Cd-MaN

Kommentare

  • The file is already detected as Trojan.Downloader.JKOF. Best regards.
    in 1 Virus Sample Kommentar von Cd-MaN August 2008
  • Indeed it looks like your computer has a lot of malware (or at least suspicious looking files). Please gather as many files from the following list as possible and place them in a password protected archive (preferably with the password "infected" - without the quotes) and attach it to a reply on this thread:…
  • Please disable (temporarily) the on-access scanning and archive one or more detected files in an zip archive and encrypt it with the password "infected". Please attach the archive to your next post on the forum. Don't forget to re-enable the on-access scanner after you attached the file. If it is a false positive, we will…
  • Thunderbird only marks messages deleted, doesn't delete them physically until the folder gets compacted. Do the following: Deactivate the on-access scanning Right-click on the Inbox folder and click Compact Re-active the on access scanning Best regards.
    in Generic Peed Kommentar von Cd-MaN August 2008
  • The prefetch files are unrelated to the actual executable (they are created by Windows for every executable run). Please see if you can find any other locations where the executable is present. Best regards.
  • This was a false positive which is already resolved. Sorry for any inconveniences caused. Best regards.
  • Check if the file c:\Windows\System32\Drivers\etc\hosts contains a line similar to this: 127.0.0.1 www.bitdefender.com If it doesn, delete it and restart your computer. Best regards.
  • Detection added as "Trojan.Downloader.VBS.Agent.CO". Best regards.
  • Detected as "Worm.VBS.Autorun.E". Best regards.
  • File is detected as Packer.Malware.NSAnti.BT. Best regards.
  • Thank you for the samples. They will detected as: Trojan.Delf.DNC Trojan.Downloader.Banload.RJJ Trojan.Downloader.Dadobra.ATK After the next update. Best regards.
    in New Sample Kommentar von Cd-MaN August 2008
  • The given detection was a false positive which has been removed. Please update the signature files. Best regards.
  • Thank you very much for the sample. It is detected as "Trojan.Spy.Wsnpoem.EK". Best regards.
  • Installer-ul respectiv este curat (si nici nu este detectat de BD). Detectia "Backdoor.Generic.59060" se refera la un fisier care in backgroud instaleaza un toolbar de IE fara sa ceara confirmare de la utilizator. Deci cel mai probabil ai luat un kit care includea acest fisier. Kit-urile de instalare trebuie luate doar de…
    in Fals Pozitiv? Kommentar von Cd-MaN August 2008
  • Thank you very much for the sample. It is detected as Win32.Worm.Socks.BG. Best regards.
  • In this particular case ComboFix doesn't help you much, since the virus in question isn't from the Vundo family. To fix the problem you should do the following: Open up an Explorer window and make sure that you can see the hidden files. Then type in to the address bar D:\ (or any other drive you have problem with). Make…
  • This is malware, detected by BD as "Trojan.Spy.Wsnpoem.EF". Best regards.
  • It indeed is a clean tool for some virus. The change for the home-page is probably for marking reasons. Best regards.
  • Signed as Trojan.Downloader.VB.GIX. Should be detected after the next update. Best regards.
  • Este afisat un warning clar ca se va instala un adware. Este enervant, dar nu ilegal. Din pacate in acest caz nu putem sa semnam fisierul. Toate cele bune
  • Col you please specify exactly the path of the file which gets detected and the name of the detection? Even better, attach in a password protected archive the sample if possible. Best regards.
  • I believe that this is fixed now. If you are still getting the detection after updating the BD signatures, please let us know. Best regards.
    in Macro.vba Kommentar von Cd-MaN August 2008
  • Soft comercial pentru trimis mesaje intre calculatoare. Clean. Celalte detectii sunt FP-uri. Toate cele bune.
    in Trojan Kommentar von Cd-MaN August 2008
  • This family (Vundo) is constantly morphing. We try our best to keep up with it. However if you have samples for it and can send them to us, we'll add detection quickly. Best regards.
  • This detection is a false positive which should have already been removed. Please contact us if the detection still persists after updating the signatures for BD. Best regards
  • The files are located in the temporary internet cache. Please do the following: Disable the on-access scanner. Empty the temporary internet cache (by going to Internet Exlorer -> Tools -> Internet Options -> Delete Files (towards the middle of the page)) Re-enable the on-access scanner. Best regards.
  • There are many, many variations of this malware. I'm very sorry if we missed one of them. Please attach it to your next post in a password protected archive, so that we can add detection for it. Best regards.
    in Anti spy Check Kommentar von Cd-MaN August 2008
  • The given file (C:\heap41a\offspring\MicrosoftPowerPoint.exe) is infected with a worm (and we are only detecting its components at the moment). Please archive it with a password and attach it to a post on the forum. After that you can delete it (or wait for the detection to be added, at which point BD will offer you the…
  • This was a false positive and detection has been removed. Best regards.
  • This is a false positive. Detection should be removed after the next update. Best regards.
Default Avatar