14个

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\morgan\My Documents\919.rar'
C:\Documents and Settings\morgan\My Documents\
  919.rar
    [0] Archive type: RAR
    --> cmdbcs.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> cmdbcs.exe
        [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> gg.exe
        [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.JJ.81
        [WARNING]   Infected files in archives cannot be repaired!
    --> iexpl0re.exe
        [DETECTION] Is the Trojan horse TR/Agent.34708.B
        [WARNING]   Infected files in archives cannot be repaired!
    --> Kavs0.dll
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> LgSy0.dll
        [DETECTION] Is the Trojan horse TR/Dldr.Agent.OL.1
        [WARNING]   Infected files in archives cannot be repaired!
    --> mppds.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> mppds.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> NewInfo.bmp.0DEL.VIR
        [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.20
        [WARNING]   Infected files in archives cannot be repaired!
    --> nwizqjsj.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> qq.exe
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> Servera.exe
        [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
        [WARNING]   Infected files in archives cannot be repaired!
    --> shualai.dll
        [DETECTION] Contains suspicious code HEUR/Malware
        [WARNING]   Infected files in archives cannot be repaired!
    --> system.2dt
        [DETECTION] Is the Trojan horse TR/PSW.Delf.QC.20
        [WARNING]   Infected files in archives cannot be repaired!
        [WARNING]   The file was ignored!


End of the scan: 2007年5月1日  22:55
Used time: 00:10 min

The scan has been done completely.

      0 Scanning directories
     15 Files were scanned
     14 viruses and/or unwanted programs were found
      6 classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     -5 Files not concerned
      1 Archives were scanned
     15 Warnings
      0 Notes
      0 Hidden objects were found

mofunzone

antivir的算法好好笑。。
Files not concerned=viruses and/or unwanted programs were found+classified as suspicious-Files were scanned
写程序的那个人傻X了吧

soul20010

Result: 6 malware found
Trojan-PSW.Win32.OnLineGames.ms (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\919.rar\cmdbcs.dll

Trojan-PSW.Win32.OnLineGames.jj (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\919.rar\gg.exe

Trojan-PSW.Win32.Nilage.bft (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\919.rar\iexpl0re.exe

Trojan-PSW.Win32.OnLineGames.ky (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\919.rar\LgSy0.dll

Trojan-PSW.Win32.Delf.qc (virus)

    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\919.rar\NewInfo.bmp.0DEL.VIR
    * C:\Documents and Settings\ÉÙÁÖ\×ÀÃæ\919.rar\system.2dt

scottxzt

919.rar\gg.exe;D:\Documents and Settings\dell\桌面\919.rar;Trojan.MulDrop.5762;;
919.rar\iexpl0re.exe;D:\Documents and Settings\dell\桌面\919.rar;Trojan.PWS.Gamania;;
919.rar;D:\Documents and Settings\dell\桌面;Archive contains infected objects;;

欠妳緈諨

杀了7个
2007-5-2 14:13:17        new        1892        Sign of "Win32:Onlinegames-NZ [Trj]" has been found in "D:\a－m测试\未解压\919.rar\cmdbcs.dll" file.  
2007-5-2 14:13:27        new        1892        Sign of "Win32:OnLineGames-CN [Trj]" has been found in "D:\a－m测试\未解压\919.rar\gg.exe\[UPX]\[Embedded#4938]" file.  
2007-5-2 14:13:27        new        1892        Sign of "Win32:Lineage-545 [Trj]" has been found in "D:\a－m测试\未解压\919.rar\iexpl0re.exe\[Upack]" file.  
2007-5-2 14:13:27        new        1892        Sign of "Win32:Agent-EWQ [Trj]" has been found in "D:\a－m测试\未解压\919.rar\LgSy0.dll\[UPX]" file.  
2007-5-2 14:13:27        new        1892        Sign of "Win32:OnLineGames-DC [Trj]" has been found in "D:\a－m测试\未解压\919.rar\mppds.exe\[Upack]" file.  
2007-5-2 14:13:28        new        1892        Sign of "Win32:Delf-ECV [Trj]" has been found in "D:\a－m测试\未解压\919.rar\nwizqjsj.exe\[Upack]" file.  
2007-5-2 14:13:29        new        1892        Sign of "Win32:Delf-EJU [Trj]" has been found in "D:\a－m测试\未解压\919.rar\qq.exe\[UPX]" file.

mofunzone

nod这次好一点，及格了
Scan performed at: 2007-5-2 11:52:00
Scanning Log
NOD32 version 2233 (20070501) NT
Command line: C:\Documents and Settings\All Users\Documents\919.rar
Operating memory - is OK

Date: 2.5.2007  Time: 11:52:04
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\All Users\Documents\919.rar
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?cmdbcs.dll - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?cmdbcs.exe - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?iexpl0re.exe - a variant of Win32/PSW.Agent.NDP trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?LgSy0.dll - probably a variant of Win32/PSW.Agent.NDP trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?mppds.exe - a variant of Win32/PSW.Agent.NCC trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?nwizqjsj.exe - probably a variant of Win32/Genetik trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?qq.exe - probably a variant of Win32/PSW.QQPass.VD trojan
C:\Documents and Settings\All Users\Documents\919.rar ?RAR ?shualai.dll - a variant of Win32/Agent.NHN trojan
Number of scanned files: 20
Number of threats found: 8
Number of files cleaned: 1
Time of completion: 11:52:06 Total scanning time: 2 sec (00:00:02)

KAV-Longhorn

卡7启发了3个，蜘蛛惨死(2个）

(PS:刚刚更新蜘蛛后再试了一次，还是两个。。。。）





[ 本帖最后由 KAV-Longhorn 于 2007-5-2 14:55 编辑 ]

Kakura

奇怪了，FS什么时候变这么快了……我刚刚上报的漏掉的8个……
Hello,

Thank you for your e-mail.

The files you sent were found to be malicious. Appropriate detections will be
added in one of the next database updates.

Thanks for the samples and your help.

Have a nice day!

--
F-Secure Security Labs              http://www.f-secure.com/weblog/
F-Secure Corporation                http://www.f-secure.com/
BE SURE.

harrystopet

KV07杀掉11个,还不错!

Nblock

微点杀24“支 ”
对比 过滤 发现符合攻击规则库的 一律拦截处理/

[ 本帖最后由 Nblock 于 2007-5-2 15:33 编辑 ]