13个一包

promised

promised

C:\ABC\新建文件夹\新建文件夹\2.exe
C:\ABC\新建文件夹\新建文件夹\2007.exe - Signature 'Trojan-Downloader.Win32.Agent.aqr' found
C:\ABC\新建文件夹\新建文件夹\bind_8303.exe - Signature 'Trojan-Downloader.4535' found
C:\ABC\新建文件夹\新建文件夹\corder.exe - Signature 'Trojan.Win32.VB.ats' found
C:\ABC\新建文件夹\新建文件夹\daohang.exe - Signature 'Trojan-Downloader.4535' found
C:\ABC\新建文件夹\新建文件夹\Setup_xxx.exe - Signature 'AdWare.MetaDirect.B' found
C:\ABC\新建文件夹\新建文件夹\wg_12.exe - Signature 'Trojan-Downloader.4535' found
C:\ABC\新建文件夹\新建文件夹\ylzs.exe - Signature 'BehavesLikeWin32.ExplorerHijack' found
C:\ABC\新建文件夹\新建文件夹\小白鸽.exe
C:\ABC\新建文件夹\新建文件夹\helper\dtservice.dll - Signature 'AdWare.Win32.AdMedia.c' found
C:\ABC\新建文件夹\新建文件夹\helper\microapmddt.dll - Signature 'not-a-virus:AdWare.Win32.AdMedia.a' found
C:\ABC\新建文件夹\新建文件夹\helper\ext\DTDL.dll - Signature 'Trojan-Downloader.Win32.Agent.AEE' found
C:\ABC\新建文件夹\新建文件夹\helper\ext\DTSM.dll - Signature 'not-a-virus:AdWare.Win32.AdMedia.b' found

        13 Files scanned
          (0 Archives with 0 files)
        11 Signatures found
        0 Suspect code-parts found
        Used time: 0:01.031

mofunzone

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\新建文件夹'
C:\Documents and Settings\Administrator\My Documents\新建文件夹\
  2.exe
  2007.exe
      [DETECTION] Is the Trojan horse TR/PSW.QQPass.WA.5
      [INFO]      The file was deleted!
  bind_8303.exe
      [DETECTION] Contains signature of the dropper DR/Dldr.NSIS.Agent.K.16
      [INFO]      The file was deleted!
  corder.exe
      [DETECTION] Is the Trojan horse TR/VB.ats
      [INFO]      The file was deleted!
  daohang.exe
      [DETECTION] Contains signature of the dropper DR/AdHelper.O.1
      [INFO]      The file was deleted!
  Setup_xxx.exe
  wg_12.exe
  ylzs.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '47054c12.qua'!
  小白鸽.exe
      [DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\My Documents\新建文件夹\helper\
  dtservice.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Small.FJ.1
      [INFO]      The file was deleted!
  microapmddt.dll
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/AdMedia.A.3
      [INFO]      The file was deleted!
C:\Documents and Settings\Administrator\My Documents\新建文件夹\helper\ext\
  DTDL.dll
      [DETECTION] Is the Trojan horse TR/Dldr.Agent.aee.1
      [INFO]      The file was deleted!
  DTSM.dll
      [DETECTION] Contains signature of the Ad- or Spyware ADSPY/AdMedia.B.1
      [INFO]      The file was deleted!


End of the scan: 2007年7月4日  00:26
Used time: 00:08 min

The scan has been done completely.

      3 Scanning directories
     13 Files were scanned
     10 viruses and/or unwanted programs were found
      1 classified as suspicious:
      9 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes
      0 Hidden objects were found

The EQs

Scan performed at: 2007-7-4 15:29:16
Scanning Log
NOD32 version 2377 (20070704) NT
Command line: C:\Documents and Settings\EQ2\桌面\新建文件夹
Operating memory - is OK

Date: 4.7.2007  Time: 15:29:22
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\新建文件夹\
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\2007.exe - probably a variant of Win32/PSW.QQPass.VD trojan
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\corder.exe - Win32/VB.ATS trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\daohang.exe - NSIS/TrojanDownloader.Agent.S trojan - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\Setup_xxx.exe ?NSIS ?Mmsass~1.dll - probably a variant of Win32/Adware.Boran application - was a part of the deleted object
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\ylzs.exe - probably a variant of Win32/TrojanDownloader.Delf.NJH trojan
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\helper\dtservice.dll - Win32/Adware.AdMedia application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\helper\microapmddt.dll - Win32/Adware.AdMedia application - quarantined - unable to clean - deleted
C:\Documents and Settings\EQ2\桌面\新建文件夹\新建文件夹\helper\ext\DTSM.dll - Win32/Adware.AdMedia application - quarantined - unable to clean - deleted
Number of scanned files: 17
Number of threats found: 8
Number of files cleaned: 8
Time of completion: 15:29:23 Total scanning time: 1 sec (00:00:01)

风雪

费尔5个，第二包没有报。

wangjay1980

11

detected: Trojan program Trojan-Downloader.NSIS.Agent.s        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\daohang.exe//stream//Script
detected: Trojan program Trojan-Downloader.Win32.Delf.bjc        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\2007.exe
detected: Trojan program Trojan-Downloader.NSIS.QQHelper.e        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\wg_12.exe//stream//Script
detected: Trojan program Trojan-Downloader.NSIS.QQHelper.e        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\bind_8303.exe//stream
detected: virus Heur.Invader (modification)        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\ylzs.exe
detected: Trojan program Trojan.Win32.VB.ats        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\corder.exe
detected: adware not-a-virus:AdWare.Win32.Cinmus.b        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\2.exe//regiis.exe//data0002
detected: adware not-a-virus:AdWare.Win32.AdMedia.h        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\helper\dtservice.dll
detected: adware not-a-virus:AdWare.Win32.AdMedia.a        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\helper\microapmddt.dll
detected: Trojan program Trojan-Downloader.Win32.Agent.aee        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\helper\ext\DTDL.dll
detected: adware not-a-virus:AdWare.Win32.AdMedia.b        File: C:\Documents and Settings\Owner\×ÀÃæ\н¨Îļþ¼Ð\helper\ext\DTSM.dll

Hello,

file.exe_ - Virus.Win32.AutoRun.dy,
ylzs.exe_ - Trojan-Downloader.Win32.Banload.ckt

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Setup_xxx.exe_ - not-a-virus:AdWare.Win32.Boran.h

This file is an Advertizing Tool, It's detection will be included in the next
update of extended databases set. See more info about
extended databases here: http://www.kaspersky.com/extraavupdates

Please quote all when answering.

--
Best regards, Roman Gavrilchenko
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 wangjay1980 于 2007-7-4 17:41 编辑 ]

蓝色牛仔裤

6个。。。

[Scan path] C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\2007.exe
C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\2007.exe infected with Trojan.PWS.Qqpass.592

[Scan path] C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\ylzs.exe
>C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\ylzs.exe probably infected with DLOADER.Trojan

[Scan path] C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\microapmddt.dll
C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\microapmddt.dll is an adware program Adware.Apsoft

[Scan path] C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\dtservice.dll
C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\dtservice.dll infected with Trojan.DownLoader.12999

[Scan path] C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\DTDL.dll
C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\DTDL.dll infected with Trojan.DownLoader.7460

[Scan path] C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\DTSM.dll
C:\Documents and Settings\Administrator\桌面\新建文件夹\新建文件夹\DTSM.dll is an adware program Adware.Dongtian

welldl

Dr。Web 6个，第二包也没有报。

gdmdhxq

瑞星4个

奥黛雷赫

小红伞10个。。第2个包没报。。。。