兑现承诺:卡饭恢复正常后马上放毒

显示全部楼层 · 发表于 2008-7-15 18:54:42

已原包寄送到PCSL

0ff2a508e81029aa4eda0eaf6d625352  41363898.exe3
285d46844288617910ea76ab5ec4ca3f  41387742.exe3
5695ae7333e4a9be743b93d08b556671  41513783.exe3
7590cd7564ac8bacc9dc60967d19b3d1  41532390.exe3
9d31a78eda6c0bdfb44af1220b2864fb  41557236.exe3
732dc94a36fc53b7d557fce96ec35e56  41572057.exe3
69a64df261bacfe707e6317249fbaa63  41584214.exe3
5e252ef2dc4be65229c86a06c9dc21eb  41615429.exe3
67daad937855b6866ad975a7c5f0105a  41638332.exe3
b926c400e12b0a357068a872b42388e7  41659823.exe3
8c830a1f828314088773efdd1cb6134c  958.exe2
160b3963f5c648b1e6059906f7e6f649  a.exe3
9f73e3e636c1f57bdfc626897f05179d  attsetup_30116.exe5
f414318e0eb47998e66ac28d01a97177  b.exe2
64cc4234a3b15fe88068c22db3f2b89b  BO1010.exe1
261a6c10967b0de0dbe9d7bb10f4ea0c  c.exe1
3a0da225c9ec316af8163fa5e9d58555  DRMXP1XMGBLB.exe3
03afdbd66e7929b125f8597834fa83a4  edit.jpg3
43f9ae3084d3b87e55a85a37c168b8b9  fanti.sys2
20b57ab7fbebd635b155ae8656ff14c5  heishibaikhd.dll3
3a0da225c9ec316af8163fa5e9d58555  IQ4UURXH.exe2
8c830a1f828314088773efdd1cb6134c  mir3advame.exe3
30f6eab25a3467e643f4db148c4fc4d4  msnsq8c.dll3
76adea23efdcef748ec2c4574ac8bebb  msnsz68.dll3
07d84fc492f831069d384c87f5be5f10  MsUpdateTask.job3
c39ee2caefc14cafa00b4d3c26492cca  pagefile.pif3
261a6c10967b0de0dbe9d7bb10f4ea0c  QQASD.exe3
94fa6462df4408f92dacff44f0396444  regti.sys3
8c830a1f828314088773efdd1cb6134c  SGKey#1.exe1
6b4ef50e3e21205685cea919ebf93476  ups_invoice.exe2
afdbef918ec663b13e68be5e62ec15f8  winhlp32.exe2
abd0c81183ba105a7eaf643ae7b6fac0  winhlp32.exe3
8c830a1f828314088773efdd1cb6134c  xunyou2007.exe3
8c830a1f828314088773efdd1cb6134c  传奇3G自动（窗口模式）.exe3
8c830a1f828314088773efdd1cb6134c  屠狼宰狗#1.exe3
8c830a1f828314088773efdd1cb6134c  屠龙斩#1.exe2
f16fd434929e66aa95318fe002aac792  黑失败2008正式版.exe3

已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41363898.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41387742.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41513783.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41532390.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41557236.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aown 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41572057.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41615429.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41638332.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Trojan-PSW.Win32.OnLineGames.aqzw 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\41659823.exe3//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\958.exe2
已刪除: 特洛伊木馬程式 Trojan-Dropper.Win32.VB.aoa 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\a.exe3//UPX
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.ugc 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\attsetup_30116.exe5
已刪除: 特洛伊木馬程式 Backdoor.Win32.Bifrose.val 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\b.exe2
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.WSearch.co 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\BO1010.exe1//stream//data0002
已刪除: 特洛伊木馬程式 Rootkit.Win32.Agent.bce 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\BO1010.exe1//stream//data0003
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.qsu 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\DRMXP1XMGBLB.exe3
已刪除: 廣告軟體 not-a-virus:AdWare.Win32.WSearch.co 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\fanti.sys2
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.qsu 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\IQ4UURXH.exe2
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\mir3advame.exe3
已刪除: 特洛伊木馬程式 Trojan.Win32.Vapsup.ier 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\msnsq8c.dll3
已刪除: 病毒 Virus.Win32.Xorer.dr 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\pagefile.pif3//PE_Patch.UPX//UPX
已刪除: 特洛伊木馬程式 Rootkit.Win32.Agent.bce 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\regti.sys3
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\SGKey#1.exe1
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Obitel.a 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\ups_invoice.exe2
已刪除: 特洛伊木馬程式 Trojan-Downloader.Win32.Small.xxg 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\winhlp32.exe2//PE_Patch//UPack
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\xunyou2007.exe3
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\獢\蝤??箇?瘥?蝤??箇?瘥?37\隡惩?3G?芸嚗???芋撘??.exe3
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\桌面\磁碟机病毒\磁碟机病毒\37\屠狼宰狗#1.exe3
已刪除: 特洛伊木馬程式 Backdoor.Win32.Hupigon.cnna 檔案: C:\Documents and Settings\kato9096\獢\蝤??箇?瘥?蝤??箇?瘥?37\撅???1.exe2

卡巴只报29,上报的已不报.

[ 本帖最后由 kato9096 于 2008-7-15 18:59 编辑 ]

显示全部楼层 · 发表于 2008-7-15 18:56:41

AVAST! pro

[ 本帖最后由 barbara 于 2008-7-15 19:02 编辑 ]

显示全部楼层 · 发表于 2008-7-15 18:58:05

回复正常？恢复正常？

显示全部楼层 · 发表于 2008-7-15 19:00:05

謝謝

显示全部楼层 · 发表于 2008-7-15 19:01:59

恢复

显示全部楼层 · 发表于 2008-7-15 19:13:52

只认识19个

D:\download\37.part01.rar>>37\41363898.exe3 Trojan.Cap86191.zlyg 木马还未处理
D:\download\37.part01.rar>>37\41387742.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41513783.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41532390.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41557236.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41572057.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41615429.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41638332.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\41659823.exe3 TrojanPSW.OnLineGames.wlu.kjdk 木马还未处理
D:\download\37.part01.rar>>37\a.exe3 Adware.Thesa.c.rkfn 广告程序还未处理
D:\download\37.part01.rar>>37\attsetup_30116.exe5 Trojan.Wdifol.khku 木马还未处理
D:\download\37.part01.rar>>37\b.exe2 Trojan.Transformer.c 木马还未处理
D:\download\37.part01.rar>>37\c.exe1 Backdoor.Delf.gvp.ixyo 后门还未处理
D:\download\37.part01.rar>>37\DRMXP1XMGBLB.exe3 TrojanDownloader.Agent.qsu.pigd 木马还未处理
D:\download\37.part01.rar>>37\IQ4UURXH.exe2 TrojanDownloader.Agent.qsu.pigd 木马还未处理
D:\download\37.part01.rar>>37\pagefile.pif3 W32.Xorer.dr.kwfv 病毒还未处理
D:\download\37.part01.rar>>37\QQASD.exe3 Backdoor.Delf.gvp.ixyo 后门还未处理
D:\download\37.part01.rar>>37\ups_invoice.exe2 TrojanDownloader.Obitel.a.qqqv 木马还未处理
D:\download\37.part01.rar>>37\winhlp32.exe2 TrojanDownloader.Nurech.bd.bmqk 木马还未处理

显示全部楼层 · 发表于 2008-7-15 19:28:30

Start of the scan: 2008年7月15日星期二  02:39

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\37[1]'
C:\Documents and Settings\Administrator\桌面\37[1]\37\41363898.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '48ae9d81.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41387742.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '4925fe9a.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41513783.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '48b09d82.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41532390.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '493bfe9b.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41557236.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '48b09d83.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41572057.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '493bfe9c.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41615429.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '48b19d84.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41638332.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '493afe9d.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\41659823.exe3
   [DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
   [NOTE]    The file was moved to '48b19d85.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\958.exe2
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to '48b39d89.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\a.exe3
   [DETECTION] Is the Trojan horse TR/ChangeDate
   [NOTE]    The file was moved to '48e09d82.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\attsetup_30116.exe5
   [DETECTION] Is the Trojan horse TR/Dldr.Agent.kac
   [NOTE]    The file was moved to '48ef9dc9.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\b.exe2
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [NOTE]    The file was moved to '48e09d83.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\BO1010.exe1
   [DETECTION] Contains detection pattern of the dropper DR/WSearch.CO
   [NOTE]    The file was moved to '48ac9da4.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\c.exe1
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [NOTE]    The file was moved to '48e09d84.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\DRMXP1XMGBLB.exe3
   [DETECTION] Is the Trojan horse TR/Drop.Agent.zaf
   [NOTE]    The file was moved to '48c89da8.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\heishibaikhd.dll3
  [0] Archive type: RSRC
  --> Object
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [NOTE]    The file was moved to '48e49dbb.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\IQ4UURXH.exe2
   [DETECTION] Is the Trojan horse TR/Drop.Agent.zaf
   [NOTE]    The file was moved to '48af9da7.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\mir3advame.exe3
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to '48ed9dc0.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\msnsq8c.dll3
   [DETECTION] Is the Trojan horse TR/Vapsup.ier
   [NOTE]    The file was moved to '48e99dca.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\pagefile.pif3
   [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
   [NOTE]    The file was moved to '48e29db8.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\QQASD.exe3
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
   [NOTE]    The file was moved to '48bc9da9.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\regti.sys3
   [DETECTION] Contains detection pattern of the rootkit RKIT/Agent.bce
   [NOTE]    The file was moved to '48e29dbd.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\SGKey#1.exe1
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to '48c69d9f.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\ups_invoice.exe2
   [DETECTION] Is the Trojan horse TR/Dldr.Tiny.brm
   [NOTE]    The file was moved to '48ee9dc8.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\winhlp32.exe2
   [DETECTION] Is the Trojan horse TR/Dldr.Small.xxg
   [NOTE]    The file was moved to '48e99dc2.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\xunyou2007.exe3
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to '48e99dce.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\传奇3G自动（窗口模式）.exe3
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to '48aef6a0.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\屠狼宰狗#1.exe3
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to 'a42c1056.qua'!
C:\Documents and Settings\Administrator\桌面\37[1]\37\屠龙斩#1.exe2
   [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Backdoor.Gen Backdoor server programs
   [NOTE]    The file was moved to 'ae253cf3.qua'!

End of the scan: 2008年7月15日星期二  02:39
Used time: 00:19 min

The scan has been done completely.

   2 Scanning directories
   37 Files were scanned
   30 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   30 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   7 Files not concerned
   0 Archives were scanned
   0 Warnings
   30 Notes

显示全部楼层 · 发表于 2008-7-15 20:02:32

信息 2008-07-15  20:01:41 您此次查毒隔离了25个文件
信息 2008-07-15  20:01:41 您此次查毒共查出25个病毒以及危险代码
信息 2008-07-15  20:01:41 您此次查毒共查了内存模块0个，磁盘引导扇区0个，文件69个
信息 2008-07-15  20:01:41 金山毒霸主程序查毒过程结束，查毒方式：命令行查毒

显示全部楼层 · 发表于 2008-7-16 01:13:33

谢谢kato的样本包
我收下了

显示全部楼层 · 发表于 2008-7-16 13:23:08

驱逐舰5.0a杀25个

[病毒样本] 兑现承诺:卡饭恢复正常后马上放毒

本帖子中包含更多资源

本帖子中包含更多资源

回复 3楼 tvuser2007 的帖子