Исследование антивирусов 7

**olejah** · 16.11.2010, 08:10

Новенький блокиратор, пойман в Помогите - C:\Documents and Settings\Администратор\wlock\wlock.exe

File name: -wlock.exe-
Submission date: 2010-11-15 11:36:07 (UTC)
Current status: finished
Result: 3 /42 (7.1%)

Antivirus Version Last Update Result
AhnLab-V3 2010.11.15.05 2010.11.15 -
AntiVir 7.10.13.240 2010.11.15 -
Antiy-AVL 2.0.3.7 2010.11.15 -
Authentium 5.2.0.5 2010.11.15 -
Avast 4.8.1351.0 2010.11.15 -
Avast5 5.0.594.0 2010.11.15 -
AVG 9.0.0.851 2010.11.15 -
BitDefender 7.2 2010.11.15 -
CAT-QuickHeal 11.00 2010.11.09 -
ClamAV 0.96.4.0 2010.11.15 -
Comodo 6725 2010.11.15 -
DrWeb 5.0.2.03300 2010.11.15 - Trojan.Winlock.2540
Emsisoft 5.0.0.50 2010.11.15 -
eTrust-Vet 36.1.7976 2010.11.15 -
F-Prot 4.6.2.117 2010.11.15 -
F-Secure 9.0.16160.0 2010.11.15 -
Fortinet 4.2.249.0 2010.11.15 -
GData 21 2010.11.15 -
Ikarus T3.1.1.90.0 2010.11.15 -
Jiangmin 13.0.900 2010.11.15 -
K7AntiVirus 9.67.2973 2010.11.12 -
Kaspersky 7.0.0.125 2010.11.15 -
McAfee 5.400.0.1158 2010.11.15 -
McAfee-GW-Edition 2010.1C 2010.11.15 -
Microsoft 1.6301 2010.11.15 -
NOD32 5620 2010.11.15 - Win32/LockScreen.WU
Norman 6.06.10 2010.11.15 -
nProtect 2010-11-15.01 2010.11.15 -
Panda 10.0.2.7 2010.11.14 -
PCTools 7.0.3.5 2010.11.15 -
Prevx 3.0 2010.11.15 -
Rising 22.73.06.04 2010.11.15 -
Sophos 4.59.0 2010.11.15 - Sus/UnkPack-C
Sunbelt 7315 2010.11.15 -
SUPERAntiSpyware 4.40.0.1006 2010.11.15 -
Symantec 20101.2.0.161 2010.11.15 -
TheHacker 6.7.0.1.083 2010.11.15 -
TrendMicro 9.120.0.1004 2010.11.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.15 -
VBA32 3.12.14.2 2010.11.15 -
ViRobot 2010.11.15.4148 2010.11.15 -
VirusBuster 12.75.3.0 2010.11.14 -

virustotal.com

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**Nexus** · 16.11.2010, 19:37

C:\WINDOWS\system32\rescue32.exe

File name:
avz00001.dta
Submission date:
2010-11-16 16:21:26 (UTC)
Current status:
finished
Result:
3/ 43 (7.0%)

Antivirus Version Last Update Result
AhnLab-V3 2010.11.16.00 2010.11.15 -
AntiVir 7.10.14.11 2010.11.16 -
Antiy-AVL 2.0.3.7 2010.11.16 -
Avast 4.8.1351.0 2010.11.16 -
Avast5 5.0.594.0 2010.11.16 -
AVG 9.0.0.851 2010.11.16 -
BitDefender 7.2 2010.11.16 -
CAT-QuickHeal 11.00 2010.11.09 -
ClamAV 0.96.4.0 2010.11.16 -
Command 5.2.11.5 2010.11.16 -
Comodo 6741 2010.11.16 - TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.11.16 - Trojan.DownLoader1.36945
Emsisoft 5.0.0.50 2010.11.16 -
eSafe 7.0.17.0 2010.11.16 -
eTrust-Vet 36.1.7980 2010.11.16 -
F-Prot 4.6.2.117 2010.11.16 -
F-Secure 9.0.16160.0 2010.11.16 -
Fortinet 4.2.249.0 2010.11.15 -
GData 21 2010.11.16 -
Ikarus T3.1.1.90.0 2010.11.16 -
Jiangmin 13.0.900 2010.11.16 -
K7AntiVirus 9.67.2973 2010.11.12 -
Kaspersky 7.0.0.125 2010.11.16 -
McAfee 5.400.0.1158 2010.11.16 -
McAfee-GW-Edition 2010.1C 2010.11.16 -
Microsoft 1.6301 2010.11.16 -
NOD32 5624 2010.11.16 -
Norman 6.06.10 2010.11.16 -
nProtect 2010-11-16.02 2010.11.16 -
Panda 10.0.2.7 2010.11.15 -
PCTools 7.0.3.5 2010.11.16 -
Prevx 3.0 2010.11.16 -
Rising 22.74.00.01 2010.11.16 -
Sophos 4.59.0 2010.11.16 -
SUPERAntiSpyware 4.40.0.1006 2010.11.16 -
Symantec 20101.2.0.161 2010.11.16 -
TheHacker 6.7.0.1.085 2010.11.16 -
TrendMicro 9.120.0.1004 2010.11.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.16 -
VBA32 3.12.14.2 2010.11.16 -
VIPRE 7326 2010.11.16 - Trojan.Win32.Generic!SB.0
ViRobot 2010.11.16.4151 2010.11.16 -
VirusBuster 12.76.1.0 2010.11.15 -

MD5 : 45751a87d1a8f7428755c32d58a6e770
SHA1 : 914f61d113e6986006dc5a3a6d652354c06ea8e0
SHA256: 48a154465f99a23fec3410f94e1ec055b71a7e51fb8146a1df b9e19299f0997e

**Nexus** · 27.11.2010, 13:12

File name:
1.vbs
Submission date:
2010-11-27 10:07:36 (UTC)
Current status:
finished
Result:
6/ 43 (14.0%)

Antivirus results
AhnLab-V3 - 2010.11.27.00 - 2010.11.26 - -
AntiVir - 7.10.14.125 - 2010.11.26 - VBS/Toow.A.1
Antiy-AVL - 2.0.3.7 - 2010.11.27 - -
Avast - 4.8.1351.0 - 2010.11.26 - -
Avast5 - 5.0.594.0 - 2010.11.26 - -
AVG - 9.0.0.851 - 2010.11.27 - -
BitDefender - 7.2 - 2010.11.27 - -
CAT-QuickHeal - 11.00 - 2010.11.26 - -
ClamAV - 0.96.4.0 - 2010.11.27 - PUA.JS.Xored
Command - 5.2.11.5 - 2010.11.27 - -
Comodo - 6865 - 2010.11.27 - -
DrWeb - 5.0.2.03300 - 2010.11.26 - -
Emsisoft - 5.0.0.50 - 2010.11.27 - -
eSafe - 7.0.17.0 - 2010.11.24 - -
eTrust-Vet - 36.1.8003 - 2010.11.26 - -
F-Prot - 4.6.2.117 - 2010.11.26 - -
F-Secure - 9.0.16160.0 - 2010.11.27 - -
Fortinet - 4.2.254.0 - 2010.11.26 - -
GData - 21 - 2010.11.27 - -
Ikarus - T3.1.1.90.0 - 2010.11.27 - -
Jiangmin - 13.0.900 - 2010.11.27 - -
K7AntiVirus - 9.69.3095 - 2010.11.26 - -
Kaspersky - 7.0.0.125 - 2010.11.27 - -
McAfee - 5.400.0.1158 - 2010.11.27 - -
McAfee-GW-Edition - 2010.1C - 2010.11.26 - Heuristic.BehavesLike.VBS.Exploit.A
Microsoft - 1.6402 - 2010.11.27 - Exploit:VBS/Privoot.A
NOD32 - 5652 - 2010.11.26 - -
Norman - 6.06.10 - 2010.11.27 - -
nProtect - 2010-11-26.01 - 2010.11.26 - -
Panda - 10.0.2.7 - 2010.11.27 - -
PCTools - 7.0.3.5 - 2010.11.27 - -
Prevx - 3.0 - 2010.11.27 - -
Rising - 22.75.04.00 - 2010.11.27 - -
Sophos - 4.60.0 - 2010.11.27 - Troj/Toow-A
SUPERAntiSpyware - 4.40.0.1006 - 2010.11.27 - -
Symantec - 20101.2.0.161 - 2010.11.27 - -
TheHacker - 6.7.0.1.091 - 2010.11.26 - -
TrendMicro - 9.120.0.1004 - 2010.11.27 - -
TrendMicro-HouseCall - 9.120.0.1004 - 2010.11.27 - -
VBA32 - 3.12.14.2 - 2010.11.26 - Exploit.VBS.Privoot.A
VIPRE - 7424 - 2010.11.27 - -
ViRobot - 2010.11.19.4158 - 2010.11.27 - -
VirusBuster - 13.6.62.0 - 2010.11.26 - -

File info:
MD5: e3d1466d7635a989d09ff71bc3b8b16a
SHA1: 82c44cf239cb0f2c722342b51cc16a853680382f
SHA256: 71e5681c079048598dd305e228cf14dcff7d3a0817cdece0cd 1792ac7453f566
File size: 9885 bytes

**Nexus** · 06.12.2010, 23:18

File name:
firefox-update.exe
Submission date:
2010-12-06 20:13:22 (UTC)
Current status:
finished
Result:
15/ 43 (34.9%)

Antivirus results
AhnLab-V3 2010.12.06.01 2010.12.06 Trojan/Win32.FakeAV
AntiVir 7.10.14.201 2010.12.06 -
Antiy-AVL 2.0.3.7 2010.12.06 -
Avast 4.8.1351.0 2010.12.06 -
Avast5 5.0.677.0 2010.12.06 -
AVG 9.0.0.851 2010.12.06 -
BitDefender 7.2 2010.12.06 Gen:Variant.Kazy.4874
CAT-QuickHeal 11.00 2010.12.06 -
ClamAV 0.96.4.0 2010.12.06 -
Command 5.2.11.5 2010.12.06 W32/Renos.A!Generic
Comodo 6964 2010.12.06 MalCrypt.Indus!
DrWeb 5.0.2.03300 2010.12.06 -
Emsisoft 5.0.0.50 2010.12.06 -
eSafe 7.0.17.0 2010.12.05 -
eTrust-Vet 36.1.8018 2010.12.05 Win32/Renos.D!generic
F-Prot 4.6.2.117 2010.12.06 W32/Renos.A!Generic
F-Secure 9.0.16160.0 2010.12.06 -
Fortinet 4.2.254.0 2010.12.06 -
GData 21 2010.12.06 Gen:Variant.Kazy.4874
Ikarus T3.1.1.90.0 2010.12.06 -
Jiangmin 13.0.900 2010.12.06 -
K7AntiVirus 9.70.3174 2010.12.06 Virus
Kaspersky 7.0.0.125 2010.12.06 -
McAfee 5.400.0.1158 2010.12.06 -
McAfee-GW-Edition 2010.1C 2010.12.06 Heuristic.BehavesLike.Win32.Backdoor.H
Microsoft 1.6402 2010.12.06 -
NOD32 5679 2010.12.06 -
Norman 6.06.10 2010.12.06 W32/Obfuscated.M
nProtect 2010-12-06.01 2010.12.06 -
Panda 10.0.2.7 2010.12.06 Suspicious file
PCTools 7.0.3.5 2010.12.06 -
Prevx 3.0 2010.12.06 Medium Risk Malware
Rising 22.76.06.04 2010.12.06 Packer.Win32.Agent.bk
Sophos 4.60.0 2010.12.06 Mal/EncPk-ND
SUPERAntiSpyware 4.40.0.1006 2010.12.06 -
Symantec 20101.2.0.161 2010.12.06 -
TheHacker 6.7.0.1.096 2010.12.06 -
TrendMicro 9.120.0.1004 2010.12.06 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.06 -
VBA32 3.12.14.2 2010.12.06 -
VIPRE 7537 2010.12.06 VirTool.Win32.Obfuscator.hg!b1 (v)
ViRobot 2010.12.6.4187 2010.12.06 -
VirusBuster 13.6.77.0 2010.12.06 -

File info:
MD5 : 7f5defc7ee63dfea9232ce7490317b48
SHA1 : 7df97500f67ca9991745ac8518cd6f7980544e2e
SHA256: 29977b585c69db323caa89b834d1330a13cc502f76433ffc6a ee30582e90855c

**zorro84** · 19.12.2010, 23:16

Пойман через флешки

File name:
services.exe
Submission date:
2010-12-19 20:08:42 (UTC)
Result:
28/ 43 (65.1%)

Antivirus Version Last Update Result
AhnLab-V3 2010.12.20.00 2010.12.19 Win-Trojan/Securisk
AntiVir 7.11.0.84 2010.12.19 TR/Agent.ayo.5
Antiy-AVL 2.0.3.7 2010.12.19 -
Avast 4.8.1351.0 2010.12.19 Win32:Malware-gen
Avast5 5.0.677.0 2010.12.19 Win32:Malware-gen
AVG 9.0.0.851 2010.12.19 Agent2.BSHM
BitDefender 7.2 2010.12.19 Trojan.Generic.5014159
CAT-QuickHeal 11.00 2010.12.19 Trojan.Agent.fpdl
ClamAV 0.96.4.0 2010.12.19 -
Command 5.2.11.5 2010.12.19 -
Comodo 7119 2010.12.19 UnclassifiedMalware
DrWeb 5.0.2.03300 2010.12.19 Win32.HLLW.Autoruner.29931
Emsisoft 5.1.0.1 2010.12.19 Trojan.Win32.Agent!IK
eSafe 7.0.17.0 2010.12.19 -
eTrust-Vet 36.1.8048 2010.12.17 -
F-Prot 4.6.2.117 2010.12.19 -
F-Secure 9.0.16160.0 2010.12.19 Trojan.Generic.5014159
Fortinet 4.2.254.0 2010.12.19 W32/Agent.FPDL!tr
GData 21 2010.12.19 Trojan.Generic.5014159
Ikarus T3.1.1.90.0 2010.12.19 Trojan.Win32.Agent
Jiangmin 13.0.900 2010.12.19 -
K7AntiVirus 9.73.3286 2010.12.18 Trojan
Kaspersky 7.0.0.125 2010.12.19 Trojan.Win32.Agent.fpdl
McAfee 5.400.0.1158 2010.12.19 Artemis!63EDD8FC59B7
McAfee-GW-Edition 2010.1C 2010.12.19 Artemis!63EDD8FC59B7
Microsoft 1.6402 2010.12.19 -
NOD32 5716 2010.12.19 -
Norman 6.06.12 2010.12.19 -
nProtect 2010-12-19.01 2010.12.19 Trojan/W32.Agent.144896.CZ
Panda 10.0.2.7 2010.12.19 Trj/CI.A
PCTools 7.0.3.5 2010.12.19 Trojan.Gen
Prevx 3.0 2010.12.19 -
Rising 22.78.05.00 2010.12.19 Trojan.Win32.Generic.5236BE5F
Sophos 4.60.0 2010.12.19 -
SUPERAntiSpyware 4.40.0.1006 2010.12.19 -
Symantec 20101.3.0.103 2010.12.19 Trojan.Gen
TheHacker 6.7.0.1.101 2010.12.15 Trojan/Agent.fpdl
TrendMicro 9.120.0.1004 2010.12.19 TROJ_GEN.R74C3K9
TrendMicro-HouseCall 9.120.0.1004 2010.12.19 TROJ_GEN.R74C3K9
VBA32 3.12.14.2 2010.12.17 Trojan.Agent.fpdl
VIPRE 7722 2010.12.19 Trojan.Win32.Generic!BT
ViRobot 2010.12.18.4208 2010.12.19 -
VirusBuster 13.6.102.0 2010.12.19 -

**ISO** · 23.12.2010, 06:47

Очередной winlock, лежал в кеше IE +запись в userinit, shell + еще звери в system32
File name:
flash_player[1].exe
Submission date:
2010-12-23 03:40:53 (UTC)
Result:
6/ 43 (14.0%)

Antivirus Version Last Update Result
AhnLab-V3 2010.12.23.01 2010.12.22 -
AntiVir 7.11.0.144 2010.12.22 -
Antiy-AVL 2.0.3.7 2010.12.23 -
Avast 4.8.1351.0 2010.12.22 -
Avast5 5.0.677.0 2010.12.22 -
AVG 9.0.0.851 2010.12.23 -
BitDefender 7.2 2010.12.23 Trojan.Generic.5250379
CAT-QuickHeal 11.00 2010.12.22 -
ClamAV 0.96.4.0 2010.12.23 -
Command 5.2.11.5 2010.12.23 -
Comodo 7155 2010.12.22 -
DrWeb 5.0.2.03300 2010.12.23 Trojan.Winlock.2741
Emsisoft 5.1.0.1 2010.12.23 -
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8055 2010.12.22 -
F-Prot 4.6.2.117 2010.12.22 -
F-Secure 9.0.16160.0 2010.12.23 -
Fortinet 4.2.254.0 2010.12.21 -
GData 21 2010.12.23 Trojan.Generic.5250379
Ikarus T3.1.1.90.0 2010.12.23 -
Jiangmin 13.0.900 2010.12.22 -
K7AntiVirus 9.74.3319 2010.12.22 -
Kaspersky 7.0.0.125 2010.12.23 Trojan-Ransom.Win32.Gimemo.fc
McAfee 5.400.0.1158 2010.12.23 -
McAfee-GW-Edition 2010.1C 2010.12.22 -
Microsoft 1.6402 2010.12.22 -
NOD32 5726 2010.12.22 -
Norman 6.06.12 2010.12.22 -
nProtect 2010-12-22.01 2010.12.22 -
Panda 10.0.2.7 2010.12.22 Suspicious file
PCTools 7.0.3.5 2010.12.23 -
Prevx 3.0 2010.12.23 -
Rising 22.79.02.01 2010.12.23 -
Sophos 4.60.0 2010.12.23 Mal/FakeAV-BW
SUPERAntiSpyware 4.40.0.1006 2010.12.23 -
Symantec 20101.3.0.103 2010.12.23 -
TheHacker 6.7.0.1.104 2010.12.21 -
TrendMicro 9.120.0.1004 2010.12.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.23 -
VBA32 3.12.14.2 2010.12.21 -
VIPRE 7767 2010.12.23 -
ViRobot 2010.12.23.4215 2010.12.23 -
VirusBuster 13.6.108.0 2010.12.22 -

Additional information
Show all
MD5 : ef685c8811dec5511cbd3071464f3f20
SHA1 : 5408acb14dc1375884bac4a12626c889ebcecf7f
SHA256: e5288888e1760116b72f63ca68827c94bfaf18d52ae38fe01e e7ba4ec49fafa6
http://www.virustotal.com/file-scan/...fa6-1293075653

**Nexus** · 24.12.2010, 17:23

File name:
foto.exe
Submission date:
2010-12-24 14:17:12 (UTC)
Current status:
finished
Result:
7/ 43 (16.3%)

Antivirus Version Last update Result
AhnLab-V3 2010.12.24.00 2010.12.23 -
AntiVir 7.11.0.174 2010.12.24 -
Antiy-AVL 2.0.3.7 2010.12.24 -
Avast 4.8.1351.0 2010.12.24 -
Avast5 5.0.677.0 2010.12.24 -
AVG 9.0.0.851 2010.12.24 Hosts
BitDefender 7.2 2010.12.24 -
CAT-QuickHeal 11.00 2010.12.24 -
ClamAV 0.96.4.0 2010.12.24 -
Command 5.2.11.5 2010.12.24 -
Comodo 7172 2010.12.24 Heur.Suspicious
DrWeb 5.0.2.03300 2010.12.24 Trojan.Qhost.3324
Emsisoft 5.1.0.1 2010.12.24 Virus.Hosts!IK
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8059 2010.12.24 -
F-Prot 4.6.2.117 2010.12.24 -
F-Secure 9.0.16160.0 2010.12.24 -
Fortinet 4.2.254.0 2010.12.24 -
GData 21 2010.12.24 -
Ikarus T3.1.1.90.0 2010.12.24 Virus.Hosts
Jiangmin 13.0.900 2010.12.24 -
K7AntiVirus 9.74.3335 2010.12.24 -
Kaspersky 7.0.0.125 2010.12.24 -
McAfee 5.400.0.1158 2010.12.24 -
McAfee-GW-Edition 2010.1C 2010.12.24 -
Microsoft 1.6402 2010.12.24 -
NOD32 5729 2010.12.24 -
Norman 6.06.12 2010.12.24 W32/Malware
nProtect 2010-12-24.01 2010.12.24 -
Panda 10.0.2.7 2010.12.24 -
PCTools 7.0.3.5 2010.12.24 -
Prevx 3.0 2010.12.24 -
Rising 22.79.03.04 2010.12.24 -
Sophos 4.60.0 2010.12.24 -
SUPERAntiSpyware 4.40.0.1006 2010.12.24 -
Symantec 20101.3.0.103 2010.12.24 -
TheHacker 6.7.0.1.104 2010.12.21 -
TrendMicro 9.120.0.1004 2010.12.24 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.24 -
VBA32 3.12.14.2 2010.12.23 -
VIPRE 7803 2010.12.24 Trojan.Win32.Generic!BT
ViRobot 2010.12.24.4218 2010.12.24 -
VirusBuster 13.6.111.0 2010.12.24 -

MD5: 3b8d792a232de5f2aaa37bdc9418a08b
SHA1: 6c47bc0d019fa99c58c2c075f90690a0f288a019
SHA256: 419bb73aac5835e0f6ed61fa6aac96210e90f3ea3e01c7334e aa669003c292ff
File size: 97913 bytes

**Nvidia** · 26.12.2010, 00:50

File name:
srce.exe
Submission date:
2010-12-25 21:41:48 (UTC)
Current status:
queued queued (#1) analysing finished
Result:
11/ 43 (25.6%)

Antivirus Version Last Update Result
AhnLab-V3 2010.12.26.00 2010.12.25 -
AntiVir 7.11.0.177 2010.12.25 -
Antiy-AVL 2.0.3.7 2010.12.25 -
Avast 4.8.1351.0 2010.12.25 -
Avast5 5.0.677.0 2010.12.25 -
AVG 9.0.0.851 2010.12.25 -
BitDefender 7.2 2010.12.25 Trojan.Generic.KD.94098
CAT-QuickHeal 11.00 2010.12.25 -
ClamAV 0.96.4.0 2010.12.25 -
Command 5.2.11.5 2010.12.25 -
Comodo 7185 2010.12.25 Heur.Suspicious
DrWeb 5.0.2.03300 2010.12.25 Trojan.Inject.18064
Emsisoft 5.1.0.1 2010.12.25 Trojan.Crypt!IK
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8060 2010.12.24 -
F-Prot 4.6.2.117 2010.12.25 -
F-Secure 9.0.16160.0 2010.12.25 Trojan.Generic.KD.94098
Fortinet 4.2.254.0 2010.12.25 -
GData 21 2010.12.25 Trojan.Generic.KD.94098
Ikarus T3.1.1.90.0 2010.12.25 Trojan.Crypt
Jiangmin 13.0.900 2010.12.25 -
K7AntiVirus 9.74.3335 2010.12.24 -
Kaspersky 7.0.0.125 2010.12.25 -
McAfee 5.400.0.1158 2010.12.25 -
McAfee-GW-Edition 2010.1C 2010.12.25 -
Microsoft 1.6402 2010.12.25 -
NOD32 5732 2010.12.25 -
Norman 6.06.12 2010.12.24 -
nProtect 2010-12-25.01 2010.12.25 -
Panda 10.0.2.7 2010.12.25 Suspicious file
PCTools 7.0.3.5 2010.12.25 -
Prevx 3.0 2010.12.25 High Risk Cloaked Malware
Rising 22.79.04.00 2010.12.25 -
Sophos 4.60.0 2010.12.25 -
SUPERAntiSpyware 4.40.0.1006 2010.12.25 Trojan.Agent/Gen-Gameject
Symantec 20101.3.0.103 2010.12.25 -
TheHacker 6.7.0.1.105 2010.12.25 -
TrendMicro 9.120.0.1004 2010.12.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.25 -
VBA32 3.12.14.2 2010.12.24 -
VIPRE 7823 2010.12.25 Trojan.Win32.Generic.pak!cobra
ViRobot 2010.12.25.4220 2010.12.25 -
VirusBuster 13.6.112.0 2010.12.25 -

MD5 : e6499e33e6c53a01ebea24eff643625e
SHA1 : 9b0d5753b4b5c7879ebd86c278e2097ad48476bc
SHA256: b23ae5717d9e777928cb84c85f79f7eacfa837ee619cf504aa 52df97cc218816

Добавлено через 4 минуты

File name:
image96523489.exe
Submission date:
2010-12-25 21:47:12 (UTC)
Current status:
queued (#1) queued (#1) analysing finished
Result:
10/ 41 (24.4%)

Antivirus Version Last Update Result
AhnLab-V3 2010.12.26.00 2010.12.25 -
AntiVir 7.11.0.177 2010.12.25 -
Antiy-AVL 2.0.3.7 2010.12.25 -
Avast 4.8.1351.0 2010.12.25 -
Avast5 5.0.677.0 2010.12.25 -
AVG 9.0.0.851 2010.12.25 -
BitDefender 7.2 2010.12.25 GenPack:Worm.FaceBlocker.B
CAT-QuickHeal 11.00 2010.12.25 -
ClamAV 0.96.4.0 2010.12.25 -
Command 5.2.11.5 2010.12.25 -
Comodo 7185 2010.12.25 P2PWorm.Win32.Palevo.GZA
DrWeb 5.0.2.03300 2010.12.25 -
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8060 2010.12.24 -
F-Prot 4.6.2.117 2010.12.25 -
F-Secure 9.0.16160.0 2010.12.25 GenPack:Worm.FaceBlocker.B
Fortinet 4.2.254.0 2010.12.25 -
GData 21 2010.12.25 GenPack:Worm.FaceBlocker.B
Ikarus T3.1.1.90.0 2010.12.25 Win32.SuspectCrc
Jiangmin 13.0.900 2010.12.25 -
K7AntiVirus 9.74.3335 2010.12.24 -
McAfee 5.400.0.1158 2010.12.25 -
McAfee-GW-Edition 2010.1C 2010.12.25 -
Microsoft 1.6402 2010.12.25 -
NOD32 5732 2010.12.25 -
Norman 6.06.12 2010.12.24 -
nProtect 2010-12-25.01 2010.12.25 GenPack:Worm.FaceBlocker.B
Panda 10.0.2.7 2010.12.25 -
PCTools 7.0.3.5 2010.12.25 -
Prevx 3.0 2010.12.25 -
Rising 22.79.04.00 2010.12.25 -
Sophos 4.60.0 2010.12.25 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2010.12.25 Trojan.Agent/Gen-FakeAlert
Symantec 20101.3.0.103 2010.12.25 -
TheHacker 6.7.0.1.105 2010.12.25 -
TrendMicro 9.120.0.1004 2010.12.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.25 -
VBA32 3.12.14.2 2010.12.24 Malware-Cryptor.Inject.gen
VIPRE 7823 2010.12.25 Trojan.Win32.Generic.pak!cobra
ViRobot 2010.12.25.4220 2010.12.25 -
VirusBuster 13.6.112.0 2010.12.25 -

MD5 : a65d7a1fda9ec0325195c5267699bd88
SHA1 : fbe6f92b43706c76aa11c94a95cab1f4f7d8ad4d
SHA256: aa985ebc69e695a1cc77b1a70ac74d21db131e034f84141a9d 695cb4fdee7d62

**Nvidia** · 06.01.2011, 20:42

File name: unlock.exe
Submission date: 2011-01-06 17:33:46 (UTC)
Current status: finished
Result: 4 /43 (9.3%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.06.01 2011.01.06 -
AntiVir 7.11.1.34 2011.01.05 -
Antiy-AVL 2.0.3.7 2011.01.06 -
Avast 4.8.1351.0 2011.01.06 -
Avast5 5.0.677.0 2011.01.06 -
AVG 9.0.0.851 2011.01.06 -
BitDefender 7.2 2011.01.06 -
CAT-QuickHeal 11.00 2011.01.06 -
ClamAV 0.96.4.0 2011.01.05 -
Command 5.2.11.5 2011.01.06 -
Comodo 7315 2011.01.06 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.06 -
Emsisoft 5.1.0.1 2011.01.06 Trojan.Win32.VkHost!IK
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet 36.1.8084 2011.01.06 -
F-Prot 4.6.2.117 2011.01.05 -
F-Secure 9.0.16160.0 2011.01.06 -
Fortinet 4.2.254.0 2011.01.06 -
GData 21 2011.01.06 -
Ikarus T3.1.1.90.0 2011.01.06 Trojan.Win32.VkHost
Jiangmin 13.0.900 2011.01.06 -
K7AntiVirus 9.75.3461 2011.01.06 -
Kaspersky 7.0.0.125 2011.01.06 -
McAfee 5.400.0.1158 2011.01.06 -
McAfee-GW-Edition 2010.1C 2011.01.06 -
Microsoft 1.6402 2011.01.06 -
NOD32 5765 2011.01.06 -
Norman 6.06.12 2011.01.06 -
nProtect 2011-01-06.01 2011.01.06 -
Panda 10.0.2.7 2011.01.06 -
PCTools 7.0.3.5 2011.01.06 -
Prevx 3.0 2011.01.06 -
Rising 22.81.03.00 2011.01.06 -
Sophos 4.60.0 2011.01.06 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2011.01.06 -
Symantec 20101.3.0.103 2011.01.06 -
TheHacker 6.7.0.1.111 2011.01.06 -
TrendMicro 9.120.0.1004 2011.01.06 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.06 -
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7976 2011.01.06 -
ViRobot 2011.1.6.4240 2011.01.06 -
VirusBuster 13.6.132.0 2011.01.06 -

MD5 : a3db3989ea2268719fc7d5ff49b6b5ae
SHA1 : 8aa872a068aff86350c635df7979d67161705f26
SHA256: ef2fc41fe7de6e354b9ff208384a1573ea5ce4d4975862d9eb 07f86c3851ce4d

**valho** · 07.01.2011, 10:47

File name: tam_vdali_za_rekoy.exe
Submission date: 2011-01-07 07:23:46 (UTC)
Current status: finished
Result: 5/ 42 (11.9%)

AhnLab-V3 2011.01.07.00 2011.01.06 -
AntiVir 7.11.1.35 2011.01.06 -
Antiy-AVL 2.0.3.7 2011.01.07 -
Avast 4.8.1351.0 2011.01.06 Win32:FraudTool-SB
Avast5 5.0.677.0 2011.01.06 Win32:PUP-gen
AVG 9.0.0.851 2011.01.07 -
BitDefender 7.2 2011.01.07 -
CAT-QuickHeal 11.00 2011.01.06 -
ClamAV 0.96.4.0 2011.01.07 -
Command 5.2.11.5 2011.01.07 -
Comodo 7318 2011.01.06 -
DrWeb 5.0.2.03300 2011.01.07 Trojan.SMSSend.240
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet 36.1.8085 2011.01.06 -
F-Prot 4.6.2.117 2011.01.06 -
F-Secure 9.0.16160.0 2011.01.07 -
Fortinet 4.2.254.0 2011.01.06 -
GData 21 2011.01.07 -
Ikarus T3.1.1.90.0 2011.01.07 -
Jiangmin 13.0.900 2011.01.07 -
K7AntiVirus 9.75.3461 2011.01.06 -
Kaspersky 7.0.0.125 2011.01.07 -
McAfee 5.400.0.1158 2011.01.07 -
McAfee-GW-Edition 2010.1C 2011.01.06 -
Microsoft 1.6402 2011.01.07 -
NOD32 5765 2011.01.06 -
Norman 6.06.12 2011.01.07 -
nProtect 2011-01-06.01 2011.01.06 -
Panda 10.0.2.7 2011.01.06 Suspicious file
PCTools 7.0.3.5 2011.01.07 -
Prevx 3.0 2011.01.07 High Risk Cloaked Malware
Rising 22.81.04.01 2011.01.07 -
Sophos 4.61.0 2011.01.07 -
SUPERAntiSpyware 4.40.0.1006 2011.01.07 -
Symantec 20101.3.0.103 2011.01.07 -
TheHacker 6.7.0.1.111 2011.01.06 -
TrendMicro 9.120.0.1004 2011.01.07 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.07 -
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7985 2011.01.07 -
ViRobot 2011.1.7.4241 2011.01.07 -
VirusBuster 13.6.132.0 2011.01.06 -

Additional information
MD5 : 26eaf5e434c6b4a577c4d0b8e6cbb6a1
SHA1 : a136ae5df8b10c6420d8150d1d1621c1423b8344
SHA256: 4f2f925774c0f9a043f48940cc5027e2b211b12d2213a90ae9 69c338377cd2a7
ssdeep: 196608:tj6bJXVuTs2aQ1FA/gOMg7pU3naNGm/Bwb:Qb1AkmA/X+fEwb
File size : 7948288 bytes

TrID:
UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%)

**balu_1** · 07.01.2011, 19:09

Этот и следующий найдены в корне системного диска. КИС 2011 не видит в упор
File name:
gakjob.pif
Submission date:
2011-01-07 15:45:08 (UTC)
Result:
12/ 42 (28.6%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.07.04 2011.01.07 -
AntiVir 7.11.1.54 2011.01.07 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2011.01.07 -
Avast 4.8.1351.0 2011.01.07 -
Avast5 5.0.677.0 2011.01.07 -
AVG 9.0.0.851 2011.01.07 Win32/Sality.dropper
BitDefender 7.2 2011.01.07 -
CAT-QuickHeal 11.00 2011.01.07 (Suspicious) - DNAScan
ClamAV 0.96.4.0 2011.01.07 -
Command 5.2.11.5 2011.01.07 W32/Sality.C.gen!Eldorado
Comodo 7327 2011.01.07 Win32.Kashu.RA
DrWeb 5.0.2.03300 2011.01.07 -
Emsisoft 5.1.0.1 2011.01.07 -
eTrust-Vet 36.1.8086 2011.01.07 -
F-Prot 4.6.2.117 2011.01.06 W32/Sality.C.gen!Eldorado
F-Secure 9.0.16160.0 2011.01.07 -
Fortinet 4.2.254.0 2011.01.07 -
GData 21 2011.01.07 -
Ikarus T3.1.1.90.0 2011.01.07 -
Jiangmin 13.0.900 2011.01.07 Trojan/Inject.lyc
K7AntiVirus 9.75.3472 2011.01.07 Trojan
Kaspersky 7.0.0.125 2011.01.07 -
McAfee 5.400.0.1158 2011.01.07 -
McAfee-GW-Edition 2010.1C 2011.01.07 -
Microsoft 1.6402 2011.01.07 -
NOD32 5767 2011.01.07 -
Norman 6.06.12 2011.01.07 -
nProtect 2011-01-07.01 2011.01.07 -
Panda 10.0.2.7 2011.01.07 W32/Sality.AK.drp
PCTools 7.0.3.5 2011.01.07 -
Prevx 3.0 2011.01.07 -
Rising 22.81.04.04 2011.01.07 Trojan.Win32.KUKU.a
Sophos 4.61.0 2011.01.07 Troj/SalLoad-C
SUPERAntiSpyware 4.40.0.1006 2011.01.07 -
Symantec 20101.3.0.103 2011.01.07 -
TheHacker 6.7.0.1.111 2011.01.06 -
TrendMicro 9.120.0.1004 2011.01.07 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.07 -
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7989 2011.01.07 -
ViRobot 2011.1.7.4242 2011.01.07 Trojan.Win32.Sality.103140
VirusBuster 13.6.133.0 2011.01.07 -

MD5 : 3369dba29e2ecce70cd8faa436df8420
SHA1 : b047b308735639a685d22bd95c82d9991ec4d1a7
SHA256: 50260cf30be8747434c813d7cab3c0d2aa042c4ad1283dea6d 7b6f95ec815704

File name:
autorun.inf
Submission date:
2011-01-07 15:36:23 (UTC)
Result:
17/ 42 (40.5%)

AhnLab-V3 2011.01.07.04 2011.01.07 -
AntiVir 7.11.1.54 2011.01.07 -
Antiy-AVL 2.0.3.7 2011.01.07 -
Avast 4.8.1351.0 2011.01.07 -
Avast5 5.0.677.0 2011.01.07 INF:AutoRun-gen
AVG 9.0.0.851 2011.01.07 Worm/AutoRun
BitDefender 7.2 2011.01.07 Trojan.AutorunINF.Gen
CAT-QuickHeal 11.00 2011.01.07 -
ClamAV 0.96.4.0 2011.01.07 -
Command 5.2.11.5 2011.01.07 -
Comodo 7327 2011.01.07 -
DrWeb 5.0.2.03300 2011.01.07 -
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet 36.1.8086 2011.01.07 -
F-Prot 4.6.2.117 2011.01.06 -
F-Secure 9.0.16160.0 2011.01.07 Trojan.AutorunINF.Gen
Fortinet 4.2.254.0 2011.01.07 INF/AutoRun!tr
GData 21 2011.01.07 Trojan.AutorunINF.Gen
Ikarus T3.1.1.90.0 2011.01.07 -
Jiangmin 13.0.900 2011.01.07 -
K7AntiVirus 9.75.3461 2011.01.06 -
Kaspersky 7.0.0.125 2011.01.07 -
McAfee 5.400.0.1158 2011.01.07 Generic!atr.b
McAfee-GW-Edition 2010.1C 2011.01.07 -
Microsoft 1.6402 2011.01.07 VirTool:INF/Autorun.gen
NOD32 5767 2011.01.07 INF/Autorun.gen
Norman 6.06.12 2011.01.07 -
nProtect 2011-01-07.01 2011.01.07 Trojan.AutorunINF.Gen
Panda 10.0.2.7 2011.01.07 BAT/Autorun.JUM
PCTools 7.0.3.5 2011.01.07 -
Prevx 3.0 2011.01.07 -
Rising 22.81.04.04 2011.01.07 -
Sophos 4.61.0 2011.01.07 Mal/AutoInf-B
SUPERAntiSpyware 4.40.0.1006 2011.01.07 -
Symantec 20101.3.0.103 2011.01.07 -
TheHacker 6.7.0.1.111 2011.01.06 Trojan/Autorun.gen
TrendMicro 9.120.0.1004 2011.01.07 Mal_Otorun1
TrendMicro-HouseCall 9.120.0.1004 2011.01.07 Mal_Otorun1
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7988 2011.01.07 INF.Autorun (v)
ViRobot 2011.1.7.4242 2011.01.07 -
VirusBuster 13.6.133.0 2011.01.07 INF.Autorun.Gen

MD5 : eed81b63a8a21196462e987ee8b0adcd
SHA1 : bc629f46db30c58adace0f0542694ee99e3051cf
SHA256: 3256cd97b8574ce7d37c9fa2fc923b47e17e51f57cadd70e00 c068b8800112dc5ec815704

**ISO** · 10.01.2011, 08:42

Очередной winlock, сидел в кеше IE, прописан был в параметре Shell куста реестра HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
File name:
readme[1].exe
Submission date:
2011-01-10 04:43:58 (UTC)
Result:
1/ 43 (2.3%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.10.00 2011.01.09 -
AntiVir 7.11.1.58 2011.01.09 -
Antiy-AVL 2.0.3.7 2011.01.10 -
Avast 4.8.1351.0 2011.01.09 -
Avast5 5.0.677.0 2011.01.09 -
AVG 9.0.0.851 2011.01.10 -
BitDefender 7.2 2011.01.10 -
CAT-QuickHeal 11.00 2011.01.09 -
ClamAV 0.96.4.0 2011.01.10 -
Command 5.2.11.5 2011.01.10 -
Comodo 7347 2011.01.10 -
DrWeb 5.0.2.03300 2011.01.10 -
Emsisoft 5.1.0.1 2011.01.10 -
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet None 2011.01.07 -
F-Prot 4.6.2.117 2011.01.09 -
F-Secure 9.0.16160.0 2011.01.10 -
Fortinet 4.2.254.0 2011.01.09 -
GData 21 2011.01.10 -
Ikarus T3.1.1.90.0 2011.01.10 -
Jiangmin 13.0.900 2011.01.09 -
K7AntiVirus 9.75.3472 2011.01.07 -
Kaspersky 7.0.0.125 2011.01.10 -
McAfee 5.400.0.1158 2011.01.10 -
McAfee-GW-Edition 2010.1C 2011.01.09 -
Microsoft 1.6402 2011.01.09 -
NOD32 5772 2011.01.09 -
Norman 6.06.12 2011.01.09 -
nProtect 2011-01-09.01 2011.01.09 -
Panda 10.0.2.7 2011.01.09 -
PCTools 7.0.3.5 2011.01.10 -
Prevx 3.0 2011.01.10 -
Rising 22.82.00.00 2011.01.10 -
Sophos 4.61.0 2011.01.10 -
SUPERAntiSpyware 4.40.0.1006 2011.01.10 -
Symantec 20101.3.0.103 2011.01.10 -
TheHacker 6.7.0.1.112 2011.01.09 -
TrendMicro 9.120.0.1004 2011.01.09 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.10 TROJ_LOCKSCR.VTG
VBA32 3.12.14.2 2011.01.06 -
VIPRE 8014 2011.01.10 -
ViRobot 2011.1.10.4245 2011.01.10 -
VirusBuster 13.6.136.0 2011.01.09 -

Additional information
Show all
MD5 : b900d781b0146a8e771e60e7fe02495c
SHA1 : c6b9b47767653ac3132161628526320aa8a51493
SHA256: 0c2e852fdd4bb9f9ad7d16ab9d456af72afef8f442f659ac29 4a1eba6adfc56e
http://www.virustotal.com/file-scan/...56e-1294634638

**Юльча** · 13.01.2011, 16:18

File name:xxx_video.exe
Submission date:2011-01-13 12:50:21 (UTC)
Result:7/ 43 (16.3%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.13.00 2011.01.12 -
AntiVir 7.11.1.116 2011.01.13 -
Antiy-AVL 2.0.3.7 2011.01.13 -
Avast 4.8.1351.0 2011.01.13 Win32: LockScreen-O
Avast5 5.0.677.0 2011.01.13 Win32: LockScreen-O
AVG 10.0.0.1190 2011.01.13 -
BitDefender 7.2 2011.01.13 -
CAT-QuickHeal 11.00 2011.01.13 -
ClamAV 0.96.4.0 2011.01.13 -
Command 5.2.11.5 2011.01.13 -
Comodo 7379 2011.01.13 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.13 Trojan.Inject.19660
Emsisoft 5.1.0.1 2011.01.13 -
eSafe 7.0.17.0 2011.01.12 -
eTrust-Vet 36.1.8097 2011.01.13 -
F-Prot 4.6.2.117 2011.01.12 -
F-Secure 9.0.16160.0 2011.01.13 -
Fortinet 4.2.254.0 2011.01.13 -
GData 21 2011.01.13 Win32: LockScreen-O
Ikarus T3.1.1.97.0 2011.01.13 -
Jiangmin 13.0.900 2011.01.13 -
K7AntiVirus 9.75.3523 2011.01.12 -
Kaspersky 7.0.0.125 2011.01.13 -
McAfee 5.400.0.1158 2011.01.13 -
McAfee-GW-Edition 2010.1C 2011.01.13 -
Microsoft 1.6402 2011.01.13 -
NOD32 5783 2011.01.13 Win32/LockScreen.QX
Norman 6.06.12 2011.01.13 -
nProtect 2011-01-13.01 2011.01.13 -
Panda 10.0.2.7 2011.01.12 Suspicious file
PCTools 7.0.3.5 2011.01.13 -
Prevx 3.0 2011.01.13 -
Rising 22.82.03.04 2011.01.13 -
Sophos 4.61.0 2011.01.13 -
SUPERAntiSpyware 4.40.0.1006 2011.01.13 -
Symantec 20101.3.0.103 2011.01.13 -
TheHacker 6.7.0.1.114 2011.01.13 -
TrendMicro 9.120.0.1004 2011.01.13 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.13 -
VBA32 3.12.14.2 2011.01.13 -
VIPRE 8058 2011.01.13 -
ViRobot 2011.1.13.4252 2011.01.13 -
VirusBuster 13.6.143.1 2011.01.13 -

report

**Юльча** · 14.01.2011, 21:12

File name:wing.exe
Submission date:2011-01-13 22:43:44 (UTC)
Result:4 /43 (9.3%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.14.00 2011.01.13 -
AntiVir 7.11.1.122 2011.01.13 Worm/Autorun.bzma
Antiy-AVL 2.0.3.7 2011.01.13 -
Avast 4.8.1351.0 2011.01.13 -
Avast5 5.0.677.0 2011.01.13 -
AVG 10.0.0.1190 2011.01.13 -
BitDefender 7.2 2011.01.13 -
CAT-QuickHeal 11.00 2011.01.13 -
ClamAV 0.96.4.0 2011.01.13 -
Command 5.2.11.5 2011.01.13 -
Comodo 7381 2011.01.13 -
DrWeb 5.0.2.03300 2011.01.13 -
Emsisoft 5.1.0.1 2011.01.13 Backdoor.Gen2!IK
eSafe 7.0.17.0 2011.01.13 -
eTrust-Vet 36.1.8098 2011.01.13 -
F-Prot 4.6.2.117 2011.01.13 -
F-Secure 9.0.16160.0 2011.01.13 -
Fortinet 4.2.254.0 2011.01.13 -
GData 21 2011.01.13 -
Ikarus T3.1.1.97.0 2011.01.13 Backdoor.Gen2
Jiangmin 13.0.900 2011.01.13 -
K7AntiVirus 9.75.3535 2011.01.13 -
Kaspersky 7.0.0.125 2011.01.13 Worm.Win32.AutoRun.bzma
McAfee 5.400.0.1158 2011.01.13 -
McAfee-GW-Edition 2010.1C 2011.01.13 -
Microsoft 1.6402 2011.01.13 -
NOD32 5785 2011.01.13 -
Norman 6.06.12 2011.01.13 -
nProtect 2011-01-13.01 2011.01.13 -
Panda 10.0.2.7 2011.01.13 -
PCTools 7.0.3.5 2011.01.13 -
Prevx 3.0 2011.01.13 -
Rising 22.82.03.04 2011.01.13 -
Sophos 4.61.0 2011.01.13 -
SUPERAntiSpyware 4.40.0.1006 2011.01.13 -
Symantec 20101.3.0.103 2011.01.13 -
TheHacker 6.7.0.1.114 2011.01.13 -
TrendMicro 9.120.0.1004 2011.01.13 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.13 -
VBA32 3.12.14.2 2011.01.13 -
VIPRE 8064 2011.01.13 -
ViRobot 2011.1.13.4252 2011.01.13 -
VirusBuster 13.6.144.0 2011.01.13 -

VT

**ISO** · 17.01.2011, 18:59

Очередной блокиратор windows< на этот раз прописан был в реестре в параметре shell профиля пользователя. Грузился из кэша Opera.
xxx_video_41774.avi.exe
Submission date:
2011-01-17 15:09:16 (UTC)
Result:
2 /43 (4.7%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.16.00 2011.01.16 -
AntiVir 7.11.1.153 2011.01.17 -
Antiy-AVL 2.0.3.7 2011.01.17 -
Avast 4.8.1351.0 2011.01.17 -
Avast5 5.0.677.0 2011.01.17 -
AVG 10.0.0.1190 2011.01.17 -
BitDefender 7.2 2011.01.17 -
CAT-QuickHeal 11.00 2011.01.17 -
ClamAV 0.96.4.0 2011.01.17 -
Command 5.2.11.5 2011.01.16 -
Comodo 7420 2011.01.17 -
DrWeb 5.0.2.03300 2011.01.17 -
Emsisoft 5.1.0.1 2011.01.17 -
eSafe 7.0.17.0 2011.01.17 -
eTrust-Vet 36.1.8104 2011.01.17 -
F-Prot 4.6.2.117 2011.01.16 -
F-Secure 9.0.16160.0 2011.01.17 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.17 -
Ikarus T3.1.1.97.0 2011.01.17 -
Jiangmin 13.0.900 2011.01.17 -
K7AntiVirus 9.75.3548 2011.01.14 -
Kaspersky 7.0.0.125 2011.01.17 -
McAfee 5.400.0.1158 2011.01.17 -
McAfee-GW-Edition 2010.1C 2011.01.17 -
Microsoft 1.6402 2011.01.17 Trojan:Win32/Ransom.BY
NOD32 5793 2011.01.17 -
Norman 6.06.12 2011.01.17 -
nProtect 2011-01-17.01 2011.01.17 -
Panda 10.0.2.7 2011.01.16 -
PCTools 7.0.3.5 2011.01.17 -
Prevx 3.0 2011.01.17 -
Rising 22.83.00.03 2011.01.17 -
Sophos 4.61.0 2011.01.17 -
SUPERAntiSpyware 4.40.0.1006 2011.01.17 -
Symantec 20101.3.0.103 2011.01.17 -
TheHacker 6.7.0.1.115 2011.01.14 -
TrendMicro 9.120.0.1004 2011.01.17 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2011.01.17 -
VBA32 3.12.14.2 2011.01.17 -
VIPRE 8099 2011.01.17 -
ViRobot 2011.1.17.4259 2011.01.17 -
VirusBuster 13.6.150.0 2011.01.17 -

Additional information
Show all
MD5 : 42fcd8c9f0d04a9ff9f821a97640537e
SHA1 : e43c044fb8e456fccba6eeb9d436ff5d0d593c06
SHA256: 8241f904b3ec6c8b45211cf2226263ca73653a201eb4accb1e b9455fe342f2bf
http://www.virustotal.com/file-scan/...2bf-1295276956

**Юльча** · 18.01.2011, 11:30

File name: javaobe.jar
Submission date: 2011-01-18 07:56:57 (UTC)
Result: 3/ 43 (7.0%)

Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.01.15.01 2011.01.15 -
AntiVir 7.11.1.163 2011.01.17 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.17 -
Avast5 5.0.677.0 2011.01.17 -
AVG 10.0.0.1190 2011.01.12 -
BitDefender 7.2 2011.01.18 -
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7427 2011.01.18 -
DrWeb 5.0.2.03300 2011.01.18 Java.Downloader.164
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.17 -
eTrust-Vet 36.1.8105 2011.01.17 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.17 -
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 Trojan-Downloader.Java.OpenConnection.cw
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.17 -
Microsoft 1.6402 2011.01.18 -
NOD32 5795 2011.01.17 a variant of Java/TrojanDownloader.OpenStream.NAY
Norman 6.06.12 2011.01.17 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.17 -
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.01 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.115 2011.01.14 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.17 -
VIPRE 8108 2011.01.18 -
ViRobot 2011.1.18.4260 2011.01.18 -
VirusBuster 13.6.151.0 2011.01.17 -

Additional informationShow all
MD5 : dfb15e56a0f61c49ea298edef2b0aac7
SHA1 : 9f570a76f1b8dd0ba86a1d9e36d80e53ec127c2d

VT

**5ergi0** · 18.01.2011, 18:23

Очередной winlock, создает пару файлов в \windows - rundll.bat и nvcvc32.exe, в HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon меняет Shell на EXPLORER.EXE %WINDIR%\RUNDLL.BAT Номера телефонов - 3116 и 84444

File name:
nvcvc32.exe
Submission date:
2011-01-18 14:25:12 (UTC)
Current status:
finished
Result:
11 /43 (25.6%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot
AntiVir 7.11.1.170 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
BitDefender 7.2 2011.01.18 Trojan.Generic.KDV.112122
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7431 2011.01.18 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.18 Trojan.Winlock.2884
Emsisoft 5.1.0.1 2011.01.18 Virus.Win32.Induc!IK
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.18 Trojan.Generic.KDV.112122
Ikarus T3.1.1.97.0 2011.01.18 Virus.Win32.Induc
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 Artemis!3B25DE57F5BA
McAfee-GW-Edition 2010.1C 2011.01.18 Artemis!3B25DE57F5BA
Microsoft 1.6402 2011.01.18 Virus:Win32/Induc.A
NOD32 5797 2011.01.18 Win32/Induc.A
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.17 -
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.115 2011.01.14 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8111 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.151.0 2011.01.17 -

Additional information

MD5 : 3b25de57f5baf962ded3b1f300f2a1c7
SHA1 : 7b86c12ee65224f0fb827306a9884b190efb81ca
SHA256: e485495c8a9e15deae56f78884706c7c30c881b485d0cd97b9 b2136d35b37e6d

VT

**ISO** · 18.01.2011, 21:20

0.701673132117444.exe
Submission date:
2011-01-18 18:00:53 (UTC)

Result:
2 /43 (4.7%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
BitDefender 7.2 2011.01.18 -
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7432 2011.01.18 -
DrWeb 5.0.2.03300 2011.01.18 -
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.18 -
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.18 -
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.18 Suspicious file
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -

Additional information
Show all
MD5 : 86680943c428158604eeecc98f05bb09
SHA1 : 9a1bfc7f652c613598b53bbf8fd3650365b630d8
SHA256: 7746f6b7ae6fa7c9ee3476214f87aee481938c39641e651fa2 aeeb66bafbe287

File name:
0.4371517777213674.exe
Submission date:
2011-01-18 18:18:07 (UTC)
Result:
11/ 43 (25.6%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
BitDefender 7.2 2011.01.18 Gen:Variant.Kazy.8575
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7432 2011.01.18 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.18 Trojan.Winlock.2741
Emsisoft 5.1.0.1 2011.01.18 Gen.Variant.Kazy!IK
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 Gen:Variant.Kazy.8575
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.18 Gen:Variant.Kazy.8575
Ikarus T3.1.1.97.0 2011.01.18 Gen.Variant.Kazy
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 Artemis!60AC4669D676
McAfee-GW-Edition 2010.1C 2011.01.18 Artemis!60AC4669D676
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.18 Suspicious file
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -

Additional information
Show all
MD5 : 60ac4669d676ab648b4f3b5963014ebb
SHA1 : 95941db7c452bc8a46ed134b35bbe14856cca6bc
SHA256: a5002de8515dc0e11692a1d774cd89a5a824097bff36e7622c 5c243021fb4978

File name:
0.835926453763574.exe
Submission date:
2011-01-18 18:18:47 (UTC)
Result:
7/ 42 (16.7%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 unknown virus Win32/DH.CAFF82016F
BitDefender 7.2 2011.01.18 Gen:Variant.Kazy.8575
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7432 2011.01.18 Heur.Suspicious
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 Gen:Variant.Kazy.8575
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.18 Gen:Variant.Kazy.8575
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.18 -
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.18 Suspicious file
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -

Additional information
Show all
MD5 : 9cbdf91f71253fa9ff3ee2a465d8d136
SHA1 : 13e1739dc00ab9316d42ba65359196fda13caa87
SHA256: 07054ca47514a542d15e8843abab8fb77277089f9ae711f024 84a2f7f4578d66

File name:
0.8896806878863428.exe
Submission date:
2011-01-18 18:25:01 (UTC)
Result:
4/ 43 (9.3%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
BitDefender 7.2 2011.01.18 Gen:Variant.Kazy.8581
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7432 2011.01.18 -
DrWeb 5.0.2.03300 2011.01.18 -
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 Gen:Variant.Kazy.8581
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.18 Gen:Variant.Kazy.8581
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.18 -
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.18 -
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -

Additional information
Show all
MD5 : 2e20a5ac8eeefa55b92f3ffb673c46e5
SHA1 : f690d1df62c5a555196c4cd9b9c16cc3ec5b8ef4
SHA256: 098401201c235b663071d95dc0f1d487e25d79cb7a2a6fb622 09683db4dd4bf1

**amcenter** · 21.01.2011, 20:46

File name: system.exe
Submission date: 2011-01-21 17:02:15 (UTC)
Current status: finished
Result: 8 /43 (18.6%)

Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 -
AntiVir 7.11.1.210 2011.01.21 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.21 -
Avast5 5.0.677.0 2011.01.21 -
AVG 10.0.0.1190 2011.01.21 -
BitDefender 7.2 2011.01.21 Trojan.Generic.KD.114491
CAT-QuickHeal 11.00 2011.01.21 -
ClamAV 0.96.4.0 2011.01.21 -
Commtouch 5.2.11.5 2011.01.21 -
Comodo 7465 2011.01.21 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2011.01.21 Trojan.Click1.29439
Emsisoft 5.1.0.1 2011.01.21 -
eSafe 7.0.17.0 2011.01.20 -
eTrust-Vet 36.1.8114 2011.01.21 -
F-Prot 4.6.2.117 2011.01.20 -
F-Secure 9.0.16160.0 2011.01.21 -
Fortinet 4.2.254.0 2011.01.21 W32/Refroso.AGEA!tr
GData 21 2011.01.21 Trojan.Generic.KD.114491
Ikarus T3.1.1.97.0 2011.01.21 -
Jiangmin 13.0.900 2011.01.21 -
K7AntiVirus 9.77.3616 2011.01.21 -
Kaspersky 7.0.0.125 2011.01.21 -
McAfee 5.400.0.1158 2011.01.21 -
McAfee-GW-Edition 2010.1C 2011.01.21 -
Microsoft 1.6502 2011.01.21 -
NOD32 5806 2011.01.21 Win32/AutoRun.Agent.WF
Norman 6.06.12 2011.01.21 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.21 Suspicious file
PCTools 7.0.3.5 2011.01.21 -
Prevx 3.0 2011.01.21 -
Rising 23.41.04.06 2011.01.21 -
Sophos 4.61.0 2011.01.21 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2011.01.21 -
Symantec 20101.3.0.103 2011.01.21 -
TheHacker 6.7.0.1.118 2011.01.21 -
TrendMicro 9.120.0.1004 2011.01.21 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.21 -
VBA32 3.12.14.3 2011.01.21 -
VIPRE 8143 2011.01.21 -
ViRobot 2011.1.21.4267 2011.01.21 -
VirusBuster 13.6.157.1 2011.01.21 -
Additional information
Show all
MD5 : ed14c178be5cb21d95020ec7db12a1c3
SHA1 : ac2c1ad6efc0115fa87f3e543da767a35753c3b0
SHA256: 7843b56666d385a27073c5d786b809d8ee6ab8eb438687ea1e 187a3d0589856f

http://www.virustotal.com/file-scan/...56f-1295629335

Анализ действий:
http://www.threatexpert.com/report.a...020ec7db12a1c3

**Korvelle** · 23.01.2011, 10:20

Соц. сети это кладезь новых образцов.download_10285781-.zip.exe
Submission date:
2011-01-23 07:13:45 (UTC)
Result:
2/ 43 (4.7%)

Compact

Antivirus Version Last Update Result
AhnLab-V32011.01.18.002011.01.17-
AntiVir7.11.1.2162011.01.21-
Antiy-AVL2.0.3.72011.01.18-
Avast4.8.1351.02011.01.22-
Avast55.0.677.02011.01.22-
AVG10.0.0.11902011.01.23-
BitDefender7.22011.01.23-
CAT-QuickHeal11.002011.01.22-
ClamAV0.96.4.02011.01.23-
Commtouch5.2.11.52011.01.23-
Comodo74762011.01.23-
DrWeb5.0.2.033002011.01.23Trojan.SMSSend.326
Emsisoft5.1.0.12011.01.23-
eSafe7.0.17.02011.01.20-
eTrust-Vet36.1.81152011.01.21-
F-Prot4.6.2.1172011.01.22-
F-Secure9.0.16160.02011.01.23-
Fortinet4.2.254.02011.01.23-
GData212011.01.23-
IkarusT3.1.1.97.02011.01.23-
Jiangmin13.0.9002011.01.23-
K7AntiVirus9.77.36182011.01.22-
Kaspersky7.0.0.1252011.01.23-
McAfee5.400.0.11582011.01.23-
McAfee-GW-Edition2010.1C2011.01.22-
Microsoft1.65022011.01.23-
NOD3258092011.01.22-
Norman6.06.122011.01.22-
nProtect2011-01-18.012011.01.18-
Panda10.0.2.72011.01.22-
PCTools7.0.3.52011.01.22-
Prevx3.02011.01.23-
Rising23.41.05.032011.01.22-
Sophos4.61.02011.01.23Sus/ComPack-L
SUPERAntiSpyware4.40.0.10062011.01.22-
Symantec20101.3.0.1032011.01.23-
TheHacker6.7.0.1.1182011.01.21-
TrendMicro9.120.0.10042011.01.23-
TrendMicro-HouseCall9.120.0.10042011.01.23-
VBA323.12.14.32011.01.21-
VIPRE81632011.01.23-
ViRobot2011.1.22.42692011.01.22-
VirusBuster13.6.159.22011.01.22-

Additional information
Show all
MD5 : ec19535de1e6fdca70b978c199420b57 SHA1 : 7e79ddb7188fa629c5e2b1a420306c5b35ce8d84 SHA256: feb0d01e8aa1a9bfd010243425b70aebcaee642ccfb186a4f4 7499ed1f0124fd

Исследование антивирусов 7

Опции темы

Похожие темы

Исследование антивирусов 6

Исследование антивирусов 5

Исследование антивирусов 4

Исследование антивирусов 3

Исследование антивирусов 2

Метки для этой темы

Ваши права в разделе