来个（29号）

显示全部楼层 · 发表于 2008-3-29 18:23:48

http://down5ud6.5ud.com/my_70194.exe
http://l.99081.com/haike017/hgz.rar
http://imgbj.jpg.name/tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar
http://www1.07dns.com/weizhen/mhxm1.5.exe

[ 本帖最后由流清泉于 2008-3-30 13:02 编辑 ]

显示全部楼层 · 发表于 2008-3-29 18:25:54

灰鸽子---3.19M，体积大的DD。

显示全部楼层 · 发表于 2008-3-29 18:27:59

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.DL.Win32.Mnless.yk

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.37.51

显示全部楼层 · 发表于 2008-3-29 18:28:18

Sign of "Win32:Small-JON [Trj]" has been found in "http://down5ud6.5ud.com/my_70194.exe" file.

Sign of "Win32:Hupigon-GIF [Trj]" has been found in "F:\hgz.rar\黑防2008灰鸽子破解版\HKFX8\HKFX2008.OK" file.
Sign of "Win32:Virtualizer [Cryp]" has been found in "F:\hgz.rar\黑防2008灰鸽子破解版\黑防2008灰鸽子破解版.exe\[Embedded#06a80a]" file.
Sign of "Win32:Hupigon-GIF [Trj]" has been found in "F:\hgz.rar\黑防2008灰鸽子破解版\黑防2008灰鸽子破解版.exe" file.

Sign of "Win32:Hupigon-DUB [Trj]" has been found in "F:\jpg.name_222169132157_2008-3-27_13-34-06_4884639_58995.rar\setup.exe\servercnc.exe\[UPX]" file.

Sign of "Win32:Hupigon-GIF [Trj]" has been found in "F:\mhxm1.5.exe\shipin.exe" file.

[ 本帖最后由 hj5abc 于 2008-3-29 19:03 编辑 ]

显示全部楼层 · 发表于 2008-3-29 18:28:21

[Clean]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\dat\QQWry.dat
[Found backdoor]       <W32/Hupigon.H.gen!Eldorado (not disinfectable, generic)>       C:\virus\hgz.rar->黑防2008灰鸽子破解版\HKFX8\HKFX2008.OK->(ExeStealth)
[Clean]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\SOUND\downfile.wav
[Clean]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\SOUND\login.wav
[Clean]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\SOUND\offline.wav
[Clean]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\SOUND\setting.wav
[Clean]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\SOUND\upfile.wav
[Found possible security risk]       <W32/Heuristic-162!Eldorado (damaged, not disinfectable)>       C:\virus\hgz.rar->黑防2008灰鸽子破解版\黑防2008灰鸽子破解版.exe->exefile->(Dot_Shoo)
[Contains infected objects]       C:\virus\hgz.rar
[Quarantined]       C:\virus\hgz.rar->黑防2008灰鸽子破解版\黑防2008灰鸽子破解版.exe->exefile->(Dot_Shoo)
[Found downloader]       <W32/Downloader.D.gen!Eldorado (not disinfectable, generic)>       C:\virus\my_70194.exe
[Quarantined]       C:\virus\my_70194.exe

[Found possible security risk]    <W32/Heuristic-162!Eldorado (not disinfectable)> C:\virus\mhxm1.5.exe->(RAR)->shipin.exe->(ExeStealth)
[Contains infected objects] C:\virus\mhxm1.5.exe
[Quarantined] C:\virus\mhxm1.5.exe->(RAR)->shipin.exe->(ExeStealth)
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->jjh.gif
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->setup.exe->(RAR)->2.jpg
[Found downloader]    <W32/Downloader.C.gen!Eldorado (not disinfectable, generic)> C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->setup.exe->(RAR)->servercnc.exe->(UPX)
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->qww.gif
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->ssw.gif
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->Thumbs.db
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->3335.jpg
[Clean] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->ddd.gif
[Contains infected objects] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar
[Quarantined] C:\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar->ddd.gif

[ 本帖最后由 yangpizhi 于 2008-3-29 18:34 编辑 ]

显示全部楼层 · 发表于 2008-3-29 19:26:30

Begin scan in 'C:\Documents and Settings\haha\桌面\1.rar'
C:\Documents and Settings\haha\桌面\1.rar
  [0] Archive type: RAR
--> 1\jpg.name_222169132157_2008-3-27_13-34-06_4884639_58995.rar
   [1] Archive type: RAR
   --> setup.exe
      [2] Archive type: RAR SFX (self extracting)
      --> servercnc.exe
         [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
--> 1\mhxm1.5.exe
   [1] Archive type: RAR SFX (self extracting)
   --> shipin.exe
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
  --> 1\my_70194.exe
   [DETECTION] Is the Trojan horse TR/Dldr.Small.cfh
   [INFO]    A backup was created as '4860279a.qua'  ( QUARANTINE )

End of the scan: 2008年3月29日  19:26
Used time: 00:02 min

The scan has been done completely.

   0 Scanning directories
   14 Files were scanned
   3 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:

显示全部楼层 · 发表于 2008-3-29 19:26:52

hgz太大了，没传。。。

Begin scan in 'C:\Documents and Settings\haha\桌面\1\hgz.rar'
C:\Documents and Settings\haha\桌面\1\hgz.rar
  [0] Archive type: RAR
  --> ºÚ·À2008»Ò¸ë×ÓÆÆ½â°æ\HKFX8\HKFX2008.OK
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
  --> ºÚ·À2008»Ò¸ë×ÓÆÆ½â°æ\ºÚ·À2008»Ò¸ë×ÓÆÆ½â°æ.exe
   [DETECTION] Is the Trojan horse TR/Drop.Hupigon.EA
   [INFO]    A backup was created as '486827fd.qua'  ( QUARANTINE )

显示全部楼层 · 发表于 2008-3-29 19:36:48

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Backdoor.Win32.Gpigeon.eyq

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.37.52

显示全部楼层 · 发表于 2008-3-29 20:30:25

detected: Trojan program Backdoor.Win32.Hupigon.exa File: E:\ÏÂÔØ»ùµØ\virus\tttwrdwstwjvthhystvwsszhrzyyzrsdjyddj.rar/setup.exe//data.rar/servercnc.exe//PE_Patch.UPX//UPX
detected: Trojan program Backdoor.Win32.Hupigon.asma File: E:\ÏÂÔØ»ùµØ\virus\hgz.rar/ºÚ·À2008»Ò¸ë×ÓÆÆ½â°æ\HKFX8\HKFX2008.OK
detected: Trojan program Trojan-Dropper.Win32.Delf.ase File: E:\ÏÂÔØ»ùµØ\virus\hgz.rar/ºÚ·À2008»Ò¸ë×ÓÆÆ½â°æ\ºÚ·À2008»Ò¸ë×ÓÆÆ½â°æ.exe
detected: Trojan program Backdoor.Win32.Hupigon.blrv File: E:\ÏÂÔØ»ùµØ\virus\mhxm1.5.exe//data.rar/shipin.exe

to kl

[已鉴定] 来个（29号）

http://l.99081.com/haike017/hgz.rar

10/1

13/1