每次下载都不同的木马网站(148楼有最新样本下载)

显示全部楼层 · 发表于 2008-4-15 11:28:28

Starting the file scan:

Begin scan in 'E:\新建文件夹 (3)'
E:\新建文件夹 (3)\538.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\540.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\513.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\514.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\517.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\518.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\520.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\522.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\523.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\526.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\527.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\528.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\529.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\535.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (3)\536.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!

End of the scan: 2008年4月15日  11:30
Used time: 00:18 min

The scan has been done completely.

   1 Scanning directories
   30 Files were scanned
   15 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   15 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   15 Files not concerned
   0 Archives were scanned
   0 Warnings
   15 Notes

3819023  511.int  446 KB  UNDER ANALYSIS
3819024  512.int  422.5 KB  UNDER ANALYSIS
3819025  515.int  405.5 KB  UNDER ANALYSIS
3819026  516.int  423.5 KB  UNDER ANALYSIS
3819027  519.int  415 KB  UNDER ANALYSIS
3819028  521.int  434 KB  UNDER ANALYSIS
3819029  524.int  424 KB  UNDER ANALYSIS
3819030  525.int  421 KB  UNDER ANALYSIS
3819031  530.int  417 KB  UNDER ANALYSIS
3819032  531.int  399.5 KB  UNDER ANALYSIS
3819033  532.int  446.5 KB  UNDER ANALYSIS
3819034  533.int  422 KB  UNDER ANALYSIS
3819035  534.int  371 KB  UNDER ANALYSIS
3819036  537.int  614 KB  UNDER ANALYSIS
3819037  539.int  479.5 KB  UNDER ANALYSIS

[ 本帖最后由 Exia 于 2008-4-15 11:37 编辑 ]

显示全部楼层 · 发表于 2008-4-15 11:29:38

刚刚卡巴退信,我需要把TRR26分两包上报

This is the mail system at host relay3.kaspersky-labs.com.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

<newvirus@kaspersky.com>: message size 14089843 exceeds size limit 10485760 of
server 91.103.67.148[91.103.67.148]

显示全部楼层 · 发表于 2008-4-16 00:14:15

540-560，上报卡巴

Hello,

541.int - Trojan.Win32.Inject.azp,
542.int - Trojan.Win32.Inject.azq,
543.int - Trojan.Win32.Inject.azr,
544.int - Trojan.Win32.Inject.azs,
545.int - Trojan.Win32.Inject.azt,
546.int - Trojan.Win32.Inject.azv,
547.int - Trojan.Win32.Inject.azw,
548.int - Trojan.Win32.Inject.azx,
549.int - Trojan.Win32.Inject.azy,
550.int - Trojan.Win32.Inject.azz,
551.int - Trojan.Win32.Inject.baa,
552.int - Trojan.Win32.Inject.bab,
553.int - Trojan.Win32.Inject.bac,
554.int, 576.int - Trojan.Win32.Inject.azj,
555.int, 556.int - Trojan.Win32.Inject.bad,
557.int - Trojan.Win32.Inject.bae,
558.int - Trojan.Win32.Inject.baf,
559.int - Trojan.Win32.Inject.bag,
560.int - Trojan.Win32.Inject.bah,
561.int - Trojan.Win32.Inject.ayw,
562.int - Trojan.Win32.Inject.ayx,
564.int - Trojan.Win32.Inject.ayy,
565.int - Trojan.Win32.Inject.ayz,
566.int - Trojan.Win32.Inject.aza,
568.int - Trojan.Win32.Inject.azb,
569.int - Trojan.Win32.Inject.azc,
570.int - Trojan.Win32.Inject.azd,
571.int - Trojan.Win32.Inject.aze,
572.int - Trojan.Win32.Inject.azf,
573.int - Trojan.Win32.Inject.azg,
574.int - Trojan.Win32.Inject.azh,
575.int - Trojan.Win32.Inject.azi,
577.int - Trojan.Win32.Inject.azk,
578.int - Trojan.Win32.Inject.azl,
579.int - Trojan.Win32.Inject.azm,
580.int - Trojan.Win32.Inject.azn,
MSDOS.bat_ - Worm.Win32.AutoRun.dji

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Evgeny Aseev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-4-16 11:00 编辑 ]

显示全部楼层 · 发表于 2008-4-16 00:17:27

561-580,上报卡巴

Hello,

541.int - Trojan.Win32.Inject.azp,
542.int - Trojan.Win32.Inject.azq,
543.int - Trojan.Win32.Inject.azr,
544.int - Trojan.Win32.Inject.azs,
545.int - Trojan.Win32.Inject.azt,
546.int - Trojan.Win32.Inject.azv,
547.int - Trojan.Win32.Inject.azw,
548.int - Trojan.Win32.Inject.azx,
549.int - Trojan.Win32.Inject.azy,
550.int - Trojan.Win32.Inject.azz,
551.int - Trojan.Win32.Inject.baa,
552.int - Trojan.Win32.Inject.bab,
553.int - Trojan.Win32.Inject.bac,
554.int, 576.int - Trojan.Win32.Inject.azj,
555.int, 556.int - Trojan.Win32.Inject.bad,
557.int - Trojan.Win32.Inject.bae,
558.int - Trojan.Win32.Inject.baf,
559.int - Trojan.Win32.Inject.bag,
560.int - Trojan.Win32.Inject.bah,
561.int - Trojan.Win32.Inject.ayw,
562.int - Trojan.Win32.Inject.ayx,
564.int - Trojan.Win32.Inject.ayy,
565.int - Trojan.Win32.Inject.ayz,
566.int - Trojan.Win32.Inject.aza,
568.int - Trojan.Win32.Inject.azb,
569.int - Trojan.Win32.Inject.azc,
570.int - Trojan.Win32.Inject.azd,
571.int - Trojan.Win32.Inject.aze,
572.int - Trojan.Win32.Inject.azf,
573.int - Trojan.Win32.Inject.azg,
574.int - Trojan.Win32.Inject.azh,
575.int - Trojan.Win32.Inject.azi,
577.int - Trojan.Win32.Inject.azk,
578.int - Trojan.Win32.Inject.azl,
579.int - Trojan.Win32.Inject.azm,
580.int - Trojan.Win32.Inject.azn,

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Evgeny Aseev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-4-16 10:46 编辑 ]

显示全部楼层 · 发表于 2008-4-16 05:24:27

Starting the file scan:

Begin scan in 'E:\新建文件夹 (2)\新建文件夹'
E:\新建文件夹 (2)\新建文件夹\558.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\559.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\560.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\543.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\544.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\545.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\546.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\548.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\550.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\551.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\553.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\554.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\577.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\578.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\579.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\562.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\563.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\565.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\566.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\567.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\568.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\570.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\571.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\574.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!
E:\新建文件夹 (2)\新建文件夹\576.int
   [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
   [NOTE]    The file was deleted!

End of the scan: 2008年4月16日  05:25
Used time: 00:14 min

The scan has been done completely.

   1 Scanning directories
   40 Files were scanned
   25 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   25 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   0 Files cannot be scanned
   15 Files not concerned
   0 Archives were scanned
   0 Warnings
   25 Notes

3820031  541.int  416 KB  UNDER ANALYSIS
3820032  542.int  431 KB  UNDER ANALYSIS
3820033  547.int  427 KB  UNDER ANALYSIS
3820034  549.int  433 KB  UNDER ANALYSIS
3820035  552.int  398.5 KB  UNDER ANALYSIS
3820036  556.int  386 KB  UNDER ANALYSIS
3820036  556.int  386 KB  UNDER ANALYSIS
3820037  557.int  433.5 KB  UNDER ANALYSIS
3820038  561.int  407 KB  UNDER ANALYSIS
3820039  564.int  383.5 KB  UNDER ANALYSIS
3820040  569.int  416 KB  UNDER ANALYSIS
3820041  572.int  427 KB  UNDER ANALYSIS
3820042  573.int  408 KB  UNDER ANALYSIS
3820043  575.int  415.5 KB  UNDER ANALYSIS
3820044  580.int  417 KB  UNDER ANALYSIS

[ 本帖最后由 Exia 于 2008-4-16 05:33 编辑 ]

显示全部楼层 · 发表于 2008-4-18 20:54:57

581上报卡巴

Hello,

581.int - Trojan-Downloader.Win32.Obfuscated.to

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Evgeny Aseev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-4-19 13:50 编辑 ]

显示全部楼层 · 发表于 2008-4-19 14:20:24

582，上报卡巴

Hello.
New malicious software was found in the attached file.
It's detection will be included in the next update. Thank you for your help.
-----------------
Regards, Namestnikov Yury
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
http://www.kaspersky.com http://www.viruslist.com

[ 本帖最后由 kato9096 于 2008-4-19 19:05 编辑 ]

显示全部楼层 · 发表于 2008-4-20 21:27:30

583-585，上报卡巴

Hello,

583.int - Trojan.Win32.Obfuscated.yt,
584.int - Trojan.Win32.Obfuscated.yu,
585.int - Trojan.Win32.Obfuscated.yv

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-4-21 16:30 编辑 ]

显示全部楼层 · 发表于 2008-4-22 00:06:53

586,上报卡巴

未發現: 特洛伊木馬程式 Trojan-Downloader.Win32.Agent.nnv 檔案: C:\Documents and Settings\kato9096\桌面\TRR34\TRR18\586.int

[ 本帖最后由 kato9096 于 2008-4-22 20:45 编辑 ]

显示全部楼层 · 发表于 2008-4-24 11:57:33

587-598，上报卡巴

Hello,

587.int - Trojan.Win32.Obfuscated.zs,
588.int - Trojan.Win32.Obfuscated.zt,
589.int - Trojan.Win32.Obfuscated.zu,
590.int - Trojan.Win32.Obfuscated.zv,
591.int - Trojan.Win32.Obfuscated.zw,
592.int - Trojan.Win32.Obfuscated.zx,
593.int - Trojan.Win32.Obfuscated.zy,
594.int - Trojan.Win32.Obfuscated.zz,
595.int, 597.int - Trojan.Win32.Obfuscated.aaa,
596.int - Trojan.Win32.Obfuscated.aab,
598.int - Trojan.Win32.Obfuscated.aac

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Vyacheslav Zakorzhevsky
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

[ 本帖最后由 kato9096 于 2008-4-24 17:11 编辑 ]

[病毒样本] 每次下载都不同的木马网站(148楼有最新样本下载)

回复 89楼 kato9096 的帖子

本帖子中包含更多资源

本帖子中包含更多资源

540-580

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

浏览过的版块