Flash图标(大量) 62楼有新,242个

显示全部楼层 · 发表于 2009-3-13 00:00:25

88fde1214947667fcf12ab44074689ef 1100.exe@
3148f4f8c916070bf791cf014687792c 1181.exe@
424168b5095db706153bf3287977d633 1159.exe@
6d490bfc52d6b7bace973a760661f2eb 1158.exe@
641e1c34ab2d5ac30b66166187aadf6e 1157.exe@
678d7648290346e0200dfebd81f40676 1156.exe@
07b67611ea4399d38c3352add5a24f31 1155.exe@
eb126526f19281f28450f2632d0ed2e2 1154.exe@
ff11e52b2e29c7e51599ec4c8251adee 1153.exe@
e45015baf0ed01dadc5d602e14cf4d82 1152.exe@
983dbf8e17665fe63bdad3123cb9fc38 1151.exe@
05abb0df28b46929728b62e7227f0ae7 1150.exe@
dcfb0a9b03e6556d67b41bd6b8c6f460 1149.exe@
709fa0517e03c9156160a3e20162934c 1148.exe@
bd4c08358dc70fad4b1357a68c70ca19 1147.exe@
582c31c2d8e64ed181d8b4b46ca946fb 1146.exe@
a9bd10d9e0eedd4f0f815a7a37e9af4e 1145.exe@
5534793ad0f284f60f600481aded01fb 1144.exe@
131f1c6be194b5adebf051513ed0ea29 1143.exe@
f212fc0189d16f6d9e9a0662f1a74136 1142.exe@
dfee22f0e895004be705bfd57d640abc 1141.exe@
eebfdcf5ceb71087da0ea95d66af119f 1140.exe@
397b324eb35fd548722d0f6df387186d 1139.exe@
8e826d1bfb6ab0e472366245e0e0f6ec 1138.exe@
fd421380ae4de59ebdf8636376e2c933 1137.exe@
e19db7ec072ed73b3c2e3b8b12bb9a78 1136.exe@
b0ef2ec51a8c6bd034fa4b797faf3e60 1135.exe@
663a0888d256c8d24bcb84067529eee4 1134.exe@
2ab74ab432d9dd4750be2c667f00d610 1133.exe@
5c6a3fd269266a5ab6a4d8b2ba88d016 1132.exe@
0e7c4615ffce6a5ca75f8464eaa0805b 1131.exe@
4a9b2c41bbce47320b65c6f62abe7622 1130.exe@
361b694ffbb0d07df71f874a284519a0 1129.exe@
271ab1ea2ec9a2dd51a935c03486abdd 1128.exe@
a6775e3d0c758aa4f868e67fd132499f 1127.exe@
73fbd1a546ab4c8d0b9e15f25d969dd7 1126.exe@
8f8f5dedf843999f9c22a1cd1c0c60ea 1125.exe@
689e3eed2ef03de31c7249e1f01cb1c0 1124.exe@
ea7d8d9b996f16d777a3e138d002fc7a 1123.exe@
7efbab6dcabe9f41e286abbac67613f3 1122.exe@
b1f5bb2da50ecfafd96ef369ca2d73e0 1121.exe@
24c0bcc1a28c1dd4ef1e59b0e83385bb 1120.exe@
6d308c85768ef28d50ab413e3803e0f5 1119.exe@
625cc558d45c657b78f6430c16ec95d5 1118.exe@
a69a38004362104aae7a1b926f5d726f 1117.exe@
f58d9d2da868fb243d310462432f61e2 1116.exe@
7d201e5273e5e418ce24693f6c086ca7 1115.exe@
fd04112221355eb9df54716f63411670 1114.exe@
4a6b8f14ab62b47f3d5ccf8d626a8677 1113.exe@
a2b065604cb95aed682b55caff9851cf 1112.exe@
03eacaede6ab705d8556763626fad809 1110.exe@
2bbffa82016af7050826eced25e3c5ed 1109.exe@
d5d1276049183a5e1e42dd38c7a5322b 1108.exe@
6cf80068c7d8b797edcca22a0a936d8c 1107.exe@
6f01ae94c6b074970d16e54a208796e0 1106.exe@
d18a78fec25210c7aec4917a212ca303 1105.exe@
b9a913e134a84a55aa140da6a5741eac 1104.exe@
d54ec953348fae5a131069d0f26b3a95 1102.exe@
04a33f2ab5fcd75c733dfce858527f4d 1101.exe@

to kl

Hello,

1100.exe_ - Trojan-Downloader.Win32.Agent.bksa,
1101.exe_ - Trojan-Downloader.Win32.Agent.bksb,
1102.exe_ - Trojan-Downloader.Win32.Agent.bksc,
1104.exe_ - Trojan-Downloader.Win32.Agent.bksd,
1105.exe_ - Trojan-Downloader.Win32.Agent.bkse,
1106.exe_ - Trojan-Downloader.Win32.Agent.bksf,
1107.exe_ - Trojan-Downloader.Win32.Agent.bksg,
1108.exe_ - Trojan-Downloader.Win32.Agent.bksh,
1109.exe_ - Trojan-Downloader.Win32.Agent.bksi,
1110.exe_ - Trojan-Downloader.Win32.Agent.bksj,
1112.exe_ - Trojan-Downloader.Win32.Agent.bksk,
1113.exe_ - Trojan-Downloader.Win32.Agent.bksl,
1114.exe_ - Trojan-Downloader.Win32.Agent.bksm,
1115.exe_ - Trojan-Downloader.Win32.Agent.bksn,
1116.exe_ - Trojan-Downloader.Win32.Agent.bkso,
1117.exe_ - Trojan-Downloader.Win32.Agent.bksp,
1118.exe_ - Trojan-Downloader.Win32.Agent.bksq,
1119.exe_ - Trojan-Downloader.Win32.Agent.bksr,
1120.exe_ - Trojan-Downloader.Win32.Agent.bkss,
1121.exe_ - Trojan-Downloader.Win32.Agent.bkst

These files are already detected. Please update your antivirus bases.

1122.exe_ - Trojan-Downloader.Win32.Agent.bksu,
1123.exe_ - Trojan-Downloader.Win32.Agent.bksv,
1124.exe_ - Trojan-Downloader.Win32.Agent.bksw,
1125.exe_ - Trojan-Downloader.Win32.Agent.bksx,
1126.exe_ - Trojan-Downloader.Win32.Agent.bksy,
1127.exe_ - Trojan-Downloader.Win32.Agent.bksz,
1128.exe_ - Trojan-Downloader.Win32.Agent.bkta,
1129.exe_ - Trojan-Downloader.Win32.Agent.bktb,
1130.exe_ - Trojan-Downloader.Win32.Agent.bktc,
1131.exe_ - Trojan-Downloader.Win32.Agent.bktd,
1132.exe_ - Trojan-Downloader.Win32.Agent.bkte,
1133.exe_ - Trojan-Downloader.Win32.Agent.bktf,
1134.exe_ - Trojan-Downloader.Win32.Agent.bktg,
1135.exe_ - Trojan-Downloader.Win32.Agent.bkth,
1136.exe_ - Trojan-Downloader.Win32.Agent.bkti,
1137.exe_ - Trojan-Downloader.Win32.Agent.bktj,
1138.exe_ - Trojan-Downloader.Win32.Agent.bktk,
1139.exe_ - Trojan-Downloader.Win32.Agent.bktl,
1140.exe_ - Trojan-Downloader.Win32.Agent.bktn,
1141.exe_ - Trojan-Downloader.Win32.Agent.bkto,
1142.exe_ - Trojan.Win32.Inject.pxv,
1143.exe_ - Trojan-Downloader.Win32.Agent.bktp,
1144.exe_ - Trojan-Downloader.Win32.Agent.bktq,
1145.exe_ - Trojan.Win32.Inject.pxw,
1146.exe_ - Trojan-Downloader.Win32.Agent.bktr,
1147.exe_ - Trojan-Downloader.Win32.Agent.bkts,
1148.exe_ - Trojan.Win32.Inject.pxx,
1149.exe_ - Trojan-Downloader.Win32.Agent.bktt,
1150.exe_ - Trojan.Win32.Inject.pxy,
1151.exe_ - Trojan.Win32.Inject.pxz,
1152.exe_ - Trojan.Win32.Inject.pya,
1153.exe_ - Trojan.Win32.Inject.pyb,
1154.exe_ - Trojan.Win32.Inject.pyc,
1155.exe_ - Trojan.Win32.Inject.pyd,
1156.exe_ - Trojan.Win32.Inject.pye,
1157.exe_ - Trojan.Win32.Inject.pyf,
1158.exe_ - Trojan.Win32.Inject.pyg,
1159.exe_ - Trojan.Win32.Inject.pyh,
1181.exe_ - Trojan.Win32.Inject.pyi

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

[ 本帖最后由 sam.to 于 2009-4-15 21:32 编辑 ]

显示全部楼层 · 发表于 2009-3-13 00:03:14

All to VB

显示全部楼层 · 发表于 2009-3-13 00:05:01

您发送的邮件:

> 日期: Fri, 13 Mar 2009 00:04:21 +0800
> 主题: 09031301
> 大小: 4212719 字节
被检测出带有病毒：Trojan.Win32.Pakes.mnm

显示全部楼层 · 发表于 2009-3-13 00:05:29

ik found nothing

显示全部楼层 · 发表于 2009-3-13 00:06:20

加了密码也检测到？

显示全部楼层 · 发表于 2009-3-13 00:13:25

程序：
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\FLASH-VIR\1 (1).EXE
木马程序生成以下文件：
1) C:\WINDOWS\SYSTEM32\VMDETDHC.EXE
是否删除木马程序及其衍生物?
全是这种。。。

显示全部楼层 · 发表于 2009-3-13 00:14:38

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\Flash-Vir'
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1100.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1101.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1102.exe@
[DETECTION] Is the TR/Crypt.Delf.C.38 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1104.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1105.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1106.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1107.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1109.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1110.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1112.exe@
[DETECTION] Is the TR/Crypt.Delf.C.41 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1113.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1114.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1115.exe@
[DETECTION] Is the TR/Crypt.Delf.C.43 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1116.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1117.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1119.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1120.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1121.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1123.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1124.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1126.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1127.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1129.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1130.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1131.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1132.exe@
[DETECTION] Is the TR/Crypt.Delf.C.41 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1133.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1134.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1135.exe@
[DETECTION] Is the TR/Crypt.Delf.C.43 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1136.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1137.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1138.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1139.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1140.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1141.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1142.exe@
[DETECTION] Is the TR/Crypt.Delf.C.41 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1143.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1144.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1145.exe@
[DETECTION] Is the TR/Crypt.Delf.C.43 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1146.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1147.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1148.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1149.exe@
[DETECTION] Is the TR/Crypt.Delf.C.39 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1152.exe@
[DETECTION] Is the TR/Crypt.Delf.C.42 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1158.exe@
[DETECTION] Is the TR/Crypt.Delf.C.38 Trojan
[NOTE]    The file was deleted!
C:\Documents and Settings\Administrator\桌面\Flash-Vir\Flash-Vir\1181.exe@
[DETECTION] Is the TR/Crypt.Delf.C.40 Trojan
[NOTE]    The file was deleted!

End of the scan: 星期五 2009年3月13日  00:14
Used time: 00:22 Minute(s)

The scan has been done completely.

   2 Scanning directories
   59 Files were scanned
   46 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   46 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   13 Files not concerned
   0 Archives were scanned
   0 Warnings
   46 Notes

显示全部楼层 · 发表于 2009-3-13 00:17:15

原帖由 ledled 于 2009-3-13 00:06 发表
加了密码也检测到？

他上报不加密码的

显示全部楼层 · 发表于 2009-3-13 01:23:40

BitDefender 59個通殺
報Trojan.Crypt.Delf.C

显示全部楼层 · 发表于 2009-3-13 09:03:52

过咖啡8.7i

[病毒样本] Flash图标(大量) 62楼有新,242个

本帖子中包含更多资源

回复 3楼 ghj89100062 的帖子