过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

显示全部楼层 · 发表于 2011-4-10 10:54:04

金山速度真快

显示全部楼层 · 发表于 2011-4-11 10:07:32

825L，同一个病毒，大蜘蛛清空：
765735-825\Autodesk.3ds.Max.Design.2012.Crack.40063.exe1 已感染： Trojan.DownLoader2.30691

显示全部楼层 · 发表于 2011-4-13 19:44:58

本帖最后由 sam.to 于 2011-4-13 20:20 编辑

338c9ebd5afeb8300cac445b0b804d1b  DataNumen.Advanced.Office.Repair.1.6.Crack.40063.exe1
4644d496f386c2371e5c2a6eb2495538  DataNumen.Advanced.Office.Repair.1.6.Keygen.40063.exe1
965c25d2fb23d8165fc9f1c013f6d1dd  Internet.Download.Manager.6.01.Crack.40063.exe1
b70216bbafbdb3fdf3d5be3b0e08165d  Internet.Download.Manager.6.01.Keygen.40063.exe1
aee97e299c618da10c2c5879c59288e1  Microsoft.Windows.Small.Business.Server.2011.Crack.40063.exe1
69cdcc80b7031e75ebac81b5e87f2bab  Microsoft.Windows.Small.Business.Server.2011.Keygen.40063.exe1
6422f5c96e839309c47482e2692d92ef  Serif.PagePlus.X5.15.0.0.17.Crack.40063.exe1
01f02bc6c1247479691f93b7eb3718e1  Serif.PagePlus.X5.15.0.0.17.Keygen.40063.exe1
479f67fd607b27dbb45fff57f2ad78d1  Windows.7.ATI.Edition.2011.Crack.40063.exe1
bdda0abeda5e2fd777b6573320f7221a  Windows.7.ATI.Edition.2011.Keygen.40063.exe1

to kl,ll,mcafee,comodo,avira,clamwin,dr.web

C54305EDA501336EE9610CAF32DE015C

We received the following archive files:

File ID	Filename	Size (Byte)	Result
26101800	765735-833.rar	57.45 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
26101801	DataNumen.Advanc...63.exe1	78.5 KB	UNDER ANALYSIS
26101802	DataNumen.Advanc...63.exe1	78.5 KB	UNDER ANALYSIS
26101803	Internet.Downloa...63.exe1	78.5 KB	UNDER ANALYSIS
26101804	Internet.Downloa...63.exe1	78.5 KB	UNDER ANALYSIS
26101805	Microsoft.Window...63.exe1	78.5 KB	UNDER ANALYSIS
26101806	Microsoft.Window...63.exe1	78.5 KB	UNDER ANALYSIS
26101807	Serif.PagePlus.X...63.exe1	78.5 KB	UNDER ANALYSIS
26101808	Serif.PagePlus.X...63.exe1	78.5 KB	UNDER ANALYSIS
26101809	Windows.7.ATI.Ed...63.exe1	78.5 KB	UNDER ANALYSIS
26101810	Windows.7.ATI.Ed...63.exe1	78.5 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

DataNumen.Advanc...63.exe1

DAMAGED FILE (MALWARE)

The file 'DataNumen.Advanced.Office.Repair.1.6.Crack.40063.exe1' has been determined to be 'DAMAGED FILE (MALWARE)'.In particular this means that this file is damaged and not working properly. Nevertheless we were able to determine that it contains malicious code fragments.Our analysts named the threat TR/FakeAV.awq.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

DataNumen.Advanc...63.exe1

DAMAGED FILE (MALWARE)

The file 'DataNumen.Advanced.Office.Repair.1.6.Keygen.40063.exe1' has been determined to be 'DAMAGED FILE (MALWARE)'.In particular this means that this file is damaged and not working properly. Nevertheless we were able to determine that it contains malicious code fragments.Our analysts named the threat TR/FakeAV.aqq.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

Internet.Downloa...63.exe1

MALWARE

The file 'Internet.Download.Manager.6.01.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.aew.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Internet.Downloa...63.exe1

MALWARE

The file 'Internet.Download.Manager.6.01.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.aex.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Microsoft.Window...63.exe1

MALWARE

The file 'Microsoft.Windows.Small.Business.Server.2011.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.gdw.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Microsoft.Window...63.exe1

MALWARE

The file 'Microsoft.Windows.Small.Business.Server.2011.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.aqy.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Serif.PagePlus.X...63.exe1

MALWARE

The file 'Serif.PagePlus.X5.15.0.0.17.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.aey.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Serif.PagePlus.X...63.exe1

MALWARE

The file 'Serif.PagePlus.X5.15.0.0.17.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.aez.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Windows.7.ATI.Ed...63.exe1

MALWARE

The file 'Windows.7.ATI.Edition.2011.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.bvx.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Windows.7.ATI.Ed...63.exe1

MALWARE

The file 'Windows.7.ATI.Edition.2011.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FakeAV.bqo.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

显示全部楼层 · 发表于 2011-4-13 19:55:42

833L
to eset
http://samples.nod32.com.sg/inde ... 845cfabdc63ba02d1b4

显示全部楼层 · 发表于 2011-4-13 20:29:30

833L
360 SD QVM19 清空

显示全部楼层 · 发表于 2011-4-13 21:19:25

833L，过了大蜘蛛，已上报！

显示全部楼层 · 发表于 2011-4-13 21:26:35

833 to mse

显示全部楼层 · 发表于 2011-4-16 12:13:42

本帖最后由 sam.to 于 2011-4-19 18:13 编辑

8605abb263c63b267030ae6b70d3709d  Autodesk.AutoCAD.2011.Update.1.1.Crack.40063.exe1
70f3fe0fe489c0ecd8b8c56f5d6ef30b  Autodesk.AutoCAD.2011.Update.1.1.Keygen.40063.exe1
51c4ed73c4464b4513d19c90b44a4942  DivX.Plus.Pro.8.0.Crack.40063.exe1
60e340d869bf382e6543bd9bf51a75da  DivX.Plus.Pro.8.0.Keygen.40063.exe1
8f3a9a533348eb5a73379282f68331ea  Parallels.Desktop.6.0.11994.Crack.40063.exe1
9ebbc92acb0de8047c1876deda571c22  Parallels.Desktop.6.0.11994.Keygen.40063.exe1
ae3c1eafc3fd7687dab451e02879c407  Sonivox.Fender.Telecaster.VSTi.RTAS.PC.2.0.Crack.40063.exe1
df8048617b78652263236525d3c53ca0  Sonivox.Fender.Telecaster.VSTi.RTAS.PC.2.0.Keygen.40063.exe1
9a6d72b4ddaaa0901256a34c64a2a383  Trillian.5.Pro.5.0.0.29.Crack.40063.exe1
f9e0a3f97c29fa23bbe4f61919b8167e  Trillian.5.Pro.5.0.0.29.Keygen.40063.exe1
1f6750bbd63818807f86077b2b3f4d15  Ubuntu.BPK.2011.Crack.52106.exe1
03f5dccabdc1c7922bb75fde02909e0c  Ubuntu.BPK.2011.Keygen.52106.exe1

to kl,ll,mcafee,comodo,clamwin,avira

7824CDB792F16CD22BAC2EC3C3A32CE9

We received the following archive files:

File ID	Filename	Size (Byte)	Result
26104830	765735-838.rar	57.43 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
26104831	Autodesk.AutoCAD...63.exe1	78.5 KB	UNDER ANALYSIS
26104832	Autodesk.AutoCAD...63.exe1	78.5 KB	UNDER ANALYSIS
26104833	DivX.Plus.Pro.8....63.exe1	78.5 KB	UNDER ANALYSIS
26104834	DivX.Plus.Pro.8....63.exe1	78.5 KB	UNDER ANALYSIS
26104835	Parallels.Deskto...63.exe1	78.5 KB	UNDER ANALYSIS
26104836	Parallels.Deskto...63.exe1	78.5 KB	UNDER ANALYSIS
26104837	Sonivox.Fender.T...63.exe1	78.5 KB	UNDER ANALYSIS
26104838	Sonivox.Fender.T...63.exe1	78.5 KB	UNDER ANALYSIS
26104839	Trillian.5.Pro.5...63.exe1	78.5 KB	UNDER ANALYSIS
26104840	Trillian.5.Pro.5...63.exe1	78.5 KB	UNDER ANALYSIS
26104841	Ubuntu.BPK.2011....06.exe1	78.5 KB	UNDER ANALYSIS
26104842	Ubuntu.BPK.2011....06.exe1	78.5 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

Autodesk.AutoCAD...63.exe1

MALWARE

The file 'Autodesk.AutoCAD.2011.Update.1.1.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Autodesk.AutoCAD...63.exe1

MALWARE

The file 'Autodesk.AutoCAD.2011.Update.1.1.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

DivX.Plus.Pro.8....63.exe1

MALWARE

The file 'DivX.Plus.Pro.8.0.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

DivX.Plus.Pro.8....63.exe1

MALWARE

The file 'DivX.Plus.Pro.8.0.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Parallels.Deskto...63.exe1

MALWARE

The file 'Parallels.Desktop.6.0.11994.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Parallels.Deskto...63.exe1

MALWARE

The file 'Parallels.Desktop.6.0.11994.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Sonivox.Fender.T...63.exe1

MALWARE

The file 'Sonivox.Fender.Telecaster.VSTi.RTAS.PC.2.0.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Sonivox.Fender.T...63.exe1

MALWARE

The file 'Sonivox.Fender.Telecaster.VSTi.RTAS.PC.2.0.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Trillian.5.Pro.5...63.exe1

MALWARE

The file 'Trillian.5.Pro.5.0.0.29.Crack.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Trillian.5.Pro.5...63.exe1

MALWARE

The file 'Trillian.5.Pro.5.0.0.29.Keygen.40063.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Ubuntu.BPK.2011....06.exe1

MALWARE

The file 'Ubuntu.BPK.2011.Crack.52106.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Filename

Result

Ubuntu.BPK.2011....06.exe1

MALWARE

The file 'Ubuntu.BPK.2011.Keygen.52106.exe1' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Renos.PG.60.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.06.144.

Trojan.Win32.Agent.htxv

显示全部楼层 · 发表于 2011-4-16 12:30:05

838L
360 SD 清空

显示全部楼层 · 发表于 2011-4-16 12:32:01

838L
毒霸 KILL all
瑞星启发 ALL,帮他们再上报一次

[病毒样本] 过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

本帖子中包含更多资源

本帖子中包含更多资源

评分

本帖子中包含更多资源

浏览过的版块