这就是 随便让别人用自己笔记本的后果！！！！

webweb

如上，某客户买了个8000多的笔记本
回去后 其朋友同事争相要"体验"下
结果不到一个月
进xp系统要5分钟 进去后各种错误
原来机器里装的360和麦咖啡 全部壮烈牺牲
下边就是从机器里提取出的一小部分样本（客人知道中了这么多病毒后 气的脸都青了 不敢继续提取了。。）
http://www.brsbox.com/filebox/down/fc/76abd1f15032a3a7941dfb453ac01d2e
哎 权限低无奈啊 不到3mb的文件都要放网盘里

hj5abc

要是他装antivir的话估计还没问题。。

left 2--貌似不是病毒。

Begin scan in 'G:\999999.rar'
G:\999999.rar
  [0] Archive type: RAR
    --> 999999\0.dll
      [DETECTION] Is the TR/Downloader.Gen Trojan
    --> 999999\122B901E.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\704C3595.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\76B9BA7A.dll
      [DETECTION] Is the TR/Downloader.Gen Trojan
    --> 999999\A0C86020.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\aEUzzDyN4fVnJ.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\BMsg6pdMD4ht.dll
      [DETECTION] Is the TR/Downloader.Gen Trojan
    --> 999999\bp8wddFqfaagBTyD.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\CDuAUVkGy9.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\cRsAQd4hw.dll
      [DETECTION] Is the TR/Spy.Gen Trojan
    --> 999999\dhDhwS7fFW.dll
      [DETECTION] Is the TR/Hijacker.Gen Trojan
    --> 999999\TXP1atform.exe
      [DETECTION] Is the TR/Crypt.NSPM.Gen Trojan
    [WARNING]   The file was ignored!

[ 本帖最后由 hj5abc 于 2009-6-25 21:13 编辑 ]

sam.to

25/6/2009 21:29:45        已偵測: Trojan-GameThief.Win32.Magania.bfux        C:\Documents and Settings\kato9096\桌面\999999\999999\704C3595.dll/PE_Patch.UPX/UPX               
25/6/2009 21:29:46        已偵測: Trojan-GameThief.Win32.Magania.bfsl        C:\Documents and Settings\kato9096\桌面\999999\999999\122B901E.dll/PE_Patch.UPX/UPX               
25/6/2009 21:29:47        已偵測: Trojan-GameThief.Win32.Magania.bfgp        C:\Documents and Settings\kato9096\桌面\999999\999999\0.dll/PE_Patch.UPX/UPX               
25/6/2009 21:30:16        已偵測: Trojan-PSW.Win32.LdPinch.agqu        C:\Documents and Settings\kato9096\桌面\999999\999999\76B9BA7A.dll/PE_Patch.UPX/UPX               
25/6/2009 21:30:16        已偵測: Trojan-GameThief.Win32.Magania.bhza        C:\Documents and Settings\kato9096\桌面\999999\999999\aEUzzDyN4fVnJ.dll               
25/6/2009 21:30:16        已偵測: Trojan-GameThief.Win32.Magania.bfux        C:\Documents and Settings\kato9096\桌面\999999\999999\A0C86020.dll/PE_Patch.UPX/UPX               
25/6/2009 21:30:16        已偵測: Trojan-GameThief.Win32.Magania.bfrz        C:\Documents and Settings\kato9096\桌面\999999\999999\BMsg6pdMD4ht.dll               
25/6/2009 21:30:17        已偵測: Trojan-GameThief.Win32.Magania.biis        C:\Documents and Settings\kato9096\桌面\999999\999999\bp8wddFqfaagBTyD.dll               
25/6/2009 21:30:17        已偵測: Trojan-GameThief.Win32.Magania.bcho        C:\Documents and Settings\kato9096\桌面\999999\999999\CDuAUVkGy9.dll               
25/6/2009 21:30:17        已偵測: Trojan-GameThief.Win32.Magania.bgoi        C:\Documents and Settings\kato9096\桌面\999999\999999\cRsAQd4hw.dll               
25/6/2009 21:30:17        已偵測: Trojan-GameThief.Win32.Magania.bgoa        C:\Documents and Settings\kato9096\桌面\999999\999999\dhDhwS7fFW.dll               
25/6/2009 21:30:19        已偵測: Trojan.Win32.Pakes.nkm        C:\Documents and Settings\kato9096\桌面\999999\999999\TXP1atform.exe               


miss 2 to kl

[ 本帖最后由 sam.to 于 2009-6-25 21:30 编辑 ]

schumi小粉

C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\0.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\122B901E.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\704C3595.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\76B9BA7A.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\A0C86020.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\aEUzzDyN4fVnJ.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\BMsg6pdMD4ht.dll - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\bp8wddFqfaagBTyD.dll - 可能是 Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\CDuAUVkGy9.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\cRsAQd4hw.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\dhDhwS7fFW.dll - Win32/PSW.OnLineGames.NRD 特洛伊木马 的变种 - 通过删除清除 - 已隔离
C:\Documents and Settings\Administrator\桌面\新建文件夹\999999\999999\TXP1atform.exe - Win32/Fujacks.BK 病毒 - 已删除 - 已隔离

eset missed 2

悠柚

rising 2010 12个

BING126

McAfee 报了13个。。

aerbeisi

都是些老货。金山定义为木马群。

kingmuro

已检测：木马程序 Trojan-GameThief.Win32.Magania.bfgp        文件：D:\My Documents\桌面\test\999999\999999\0.dll//PE_Patch.UPX//UPX
已检测：木马程序 Trojan-GameThief.Win32.Magania.bfsl        文件：D:\My Documents\桌面\test\999999\999999\122B901E.dll//PE_Patch.UPX//UPX
已检测：木马程序 Trojan-GameThief.Win32.Magania.bfux        文件：D:\My Documents\桌面\test\999999\999999\704C3595.dll//PE_Patch.UPX//UPX
已检测：木马程序 Trojan-PSW.Win32.LdPinch.agqu        文件：D:\My Documents\桌面\test\999999\999999\76B9BA7A.dll//PE_Patch.UPX//UPX
已检测：木马程序 Trojan-GameThief.Win32.Magania.bfux        文件：D:\My Documents\桌面\test\999999\999999\A0C86020.dll//PE_Patch.UPX//UPX
已检测：木马程序 Trojan-GameThief.Win32.Magania.bhza        文件：D:\My Documents\桌面\test\999999\999999\aEUzzDyN4fVnJ.dll
已检测：木马程序 Trojan-GameThief.Win32.Magania.bfrz        文件：D:\My Documents\桌面\test\999999\999999\BMsg6pdMD4ht.dll
已检测：木马程序 Trojan-GameThief.Win32.Magania.biis        文件：D:\My Documents\桌面\test\999999\999999\bp8wddFqfaagBTyD.dll
已检测：木马程序 Trojan-GameThief.Win32.Magania.bcho        文件：D:\My Documents\桌面\test\999999\999999\CDuAUVkGy9.dll
已检测：木马程序 Trojan-GameThief.Win32.Magania.bgoi        文件：D:\My Documents\桌面\test\999999\999999\cRsAQd4hw.dll
已检测：木马程序 Trojan-GameThief.Win32.Magania.bgoa        文件：D:\My Documents\桌面\test\999999\999999\dhDhwS7fFW.dll
已检测：木马程序 Trojan.Win32.Pakes.nkm        文件：D:\My Documents\桌面\test\999999\999999\TXP1atform.exe

runyon

卡巴斯基把它杀掉了

kingmuro

0.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12116;;
122B901E.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12116;;
704C3595.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12116;;
76B9BA7A.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Gamania.19043;;
A0C86020.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12116;;
aEUzzDyN4fVnJ.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12106;;
BMsg6pdMD4ht.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12116;;
bp8wddFqfaagBTyD.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12116;;
CDuAUVkGy9.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.11784;;
cRsAQd4hw.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12108;;
dhDhwS7fFW.dll;D:\My Documents\桌面\test\999999\999999;Trojan.PWS.Wsgame.12044;;
TXP1atform.exe;D:\My Documents\桌面\test\999999\999999;Win32.HLLP.Whboy.113;;