大量伪快播(Qvod.exe,click.exe,duogua.exe),天天更新 (637 楼有新)

显示全部楼层 · 发表于 2010-7-20 12:01:56

232 金山毒霸杀！

显示全部楼层 · 发表于 2010-7-20 12:14:11

419

ESET NOD32 missed 1×.
To ESET.

显示全部楼层 · 发表于 2010-7-20 15:30:21

病毒 2010-07-20 15:30:18 病毒在文件C:\SANDBOX\`DXM\DEFAULTBOX\DRIVE\D\下载\QVOD\QVOD.E2XE中 Win32.TrojDownloader.Agent 处理成功（操作：删除）

显示全部楼层 · 发表于 2010-7-20 15:48:17

卡巴斯基全部启发。。。。。。。。。。。

显示全部楼层 · 发表于 2010-7-20 19:00:11

本帖最后由 sam.to 于 2010.7.20 20:49 编辑

f68156b4b400a40a4b2ace15a6eabe41  click.e2xe
74dcf62f7c7b0bf2ec782a4f8a36ed1b  Qvodplayer.e#xe
6fdb916c102887dd8c8bded833a32637  Qvodplayer.e$xe
6660222a0c65028a5d05f519121a2e6a  Qvodplayer.e%xe
3445180048433a6a7b979a73e2d0448e  Qvodplayer.e@xe
e5354834ca77d214a56173c659d44d41  Qvodplayer.ex$e
a8ba699e71db9eacc980e27f2db2935d  Qvodplayer.ex5e
54c05427ff128bebc2c786e661da0cac  Qvodplayer.exe$
0fc9e068fe80106db7bcec42edce8c52  Qvodplayer.exe(
6081e553935a3c0548ff7de609f06f55  Qvodplayer.exe)
dbfa69612228fed00f48f143d58fbfa3  Qvodplayer.exe2
2b749d61610598712a7b495a37bae8a9  Qvodplayer.ex~e

to kl,ll,mcafee,comodo,avira

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25812686	Qvodplayer.e#xe	88.5 KB	MALWARE
25812687	Qvodplayer.e$xe	88.5 KB	MALWARE
25812688	Qvodplayer.e%xe	88.5 KB	MALWARE
25812689	Qvodplayer.e@xe	88.5 KB	MALWARE
25812690	click.e2xe	87 KB	MALWARE
25812883	PPSPlayer.exe	167.5 KB	MALWARE
25812691	Qvodplayer.ex$e	88.5 KB	MALWARE
25812692	Qvodplayer.ex~e	88.5 KB	MALWARE
25812693	Qvodplayer.ex5e	88.5 KB	MALWARE
25812694	Qvodplayer.exe$	88.5 KB	MALWARE
25812695	Qvodplayer.exe(	88.5 KB	MALWARE
25812696	Qvodplayer.exe)	88.5 KB	MALWARE
25812697	Qvodplayer.exe2	88.5 KB	MALWARE
25812883	PPSPlayer.exe	167.5 KB	MALWARE

Please find a detailed report concerning each individual sample below:

Filename

Result

Qvodplayer.e#xe

MALWARE

The file 'Qvodplayer.e#xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.e$xe

MALWARE

The file 'Qvodplayer.e$xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.e%xe

MALWARE

The file 'Qvodplayer.e%xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.e@xe

MALWARE

The file 'Qvodplayer.e@xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

click.e2xe

MALWARE

The file 'click.e2xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Zbot.D.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Qvodplayer.ex$e

MALWARE

The file 'Qvodplayer.ex$e' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.ex~e

MALWARE

The file 'Qvodplayer.ex~e' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.ex5e

MALWARE

The file 'Qvodplayer.ex5e' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe$

MALWARE

The file 'Qvodplayer.exe$' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe(

MALWARE

The file 'Qvodplayer.exe(' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe)

MALWARE

The file 'Qvodplayer.exe)' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe2

MALWARE

The file 'Qvodplayer.exe2' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

显示全部楼层 · 发表于 2010-7-20 19:01:51

360
扫描结果
----------------------
C:\Documents and Settings\Administrator\桌面\Qvod.e2xe 可疑木马(Trojan.Generic.3567692) 已删除

显示全部楼层 · 发表于 2010-7-20 19:31:10

419，425
11x to filseclab

显示全部楼层 · 发表于 2010-7-20 20:03:49

425 to xandora(panda)

显示全部楼层 · 发表于 2010-7-21 11:50:31

本帖最后由 sam.to 于 2010.7.21 12:06 编辑

3b5253b4977e746e1b4a7e7f9e16ebc7  Qvodplayer.exe1
62247d99ca10bd033a0f34eb62e44c72  Qvodplayer.exe10
ac0c1916220e06ee0e98a8b4ede1e30e  Qvodplayer.exe12
5808a7f81d43ce1c1a27e8275f32e13f  Qvodplayer.exe13
115c2a064cdd618ac0a348b3cf4133ac  Qvodplayer.exe2
14482d954a1130392cd201fc08150ec7  Qvodplayer.exe3
45cee9a27345f56f66685cb8d2fbf918  Qvodplayer.exe5
32812687e183f634757c76ae12cc9bea  Qvodplayer.exe6
ef9909798f29bd162808e04b8323bb15  Qvodplayer.exe7
1a55e7fa3fc1d85d349234b4d1d8e7c8  Qvodplayer.exe8
85eac5d9272e26cf18db706e35b0e453  Qvodplayer.exe9

to kl,ll,mcafee,comodo

您好，

Qvodplayer.exe1,
Qvodplayer.exe10,
Qvodplayer.exe12,
Qvodplayer.exe13,
Qvodplayer.exe2,
Qvodplayer.exe3,
Qvodplayer.exe5,
Qvodplayer.exe6,
Qvodplayer.exe7,
Qvodplayer.exe8,
Qvodplayer.exe9 - Trojan-Downloader.Win32.Agent.ebpy

以上文件包含恶意代码，下次更新后即可查杀。感谢您的上报。

Regards, Alexander Antukh
Virus Analyst

显示全部楼层 · 发表于 2010-7-21 11:51:06

警告
为保证您的安全，将不会访问此网页

在所请求页面的 HTTP 数据中
检测到病毒或恶意程序。
请求的 URL: http://bbs.kafan.cn/forum.php?mo ... zk2ODQyNDZ8NDcxOTU3
信息是 TR/Dldr.Adload.Y 特洛伊木马
由 AntiVir WebGuard 9.0.5.0 生成，AVE 8.2.4.22，VDF 7.10.9.138

[病毒样本] 大量伪快播(Qvod.exe,click.exe,duogua.exe),天天更新 (637 楼有新)

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源