來食饭

sam.to

6ff5ccb2082986b2c54a3dfea622b934  file.exe01
2cbda39bcc16beccdaf7095599203328  file.exe02
af774ec5d215ce0d386c34e4e61a85a3  file.exe03
5c476234a7ac9e5ac9705dae98adb068  file.exe04
ade5dd4974ba1d35568c2e9c3343577c  file.exe05
4fb43a93dd1b5a6c6b0643f010b87f6d  file.exe06
9a723567efe81c20b3a87694519ba8b1  file.exe07
8be037bfa3610414823d308e1b9ac8a7  file.exe08
e1128ff1177f6c48aa0457804babfa2e  file.exe09
ff5204d499e29e32bab4f3ce5b278aa9  file.exe10
bad6e31362d51e3be7cacbbd7eaff773  file.exe11
225c7611445a943a27bdc9a3d8d45805  file.exe12
6dd5d0d4aad30cf043c32fe5e001044e  file.exe13
8679b3c5d015ed4a79e1b5cf9a872cfb  file.exe14
1230ffaaa8edd53e4e2907d70e68c27e  file.exe15
191fc110ac26a71a470eceee746d2c13  file.exe16
79613b331def7f4417ea77808a0cfd5d  file.exe17
1638daad422aa09dd59aa4a054cf0285  file.exe18
0a00db4e689d2e2a1d1fe27d51f7c412  file.exe19
11f36ab1be33bbba6d37c30d2c3aa96d  file.exe20
617312f91cbb1699cedee746e0ec4f78  file.exe21
aea07a79adf4ee07c9b59ac15e17f55a  file.exe22
22d51ff15afd0b73cc3f1fd90948f4f4  file.exe23
0f5539d279a70c4f3b6f7a7fb6ad6ca2  file.exe24
to kl,comodo,lavasoft
https://www.virustotal.com/anali ... d8f84af8-1245655362


ello,

file.exe01, file.exe02, file.exe03, file.exe04, file.exe05,
file.exe06, file.exe07, file.exe08, file.exe09, file.exe10,
file.exe11, file.exe12, file.exe13, file.exe14, file.exe15,
file.exe16, file.exe17, file.exe18, file.exe19, file.exe20,
file.exe21, file.exe22, file.exe23, file.exe24 - Packed.Win32.Tdss.m

New malicious software was found in these files. Detection will be
included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

[ 本帖最后由 sam.to 于 2009-6-22 15:57 编辑 ]

luxiao200888

avira kill all

[ 本帖最后由 luxiao200888 于 2009-6-22 15:22 编辑 ]

Sebastian

Avira
Starting the file scan:

Begin scan in 'D:\kafan\024'
D:\kafan\024\file.exe01
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe02
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe03
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe04
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe05
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe06
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe07
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe08
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe09
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe10
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe11
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe12
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe13
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe14
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe15
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe16
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe17
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe18
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe19
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe20
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe21
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe22
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe23
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!
D:\kafan\024\file.exe24
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was deleted!


End of the scan: 2009年6月22日  15:25
Used time: 00:02 Minute(s)

The scan has been done completely.

      1 Scanned directories
     24 Files were scanned
     24 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
     24 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      0 Files not concerned
      0 Archives were scanned
      0 Warnings
     24 Notes

schumi小粉

C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe01 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe02 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe03 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe04 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe05 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe06 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe07 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe08 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe09 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe10 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe11 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe12 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe13 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe14 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe15 - Win32/Kryptik.UW 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\新建文件夹\024.rar > RAR > 024\file.exe16 - Win32/Kryptik.UW 特洛伊木马 的变种

schumi小粉

2009-06-22 15:55:51        文件保护(创建文件)     操作:阻止
进程路径:C:\Documents and Settings\Administrator\桌面\新建文件夹\024\024\file.exe
文件路径:C:\Sandbox\Administrator\DefaultBox\user\current\桌面\新建文件夹\024\024\file.exe

328397663

原帖由 sam.to 于 2009-6-22 15:21 发表
6ff5ccb2082986b2c54a3dfea622b934  file.exe01
2cbda39bcc16beccdaf7095599203328  file.exe02
af774ec5d215ce0d386c34e4e61a85a3  file.exe03
5c476234a7ac9e5ac9705dae98adb068  file.exe04
ade5dd4974ba1d35 ...

建议你去跟卡巴工程师探讨下 要不要更换病毒定义方式。。最近过卡巴的样本太多了。

328397663

红伞跟NOD32都是靠启发出名的？

luxiao200888

放心官方基本不听的

328397663

原帖由 luxiao200888 于 2009-6-22 15:55 发表
放心官方基本不听的

亏他还是国际知名的企业！连客户的建议都不听。

luxiao200888

上次我建议过同类型整合通用...人家就是一条道走..