一包 可能什么都不是

挪威的冬天

可能什么都不是 我不知道实际上

qwer9909

C:\Documents and Settings\Administrator\桌面\Temp.zip>>tmpC.tmp        Heuri.Possible/Packed        启发式扫描        还未处理
Temp.zip            97.78/97.78KB       100.00%    在线扫描      没有发现病毒，但这并不能说明此文件百分之百可信。2008-4-8 16:21:09    2008-4-8 16:21:24

Starting the file scan:

Begin scan in 'E:\Temp.zip'
E:\Temp.zip
  [0] Archive type: ZIP
  --> tmpC.tmp
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING]   The file was ignored!

wangjay1980

就这个tmpC.tmp是PE文件，还不幸的是个尸体

所以，确实如楼主所说，什么都不是


还有个下载列表
a=http://ccc.52gol.com/xx/soc1.exe
b=http://ccc.52gol.com/xx/soc2.exe
c=http://ccc.52gol.com/xx/soc3.exe
d=http://ccc.52gol.com/xx/soc4.exe
e=http://ccc.52gol.com/xx/soc5.exe
f=http://ccc.52gol.com/xx/soc6.exe
g=http://ccc.52gol.com/xx/soc7.exe
h=http://ccc.52gol.com/xx/soc8.exe
i=http://ccc.52gol.com/xx/soc9.exe
j=http://ccc.52gol.com/xx/soc10.exe
k=http://ccc.52gol.com/xx/soc11.exe
l=http://ccc.52gol.com/xx/soc12.exe
m=http://ccc.52gol.com/xx/soc13.exe
n=http://ccc.52gol.com/xx/soc14.exe
o=http://ccc.52gol.com/xx/soc15.exe
p=http://ccc.52gol.com/xx/soc16.exe
q=http://ccc.52gol.com/xx/soc17.exe
r=http://ccc.52gol.com/xx/soc18.exe
s=http://ccc.52gol.com/xx/soc19.exe
t=http://ccc.52gol.com/xx/soc20.exe
u=http://ccc.52gol.com/xx/soc21.exe
v=http://ccc.52gol.com/xx/soc22.exe
w=http://ccc.52gol.com/xx/soc23.exe
x=http://ccc.52gol.com/xx/soc24.exe

[ 本帖最后由 wangjay1980 于 2008-4-8 16:35 编辑 ]

原帖由 wangjay1980 于 2008-4-8 16:27 发表
就这个tmpC.tmp是PE文件，还不幸的是个尸体

还有个下载列表
a=http://ccc.52gol.com/xx/soc1.exe
b=http://ccc.52gol.com/xx/soc2.exe
c=http://ccc.52gol.com/xx/soc3.exe
d=http://ccc.52gol.com/xx/soc4.e ...

Starting the file scan:
Begin scan in 'E:\新建文件夹 (2)\soc24.exe'
E:\新建文件夹 (2)\soc24.exe
      [DETECTION] Contains detection pattern of the worm WORM/Autorun.FF.37
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc1.exe'
E:\新建文件夹 (2)\soc1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zkf
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc2.exe'
E:\新建文件夹 (2)\soc2.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc3.exe'
E:\新建文件夹 (2)\soc3.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc4.exe'
E:\新建文件夹 (2)\soc4.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc5.exe'
E:\新建文件夹 (2)\soc5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.NSR.615
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc6.exe'
E:\新建文件夹 (2)\soc6.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc7.exe'
E:\新建文件夹 (2)\soc7.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc8.exe'
E:\新建文件夹 (2)\soc8.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc9.exe'
E:\新建文件夹 (2)\soc9.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zle
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc10.exe'
E:\新建文件夹 (2)\soc10.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc11.exe'
E:\新建文件夹 (2)\soc11.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.cfb
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc12.exe'
E:\新建文件夹 (2)\soc12.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc13.exe'
E:\新建文件夹 (2)\soc13.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc14.exe'
E:\新建文件夹 (2)\soc14.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc15.exe'
E:\新建文件夹 (2)\soc15.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc16.exe'
E:\新建文件夹 (2)\soc16.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc17.exe'
E:\新建文件夹 (2)\soc17.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc18.exe'
E:\新建文件夹 (2)\soc18.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc19.exe'
E:\新建文件夹 (2)\soc19.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGames.zky
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc20.exe'
E:\新建文件夹 (2)\soc20.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc21.exe'
E:\新建文件夹 (2)\soc21.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc22.exe'
E:\新建文件夹 (2)\soc22.exe
      [DETECTION] Is the Trojan horse TR/PSW.Online.ddn.2
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\soc23.exe'
E:\新建文件夹 (2)\soc23.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!

End of the scan: 2008年4月8日  16:36
Used time: 01:20 min
The scan has been done completely.
      0 Scanning directories
     24 Files were scanned
     24 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
     24 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes

qwer9909

C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc1.exe        Trojan.Cap8466.oclb        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc10.exe        Trojan.Cap8466.zfiq        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc11.exe        TrojanPSW.OnLineGames.rri.fccq        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc12.exe        TrojanPSW.OnLineGames.zkv.pohb        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc13.exe        TrojanPSW.OnLineGames.zkl.safm        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc14.exe        TrojanSpy.Gen.ldcz        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc15.exe        TrojanSpy.Gen.uutc        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc16.exe        TrojanPSW.OnLineGames.zeb.nymo        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc17.exe        TrojanPSW.OnLineGames.zkp.efqi        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc18.exe        Heuri.Possible/Packed        启发式扫描        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc19.exe        Trojan.Cap8466.xdto        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc2.exe        Heuri.Possible/Packed        启发式扫描        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc20.exe        TrojanPSW.OnLineGames.rri.fccq        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc21.exe        TrojanPSW.OnLineGames.yog.uibj        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc22.exe        TrojanPSW.OnLineGames.whs.zvid        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc23.exe        TrojanDownloader.Nurech.bd.bmqk        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc24.exe        PWSteal.QQPass.izas        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc3.exe        TrojanPSW.OnLineGames.zmi.vlpf        木马        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc4.exe        Heuri.Possible/Packed        启发式扫描        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc5.exe        W32.Viking.k        病毒        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc6.exe        Heuri.Possible/Packed        启发式扫描        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc7.exe        W32.Viking.k        病毒        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc8.exe        Heuri.Possible/Packed        启发式扫描        还未处理
C:\Documents and Settings\Administrator\桌面\新建文件夹 (2).rar>>soc9.exe        Trojan.Cap8466.lixl        木马        还未处理

wangjay1980

此贴惊人的有趣

[ 本帖最后由 wangjay1980 于 2008-4-8 16:48 编辑 ]

The file 'tmpC.tmp' has been determined to be 'DAMAGED FILE (MALWARE)'.

挪威的冬天

啥有趣

在某地看了就直接打包扔过来了...

信息        2008-04-08  16:47:33        您此次查毒清除了21个病毒                       
信息        2008-04-08  16:47:33        您此次查毒共查出21个病毒以及危险代码                       
信息        2008-04-08  16:47:33        您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件47个                       
信息        2008-04-08  16:47:33        金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

wangjay1980

原帖由 挪威的冬天 于 2008-4-8 16:47 发表
啥有趣

在某地看了就直接打包扔过来了...

信息        2008-04-08  16:47:33        您此次查毒清除了21个病毒                        
信息        2008-04-08  16:47:33        您此次查毒共查出21个病毒以及危险代码                        
信息        2008-04-08  16:47:33         ...

细心的看，仔细的想，也许你也能看出那里有趣