发几个很明显的病毒，杀不出来以后就不要用这个杀软扫描了。

hj5abc

NOD32 杀了2个 ..不知道你的NOD32怎么了???

F:\20604.rar ?RAR ?20604.exe<病毒 - Win32/Adware.NewWeb 应用程序> - 是删除目标的一部分
F:\20604.rar ?RAR ?dodolook174.exe ?NSIS ?1043.exe ?NSIS ?acpidisk.sys<病毒 - Win32/Adware.Cinmus 应用程序 变种> - 是删除目标的一部分
真是层层深入啊..

[ 本帖最后由 hj5abc 于 2007-5-24 20:55 编辑 ]

aoyang

[:27:] 费尔扫描一个也没发现，那我该换什么杀软呢，请教楼主

taihuxian

C:\Documents and Settings\Administrator\桌面\20604.rar=>20604.exe        Detected: Adware.NewWeb.DK
C:\Documents and Settings\Administrator\桌面\20604.rar=>20604.exe        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>20604.exe        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>ad_1740.exe=>(NSIS o)=>lzma_solid_nsis0001        Detected: Adware.Boran.EM
C:\Documents and Settings\Administrator\桌面\20604.rar=>ad_1740.exe=>(NSIS o)=>lzma_solid_nsis0001        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>ad_1740.exe=>(NSIS o)=>lzma_solid_nsis0001        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>bind_50417.exe        Infected: Generic.Malware.SWBdld.263EA747
C:\Documents and Settings\Administrator\桌面\20604.rar=>bind_50417.exe        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>bind_50417.exe        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0000        Detected: Adware.Cinmus.GN
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0000        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0000        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0000        Detected: Adware.Cinmus.GN
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0000        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0000        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0002        Detected: Adware.Cinmus.GN
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0002        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0002        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0003        Detected: Adware.Cinmus.GN
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0003        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>dodolook174.exe=>(NSIS o)=>lzma_nsis0002=>(NSIS o)=>lzma_nsis0003        Move failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>3026.exe        Infected: Trojan.Spy.Agent.NDW
C:\Documents and Settings\Administrator\桌面\20604.rar=>3026.exe        Disinfection failed
C:\Documents and Settings\Administrator\桌面\20604.rar=>3026.exe        Move failed

hkt988

deleted: adware not-a-virus:AdWare.Win32.NewWeb.m        File: D:\下载文件夹\20604.rar\20604.exe
deleted: adware not-a-virus:AdWare.Win32.Boran.z        File: D:\下载文件夹\20604.rar\ad_1740.exe/stream/data0001
disinfected: virus Virus.Win32.Downloader.d        File: D:\下载文件夹\20604.rar\bind_50417.exe
deleted: adware not-a-virus:AdWare.Win32.Cinmus.j        File: D:\下载文件夹\20604.rar\dodolook174.exe/data0003/data0003
deleted: adware not-a-virus:AdWare.Win32.Cinmus.j        File: D:\下载文件夹\20604.rar\dodolook174.exe/data0003/data0004
deleted: adware not-a-virus:AdWare.Win32.IEHlpr.e        File: D:\下载文件夹\20604.rar\3026.exe

F-Secure

原帖由 aoyang 于 2007-5-24 21:10 发表
[:27:] 费尔扫描一个也没发现，那我该换什么杀软呢，请教楼主

偶的版本是V7一进去实时监控就报警了，不可能一个都没扫到啊，在下是今天早上升级的。

福田

我的红伞C版只报了一个！

剩下四个AVG报了两个

fireworld

杀了两个 一个广告的貌似他没有杀

Redevil

已检测到: 广告程序 not-a-virus:AdWare.Win32.NewWeb.m        URL: http://bbs.kafan.cn/attachment.php?aid=75133//20604.exe

hzp

让我来看看!

tracydk

Starting the file scan:

Begin scan in 'F:\样本\20604.rar'
F:\样本\20604.rar
  [0] Archive type: RAR
  --> bind_50417.exe
      [DETECTION] Contains code of the Windows virus W32/Downloader.C
      [INFO]      The file was deleted!