qd.exe及db1.exe (此帖已完,1394楼有新帖子的地址)

显示全部楼层 · 发表于 2010-8-27 06:48:18

247-248
ess 清空

显示全部楼层 · 发表于 2010-8-27 12:53:25

本帖最后由 sam.to 于 2010.8.27 20:23 编辑

dd426cac9c399c876c6968b8c6d5c818 db1.e1xe
c788ca666eaa3bf83e840a10b05f7a01 qd.e2xe

to kl,ll,mcafee,comodo,avira

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25864903	db1.e1xe	376 KB	UNDER ANALYSIS
25864904	qd.e2xe	416 KB	UNDER ANALYSIS

Hello,

Trojan-Dropper.Win32.Agent.cvxb

New malicious software was found in the attached file. Its detection will be included in the next update.
Thank you for your help.

Please quote all when answering.
-----------------
Regards, Kirill Kruglov
Virus Analyst, Kaspersky Lab.

Please find a detailed report concerning each individual sample below:

Filename

Result

db1.e1xe

MALWARE

The file 'db1.e1xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/BHO.DE.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

qd.e2xe

MALWARE

The file 'qd.e2xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/BHO.DF.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

显示全部楼层 · 发表于 2010-8-27 13:55:15

回复 252楼 sam.to 的帖子
ess kill

显示全部楼层 · 发表于 2010-8-27 16:52:15

网盾kill

显示全部楼层 · 发表于 2010-8-27 20:28:32

本帖最后由 sam.to 于 2010.8.29 13:24 编辑

a61f68be52cab96680a5236c5cbefa0b qd.exe2
82db6672f739c98da2e6fbe86b5e9dd8 db1.exe2

to kl,ll,mcafee,comodo,avira

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25865283	db1.exe2	376 KB	UNDER ANALYSIS
25865284	qd.exe2	416 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

db1.exe2

MALWARE

The file 'db1.exe2' has been determined to be 'MALWARE'.
Our analysts named the threat ADSPY/WSearch.AC.The term "ADSPY/" denotes adware or spyware. This type of malware is able to change browser settings for example by manipulating registry settings or byusing of NTFS-streams. Very often IEexploits are used to manipulate the browserhelp.dll.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

qd.exe2

MALWARE

The file 'qd.exe2' has been determined to be 'MALWARE'.
Our analysts named the threat ADSPY/WSearch.AF.The term "ADSPY/" denotes adware or spyware. This type of malware is able to change browser settings for example by manipulating registry settings or byusing of NTFS-streams. Very often IEexploits are used to manipulate the browserhelp.dll.Detection will be added to our virus definition file (VDF) with one of the next updates.

db1.exe2 - Trojan-Dropper.Win32.Agent.cwgi
qd.exe2 - Trojan-Dropper.Win32.Agent.cwee

显示全部楼层 · 发表于 2010-8-27 20:31:04

rising kill
norton internet security kill

显示全部楼层 · 发表于 2010-8-28 07:13:24

回复 255楼 sam.to 的帖子
ess 清空

显示全部楼层 · 发表于 2010-8-28 11:19:16

750089-252/255 to avast!(email)

显示全部楼层 · 发表于 2010-8-28 12:39:03

本帖最后由 sam.to 于 2010.8.30 16:01 编辑

9a99bfc0e5f7d6511205593563e983aa qd1.exe0
a61f68be52cab96680a5236c5cbefa0b qd.exe2

to kl,ll,mcafee,comodo,avira

A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25866040	qd1.exe0	416 KB	UNDER ANALYSIS
25865284	qd.exe2	416 KB	MALWARE

Hello,

qd.exe2 - Trojan-Dropper.Win32.Agent.cwee,
qd1.exe0 - Trojan-Dropper.Win32.Agent.cwef

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

Regards, Fedor Sinitsyn
Virus Analyst

Please find a detailed report concerning each individual sample below:

Filename

Result

qd1.exe0

MALWARE

The file 'qd1.exe0' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Drop.Agent.cwef.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

qd.exe2

MALWARE

The file 'qd.exe2' has been determined to be 'MALWARE'.
Our analysts named the threat ADSPY/WSearch.AF.The term "ADSPY/" denotes adware or spyware. This type of malware is able to change browser settings for example by manipulating registry settings or byusing of NTFS-streams. Very often IEexploits are used to manipulate the browserhelp.dll.Detection will be added to our virus definition file (VDF) with one of the next updates.

显示全部楼层 · 发表于 2010-8-28 13:38:40

回复 259楼 sam.to 的帖子
ess 清空

[病毒样本] qd.exe及db1.exe (此帖已完,1394楼有新帖子的地址)