这个是不是病毒啊。。

feimei200797

我是第一次用 微点杀毒软件的。。。是新手。。



文件 1.rar 接收于 2009.11.28 07:50:38 (UTC)

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.43	2009.11.28	-
AhnLab-V3	5.0.0.2	2009.11.28	-
AntiVir	7.9.1.79	2009.11.27	TR/Agent.awqn.2.A
Antiy-AVL	2.0.3.7	2009.11.27	Backdoor/Win32.Agent.gen
Authentium	5.2.0.5	2009.11.27	-
Avast	4.8.1351.0	2009.11.28	Win32:Rootkit-gen
AVG	8.5.0.426	2009.11.27	BackDoor.Agent.AELA
BitDefender	7.2	2009.11.28	Backdoor.Generic.229643
CAT-QuickHeal	10.00	2009.11.28	-
ClamAV	0.94.1	2009.11.27	-
Comodo	3065	2009.11.28	-
DrWeb	5.0.0.12182	2009.11.28	-
eSafe	7.0.17.0	2009.11.26	-
eTrust-Vet	35.1.7146	2009.11.27	-
F-Prot	4.5.1.85	2009.11.27	-
F-Secure	9.0.15370.0	2009.11.24	-
Fortinet	4.0.14.0	2009.11.28	W32/Agent.ANAK!tr.bdr
GData	19	2009.11.28	Backdoor.Generic.229643
Ikarus	T3.1.1.74.0	2009.11.28	Trojan-Dropper.Agent
Jiangmin	11.0.800	2009.11.28	Backdoor/Agent.cqzp
K7AntiVirus	7.10.906	2009.11.27	-
Kaspersky	7.0.0.125	2009.11.28	Backdoor.Win32.Agent.anak
McAfee	5815	2009.11.27	-
McAfee+Artemis	5815	2009.11.27	Artemis!8F2834B10C57
McAfee-GW-Edition	6.8.5	2009.11.27	Trojan.Agent.awqn.2.A
Microsoft	1.5302	2009.11.28	Backdoor:Win32/SixMuch.A
NOD32	4643	2009.11.27	-
Norman	6.03.02	2009.11.27	-
nProtect	2009.1.8.0	2009.11.28	-
Panda	10.0.2.2	2009.11.27	Generic Malware
PCTools	7.0.3.5	2009.11.28	-
Prevx	3.0	2009.11.28	Medium Risk Malware
Rising	22.23.05.04	2009.11.28	Trojan.Win32.Generic.51F2018E
Sophos	4.48.0	2009.11.27	Mal/Generic-A
Sunbelt	3.2.1858.2	2009.11.27	-
Symantec	1.4.4.12	2009.11.28	-
TheHacker	6.5.0.2.080	2009.11.27	-
TrendMicro	9.100.0.1001	2009.11.28	BKDR_AGENT.AWUB
VBA32	3.12.12.0	2009.11.28	Backdoor.Win32.Agent.anak
ViRobot	2009.11.28.2060	2009.11.28	-
VirusBuster	5.0.21.0	2009.11.27	-
附加信息
File size: 62548 bytes
MD5...: ba0446580c9cb174678d7b165160d25b
SHA1..: c41a4be004ce9f99de125875d55b40d9ec38514a
SHA256: 57d449b9863a8c6c2b567f352d60e5d50ba07e096c4886e8a2193fb3e7ecb2d4
ssdeep: 1536:qfO3NDXDpfMbPakmGT/xKIVLB2ukmU07i84d708u+GAI+5WKw3U:UO3NDVE<BR>bmwYA49mm9I+GAI+kKwE<BR>
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: RAR Archive (100.0%)
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=70B3C43A0027EF1340CF02C6A52DD700F791027A' target='_blank'>http://info.prevx.com/aboutprogr ... 52DD700F791027A&;lt;/a>
sigcheck:<BR>publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
packers (Antiy-AVL): Armadillo 1.71

地址：http://www.virustotal.com/zh-cn/analisis/57d449b9863a8c6c2b567f352d60e5d50ba07e096c4886e8a2193fb3e7ecb2d4-1259394638

样本：



[ 本帖最后由 feimei200797 于 2009-11-28 16:00 编辑 ]

songdehao

请上报给微点官方！
病毒上报邮箱：virus@micropoint.com.cn

粉嫩小弟

是的！ 我原来也有那个文件 貌似是个瑞星破解工具

angir

确认MPAV miss次文件
将添加到我下次的微点样本上报中

BING126

McAfee 报了可疑月神。。

中国崛起

费尔报后门

kalynn84

Win32:Rootkit-gen [Rtk]

wliao

微点

1.exe， 企图覆写文件 C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\启动 Internet Explorer 浏览器.lnk

zero7777

Starting the file scan:

Begin scan in 'D:\Downloads\1.rar'
D:\Downloads\1.rar
  [0] Archive type: RAR
    --> 1.exe
      [DETECTION] Is the TR/Agent.awqn.2.A Trojan

Beginning disinfection:
D:\Downloads\1.rar
    [NOTE]      The file was moved to '4b83dc50.qua'!


End of the scan: 2009年11月29日  10:27
Used time: 00:00 Minute(s)

The scan has been done completely.

      0 Scanned directories
      3 Files were scanned
      1 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      1 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      1 Archives were scanned
      0 Warnings
      1 Notes

yjwfdc

冒允ie的恶意程序。主要是修改首页等。