一大包 26个

hj5abc

Suspicious (20).exe..错误参数
Suspicious (4)..ms没问题.
Suspicious (3)..pass
剩下一堆dll,ocx

Scanning Log
NOD32 version 2416 (20070724) NT
Command line: F:\suspicious (26)[1]
Operating memory - is OK

Date: 24.7.2007  Time: 20:59:40
Anti-Stealth technology is enabled.
Scanned disks, folders and files: F:\suspicious (26)[1]\
F:\suspicious (26)[1]\Suspicious (10).EXE - Win32/Agent.NEM trojan
F:\suspicious (26)[1]\Suspicious (11).EXE - Win32/PSW.Agent.NEW trojan
F:\suspicious (26)[1]\Suspicious (12).DLL - Win32/PSW.OnLineGames.NBW trojan
F:\suspicious (26)[1]\Suspicious (13).OCX - a variant of Win32/Agent.NIK trojan
F:\suspicious (26)[1]\Suspicious (14).EXE - Win32/PSW.Agent.NFZ trojan
F:\suspicious (26)[1]\Suspicious (16).dll - Win32/PSW.OnLineGames.NBD trojan
F:\suspicious (26)[1]\Suspicious (18).DLL - Win32/PSW.OnLineGames.NBQ trojan
F:\suspicious (26)[1]\Suspicious (19).EXE - a variant of Win32/PSW.OnLineGames.RC trojan
F:\suspicious (26)[1]\Suspicious (2).DLL - probably a variant of Win32/PSW.Delf.NDI trojan
F:\suspicious (26)[1]\Suspicious (21).EXE - Win32/PSW.OnLineGames.NBQ trojan
F:\suspicious (26)[1]\Suspicious (24).exe - probably a variant of Win32/PSW.QQPass.VD trojan
F:\suspicious (26)[1]\Suspicious (25).exe - Win32/PSW.OnLineGames.UW trojan
F:\suspicious (26)[1]\Suspicious (26).dll - probably a variant of Win32/Spy.Delf.PG trojan
F:\suspicious (26)[1]\Suspicious (6).exe - Win32/PSW.Agent.NDP trojan
F:\suspicious (26)[1]\Suspicious (7).exe - a variant of Win32/PSW.OnLineGames.NDA trojan
F:\suspicious (26)[1]\Suspicious (8).exe - Win32/Virut.B virus
F:\suspicious (26)[1]\Suspicious (9).EXE - Win32/Viking.CH virus
Number of scanned files: 26
Number of threats found: 17
Number of files cleaned: 17
Time of completion: 20:59:44 Total scanning time: 4 sec (00:00:04)

[ 本帖最后由 hj5abc 于 2007-7-24 21:11 编辑 ]

lsyer

雨伞少的几个和高启发的几个已上报~

promised

C:\ABC\suspicious_(26)\Suspicious (1).DLL
C:\ABC\suspicious_(26)\Suspicious (10).EXE - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\suspicious_(26)\Suspicious (11).EXE - 特征码 'Trojan-PWS.Win32.Nilage.bjp' 被发现
C:\ABC\suspicious_(26)\Suspicious (12).DLL - 特征码 'Trojan-PWS.Win32.OnLineGames.sl' 被发现
C:\ABC\suspicious_(26)\Suspicious (13).OCX - 特征码 'Trojan-PWS.OnlineGames.AYD' 被发现
C:\ABC\suspicious_(26)\Suspicious (14).EXE - 特征码 'Trojan-Downloader.Win32.Small.czl' 被发现
C:\ABC\suspicious_(26)\Suspicious (15).DLL - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\suspicious_(26)\Suspicious (16).dll - 特征码 'Trojan-PWS.Win32.OnLineGames.lj' 被发现
C:\ABC\suspicious_(26)\Suspicious (17).DLL - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\suspicious_(26)\Suspicious (18).DLL - 特征码 'Trojan-PWS.Win32.Nilage.bbr' 被发现
C:\ABC\suspicious_(26)\Suspicious (19).EXE - 特征码 'Trojan-PWS.Win32.Nilage.bjp' 被发现
C:\ABC\suspicious_(26)\Suspicious (2).DLL - 特征码 'Trojan-PWS.Win32.Lmir.bjh' 被发现
C:\ABC\suspicious_(26)\Suspicious (20).EXE
C:\ABC\suspicious_(26)\Suspicious (21).EXE - 特征码 'Trojan-PWS.OnlineGames.AUP' 被发现
C:\ABC\suspicious_(26)\Suspicious (22).OCX - 特征码 'Backdoor.Win32.Agent.ank' 被发现
C:\ABC\suspicious_(26)\Suspicious (23).DLL - 可疑代码段 被发现 (Level: 10)
C:\ABC\suspicious_(26)\Suspicious (24).exe - 特征码 'Trojan-Spy.Win32.Delf.ps' 被发现
C:\ABC\suspicious_(26)\Suspicious (25).exe - 特征码 'Trojan-Downloader.Win32.Agent.brx' 被发现
C:\ABC\suspicious_(26)\Suspicious (26).dll - 特征码 'Trojan-Spy.Win32.Delf.PG' 被发现
C:\ABC\suspicious_(26)\Suspicious (3).exe
C:\ABC\suspicious_(26)\Suspicious (4).chm - 特征码 'Trojan-Spy.Win32.Delf.ul' 被发现
C:\ABC\suspicious_(26)\Suspicious (5).dll - 可疑代码段 被发现 (Level: 5)
C:\ABC\suspicious_(26)\Suspicious (6).exe - 特征码 'Trojan-PWS.Win32.Nilage.bbr' 被发现
C:\ABC\suspicious_(26)\Suspicious (7).exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\suspicious_(26)\Suspicious (8).exe - 特征码 'Virus.Win32.Virut.b' 被发现
C:\ABC\suspicious_(26)\Suspicious (9).EXE - 特征码 'Trojan-PWS.Win32.Nilage.bbr' 被发现

        26 个文件被扫描
          (0 个压缩档 0 个文件)
        21 个特征码被侦测
        2 个可疑代码段被发现
        耗时: 0:03.703

yinxuchina

北京江民新科技术有限公司

        扫描引擎 10.00.650
        病毒库日期 2007-07-24
        更新日期 2007-07-24

扫描目标 C:\Documents and Settings\yin\My Documents\suspicious_(26)\

开始时间 2007-07-24 21:28:58

在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (9).EXE 中发现 Worm/Viking.adg 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (6).exe 中发现 Trojan/PSW.GamePass.mda 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (8).exe 中发现 Win32/Virut.b 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (10).EXE 中发现 Trojan/Agent.czo 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (11).EXE 中发现 Trojan/PSW.OnLineGames.cuy 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (12).DLL 中发现 Trojan/PSW.GamePass.nhc 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (13).OCX 中发现 TrojanProxy.Small.lg 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (14).EXE 中发现 Trojan/PSW.GamePass.jdz 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (15).DLL 中发现 Trojan/PSW.OnLineGames.bzj 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (18).DLL 中发现 Trojan/PSW.GamePass.npk 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (17).DLL 中发现 Trojan/PSW.OnLineGames.bzj 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (19).EXE 中发现 TrojanDownloader.Adload.lp 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (21).EXE 中发现 Trojan/PSW.GamePass.khz 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (24).exe 中发现 Trojan/PSW.QQPass.qhl 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (26).dll 中发现 Trojan/Agent.int 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (25).exe 中发现 Trojan/PSW.GamePass.lky 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (2).DLL 中发现 Trojan/PSW.GamePass.sji 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (16).dll 中发现 Trojan/PSW.GamePass.nhg 病毒, 发现病毒
在 C:\Documents and Settings\yin\My Documents\suspicious_(26)\Suspicious (4).chm 中发现 Backdoor/Agent.oki 病毒, 发现病毒
正常结束。

扫描结果:
                 文件数 :26                                  病毒体 :19        
                   删除 :0                                     解毒 :0         
    扫描速度(千字节/秒) :2118                              扫描时间 :00:00:01
    扫描文件速度(个/秒) :26

Guanguancan

avast必须关了网页监控
否则下到95%时自动中止下载。

woai_jolin

===================================================================================================
NVCOD On Demand Scanner 5.80.02

NSE revision 5.91.02
nvcbin.def revision 5.90.00 of 2007/07/24 08:21:08 (815016 variants)
nvcmacro.def revision 5.90.00 of 2007/06/29 06:32:19 (20341 variants)
Total number of variants: 835357
Command line: "@C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~OD20.tmp"
===================================================================================================

       Time  Filename                                                     Virus name
---------------------------------------------------------------------------------------------------
- Scanning files in the directory: F:\vv\
        0 ms F:\vv\Suspicious (1).DLL                                    
        0 ms F:\vv\Suspicious (10).EXE                                    Security Risk W32/Suspicious_U.gen ()
        0 ms F:\vv\Suspicious (11).EXE                                    Security Risk W32/Suspicious_U.gen ()
       16 ms F:\vv\Suspicious (12).DLL                                    Trojan W32/OnLineGames.GXM ()
       16 ms F:\vv\Suspicious (13).OCX                                    Trojan W32/Smalltroj.BHXC ()
        0 ms F:\vv\Suspicious (14).EXE                                    Trojan W32/Smalldrp.LVL ()
        0 ms F:\vv\Suspicious (15).DLL                                    Security Risk W32/Suspicious_U.gen ()
        0 ms F:\vv\Suspicious (16).dll                                    Trojan W32/OnLineGames.GUK ()
        0 ms F:\vv\Suspicious (17).DLL                                    Security Risk W32/Suspicious_U.gen ()
        0 ms F:\vv\Suspicious (18).DLL                                   
        0 ms F:\vv\Suspicious (19).EXE                                    Security Risk W32/Suspicious_U.gen ()
        0 ms F:\vv\Suspicious (2).DLL                                    
      734 ms F:\vv\Suspicious (20).EXE                                   
       16 ms F:\vv\Suspicious (21).EXE                                    Trojan W32/OnLineGames.GYP ()
       16 ms F:\vv\Suspicious (22).OCX                                   
        0 ms F:\vv\Suspicious (23).DLL                                   
        0 ms F:\vv\Suspicious (24).exe                                    Trojan W32/QQPass.EOF ()
     1765 ms F:\vv\Suspicious (25).exe                                   
       16 ms F:\vv\Suspicious (26).dll                                    Trojan W32/Delf.AESQ ()
       94 ms F:\vv\Suspicious (3).exe                                    
     2343 ms F:\vv\Suspicious (4).chm                                    
        0 ms F:\vv\Suspicious (5).dll                                    
       32 ms F:\vv\Suspicious (6).exe                                     Trojan W32/Smalltroj.BINP ()
        0 ms F:\vv\Suspicious (7).exe                                     Security Risk W32/Suspicious_U.gen ()
       16 ms F:\vv\Suspicious (8).exe                                     Virus W32/Virut.B ()
        0 ms F:\vv\Suspicious (9).EXE                                     Virus W32/Viking.GV ()
- File F:\vv\Suspicious (10).EXE quarantined.
- File F:\vv\Suspicious (10).EXE deleted.
- File F:\vv\Suspicious (11).EXE quarantined.
- File F:\vv\Suspicious (11).EXE deleted.
- File F:\vv\Suspicious (12).DLL quarantined.
- File F:\vv\Suspicious (12).DLL deleted.
- File F:\vv\Suspicious (13).OCX quarantined.
- File F:\vv\Suspicious (13).OCX deleted.
- File F:\vv\Suspicious (14).EXE quarantined.
- File F:\vv\Suspicious (14).EXE deleted.
- File F:\vv\Suspicious (15).DLL quarantined.
- File F:\vv\Suspicious (15).DLL deleted.
- File F:\vv\Suspicious (16).dll quarantined.
- File F:\vv\Suspicious (16).dll deleted.
- File F:\vv\Suspicious (17).DLL quarantined.
- File F:\vv\Suspicious (17).DLL deleted.
- File F:\vv\Suspicious (19).EXE quarantined.
- File F:\vv\Suspicious (19).EXE deleted.
- File F:\vv\Suspicious (21).EXE quarantined.
- File F:\vv\Suspicious (21).EXE deleted.
- File F:\vv\Suspicious (24).exe quarantined.
- File F:\vv\Suspicious (24).exe deleted.
- File F:\vv\Suspicious (26).dll quarantined.
- File F:\vv\Suspicious (26).dll deleted.
- File F:\vv\Suspicious (6).exe quarantined.
- File F:\vv\Suspicious (6).exe deleted.
- File F:\vv\Suspicious (7).exe quarantined.
- File F:\vv\Suspicious (7).exe deleted.
- File F:\vv\Suspicious (8).exe quarantined.
- Virus W32/Virut.B () removed.
- File F:\vv\Suspicious (9).EXE quarantined.
- Virus W32/Viking.GV () removed.

===================================================================================================

The scanning started: 2007/07/25 16:34:37
               ended: 2007/07/25 16:34:42
Logged on as        : Administrator
on hostname         : 2FEA146376E2420

Scanning results:
   Total number of files found..............................:      26
   Number of files scanned..................................:      26
   Number of files/directories skipped due to exclude list..:       0
   Number of files that could not be opened.................:       0
   Number of archive files unpacked.........................:       0
   Number of archive files not unpacked.....................:       0
   Number of infections.....................................:      16

Copyright (c) 1993-2005 Norman ASA.