16个~~~~~~~~~~~~~

显示全部楼层 · 发表于 2007-8-17 20:33:04

onecare至少不会扫描启动项 cookie

显示全部楼层 · 发表于 2007-8-17 20:33:37

反正我对趋势没一点好感

显示全部楼层 · 发表于 2007-8-17 20:34:00

又卡升级又慢
是2008的特色

显示全部楼层 · 发表于 2007-8-17 20:34:39

无语了明天写了评测赶紧卸载

显示全部楼层 · 发表于 2007-8-17 20:39:42

扫了7分多钟了

显示全部楼层 · 发表于 2007-8-17 21:58:41

Start of the scan: 2007年8月17日  21:57

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\virus[1].part1.rar
  [0] Archive type: RAR
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\1temp.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\2svchsot.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\2temp.exe
   [DETECTION] Is the Trojan horse TR/Dropper.Gen
   [INFO]    The file was deleted!
H:\AV-TEST\virus[1].part2.rar
  [0] Archive type: RAR
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\854.exe
   [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\bw.exe
   [DETECTION] Is the Trojan horse TR/Spy.Agent.PN.341
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\max1d1164v.exe
   [DETECTION] Contains signature of the dial-up program DIAL/Generic
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\rs.bat
   [DETECTION] Contains signature of the worm WORM/Gaobot.98
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\rundl132.exe
   [DETECTION] Contains signature of the worm WORM/Viking.NCN
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\rundll01.exe
   [DETECTION] Contains suspicious code HEUR/Malware
   [INFO]    The file was deleted!
H:\AV-TEST\virus[1].part3.rar
  [0] Archive type: RAR
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\serveias.exe
   [DETECTION] Contains suspicious code HEUR/Malware
  --> ¸´¼þ ÐÂ½¨ÎÄ¼þ¼Ð (2)\temp_15.exe
   [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/Agent.amb.84 Backdoor server programs
   [INFO]    The file was deleted!

End of the scan: 2007年8月17日  21:58
Used time: 00:25 min

The scan has been done completely.

   1 Scanning directories
   17 Files were scanned
   11 viruses and/or unwanted programs were found
   2 classified as suspicious:
   3 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   4 Files not concerned
   3 Archives were scanned
   0 Warnings
   0 Notes
   0 Hidden objects were found

显示全部楼层 · 发表于 2007-8-18 08:40:20

----------
[凝逸反毒] (http://hi.baidu.com/503165656)

[凝逸.扫描病毒引擎-日志] 2007.8.18 8:39:9

文件:F:\070815\virus[1]\1\3svchsot.exe | 感染:Trojan.PSW.GamePass [165>20070801_ny0002.axx]3(1.1)
操作:删除文件
文件:F:\070815\virus[1]\1\854.exe | 感染:virus [775>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070815\virus[1]\1\bw.exe | 感染:MULDROP.Trojan [107>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070815\virus[1]\1\rundl132.exe | 感染:Worm.Viking.auw [27>20070729_ny0001.axx]3(2.4)
操作:删除文件

扫描完成|病毒:4 文件:16|耗时:6970
----------

显示全部楼层 · 发表于 2007-8-18 17:10:12

McAfee VirusScan for Win32 v5.20.0
Copyright (c) 1992-2005 Networks Associates Technology Inc. All rights reserved.
(408) 988-3832  LICENSED COPY - Jun  5 2007
Scan engine v5.2.00 for Win32.
Virus data file v5100 created Aug 17 2007
Scanning for 311901 viruses, trojans and variants.
Using c:\Documents and Settings\小飞侠.net\桌面\桌面\McAfee VirusScan\EXTRA.DAT to scan for 0 additional virus(es).

08/18/2007  17:08:25

Options:
"V:\VIRUSDOC20070818\070" /MIME /SUB /UNZIP /ALL /RPTALL /STREAMS /REPORT C:\DOCUME~1\小飞侠.NET\LOCALS~1\TEMP\SCAN.TXT /PROGRAM /ANALYZE /MAILBOX
Scanning V: [V盘]
Scanning V:\VIRUSDOC20070818\070\*.*
V:\VIRUSDOC20070818\070\virus[1].rar ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\RS.BAT ... Found the Bat/Sdbot trojan !!!
V:\VIRUSDOC20070818\070\virus[1].rar\5817.COM ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\5817.COM\5817.COM ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\1TEMP.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\1TEMP.EXE\1TEMP.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\2SVCHSOT.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\2TEMP.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\2TEMP.EXE\00001660.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\2TEMP.EXE\00001660.EXE\00001660.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\3SVCHSOT.EXE ... Found potentially unwanted program Adware-BDSearch.
V:\VIRUSDOC20070818\070\virus[1].rar\854.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\BW.EXE ... Found trojan or variant New Malware.aj !!!
      Please send a copy of the file to McAfee
V:\VIRUSDOC20070818\070\virus[1].rar\MAX1D1164V.EXE ... Found potentially unwanted program Dialer-257.
V:\VIRUSDOC20070818\070\virus[1].rar\RUNDL132.EXE ... Found the W32/HLLP.Philis.ku virus !!!
V:\VIRUSDOC20070818\070\virus[1].rar\RUNDLL01.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\RUNDLL04.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\SERVEIAS.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\SERVEIAS.EXE\SERVEIAS.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\SOFT243.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\TEMP_15.EXE ... is OK.
V:\VIRUSDOC20070818\070\virus[1].rar\TZCHANGE.EXE ... is OK.
Summary report on V:\VIRUSDOC20070818\070\*.*
File(s)
      Total files: ...........    22
      Clean: .................    19
      Possibly Infected: .....    3

Time: 00:00.13

显示全部楼层 · 发表于 2007-8-18 19:24:02

原帖由 微点卫士 于 2007-8-17 20:20 发表
微点；
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\复件新建文件夹 (2)\1TEMP.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\SERVET.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUM ...

是有7个微点没报,其中有:1个BAT文件,1个DOS下文件无法在windos平台运行，其余有5个无驻留内存，程序立即退出.什么都没做.

显示全部楼层 · 发表于 2007-8-18 21:32:51

原帖由 啊弥陀佛 于 2007-8-18 19:24 发表

是有7个微点没报,其中有:1个BAT文件,1个DOS下文件无法在windos平台运行，其余有5个无驻留内存，程序立即退出.什么都没做.

回复下来了，上报时删了几个

[病毒样本] 16个~~~~~~~~~~~~~

回复 #29 tracydk 的帖子

回复 #32 tracydk 的帖子

本帖子中包含更多资源

本帖子中包含更多资源