19个

The EQs

根本就不止19个。。。。

uhthn2002

C:\Documents and Settings\uhthn\Desktop\081403.part1\13.exe : infected Trojan-PSW.Win32.OnLineGames.aet
C:\Documents and Settings\uhthn\Desktop\081403.part1\window.exe : infected Trojan-PSW.Win32.Delf.wh
C:\Documents and Settings\uhthn\Desktop\081403.part1\dodolook133.exe : infected Trojan.PWS.Qqpass.1131
C:\Documents and Settings\uhthn\Desktop\081403.part1\2.exe : infected MalwareScope.Trojan-PSW.Game.3
C:\Documents and Settings\uhthn\Desktop\081403.part1\1.exe : infected Trojan.Havedo
C:\Documents and Settings\uhthn\Desktop\081403.part1\3.exe : infected Trojan.Havedo
C:\Documents and Settings\uhthn\Desktop\081403.part1\4.exe : is suspected of Embedded.Trojan-Proxy.Win32.Small.fl
C:\Documents and Settings\uhthn\Desktop\081403.part1\7.exe : infected MalwareScope.Trojan-PSW.Game.3


Directories       : 0       Files in archives:      Files on disks:
Archives:                   - total       : 0       - total       : 19   
- scanned         : 0       -  scanned    : 0       - scanned     : 19   
- contain viruses : 0       -  infected   : 0       - infected    : 7     
- deleted         : 0       -  suspicious : 0       - suspicious  : 1

百地三太夫

好像真不只19个

我扫描两个压缩包，显示数据是42个
不过很明显，有重合的，因为两个压缩包是分解压缩的

所以我解压又扫了一遍，21个病毒

[ 本帖最后由 百地三太夫 于 2007-8-14 20:32 编辑 ]

镭风

费尔18个

小邪邪

AVK全杀

微点卫士

微点：
木马名称:Trojan-PSW.Win32.OnLineGames.ige

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\9.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dal

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\11.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Genetik.bkt

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\13.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Spy.Win32.Delf.dak

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\14.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan.Win32.Agent.hcu

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\WINDOW.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-Downloader.Win32.QQHelper.fmp

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\DODOLOOK133.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.ifo

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\2.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
木马名称:Trojan-PSW.Win32.OnLineGames.igy

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\7.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\1.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\WINDHCP.OCX
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\WINDOWS.0\SYSTEM32\WINDHCP.OCX
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\3.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\WINDDS32.DLL
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\WINDOWS.0\SYSTEM32\WINDDS32.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\4.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\WMIAPISRV.DLL
是否删除木马程序及其衍生物?
木马名称:未知间谍软件

程序:
C:\WINDOWS.0\SYSTEM32\WMIAPISRV.DLL
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\6.EXE
1) C:\DFD5256609.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\6.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\8.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\FONTS\RAVWDMON.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\10.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\MSDEBUG.DLL
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\12.EXE
1) C:\DFD5295375.BAT
是可疑程序!
试图删除文件!
是否阻止该进程继续运行?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\12.EXE
是否删除木马程序及其衍生物?
木马名称:Trojan-Downloader.Win32.LoadAdv.ac

程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\LOADADV579.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\1228.EXE
木马程序生成以下文件:
1) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WR-1-20.EXE
2) C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\1228.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\WMP11.EXE
木马程序生成以下文件:
1) C:\WINDOWS\EKSPLORER.EXE
2) C:\WINDOWS\SYSTEM32\EDIT.EXE
3) C:\WINDOWS\UPDATEUTIL.EXE
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\X.EXE
木马程序生成以下文件:
1) C:\WINDOWS.0\SYSTEM32\DRIVERS\KIS.SYS
是否删除木马程序及其衍生物?
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\081403[1]\12.EXE
是否删除木马程序及其衍生物?


bpbp.exe在要求联网后，没什么动作，后几次运行启动即退出，上报下

碧水寒潭

Start of the scan: 2007年8月14日  22:03

Starting the file scan:

Begin scan in 'H:\AV-TEST'
H:\AV-TEST\081403[1].part2.rar
  [0] Archive type: RAR
  --> 2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
  --> 1.exe
      [DETECTION] Is the Trojan horse TR/Agent.22016.B
  --> 3.exe
      [DETECTION] Is the Trojan horse TR/Agent.22016.B
  --> 4.exe
      [DETECTION] Is the Trojan horse TR/Agent.22016.B
  --> 6.exe
      [DETECTION] Is the Trojan horse TR/Agent.11466
  --> 7.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGame.YF
  --> 8.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnlineGa.aet
      [INFO]      The file was deleted!
H:\AV-TEST\081403.part1.rar
  [0] Archive type: RAR
  --> 9.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UO.65
  --> 10.exe
      [DETECTION] Is the Trojan horse TR/Agent.22016.B
  --> 11.exe
      [DETECTION] Is the Trojan horse TR/ShellHook.H
  --> 12.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.UO.67
  --> 13.exe
      [DETECTION] Is the Trojan horse TR/PSW.Agent.rwa
  --> 14.exe
      [DETECTION] Is the Trojan horse TR/Spy.Delf.UV.49
  --> wmp11.exe
      [DETECTION] Contains suspicious code HEUR/Crypted
  --> window.exe
      [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
  --> bpbp.exe
      [DETECTION] Contains signature of the dropper DR/Dldr.Delf.bmx.4
  --> x.exe
      [DETECTION] Is the Trojan horse TR/Agent.14848.36
  --> 1228.exe
      [DETECTION] Contains signature of the dropper DR/Dldr.LoadAdv.69760
      [INFO]      The file was deleted!


End of the scan: 2007年8月14日  22:03
Used time: 00:19 min

The scan has been done completely.

      1 Scanning directories
     20 Files were scanned
     18 viruses and/or unwanted programs were found
      1 classified as suspicious:
      2 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      1 Files not concerned
      2 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found

yurius

11

C:\virus\081403[1]\11.exe - infected with Trojan.PWS.Wsgame.1093
C:\virus\081403[1]\13.exe - infected with Trojan.PWS.Wsgame
C:\virus\081403[1]\14.exe - infected with Trojan.PWS.Wsgame.1093
C:\virus\081403[1]\wmp11.exe - probably infected with WIN.WORM.Virus
C:\virus\081403[1]\window.exe - infected with Win32.HLLW.Autoruner.249
C:\virus\081403[1]\dodolook133.exe - infected with Trojan.PWS.Qqpass.1192
C:\virus\081403[1]\2.exe - infected with Trojan.MulDrop.8254
C:\virus\081403[1]\1.exe - infected with Trojan.Havedo
C:\virus\081403[1]\3.exe - infected with Trojan.Havedo
C:\virus\081403[1]\7.exe - infected with Trojan.PWS.Gamania.3287
C:\virus\081403[1]\8.exe - infected with Trojan.PWS.Wsgame.1090