过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

显示全部楼层 · 发表于 2010-8-9 13:38:50

本帖最后由 sam.to 于 2011-6-9 15:35 编辑

老帖子:
http://bbs.kafan.cn/forum.php?mod=viewthread&tid=651542

d0b3df2007688ab4d114511bb6eddae2  CodeCharge.Studio.4.3.00.54.Crack.40063.exe6
153cea0d5fa718b71f707718b1b9afda  CodeCharge.Studio.4.3.00.54.Keygen.40063.exe6
37129667f98c9ecdaf88042c44aa6738  Magic.photo.Editor.3.9.Crack.40063.exe6
c38500949802b20a91d40d2935b6c6d2  Magic.photo.Editor.3.9.Keygen.40063.exe6
772a333b2d37b91e55b9d71ed54025a3  PowerArchiver.2010.11.50.Crack.40063.exe6
7d992e4cb1a927b4b91495ddbccf2135  PowerArchiver.2010.11.50.Keygen.40063.exe6
11ad6acab2b082c5a16d842a269a36fe  ThumbsPlus.8.0.3516.Crack.40063.exe6
844760fe2640c694b203ef9b0411ec06  ThumbsPlus.8.0.3516.Keygen.40063.exe6
6b91234622e9b8f26ee65579f0882d39  Towers.in.Space.2.0.1.Crack.40063.exe2
81a831705c2d27f5fb06f13f19243764  Towers.in.Space.2.0.1.Keygen.40063.exe6
b1b2d0f79afe2a7db5a8adb5a1102969  Web.Page.Maker.3.12.Crack.40063.exe6
567cd7ba122c60714c6606fe35fb56ce  Web.Page.Maker.3.12.Keygen.40063.exe6

to kl,ll,mcafee,comodo,avira

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25841550	Towers.in.Space....63.exe2	120 KB	UNDER ANALYSIS
25841551	CodeCharge.Studi...63.exe6	120 KB	UNDER ANALYSIS
25841552	CodeCharge.Studi...63.exe6	120 KB	UNDER ANALYSIS
25841553	Magic.photo.Edit...63.exe6	120 KB	UNDER ANALYSIS
25841554	Magic.photo.Edit...63.exe6	120 KB	UNDER ANALYSIS
25841555	PowerArchiver.20...63.exe6	120 KB	UNDER ANALYSIS
25841556	ThumbsPlus.8.0.3...63.exe6	120 KB	UNDER ANALYSIS
25841557	ThumbsPlus.8.0.3...63.exe6	120 KB	UNDER ANALYSIS
25841558	Towers.in.Space....63.exe6	120 KB	UNDER ANALYSIS
25841559	PowerArchiver.20...63.exe6	120 KB	UNDER ANALYSIS
25841560	Web.Page.Maker.3...63.exe6	120 KB	UNDER ANALYSIS
25841561	Web.Page.Maker.3...63.exe6	120 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

Towers.in.Space....63.exe2

MALWARE

The file 'Towers.in.Space.2.0.1.Crack.40063.exe2' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

CodeCharge.Studi...63.exe6

MALWARE

The file 'CodeCharge.Studio.4.3.00.54.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

CodeCharge.Studi...63.exe6

MALWARE

The file 'CodeCharge.Studio.4.3.00.54.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

Magic.photo.Edit...63.exe6

MALWARE

The file 'Magic.photo.Editor.3.9.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

Magic.photo.Edit...63.exe6

MALWARE

The file 'Magic.photo.Editor.3.9.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

PowerArchiver.20...63.exe6

MALWARE

The file 'PowerArchiver.2010.11.50.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

ThumbsPlus.8.0.3...63.exe6

MALWARE

The file 'ThumbsPlus.8.0.3516.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

ThumbsPlus.8.0.3...63.exe6

MALWARE

The file 'ThumbsPlus.8.0.3516.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

Towers.in.Space....63.exe6

MALWARE

The file 'Towers.in.Space.2.0.1.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

PowerArchiver.20...63.exe6

MALWARE

The file 'PowerArchiver.2010.11.50.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

Web.Page.Maker.3...63.exe6

MALWARE

The file 'Web.Page.Maker.3.12.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

Filename

Result

Web.Page.Maker.3...63.exe6

MALWARE

The file 'Web.Page.Maker.3.12.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Code.TW.2.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.10.122.

显示全部楼层 · 发表于 2010-8-9 13:42:06

sofa support

显示全部楼层 · 发表于 2010-8-9 13:45:49

ESET NOD32 emptied.

CodeCharge.Studio.4.3.00.54.Keygen.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
Magic.photo.Editor.3.9.Crack.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
Magic.photo.Editor.3.9.Keygen.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
PowerArchiver.2010.11.50.Crack.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
PowerArchiver.2010.11.50.Keygen.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
ThumbsPlus.8.0.3516.Crack.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
ThumbsPlus.8.0.3516.Keygen.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
Towers.in.Space.2.0.1.Crack.40063.exe2 - Win32/Kryptik.FWW 特洛伊木马的变种
Towers.in.Space.2.0.1.Keygen.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
Web.Page.Maker.3.12.Crack.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
Web.Page.Maker.3.12.Keygen.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种
CodeCharge.Studio.4.3.00.54.Crack.40063.exe6 - Win32/Kryptik.FWW 特洛伊木马的变种

显示全部楼层 · 发表于 2010-8-9 13:49:57

infected
all to keniu

显示全部楼层 · 发表于 2010-8-9 13:51:14

金山卫士12个云中。

显示全部楼层 · 发表于 2010-8-9 13:53:08

毒霸云12个

显示全部楼层 · 发表于 2010-8-9 14:14:17

f-secure清空.

Trojan.Generic.KD.25551 (virus)
  G:\765735\Magic.photo.Editor.3.9.Crack.40063.exe6
  G:\765735\ThumbsPlus.8.0.3516.Crack.40063.exe6
  G:\765735\ThumbsPlus.8.0.3516.Keygen.40063.exe6
  G:\765735\Towers.in.Space.2.0.1.Crack.40063.exe2
  G:\765735\Towers.in.Space.2.0.1.Keygen.40063.exe6
  G:\765735\Web.Page.Maker.3.12.Crack.40063.exe6
  G:\765735\Web.Page.Maker.3.12.Keygen.40063.exe6
  G:\765735\Magic.photo.Editor.3.9.Keygen.40063.exe6
  G:\765735\CodeCharge.Studio.4.3.00.54.Crack.40063.exe6
  G:\765735\CodeCharge.Studio.4.3.00.54.Keygen.40063.exe6
  G:\765735\PowerArchiver.2010.11.50.Keygen.40063.exe6
  G:\765735\PowerArchiver.2010.11.50.Crack.40063.exe6

显示全部楼层 · 发表于 2010-8-9 14:21:23

panda 启发清空
to xandora(panda)

显示全部楼层 · 发表于 2010-8-10 21:33:52

本帖最后由 sam.to 于 2010.8.11 18:15 编辑

08674334ef2e895dec6abb35189642a8  BooRadio.3.1.0.1.Crack.40063.exe6
a056d2c8b1d13759ef5b54bbe83f70a1  BooRadio.3.1.0.1.Keygen.40063.exe6
db4951647d539788bab65f1d60262d21  ESET.NOD32.Antivirus.4.0.437.Crack.40063.exe6
91a035fabb3f7848b985142b40c53202  ESET.NOD32.Antivirus.4.0.437.Keygen.40063.exe6
8f38543089c15668f8935aa0d8c95fc9  iMacsoft.iPod.to.PC.Transfer.2.4.4.Crack.40063.exe6
8d4cbd506e9a0d185cac2eebf5da89a6  iMacsoft.iPod.to.PC.Transfer.2.4.4.Keygen.40063.exe6
2b280c505e0257821fd59d0a325c47df  Kaspersky.Internet.Security.2011.11.0.0.204.Crack.40063.exe6
9aa1803e50def54f179dcb2490fa66c7  Kaspersky.Internet.Security.2011.11.0.0.204.Keygen.40063.exe6
739d83c900b086e57c84c19560b93a5f  NCH.Express.Burn.Plus.4.26.Crack.40063.exe6
e08e9e8029c950253861662d3ea38a01  NCH.Express.Burn.Plus.4.26.Keygen.40063.exe6
ed9194dc9b5506712cfa38836c01b505  Super.Email.Spider.2.99.Crack.40063.exe6
ab7d9b8fd645906eff15806c4842d6a4  Super.Email.Spider.2.99.Keygen.40063.exe6

to kl,ll,mcafee,comodo,avira

Trojan-Downloader.Win32.CodecPack.mit

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

Best regards, Unuchek Roman

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25843323	BooRadio.3.1.0.1...63.exe6	122 KB	UNDER ANALYSIS
25843324	BooRadio.3.1.0.1...63.exe6	122 KB	UNDER ANALYSIS
25843325	ESET.NOD32.Antiv...63.exe6	122 KB	UNDER ANALYSIS
25843326	ESET.NOD32.Antiv...63.exe6	122 KB	UNDER ANALYSIS
25843327	iMacsoft.iPod.to...63.exe6	122 KB	UNDER ANALYSIS
25843328	iMacsoft.iPod.to...63.exe6	122 KB	UNDER ANALYSIS
25843329	Kaspersky.Intern...63.exe6	122 KB	UNDER ANALYSIS
25843330	Kaspersky.Intern...63.exe6	122 KB	UNDER ANALYSIS
25843331	NCH.Express.Burn...63.exe6	122 KB	UNDER ANALYSIS
25843332	NCH.Express.Burn...63.exe6	122 KB	UNDER ANALYSIS
25843333	Super.Email.Spid...63.exe6	122 KB	UNDER ANALYSIS
25843334	Super.Email.Spid...63.exe6	122 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

BooRadio.3.1.0.1...63.exe6

MALWARE

The file 'BooRadio.3.1.0.1.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

BooRadio.3.1.0.1...63.exe6

MALWARE

The file 'BooRadio.3.1.0.1.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

ESET.NOD32.Antiv...63.exe6

MALWARE

The file 'ESET.NOD32.Antivirus.4.0.437.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

ESET.NOD32.Antiv...63.exe6

MALWARE

The file 'ESET.NOD32.Antivirus.4.0.437.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

iMacsoft.iPod.to...63.exe6

MALWARE

The file 'iMacsoft.iPod.to.PC.Transfer.2.4.4.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

iMacsoft.iPod.to...63.exe6

MALWARE

The file 'iMacsoft.iPod.to.PC.Transfer.2.4.4.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Kaspersky.Intern...63.exe6

MALWARE

The file 'Kaspersky.Internet.Security.2011.11.0.0.204.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Kaspersky.Intern...63.exe6

MALWARE

The file 'Kaspersky.Internet.Security.2011.11.0.0.204.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

NCH.Express.Burn...63.exe6

MALWARE

The file 'NCH.Express.Burn.Plus.4.26.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

NCH.Express.Burn...63.exe6

MALWARE

The file 'NCH.Express.Burn.Plus.4.26.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Super.Email.Spid...63.exe6

MALWARE

The file 'Super.Email.Spider.2.99.Crack.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Super.Email.Spid...63.exe6

MALWARE

The file 'Super.Email.Spider.2.99.Keygen.40063.exe6' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mit.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

显示全部楼层 · 发表于 2010-8-10 21:49:48

9
12x all to eset via e-mail

[病毒样本] 过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

评分