan horse TR/PSW.QQPass.WM.18
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (25).exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (26).dll
      [DETECTION] Is the Trojan horse TR/Adclicker.FD.1
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (16).dll
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.LJ.14
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (8).exe
      [DETECTION] Contains signature of the Windows virus W32/Virut.b
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (2).DLL
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (3).exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (4).chm
      [DETECTION] Is the Trojan horse TR/Spy.Delf.UL.7
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (5).dll
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/AdMoke.DO.17
      [WARNING]   The file was ignored!
D:\suspicious (26)[1]\Suspicious (6).exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [WARNING]   The file was ignored!


End of the scan: 2007年7月24日  15:57
Used time: 00:09 min

The scan has been done completely.

      1 Scanning directories
     26 Files were scanned
     23 viruses and/or unwanted programs were found
      3 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
     23 Warnings
      0 Notes
      0 Hidden objects were found

红心王子

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Packer.Mian007           
病毒： Trojan.MnLess.kks        
病毒： Trojan.PSW.Win32.OnLineGames.sl
病毒： Trojan.PSW.AskTao.ad     
病毒： Trojan.Win32.Agent.d     
病毒： Trojan.PSW.Win32.OnLineGames.es
病毒： Trojan.PSW.OnlineGames.bzs
病毒： Trojan.PSW.OnlineGames.chj
病毒： Trojan.PSW.Win32.OnLineGames.xn
病毒： Trojan.PSW.OnlineGames.chj
病毒： Trojan.PSW.Win32.QQPass.xg
病毒： Worm.Agent.vh            
病毒： Trojan.PSW.Agent.jyl     
病毒： Trojan.PSW.OnlineGames.bto
病毒： Win32.Virut.a            
病毒： Trojan.PSW.Win32.OnlineGames.cug
病毒： Trojan.PSW.ZhengTu.jzd

蓝色牛仔裤

两个壳。。

欠妳緈諨

19只

xxwpk007

20个

已删除: 病毒 Worm.Win32.Viking.gz        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (9).EXE
已删除: 木马程序 Backdoor.Win32.Agent.alh        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (10).EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.sl        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (11).EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.sl        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (12).DLL
已删除: 木马程序 Trojan-Proxy.Win32.Small.du        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (13).OCX
已删除: 木马程序 Trojan-Downloader.Win32.Small.czl        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (14).EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.tn        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (15).DLL//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.tn        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (17).DLL//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.sy        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (18).DLL
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.xn        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (19).EXE//PE_Patch//UPack
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.sy        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (21).EXE
已删除: 木马程序 Trojan-PSW.Win32.QQPass.wm        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (24).exe//UPX
已删除: 木马程序 Trojan-Downloader.Win32.Agent.brx        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (25).exe//NSPack
已删除: 木马程序 Trojan-Spy.Win32.Delf.pg        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (26).dll//UPX
已删除: 木马程序 Trojan-PSW.Win32.OnLineGames.lj        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (16).dll
已删除: 病毒 Virus.Win32.Virut.b        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (8).exe
已删除: 木马程序 Trojan-Spy.Win32.Delf.uh        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (2).DLL
已删除: 木马程序 Trojan-Spy.Win32.Delf.ul        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (4).chm
已删除: 广告软件 not-a-virus:AdWare.Win32.AdMoke.do        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (5).dll//ASPack
已删除: 木马程序 Trojan-PSW.Win32.Small.cf        文件: G:\样本\样本\suspicious (26)[1]\Suspicious (6).exe

微点卫士

金山全挂!!! 失望

微点:
木马名称:Backdoor.Win32.Agent.dkt

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (10).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Agent.dfw

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (11).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Small.jne

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (14).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Agent.dhy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (19).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.etw

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (21).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.QQPass.ety

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (24).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.Agent.hxz

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (25).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.bxu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (26).DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.ckd

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (2).DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.cac

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (4).CHM
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.Agent.eet

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX02.031\SUSPICIOUS (6).EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.cac

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$DI10.093\SUSPICIOUS (4).CHM
是木马程序!
已成功阻止其运行,是否要删除此文件?