[FraudPack/Agent]video.cfg(第11次更新)已开新帖!

显示全部楼层 · 发表于 2008-9-18 00:46:22

eset用 a variant of Win32/Kryptik.O trojan全灭

显示全部楼层 · 发表于 2008-9-18 01:10:40

2008/9/18 1:04:55 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(1).cfg
2008/9/18 1:05:09 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(10).cfg
2008/9/18 1:05:22 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(11).cfg
2008/9/18 1:05:36 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(12).cfg
2008/9/18 1:05:49 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(13).cfg
2008/9/18 1:06:03 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(14).cfg
2008/9/18 1:06:16 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(15).cfg
2008/9/18 1:06:29 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(2).cfg
2008/9/18 1:06:43 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(3).cfg
2008/9/18 1:06:57 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(4).cfg
2008/9/18 1:07:10 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(5).cfg
2008/9/18 1:07:24 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(6).cfg
2008/9/18 1:07:38 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(7).cfg
2008/9/18 1:07:51 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(8).cfg
2008/9/18 1:08:05 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video(9).cfg
2008/9/18 1:08:18 已删除: Heur.Trojan.Generic C:\Users\sltgr\Downloads\0917-2355(cfg).rar/0917-2355\video.cfg

显示全部楼层 · 发表于 2008-9-18 20:52:22

剛更新了ENGINE
Starting the file scan:

Begin scan in 'C:\Users\TOSHIBA\Downloads\0918-2042(cfg)'
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(1).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f38.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(10).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd32181.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(11).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f3a.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(12).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd32183.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(13).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f39.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(14).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd32182.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(15).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f2a.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(16).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f3b.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(17).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f2c.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(18).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f3d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(19).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f2e.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(2).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f3f.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(20).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f50.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(21).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f41.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(22).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f52.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(23).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f43.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(24).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f54.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(25).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f45.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(26).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f56.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(27).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f47.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(28).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f58.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(29).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f49.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(3).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f5a.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(30).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f4b.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(31).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f5c.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(32).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f4d.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(33).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f5e.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(34).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f4f.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(35).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f40.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(4).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f51.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(5).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f42.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(6).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f53.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(7).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f44.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(8).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f55.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video(9).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '4bd33f46.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!
C:\Users\TOSHIBA\Downloads\0918-2042(cfg)\0918-2042\video.cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    A backup was created as '49364f57.qua'  ( QUARANTINE )
[NOTE]    The file was deleted!

End of the scan: 2008年9月18日  20:51
Used time: 00:02 Minute(s)

The scan has been done completely.

   2 Scanning directories
   36 Files were scanned
   36 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   36 files were deleted
   0 files were repaired
   36 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   0 Archives were scanned
   0 Warnings
   36 Notes

显示全部楼层 · 发表于 2008-9-18 20:59:26

最近这个又开始了。。。

显示全部楼层 · 发表于 2008-9-18 21:06:26

相信是自动生成

显示全部楼层 · 发表于 2008-9-18 21:12:14

Gen

显示全部楼层 · 发表于 2008-9-19 07:47:18

第11次更新

显示全部楼层 · 发表于 2008-9-19 09:07:22

Starting the file scan:

Begin scan in 'C:\Users\Morgan\Desktop\0919-0741'
C:\Users\Morgan\Desktop\0919-0741\0919-0741\
  video(1).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(10).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(11).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(12).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(13).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(14).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(15).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(16).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(17).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(18).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(19).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(2).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(20).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(21).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(22).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(23).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(24).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(25).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(26).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(27).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(28).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(29).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(3).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(30).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(31).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(32).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(33).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(34).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(35).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(36).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(37).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(38).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(39).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(4).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(40).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(41).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(42).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(43).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(44).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(45).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(46).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(47).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(48).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(49).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(5).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(50).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(6).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(7).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(8).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video(9).cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!
  video.cfg
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE]    The file was deleted!

End of the scan: 2008年9月18日  18:07
Used time: 00:05 Minute(s)

The scan has been done completely.

   2 Scanning directories
   51 Files were scanned
   51 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   51 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   0 Files not concerned
   0 Archives were scanned
   0 Warnings
   51 Notes

显示全部楼层 · 发表于 2008-9-19 14:27:06

服務器上的样本都报了Trojan.Win32.FraudPack.um

显示全部楼层 · 发表于 2008-9-19 20:07:22

第12次更新

[病毒样本] [FraudPack/Agent]video.cfg(第11次更新)已开新帖!

回复 34楼 wangjay1980 的帖子

回复 33楼 Kitman 的帖子