10[MD5: B6DCD7 011D1C 81A00C 90D80D 5D7006 FD92CB F6F78F FAF462 C8E7CD 47C914]

promised

1

微点卫士

微点：
木马名称:Backdoor.Win32.Agent.efp

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\3.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.bmx

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\4.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Agent.bow

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\5.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Agent.hfv

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\6.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
蠕虫名称:Worm.Win32.Agent.djq

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\8.EXE
是蠕虫程序!
已成功阻止其运行,是否要删除此文件?
广告软件名称:AdWare.Win32.Agent.bff

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\9.EXE
是广告软件!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\925.EXE
是否删除木马程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\2.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\HUSJDD8S.EXE
2) C:\WINDOWS.0\SYSTEM32\OSIESD3.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\2.EXE
可疑程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\HUSJDD8S.EXE
2) C:\WINDOWS.0\SYSTEM32\OSIESD3.DLL
3) C:\WINDOWS.0\SYSTEM32\KILLME.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\WINDOWS.0\SYSTEM32\DRIVERS\SAFEMON.SYS
是否删除RootKit程序?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\ABC\2.EXE
1) C:\WINDOWS.0\SYSTEM32\KILLME.BAT
是否删除可疑程序?
程序:
C:\WINDOWS.0\SYSTEM32\DRIVERS\ACPIDISK.SYS
是否删除RootKit程序?
程序:
C:\WINDOWS.0\SYSTEM32\WINLIB .DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\508.EXE
是否删除木马程序?

1.EXE，微点挂咯。上报，应用程序错误

红心王子

漏了三个，运行了扫描不报的
分别运行了2，6，7.exe

主动防御拦截成功，7.exe运行直接删除

微点卫士

用金山清理专家扫描出2个恶意软件一个修改注册表的隐藏软件，估计是在这里中的

siman.yu

下不了，ＡＶＡＳＴ拦截了



[ 本帖最后由 siman.yu 于 2007-8-19 10:50 编辑 ]

woai_jolin

norton pass

欠妳緈諨

你这样测试没意义,只要压缩包有一个病毒,整个压缩包都无法下载 AVAST删除8个

wangjay1980

detected: Trojan program Trojan-Dropper.Win32.Sramler.e        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/1.exe
detected: virus Heur.Trojan.Generic (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/2.exe
detected: Trojan program Backdoor.Win32.Agent.ari        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/3.exe
detected: virus Virus.Win32.AutoRun.gm        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/4.exe
detected: Trojan program Trojan-Spy.Win32.Agent.pn        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/5.exe//PE_Patch
detected: Trojan program Trojan.Win32.Agent.awf        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/6.exe//PE_Patch.UPX//UPX
detected: virus Worm.Win32.Agent.t        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/8.exe//PE_Patch.PECompact//PecBundle//PECompact
detected: adware not-a-virus:AdWare.Win32.Agent.bz        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/9.exe
detected: adware not-a-virus:AdWare.Win32.Cinmus.al        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/7.exe//data0003
detected: adware not-a-virus:AdWare.Win32.Cinmus.al        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/7.exe//data0004
detected: Trojan program Trojan-Dropper.Win32.Sramler.e        File: C:\Documents and Settings\Owner\×ÀÃæ\ABC.zip/0.exe

qqq000@qq.com

----------
              [凝逸反毒] (http://hi.baidu.com/503165656)

       [凝逸.扫描病毒引擎-日志]       2007.8.19 11:38:41

文件:F:\070815\ABC\3.exe | 感染:virus [18>20070816_ny0007.axx]3(4.5)
操作:删除文件
文件:F:\070815\ABC\4.exe | 感染:virus [702>20070816_ny0006.axx]3(11.12)
操作:删除文件
文件:F:\070815\ABC\6.exe | 感染:virus [701>20070816_ny0006.axx]3(1.1)
操作:删除文件
文件:F:\070815\ABC\8.exe | 感染:DLOADER.Trojan [44>20070801_ny0002.axx]3(1.1)
操作:删除文件
文件:F:\070815\ABC\9.exe | 感染:Trojan.MulDrop.7434 [135>20070816_ny0006.axx]3(1.1)
操作:删除文件

扫描完成|病毒:5 文件:10|耗时:3415
----------

残缺的唯美

--> 1.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> 2.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 3.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 4.exe
        [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 5.exe
        [DETECTION] Is the Trojan horse TR/Spy.Agent.PN.345
        [WARNING]   Infected files in archives cannot be repaired!
    --> 6.exe
        [DETECTION] Is the Trojan horse TR/Agent.avl.7
        [WARNING]   Infected files in archives cannot be repaired!
    --> 8.exe
        [DETECTION] Is the Trojan horse TR/Delphi.Downloader.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 9.exe
        [DETECTION] Contains signature of the dropper DR/Agent.BZ.23
        [WARNING]   Infected files in archives cannot be repaired!
    --> 7.exe
        [DETECTION] Contains signature of the Ad- or Spyware ADSPY/Cinmus.AJ
        [WARNING]   Infected files in archives cannot be repaired!
    --> 0.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
        [INFO]      A backup was created as '470abc25.qua'  ( QUARANTINE )
        [INFO]      The file was deleted!