过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

显示全部楼层 · 发表于 2011-5-15 21:21:20

本帖最后由 sam.to 于 2011-5-16 01:39 编辑

8139393d92b5fc4523172c03274102da  Ableton.Suite.version.8.2.2.Crack.52106.exe,
f8e9f78234dd49b659306a89c76a1cfc  Ableton.Suite.version.8.2.2.Keygen.52106.exe,
e016703559736ab4559cb13bc729bbae  Adobe.Illustrator.CS5.15.0.2.Crack.52106.exe,
c3c5bd4d208f6c623ca4fbd7232e5697  Adobe.Illustrator.CS5.15.0.2.Keygen.52106.exe,
6be0218d0bad221335c6d8a3b5a0d1df  Edius.6.01.Crack.52106.exe,
513d785224ce41ab49477997487d9452  Edius.6.01.Keygen.52106.exe,
c6b0e9208ce7118cd173e30daac618f1  Flow.Architect.Studio.3D.1.4.2.Crack.52106.exe,
1b7a28a208b3d8584e0bf529331496f5  Flow.Architect.Studio.3D.1.4.2.Keygen.52106.exe,
6cb9f0cdf1c4a25d3ca6bd7599ecb2f9  Microsoft.Office.2010.14.0.4763.1000.Crack.52106.exe,
e9b3022b2ae328eba8cfbc9b38975256  Microsoft.Office.2010.14.0.4763.1000.Keygen.52106.exe,
a143c8ee4b9939cc7e6b570af78a4d6f  Micsoft.Office.2010.Crack.52106.exe,
454114387ae5e9eb71f2fcb0a31816f6  Micsoft.Office.2010.Keygen.52106.exe,

3AC0A8C724604D5056E775CE8B96206E

to ll,mcafee,avira,comodo

We received the following archive files:

File ID	Filename	Size (Byte)	Result
26135894	765735-931.rar	71.37 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
26135895	Ableton.Suite.ve...06.exe,	95 KB	UNDER ANALYSIS
26135896	Ableton.Suite.ve...06.exe,	95 KB	UNDER ANALYSIS
26135897	Adobe.Illustrato...06.exe,	95 KB	UNDER ANALYSIS
26135898	Adobe.Illustrato...06.exe,	95 KB	UNDER ANALYSIS
26135899	Edius.6.01.Crack...06.exe,	95 KB	UNDER ANALYSIS
26135900	Edius.6.01.Keyge...06.exe,	95 KB	UNDER ANALYSIS
26135901	Flow.Architect.S...06.exe,	95 KB	UNDER ANALYSIS
26135902	Flow.Architect.S...06.exe,	95 KB	UNDER ANALYSIS
26135903	Microsoft.Office...06.exe,	95 KB	UNDER ANALYSIS
26135904	Microsoft.Office...06.exe,	95 KB	UNDER ANALYSIS
26135905	Micsoft.Office.2...06.exe,	95 KB	UNDER ANALYSIS
26135906	Micsoft.Office.2...06.exe,	95 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

Ableton.Suite.ve...06.exe,

MALWARE

The file 'Ableton.Suite.version.8.2.2.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Ableton.Suite.ve...06.exe,

MALWARE

The file 'Ableton.Suite.version.8.2.2.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Adobe.Illustrato...06.exe,

MALWARE

The file 'Adobe.Illustrator.CS5.15.0.2.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Adobe.Illustrato...06.exe,

MALWARE

The file 'Adobe.Illustrator.CS5.15.0.2.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Edius.6.01.Crack...06.exe,

MALWARE

The file 'Edius.6.01.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Edius.6.01.Keyge...06.exe,

MALWARE

The file 'Edius.6.01.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Flow.Architect.S...06.exe,

MALWARE

The file 'Flow.Architect.Studio.3D.1.4.2.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Flow.Architect.S...06.exe,

MALWARE

The file 'Flow.Architect.Studio.3D.1.4.2.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Microsoft.Office...06.exe,

MALWARE

The file 'Microsoft.Office.2010.14.0.4763.1000.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Microsoft.Office...06.exe,

MALWARE

The file 'Microsoft.Office.2010.14.0.4763.1000.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Micsoft.Office.2...06.exe,

MALWARE

The file 'Micsoft.Office.2010.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

Filename

Result

Micsoft.Office.2...06.exe,

MALWARE

The file 'Micsoft.Office.2010.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.atdt.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.22.

显示全部楼层 · 发表于 2011-5-15 21:25:30

931L avast清空

显示全部楼层 · 发表于 2011-5-15 21:27:43

931L
eset 清空
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Ableton.Suite.version.8.2.2.Crack.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Ableton.Suite.version.8.2.2.Keygen.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Adobe.Illustrator.CS5.15.0.2.Crack.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Adobe.Illustrator.CS5.15.0.2.Keygen.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Edius.6.01.Crack.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Edius.6.01.Keygen.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Flow.Architect.Studio.3D.1.4.2.Crack.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Flow.Architect.Studio.3D.1.4.2.Keygen.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Microsoft.Office.2010.14.0.4763.1000.Crack.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Microsoft.Office.2010.14.0.4763.1000.Keygen.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Micsoft.Office.2010.Crack.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan
C:\Users\微亿毫\Desktop\765735-931\2010-May-15-2111\Micsoft.Office.2010.Keygen.52106.exe, - Win32/TrojanDownloader.FakeAlert.BBT trojan

显示全部楼层 · 发表于 2011-5-15 21:30:42

本帖最后由李不知于 2011-5-15 21:31 编辑

金山KILL ALL
360网盾输入密码 infected 后报未知

显示全部楼层 · 发表于 2011-5-15 21:39:05

360 sd 解压后实时拦截全部清空

显示全部楼层 · 发表于 2011-5-15 22:02:59

931L
KIS KILL ALL

显示全部楼层 · 发表于 2011-5-16 11:07:09

931L，大蜘蛛清空，同一种病毒：
765735-931\2010-May-15-2111\Ableton.Suite.version.8.2.2.Crack.52106.exe, 已感染： Trojan.DownLoader2.57910

显示全部楼层 · 发表于 2011-5-16 15:29:48

做人要厚道,看帖一定要顶！

显示全部楼层 · 发表于 2011-5-17 15:33:39

本帖最后由 sam.to 于 2011-5-19 13:43 编辑

f8514a6e7bdbf33784ba4e7a4973e3a4  EMS.SQL.Manager.2010.for.SQL.Server.3.6.0.2.Crack.40063.exe,
8ccc2eff7b46c281e7a76e963aa4401d  EMS.SQL.Manager.2010.for.SQL.Server.3.6.0.2.Keygen.40063.exe,
59efd740bc6657e5314af2ea443e0d17  StickyNotes4Code.For.VS2010.1.0.Crack.40063.exe,
d4f12ba2905acfeacb4737aa6ffbd824  StickyNotes4Code.For.VS2010.1.0.Keygen.40063.exe,
4f4d490f8183bae5dfca7e87aa0e412e  Tracks.Eraser.Pro.8.31.Crack.40063.exe,
acba668e332bd3db2deefa0942e658f2  Tracks.Eraser.Pro.8.31.Keygen.40063.exe,
788bff55420d6c863a95921bd8d09682  TwistedBrush.Pro.Studio.18.03.Crack.52106.exe,
796f8412777d055db7fa52b378554b15  TwistedBrush.Pro.Studio.18.03.Keygen.52106.exe,
a93765bc3e70b84fded821a1a190f015  VSO.ConvertXToDVD.4.1.19.366.Crack.40063.exe,
a0ae7e1bc39eceb42a8e0449f2e73b3a  VSO.ConvertXToDVD.4.1.19.366.Keygen.40063.exe,
69832a3b46336d1c43984743effb330a  Windows.Xp.Cyber.Xtreme.2010.Crack.40063.exe,
6e87837ba5fc428ea93e2e7396acae41  Windows.Xp.Cyber.Xtreme.2010.Keygen.40063.exe,

B18624D29A29E5C3C100037446B799F4

to kl,ll,mcafee,comodo,dr.web,avira

We received the following archive files:

File ID	Filename	Size (Byte)	Result
26137463	765735-939.rar	70.99 KB	OK

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
26137464	EMS.SQL.Manager....63.exe,	93.5 KB	UNDER ANALYSIS
26137465	EMS.SQL.Manager....63.exe,	93.5 KB	UNDER ANALYSIS
26137466	StickyNotes4Code...63.exe,	93.5 KB	UNDER ANALYSIS
26137467	StickyNotes4Code...63.exe,	93.5 KB	UNDER ANALYSIS
26137468	Tracks.Eraser.Pr...63.exe,	93.5 KB	UNDER ANALYSIS
26137469	Tracks.Eraser.Pr...63.exe,	93.5 KB	UNDER ANALYSIS
26137470	TwistedBrush.Pro...06.exe,	93.5 KB	UNDER ANALYSIS
26137471	TwistedBrush.Pro...06.exe,	93.5 KB	UNDER ANALYSIS
26137472	VSO.ConvertXToDV...63.exe,	93.5 KB	UNDER ANALYSIS
26137473	VSO.ConvertXToDV...63.exe,	93.5 KB	UNDER ANALYSIS
26137474	Windows.Xp.Cyber...63.exe,	93.5 KB	UNDER ANALYSIS
26137475	Windows.Xp.Cyber...63.exe,	93.5 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

EMS.SQL.Manager....63.exe,

MALWARE

The file 'EMS.SQL.Manager.2010.for.SQL.Server.3.6.0.2.Crack.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

EMS.SQL.Manager....63.exe,

MALWARE

The file 'EMS.SQL.Manager.2010.for.SQL.Server.3.6.0.2.Keygen.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

StickyNotes4Code...63.exe,

MALWARE

The file 'StickyNotes4Code.For.VS2010.1.0.Crack.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

StickyNotes4Code...63.exe,

MALWARE

The file 'StickyNotes4Code.For.VS2010.1.0.Keygen.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

Tracks.Eraser.Pr...63.exe,

MALWARE

The file 'Tracks.Eraser.Pro.8.31.Crack.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

Tracks.Eraser.Pr...63.exe,

MALWARE

The file 'Tracks.Eraser.Pro.8.31.Keygen.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

TwistedBrush.Pro...06.exe,

MALWARE

The file 'TwistedBrush.Pro.Studio.18.03.Crack.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

TwistedBrush.Pro...06.exe,

MALWARE

The file 'TwistedBrush.Pro.Studio.18.03.Keygen.52106.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

VSO.ConvertXToDV...63.exe,

MALWARE

The file 'VSO.ConvertXToDVD.4.1.19.366.Crack.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

VSO.ConvertXToDV...63.exe,

MALWARE

The file 'VSO.ConvertXToDVD.4.1.19.366.Keygen.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

Windows.Xp.Cyber...63.exe,

MALWARE

The file 'Windows.Xp.Cyber.Xtreme.2010.Crack.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Filename

Result

Windows.Xp.Cyber...63.exe,

MALWARE

The file 'Windows.Xp.Cyber.Xtreme.2010.Keygen.40063.exe,' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Diple.onb.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.11.08.43.

Trojan.Win32.Diple.onb

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
-----------------
Regards, Yan Dong
Virus Analyst, Kaspersky Lab.

显示全部楼层 · 发表于 2011-5-17 15:40:51

回复 939楼 sam.to 的帖子

to eset

http://samples.nod32.com.hk/inde ... aa9c29f6e230f81f3fd

[病毒样本] 过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

本帖子中包含更多资源

本帖子中包含更多资源