每次下载都不同的木马网站(148楼有最新样本下载)

sam.to

Hello,

635.int - Trojan.Win32.Obfuscated.axa,
636.int - Trojan.Win32.Inject.cnl,
637.int - Trojan-Downloader.Win32.Obfuscated.aaf,
638.int - Trojan.Win32.Obfuscated.axb,
639.int, 641.int - Trojan-Downloader.Win32.Obfuscated.aag,
640.int - Trojan-Downloader.Win32.Obfuscated.aah,
642.int - Trojan-Downloader.Win32.Obfuscated.aai,
643.int - Trojan.Win32.Obfuscated.axc,
644.int - Trojan.Win32.Obfuscated.axd,
645.int - Trojan-Downloader.Win32.Obfuscated.aaj,
646.int, 651.int - Trojan.Win32.Obfuscated.axe,
647.int - Trojan-Downloader.Win32.Obfuscated.aak,
648.int - Trojan.Win32.Obfuscated.axf,
649.int - Trojan.Win32.Obfuscated.axg,
650.int - Trojan-Downloader.Win32.Obfuscated.aal,
652.int - Trojan.Win32.Obfuscated.axh,
653.int - Trojan.Win32.Obfuscated.axi,
654.int - Trojan.Win32.Obfuscated.axj

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Evgeny Aseev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

Hello,

655.int - Trojan.Win32.Inject.cnj,
656.int - Trojan.Win32.Obfuscated.awy,
657.int - Trojan.Win32.Inject.cnk,
659.int - Trojan-Downloader.Win32.Injecter.ty,
660.int - Trojan.Win32.Obfuscated.awz

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.



Begin scan in 'H:\TRR\Tr'
H:\TRR\Tr\658.int
      [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.JM
      [NOTE]      The file was deleted!
658.int - Trojan.Win32.Obfuscated.awu

This file is already detected. Please update your antivirus bases.

Please quote all when answering.

--
Best regards, Evgeny Aseev
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.


Begin scan in 'H:\TRR\Tr'
H:\TRR\Tr\658.int
      [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.JM
      [NOTE]      The file was deleted!
上报


25034106          655.int          402.5 KB          UNDER ANALYSIS
25034107          656.int          429.5 KB          UNDER ANALYSIS
25034108          657.int          454 KB          UNDER ANALYSIS
25034109          659.int          426 KB          UNDER ANALYSIS
25034110          660.int          436.5 KB          UNDER ANALYSIS
25034111          651.int          422.5 KB          UNDER ANALYSIS
25034112          652.int          445 KB          UNDER ANALYSIS
25034113          653.int          425.5 KB          UNDER ANALYSIS
25034114          654.int          452 KB          UNDER ANALYSIS


25034118          647.int          479 KB          UNDER ANALYSIS
25034119          648.int          427 KB          UNDER ANALYSIS
25034120          649.int          422 KB          UNDER ANALYSIS
25034121          650.int          426.5 KB          UNDER ANALYSIS
25034122          635.int          468 KB          UNDER ANALYSIS
25034123          636.int          391.5 KB          UNDER ANALYSIS
25034124          637.int          419 KB          UNDER ANALYSIS
25034125          638.int          434 KB          UNDER ANALYSIS
25034126          641.int          468 KB          UNDER ANALYSIS
25034127          640.int          421.5 KB          UNDER ANALYSIS
25034128          642.int          394.5 KB          UNDER ANALYSIS
25034129          643.int          444.5 KB          UNDER ANALYSIS
25034130          644.int          415.5 KB          UNDER ANALYSIS
25034131          645.int          425 KB          UNDER ANALYSIS
25034111          646.int          422.5 KB          UNDER ANALYSIS

[ 本帖最后由 kato9096 于 2008-6-1 23:55 编辑 ]

wangjay1980

同志，向你致敬。。。

sam.to

今次太大,有8.82MB,卡巴退信

wangjay1980

原帖由 kato9096 于 2008-6-2 00:06 发表
今次太大,有8.82MB,卡巴退信

记住，你的本地单个压缩包最好不要超过5M，这样发送到服务器上才能保证不超过10M，超过10M卡巴服务器自动退信

当然，你也可以上传到网盘，把地址告诉卡巴分析师

sam.to

你的本地单个压缩包最好不要超过5M，这样发送到服务器上才能保证不超过10M

不太明白.....

尽在不言中

还有几个不能识别~!

sam.to

Filename         Result
647.int          MALWARE

The file '647.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aak. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
648.int          MALWARE

The file '648.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axf. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
649.int          MALWARE

The file '649.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axg. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
650.int          MALWARE

The file '650.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aal. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
635.int          MALWARE

The file '635.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axa. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
636.int          MALWARE

The file '636.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Inject.cnl. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
637.int          MALWARE

The file '637.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aaf. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
638.int          MALWARE

The file '638.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axb. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
641.int          MALWARE

The file '641.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aag. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
640.int          MALWARE

The file '640.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aah. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
642.int          MALWARE

The file '642.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aai. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
643.int          MALWARE

The file '643.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axc. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
644.int          MALWARE

The file '644.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axd. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
645.int          MALWARE

The file '645.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Obfuscated.aaj. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
646.int          MALWARE

The file '646.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axe. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.


Filename         Result
655.int          MALWARE

The file '655.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Inject.cnj. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
656.int          MALWARE

The file '656.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.awy. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
657.int          MALWARE

The file '657.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Inject.cnk. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
659.int          MALWARE

The file '659.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Injecter.TY. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
660.int          MALWARE

The file '660.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.awz. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
651.int          MALWARE

The file '651.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axe. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
652.int          MALWARE

The file '652.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axh. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
653.int          MALWARE

The file '653.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axi. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.
Filename         Result
654.int          MALWARE

The file '654.int' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.axj. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.04.122.

[ 本帖最后由 kato9096 于 2008-6-2 19:40 编辑 ]

sam.to

20个是全部解決了!

Palkia

C:\Documents and Settings\Administrator\桌面\rfdghnj\TRR22\9kgen_up\620.int        Adware.Lop.agml        广告程序        还未处理
C:\Documents and Settings\Administrator\桌面\rfdghnj\TRR22\9kgen_up\627.int        Adware.Lop.rsxb        广告程序        还未处理
C:\Documents and Settings\Administrator\桌面\rfdghnj\TRR22\9kgen_up\628.int        Adware.Lop.nqvd        广告程序        还未处理
C:\Documents and Settings\Administrator\桌面\rfdghnj\TRR22\9kgen_up\629.int        Adware.Lop.dqnc        广告程序        还未处理
C:\Documents and Settings\Administrator\桌面\rfdghnj\TRR22\9kgen_up\630.int        Adware.Lop.zmnz        广告程序        还未处理
C:\Documents and Settings\Administrator\桌面\rfdghnj\TRR22\9kgen_up\631.int        Trojan.Cap842815.uacz        木马        还未处理

Palkia

C:\Documents and Settings\Administrator\桌面\w3ertgfyhyu\Tr\652.int        Adware.Lop.cukb        广告程序        还未处理
C:\Documents and Settings\Administrator\桌面\w3ertgfyhyu\Tr\658.int        Adware.Lop.xqtz        广告程序        还未处理