进了毒窟，25个，sorry MD5实在太多，内详

allenhippo

[MD5: C05E61 DCB549 0DB6B7 C7A638 752600 BBEB64 4C81F3 AF5010 F8E2EF 1422C5 19AB19 1A2367 36B18D 38F570 A408EA FA72FA 94545A FF10EF AEF8FB 2BADD3 0FE8CE 75ED0C BDB47F AB273E B01B9D]


还不包括已知的

上班去了

tracydk

Whkroran

10个大多数启发，，全部上报看看。
quarantined: virus Downloader (modification)        File: E:\virus sample\virus.rar/12[2].exe
quarantined: virus Trojan.Generic (modification)        File: E:\virus sample\virus.rar/15[1].exe//NSPack
detected: Trojan program Trojan-Downloader.Win32.Small.czl        File: E:\virus sample\virus.rar/1633[1].exe//UPack//USBINE.SYS//PE-Crypt.XorPE
quarantined: virus Trojan.Generic (modification)        File: E:\virus sample\virus.rar/163a[1].exe//PE_Patch.UPX
quarantined: virus Invader (modification)        File: E:\virus sample\virus.rar/2[2].exe
quarantined: virus Trojan.Generic (modification)        File: E:\virus sample\virus.rar/5[1].exe//PE_Patch//UPack
quarantined: virus Invader (modification)        File: E:\virus sample\virus.rar/6[1].exe
quarantined: virus Invader (modification)        File: E:\virus sample\virus.rar/7[2].exe
quarantined: virus Downloader (modification)        File: E:\virus sample\virus.rar/888[1].exe
quarantined: virus Trojan.Generic (modification)        File: E:\virus sample\virus.rar/9[1].exe//PE_Patch.UPX

157131

看来 symantec 依然很牛啊，我用微点，加上symantec 企业版，和symantec的防火墙。

微点的防火墙用着不放心，呵呵

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\virus(2).rar'
C:\Documents and Settings\Administrator\My Documents\
  virus(2).rar
    [0] Archive type: RAR
    --> 1[1].exe
    --> 11[1].exe
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> 11[2].exe
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> 12[1].exe
    --> 12[2].exe
        [DETECTION] Is the Trojan horse TR/PSW.Steal.31850.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> 14[2].exe
    --> 15[1].exe
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> 1633[1].exe
        [DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 163a[1].exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 2[1].exe
    --> 2[2].exe
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 3[1].exe
    --> 4[2].exe
    --> 5[1].exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 6[1].exe
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 6[2].exe
    --> 7[1].exe
    --> 7[2].exe
        [DETECTION] Is the Trojan horse TR/Spy.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 8[1].exe
    --> 8[2].exe
    --> 888[1].exe
        [DETECTION] Contains signature of the dropper DR/Delphi.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> 9[1].exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGam.QW
        [WARNING]   Infected files in archives cannot be repaired!
    --> 9[2].exe
    --> down[1].exe
        [DETECTION] Contains suspicious code HEUR/Crypted
        [WARNING]   Infected files in archives cannot be repaired!
    --> exe[1].exe
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!


End of the scan: 2007年6月26日  18:41
Used time: 00:09 min

The scan has been done completely.

      0 Scanning directories
     26 Files were scanned
     14 viruses and/or unwanted programs were found
      4 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      8 Files not concerned
      1 Archives were scanned
     15 Warnings
      0 Notes
      0 Hidden objects were found

promised

ANTIVIR不行了？
C:\ABC\virus.rar:<RAR>\1[1].exe : infected Trojan.AVKill.161
C:\ABC\...\11[2].exe : is suspected of Trojan-PSW.Game.80 (paranoid heuristics)
C:\ABC\virus.rar:<RAR>\12[2].exe : infected MalwareScope.Trojan-PSW.Game.7
C:\ABC\virus.rar:<RAR>\163a[1].exe : is suspected of Downloader.Small.160
C:\ABC\virus.rar:<RAR>\2[1].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\2[2].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\3[1].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\4[2].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\5[1].exe : is suspected of Downloader.Small.160
C:\ABC\virus.rar:<RAR>\6[1].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\6[2].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\7[1].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\7[2].exe : infected MalwareScope.Trojan-PSW.Game.3
C:\ABC\virus.rar:<RAR>\888[1].exe : infected MalwareScope.Trojan-PSW.Game.7
C:\ABC\virus.rar:<RAR>\9[1].exe : infected MalwareScope.Trojan-PSW.Game.9
C:\ABC\virus.rar:<RAR>\down[1].exe : infected MalwareScope.Trojan-PSW.Game.14
16个

mofunzone

很久不升级启发了，现在全是升级基因。。
貌似近期只是巩固误报。。
不过还是一片，最后一次升级启发已经是2个月前了。。

[ 本帖最后由 mofunzone 于 2007-6-26 17:52 编辑 ]

promised

C:/ABC/\virus.rar:\1[1].exe - Signature 'Generic.Botget' found
C:/ABC/\virus.rar:\11[1].exe - Suspect code-parts found (Level: 100)
C:/ABC/\virus.rar:\11[2].exe - Signature 'Trojan-Downloader.Win32.Zlob.and' found
C:/ABC/\virus.rar:\12[1].exe - File is maybe corrupt
C:/ABC/\virus.rar:\12[2].exe - Signature 'Trojan-PWS.Win32.Nilage.bga' found
C:/ABC/\virus.rar:\14[2].exe - File is maybe corrupt
C:/ABC/\virus.rar:\15[1].exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\virus.rar:\1633[1].exe - Signature 'Trojan-Dropper.Win32.Agent.afq' found
C:/ABC/\virus.rar:\163a[1].exe - Signature 'Trojan-PWS.Win32.OnLineGames.qw' found
C:/ABC/\virus.rar:\2[1].exe - File is maybe corrupt
C:/ABC/\virus.rar:\2[2].exe - Signature 'Trojan-PWS.RD' found
C:/ABC/\virus.rar:\3[1].exe - File is maybe corrupt
C:/ABC/\virus.rar:\4[2].exe - File is maybe corrupt
C:/ABC/\virus.rar:\5[1].exe - Signature 'Trojan-PWS.Win32.Nilage.bjp' found
C:/ABC/\virus.rar:\6[1].exe
C:/ABC/\virus.rar:\6[2].exe - File is maybe corrupt
C:/ABC/\virus.rar:\7[1].exe - File is maybe corrupt
C:/ABC/\virus.rar:\7[2].exe - Signature 'Trojan-PWS.RD' found
C:/ABC/\virus.rar:\8[1].exe
C:/ABC/\virus.rar:\8[2].exe
C:/ABC/\virus.rar:\888[1].exe - Signature 'Trojan-Spy.Win32.Delf.PG' found
C:/ABC/\virus.rar:\9[1].exe - Signature 'Trojan-PWS.Win32.OnLineGames.uf' found
C:/ABC/\virus.rar:\9[2].exe - File is maybe corrupt
C:/ABC/\virus.rar:\down[1].exe - Signature 'Backdoor.Win32.Agent.ahj' found
C:/ABC/\virus.rar:\exe[1].exe - Suspect code-parts found (Level: 80)
C:/ABC/\virus.rar

[ 本帖最后由 promised 于 2007-6-27 11:49 编辑 ]

javeil

BD13个
NIS8个。。。。

dericyeoh

晕.KIS7 123的一个了没发现.开高启发了