大量伪快播(Qvod.exe,click.exe,duogua.exe),天天更新 (637 楼有新)

显示全部楼层 · 发表于 2010-8-5 13:56:16

回复 519楼 sam.to 的帖子

ess 清空

显示全部楼层 · 发表于 2010-8-5 14:03:31

本帖最后由 ssama 于 2010.8.5 15:41 编辑

669964-514
669964-519
avast! 清空

显示全部楼层 · 发表于 2010-8-5 15:19:56

红伞拦截，TR/Dldr.Agent.dkdy.2

显示全部楼层 · 发表于 2010-8-5 21:32:46

514，519
费尔清空

显示全部楼层 · 发表于 2010-8-5 23:11:54

519
2x to fs

显示全部楼层 · 发表于 2010-8-6 11:27:00

本帖最后由 sam.to 于 2010.8.11 13:15 编辑

0854f9aeb364214b7ff099332f3ad9ad  Qvodplayer.ex%e
27b8f1a99bfafed03276cc0439c3d499  Qvodplayer.exe5
284d3c242766e3f2784ce61a2879aea4  click.exe0
2db70afd6bf6125c867c962c5b44140e  Qvodplayer.e%xe
3f0ccb87d9e010649ccc2bcba2b1af86  Qvodplayer.ex#e
48c2c418aa4386b278f82379e520019f  Qvodplayer.e~xe
4c30a649a82e1b8a198bccec24666f20  Qvodplayer.exe8
657225afdcb5f216b5bc2d90ef7ff14c  click.exe^
78d3f4ccdd072bc3e08ae0fe77a0ee36  Qvodplayer.e#xe
7fee1999aaa01944f5ddab22bf7e9ca0  Qvodplayer.e$xe
8ac782c39b0df30161873f574fa02d2f  Qvodplayer.!exe
9ad789ea2a274cad1eddc351af7152c0  Qvodplayer.exe4
c4183eedbe1356362d0cb12a993c4ebe  Qvodplayer.e^xe
d524e7b89dcfad4a88ada1282987203e  Qvodplayer.e)xe
fc522149335104f94d26b4f198b07b96  Qvodplayer.exe1

to kl,ll,comodo

Hello,

click.exe0, click.exe^ - Trojan-Downloader.Win32.Agent.efjk,
Qvodplayer.!exe, Qvodplayer.e#xe, Qvodplayer.e$xe, Qvodplayer.e%xe, Qvodplayer.e)xe, Qvodplayer.e.xe, Qvodplayer.ex#e, Qvodplayer.ex%e, Qvodplayer.exe1, Qvodplayer.exe4, Qvodplayer.exe5, Qvodplayer.exe8, Qvodplayer.e^xe - Trojan-Downloader.Win32.Agent.efil

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

-------------------------------------------
Regards, Ivan Kargapoltsev.
Virus analyst , Kaspersky Lab.

显示全部楼层 · 发表于 2010-8-6 11:30:26

526

ESET NOD32 emptied.

显示全部楼层 · 发表于 2010-8-6 11:35:44

#526
13x to drweb

显示全部楼层 · 发表于 2010-8-6 11:49:36

#526
2x to fs

Trojan.Generic.KD.25124 (virus)
  G:\8756524wert\Qvodplayer.e%xe Action: deleted
  G:\8756524wert\Qvodplayer.e#xe Action: deleted
  G:\8756524wert\Qvodplayer.e$xe Action: deleted
  G:\8756524wert\Qvodplayer.!exe Action: deleted
  G:\8756524wert\Qvodplayer.e)xe Action: deleted
  G:\8756524wert\Qvodplayer.ex#e Action: deleted
  G:\8756524wert\Qvodplayer.exe1 Action: deleted
  G:\8756524wert\Qvodplayer.ex%e Action: deleted
  G:\8756524wert\Qvodplayer.exe8 Action: deleted
  G:\8756524wert\Qvodplayer.exe4 Action: deleted
  G:\8756524wert\Qvodplayer.exe5 Action: deleted
  G:\8756524wert\Qvodplayer.e^xe Action: deleted
  G:\8756524wert\Qvodplayer.e~xe Action: deleted

显示全部楼层 · 发表于 2010-8-7 13:49:27

本帖最后由 sam.to 于 2010.8.7 14:25 编辑

a933d2a888cd402afffea3b74888a7d5  click.ex%e
914eb898d85c132dea373d54918bb311  click.exe0
d25f9e61f1acfc0b6cbbadef87aac504  click.exe2
da965d982b703751838aa8a30658844d  duogua.exe1
5d5049f48582025b2cb760ded25e4275  Qvodplayer.e#xe
a5af1ba8f6d703f4f67beb2fdd8d0a7a  Qvodplayer.e0xe
e4dd2868f1809306565cd8824fcffa75  Qvodplayer.e@xe
041d5ce00350bf190db13f0046f158b1  Qvodplayer.ex$e
bc84ba9154c938232cf0a5dd330187a1  Qvodplayer.ex%e
46690f8022d37a8581d1d89600847591  Qvodplayer.exe#
ed35a047fc848916a3f5bed7d9c9a545  Qvodplayer.exe(
c506653aae992507eb575cfdab8074b1  Qvodplayer.exe0
acc45d729d934d9da28fe86a5c67dd52  Qvodplayer.exe1
80cd836959172e564ed6b9d6079322b2  Qvodplayer.exe2
7c7090ba8ddef95e4e08b49162e056a1  Qvodplayer.exe4
446831bdbcd9a4c791b4d6a4af87014f  Qvodplayer.exe7
d06fcfe65c383570baabb3fe571dbffb  Qvodplayer.ex^e

to kl,ll,eset,comodo

http://samples.nod32.com.hk/index.php?a=query〈=2&md5=813d26a2c075ca24604d6cd89599196e

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Best Regards, Kaspersky Lab

[病毒样本] 大量伪快播(Qvod.exe,click.exe,duogua.exe),天天更新 (637 楼有新)