# Форум на русском языке  > Решения по информационной безопасности  > Антивирусы  >  Исследование антивирусов 4

## Geser

В общем думал я думал как сделать более-менее объективную оценку антивирусов, и кое что придумал. Вот в эту тему прошу всех постить результаты проверки зверей которые были пойманы исключительно ручками. Т.е. которых не видел установленный на компютере антивирус. Так выборка будет по настоящему случайной.

Постить в эту тему результаты проверки файлов исключительно пойманных руками на компьютерах.

*Не* постить результаты проверки файлов найденных на других сайтах или в коллекциях. 
*Не* постить результаты проверки файлов изначально найденных антивирусом.

Предыдущие результаты:
http://virusinfo.info/showthread.php?t=4367

STATUS: FINISHEDComplete scanning result of "winkve32.dll", received in VirusTotal at 07.02.2006, 19:28:21 (CET).

Antivirus Version Update Result 
AntiVir 6.35.0.19 07.02.2006 TR/PCK.Klone.G.1 
Authentium 4.93.8 06.30.2006  no virus found 
Avast 4.7.844.0 06.29.2006  no virus found 
AVG 386 06.30.2006 Generic.WXQ 
BitDefender 7.2 07.02.2006  no virus found 
CAT-QuickHeal 8.00 07.01.2006  no virus found 
ClamAV devel-20060426 07.01.2006  no virus found 
DrWeb 4.33 07.02.2006 Trojan.Mezzia 
eTrust-InoculateIT 23.72.56 07.02.2006  no virus found 
eTrust-Vet 12.6.2283 06.30.2006  no virus found 
Ewido 3.5 07.02.2006  no virus found 
Fortinet 2.77.0.0 07.01.2006 W32/Klone.G 
F-Prot 3.16f 06.30.2006  no virus found 
Ikarus 0.2.65.0 06.30.2006  no virus found 
Kaspersky 4.0.2.24 07.02.2006 Packed.Win32.Klone.g 
McAfee 4797 06.30.2006  no virus found 
Microsoft 1.1481 07.01.2006  no virus found 
NOD32v2 1.1637 07.02.2006  no virus found 
Norman 5.90.21 06.30.2006  no virus found 
Panda 9.0.0.4 07.02.2006 Suspicious file 
Sophos 4.07.0 07.02.2006  no virus found 
Symantec 8.0 07.02.2006  no virus found 
TheHacker 5.9.8.167 06.30.2006  no virus found 
UNA 1.83 06.30.2006  no virus found 
VBA32 3.11.0 07.02.2006 Trojan.Mezzia 
VirusBuster 4.3.7:9 07.02.2006 no virus found

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Geser

STATUS: FINISHEDComplete scanning result of "rdgRU2404.exe", received in VirusTotal at 07.02.2006, 19:30:31 (CET).

Antivirus Version Update Result 
AntiVir 6.35.0.19 07.02.2006 TR/Dldr.Obfuscated.N.5 
Authentium 4.93.8 06.30.2006  no virus found 
Avast 4.7.844.0 06.29.2006  no virus found 
AVG 386 06.30.2006  no virus found 
BitDefender 7.2 07.02.2006  no virus found 
CAT-QuickHeal 8.00 07.01.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 07.01.2006 Dialer-306 
DrWeb 4.33 07.02.2006  no virus found 
eTrust-InoculateIT 23.72.56 07.02.2006  no virus found 
eTrust-Vet 12.6.2283 06.30.2006  no virus found 
Ewido 3.5 07.02.2006  no virus found 
Fortinet 2.77.0.0 07.01.2006 Dial/269 
F-Prot 3.16f 06.30.2006  no virus found 
Ikarus 0.2.65.0 06.30.2006  no virus found 
Kaspersky 4.0.2.24 07.02.2006 Trojan-Downloader.Win32.Obfuscated.n 
McAfee 4797 06.30.2006 potentially unwanted program Dialer-269 
Microsoft 1.1481 07.01.2006  no virus found 
NOD32v2 1.1637 07.02.2006  no virus found 
Norman 5.90.21 06.30.2006  no virus found 
Panda 9.0.0.4 07.02.2006  no virus found 
Sophos 4.07.0 07.02.2006  no virus found 
Symantec 8.0 07.02.2006  no virus found 
TheHacker 5.9.8.167 06.30.2006  no virus found 
UNA 1.83 06.30.2006  no virus found 
VBA32 3.11.0 07.02.2006  no virus found 
VirusBuster 4.3.7:9 07.02.2006 no virus found

----------


## Geser

STATUS: FINISHEDComplete scanning result of "win3A.tmp.exe", received in VirusTotal at 07.02.2006, 19:30:59 (CET).

Antivirus Version Update Result 
AntiVir 6.35.0.19 07.02.2006 TR/Pakes.A.602 
Authentium 4.93.8 06.30.2006  no virus found 
Avast 4.7.844.0 06.29.2006  no virus found 
AVG 386 06.30.2006 Generic.WUE 
BitDefender 7.2 07.02.2006  no virus found 
CAT-QuickHeal 8.00 07.01.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 07.01.2006  no virus found 
DrWeb 4.33 07.02.2006 Trojan.DownLoader.10628 
eTrust-InoculateIT 23.72.56 07.02.2006 Win32/SillyDl.AGC!Trojan 
eTrust-Vet 12.6.2283 06.30.2006  no virus found 
Ewido 3.5 07.02.2006  no virus found 
Fortinet 2.77.0.0 07.01.2006 W32/Pakes!tr 
F-Prot 3.16f 06.30.2006  no virus found 
Ikarus 0.2.65.0 06.30.2006  no virus found 
Kaspersky 4.0.2.24 07.02.2006 Trojan.Win32.Pakes 
McAfee 4797 06.30.2006 Generic Downloader.ab 
Microsoft 1.1481 07.01.2006  no virus found 
NOD32v2 1.1637 07.02.2006  no virus found 
Norman 5.90.21 06.30.2006  no virus found 
Panda 9.0.0.4 07.02.2006 Adware/SystemDoctor 
Sophos 4.07.0 07.02.2006  no virus found 
Symantec 8.0 07.02.2006 Trojan Horse 
TheHacker 5.9.8.167 06.30.2006  no virus found 
UNA 1.83 06.30.2006 Trojan.Win32.Pakes 
VBA32 3.11.0 07.02.2006 Trojan.Win32.Pakes 
VirusBuster 4.3.7:9 07.02.2006 no virus found

----------


## Exxx

Complete scanning result of "zipcodec-v6.155.exe", received in VirusTotal at 07.05.2006, 11:35:08 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.20	07.05.2006	DR/Zlob.Gen
Authentium	4.93.8	07.05.2006	no virus found
Avast	4.7.844.0	07.03.2006	no virus found
AVG	386	07.04.2006	no virus found
BitDefender	7.2	07.05.2006	no virus found
CAT-QuickHeal	8.00	07.04.2006	no virus found
ClamAV	devel-20060426	07.04.2006	no virus found
DrWeb	4.33	07.05.2006	Trojan.Popuper
eTrust-InoculateIT	23.72.59	07.04.2006	no virus found
eTrust-Vet	12.6.2287	07.05.2006	no virus found
Ewido	3.5	07.05.2006	no virus found
Fortinet	2.77.0.0	07.05.2006	suspicious
F-Prot	3.16f	07.05.2006	no virus found
F-Prot4	4.2.1.29	07.05.2006	no virus found
Ikarus	0.2.65.0	07.04.2006	no virus found
Kaspersky	4.0.2.24	07.05.2006	Trojan-Downloader.Win32.Zlob.wq
McAfee	4799	07.04.2006	no virus found
Microsoft	1.1481	07.01.2006	no virus found
NOD32v2	1.1644	07.04.2006	no virus found
Norman	5.90.23	07.05.2006	no virus found
Panda	9.0.0.4	07.04.2006	no virus found
Sophos	4.07.0	07.05.2006	no virus found
Symantec	8.0	07.05.2006	no virus found
TheHacker	5.9.8.169	07.04.2006	no virus found
UNA	1.83	07.04.2006	no virus found
VBA32	3.11.0	07.04.2006	no virus found
VirusBuster	4.3.7:9	07.04.2006	no virus found

----------


## mvlab

Complete scanning result of "aspi277816._xe", received in VirusTotal at 07.10.2006, 06:13:38 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	no virus found
Authentium	4.93.8	07.07.2006	no virus found
Avast	4.7.844.0	07.07.2006	Win32 :lol: mir-BK
AVG	386	07.07.2006	no virus found
BitDefender	7.2	07.10.2006	BehavesLike:Win32.SiteHijack
CAT-QuickHeal	8.00	07.07.2006	no virus found
ClamAV	devel-20060426	07.07.2006	Trojan.Danmec.B-dll
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	no virus found
eTrust-Vet	12.6.2291	07.07.2006	Win32/Danmec!generic
Ewido	3.5	07.09.2006	no virus found
Fortinet	2.77.0.0	07.10.2006	no virus found
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	no virus found
Ikarus	0.2.65.0	07.07.2006	no virus found
Kaspersky	4.0.2.24	07.10.2006	no virus found
McAfee	4802	07.07.2006	no virus found
Microsoft	1.1481	07.09.2006	no virus found
NOD32v2	1.1651	07.08.2006	probably a variant of Win32/Spy.Gepost
Norman	5.90.23	07.07.2006	no virus found
Panda	9.0.0.4	07.09.2006	Suspicious file
Sophos	4.07.0	07.09.2006	no virus found
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	no virus found
UNA	1.83	07.08.2006	no virus found
VBA32	3.11.0	07.09.2006	suspected of Backdoor.Agent.123 (paranoid heuristics)
VirusBuster	4.3.7:9	07.09.2006	no virus found

Aditional Information
File size: 37376 bytes
MD5: c5ff5f2370a91f2cc5173c65bf1b7b06
SHA1: ed6e14595f753c7f6e5a2dde044df007a2cc8981
packers: UPX

----------


## mvlab

Complete scanning result of "dlh9jkdq1._xe", received in VirusTotal at 07.10.2006, 06:24:29 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	TR/Dldr.Small.agq.4
Authentium	4.93.8	07.07.2006	no virus found
Avast	4.7.844.0	07.07.2006	no virus found
AVG	386	07.07.2006	Downloader.Generic.QUS
BitDefender	7.2	07.10.2006	Trojan.Downloader.CZO
CAT-QuickHeal	8.00	07.07.2006	Trojan.Small.agq.4
ClamAV	devel-20060426	07.07.2006	Trojan.Downloader.Small-811
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	no virus found
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	Downloader.Small
Fortinet	2.77.0.0	07.10.2006	W32/Dloader.F!tr
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	no virus found
Ikarus	0.2.65.0	07.07.2006	Trojan-Downloader.Win32.Tibs.M
Kaspersky	4.0.2.24	07.10.2006	no virus found
McAfee	4802	07.07.2006	Generic Downloader.f
Microsoft	1.1481	07.09.2006	Downloader.AT (threat-c)
NOD32v2	1.1651	07.08.2006	Win32/TrojanDownloader.Small.AWA
Norman	5.90.23	07.07.2006	W32/DLoader.FJG
Panda	9.0.0.4	07.09.2006	Adware/Adsmart
Sophos	4.07.0	07.09.2006	Troj/Small-BBP
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	W32/SdBot(2).worm.gen
UNA	1.83	07.08.2006	TrojanDownloader.Win32.Small
VBA32	3.11.0	07.09.2006	Trojan.PWS.GoldSpy
VirusBuster	4.3.7:9	07.09.2006	Trojan.Small.AWC

Aditional Information
File size: 2518 bytes
MD5: e1f690200eb34cfd48166bb4f5747c8b
SHA1: af0b4f4c8c54f62cb24ee6c1b820b7dbbe402edb
packers: FSG

----------


## mvlab

Complete scanning result of "ICQ2003Decrypt._ll", received in VirusTotal at 07.10.2006, 06:28:18 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	W32/Bizex.A.DLL
Authentium	4.93.8	07.07.2006	no virus found
Avast	4.7.844.0	07.07.2006	Win32:Trojan-gen. {Other}
AVG	386	07.07.2006	no virus found
BitDefender	7.2	07.10.2006	Win32.HLLW.Bizex.A
CAT-QuickHeal	8.00	07.07.2006	PSWTool.ICQ.l (Not a Virus)
ClamAV	devel-20060426	07.07.2006	no virus found
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	no virus found
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	Not-A-Virus.PSWTool.Win32.ICQ.l
Fortinet	2.77.0.0	07.10.2006	HackerTool/ICQ
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	no virus found
Ikarus	0.2.65.0	07.07.2006	Worm.Win32.Bizex
Kaspersky	4.0.2.24	07.10.2006	not-a-virus :Stick Out Tongue: SWTool.Win32.ICQ.l
McAfee	4802	07.07.2006	no virus found
Microsoft	1.1481	07.09.2006	no virus found
NOD32v2	1.1651	07.08.2006	unpack error
Norman	5.90.23	07.07.2006	W32/Bizex.K
Panda	9.0.0.4	07.09.2006	Trj/Bizex.E
Sophos	4.07.0	07.09.2006	no virus found
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	no virus found
UNA	1.83	07.08.2006	Worm.Win32.Bizex.b
VBA32	3.11.0	07.09.2006	Win32.Worm.Bizex
VirusBuster	4.3.7:9	07.09.2006	Trojan.Bizex.A

Aditional Information
File size: 7168 bytes
MD5: 477316c4c75b3bc03a5bc7ea23866d8a
SHA1: e064b2a2de99be1052df09bdb72e5cf0b3e3efc1
packers: UPX, embedded

----------


## mvlab

Complete scanning result of "kernels8._xe", received in VirusTotal at 07.10.2006, 06:30:23 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	TR/Crypt.F.Gen
Authentium	4.93.8	07.07.2006	no virus found
Avast	4.7.844.0	07.07.2006	no virus found
AVG	386	07.07.2006	Downloader.Tibs
BitDefender	7.2	07.10.2006	Trojan.Downloader.Tibs.1.Gen
CAT-QuickHeal	8.00	07.07.2006	no virus found
ClamAV	devel-20060426	07.07.2006	no virus found
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	no virus found
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	no virus found
Fortinet	2.77.0.0	07.10.2006	no virus found
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	no virus found
Ikarus	0.2.65.0	07.07.2006	no virus found
Kaspersky	4.0.2.24	07.10.2006	Trojan-Downloader.Win32.Tibs.fj
McAfee	4802	07.07.2006	Generic Downloader.bl
Microsoft	1.1481	07.09.2006	no virus found
NOD32v2	1.1651	07.08.2006	probably a variant of Win32/TrojanDownloader.Small.AWA
Norman	5.90.23	07.07.2006	no virus found
Panda	9.0.0.4	07.09.2006	Suspicious file
Sophos	4.07.0	07.09.2006	no virus found
Symantec	8.0	07.10.2006	Trojan.Galapoper.A
TheHacker	5.9.8.171	07.10.2006	no virus found
UNA	1.83	07.08.2006	no virus found
VBA32	3.11.0	07.09.2006	no virus found
VirusBuster	4.3.7:9	07.09.2006	no virus found

Aditional Information
File size: 7701 bytes
MD5: 38443465b705485b143394f50ebdb661
SHA1: f748d3fccb3de9c08260d39c516228b368216522

----------


## mvlab

Complete scanning result of "OEM._xe", received in VirusTotal at 07.10.2006, 07:04:51 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	no virus found
Authentium	4.93.8	07.07.2006	could be a corrupted executable file
Avast	4.7.844.0	07.07.2006	no virus found
AVG	386	07.07.2006	no virus found
BitDefender	7.2	07.10.2006	no virus found
CAT-QuickHeal	8.00	07.10.2006	no virus found
ClamAV	devel-20060426	07.07.2006	no virus found
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	Win32/ConycSp.4ib!Trojan
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	Proxy.Agent.jw
Fortinet	2.77.0.0	07.10.2006	suspicious
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	no virus found
Ikarus	0.2.65.0	07.07.2006	no virus found
Kaspersky	4.0.2.24	07.10.2006	no virus found
McAfee	4802	07.07.2006	no virus found
Microsoft	1.1481	07.09.2006	no virus found
NOD32v2	1.1651	07.08.2006	no virus found
Norman	5.90.23	07.07.2006	W32/Agent.ABIP
Panda	9.0.0.4	07.09.2006	no virus found
Sophos	4.07.0	07.09.2006	no virus found
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	no virus found
UNA	1.83	07.08.2006	no virus found
VBA32	3.11.0	07.09.2006	no virus found
VirusBuster	4.3.7:9	07.09.2006	Trojan.PR.Agent.CQI

Aditional Information
File size: 43507 bytes
MD5: 57c59d5987ea6a35420f0d2cdb252ed2
SHA1: c7d71f0d31fe5bce2be1b98cb4fe3dd7eaedda9a

----------


## mvlab

Complete scanning result of "select._xe", received in VirusTotal at 07.10.2006, 07:23:36 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	TR/Proxy.Small.EM.2
Authentium	4.93.8	07.07.2006	no virus found
Avast	4.7.844.0	07.07.2006	no virus found
AVG	386	07.07.2006	no virus found
BitDefender	7.2	07.10.2006	no virus found
CAT-QuickHeal	8.00	07.10.2006	no virus found
ClamAV	devel-20060426	07.07.2006	no virus found
DrWeb	4.33	07.09.2006	Trojan.Proxy.995
eTrust-InoculateIT	23.72.64	07.09.2006	no virus found
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	Proxy.Small.em
Fortinet	2.77.0.0	07.10.2006	W32/Small.EM!tr
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	Possibly a new unknown PE_Virus!Maximus
Ikarus	0.2.65.0	07.07.2006	no virus found
Kaspersky	4.0.2.24	07.10.2006	Trojan-Proxy.Win32.Small.em
McAfee	4802	07.07.2006	no virus found
Microsoft	1.1481	07.10.2006	no virus found
NOD32v2	1.1651	07.08.2006	no virus found
Norman	5.90.23	07.07.2006	no virus found
Panda	9.0.0.4	07.09.2006	Suspicious file
Sophos	4.07.0	07.09.2006	no virus found
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	no virus found
UNA	1.83	07.08.2006	no virus found
VBA32	3.11.0	07.09.2006	Trojan-Proxy.Win32.Small.em
VirusBuster	4.3.7:9	07.09.2006	no virus found

Aditional Information
File size: 27136 bytes
MD5: 6416cdf9f1fc2b6ae69d587382bb32d1
SHA1: 70e8299ddd3bb085baeff32acfc9388f88b16394
packers: UPX

----------


## mvlab

Complete scanning result of "vxgame2._xe", received in VirusTotal at 07.10.2006, 07:27:41 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	no virus found
Authentium	4.93.8	07.07.2006	could be a corrupted executable file
Avast	4.7.844.0	07.07.2006	no virus found
AVG	386	07.07.2006	no virus found
BitDefender	7.2	07.10.2006	no virus found
CAT-QuickHeal	8.00	07.10.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	07.07.2006	no virus found
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	Win32/Cosiam.6bc!Trojan
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	no virus found
Fortinet	2.77.0.0	07.10.2006	suspicious
F-Prot	3.16f	07.07.2006	no virus found
F-Prot4	4.2.1.29	07.07.2006	no virus found
Ikarus	0.2.65.0	07.07.2006	no virus found
Kaspersky	4.0.2.24	07.10.2006	no virus found
McAfee	4802	07.07.2006	no virus found
Microsoft	1.1481	07.10.2006	no virus found
NOD32v2	1.1651	07.08.2006	no virus found
Norman	5.90.23	07.07.2006	W32/Agent.AEML
Panda	9.0.0.4	07.09.2006	Trj/Jupillites.G
Sophos	4.07.0	07.10.2006	no virus found
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	no virus found
UNA	1.83	07.08.2006	no virus found
VBA32	3.11.0	07.09.2006	no virus found
VirusBuster	4.3.7:9	07.09.2006	no virus found

Aditional Information
File size: 12771 bytes
MD5: 26a5ac9179271b3661cb3ff1a177904a
SHA1: 101d073afe4642d5a43e2502cbf2ecbfc7dbc8bc

----------


## mvlab

Complete scanning result of "vxgamet4._xe", received in VirusTotal at 07.10.2006, 07:31:53 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.09.2006	TR/Dldr.Small.agq.4
Authentium	4.93.8	07.07.2006	W32/Downloader.MAP
Avast	4.7.844.0	07.07.2006	Win32:Trojan-gen. {Other}
AVG	386	07.07.2006	Downloader.Generic.QUS
BitDefender	7.2	07.10.2006	Trojan.Downloader.CZO
CAT-QuickHeal	8.00	07.10.2006	Trojan.Small.agq.4
ClamAV	devel-20060426	07.07.2006	Trojan.Downloader.Small-811
DrWeb	4.33	07.09.2006	no virus found
eTrust-InoculateIT	23.72.64	07.09.2006	no virus found
eTrust-Vet	12.6.2291	07.07.2006	no virus found
Ewido	3.5	07.09.2006	Trojan.Small
Fortinet	2.77.0.0	07.10.2006	W32/Dloader.F!tr
F-Prot	3.16f	07.07.2006	security risk named W32/Downloader.MAP
F-Prot4	4.2.1.29	07.07.2006	W32/Downloader.MAP
Ikarus	0.2.65.0	07.07.2006	Trojan-Downloader.Win32.Tibs.M
Kaspersky	4.0.2.24	07.10.2006	no virus found
McAfee	4802	07.07.2006	Generic Downloader.f
Microsoft	1.1481	07.10.2006	Small.BCD (threat-c)
NOD32v2	1.1651	07.08.2006	Win32/TrojanDownloader.Small.AWA
Norman	5.90.23	07.07.2006	W32/DLoader.FJG
Panda	9.0.0.4	07.09.2006	Adware/Adsmart
Sophos	4.07.0	07.10.2006	Troj/Small-BBP
Symantec	8.0	07.10.2006	no virus found
TheHacker	5.9.8.171	07.10.2006	W32/SdBot(2).worm.gen
UNA	1.83	07.08.2006	TrojanDownloader.Win32.Small
VBA32	3.11.0	07.09.2006	Trojan.PWS.GoldSpy
VirusBuster	4.3.7:9	07.09.2006	Trojan.Small.AWC

Aditional Information
File size: 1632 bytes
MD5: e6531c833c2314274aad9bf345108c99
SHA1: 0e2b5d8b0142b8256ee885df993b1112f8af5996

----------


## mvlab

Complete scanning result of "1684338184._xe", received in VirusTotal at 07.12.2006, 05:35:11 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.11.2006	HEUR/Crypted.Modified
Authentium	4.93.8	07.11.2006	no virus found
Avast	4.7.844.0	07.11.2006	no virus found
AVG	386	07.11.2006	no virus found
BitDefender	7.2	07.12.2006	no virus found
CAT-QuickHeal	8.00	07.11.2006	no virus found
ClamAV	devel-20060426	07.11.2006	no virus found
DrWeb	4.33	07.11.2006	no virus found
eTrust-InoculateIT	23.72.66	07.11.2006	no virus found
eTrust-Vet	12.6.2294	07.11.2006	no virus found
Ewido	4.0	07.11.2006	Logger.Agent.mf
Fortinet	2.77.0.0	07.12.2006	Spy/Agent
F-Prot	3.16f	07.11.2006	no virus found
F-Prot4	4.2.1.29	07.11.2006	no virus found
Ikarus	0.2.65.0	07.11.2006	no virus found
Kaspersky	4.0.2.24	07.12.2006	Trojan-Spy.Win32.Agent.mf
McAfee	4804	07.11.2006	no virus found
Microsoft	1.1481	07.10.2006	no virus found
NOD32v2	1.1654	07.11.2006	no virus found
Norman	5.90.23	07.11.2006	no virus found
Panda	9.0.0.4	07.11.2006	no virus found
Sophos	4.07.0	07.11.2006	no virus found
Symantec	8.0	07.12.2006	no virus found
TheHacker	5.9.8.173	07.11.2006	no virus found
UNA	1.83	07.11.2006	no virus found
VBA32	3.11.0	07.11.2006	Trojan-Spy.Win32.Agent.mf
VirusBuster	4.3.7:9	07.11.2006	no virus found

Aditional Information
File size: 10752 bytes
MD5: c19efde96a1318985af229590b218724
SHA1: d0be4afe15bbc292df455c6066fba4399fe2daf9
packers: UPX

----------


## mvlab

Complete scanning result of "Setup.exe", received in VirusTotal at 07.12.2006, 22:06:46 (CET).

Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.12.2006	ADSPY/180Solutions.AS
Authentium	4.93.8	07.12.2006	no virus found
Avast	4.7.844.0	07.12.2006	no virus found
AVG	386	07.12.2006	Adware Generic.OYX
BitDefender	7.2	07.12.2006	Adware.Zango.B
CAT-QuickHeal	8.00	07.12.2006	no virus found
ClamAV	devel-20060426	07.12.2006	no virus found
DrWeb	4.33	07.12.2006	Adware.Zango
eTrust-InoculateIT	23.72.66	07.11.2006	no virus found
eTrust-Vet	12.6.2295	07.12.2006	no virus found
Ewido	4.0	07.12.2006	no virus found
Fortinet	2.77.0.0	07.12.2006	Adware/WinAd!0267
F-Prot	3.16f	07.12.2006	no virus found
F-Prot4	4.2.1.29	07.12.2006	no virus found
Ikarus	0.2.65.0	07.12.2006	no virus found
Kaspersky	4.0.2.24	07.12.2006	not-a-virus:AdWare.Win32.180Solutions.as
McAfee	4805	07.12.2006	potentially unwanted program Adware-ZangoSA
Microsoft	1.1481	07.12.2006	no virus found
NOD32v2	1.1656	07.12.2006	no virus found
Norman	5.90.23	07.12.2006	W32/180Solutions.EQ
Panda	9.0.0.4	07.12.2006	no virus found
Sophos	4.07.0	07.12.2006	no virus found
Symantec	8.0	07.12.2006	no virus found
TheHacker	5.9.8.173	07.11.2006	no virus found
UNA	1.83	07.12.2006	Adware.180Solutions
VBA32	3.11.0	07.12.2006	AdWare.Win32.180Solutions.as
VirusBuster	4.3.7:9	07.12.2006	no virus found

Aditional Information
File size: 147536 bytes
MD5: 79dccdd7039bc37c1906c5f06396d206
SHA1: 5adfd2411a8b539f977aed2c676cc6f11b0df45b
packers: UPX

----------


## azza

Complete scanning result of "Alers_.exe", received in VirusTotal at 07.13.2006, 15:08:41 (CET).

Antivirus Version Update Result 
AntiVir 6.35.0.21 07.13.2006 HEUR/Trojan.Downloader 
Authentium 4.93.8 07.12.2006  no virus found 
Avast 4.7.844.0 07.12.2006  no virus found 
AVG 386 07.13.2006  no virus found 
BitDefender 7.2 07.13.2006 BehavesLike:Win32.Backdoor 
CAT-QuickHeal 8.00 07.12.2006  no virus found 
ClamAV devel-20060426 07.13.2006  no virus found 
DrWeb 4.33 07.13.2006 DLOADER.Trojan 
eTrust-InoculateIT 23.72.67 07.13.2006  no virus found 
eTrust-Vet 12.6.2296 07.13.2006  no virus found 
Ewido 4.0 07.13.2006  no virus found 
Fortinet 2.77.0.0 07.13.2006 suspicious 
F-Prot 3.16f 07.12.2006  no virus found 
F-Prot4 4.2.1.29 07.12.2006  no virus found 
Ikarus 0.2.65.0 07.13.2006  no virus found 
Kaspersky 4.0.2.24 07.13.2006  no virus found 
McAfee 4805 07.12.2006 potentially unwanted program Keylog-Z0mbie 
Microsoft 1.1481 07.13.2006  no virus found 
NOD32v2 1.1657 07.13.2006  no virus found 
Norman 5.90.23 07.13.2006 W32/Malware 
Panda 9.0.0.4 07.13.2006 Suspicious file 
Sophos 4.07.0 07.13.2006  no virus found 
Symantec 8.0 07.13.2006  no virus found 
TheHacker 5.9.8.174 07.13.2006  no virus found 
UNA 1.83 07.12.2006  no virus found 
VBA32 3.11.0 07.12.2006  no virus found 
VirusBuster 4.3.7:9 07.12.2006 no virus found

----------


## Nike

Complete scanning result of "______.exe", received in VirusTotal at 07.16.2006, 19:02:10 (CET).
Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.16.2006	TR/PSW.LdPinch.apk.2
Authentium	4.93.8	07.14.2006	no virus found
Avast	4.7.844.0	07.14.2006	no virus found
AVG	386	07.14.2006	PSW.Ldpinch.BML
BitDefender	7.2	07.16.2006	no virus found
CAT-QuickHeal	8.00	07.13.2006	no virus found
ClamAV	devel-20060426	07.15.2006	no virus found
DrWeb	4.33	07.16.2006	no virus found
eTrust-InoculateIT	23.72.70	07.16.2006	no virus found
eTrust-Vet	12.6.2297	07.14.2006	no virus found
Ewido	4.0	07.16.2006	Trojan.LdPinch.apk
Fortinet	2.77.0.0	07.16.2006	W32/LdPinch.APK!tr.pws
F-Prot	3.16f	07.14.2006	no virus found
F-Prot4	4.2.1.29	07.14.2006	no virus found
Ikarus	0.2.65.0	07.14.2006	no virus found
Kaspersky	4.0.2.24	07.16.2006	Trojan-PSW.Win32.LdPinch.apk
McAfee	4807	07.14.2006	no virus found
Microsoft	1.1508	07.16.2006	no virus found
NOD32v2	1.1663	07.16.2006	no virus found
Norman	5.90.23	07.14.2006	no virus found
Panda	9.0.0.4	07.16.2006	Suspicious file
Sophos	4.07.0	07.16.2006	no virus found
Symantec	8.0	07.16.2006	no virus found
TheHacker	5.9.8.176	07.15.2006	no virus found
UNA	1.83	07.14.2006	Trojan.PSW.Win32.LdPinch
VBA32	3.11.0	07.15.2006	Trojan-PSW.Win32.LdPinch.apk
VirusBuster	4.3.7:9	07.15.2006	no virus found

Aditional Information
File size: 102400 bytes
MD5: d5cd0417e8f81c26538bc4d6c1890497
SHA1: f2ac59bd1ac4ebba368ac7149a0b4115adef4d34
packers: UPX

----------


## AndreyKa

Complete scanning result of "1_32bean32_1._ll", received in VirusTotal at 07.17.2006, 07:03:06 (CET).

Antivirus Version Update Result 
AntiVir 6.35.0.21 07.16.2006 BDS/Agent.ctu.2 
Authentium 4.93.8 07.14.2006  no virus found 
Avast 4.7.844.0 07.14.2006  no virus found 
AVG 386 07.14.2006  no virus found 
BitDefender 7.2 07.17.2006 Trojan.Agent.RX 
CAT-QuickHeal 8.00 07.13.2006  no virus found 
ClamAV devel-20060426 07.15.2006  no virus found 
DrWeb 4.33 07.16.2006 BackDoor.Uragan 
eTrust-InoculateIT 23.72.70 07.16.2006  no virus found 
eTrust-Vet 12.6.2297 07.14.2006  no virus found 
Ewido 4.0 07.16.2006  no virus found 
Fortinet 2.77.0.0 07.16.2006 suspicious 
F-Prot 3.16f 07.14.2006  no virus found 
F-Prot4 4.2.1.29 07.14.2006  no virus found 
Ikarus 0.2.65.0 07.14.2006  no virus found 
Kaspersky 4.0.2.24 07.17.2006 Trojan.Win32.Inject.aa 
McAfee 4807 07.14.2006  no virus found 
Microsoft 1.1508 07.17.2006  no virus found 
NOD32v2 1.1663 07.16.2006 a variant of Win32/TrojanProxy.Xorpix 
Norman 5.90.23 07.14.2006  no virus found 
Panda 9.0.0.4 07.16.2006 Suspicious file 
Sophos 4.07.0 07.17.2006  no virus found 
Symantec 8.0 07.17.2006  no virus found 
TheHacker 5.9.8.176 07.15.2006  no virus found 
UNA 1.83 07.14.2006  no virus found 
VBA32 3.11.0 07.17.2006  no virus found 
VirusBuster 4.3.7:9 07.16.2006 no virus found 

Aditional Information 
File size: 13372 bytes 
MD5: cebb0f59f09bd36b6d2b1a2ab8531aa3 
SHA1: 408a1f6013d4aad6ee838e00778e82a689569dbf 
packers: UPack

----------


## mvlab

Complete scanning result of "Nfo_viewer._xe", received in VirusTotal at 07.20.2006, 13:47:50 (CET).
Antivirus	Version	Update	Result
AntiVir	6.35.0.21	07.20.2006	no virus found
Authentium	4.93.8	07.19.2006	no virus found
Avast	4.7.844.0	07.19.2006	no virus found
AVG	386	07.19.2006	no virus found
BitDefender	7.2	07.20.2006	BehavesLike:Trojan.StartPage
CAT-QuickHeal	8.00	07.20.2006	no virus found
ClamAV	devel-20060426	07.20.2006	no virus found
DrWeb	4.33	07.20.2006	no virus found
eTrust-InoculateIT	23.72.73	07.20.2006	no virus found
eTrust-Vet	12.6.2303	07.20.2006	no virus found
Ewido	4.0	07.20.2006	no virus found
Fortinet	2.77.0.0	07.19.2006	suspicious
F-Prot	3.16f	07.19.2006	no virus found
F-Prot4	4.2.1.29	07.19.2006	no virus found
Ikarus	0.2.65.0	07.20.2006	no virus found
Kaspersky	4.0.2.24	07.20.2006	no virus found
McAfee	4810	07.19.2006	no virus found
Microsoft	1.1508	07.20.2006	no virus found
NOD32v2	1.1669	07.20.2006	probably unknown NewHeur_PE virus
Norman	5.90.23	07.20.2006	no virus found
Panda	9.0.0.4	07.20.2006	Suspicious file
Sophos	4.07.0	07.20.2006	no virus found
Symantec	8.0	07.20.2006	no virus found
TheHacker	5.9.8.178	07.19.2006	no virus found
UNA	1.83	07.19.2006	no virus found
VBA32	3.11.0	07.19.2006	no virus found
VirusBuster	4.3.7:9	07.19.2006	no virus found

Aditional Information
File size: 17408 bytes
MD5: 4dca4457e33e6e8ff283c50515450a35
SHA1: a74ea29e12f8388031c647e92b09b5b4ebb099b7
packers: UPX

----------


## MOCT

Complete scanning result of "nm.c-m", received in VirusTotal at 07.20.2006, 21:57:07 (CET).

Antivirus Version Update Result 
AntiVir 6.35.0.21 07.20.2006 HEUR/Trojan.Downloader 
Authentium 4.93.8 07.20.2006 Possibly a new variant of W32/Downloader-Sml-based!Maximus 
Avast 4.7.844.0 07.19.2006  no virus found 
AVG 386 07.20.2006  no virus found 
BitDefender 7.2 07.20.2006 Trojan.Downloader.Small.ARS 
CAT-QuickHeal 8.00 07.20.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 07.20.2006 Trojan.Downloader.Small-1250 
DrWeb 4.33 07.20.2006 Trojan.DownLoader.7253 
eTrust-InoculateIT 23.72.73 07.20.2006  no virus found 
eTrust-Vet 12.6.2303 07.20.2006  no virus found 
Ewido 4.0 07.20.2006  no virus found 
Fortinet 2.77.0.0 07.20.2006 suspicious 
F-Prot 3.16f 07.20.2006 Possibly a new variant of W32/Downloader-Sml-based!Maximus 
F-Prot4 4.2.1.29 07.20.2006 W32/Downloader-Sml-based!Maximus 
Ikarus 0.2.65.0 07.20.2006  no virus found 
Kaspersky 4.0.2.24 07.20.2006 Trojan-Downloader.Win32.Tiny.av 
McAfee 4811 07.20.2006  no virus found 
Microsoft 1.1508 07.20.2006 TrojanDropper:Win32/Small.gen 
NOD32v2 1.1671 07.20.2006 probably unknown NewHeur_PE virus 
Norman 5.90.23 07.20.2006 W32/Downloader 
Panda 9.0.0.4 07.20.2006 Suspicious file 
Sophos 4.07.0 07.20.2006  no virus found 
Symantec 8.0 07.20.2006  no virus found 
TheHacker 5.9.8.178 07.19.2006  no virus found 
UNA 1.83 07.20.2006  no virus found 
VBA32 3.11.0 07.20.2006 Trojan-Downloader.Win32.Small.csf 
VirusBuster 4.3.7:9 07.20.2006 no virus found 


Aditional Information 
File size: 784 bytes 
MD5: 626f953ea4817bd59f9b8fa29e6306bb 
SHA1: 4b3b769367bcc9f2b7e43951e498955266aca36b 

поражает обилие фпротов в рейтинге ;-)

----------


## MOCT

старичка Литмуса узнали далеко не все...

File "q81.c-m" received on 07.20.2006 at 22:04:28 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.

Antivirus Version Update Result 
AntiVir 6.35.0.21 07.20.2006 BDS/Litmus.203 
Authentium 4.93.8 07.20.2006  no virus found 
Avast 4.7.844.0 07.19.2006  no virus found 
AVG 386 07.20.2006 BackDoor.Generic2.VRC 
BitDefender 7.2 07.20.2006 Backdoor.Litmus.203 
CAT-QuickHeal 8.00 07.20.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 07.20.2006  no virus found 
DrWeb 4.33 07.20.2006 BackDoor.Litmus.203 
eTrust-InoculateIT 23.72.73 07.20.2006  no virus found 
eTrust-Vet 12.6.2303 07.20.2006  no virus found 
Ewido 4.0 07.20.2006 Backdoor.Litmus.203 
Fortinet 2.77.0.0 07.20.2006 W32/BDoor.203!tr.bdr 
F-Prot 3.16f 07.20.2006 could be infected with an unknown virus 
F-Prot4 4.2.1.29 07.20.2006 Possibly a new unknown PE_Virus!Maximus 
Ikarus 0.2.65.0 07.20.2006 Backdoor.Win32.Litmus.203 
Kaspersky 4.0.2.24 07.20.2006 Backdoor.Win32.Litmus.203 
McAfee 4811 07.20.2006 BackDoor-JZ 
Microsoft 1.1508 07.20.2006  no virus found 
NOD32v2 1.1671 07.20.2006 Win32/Litmus.203 
Norman 5.90.23 07.20.2006 W32/Litmus.BTI 
Panda 9.0.0.4 07.20.2006 Suspicious file 
Sophos 4.07.0 07.20.2006  no virus found 
Symantec 8.0 07.20.2006 Backdoor.Litmus.203 
TheHacker	5.9.8.179	07.21.2006	Backdoor.JZ
UNA	1.83	07.20.2006	Backdoor.Litmus.203
VBA32	3.11.0	07.20.2006	Backdoor.Litmus.203
VirusBuster	4.3.7:9	07.20.2006	no virus found

Aditional Information 
File size: 20729 bytes 
MD5: f44432aa51dcd6ca9d8cbb96831ec3d7 
SHA1: 984596b7b58aaccdeeb09bd4eb90c0b0ab7e4f50 
packers: Packed 
packers: SoftComp

----------


## WaterFish

Всплывающее жлобство прцветает  :Smiley: 

Complete scanning result of "perfectcodec.589.exe", received in VirusTotal at 11.16.2006, 18:28:15 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.39	11.16.2006	no virus found
Authentium	4.93.8	11.16.2006	no virus found
Avast	4.7.892.0	11.15.2006	no virus found
AVG	386	11.16.2006	no virus found
BitDefender	7.2	11.16.2006	no virus found
CAT-QuickHeal	8.00	11.16.2006	no virus found
ClamAV	devel-20060426	11.16.2006	no virus found
DrWeb	4.33	11.16.2006	Trojan.Popuper
eTrust-InoculateIT	23.73.57	11.16.2006	no virus found
eTrust-Vet	30.3.3195	11.16.2006	no virus found
Ewido	4.0	11.16.2006	no virus found
Fortinet	2.82.0.0	11.16.2006	suspicious
F-Prot	3.16f	11.16.2006	no virus found
F-Prot4	4.2.1.29	11.16.2006	no virus found
Ikarus	0.2.65.0	11.16.2006	no virus found
Kaspersky	4.0.2.24	11.16.2006	Trojan-Downloader.Win32.Zlob.axj
McAfee	4897	11.16.2006	no virus found
Microsoft	1.1609 	11.16.2006	no virus found
NOD32v2	1868	11.15.2006	no virus found
Norman	5.80.02	11.16.2006	no virus found
Panda	9.0.0.4	11.16.2006	no virus found
Prevx1	V2	11.16.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.1.119	11.15.2006	no virus found
UNA	1.83	11.15.2006	no virus found
VBA32	3.11.1	11.16.2006	no virus found
VirusBuster	4.3.15:9	11.16.2006	no virus found

Aditional Information
File size: 55209 bytes
MD5: 8c565cb1bf137197fc346e2102de3f5b
SHA1: 205ddb439f07822123278521dc98281a3fae978e
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## 5ergi0

Из http://virusinfo.info/showthread.php?t=6792
Antivirus Version Update Result 
AntiVir 7.2.0.39 11.16.2006  no virus found 
Authentium 4.93.8 11.16.2006  no virus found 
Avast 4.7.892.0 11.15.2006 Win32:Renos-U 
AVG 386 11.16.2006  no virus found 
BitDefender 7.2 11.16.2006  no virus found 
CAT-QuickHeal 8.00 11.16.2006  no virus found 
ClamAV devel-20060426 11.16.2006  no virus found 
DrWeb 4.33 11.16.2006 BACKDOOR.Trojan 
eTrust-InoculateIT 23.73.57 11.16.2006  no virus found 
eTrust-Vet 30.3.3195 11.16.2006  no virus found 
Ewido 4.0 11.16.2006  no virus found 
Fortinet 2.82.0.0 11.16.2006  no virus found 
F-Prot 3.16f 11.16.2006  no virus found 
F-Prot4 4.2.1.29 11.16.2006  no virus found 
Ikarus 0.2.65.0 11.16.2006  no virus found 
Kaspersky 4.0.2.24 11.16.2006  no virus found 
McAfee 4897 11.16.2006  no virus found 
Microsoft 1.1609  11.16.2006  no virus found 
NOD32v2 1868 11.15.2006  no virus found 
Norman 5.80.02 11.16.2006  no virus found 
Panda 9.0.0.4 11.16.2006 Adware/Adservice 
Prevx1 V2 11.16.2006 Polynomial.Code.Exploit 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.120 11.16.2006  no virus found 
UNA 1.83 11.16.2006  no virus found 
VBA32 3.11.1 11.16.2006  no virus found 
VirusBuster 4.3.15:9 11.16.2006 no virus found 

File size: 59392 bytes 
MD5: 6d163f82aefb0ca40cc8162ff13e32c8 
SHA1: c9de6b6f56b6d86653e3b66a4787b168972283cd 
packers: PECompact 
packers: PECOMPACT 
packers: PecBundle, PECompact

----------


## Alex_Goodwin

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.17.2006, 08:54:28 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.39 11.17.2006 HEUR/Crypted 
Authentium 4.93.8 11.17.2006 could be a corrupted executable file 
Avast 4.7.892.0 11.15.2006  no virus found 
AVG 386 11.16.2006  no virus found 
BitDefender 7.2 11.17.2006  no virus found 
CAT-QuickHeal 8.00 11.16.2006  no virus found 
ClamAV devel-20060426 11.16.2006  no virus found 
DrWeb 4.33 11.16.2006  no virus found 
eTrust-InoculateIT 23.73.58 11.17.2006  no virus found 
eTrust-Vet 30.3.3197 11.17.2006  no virus found 
Ewido 4.0 11.16.2006  no virus found 
Fortinet 2.82.0.0 11.17.2006 suspicious 
F-Prot 3.16f 11.16.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.16.2006  no virus found 
Kaspersky 4.0.2.24 11.17.2006  no virus found 
McAfee 4897 11.16.2006  no virus found 
Microsoft 1.1609  11.17.2006  no virus found 
NOD32v2 1869 11.16.2006  no virus found 
Norman 5.80.02 11.16.2006  no virus found 
Panda 9.0.0.4 11.16.2006  no virus found 
Prevx1 V2 11.17.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.120 11.17.2006  no virus found 
UNA 1.83 11.16.2006  no virus found 
VBA32 3.11.1 11.16.2006  no virus found 
VirusBuster 4.3.15:9 11.16.2006 no virus found 


Aditional Information 
File size: 52326 bytes 
MD5: a1c101b839a837a310dc2d3720a0e9b7 
SHA1: f896f4bc24595442b960eef91ec86bedfd97636d


STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.19.2006, 11:27:03 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.39 11.17.2006 HEUR/Crypted 
Authentium 4.93.8 11.17.2006 could be a corrupted executable file 
Avast 4.7.892.0 11.18.2006  no virus found 
AVG 386 11.18.2006  no virus found 
BitDefender 7.2 11.19.2006  no virus found 
CAT-QuickHeal 8.00 11.18.2006  no virus found 
ClamAV devel-20060426 11.18.2006  no virus found 
DrWeb 4.33 11.18.2006 Trojan.PWS.Wmsender 
eSafe 7.0.14.0 11.19.2006  no virus found 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3197 11.17.2006  no virus found 
Ewido 4.0 11.18.2006  no virus found 
Fortinet 2.82.0.0 11.19.2006 suspicious 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.17.2006  no virus found 
Kaspersky 4.0.2.24 11.19.2006  no virus found 
McAfee 4899 11.18.2006  no virus found 
Microsoft 1.1609  11.19.2006  no virus found 
NOD32v2 1870 11.17.2006  no virus found 
Norman 5.80.02 11.17.2006  no virus found 
Panda 9.0.0.4 11.18.2006  no virus found 
Prevx1 V2 11.19.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.17.2006  no virus found 
VBA32 3.11.1 11.19.2006 Trojan.PWS.Wmsender 
VirusBuster 4.3.15:9 11.18.2006 no virus found 


Aditional Information 
File size: 52326 bytes 
MD5: a1c101b839a837a310dc2d3720a0e9b7 
SHA1: f896f4bc24595442b960eef91ec86bedfd97636d

----------


## DoSTR

Только что, пришла ссылка на зараженный файл через ICQ-спам :
Complete scanning result of "*SexcBertkovoi.exe*", received in VirusTotal at 11.18.2006, 13:07:19 (CET).

_Antivirus	Version	Update	Result_
AntiVir	7.2.0.39	11.17.2006	HEUR/Crypted
Authentium	4.93.8	11.17.2006	could be a corrupted executable file
Avast	4.7.892.0	11.15.2006	no virus found
AVG	386	11.17.2006	no virus found
BitDefender	7.2	11.18.2006	no virus found
CAT-QuickHeal	8.00	11.17.2006	no virus found
ClamAV	devel-20060426	11.18.2006	no virus found
DrWeb	4.33	11.18.2006	Trojan.PWS.Wmsender
eSafe	7.0.14.0	11.16.2006	no virus found
eTrust-InoculateIT	23.73.59	11.18.2006	no virus found
eTrust-Vet	30.3.3197	11.17.2006	no virus found
Ewido	4.0	11.17.2006	no virus found
Fortinet	2.82.0.0	11.18.2006	suspicious
F-Prot	3.16f	11.17.2006	no virus found
F-Prot4	4.2.1.29	11.17.2006	no virus found
Ikarus	0.2.65.0	11.17.2006	no virus found
Kaspersky	4.0.2.24	11.18.2006	no virus found
McAfee	4899	11.18.2006	no virus found
Microsoft	1.1609 	11.18.2006	no virus found
NOD32v2	1870	11.17.2006	no virus found
Norman	5.80.02	11.17.2006	no virus found
Panda	9.0.0.4	11.17.2006	no virus found
Prevx1	V2	11.18.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.18.2006	no virus found
UNA	1.83	11.17.2006	no virus found
VBA32	3.11.1	11.17.2006	no virus found
VirusBuster	4.3.15:9	11.17.2006	no virus found 

Aditional Information
File size: 52326 bytes
MD5: a1c101b839a837a310dc2d3720a0e9b7
SHA1: f896f4bc24595442b960eef91ec86bedfd97636d

----------


## Winsent

Complete scanning result of "doser.exe", received in VirusTotal at 11.18.2006, 17:22:50 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.2.0.39	11.17.2006	HEUR/Crypted*
Authentium	4.93.8	11.17.2006	could be a corrupted executable file
Avast	4.7.892.0	11.15.2006	no virus found
AVG	386	11.17.2006	no virus found
BitDefender	7.2	11.18.2006	no virus found
CAT-QuickHeal	8.00	11.18.2006	no virus found
ClamAV	devel-20060426	11.18.2006	no virus found
DrWeb	4.33	11.18.2006	no virus found
*eSafe	7.0.14.0	11.16.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.59	11.18.2006	no virus found
eTrust-Vet	30.3.3197	11.17.2006	no virus found
Ewido	4.0	11.18.2006	no virus found
Fortinet	2.82.0.0	11.18.2006	suspicious
F-Prot	3.16f	11.17.2006	no virus found
F-Prot4	4.2.1.29	11.17.2006	no virus found
Ikarus	0.2.65.0	11.17.2006	no virus found
*Kaspersky	4.0.2.24	11.18.2006	Trojan-PSW.Win32.LdPinch.bad*
McAfee	4899	11.18.2006	no virus found
Microsoft	1.1609 	11.18.2006	no virus found
NOD32v2	1870	11.17.2006	no virus found
Norman	5.80.02	11.17.2006	no virus found
*Panda	9.0.0.4	11.18.2006	Suspicious file*
Prevx1	V2	11.18.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.18.2006	no virus found
UNA	1.83	11.17.2006	no virus found
VBA32	3.11.1	11.17.2006	no virus found
VirusBuster	4.3.15:9	11.18.2006	no virus found

Aditional Information
File size: 14894 bytes
MD5: b7ba61bb48c021e6ede7595a94cda912
SHA1: e971563c00daebc13e16d8b304b582aba711bab3
packers: UPX

----------


## MOCT

Complete scanning result of "__1092", received in VirusTotal at 11.19.2006, 13:11:11 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.39 11.17.2006  no virus found 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.18.2006  no virus found 
AVG 386 11.18.2006  no virus found 
BitDefender 7.2 11.19.2006 Adware.Wildtangent.B 
CAT-QuickHeal 8.00 11.18.2006  no virus found 
ClamAV devel-20060426 11.18.2006  no virus found 
DrWeb 4.33 11.19.2006  no virus found 
eSafe 7.0.14.0 11.19.2006  no virus found 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3197 11.17.2006  no virus found 
Ewido 4.0 11.18.2006  no virus found 
Fortinet 2.82.0.0 11.19.2006  no virus found 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.17.2006  no virus found 
Kaspersky 4.0.2.24 11.19.2006  no virus found 
McAfee 4899 11.18.2006  no virus found 
Microsoft 1.1609  11.19.2006  no virus found 
NOD32v2 1870 11.17.2006  no virus found 
Norman 5.80.02 11.17.2006 W32/WildTangent.B 
Panda 9.0.0.4 11.18.2006  no virus found 
Prevx1 V2 11.19.2006 AdWare.WildTangent.b 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006 Adware/WildTangent.b 
UNA 1.83 11.17.2006 Adware.WildTangent.3896 
VBA32 3.11.1 11.19.2006  no virus found 
VirusBuster 4.3.15:9 11.18.2006 no virus found 


Aditional Information 
File size: 36864 bytes 
MD5: 41a3d940798bdaf5d05208ee0006672b 
SHA1: d8fc82499651dcb2fc5c12bf9ec94afe431650b0

----------


## Winsent

Complete scanning result of "sex.exe", received in VirusTotal at 11.20.2006, 17:59:15 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.2.0.39	11.20.2006	HEUR/Crypted
Authentium	4.93.8	11.17.2006	W32/Warezov.gen4*
Avast	4.7.892.0	11.20.2006	no virus found
AVG	386	11.20.2006	no virus found
*BitDefender	7.2	11.20.2006	DeepScan:Generic.Malware.FYd!lg.610B4ED7*
CAT-QuickHeal	8.00	11.20.2006	no virus found
ClamAV	devel-20060426	11.20.2006	no virus found
DrWeb	4.33	11.20.2006	no virus found
*eSafe	7.0.14.0	11.20.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.59	11.18.2006	no virus found
eTrust-Vet	30.3.3203	11.20.2006	no virus found
Ewido	4.0	11.20.2006	no virus found
*Fortinet	2.82.0.0	11.20.2006	suspicious*
*F-Prot	3.16f	11.17.2006	W32/Warezov.gen4
F-Prot4	4.2.1.29	11.17.2006	W32/Warezov.gen4*
Ikarus	0.2.65.0	11.20.2006	no virus found
Kaspersky	4.0.2.24	11.20.2006	no virus found
McAfee	4900	11.20.2006	no virus found
*Microsoft	1.1609 	11.20.2006	Win32/Ldpinch*
NOD32v2	1873	11.20.2006	no virus found
Norman	5.80.02	11.20.2006	no virus found
*Panda	9.0.0.4	11.20.2006	Suspicious file*
Prevx1	V2	11.20.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.18.2006	no virus found
UNA	1.83	11.17.2006	no virus found
*VBA32	3.11.1	11.20.2006	MalwareScope.Trojan-PSW.LdPinch.1*
VirusBuster	4.3.15:9	11.20.2006	no virus found

Aditional Information
File size: 24064 bytes
MD5: ab72575342931915ce244f68ba72633d
SHA1: 43194ec5528e6f5f530cbee6b6b5c1e2e3489559
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором сегодня.
AntiVir 7.2.0.39 11.20.2006 TR/Spy.Goldun.NA 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006 Trojan.Spy.Goldun.NA 
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006 Trojan.PWS.GoldSpy 
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006 Logger.Goldun.hp 
Fortinet 2.82.0.0 11.20.2006 suspicious 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006 probably a variant of Win32/Spy.Goldun.HP 
Norman 5.80.02 11.20.2006 Suspicious_F.gen 
Panda 9.0.0.4 11.20.2006 Trj/Goldun.MN 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 suspected of Embedded.Trojan.PWS.GoldSpy 
VirusBuster 4.3.15:9 11.20.2006 no virus found 

Aditional Information 
File size: 29559 bytes 
MD5: 4698f8bd9ed2aae437ed66f8598b2261 
SHA1: d76968f8d9e9a8a9b8d24149e5001add86f39cc8 
packers: FSG, PECRYPT

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором сегодня

AntiVir 7.2.0.39 11.20.2006 TR/Agent.8827 
Authentium 4.93.8 11.17.2006 W32/Dropper.gen1 
Avast 4.7.892.0 11.20.2006 Win32:Haxdoor-HC 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006 Generic.Malware.SFYdld.FE2794A3 
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 11.20.2006 Trojan.Rootkit-6 
DrWeb 4.33 11.20.2006  no virus found 
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006 Win32/ProcHide!generic 
Ewido 4.0 11.20.2006 Logger.Goldun.gu 
Fortinet 2.82.0.0 11.20.2006 Haxdor.X!tr 
F-Prot 3.16f 11.17.2006 W32/Dropper.gen1 
F-Prot4 4.2.1.29 11.17.2006 W32/Dropper.gen1 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006 Trojan:Win32/HideDrv.gen!sys 
NOD32v2 1873 11.20.2006 a variant of Win32/Spy.Goldun.GU 
Norman 5.80.02 11.20.2006 Suspicious_F.gen 
Panda 9.0.0.4 11.20.2006 Bck/Haxdoor.NQ 
Prevx1 V2 11.20.2006 Covert.Code 
Sophos 4.11.0 11.16.2006 Troj/Haxdor-Fam 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 suspected of Embedded.Backdoor.Win32.Haxdoor.kx 
VirusBuster 4.3.15:9 11.20.2006 no virus found 

Aditional Information 
File size: 8827 bytes 
MD5: 95281eb0779dd64b0005258432623d5f 
SHA1: 1385ebf84f0828712e6f2aeaee608894899726f5 
packers: FSG 
packers: FSG 
packers: FSG

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 DR/Delphi.Gen 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006  no virus found 
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006 Trojan.DownLoader.14908 
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006 suspicious 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006  no virus found 
Norman 5.80.02 11.20.2006 Suspicious_F.gen 
Panda 9.0.0.4 11.20.2006 Suspicious file 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006 Mal/Packer 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 Trojan.DownLoader.14908 
VirusBuster 4.3.15:9 11.20.2006 no virus found 

Aditional Information 
File size: 12405 bytes 
MD5: 79a1e1b4c4626977ec406e30a1d45931 
SHA1: 7f131495c549c40d056c76c24c24a1833e142fce

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Dldr.UltCleaner 
Authentium 4.93.8 11.17.2006 Possibly a new variant of W32/Behavior:SelfStarterInternetTrojan!Maximus 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006  no virus found 
CAT-QuickHeal 8.00 11.20.2006  no virus found 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006  no virus found 
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006 suspicious 
F-Prot 3.16f 11.17.2006 Possibly a new variant of W32/Behavior:SelfStarterInternetTrojan!Maximus 
F-Prot4 4.2.1.29 11.17.2006 W32/Behavior:SelfStarterInternetTrojan!Maximus 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006  no virus found 
Norman 5.80.02 11.20.2006  no virus found 
Panda 9.0.0.4 11.20.2006 Suspicious file 
Prevx1 V2 11.20.2006 Spyware.UltimateDefender 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006  no virus found 
VirusBuster 4.3.15:9 11.20.2006 no virus found 

Aditional Information 
File size: 38912 bytes 
MD5: a0b6c66ac7e1f1cafbe16163b94d78a7 
SHA1: 5229d73f6ea6d0d22a4e12ab8ed7df7d09e6391d 
packers: UPX 
packers: UPX 
packers: UPX

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 HEUR/Malware 
Authentium 4.93.8 11.17.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006  no virus found 
CAT-QuickHeal 8.00 11.20.2006  no virus found 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006 Trojan.Winclean 
eSafe 7.0.14.0 11.20.2006  no virus found 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006 PossibleThreat!015314 
F-Prot 3.16f 11.17.2006 Possibly a new variant of W32/CrazyCrunch-based!Maximus 
F-Prot4 4.2.1.29 11.17.2006 W32/CrazyCrunch-based!Maximus 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006  no virus found 
Norman 5.80.02 11.20.2006  no virus found 
Panda 9.0.0.4 11.20.2006 Trj/Cimuz.BM 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006  no virus found 
VirusBuster 4.3.15:9 11.20.2006 no virus found 

Aditional Information 
File size: 53248 bytes 
MD5: f09c44eaece6747644b5295347d244ba 
SHA1: 7e526dab23f5efbc5d12d7647f20f54536bd40b8

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006  no virus found 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006 Proxy.25.P 
BitDefender 7.2 11.20.2006  no virus found 
CAT-QuickHeal 8.00 11.20.2006  no virus found 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006  no virus found 
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006  no virus found 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006  no virus found 
Norman 5.80.02 11.20.2006  no virus found 
Panda 9.0.0.4 11.20.2006 Suspicious file 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006 Mal/Behav-080 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006  no virus found 
VirusBuster 4.3.15:9 11.20.2006 no virus found 

Aditional Information 
File size: 38912 bytes 
MD5: abb6837abe0384231990c32a229f2593 
SHA1: c79a1282a55f5fac3b741162e8b93058c8c52cc3 
packers: UPX

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Crypt.F.Gen 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006 Win32/PEPatch 
BitDefender 7.2 11.20.2006  no virus found 
CAT-QuickHeal 8.00 11.20.2006  no virus found 
ClamAV devel-20060426 11.20.2006 Trojan.Spambot-16 
DrWeb 4.33 11.20.2006 Win32.Dref 
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006 Win32/Sinteri!downloader 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006 suspicious 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006 Win32/Vxidl.gen!encrypted 
NOD32v2 1873 11.20.2006  no virus found 
Norman 5.80.02 11.20.2006  no virus found 
Panda 9.0.0.4 11.20.2006  no virus found 
Prevx1 V2 11.20.2006 Dropper.Payload 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 MalwareScope.Worm.Nuwar-Glowa.1 
VirusBuster 4.3.15:9 11.20.2006 Cryptor.Xorpack.D 

Aditional Information 
File size: 6010 bytes 
MD5: 712563c248819624a1400c0916adaf63 
SHA1: 3b20d31b47f74607e72830d2db513029830463ad

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Spy.Goldun.NA 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006 Trojan.Spy.Goldun.NA 
CAT-QuickHeal 8.00 11.20.2006 (Suspicious) - DNAScan 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006 Trojan.PWS.GoldSpy 
eSafe 7.0.14.0 11.20.2006 Suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006 Logger.Goldun.hp 
Fortinet 2.82.0.0 11.20.2006 suspicious 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006 probably a variant of Win32/Spy.Goldun.HP 
Norman 5.80.02 11.20.2006 Suspicious_F.gen 
Panda 9.0.0.4 11.20.2006 Trj/Goldun.MN 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 suspected of Embedded.Trojan.PWS.GoldSpy 
VirusBuster 4.3.15:9 11.20.2006 no virus found 


Aditional Information 
File size: 29559 bytes 
MD5: 4698f8bd9ed2aae437ed66f8598b2261 
SHA1: d76968f8d9e9a8a9b8d24149e5001add86f39cc8 
packers: FSG, PECRYPT

----------


## Зайцев Олег

ITW, изловлен моим автоматическим анализатором ...

AntiVir 7.2.0.39 11.20.2006 TR/Dldr.Lineage.DN 
Authentium 4.93.8 11.17.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006 BehavesLike:Win32.AV-Killer 
CAT-QuickHeal 8.00 11.20.2006  no virus found 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006 Trojan.PWS.Lineage 
eSafe 7.0.14.0 11.20.2006  no virus found 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006 Win32/Lineage!generic 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006 Lineage!tr.pws 
F-Prot 3.16f 11.17.2006  no virus found 
F-Prot4 4.2.1.29 11.17.2006  no virus found 
Ikarus 0.2.65.0 11.20.2006 Backdoor.Win32.HacDef.084 
Kaspersky 4.0.2.24 11.20.2006 Trojan-PSW.Win32.Delf.sv 
McAfee 4900 11.20.2006 PWS-Lineage.dll 
Microsoft 1.1609  11.20.2006  no virus found 
NOD32v2 1873 11.20.2006 probably a variant of Win32/PSW.Lineage.DN 
Norman 5.80.02 11.20.2006 W32/Lineage.ANTG 
Panda 9.0.0.4 11.20.2006 Suspicious file 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.18.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 suspected of Trojan-PSW.Lineage.1 
VirusBuster 4.3.15:9 11.20.2006 no virus found 


Aditional Information 
File size: 79360 bytes 
MD5: 696183e1d1c6fa494bd69477c090d7db 
SHA1: 23f6e4d437d9525e7c8939603de08947775a8452

----------


## mvlab

Complete scanning result of "sex.exe", received in VirusTotal at 11.20.2006, 22:04:47 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.39 11.20.2006 HEUR/Crypted 
Authentium 4.93.8 11.20.2006 W32/Warezov.gen4 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.20.2006 DeepScan:Generic.Malware.FYd!lg.610B4ED7 
CAT-QuickHeal 8.00 11.20.2006  no virus found 
ClamAV devel-20060426 11.20.2006  no virus found 
DrWeb 4.33 11.20.2006  no virus found 
eSafe 7.0.14.0 11.20.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.59 11.18.2006  no virus found 
eTrust-Vet 30.3.3203 11.20.2006  no virus found 
Ewido 4.0 11.20.2006  no virus found 
Fortinet 2.82.0.0 11.20.2006 suspicious 
F-Prot 3.16f 11.20.2006 W32/Warezov.gen4 
F-Prot4 4.2.1.29 11.20.2006 W32/Warezov.gen4 
Ikarus 0.2.65.0 11.20.2006  no virus found 
Kaspersky 4.0.2.24 11.20.2006  no virus found 
McAfee 4900 11.20.2006  no virus found 
Microsoft 1.1804  11.20.2006 Win32/Ldpinch 
NOD32v2 1874 11.20.2006  no virus found 
Norman 5.80.02 11.20.2006  no virus found 
Panda 9.0.0.4 11.20.2006 Suspicious file 
Prevx1 V2 11.20.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.20.2006  no virus found 
UNA 1.83 11.20.2006  no virus found 
VBA32 3.11.1 11.20.2006 MalwareScope.Trojan-PSW.LdPinch.1 
VirusBuster 4.3.15:9 11.20.2006 no virus found 


Aditional Information 
File size: 24064 bytes 
MD5: ab72575342931915ce244f68ba72633d 
SHA1: 43194ec5528e6f5f530cbee6b6b5c1e2e3489559 
packers: UPX 
packers: UPX 
packers: UPX 
packers: UPX

----------


## drongo

Complete scanning result of "avz00001.dta", received in VirusTotal at 11.21.2006, 08:16:56 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.39	11.20.2006	no virus found
Authentium	4.93.8	11.20.2006	could be a corrupted executable file
Avast	4.7.892.0	11.20.2006	no virus found
AVG	386	11.20.2006	BackDoor.Generic3.SWE
BitDefender	7.2	11.21.2006	no virus found
CAT-QuickHeal	8.00	11.20.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.20.2006	no virus found
DrWeb	4.33	11.21.2006	no virus found
eSafe	7.0.14.0	11.20.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.62	11.21.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.20.2006	no virus found
Fortinet	2.82.0.0	11.21.2006	no virus found
F-Prot	3.16f	11.20.2006	no virus found
F-Prot4	4.2.1.29	11.20.2006	no virus found
Ikarus	0.2.65.0	11.21.2006	no virus found
Kaspersky	4.0.2.24	11.21.2006	no virus found
McAfee	4900	11.20.2006	no virus found
Microsoft	1.1804 	11.21.2006	no virus found
NOD32v2	1874	11.20.2006	no virus found
Norman	5.80.02	11.20.2006	W32/Smalldoor.KVE
Panda	9.0.0.4	11.20.2006	Suspicious file
Prevx1	V2	11.21.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.20.2006	no virus found
VBA32	3.11.1	11.21.2006	no virus found
VirusBuster	4.3.15:9	11.20.2006	no virus found

Aditional Information
File size: 108179 bytes
MD5: 61f2864c04b1da1d4c44f467b0012739
SHA1: e7509421353bcfe25f62a445ebca6d0fb6828270

----------


## DoSTR

Complete scanning result of "*Photo_dcs_11.09.06.exe*", received in VirusTotal at 11.21.2006, 18:05:15 (CET).

_Antivirus	Version	Update	Result_
AntiVir	7.2.0.44	11.21.2006	HEUR/Crypted
Authentium	4.93.8	11.20.2006	Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast	4.7.892.0	11.20.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.21.2006	DeepScan:Generic.Malware.FYd!lg.43A0FC84
CAT-QuickHeal	8.00	11.21.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.21.2006	no virus found
DrWeb	4.33	11.21.2006	Trojan.PWS.LDPinch.1306
eSafe	7.0.14.0	11.20.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.62	11.21.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.21.2006	no virus found
Fortinet	2.82.0.0	11.21.2006	no virus found
F-Prot	3.16f	11.20.2006	Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4	4.2.1.29	11.20.2006	W32/HLLI-MewOrleans-based!Maximus
Ikarus	0.2.65.0	11.21.2006	no virus found
Kaspersky	4.0.2.24	11.21.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.21.2006	Win32/Ldpinch
NOD32v2	1876	11.21.2006	no virus found
Norman	5.80.02	11.21.2006	W32/Suspicious_M.gen
Panda	9.0.0.4	11.21.2006	Suspicious file
Prevx1	V2	11.21.2006	no virus found
Sophos	4.11.0	11.16.2006	Mal/Packer
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.20.2006	no virus found
VBA32	3.11.1	11.21.2006	MalwareScope.Trojan-PSW.LdPinch.2
VirusBuster	4.3.15:9	11.21.2006	no virus found

Aditional Information
File size: 29703 bytes
MD5: 1d10a9ff177a9e8ab6fe6a785455192b
SHA1: f916aeeb0ef15870e302ba49525f66a2631ac3e7
packers: MEW
packers: MEW

----------


## Winsent

Complete scanning result of "doser.exe", received in VirusTotal at 11.22.2006, 05:32:09 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.2.0.44	11.21.2006	HEUR/Crypted*
Authentium	4.93.8	11.22.2006	no virus found
Avast	4.7.892.0	11.20.2006	no virus found
AVG	386	11.20.2006	no virus found
*BitDefender	7.2	11.22.2006	DeepScan:Generic.Malware.FPYVdlPkg.67E21543*
*CAT-QuickHeal	8.00	11.21.2006	(Suspicious) - DNAScan*
ClamAV	devel-20060426	11.21.2006	no virus found
*DrWeb	4.33	11.21.2006	BACKDOOR.PWS.Trojan
eSafe	7.0.14.0	11.20.2006	Suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.21.2006	no virus found
*Fortinet	2.82.0.0	11.22.2006	suspicious*
F-Prot	3.16f	11.22.2006	no virus found
F-Prot4	4.2.1.29	11.22.2006	no virus found
Ikarus	0.2.65.0	11.21.2006	no virus found
*Kaspersky	4.0.2.24	11.22.2006	Trojan-PSW.Win32.LdPinch.bdm*
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
*NOD32v2	1876	11.21.2006	a variant of Win32/PSW.LdPinch.RG*
Norman	5.80.02	11.21.2006	no virus found
Panda	9.0.0.4	11.21.2006	no virus found
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
*VBA32	3.11.1	11.21.2006	MalwareScope.Trojan-PSW.LdPinch.1*
VirusBuster	4.3.15:9	11.21.2006	no virus found

Aditional Information
File size: 19211 bytes
MD5: 564cf13006ea7c2c0d32783dfd701fd3
SHA1: daaa77f466496bb39b3a68682a4f998fd9512e35
packers: YZPACK

----------


## DoSTR

Complete scanning result of "*kart.exe*", received in VirusTotal at 11.22.2006, 05:44:37 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.44	11.21.2006	Worm/W32.Sircam.C
Authentium	4.93.8	11.22.2006	no virus found
Avast	4.7.892.0	11.20.2006	Win32:Sircam-B
AVG	386	11.20.2006	I-Worm/Sircam
BitDefender	7.2	11.22.2006	I-Worm.Sircam.A
CAT-QuickHeal	8.00	11.21.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.21.2006	no virus found
DrWeb	4.33	11.21.2006	BACKDOOR.Trojan - Ok
eSafe	7.0.14.0	11.20.2006	Win32.Polipos.sus
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.21.2006	Worm.Sircam.c
Fortinet	2.82.0.0	11.22.2006	suspicious
F-Prot	3.16f	11.22.2006	no virus found
F-Prot4	4.2.1.29	11.22.2006	no virus found
Ikarus	0.2.65.0	11.21.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	W32/[email protected]
Microsoft	1.1804 	11.22.2006	Win32/[email protected]
NOD32v2	1876	11.21.2006	Win32/Sircam.F
Norman	5.80.02	11.21.2006	W32/Suspicious_U.gen
Panda	9.0.0.4	11.21.2006	Suspicious file
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	W32/Sircam-A
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
VBA32	3.11.1	11.21.2006	Win32.HLLW.SirCam
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 79504 bytes
MD5: 243c7d016e5edad97315f72227568128
SHA1: 9c3ea1cc74d5f985300a95f8bc85da6e4e888fe0
packers: Upack
packers: UPACK
packers: UPack

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## DoSTR

Complete scanning result of "*rolik.exe*", received in VirusTotal at 11.22.2006, 06:02:17 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.44	11.21.2006	HEUR/Crypted
Authentium	4.93.8	11.22.2006	could be a corrupted executable file
Avast	4.7.892.0	11.20.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	no virus found
CAT-QuickHeal	8.00	11.21.2006	no virus found
ClamAV	devel-20060426	11.22.2006	no virus found
DrWeb	4.33	11.21.2006	Trojan.MulDrop.1161
eSafe	7.0.14.0	11.20.2006	no virus found
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.21.2006	no virus found
Fortinet	2.82.0.0	11.22.2006	no virus found
F-Prot	3.16f	11.22.2006	no virus found
F-Prot4	4.2.1.29	11.22.2006	no virus found
Ikarus	0.2.65.0	11.21.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1876	11.21.2006	a variant of Win32/TrojanDropper.Joiner.AJ
Norman	5.80.02	11.21.2006	no virus found
Panda	9.0.0.4	11.21.2006	no virus found
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	Mal/Packer
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	Win32.CRYPT.virus
VBA32	3.11.1	11.21.2006	no virus found
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 76811 bytes
MD5: b1815a454d64a251360c5a9abe8791ac
SHA1: 1c556fbbbc17f765055490519a196cf615304be8
packers: SVKP
packers: SVKProtector

----------


## santy

Complete scanning result of "test1.zip", received in VirusTotal at 11.22.2006, 05:58:27 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.44	11.21.2006	no virus found
Authentium	4.93.8	11.22.2006	Possibly a new variant of W32/Tricky-Malware-based!Maximus
Avast	4.7.892.0	11.20.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	DeepScan:Generic.Stration.93DDD392
CAT-QuickHeal	8.00	11.21.2006	no virus found
ClamAV	devel-20060426	11.21.2006	no virus found
DrWeb	4.33	11.21.2006	no virus found
eSafe	7.0.14.0	11.20.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.63	11.22.2006	Win32/Stration!ZIP!Worm
eTrust-Vet	30.3.3205	11.21.2006	Win32/Stration!ZIP!generic
Ewido	4.0	11.21.2006	no virus found
Fortinet	2.82.0.0	11.22.2006	no virus found
F-Prot	3.16f	11.22.2006	Possibly a new variant of W32/Tricky-Malware-based!Maximus
F-Prot4	4.2.1.29	11.22.2006	W32/Tricky-Malware-based!Maximus
Ikarus	0.2.65.0	11.21.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1876	11.21.2006	probably unknown NewHeur_PE virus
Norman	5.80.02	11.21.2006	no virus found
Panda	9.0.0.4	11.21.2006	no virus found
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	W32/Stratio-Zip
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
VBA32	3.11.1	11.21.2006	no virus found
VirusBuster	4.3.15:9	11.22.2006	Trojan.Opnis.Gen.28

Aditional Information
File size: 22668 bytes
MD5: 0dff5bce2cb22a8877f16cf1864b444b
SHA1: efc3b2474b3e99f6d1738209b98f49a01cd80fbf
packers: UPX

----------


## DoSTR

Complete scanning result of "*screensaver_ABC.exe*", received in VirusTotal at 11.22.2006, 08:48:35 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.44	11.22.2006	HEUR/Crypted
Authentium	4.93.8	11.22.2006	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast	4.7.892.0	11.20.2006	Win32 :lol: dpinch-AH
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	no virus found
CAT-QuickHeal	8.00	11.21.2006	no virus found
ClamAV	devel-20060426	11.22.2006	no virus found
DrWeb	4.33	11.22.2006	BACKDOOR.PWS.Trojan
eSafe	7.0.14.0	11.20.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.21.2006	no virus found
Fortinet	2.82.0.0	11.22.2006	no virus found
F-Prot	3.16f	11.22.2006	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4	4.2.1.29	11.22.2006	W32/CrazyCrunch-based!Maximus
Ikarus	0.2.65.0	11.21.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1876	11.21.2006	no virus found
Norman	5.80.02	11.21.2006	no virus found
Panda	9.0.0.4	11.21.2006	Suspicious file
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
VBA32	3.11.1	11.21.2006	MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 14336 bytes
MD5: 90f100ef481774dca2be02004ee4967c
SHA1: 1f3d4f6340d62204c839d4fe5a0dc8352de26c8b
packers: ASPack
packers: ASPACK
packers: Aspack

----------


## pig

Отсюда: http://virusinfo.info/showthread.php?t=6856

Complete scanning result of "helper.rar", received in VirusTotal at 11.22.2006, 09:19:25 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.44 11.22.2006  no virus found 
Authentium 4.93.8 11.22.2006  no virus found 
Avast 4.7.892.0 11.20.2006  no virus found 
AVG 386 11.20.2006  no virus found 
BitDefender 7.2 11.22.2006  no virus found 
CAT-QuickHeal 8.00 11.21.2006  no virus found 
ClamAV devel-20060426 11.22.2006  no virus found 
DrWeb 4.33 11.22.2006 BackDoor.Jiagate 
eSafe 7.0.14.0 11.20.2006  no virus found 
eTrust-InoculateIT 23.73.63 11.22.2006  no virus found 
eTrust-Vet 30.3.3205 11.21.2006  no virus found 
Ewido 4.0 11.21.2006  no virus found 
Fortinet 2.82.0.0 11.22.2006 suspicious 
F-Prot 3.16f 11.22.2006  no virus found 
F-Prot4 4.2.1.29 11.22.2006  no virus found 
Ikarus 0.2.65.0 11.21.2006  no virus found 
Kaspersky 4.0.2.24 11.22.2006  no virus found 
McAfee 4901 11.21.2006  no virus found 
Microsoft 1.1804  11.22.2006  no virus found 
NOD32v2 1876 11.21.2006  no virus found 
Norman 5.80.02 11.21.2006  no virus found 
Panda 9.0.0.4 11.21.2006 Suspicious file 
Prevx1 V2 11.22.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.122 11.21.2006  no virus found 
UNA 1.83 11.21.2006  no virus found 
VBA32 3.11.1 11.21.2006  no virus found 
VirusBuster 4.3.15:9 11.22.2006 no virus found 


Aditional Information 
File size: 18967 bytes 
MD5: 4cb0e7fdb7543bddbe22d53efacd3d45 
SHA1: 1277b086dfd1038823a8d61395ecee46f2dd6f1e 
packers: UPX 
packers: UPX 
packers: UPX

----------


## Winsent

Complete scanning result of "QIP8000.rar", received in VirusTotal at 11.22.2006, 12:50:26 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.44	11.22.2006	no virus found
Authentium	4.93.8	11.22.2006	no virus found
Avast	4.7.892.0	11.22.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	no virus found
CAT-QuickHeal	8.00	11.21.2006	no virus found
ClamAV	devel-20060426	11.22.2006	no virus found
DrWeb	4.33	11.22.2006	no virus found
eSafe	7.0.14.0	11.20.2006	no virus found
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
*Ewido	4.0	11.22.2006	Trojan.ICQ.Delf.j*
Fortinet	2.82.0.0	11.22.2006	no virus found
F-Prot	3.16f	11.22.2006	no virus found
F-Prot4	4.2.1.29	11.22.2006	no virus found
Ikarus	0.2.65.0	11.22.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1877	11.22.2006	no virus found
Norman	5.80.02	11.21.2006	no virus found
Panda	9.0.0.4	11.21.2006	no virus found
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
VBA32	3.11.1	11.22.2006	no virus found
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 271381 bytes
MD5: c9be422182029c65a9f4df9a83b0a925
SHA1: 77ab6a6a07d3d420444d46a32ddeea27ce69c104

PS: Странно прогнал на KAV определяется как: _троянская программа Trojan-PSW.Win32.ICQ.Delf.j_. Уже второй раз так на вирустотале не детектит, причем эту же разновидность троя

----------


## DoSTR

Complete scanning result of "*mygirl.exe*", received in VirusTotal at 11.22.2006, 15:43:08 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.44	11.22.2006	TR/Drop.Agent.aaq.2
Authentium	4.93.8	11.22.2006	no virus found
Avast	4.7.892.0	11.22.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	DeepScan:Generic.PWStealer.A02FCE50
CAT-QuickHeal	8.00	11.22.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.22.2006	no virus found
DrWeb	4.33	11.22.2006	no virus found
eSafe	7.0.14.0	11.20.2006	Suspicious Trojan/Worm
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.22.2006	no virus found
Fortinet	2.82.0.0	11.22.2006	suspicious
F-Prot	3.16f	11.22.2006	no virus found
F-Prot4	4.2.1.29	11.22.2006	no virus found
Ikarus	0.2.65.0	11.22.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1877	11.22.2006	no virus found
Norman	5.80.02	11.22.2006	Suspicious_F.gen
Panda	9.0.0.4	11.21.2006	Suspicious file
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	Mal/Packer
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
VBA32	3.11.1	11.22.2006	MalwareScope.Trojan-PSW.LdPinch.2
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 121717 bytes
MD5: 016f1fa3ee8ca1a7fc29a3ffe993e45f
SHA1: dcffd90b0a48d1c314a3ecf3fd7261ae7dadff97
packers: FSG
packers: FSG

----------


## Dandy

Свежачок (пришел по IM)
Complete scanning result of "pics.pif", received in VirusTotal at 11.22.2006, 17:24:36 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.44	11.22.2006	no virus found
Authentium	4.93.8	11.22.2006	could be a corrupted executable file
Avast	4.7.892.0	11.22.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	no virus found
CAT-QuickHeal	8.00	11.22.2006	no virus found
ClamAV	devel-20060426	11.22.2006	no virus found
DrWeb	4.33	11.22.2006	no virus found
eSafe	7.0.14.0	11.22.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.22.2006	no virus found
Fortinet	2.82.0.0	11.22.2006	no virus found
F-Prot	3.16f	11.22.2006	no virus found
F-Prot4	4.2.1.29	11.22.2006	no virus found
Ikarus	0.2.65.0	11.22.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4901	11.21.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1877	11.22.2006	no virus found
Norman	5.80.02	11.22.2006	no virus found
Panda	9.0.0.4	11.21.2006	no virus found
Prevx1	V2	11.22.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.21.2006	no virus found
VBA32	3.11.1	11.22.2006	no virus found
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 25612 bytes
MD5: da62d0c1800aec4793fcf98f47440d2b
SHA1: 158ff737f2d1958b873e9927b58cfca963584f97

----------


## Dandy

О, on-line Dr.Web-a уже определяет как:  Win32.HLLM.Limar

----------


## 5ergi0

Complete scanning result of "7exssd32.o.exe", received in VirusTotal at 11.23.2006, 00:05:21 (CET).
Antivirus	Version	Update	Result
AntiVir	7.2.0.44	11.22.2006	TR/Medbod.B
Authentium	4.93.8	11.22.2006	W32/Downloader.gen8
Avast	4.7.892.0	11.22.2006	no virus found
AVG	386	11.20.2006	no virus found
BitDefender	7.2	11.22.2006	Trojan.Medbod.B
CAT-QuickHeal	8.00	11.22.2006	no virus found
ClamAV	devel-20060426	11.22.2006	no virus found
DrWeb	4.33	11.22.2006	no virus found
eSafe	7.0.14.0	11.22.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.63	11.22.2006	no virus found
eTrust-Vet	30.3.3205	11.21.2006	no virus found
Ewido	4.0	11.22.2006	no virus found
Fortinet	2.82.0.0	11.22.2006	suspicious
F-Prot	3.16f	11.22.2006	W32/Downloader.gen8
F-Prot4	4.2.1.29	11.22.2006	W32/Downloader.gen8
Ikarus	0.2.65.0	11.22.2006	no virus found
Kaspersky	4.0.2.24	11.22.2006	no virus found
McAfee	4902	11.22.2006	no virus found
Microsoft	1.1804 	11.22.2006	no virus found
NOD32v2	1878	11.22.2006	no virus found
Norman	5.80.02	11.22.2006	no virus found
Panda	9.0.0.4	11.22.2006	Suspicious file
Prevx1	V2	11.23.2006	no virus found
Sophos	4.11.0	11.16.2006	Mal/Behav-080
TheHacker	6.0.3.122	11.21.2006	no virus found
UNA	1.83	11.22.2006	no virus found
VBA32	3.11.1	11.22.2006	MalwareScope.Trojan-Proxy.Horst.3
VirusBuster	4.3.15:9	11.22.2006	no virus found

Aditional Information
File size: 23552 bytes
MD5: 3e73d3ce4bfc9668dcfe9180c561f7f3
SHA1: 7185b9d35bbb8a04b2411caf85abbea9d89034c0
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Exxx

Complete scanning result of "load.exe", received in VirusTotal at 11.24.2006, 23:54:40 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.46	11.24.2006	no virus found
Authentium	4.93.8	11.24.2006	Possibly a new variant of W32/CrazyCrunch-based!Maximus
Avast	4.7.892.0	11.23.2006	no virus found
AVG	386	11.24.2006	no virus found
BitDefender	7.2	11.24.2006	DeepScan:Generic.Malware.SFMBdldg.751FED43
CAT-QuickHeal	8.00	11.24.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.24.2006	no virus found
DrWeb	4.33	11.24.2006	no virus found
eSafe	7.0.14.0	11.24.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.66	11.23.2006	no virus found
eTrust-Vet	30.3.3211	11.24.2006	no virus found
Ewido	4.0	11.24.2006	no virus found
Fortinet	2.82.0.0	11.24.2006	suspicious
F-Prot	3.16f	11.24.2006	Possibly a new variant of W32/CrazyCrunch-based!Maximus
F-Prot4	4.2.1.29	11.24.2006	generic
Ikarus	0.2.65.0	11.24.2006	no virus found
Kaspersky	4.0.2.24	11.24.2006	Trojan-Dropper.Win32.Agent.ays
McAfee	4904	11.24.2006	no virus found
Microsoft	1.1804	11.24.2006	no virus found
NOD32v2	1882	11.24.2006	probably a variant of Win32/Spy.Small.DP
Norman	5.80.02	11.24.2006	W32/Smalltroj.NWF.dropper
Panda	9.0.0.4	11.24.2006	Suspicious file
Prevx1	V2	11.25.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.123	11.23.2006	no virus found
UNA	1.83	11.24.2006	no virus found
VBA32	3.11.1	11.24.2006	suspected of Backdoor.xBot.1 (paranoid heuristics)
VirusBuster	4.3.15:9	11.24.2006	no virus found

Aditional Information
File size: 26276 bytes
MD5: 1f38950478ae888a2cf472c8071ba75a
SHA1: 7d6ddb62702f7438a75d9b7b3c7e425744992a3f
packers: embedded

http://www.virusinfo.info/showthread...newpost&t=6901

----------


## HATTIFNATTOR

Complete scanning result of "robik.rar", received in VirusTotal at 11.25.2006, 00:23:18 (CET).

Antivirus Version Update Result 
*AntiVir 7.2.0.46 11.24.2006 TR/PSW.LdPinch.bde* 
Authentium 4.93.8 11.24.2006  no virus found 
Avast 4.7.892.0 11.23.2006  no virus found 
AVG 386 11.24.2006  no virus found 
*BitDefender 7.2 11.24.2006 DeepScan:Generic.Dialer.ACD567A2*
*CAT-QuickHeal 8.00 11.24.2006 (Suspicious) - DNAScan* 
ClamAV devel-20060426 11.24.2006  no virus found 
DrWeb 4.33 11.24.2006  no virus found 
*eSafe 7.0.14.0 11.24.2006 suspicious Trojan/Worm* 
eTrust-InoculateIT 23.73.66 11.23.2006  no virus found 
eTrust-Vet 30.3.3211 11.24.2006  no virus found 
Ewido 4.0 11.24.2006  no virus found 
*Fortinet 2.82.0.0 11.24.2006 W32/LdPinch.BDE!tr.pws* 
F-Prot 3.16f 11.24.2006  no virus found 
*F-Prot4 4.2.1.29 11.24.2006 generic* 
Ikarus 0.2.65.0 11.24.2006  no virus found 
Kaspersky 4.0.2.24 11.24.2006  no virus found 
McAfee 4904 11.24.2006  no virus found 
Microsoft 1.1804 11.24.2006  no virus found 
NOD32v2 1882 11.24.2006  no virus found 
Norman 5.80.02 11.24.2006  no virus found 
Panda 9.0.0.4 11.24.2006 Suspicious file 
Prevx1 V2 11.25.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.123 11.23.2006  no virus found 
UNA 1.83 11.24.2006  no virus found 
*VBA32 3.11.1 11.24.2006 MalwareScope.Trojan-PSW.LdPinch.1* 
VirusBuster 4.3.15:9 11.24.2006 no virus found 


Aditional Information 
File size: 64426 bytes 
MD5: a888d8c51f5c595533c918fc3290b909 
SHA1: 217577bb73e56f93c4c229a4a8ec03eb1c549419

----------


## Синауридзе Александр

Complete scanning result of "10032_mmdust.exe", received in VirusTotal at 11.25.2006, 12:00:19 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.46	11.24.2006	no virus found
Authentium	4.93.8	11.24.2006	no virus found
Avast	4.7.892.0	11.23.2006	no virus found
AVG	386	11.24.2006	no virus found
BitDefender	7.2	11.25.2006	no virus found
CAT-QuickHeal	8.00	11.24.2006	no virus found
ClamAV	devel-20060426	11.25.2006	Trojan.Mmust
DrWeb	4.33	11.25.2006	Win32.HLLP.MMDust
eSafe	7.0.14.0	11.24.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.67	11.25.2006	no virus found
eTrust-Vet	30.3.3211	11.24.2006	no virus found
Ewido	4.0	11.24.2006	no virus found
Fortinet	2.82.0.0	11.25.2006	no virus found
F-Prot	3.16f	11.24.2006	no virus found
F-Prot4	4.2.1.29	11.24.2006	no virus found
Ikarus	0.2.65.0	11.24.2006	no virus found
Kaspersky	4.0.2.24	11.25.2006	Virus.Win32.Merin.a
McAfee	4904	11.24.2006	no virus found
Microsoft	1.1804	11.25.2006	no virus found
*NOD32v2	1882	11.24.2006	no virus found*
Norman	5.80.02	11.24.2006	no virus found
Panda	9.0.0.4	11.24.2006	Suspicious file
Prevx1	V2	11.25.2006	Worm.Renama
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.123	11.23.2006	no virus found
UNA	1.83	11.24.2006	no virus found
VBA32	3.11.1	11.24.2006	no virus found
VirusBuster	4.3.15:9	11.24.2006	no virus found

Aditional Information
File size: 11776 bytes
MD5: ae898f7dabd29ec8aa4ef8924bbdb46f
SHA1: d207b440db1d1bf77c607867ff4d44f3dfae3d4c
packers: UPX
packers: UPX

Можно скачать с http://www.freeware.ru/program_prog_id_10032.html.

----------


## DoSTR

Complete scanning result of "*Latinas.exe*", received in VirusTotal at 11.25.2006, 16:11:51 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.46	11.24.2006	DIAL/302366
Authentium	4.93.8	11.24.2006	no virus found
Avast	4.7.892.0	11.23.2006	no virus found
AVG	386	11.25.2006	Potentially harmful program Dialer.DGK
BitDefender	7.2	11.25.2006	Dialer.Porn.Hcon.A
CAT-QuickHeal	8.00	11.25.2006	no virus found
ClamAV	devel-20060426	11.25.2006	Dialer-715
DrWeb	4.33	11.25.2006	no virus found
eSafe	7.0.14.0	11.24.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.67	11.25.2006	no virus found
eTrust-Vet	30.3.3211	11.24.2006	no virus found
Ewido	4.0	11.25.2006	Dialer.CapreDeam.r
Fortinet	2.82.0.0	11.25.2006	Dial/Dialer
F-Prot	3.16f	11.24.2006	no virus found
F-Prot4	4.2.1.29	11.24.2006	no virus found
Ikarus	0.2.65.0	11.24.2006	no virus found
Kaspersky	4.0.2.24	11.25.2006	not-a-virus:Porn-Dialer.Win32.CapreDeam.r
McAfee	4904	11.24.2006	no virus found
Microsoft	1.1804	11.25.2006	no virus found
NOD32v2	1882	11.24.2006	probably a variant of Win32/Dialer.CDDial
Norman	5.80.02	11.24.2006	W32/Dialer.AYVN
Panda	9.0.0.4	11.25.2006	Dialer.IKV
Prevx1	V2	11.25.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.123	11.23.2006	Trojan/Dialer.CapreDeam.r
UNA	1.83	11.24.2006	Dialer.CapreDeam.9B67
VBA32	3.11.1	11.24.2006	Porn-Dialer.Win32.CapreDeam.r
VirusBuster	4.3.15:9	11.25.2006	no virus found

Aditional Information
File size: 96936 bytes
MD5: 0227f4f4aff0cec56e45f662812285fc
SHA1: 8df449e5cd2110e5db3d41a762ad1868a83a6351
packers: UPX
packers: UPX
packers: UPX

----------


## DoSTR

Complete scanning result of "y.exe", received in VirusTotal at 11.25.2006, 16:24:05 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.46	11.24.2006	no virus found
Authentium	4.93.8	11.24.2006	no virus found
Avast	4.7.892.0	11.23.2006	no virus found
AVG	386	11.25.2006	no virus found
BitDefender	7.2	11.25.2006	no virus found
CAT-QuickHeal	8.00	11.25.2006	no virus found
ClamAV	devel-20060426	11.25.2006	no virus found
DrWeb	4.33	11.25.2006	no virus found
eSafe	7.0.14.0	11.24.2006	no virus found
eTrust-InoculateIT	23.73.67	11.25.2006	no virus found
eTrust-Vet	30.3.3211	11.24.2006	no virus found
Ewido	4.0	11.25.2006	no virus found
Fortinet	2.82.0.0	11.25.2006	no virus found
F-Prot	3.16f	11.24.2006	no virus found
F-Prot4	4.2.1.29	11.24.2006	no virus found
Ikarus	0.2.65.0	11.24.2006	no virus found
Kaspersky	4.0.2.24	11.25.2006	no virus found
McAfee	4904	11.24.2006	no virus found
Microsoft	1.1804	11.25.2006	no virus found
NOD32v2	1882	11.24.2006	no virus found
Norman	5.80.02	11.24.2006	no virus found
Panda	9.0.0.4	11.25.2006	Suspicious file
Prevx1	V2	11.25.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.123	11.23.2006	no virus found
UNA	1.83	11.24.2006	no virus found
VBA32	3.11.1	11.24.2006	suspected of Trojan-PSW.LdPinch.8 (paranoid heuristics)
VirusBuster	4.3.15:9	11.25.2006	no virus found

Aditional Information
File size: 58368 bytes
MD5: 4ac5674a5dbe8d5463b29f49391408a3
SHA1: e113da8580000de81bc334a2fa62330144af4dd7

----------


## DoSTR

файл *Аффтар_жжот.exe*
Complete scanning result of "___1040", received in VirusTotal at 11.26.2006, 10:18:30 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.46	11.25.2006	HEUR/Crypted
Authentium	4.93.8	11.24.2006	Possibly a new variant of W32/new-malware!Maximus
Avast	4.7.892.0	11.23.2006	Win32:Ldpinch-GH
AVG	386	11.25.2006	no virus found
BitDefender	7.2	11.26.2006	DeepScan:Generic.Dialer.70C62169
CAT-QuickHeal	8.00	11.25.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.25.2006	no virus found
DrWeb	4.33	11.25.2006	Trojan.PWS.LDPinch.1314
eSafe	7.0.14.0	11.24.2006	no virus found
eTrust-InoculateIT	23.73.67	11.25.2006	no virus found
eTrust-Vet	30.3.3211	11.24.2006	no virus found
Ewido	4.0	11.25.2006	no virus found
Fortinet	2.82.0.0	11.26.2006	suspicious
F-Prot	3.16f	11.24.2006	Possibly a new variant of W32/new-malware!Maximus
F-Prot4	4.2.1.29	11.24.2006	W32/new-malware!Maximus
Ikarus	0.2.65.0	11.24.2006	Backdoor.Win32.Ciadoor.13
Kaspersky	4.0.2.24	11.26.2006	no virus found
McAfee	4904	11.24.2006	no virus found
Microsoft	1.1804	11.26.2006	Win32/Ldpinch
NOD32v2	1882	11.24.2006	no virus found
Norman	5.80.02	11.24.2006	no virus found
Panda	9.0.0.4	11.25.2006	Suspicious file
Prevx1	V2	11.26.2006	no virus found
Sophos	4.11.0	11.16.2006	Mal/Packer
TheHacker	6.0.3.123	11.23.2006	no virus found
UNA	1.83	11.24.2006	no virus found
VBA32	3.11.1	11.25.2006	MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster	4.3.15:9	11.25.2006	no virus found

Aditional Information
File size: 59357 bytes
MD5: 2b2a7a248e223792c3b685098eb00cc1
SHA1: 21757f85d69c2ba260d4d13b1a17b80fc3e33418
packers: FSG
packers: FSG

----------


## HATTIFNATTOR

scanning result of "Update-KB2718-x86.zip", received in VirusTotal at 11.27.2006, 06:02:07 (CET).

Antivirus Version Update Result 
*AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted* 
*Authentium 4.93.8 11.24.2006 W32/Warezov.gen3!W32DL* 
Avast 4.7.892.0 11.23.2006  no virus found 
*AVG 386 11.27.2006 I-Worm/Stration* 
*BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.72D1AE53* 
CAT-QuickHeal 8.00 11.25.2006  no virus found 
ClamAV devel-20060426 11.25.2006  no virus found 
DrWeb 4.33 11.26.2006  no virus found 
*eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm* 
*eTrust-InoculateIT 23.73.67 11.25.2006 Win32/Stration!ZIP!Worm* 
*eTrust-Vet 30.3.3211 11.24.2006 Win32/Stration!ZIP!generic* 
Ewido 4.0 11.26.2006  no virus found 
*Fortinet 2.82.0.0 11.27.2006 W32/[email protected]* 
*F-Prot 3.16f 11.24.2006 W32/Warezov.gen3!W32DL* 
*F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen3!W32DL* 
Ikarus 0.2.65.0 11.24.2006  no virus found 
*Kaspersky 4.0.2.24 11.27.2006 Email-Worm.Win32.Warezov.ha* 
McAfee 4904 11.24.2006  no virus found 
Microsoft 1.1804 11.27.2006  no virus found 
NOD32v2 1882 11.24.2006  no virus found 
Norman 5.80.02 11.24.2006  no virus found 
Panda 9.0.0.4 11.26.2006 Suspicious file 
Prevx1 V2 11.27.2006  no virus found 
*Sophos 4.11.0 11.16.2006 W32/Stratio-Zip* 
TheHacker 6.0.3.124 11.27.2006  no virus found 
UNA 1.83 11.24.2006  no virus found 
VBA32 3.11.1 11.26.2006  no virus found 
VirusBuster 4.3.15:9 11.26.2006 no virus found 


Aditional Information 
File size: 18989 bytes 
MD5: 1be8e6c16ee5145a540b877958d4dd6b 
SHA1: 5ce971c17ba4064aca5b84bc571878ffc61a7a76 
packers: UPX 
packers: UPX 
packers: UPX 
packers: UPX

----------


## kvit

Complete scanning result of "Update-KB9890-x86.exe", received in VirusTotal at 11.27.2006, 06:18:18 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.46	11.26.2006	HEUR/Crypted
Authentium	4.93.8	11.24.2006	W32/Warezov.gen3!W32DL
Avast	4.7.892.0	11.23.2006	no virus found
AVG	386	11.27.2006	I-Worm/Stration
BitDefender	7.2	11.27.2006	DeepScan:Generic.Stration.780D6248
CAT-QuickHeal	8.00	11.25.2006	no virus found
ClamAV	devel-20060426	11.25.2006	no virus found
DrWeb	4.33	11.26.2006	no virus found
eSafe	7.0.14.0	11.26.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.67	11.25.2006	no virus found
eTrust-Vet	30.3.3211	11.24.2006	no virus found
Ewido	4.0	11.26.2006	no virus found
Fortinet	2.82.0.0	11.27.2006	W32/[email protected]
F-Prot	3.16f	11.24.2006	W32/Warezov.gen3!W32DL
F-Prot4	4.2.1.29	11.24.2006	W32/Warezov.gen3!W32DL
Ikarus	0.2.65.0	11.24.2006	no virus found
Kaspersky	4.0.2.24	11.27.2006	no virus found
McAfee	4904	11.24.2006	no virus found
Microsoft	1.1804	11.27.2006	no virus found
NOD32v2	1882	11.24.2006	no virus found
Norman	5.80.02	11.24.2006	no virus found
Panda	9.0.0.4	11.26.2006	Suspicious file
Prevx1	V2	11.27.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.124	11.27.2006	no virus found
UNA	1.83	11.24.2006	no virus found
VBA32	3.11.1	11.26.2006	no virus found
VirusBuster	4.3.15:9	11.26.2006	no virus found

Aditional Information
File size: 21028 bytes
MD5: c7adbfabd6b2ab7bb88d9103de731d52
SHA1: ea5fb290dcd89c9560c67b8c40ab7495d2599650
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Alex_Goodwin

STATUS: FINISHEDComplete scanning result of "__1056", received in VirusTotal at 11.27.2006, 11:45:20 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.46 11.27.2006 Worm/Stration.H 
Authentium 4.93.8 11.24.2006 W32/Warezov.gen4 
Avast 4.7.892.0 11.27.2006  no virus found 
AVG 386 11.27.2006  no virus found 
BitDefender 7.2 11.27.2006 DeepScan:Generic.Stration.25B4D41B 
CAT-QuickHeal 8.00 11.25.2006  no virus found 
ClamAV devel-20060426 11.27.2006  no virus found 
DrWeb 4.33 11.27.2006 Win32.HLLM.Limar 
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.68 11.27.2006 Win32/Stration.Variant!Worm 
eTrust-Vet 30.3.3217 11.27.2006  no virus found 
Ewido 4.0 11.26.2006  no virus found 
Fortinet 2.82.0.0 11.27.2006 suspicious 
F-Prot 3.16f 11.24.2006 W32/Warezov.gen4 
F-Prot4 4.2.1.29 11.24.2006 W32/Warezov.gen4 
Ikarus 0.2.65.0 11.27.2006  no virus found 
Kaspersky 4.0.2.24 11.27.2006  no virus found 
McAfee 4904 11.24.2006  no virus found 
Microsoft 1.1804 11.27.2006  no virus found 
NOD32v2 1884 11.27.2006 probably unknown NewHeur_PE virus 
Norman 5.80.02 11.27.2006 W32/Malware 
Panda 9.0.0.4 11.26.2006  no virus found 
Prevx1 V2 11.27.2006 Worm.Warezov.Gen 
Sophos 4.11.0 11.16.2006 W32/Strati-Gen 
TheHacker 6.0.3.124 11.27.2006  no virus found 
UNA 1.83 11.24.2006  no virus found 
VBA32 3.11.1 11.26.2006 MalwareScope.Worm.Warezov.1 
VirusBuster 4.3.15:9 11.27.2006 Trojan.Opnis.Gen.29 


Aditional Information 
File size: 63488 bytes 
MD5: ea5d7c90ed6963ad01454ea3bd31a6d7 
SHA1: 5f1ecc30f76f22e59f44c47cbc85b42dc16b306e 
packers: UPX 
packers: UPX 
packers: UPX 
packers: UPX 
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* Creating several executable files on hard-drive.
* File length: 63488 bytes.

[ Changes to filesystem ]
* Creates file C:windowssystem32cfgmwmid.exe.
* Creates file C:WINDOWSSYSTEM32olecmsre.dll.
* Creates file C:WINDOWSSYSTEM32oaklrass.exe.
* Creates file C:WINDOWSSYSTEM32 tlamsht.dll.
* Creates file C:WINDOWSSYSTEM32e1.dll.

[ Changes to registry ]
* Creates value "cfgmwmid"="c:windowssystem32cfgmwmid.exe" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun  ".

[ Changes to system settings ]
* Creates WindowsHook monitoring cbt activity.

[ Process/window information ]
* Creates an event called ZAAllowEvent.
* Creates an event called SGAllowEvent.
* Creates an event called NISAllowEvent.
* Creates an event called OPAllowEvent.
* Creates an event called MAAllowEvent2.
* Attempts to access service "vsmon".
* Creates an event called ActiveZA.
* Attempts to access service "SmcService".
* Creates an event called ActiveSG.
* Attempts to access service "wscsvc".
* Attempts to access service "SharedAccess".
* Attempts to access service "Symantec Core LC".
* Creates an event called ActiveNIS.
* Attempts to access service "OutpostFirewall".
* Creates an event called ActiveOP.
* Attempts to access service "MpfService".
* Creates an event called ActiveMA.
* Attempts to access service "WinRoute".
* Will automatically restart after boot (I'll be back...).
* Enumerates running processes.
* Modifies other process memory.
* Creates a remote thread.

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 11.28.2006, 01:10:29 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.2.0.46	11.27.2006	HEUR/Malware*
Authentium	4.93.8	11.27.2006	no virus found
Avast	4.7.892.0	11.27.2006	no virus found
*AVG	386	11.27.2006	Proxy.25.AO*
*BitDefender	7.2	11.28.2006	DeepScan:Generic.Horst.4D66057B*
CAT-QuickHeal	8.00	11.27.2006	no virus found
ClamAV	devel-20060426	11.27.2006	no virus found
DrWeb	4.33	11.27.2006	no virus found
*eSafe	7.0.14.0	11.27.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.69	11.28.2006	no virus found
eTrust-Vet	30.3.3217	11.27.2006	no virus found
Ewido	4.0	11.27.2006	no virus found
Fortinet	2.82.0.0	11.27.2006	no virus found
F-Prot	3.16f	11.27.2006	no virus found
F-Prot4	4.2.1.29	11.27.2006	no virus found
Ikarus	0.2.65.0	11.27.2006	no virus found
Kaspersky	4.0.2.24	11.28.2006	no virus found
McAfee	4905	11.27.2006	no virus found
Microsoft	1.1804	11.27.2006	no virus found
*NOD32v2	1886	11.27.2006	probably a variant of Win32/Medbot.DC*
*Norman	5.80.02	11.27.2006	W32/Malware*
*Panda	9.0.0.4	11.27.2006	Suspicious file*
Prevx1	V2	11.28.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.124	11.27.2006	no virus found
UNA	1.83	11.27.2006	no virus found
VBA32	3.11.1	11.27.2006	no virus found
VirusBuster	4.3.15:9	11.27.2006	no virus found

Aditional Information
File size: 35840 bytes
MD5: 3b881fb47ef62340dfb4eab692722532
SHA1: 52a8ecae75e6c54dd3e2221aa4ba20d0e3d21fbe
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 35840 bytes.

[ Process/window information ]
* Modifies other process memory.
* Attempts to access service "wscsvc".
* Attempts to access service "SharedAccess".
* Attempts to access service "kavsvc".
* Attempts to access service "SAVScan".
* Attempts to access service "Symantec Core LC".
* Attempts to access service "navapsvc".
* Attempts to access service "wuauserv".
* Attempts to access service "KAVPersonal50".
* Disables security related services.

----------


## Sanja

STATUS: FINISHEDComplete scanning result of "ogysteo.exe", received in VirusTotal at 11.28.2006, 22:00:01 (CET).

Antivirus Version Update Result  
 AntiVir 7.2.0.46 11.28.2006 TR/Proxy.Small.DU.16  
 Authentium 4.93.8 11.27.2006 could be infected with an unknown virus  
 Avast 4.7.892.0 11.28.2006  no virus found  
 AVG 386 11.28.2006 Generic2.KKL  
 BitDefender 7.2 11.28.2006  no virus found  
 CAT-QuickHeal 8.00 11.28.2006 (Suspicious) - DNAScan  
 ClamAV devel-20060426 11.28.2006  no virus found  
 DrWeb 4.33 11.28.2006 Trojan.Spambot  
 eSafe 7.0.14.0 11.28.2006 suspicious Trojan/Worm  
 eTrust-InoculateIT 23.73.69 11.28.2006  no virus found  
 eTrust-Vet 30.3.3219 11.28.2006  no virus found  
 Ewido 4.0 11.28.2006  no virus found  
 Fortinet 2.82.0.0 11.28.2006 suspicious  
 F-Prot 3.16f 11.27.2006 could be infected with an unknown virus  
 F-Prot4 4.2.1.29 11.27.2006 generic  
 Ikarus 0.2.65.0 11.28.2006  no virus found  
 Kaspersky 4.0.2.24 11.28.2006 Trojan-Proxy.Win32.Small.du  
 McAfee 4906 11.28.2006  no virus found  
 Microsoft 1.1804 11.28.2006  no virus found  
 NOD32v2 1887 11.28.2006 probably unknown NewHeur_PE virus  
 Norman 5.80.02 11.28.2006  no virus found  
 Panda 9.0.0.4 11.28.2006 Suspicious file  
 Prevx1 V2 11.28.2006  no virus found  
 Sophos 4.11.0 11.16.2006  no virus found  
 TheHacker 6.0.3.124 11.27.2006  no virus found  
 UNA 1.83 11.28.2006  no virus found  
 VBA32 3.11.1 11.28.2006  no virus found  
 VirusBuster 4.3.15:9 11.28.2006 no virus found  


STATUS: FINISHEDComplete scanning result of "avz00003.dta", received in VirusTotal at 11.28.2006, 22:00:31 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.46 11.28.2006  no virus found 
Authentium 4.93.8 11.27.2006  no virus found 
Avast 4.7.892.0 11.28.2006  no virus found 
AVG 386 11.28.2006  no virus found 
BitDefender 7.2 11.28.2006  no virus found 
CAT-QuickHeal 8.00 11.28.2006  no virus found 
ClamAV devel-20060426 11.28.2006  no virus found 
DrWeb 4.33 11.28.2006  no virus found 
eSafe 7.0.14.0 11.28.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.69 11.28.2006  no virus found 
eTrust-Vet 30.3.3219 11.28.2006  no virus found 
Ewido 4.0 11.28.2006  no virus found 
Fortinet 2.82.0.0 11.28.2006 suspicious 
F-Prot 3.16f 11.27.2006  no virus found 
F-Prot4 4.2.1.29 11.27.2006  no virus found 
Ikarus 0.2.65.0 11.28.2006  no virus found 
Kaspersky 4.0.2.24 11.28.2006 SpamTool.Win32.Agent.t 
McAfee 4906 11.28.2006  no virus found 
Microsoft 1.1804 11.28.2006  no virus found 
NOD32v2 1887 11.28.2006  no virus found 
Norman 5.80.02 11.28.2006  no virus found 
Panda 9.0.0.4 11.28.2006 Suspicious file 
Prevx1 V2 11.28.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.124 11.27.2006  no virus found 
UNA 1.83 11.28.2006  no virus found 
VBA32 3.11.1 11.28.2006 suspected of Email-Worm.Mydoom.3 (paranoid heuristics) 
VirusBuster 4.3.15:9 11.28.2006 no virus found 

STATUS: FINISHEDComplete scanning result of "avz00002.dta", received in VirusTotal at 11.28.2006, 22:01:31 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.46 11.28.2006  no virus found 
Authentium 4.93.8 11.27.2006  no virus found 
Avast 4.7.892.0 11.28.2006 Win32:Trojano-CS 
AVG 386 11.28.2006  no virus found 
BitDefender 7.2 11.28.2006  no virus found 
CAT-QuickHeal 8.00 11.28.2006  no virus found 
ClamAV devel-20060426 11.28.2006  no virus found 
DrWeb 4.33 11.28.2006  no virus found 
eSafe 7.0.14.0 11.28.2006  no virus found 
eTrust-InoculateIT 23.73.69 11.28.2006  no virus found 
eTrust-Vet 30.3.3219 11.28.2006  no virus found 
Ewido 4.0 11.28.2006  no virus found 
Fortinet 2.82.0.0 11.28.2006  no virus found 
F-Prot 3.16f 11.27.2006  no virus found 
F-Prot4 4.2.1.29 11.27.2006  no virus found 
Ikarus 0.2.65.0 11.28.2006  no virus found 
Kaspersky 4.0.2.24 11.28.2006 SpamTool.Win32.Agent.t 
McAfee 4906 11.28.2006  no virus found 
Microsoft 1.1804 11.28.2006  no virus found 
NOD32v2 1887 11.28.2006  no virus found 
Norman 5.80.02 11.28.2006  no virus found 
Panda 9.0.0.4 11.28.2006 Suspicious file 
Prevx1 V2 11.28.2006  no virus found 
Sophos 4.11.0 11.16.2006  no virus found 
TheHacker 6.0.3.124 11.27.2006  no virus found 
UNA 1.83 11.28.2006 SpamTool.Win32.Agent.F918 
VBA32 3.11.1 11.28.2006 suspected of Email-Worm.Mydoom.3 (paranoid heuristics) 
VirusBuster 4.3.15:9 11.28.2006 no virus found 


 :Smiley:

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## DoSTR

Complete scanning result of "*sex_girl_porno.exe*", received in VirusTotal at 11.30.2006, 19:58:50 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.46	11.30.2006	HEUR/Crypted
Authentium	4.93.8	11.30.2006	no virus found
Avast	4.7.892.0	11.30.2006	no virus found
AVG	386	11.30.2006	no virus found
BitDefender	7.2	11.30.2006	DeepScan:Generic.PWStealer.CE74FB38
CAT-QuickHeal	8.00	11.30.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.30.2006	Trojan.Dropper.Agent-106
DrWeb	4.33	11.30.2006	Trojan.PWS.LDPinch.1217
eSafe	7.0.14.0	11.30.2006	Suspicious Trojan/Worm
eTrust-InoculateIT	23.73.72	11.29.2006	no virus found
eTrust-Vet	30.3.3223	11.30.2006	no virus found
Ewido	4.0	11.30.2006	no virus found
Fortinet	2.82.0.0	11.30.2006	no virus found
F-Prot	3.16f	11.30.2006	no virus found
F-Prot4	4.2.1.29	11.30.2006	no virus found
Ikarus	0.2.65.0	11.30.2006	no virus found
Kaspersky	4.0.2.24	11.30.2006	no virus found
McAfee	4908	11.30.2006	no virus found
Microsoft	1.1804	11.30.2006	Win32/Ldpinch
NOD32v2	1892	11.30.2006	no virus found
Norman	5.80.02	11.30.2006	no virus found
Panda	9.0.0.4	11.30.2006	Suspicious file
Prevx1	V2	11.30.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.126	11.29.2006	no virus found
UNA	1.83	11.30.2006	no virus found
VBA32	3.11.1	11.30.2006	MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster	4.3.15:9	11.30.2006	no virus found

Aditional Information
File size: 32256 bytes
MD5: efaee5e926a09506b80ef5fb3de7c757
SHA1: 79dd5e7b32f6de79730503c80a58227a23c2ded9
packers: PECOMPACT
packers: PecBundle, PECompact

----------


## DoSTR

Complete scanning result of "*porno.exe*", received in VirusTotal at 11.30.2006, 20:24:54 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.46	11.30.2006	HEUR/Crypted
Authentium	4.93.8	11.30.2006	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast	4.7.892.0	11.30.2006	no virus found
AVG	386	11.30.2006	no virus found
BitDefender	7.2	11.30.2006	no virus found
CAT-QuickHeal	8.00	11.30.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	11.30.2006	no virus found
DrWeb	4.33	11.30.2006	no virus found
eSafe	7.0.14.0	11.30.2006	no virus found
eTrust-InoculateIT	23.73.72	11.29.2006	no virus found
eTrust-Vet	30.3.3223	11.30.2006	no virus found
Ewido	4.0	11.30.2006	no virus found
Fortinet	2.82.0.0	11.30.2006	suspicious
F-Prot	3.16f	11.30.2006	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4	4.2.1.29	11.30.2006	W32/Threat-HLLSI-based!Maximus
Ikarus	0.2.65.0	11.30.2006	no virus found
Kaspersky	4.0.2.24	11.30.2006	no virus found
McAfee	4908	11.30.2006	no virus found
Microsoft	1.1804	11.30.2006	no virus found
NOD32v2	1892	11.30.2006	no virus found
Norman	5.80.02	11.30.2006	no virus found
Panda	9.0.0.4	11.30.2006	Suspicious file
Prevx1	V2	11.30.2006	no virus found
Sophos	4.11.0	11.16.2006	no virus found
TheHacker	6.0.3.126	11.29.2006	no virus found
UNA	1.83	11.30.2006	no virus found
VBA32	3.11.1	11.30.2006	MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster	4.3.15:9	11.30.2006	no virus found

Aditional Information
File size: 14117 bytes
MD5: 612f6149668f3d868b7ea4ce44ab0840
SHA1: 607488ca2164627a9828c9d28eba71afb10f4481
packers: FSG
packers: FSG

----------


## DoSTR

Complete scanning result of "*Smoking.exe*", received in VirusTotal at 12.01.2006, 15:23:24 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.46	12.01.2006	HEUR/Crypted
Authentium	4.93.8	11.30.2006	no virus found
Avast	4.7.892.0	12.01.2006	Win32:Ldpinch-AH
AVG	386	12.01.2006	no virus found
BitDefender	7.2	12.01.2006	no virus found
CAT-QuickHeal	8.00	11.30.2006	no virus found
ClamAV	devel-20060426	12.01.2006	no virus found
DrWeb	4.33	12.01.2006	BACKDOOR.PWS.Trojan
eSafe	7.0.14.0	11.30.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.73	12.01.2006	no virus found
eTrust-Vet	30.3.3225	12.01.2006	no virus found
Ewido	4.0	12.01.2006	no virus found
Fortinet	2.82.0.0	12.01.2006	no virus found
F-Prot	3.16f	11.30.2006	no virus found
F-Prot4	4.2.1.29	11.30.2006	no virus found
Ikarus	0.2.65.0	12.01.2006	no virus found
Kaspersky	4.0.2.24	12.01.2006	no virus found
McAfee	4908	11.30.2006	no virus found
Microsoft	1.1804	12.01.2006	no virus found
NOD32v2	1892	11.30.2006	a variant of Win32/PSW.LdPinch.RG
Norman	5.80.02	12.01.2006	no virus found
Panda	9.0.0.4	12.01.2006	Suspicious file
Prevx1	V2	12.01.2006	no virus found
Sophos	4.12.0	12.01.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	no virus found
TheHacker	6.0.3.127	12.01.2006	no virus found
UNA	1.83	11.30.2006	no virus found
VBA32	3.11.1	11.30.2006	MalwareScope.Trojan-PSW.LdPinch.1
VirusBuster	4.3.15:9	11.30.2006	no virus found

Aditional Information
File size: 172544 bytes
MD5: 85c75dbf1e460d11249d038244767798
SHA1: 7e2c9aef24cc213be92f2227dd8d0f44a22f760f
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Ego1st

File: 	Поговорим-ка_v2.1.exe 
Status: 	INFECTED/MALWARE 
MD5 	5c97a32f094c8dba7380749bf555cb9a 
Packers detected: 	NSPACK
Scanner results 
AntiVir 	Found nothing
ArcaVir 	Found nothing
Avast 	Found nothing
AVG Antivirus 	Found nothing
BitDefender 	Found BehavesLike:Trojan.FirewallBypass (probable variant) 
ClamAV 	Found nothing
Dr.Web 	Found Trojan.PWS.LDPinch.1338 
F-Prot Antivirus 	Found nothing
F-Secure Anti-Virus 	Found nothing
Fortinet 	Found nothing
Kaspersky Anti-Virus 	Found Trojan-Dropper.Win32.Agent.azx 
NOD32 	Found nothing
Norman Virus Control 	Found nothing
VirusBuster 	Found nothing
VBA32 	Found Trojan.MulDrop.4393

----------


## santy

Complete scanning result of "new_version_stration_.rar", received in VirusTotal at 12.05.2006, 06:07:05 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.46	12.04.2006	TR/Dldr.Stration.Gen
Authentium	4.93.8	12.04.2006	W32/Warezov.gen4
Avast	4.7.892.0	12.04.2006	no virus found
AVG	386	12.05.2006	I-Worm/Stration
BitDefender	7.2	12.05.2006	[email protected]
CAT-QuickHeal	8.00	12.04.2006	no virus found
ClamAV	devel-20060426	12.05.2006	Worm.Stration.WZ
DrWeb	4.33	12.04.2006	no virus found
eSafe	7.0.14.0	12.03.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.76	12.05.2006	no virus found
eTrust-Vet	30.3.3230	12.04.2006	no virus found
Ewido	4.0	12.04.2006	no virus found
Fortinet	2.82.0.0	12.05.2006	W32/[email protected]
F-Prot	3.16f	12.04.2006	W32/Warezov.gen4
F-Prot4	4.2.1.29	12.04.2006	W32/Warezov.gen3!W32DL
Ikarus	1.0.26	12.04.2006	Email-Worm.Win32.Warezov.gen
Kaspersky	4.0.2.24	12.05.2006	no virus found
McAfee	4910	12.04.2006	no virus found
Microsoft	1.1804	12.05.2006	no virus found
NOD32v2	1900	12.05.2006	a variant of Win32/Stration
Norman	5.80.02	12.04.2006	no virus found
Panda	9.0.0.4	12.03.2006	no virus found
Prevx1	V2	12.05.2006	no virus found
Sophos	4.12.0	12.04.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	no virus found
TheHacker	6.0.3.128	12.04.2006	no virus found
UNA	1.83	12.04.2006	no virus found
VBA32	3.11.1	12.04.2006	no virus found
VirusBuster	4.3.15:9	12.04.2006	no virus found

Aditional Information
File size: 28098 bytes
MD5: 206bd01c2093cd76b496cc477188f938
SHA1: 000133c1969ff6e3e52c65c8c140976ba4b045bc
packers: UPX
packers: UPX
packers: UPX
packers: UPX, embedded

----------


## santy

Complete scanning result of "new_virus.rar", received in VirusTotal at 12.05.2006, 11:57:17 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.46	12.05.2006	TR/Dldr.Stration.Gen
Authentium	4.93.8	12.04.2006	W32/Warezov.gen4
Avast	4.7.892.0	12.05.2006	Win32:Warezov-QS
AVG	386	12.05.2006	I-Worm/Stration
BitDefender	7.2	12.05.2006	Dropped:[email protected]
CAT-QuickHeal	8.00	12.04.2006	no virus found
ClamAV	devel-20060426	12.05.2006	Worm.Stration.XB
DrWeb	4.33	12.05.2006	Win32.HLLM.Limar.based
eSafe	7.0.14.0	12.03.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.76	12.05.2006	no virus found
eTrust-Vet	30.3.3232	12.05.2006	no virus found
Ewido	4.0	12.04.2006	no virus found
Fortinet	2.82.0.0	12.05.2006	W32/[email protected]
F-Prot	3.16f	12.04.2006	W32/Warezov.gen4
F-Prot4	4.2.1.29	12.04.2006	W32/Warezov.gen3!W32DL
Ikarus	T3.1.0.26	12.04.2006	Email-Worm.Win32.Warezov.gen
Kaspersky	4.0.2.24	12.05.2006	no virus found
McAfee	4910	12.04.2006	no virus found
Microsoft	1.1804	12.05.2006	no virus found
NOD32v2	1901	12.05.2006	a variant of Win32/Stration
Norman	5.80.02	12.04.2006	no virus found
Panda	9.0.0.4	12.05.2006	no virus found
Prevx1	V2	12.05.2006	no virus found
Sophos	4.12.0	12.04.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	no virus found
TheHacker	6.0.3.129	12.05.2006	no virus found
UNA	1.83	12.04.2006	no virus found
VBA32	3.11.1	12.05.2006	Email-Worm.Win32.Warezov.fb
VirusBuster	4.3.15:9	12.05.2006	no virus found

Aditional Information
File size: 28019 bytes
MD5: 0540ecb170ffc420ed78352ffc0a796a
SHA1: 44c51bfce5cf5c43fca58bc2af478bb57c13c598
packers: UPX
packers: UPX
packers: UPX
packers: UPX
packers: UPX, embedded

----------


## Winsent

Complete scanning result of "setup.rar", received in VirusTotal at 12.05.2006, 18:23:52 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.05.2006	no virus found
*Authentium	4.93.8	12.04.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.05.2006	no virus found
AVG	386	12.05.2006	no virus found
*BitDefender	7.2	12.05.2006	DeepScan:Generic.Horst.7162EBF0*
CAT-QuickHeal	8.00	12.05.2006	no virus found
*ClamAV	devel-20060426	12.05.2006	Trojan.Medbot-98*
DrWeb	4.33	12.05.2006	no virus found
*eSafe	7.0.14.0	12.03.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.76	12.05.2006	no virus found
eTrust-Vet	30.3.3232	12.05.2006	no virus found
Ewido	4.0	12.05.2006	no virus found
Fortinet	2.82.0.0	12.05.2006	no virus found
*F-Prot	3.16f	12.04.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.04.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.05.2006	no virus found
Kaspersky	4.0.2.24	12.05.2006	no virus found
McAfee	4911	12.05.2006	no virus found
Microsoft	1.1804	12.05.2006	no virus found
NOD32v2	1902	12.05.2006	no virus found
Norman	5.80.02	12.05.2006	no virus found
*Panda	9.0.0.4	12.05.2006	Suspicious file*
Prevx1	V2	12.05.2006	no virus found
*Sophos	4.12.0	12.04.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.129	12.05.2006	Trojan/Horst.gen*
UNA	1.83	12.04.2006	no virus found
*VBA32	3.11.1	12.05.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.05.2006	no virus found

Aditional Information
File size: 42447 bytes
MD5: ee7b10cc7b235464c1b04cd5496b8e9a
SHA1: 6bb14eac48de8a4a7e3e8c9f556ebcee855eaf49
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## DoSTR

Complete scanning result of "*NEW_WinRAR_KG3.61.exe*", received in VirusTotal at 12.06.2006, 07:39:00 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.49	12.06.2006	no virus found
Authentium	4.93.8	12.05.2006	no virus found
Avast	4.7.892.0	12.05.2006	no virus found
AVG	386	12.05.2006	no virus found
BitDefender	7.2	12.06.2006	no virus found
CAT-QuickHeal	8.00	12.05.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.06.2006	no virus found
DrWeb	4.33	12.05.2006	Trojan.MulDrop.4153
eSafe	7.0.14.0	12.03.2006	Win32.Polipos.sus
eTrust-InoculateIT	23.73.78	12.06.2006	no virus found
eTrust-Vet	30.3.3234	12.06.2006	no virus found
Ewido	4.0	12.05.2006	no virus found
Fortinet	2.82.0.0	12.06.2006	suspicious
F-Prot	3.16f	12.05.2006	no virus found
F-Prot4	4.2.1.29	12.05.2006	no virus found
Ikarus	T3.1.0.26	12.05.2006	no virus found
Kaspersky	4.0.2.24	12.06.2006	no virus found
McAfee	4911	12.05.2006	no virus found
Microsoft	1.1804	12.06.2006	no virus found
NOD32v2	1903	12.05.2006	no virus found
Norman	5.80.02	12.05.2006	no virus found
Panda	9.0.0.4	12.06.2006	Suspicious file
Prevx1	V2	12.06.2006	no virus found
Sophos	4.12.0	12.05.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	VIPRE.Suspicious
TheHacker	6.0.3.129	12.05.2006	no virus found
UNA	1.83	12.05.2006	no virus found
VBA32	3.11.1	12.05.2006	suspected of Trojan-PSW.LdPinch.38 (paranoid heuristics)
VirusBuster	4.3.15:9	12.05.2006	no virus found

Aditional Information
File size: 189952 bytes
MD5: 9198d755fcfb18f1a92f083635af07cb
SHA1: ac6d98b208e3378d072ff296d7e8dbcc47dde955
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.06.2006, 18:07:32 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.06.2006	no virus found
*Authentium	4.93.8	12.05.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.06.2006	no virus found
AVG	386	12.06.2006	no virus found
*BitDefender	7.2	12.06.2006	DeepScan:Generic.Horst.831BFB7F*
CAT-QuickHeal	8.00	12.05.2006	no virus found
*ClamAV	devel-20060426	12.06.2006	Trojan.Medbot-98*
DrWeb	4.33	12.06.2006	no virus found
*eSafe	7.0.14.0	12.06.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.78	12.06.2006	no virus found
eTrust-Vet	30.3.3234	12.06.2006	no virus found
Ewido	4.0	12.06.2006	no virus found
Fortinet	2.82.0.0	12.06.2006	no virus found
*F-Prot	3.16f	12.05.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.05.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.05.2006	no virus found
Kaspersky	4.0.2.24	12.06.2006	no virus found
McAfee	4911	12.05.2006	no virus found
Microsoft	1.1804	12.06.2006	no virus found
NOD32v2	1904	12.06.2006	no virus found
*Norman	5.80.02	12.05.2006	W32/Malware
Panda	9.0.0.4	12.06.2006	Suspicious file*
Prevx1	V2	12.06.2006	no virus found
*Sophos	4.12.0	12.06.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.130	12.06.2006	Trojan/Horst.gen*
UNA	1.83	12.05.2006	no virus found
*VBA32	3.11.1	12.05.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.05.2006	no virus found

Aditional Information
File size: 44544 bytes
MD5: 0667b2142eae7afe013cad02fbbbb5ce
SHA1: 3847537d3e55487fc7fddddea509508e38f7b81e
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 44544 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

----------


## NickGolovko

Scanner results 
*AntiVir Found Heuristic/Malware (probable variant)* 
ArcaVir Found nothing 
Avast Found nothing 
AVG Antivirus Found nothing 
BitDefender Found nothing 
ClamAV Found nothing 
*Dr.Web Found BACKDOOR.Trojan, BackDoor.Pomax (probable variant)* 
F-Prot Antivirus Found nothing 
F-Secure Anti-Virus Found nothing 
Fortinet Found nothing 
Kaspersky Anti-Virus Found nothing 
NOD32 Found nothing 
Norman Virus Control Found nothing 
VirusBuster Found nothing 
*VBA32 Found Embedded.Trojan-Spy.Win32.Small.gm (probable variant)*

----------


## kvit

Только что пришел по почте... Хотя на свежатину не похож...

Complete scanning result of "__1056", received in VirusTotal at 12.07.2006, 10:48:49 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.49 12.07.2006 TR/Dldr.Tiny.BM.50 
Authentium 4.93.8 12.07.2006 W32/Downloader.AUDX 
Avast 4.7.892.0 12.06.2006  no virus found 
AVG 386 12.07.2006 Downloader.Generic2.ZWH 
BitDefender 7.2 12.07.2006 Trojan.Downloader.Tiny.BM 
CAT-QuickHeal 8.00 12.06.2006 TrojanDownloader.Tiny.bm 
ClamAV devel-20060426 12.07.2006 Trojan.Downloader-13 
DrWeb 4.33 12.07.2006 Trojan.DownLoader.15512 
eSafe 7.0.14.0 12.06.2006  no virus found 
eTrust-InoculateIT 23.73.79 12.07.2006 Win32/NordDL.1lx!Trojan 
eTrust-Vet 30.3.3236 12.07.2006 Win32/Ohbeeb.AA 
Ewido 4.0 12.07.2006 Downloader.Tiny.bm 
Fortinet 2.82.0.0 12.07.2006 W32/Tiny.BM!tr.dldr 
F-Prot 3.16f 12.05.2006 security risk named W32/Downloader.AUDX 
F-Prot4 4.2.1.29 12.05.2006 W32/Downloader.AUDX 
Ikarus T3.1.0.26 12.07.2006 Trojan-Downloader.Small.CBF 
Kaspersky 4.0.2.24 12.07.2006 Trojan-Downloader.Win32.Tiny.bm 
McAfee 4912 12.07.2006  no virus found 
Microsoft 1.1804 12.07.2006  no virus found 
NOD32v2 1906 12.07.2006 Win32/TrojanDownloader.Tiny.NBR 
Norman 5.80.02 12.06.2006 W32/Tiny.SV 
Panda 9.0.0.4 12.07.2006  no virus found 
Prevx1 V2 12.07.2006 Downloader.Drev.A 
Sophos 4.12.0 12.06.2006 Troj/Tiny-BT 
Sunbelt 2.2.907.0 11.30.2006  no virus found 
TheHacker 6.0.3.130 12.06.2006  no virus found 
UNA 1.83 12.06.2006 TrojanDownloader.Win32.Tiny.8DEF 
VBA32 3.11.1 12.06.2006 Trojan-Downloader.Win32.Tiny.bm 
VirusBuster 4.3.15:9 12.06.2006 Trojan.DL.Tiny.DK 


Aditional Information 
File size: 2560 bytes 
MD5: 14425bb89f6d2b448b28cd1ccf4d9f8b 
SHA1: 995c776401c5ef3578e1a1bdd29a9132b90d1589 
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=a26e59461175

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.07.2006, 14:06:37 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.07.2006	no virus found
*Authentium	4.93.8	12.07.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.07.2006	no virus found
AVG	386	12.07.2006	no virus found
*BitDefender	7.2	12.07.2006	DeepScan:Generic.Horst.FBC6323B*
CAT-QuickHeal	8.00	12.06.2006	no virus found
*ClamAV	devel-20060426	12.07.2006	Trojan.Medbot-98*
DrWeb	4.33	12.07.2006	no virus found
*eSafe	7.0.14.0	12.06.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.79	12.07.2006	no virus found
eTrust-Vet	30.3.3236	12.07.2006	no virus found
Ewido	4.0	12.07.2006	no virus found
Fortinet	2.82.0.0	12.07.2006	no virus found
*F-Prot	3.16f	12.05.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.05.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.07.2006	no virus found
Kaspersky	4.0.2.24	12.07.2006	no virus found
McAfee	4912	12.07.2006	no virus found
Microsoft	1.1804	12.07.2006	no virus found
NOD32v2	1907	12.07.2006	no virus found
*Norman	5.80.02	12.06.2006	W32/Malware*
Panda	9.0.0.4	12.07.2006	Suspicious file
Prevx1	V2	12.07.2006	no virus found
*Sophos	4.12.0	12.06.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.130	12.06.2006	Trojan/Horst.gen*
UNA	1.83	12.06.2006	no virus found
*VBA32	3.11.1	12.06.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.06.2006	no virus found

Aditional Information
File size: 44544 bytes
MD5: 1722a1dc5186cdf52465245a5fb76cba
SHA1: 55157c41e7064161961298c5441c88cd119c1cda
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 44544 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

----------


## DoSTR

Благодарю *2jocke2* за предоставленный образец
Complete scanning result of "*zAskop.dll*", received in VirusTotal at 12.07.2006, 14:54:22 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.2.0.49	12.07.2006	TR/Spy.Agent.AAE.1
Authentium	4.93.8	12.07.2006	no virus found
Avast	4.7.892.0	12.07.2006	Win32:Small-BKI
AVG	386	12.07.2006	PSW.Generic2.SDM
BitDefender	7.2	12.07.2006	Generic.Malware.SFMdld.0099442E
CAT-QuickHeal	8.00	12.06.2006	no virus found
ClamAV	devel-20060426	12.07.2006	no virus found
DrWeb	4.33	12.07.2006	Trojan.Spambot
eSafe	7.0.14.0	12.07.2006	no virus found
eTrust-InoculateIT	23.73.79	12.07.2006	no virus found
eTrust-Vet	30.3.3236	12.07.2006	Win32/Meldsimp!generic
Ewido	4.0	12.07.2006	no virus found
Fortinet	2.82.0.0	12.07.2006	no virus found
F-Prot	3.16f	12.05.2006	no virus found
F-Prot4	4.2.1.29	12.05.2006	no virus found
Ikarus	T3.1.0.26	12.07.2006	no virus found
Kaspersky	4.0.2.24	12.07.2006	no virus found
McAfee	4912	12.07.2006	no virus found
Microsoft	1.1804	12.07.2006	no virus found
NOD32v2	1907	12.07.2006	probably a variant of Win32/Spy.Small.DP
Norman	5.80.02	12.07.2006	no virus found
Panda	9.0.0.4	12.07.2006	Trj/Agysteo.B
Prevx1	V2	12.07.2006	no virus found
Sophos	4.12.0	12.06.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	no virus found
TheHacker	6.0.3.130	12.06.2006	no virus found
UNA	1.83	12.06.2006	no virus found
VBA32	3.11.1	12.06.2006	suspected of Backdoor.xBot.1 (paranoid heuristics)
VirusBuster	4.3.15:9	12.06.2006	no virus found

Aditional Information
File size: 13824 bytes
MD5: 41d48c0c2defce2294855c766401127f
SHA1: a0c0d338877bf61a3eb8f0d13599b8a8b70dc644
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.08.2006, 08:52:36 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.08.2006	no virus found
*Authentium	4.93.8	12.07.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.07.2006	no virus found
AVG	386	12.07.2006	no virus found
*BitDefender	7.2	12.08.2006	DeepScan:Generic.Horst.FF530EE6*
CAT-QuickHeal	8.00	12.07.2006	no virus found
*ClamAV	devel-20060426	12.08.2006	Trojan.Medbot-98*
DrWeb	4.33	12.08.2006	no virus found
*eSafe	7.0.14.0	12.07.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.80	12.08.2006	no virus found
eTrust-Vet	30.3.3238	12.08.2006	no virus found
Ewido	4.0	12.07.2006	no virus found
Fortinet	2.82.0.0	12.08.2006	no virus found
*F-Prot	3.16f	12.07.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.07.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.07.2006	no virus found
Kaspersky	4.0.2.24	12.08.2006	no virus found
*McAfee	4913	12.07.2006	BackDoor-CMQ.gen*
Microsoft	1.1804	12.08.2006	no virus found
NOD32v2	1909	12.07.2006	no virus found
*Norman	5.80.02	12.07.2006	W32/Horst.gen14
Panda	9.0.0.4	12.08.2006	Suspicious file*
Prevx1	V2	12.08.2006	no virus found
*Sophos	4.12.0	12.06.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.130	12.06.2006	Trojan/Horst.gen*
UNA	1.83	12.07.2006	no virus found
*VBA32	3.11.1	12.07.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.07.2006	no virus found

Aditional Information
File size: 44032 bytes
MD5: 13b3e0b604f4eac38ee519cb5aa08e35
SHA1: fd10382f34177e0b92247560d3288edac0b5eae8
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Синауридзе Александр

Complete scanning result of "___1051", received in VirusTotal at 12.08.2006, 14:27:43 (CET).

Antivirus	Version	Update	Result
AntiVir	7.2.0.49	12.08.2006	no virus found
Authentium	4.93.8	12.07.2006	no virus found
Avast	4.7.892.0	12.07.2006	no virus found
AVG	386	12.08.2006	no virus found
BitDefender	7.2	12.08.2006	no virus found
CAT-QuickHeal	8.00	12.07.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.08.2006	no virus found
DrWeb	4.33	12.08.2006	no virus found
eSafe	7.0.14.0	12.07.2006	no virus found
eTrust-InoculateIT	23.73.80	12.08.2006	no virus found
eTrust-Vet	30.3.3238	12.08.2006	no virus found
Ewido	4.0	12.08.2006	no virus found
Fortinet	2.82.0.0	12.08.2006	no virus found
F-Prot	3.16f	12.07.2006	no virus found
F-Prot4	4.2.1.29	12.07.2006	no virus found
Ikarus	T3.1.0.26	12.07.2006	Trojan-Downloader.Win32.Banload.rf
Kaspersky	4.0.2.24	12.08.2006	no virus found
McAfee	4913	12.07.2006	no virus found
Microsoft	1.1804	12.08.2006	no virus found
*NOD32v2	1910	12.08.2006	probably unknown NewHeur_PE virus*
Norman	5.80.02	12.08.2006	no virus found
Panda	9.0.0.4	12.08.2006	Suspicious file
Prevx1	V2	12.08.2006	no virus found
Sophos	4.12.0	12.08.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	VIPRE.Suspicious
TheHacker	6.0.3.130	12.06.2006	no virus found
UNA	1.83	12.07.2006	no virus found
VBA32	3.11.1	12.07.2006	no virus found
VirusBuster	4.3.15:9	12.07.2006	no virus found

Aditional Information
File size: 333312 bytes
MD5: c7ce45626e59f49002bf533a2b7c7bd4
SHA1: f26cbbe2141eb0ad93d4d00e50a2238a839d7396
packers: PE_Patch, Aspack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.08.2006, 18:38:07 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.08.2006	no virus found
*Authentium	4.93.8	12.07.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.08.2006	no virus found
AVG	386	12.08.2006	no virus found
*BitDefender	7.2	12.08.2006	DeepScan:Generic.Horst.5CCDBFEF*
CAT-QuickHeal	8.00	12.08.2006	no virus found
*ClamAV	devel-20060426	12.08.2006	Trojan.Medbot-98*
DrWeb	4.33	12.08.2006	no virus found
*eSafe	7.0.14.0	12.07.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.80	12.08.2006	no virus found
eTrust-Vet	30.3.3238	12.08.2006	no virus found
Ewido	4.0	12.08.2006	no virus found
Fortinet	2.82.0.0	12.08.2006	no virus found
*F-Prot	3.16f	12.07.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.07.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.07.2006	no virus found
Kaspersky	4.0.2.24	12.08.2006	no virus found
McAfee	4914	12.08.2006	no virus found
Microsoft	1.1804	12.08.2006	no virus found
NOD32v2	1911	12.08.2006	no virus found
*Norman	5.80.02	12.08.2006	W32/Horst.gen14*
*Panda	9.0.0.4	12.08.2006	Suspicious file*
Prevx1	V2	12.08.2006	no virus found
*Sophos	4.12.0	12.08.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.130	12.06.2006	Trojan/Horst.gen*
UNA	1.83	12.07.2006	no virus found
*VBA32	3.11.1	12.08.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.08.2006	no virus found

Aditional Information
File size: 44544 bytes
MD5: e8cb9a43e491e5cc592f225371df0a0a
SHA1: ad86ee6cae901b10692635324eceabcc76b04322
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.09.2006, 20:16:30 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.08.2006	no virus found
*Authentium	4.93.8	12.08.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.08.2006	no virus found
AVG	386	12.09.2006	no virus found
*BitDefender	7.2	12.09.2006	DeepScan:Generic.Horst.F09457F2*
CAT-QuickHeal	8.00	12.09.2006	no virus found
*ClamAV	devel-20060426	12.09.2006	Trojan.Medbot-98*
DrWeb	4.33	12.09.2006	no virus found
*eSafe	7.0.14.0	12.07.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.81	12.09.2006	no virus found
eTrust-Vet	30.3.3238	12.08.2006	no virus found
Ewido	4.0	12.09.2006	no virus found
Fortinet	2.82.0.0	12.09.2006	no virus found
*F-Prot	3.16f	12.08.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.08.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.07.2006	no virus found
*Kaspersky	4.0.2.24	12.09.2006	Trojan-Proxy.Win32.Horst.sh*
McAfee	4914	12.08.2006	no virus found
*NOD32v2	1913	12.09.2006	a variant of Win32/Medbot.DP
Norman	5.80.02	12.08.2006	W32/Horst.gen14
Panda	9.0.0.4	12.09.2006	Suspicious file*
Prevx1	V2	12.09.2006	no virus found
*Sophos	4.12.0	12.08.2006	Mal/Behav-080*
*Sunbelt	2.2.907.0	11.30.2006	no virus found
TheHacker	6.0.3.130	12.06.2006	Trojan/Horst.gen*
UNA	1.83	12.08.2006	no virus found
*VBA32	3.11.1	12.09.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.09.2006	no virus found

Aditional Information
File size: 44032 bytes
MD5: b2f3daed796da63f74f0d86554931dc6
SHA1: a3bfcda907e914483a2a05d9c7767c4ca60371da
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Winsent

Complete scanning result of "Moiseev_ebal_Bilana.exe", received in VirusTotal at 12.11.2006, 02:13:08 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.2.0.49	12.10.2006	HEUR/Crypted*
Authentium	4.93.8	12.08.2006	no virus found
Avast	4.7.892.0	12.08.2006	no virus found
AVG	386	12.09.2006	no virus found
BitDefender	7.2	12.11.2006	no virus found
*CAT-QuickHeal	8.00	12.09.2006	(Suspicious) - DNAScan*
ClamAV	devel-20060426	12.10.2006	no virus found
DrWeb	4.33	12.10.2006	no virus found
*eSafe	7.0.14.0	12.07.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.81	12.09.2006	no virus found
eTrust-Vet	30.3.3238	12.08.2006	no virus found
Ewido	4.0	12.10.2006	no virus found
*Fortinet	2.82.0.0	12.11.2006	suspicious*
F-Prot	3.16f	12.08.2006	no virus found
*F-Prot4	4.2.1.29	12.08.2006	generic*
Ikarus	T3.1.0.26	12.07.2006	no virus found
Kaspersky	4.0.2.24	12.11.2006	no virus found
McAfee	4915	12.10.2006	no virus found
*Microsoft	1.1804	12.10.2006	Win32/Ldpinch*
NOD32v2	1913	12.09.2006	no virus found
Norman	5.80.02	12.08.2006	no virus found
*Panda	9.0.0.4	12.11.2006	Suspicious file*
Prevx1	V2	12.11.2006	no virus found
Sophos	4.12.0	12.10.2006	no virus found
*Sunbelt	2.2.907.0	11.30.2006	VIPRE.Suspicious*
TheHacker	6.0.3.131	12.10.2006	no virus found
UNA	1.83	12.08.2006	no virus found
*VBA32	3.11.1	12.10.2006	MalwareScope.Trojan-PSW.PdPinch.5*
VirusBuster	4.3.15:9	12.10.2006	no virus found

Aditional Information
File size: 33268 bytes
MD5: fc3ca9215687f84bf1fb3035e63945fd
SHA1: 3672f81e54cce27aad769d4407b92f520507a3f1
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## kvit

Из очередного спама

Complete scanning result of "__1056", received in VirusTotal at 12.11.2006, 05:23:48 (CET).

Antivirus Version Update Result 
AntiVir 7.2.0.49 12.10.2006  no virus found 
Authentium 4.93.8 12.08.2006  no virus found 
Avast 4.7.892.0 12.08.2006  no virus found 
AVG 386 12.09.2006  no virus found 
*BitDefender 7.2 12.11.2006 DeepScan:Generic.Dld.Wmed.E.55D473CD* 
CAT-QuickHeal 8.00 12.09.2006  no virus found 
ClamAV devel-20060426 12.10.2006  no virus found 
*DrWeb 4.33 12.10.2006 Trojan.DownLoader.15754* 
eSafe 7.0.14.0 12.07.2006  no virus found 
eTrust-InoculateIT 23.73.81 12.09.2006  no virus found 
eTrust-Vet 30.3.3238 12.08.2006  no virus found 
Ewido 4.0 12.10.2006  no virus found 
Fortinet 2.82.0.0 12.11.2006  no virus found 
F-Prot 3.16f 12.08.2006  no virus found 
F-Prot4 4.2.1.29 12.08.2006  no virus found 
Ikarus T3.1.0.26 12.07.2006  no virus found 
*Kaspersky 4.0.2.24 12.11.2006 Trojan-Downloader.Win32.Donn.ae* 
McAfee 4915 12.10.2006  no virus found 
Microsoft 1.1804 12.10.2006  no virus found 
NOD32v2 1913 12.09.2006  no virus found 
Norman 5.80.02 12.08.2006  no virus found 
Panda 9.0.0.4 12.11.2006  no virus found 
*Prevx1 V2 12.11.2006 Win32.Malware.gen* 
Sophos 4.12.0 12.10.2006  no virus found 
Sunbelt 2.2.907.0 11.30.2006  no virus found 
TheHacker 6.0.3.131 12.10.2006  no virus found 
UNA 1.83 12.08.2006  no virus found 
VBA32 3.11.1 12.10.2006  no virus found 
VirusBuster 4.3.15:9 12.10.2006 no virus found 

Aditional Information 
File size: 3584 bytes 
MD5: fd42667ea6e265a87eb0e57177fb1890 
SHA1: 352ef85eb8607b1c5323012caed3d589eb2dfb13 
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=5ac261384280

----------


## The Un4given

В ящик на mail.ru свалилось сегодня



> Return-path: <[email protected]>
> Received: from [62.5.255.19] (port=63395 helo=umail.ru)
>         by mx26.mail.ru with esmtp 
>         id 1Gt5FB-000BKu-00
>         for [email protected]; Sat, 09 Dec 2006 19:40:09 +0300
> Received-SPF: none (mx26.mail.ru: 62.5.255.19 is neither permitted nor denied by domain of icq.com) client-ip=62.5.255.19; [email protected]; helo=umail.ru;
> Received: from [212.94.122.1] (account [email protected] HELO icqm)
>   by fe01-umail.umail.ru (CommuniGate Pro SMTP 5.0.12)
>   with SMTPA id 69750782 for [email protected]; Sat, 09 Dec 2006 19:39:11 +0300
> ...


Complete scanning result of "message-678374.exe", processed in VirusTotal at 12/11/2006 07:18:48 (CET).

[ file data ]
* name: message-678374.exe
* size: 40676
* md5.: 9ae2cb788e54d88d9bcf04ee6fa2f656
* sha1: a665d66cda9a23a0351fa6be7349f6433e89aa31

[ scan result ]
 AntiVir        7.2.0.49/20061210       found [Worm/Agent.D.12]
Authentium      4.93.8/20061208 found nothing
Avast   4.7.892.0/20061208      found [Win32 :Cheesy: elf-CAT]
AVG     386/20061209    found nothing
BitDefender     7.2/20061211    found [Win32.Worm.Agent.D]
CAT-QuickHeal   8.00/20061209   found [(Suspicious) - DNAScan]
ClamAV  devel-20060426/20061210 found nothing
DrWeb   4.33/20061210   found [Win32.HLLW.Kesk]
eSafe   7.0.14.0/20061207       found [suspicious Trojan/Worm]
eTrust-InoculateIT      23.73.81/20061209       found nothing
eTrust-Vet      30.3.3238/20061208      found nothing
Ewido   4.0/20061210    found [Worm.Agent.b]
F-Prot  3.16f/20061208  found nothing
F-Prot4 4.2.1.29/20061208       found nothing
Fortinet        2.82.0.0/20061211       found [W32/Agent.B!worm.im]
Ikarus  T3.1.0.26/20061207      found [IM-Worm.Win32.Sumom.C]
Kaspersky       4.0.2.24/20061211       found [Net-Worm.Win32.Agent.b]
McAfee  4915/20061210   found nothing
Microsoft       1.1804/20061210 found nothing
*NOD32v2 1913/20061209   found nothing*
Norman  5.80.02/20061208        found [W32/Suspicious_M.gen]
Panda   9.0.0.4/20061211        found [Suspicious file]
Prevx1  V2/20061211     found nothing
Sophos  4.12.0/20061210 found [Mal/Packer]
Sunbelt 2.2.907.0/20061130      found [VIPRE.Suspicious]
TheHacker       6.0.3.131/20061210      found nothing
UNA     1.83/20061208   found nothing
VBA32   3.11.1/20061210 found [suspected of MalwareScope.Trojan-PSW.PdPinch.2 (paranoid heuristics)]
VirusBuster     4.3.15:9/20061210       found [novirus :Stick Out Tongue: acked/MEW]

[ notes ]
packers: MEW
packers: MEW
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## swerus

Просьба к администраторам подвести статистику за последний период, давно не было.

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.11.2006, 17:28:15 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.11.2006	no virus found
*Authentium	4.93.8	12.08.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.11.2006	no virus found
AVG	386	12.09.2006	no virus found
*BitDefender	7.2	12.11.2006	DeepScan:Generic.Horst.2073FE1E*
*CAT-QuickHeal	8.00	12.11.2006	Trojan.Horst.qf
ClamAV	devel-20060426	12.11.2006	Trojan.Medbot-98*
DrWeb	4.33	12.11.2006	no virus found
*eSafe	7.0.14.0	12.11.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.81	12.09.2006	no virus found
eTrust-Vet	30.3.3244	12.11.2006	no virus found
Ewido	4.0	12.10.2006	no virus found
Fortinet	2.82.0.0	12.11.2006	no virus found
*F-Prot	3.16f	12.08.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.08.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.11.2006	no virus found
Kaspersky	4.0.2.24	12.11.2006	no virus found
McAfee	4915	12.10.2006	no virus found
Microsoft	1.1804	12.11.2006	no virus found
NOD32v2	1914	12.11.2006	no virus found
*Norman	5.80.02	12.11.2006	W32/Horst.gen14
Panda	9.0.0.4	12.11.2006	Suspicious file*
Prevx1	V2	12.11.2006	no virus found
*Sophos	4.12.0	12.10.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.131	12.10.2006	Trojan/Horst.gen*
UNA	1.83	12.08.2006	no virus found
*VBA32	3.11.1	12.10.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.11.2006	no virus found

Aditional Information
File size: 44544 bytes
MD5: 118e257037e8bbc57e81c3b282c122a3
SHA1: 4b911b91c813526728c4b9387efef19ee7f20cbe
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.12.2006, 14:19:11 (CET).


Antivirus	Version	Update	Result

AntiVir	7.2.0.49	12.12.2006	no virus found
*Authentium	4.93.8	12.11.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.12.2006	no virus found
AVG	386	12.11.2006	no virus found
*BitDefender	7.2	12.12.2006	DeepScan:Generic.Horst.4BC9FDCC*
*CAT-QuickHeal	8.00	12.11.2006	Trojan.Horst.qf
ClamAV	devel-20060426	12.11.2006	Trojan.Medbot-98*
DrWeb	4.33	12.12.2006	no virus found
*eSafe	7.0.14.0	12.11.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.83	12.12.2006	no virus found
*eTrust-Vet	30.3.3246	12.12.2006	Win32/Boxed!generic*
Ewido	4.0	12.12.2006	no virus found
Fortinet	2.82.0.0	12.12.2006	no virus found
*F-Prot	3.16f	12.11.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.11.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.12.2006	no virus found
Kaspersky	4.0.2.24	12.12.2006	no virus found
McAfee	4916	12.11.2006	no virus found
Microsoft	1.1804	12.12.2006	no virus found
NOD32v2	1916	12.12.2006	no virus found
*Norman	5.80.02	12.12.2006	W32/Horst.gen14
Panda	9.0.0.4	12.12.2006	Suspicious file*
Prevx1	V2	12.12.2006	no virus found
*Sophos	4.12.0	12.10.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.131	12.10.2006	Trojan/Horst.gen*
UNA	1.83	12.11.2006	no virus found
*VBA32	3.11.1	12.11.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.11.2006	no virus found

Aditional Information
File size: 44032 bytes
MD5: 00f7223e0a5625557aae42fe2ca9fdc3
SHA1: ac7c9f84fb1ff171ccf189a1eb3e898dab785561
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Синауридзе Александр

Complete scanning result of "mailru.exe", received in VirusTotal at 12.12.2006, 19:04:12 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.15	12.12.2006	HEUR/Crypted
Authentium	4.93.8	12.11.2006	no virus found
Avast	4.7.892.0	12.12.2006	Win32:Small-DJC
AVG	386	12.12.2006	no virus found
BitDefender	7.2	12.12.2006	no virus found
CAT-QuickHeal	8.00	12.12.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.12.2006	no virus found
DrWeb	4.33	12.12.2006	no virus found
eSafe	7.0.14.0	12.11.2006	no virus found
eTrust-InoculateIT	23.73.83	12.12.2006	no virus found
eTrust-Vet	30.3.3246	12.12.2006	no virus found
Ewido	4.0	12.12.2006	Not-A-Virus.Hoax.Win32.Delf.g
Fortinet	2.82.0.0	12.12.2006	suspicious
F-Prot	3.16f	12.11.2006	no virus found
F-Prot4	4.2.1.29	12.11.2006	no virus found
Ikarus	T3.1.0.26	12.12.2006	
Kaspersky	4.0.2.24	12.12.2006	not-virus:Hoax.Win32.Delf.g
McAfee	4917	12.12.2006	no virus found
Microsoft	1.1804	12.12.2006	no virus found
*NOD32v2	1917	12.12.2006	no virus found*
Norman	5.80.02	12.12.2006	Suspicious_F.gen
Panda	9.0.0.4	12.12.2006	Suspicious file
Prevx1	V2	12.12.2006	no virus found
Sophos	4.12.0	12.10.2006	Mal/Packer
Sunbelt	2.2.907.0	11.30.2006	VIPRE.Suspicious
TheHacker	6.0.3.131	12.10.2006	no virus found
UNA	1.83	12.11.2006	Hoax.Win32.Delf.299D
VBA32	3.11.1	12.12.2006	no virus found
VirusBuster	4.3.15:9	12.12.2006	no virus found

Aditional Information
File size: 246433 bytes
MD5: 8814c56326a8c3a81532e8662027188b
SHA1: eadb08cc4517c31b6d50b4e965c3ee979b75a591
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## Синауридзе Александр

Complete scanning result of "screensaver.exe", received in VirusTotal at 12.12.2006, 21:13:17 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.15	12.12.2006	HEUR/Crypted
Authentium	4.93.8	12.11.2006	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
Avast	4.7.892.0	12.12.2006	Win32 :lol: dpinch-AH
AVG	386	12.12.2006	no virus found
BitDefender	7.2	12.12.2006	no virus found
CAT-QuickHeal	8.00	12.12.2006	no virus found
ClamAV	devel-20060426	12.12.2006	no virus found
DrWeb	4.33	12.12.2006	BACKDOOR.PWS.Trojan
eSafe	7.0.14.0	12.11.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.83	12.12.2006	no virus found
eTrust-Vet	30.3.3246	12.12.2006	no virus found
Ewido	4.0	12.12.2006	no virus found
Fortinet	2.82.0.0	12.12.2006	W32/LdPinch.BFE!tr.pws
F-Prot	3.16f	12.12.2006	Possibly a new variant of W32/Threat-HLLSI-based!Maximus
F-Prot4	4.2.1.29	12.12.2006	W32/CrazyCrunch-based!Maximus
Ikarus	T3.1.0.26	12.12.2006	Trojan-PSW.Win32.LdPinch
Kaspersky	4.0.2.24	12.12.2006	Trojan-PSW.Win32.LdPinch.bfe
McAfee	4917	12.12.2006	no virus found
Microsoft	1.1804	12.12.2006	no virus found
*NOD32v2	1918	12.12.2006	no virus found*
Norman	5.80.02	12.12.2006	no virus found
Panda	9.0.0.4	12.12.2006	Suspicious file
Prevx1	V2	12.12.2006	no virus found
Sophos	4.12.0	12.10.2006	no virus found
Sunbelt	2.2.907.0	11.30.2006	no virus found
TheHacker	6.0.3.131	12.10.2006	no virus found
UNA	1.83	12.11.2006	no virus found
VBA32	3.11.1	12.12.2006	MalwareScope.Trojan-PSW.PdPinch.5
VirusBuster	4.3.15:9	12.12.2006	no virus found

Aditional Information
File size: 14336 bytes
MD5: 90f100ef481774dca2be02004ee4967c
SHA1: 1f3d4f6340d62204c839d4fe5a0dc8352de26c8b
packers: ASPack
packers: ASPACK
packers: Aspack

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.12.2006, 22:26:24 (CET).


Antivirus	Version	Update	Result

AntiVir	7.3.0.15	12.12.2006	no virus found
*Authentium	4.93.8	12.12.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.12.2006	no virus found
AVG	386	12.12.2006	no virus found
BitDefender	7.2	12.12.2006	no virus found
*CAT-QuickHeal	8.00	12.12.2006	Trojan.Horst.qf
ClamAV	devel-20060426	12.12.2006	Trojan.Medbot-98*
DrWeb	4.33	12.12.2006	no virus found
*eSafe	7.0.14.0	12.11.2006	suspicious Trojan/Wor*m
eTrust-InoculateIT	23.73.83	12.12.2006	no virus found
*eTrust-Vet	30.3.3246	12.12.2006	Win32/Boxed!generic*
Ewido	4.0	12.12.2006	no virus found
Fortinet	2.82.0.0	12.12.2006	no virus found
*F-Prot	3.16f	12.12.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.12.2006	W32/Methodbod.gen2*
Ikarus	T3.1.0.26	12.12.2006	no virus found
Kaspersky	4.0.2.24	12.12.2006	no virus found
McAfee	4917	12.12.2006	no virus found
Microsoft	1.1804	12.12.2006	no virus found
*NOD32v2	1918	12.12.2006	a variant of Win32/Medbot.DR
Norman	5.80.02	12.12.2006	W32/Horst.gen14
Panda	9.0.0.4	12.12.2006	Suspicious file*
Prevx1	V2	12.12.2006	no virus found
*Sophos	4.12.0	12.10.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.131	12.10.2006	Trojan/Horst.gen*
UNA	1.83	12.11.2006	no virus found
*VBA32	3.11.1	12.12.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.15:9	12.12.2006	no virus found

Aditional Information
File size: 44032 bytes
MD5: 9eacd652327bf4f17d4f8e0e50367233
SHA1: 65e11afc63521d61e2973bbe33120bca2359e07a
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## drongo

STATUS: FINISHED
Complete scanning result of "server.exe", received in VirusTotal at 12.13.2006, 17:13:13 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.15 12.13.2006 HEUR/Crypted
Authentium 4.93.8 12.12.2006 no virus found
Avast 4.7.892.0 12.13.2006 no virus found
AVG 386 12.13.2006 no virus found
BitDefender 7.2 12.13.2006 no virus found
CAT-QuickHeal 8.00 12.13.2006 no virus found
ClamAV devel-20060426 12.13.2006 no virus found
DrWeb 4.33 12.13.2006 no virus found
eSafe 7.0.14.0 12.13.2006 no virus found
eTrust-InoculateIT 23.73.84 12.13.2006 no virus found
eTrust-Vet 30.3.3248 12.13.2006 no virus found
Ewido 4.0 12.13.2006 no virus found
Fortinet 2.82.0.0 12.13.2006 suspicious
F-Prot 3.16f 12.12.2006 no virus found
F-Prot4 4.2.1.29 12.12.2006 no virus found
Ikarus T3.1.0.26 12.13.2006 no virus found
Kaspersky 4.0.2.24 12.13.2006 no virus found
McAfee 4917 12.12.2006 New Win32.g2
Microsoft 1.1804 12.13.2006 no virus found
NOD32v2 1919 12.13.2006 no virus found
Norman 5.80.02 12.13.2006 no virus found
Panda 9.0.0.4 12.13.2006 no virus found
Prevx1 V2 12.13.2006 Backdoor.Optix
Sophos 4.12.0 12.13.2006 no virus found
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.131 12.10.2006 no virus found
UNA 1.83 12.13.2006 no virus found
VBA32 3.11.1 12.12.2006 suspected of Trojan-PSW.LdPinch.36 (paranoid heuristics)
VirusBuster 4.3.15:9 12.13.2006 no virus found

P.s.
Файл сохранён как Kaspersky Keys Working_45802bec1f784.rar
Размер файла 1218470
MD5 3c7bdb437df990ef3ee3a45838e4b98e

----------


## saicat

Complete scanning result of "chkdsk.exe", received in VirusTotal at 12.15.2006, 11:41:02 (CET).

Antivirus	Version	Update	Result
*AntiVir	7.3.0.15	12.15.2006	no virus found*
Authentium	4.93.8	12.14.2006	no virus found
Avast	4.7.892.0	12.14.2006	Win32 :Stick Out Tongue: urityscan-Q
AVG	386	12.15.2006	no virus found
BitDefender	7.2	12.15.2006	no virus found
CAT-QuickHeal	8.00	12.14.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.15.2006	no virus found
*DrWeb	4.33	12.15.2006	no virus found*
eSafe	7.0.14.0	12.14.2006	Suspicious Trojan/Worm
eTrust-InoculateIT	23.73.86	12.15.2006	no virus found
eTrust-Vet	30.3.3252	12.15.2006	no virus found
Ewido	4.0	12.15.2006	no virus found
Fortinet	2.82.0.0	12.15.2006	no virus found
F-Prot	3.16f	12.14.2006	no virus found
F-Prot4	4.2.1.29	12.14.2006	no virus found
Ikarus	T3.1.0.26	12.15.2006	no virus found
*Kaspersky	4.0.2.24	12.15.2006	no virus found*
McAfee	4919	12.14.2006	no virus found
Microsoft	1.1804	12.15.2006	no virus found
NOD32v2	1922	12.14.2006	a variant of Win32/TrojanDownloader.PurityScan
Norman	5.80.02	12.14.2006	no virus found
Panda	9.0.0.4	12.15.2006	Suspicious file
Prevx1	V2	12.15.2006	Spyware.Midaddle
Sophos	4.12.0	12.14.2006	ClickSpring
Sunbelt	2.2.907.0	11.30.2006	VIPRE.Suspicious
TheHacker	6.0.3.132	12.14.2006	no virus found
UNA	1.83	12.14.2006	no virus found
VBA32	3.11.1	12.14.2006	suspected of Backdoor.Rbot.2
VirusBuster	4.3.19:9	12.14.2006	no virus found

----------


## Winsent

Complete scanning result of "WM_Keeper.exe", received in VirusTotal at 12.15.2006, 18:49:25 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.19	12.15.2006	W32/Bizex.A.DLL
Authentium	4.93.8	12.14.2006	Possibly a new variant of W32/Threat-SysAdderSml-based!Maximus
Avast	4.7.892.0	12.15.2006	Win32:Trojano-1511*
AVG	386	12.15.2006	no virus found
*BitDefender	7.2	12.15.2006	Generic.PWStealer.C89D5ED6
CAT-QuickHeal	8.00	12.15.2006	(Suspicious) - DNAScan*
ClamAV	devel-20060426	12.15.2006	no virus found
*DrWeb	4.33	12.15.2006	Trojan.PWS.M2.20
eSafe	7.0.14.0	12.14.2006	suspicious Trojan/Wor*m
eTrust-InoculateIT	23.73.86	12.15.2006	no virus found
eTrust-Vet	30.3.3252	12.15.2006	no virus found
*Ewido	4.0	12.15.2006	Downloader.Small.ckp
Fortinet	2.82.0.0	12.15.2006	suspicious
F-Prot	3.16f	12.14.2006	Possibly a new variant of W32/Threat-SysAdderSml-based!Maximus*
*F-Prot4	4.2.1.29	12.14.2006	W32/Threat-SysAdderSml-based!Maximus
Ikarus	T3.1.0.26	12.15.2006	Trojan-PSW.Win32.M2.20.a*
Kaspersky	4.0.2.24	12.15.2006	no virus found
*McAfee	4920	12.15.2006	New BackDoor1*
Microsoft	1.1804	12.15.2006	no virus found
*NOD32v2	1924	12.15.2006	probably unknown NewHeur_PE* virus
Norman	5.80.02	12.15.2006	no virus found
*Panda	9.0.0.4	12.15.2006	Suspicious file*
Prevx1	V2	12.15.2006	no virus found
*Sophos	4.12.0	12.14.2006	Troj/RKProc-Fam
Sunbelt	2.2.907.0	11.30.2006	VIPRE.Suspicious*
TheHacker	6.0.3.132	12.14.2006	no virus found
UNA	1.83	12.15.2006	no virus found
*VBA32	3.11.1	12.14.2006	suspected of Trojan-Downloader.VB.18*
VirusBuster	4.3.19:9	12.15.2006	no virus found

Aditional Information
File size: 60178 bytes
MD5: 152a7495ff2d86fbe0b56c887abd4cc0
SHA1: 97adbb8f2d8efe4233b176397f2eadd7d1ad4526
packers: UPX
packers: UPX
packers: UPX
packers: UPX
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.15.2006, 20:43:51 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.19	12.15.2006	TR/Proxy.Horst.Gen
Authentium	4.93.8	12.15.2006	W32/Methodbod.gen2*
Avast	4.7.892.0	12.15.2006	no virus found
AVG	386	12.15.2006	no virus found
*BitDefender	7.2	12.15.2006	DeepScan:Generic.Horst.A3A0D00F*
CAT-QuickHeal	8.00	12.15.2006	no virus found
*ClamAV	devel-20060426	12.15.2006	Trojan.Medbot-98*
DrWeb	4.33	12.15.2006	no virus found
*eSafe	7.0.14.0	12.14.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.86	12.15.2006	no virus found
*eTrust-Vet	30.3.3252	12.15.2006	Win32/Boxed!generic*
Ewido	4.0	12.15.2006	no virus found
Fortinet	2.82.0.0	12.15.2006	no virus found
*F-Prot	3.16f	12.15.2006	W32/Methodbod.gen2
F-Prot4	4.2.1.29	12.14.2006	W32/Methodbod.gen2
Ikarus	T3.1.0.26	12.15.2006	Trojan-Proxy.Win32.Horst.py*
Kaspersky	4.0.2.24	12.15.2006	no virus found
*McAfee	4920	12.15.2006	BackDoor-CMQ.gen*
Microsoft	1.1804	12.15.2006	no virus found
NOD32v2	1924	12.15.2006	no virus found
*Norman	5.80.02	12.15.2006	W32/Horst.gen14
Panda	9.0.0.4	12.15.2006	Suspicious file
Sophos	4.12.0	12.14.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	11.30.2006	no virus found
*TheHacker	6.0.3.132	12.14.2006	Trojan/Horst.gen
UNA	1.83	12.15.2006	I-Worm.Warezov.ex
VBA32	3.11.1	12.14.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.19:9	12.15.2006	no virus found

Aditional Information
File size: 42496 bytes
MD5: 0e899957e8f650914e2a19ef53426e55
SHA1: 22bc6ca7ffd47d9618e110bc705c9e6b1cca998e
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## WaterFish

*Winsent*
Ну вроде с Medbot'ом всё ясно, так же как и со zlob'ом
Не хотят его некоторые аналитики отслеживать, есть, наверное,у них мотивы или проблемы. :Smiley:

----------


## kvit

VirusTotal at 12.18.2006, 14:01:00 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.19 12.18.2006  no virus found
Authentium 4.93.8 12.15.2006  no virus found
Avast 4.7.892.0 12.16.2006  no virus found
AVG 386 12.17.2006  no virus found
*BitDefender 7.2 12.18.2006 Dropped:Generic.Malware.SD.9AEF6365*
CAT-QuickHeal 8.00 12.17.2006  no virus found
ClamAV devel-20060426 12.18.2006  no virus found
*DrWeb 4.33 12.18.2006 Win32.HLLW.Grizzlie*
*eSafe 7.0.14.0 12.17.2006 suspicious Trojan/Worm*
eTrust-InoculateIT 23.73.88 12.18.2006  no virus found
eTrust-Vet 30.3.3254 12.15.2006  no virus found
Ewido 4.0 12.18.2006  no virus found
Fortinet 2.82.0.0 12.18.2006  no virus found
F-Prot 3.16f 12.15.2006  no virus found
F-Prot4 4.2.1.29 12.15.2006  no virus found
Ikarus T3.1.0.27 12.18.2006  no virus found
*Kaspersky 4.0.2.24 12.18.2006 Worm.Win32.RussoTuristo.b*
McAfee 4920 12.15.2006  no virus found
Microsoft 1.1804 12.15.2006  no virus found
NOD32v2 1925 12.18.2006  no virus found
*Norman 5.80.02 12.18.2006 W32/NetworkWorm*
*Panda 9.0.0.4 12.17.2006 W32/BlackHole.AM.worm*
Prevx1 V2 12.18.2006  no virus found
Sophos 4.12.0 12.18.2006  no virus found
Sunbelt 2.2.907.0 11.30.2006  no virus found
TheHacker 6.0.3.134 12.18.2006  no virus found
UNA 1.83 12.15.2006  no virus found
VBA32 3.11.1 12.18.2006  no virus found
*VirusBuster 4.3.19:9 12.17.2006 Worm.RussoTuristo.A*


Aditional Information
File size: 53326 bytes
MD5: 7e1b628897f8e03a035266dad1f13ebe
SHA1: 5ac15a78826a31ca4dfbde670eddc090b0747cb7
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 53326 bytes.

[ Changes to filesystem ]
* Creates file N:.._____ _____.exe.

[ Spreading through LAN/WAN ]
* Worm spreading over a network connection.

----------


## Kuzz

Complete scanning result of "vbsys2._dll", received in VirusTotal at 12.18.2006, 14:58:12 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.19	12.18.2006	no virus found
Authentium	4.93.8	12.15.2006	no virus found
Avast	4.7.892.0	12.16.2006	no virus found
AVG	386	12.17.2006	no virus found
BitDefender	7.2	12.18.2006	no virus found
CAT-QuickHeal	8.00	12.17.2006	no virus found
ClamAV	devel-20060426	12.18.2006	no virus found
DrWeb	4.33	12.18.2006	no virus found
eSafe	7.0.14.0	12.17.2006	no virus found
eTrust-InoculateIT	23.73.88	12.18.2006	no virus found
* eTrust-Vet	30.3.3254	12.15.2006	Win32/Pomelo!generic* 
Ewido	4.0	12.18.2006	no virus found
Fortinet	2.82.0.0	12.18.2006	no virus found
F-Prot	3.16f	12.15.2006	no virus found
F-Prot4	4.2.1.29	12.15.2006	no virus found
*Ikarus	T3.1.0.27	12.18.2006	Trojan-Clicker.Win32.Agent.ac* 
*Kaspersky	4.0.2.24	12.18.2006	Trojan-Clicker.Win32.Agent.ac* 
McAfee	4920	12.15.2006	no virus found
Microsoft	1.1804	12.15.2006	no virus found
NOD32v2	1925	12.18.2006	no virus found
Norman	5.80.02	12.18.2006	no virus found
*Panda	9.0.0.4	12.17.2006	Suspicious file* 
Prevx1	V2	12.18.2006	no virus found
Sophos	4.12.0	12.18.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.134	12.18.2006	no virus found
UNA	1.83	12.15.2006	no virus found
* VBA32	3.11.1	12.18.2006	suspected of Malware.Agent.19* 
VirusBuster	4.3.19:9	12.18.2006	no virus found

Aditional Information
File size: 90112 bytes
MD5: 66f53ba90bcc3e43a323317711ae48b9
SHA1: 95893014ea2dfa3c09817be8a3aa5ce0c1fdc477

----------


## Kuzz

* AntiVir	7.3.0.19	12.18.2006	TR/LipGame.BM.1*  
Authentium	4.93.8	12.15.2006	no virus found
* Avast	4.7.892.0	12.16.2006	Win32: Lipgame* 
* AVG	386	12.18.2006	Generic2.MCB* 
BitDefender	7.2	12.18.2006	no virus found
CAT-QuickHeal	8.00	12.17.2006	no virus found
* ClamAV	devel-20060426	12.18.2006	Dialer-741* 
DrWeb	4.33	12.18.2006	no virus found
eSafe	7.0.14.0	12.17.2006	no virus found
eTrust-InoculateIT	23.73.88	12.18.2006	no virus found
eTrust-Vet	30.3.3254	12.15.2006	no virus found
Ewido	4.0	12.18.2006	no virus found
* Fortinet	2.82.0.0	12.18.2006	W32/LipGame.BM!tr* 
F-Prot	3.16f	12.15.2006	no virus found
F-Prot4	4.2.1.29	12.15.2006	no virus found
Ikarus	T3.1.0.27	12.18.2006	no virus found
* Kaspersky	4.0.2.24	12.18.2006	Trojan.Win32.LipGame.bm* 
McAfee	4920	12.15.2006	no virus found
Microsoft	1.1804	12.15.2006	no virus found
* NOD32v2	1925	12.18.2006	Win32/LipGame* 
Norman	5.80.02	12.18.2006	no virus found
Panda	9.0.0.4	12.17.2006	no virus found
Prevx1	V2	12.18.2006	no virus found
Sophos	4.12.0	12.18.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.134	12.18.2006	no virus found
UNA	1.83	12.15.2006	no virus found
* VBA32	3.11.1	12.18.2006	suspected of Malware.Agent.19* 
VirusBuster	4.3.19:9	12.18.2006	no virus found

Aditional Information
File size: 53248 bytes
MD5: afc46df47e398d0b0bc4acdbd4ef94d4
SHA1: bd6df84399f0ff74a291c552b3bdcd4ba5d3b38f

----------


## saicat

Complete scanning result of "Telekom-Rechnung.pdf.exe", received in VirusTotal at 12.19.2006, 21:24:50 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.19	12.19.2006	TR/Dldr.EbayBill.L
Authentium	4.93.8	12.19.2006	W32/Downloader.gen2
Avast	4.7.892.0	12.19.2006	Win32:Nurech
AVG	386	12.19.2006	Downloader.Generic2.TTV
BitDefender	7.2	12.19.2006	Trojan.Downloader.Nurech.G
*CAT-QuickHeal	8.00	12.19.2006	no virus found*
ClamAV	devel-20060426	12.19.2006	Trojan.Small-373
*DrWeb	4.33	12.19.2006	no virus found*
*eSafe	7.0.14.0	12.19.2006	no virus found*
eTrust-InoculateIT	23.73.89	12.19.2006	Win32/SillyDL.3ev!Trojan
eTrust-Vet	30.3.3262	12.19.2006	Win32/DlWreck.AW
Ewido	4.0	12.19.2006	Downloader.Nurech.g
Fortinet	2.82.0.0	12.19.2006	W32/Yabe.W!tr.dldr
F-Prot	3.16f	12.15.2006	W32/Downloader.gen2
F-Prot4	4.2.1.29	12.19.2006	W32/Downloader.gen2
Ikarus	T3.1.0.27	12.19.2006	Trojan-Downloader.Win32.Nurech.g
Kaspersky	4.0.2.24	12.19.2006	Trojan-Downloader.Win32.Nurech.g
McAfee	4922	12.19.2006	Downloader-AAP
Microsoft	1.1904	12.19.2006	TrojanDownloader:Win32/Agent.ET
NOD32v2	1928	12.19.2006	Win32/TrojanDownloader.Agent.UF
Norman	5.80.02	12.19.2006	W32/DLoader.BCTW
Panda	9.0.0.4	12.19.2006	Trj/Cimuz.BE
*Prevx1	V2	12.19.2006	no virus found*
Sophos	4.12.0	12.18.2006	Troj/Clagger-AG
*Sunbelt	2.2.907.0	12.18.2006	no virus found*
TheHacker	6.0.3.134	12.18.2006	Trojan/Downloader.Nurech.g
UNA	1.83	12.19.2006	TrojanDownloader.Win32.Nurech.C43F
VBA32	3.11.1	12.19.2006	Trojan-Downloader.Win32.Nurech.g
VirusBuster	4.3.19:9	12.19.2006	Trojan.DL.Nurech.H

Вот так облажался DrWeb... Этого старого трояна, который сегодня снова был массово разослан по Германии, скоро, думаю, даже "антивирус Калинина" будет детектить...  :Cheesy:

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.20.2006, 17:11:52 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.19	12.20.2006	TR/Proxy.Horst.Gen*
Authentium	4.93.8	12.20.2006	no virus found
Avast	4.7.892.0	12.20.2006	no virus found
AVG	386	12.19.2006	no virus found
*BitDefender	7.2	12.20.2006	DeepScan:Generic.Horst.86744D0E*
CAT-QuickHeal	8.00	12.20.2006	no virus found
ClamAV	devel-20060426	12.20.2006	no virus found
DrWeb	4.33	12.20.2006	no virus found
*eSafe	7.0.14.0	12.19.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.91	12.20.2006	no virus found
eTrust-Vet	30.3.3264	12.20.2006	no virus found
Ewido	4.0	12.20.2006	no virus found
Fortinet	2.82.0.0	12.20.2006	no virus found
F-Prot	3.16f	12.20.2006	no virus found
F-Prot4	4.2.1.29	12.20.2006	no virus found
Ikarus	T3.1.0.27	12.20.2006	no virus found
*Kaspersky	4.0.2.24	12.20.2006	Trojan-Proxy.Win32.Horst.te
McAfee	4922	12.19.2006	BackDoor-CMQ.gen*
Microsoft	1.1904	12.20.2006	no virus found
NOD32v2	1931	12.20.2006	no virus found
*Norman	5.80.02	12.20.2006	W32/Malware
Panda	9.0.0.4	12.19.2006	Suspicious file*
Prevx1	V2	12.20.2006	no virus found
*Sophos	4.12.0	12.18.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.135	12.20.2006	no virus found
UNA	1.83	12.19.2006	no virus found
*VBA32	3.11.1	12.20.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.19:9	12.20.2006	no virus found

Aditional Information
File size: 49664 bytes
MD5: 7653755c2c370f2f9e8ec0b59d7de106
SHA1: 9ea051fa7c8dfcd7163afd3b2a2da4d229a03c6a
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 49664 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

----------


## Winsent

Complete scanning result of "output.exe", received in VirusTotal at 12.20.2006, 22:09:52 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.19	12.20.2006	DR/Delphi.Gen*
Authentium	4.93.8	12.20.2006	no virus found
Avast	4.7.892.0	12.20.2006	no virus found
AVG	386	12.20.2006	no virus found
BitDefender	7.2	12.20.2006	no virus found
*CAT-QuickHeal	8.00	12.20.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.20.2006	Trojan.Delf-293*
DrWeb	4.33	12.20.2006	no virus found
*eSafe	7.0.14.0	12.19.2006	Suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.91	12.20.2006	no virus found
eTrust-Vet	30.3.3264	12.20.2006	no virus found
Ewido	4.0	12.20.2006	no virus found
*Fortinet	2.82.0.0	12.20.2006	suspicious*
F-Prot	3.16f	12.20.2006	no virus found
F-Prot4	4.2.1.29	12.20.2006	no virus found
Ikarus	T3.1.0.27	12.20.2006	no virus found
Kaspersky	4.0.2.24	12.20.2006	no virus found
McAfee	4923	12.20.2006	no virus found
Microsoft	1.1904	12.20.2006	no virus found
NOD32v2	1931	12.20.2006	no virus found
*Norman	5.80.02	12.20.2006	Suspicious_F.gen
Panda	9.0.0.4	12.20.2006	Suspicious file*
Prevx1	V2	12.20.2006	no virus found
*Sophos	4.12.0	12.18.2006	Troj/Deldo-Gen
Sunbelt	2.2.907.0	12.18.2006	VIPRE.Suspicious*
TheHacker	6.0.3.135	12.20.2006	no virus found
UNA	1.83	12.20.2006	no virus found
*VBA32	3.11.1	12.20.2006	MalwareScope.Trojan-Spy.BZub.1
VirusBuster	4.3.19:9	12.20.2006	novirusacked/FSG*

Aditional Information
File size: 41498 bytes
MD5: 3426e99aad0ea528feb8d2bd55684930
SHA1: 7a7298c15d0f97d993f504cb1624d9dd7295153b
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## saicat

Только что пришло почтой:

Complete scanning result of "msg.ApKpfw", received in VirusTotal at 12.21.2006, 14:40:03 (CET).
Antivirus	Version	Update	Result
*AntiVir	7.3.0.19	12.21.2006	no virus found*
Authentium	4.93.8	12.21.2006	W32/Downloader.gen10
Avast	4.7.892.0	12.21.2006	Win32:Small-CFJ
AVG	386	12.20.2006	no virus found
BitDefender	7.2	12.21.2006	no virus found
CAT-QuickHeal	8.00	12.20.2006	no virus found
ClamAV	devel-20060426	12.21.2006	no virus found
*DrWeb	4.33	12.21.2006	no virus found*
eSafe	7.0.14.0	12.19.2006	no virus found
eTrust-InoculateIT	23.73.93	12.21.2006	no virus found
eTrust-Vet	30.3.3268	12.21.2006	no virus found
Ewido	4.0	12.21.2006	no virus found
Fortinet	2.82.0.0	12.21.2006	suspicious
F-Prot	3.16f	12.21.2006	W32/Downloader.gen10
F-Prot4	4.2.1.29	12.21.2006	W32/Downloader.gen10
Ikarus	T3.1.0.27	12.21.2006	no virus found
*Kaspersky	4.0.2.24	12.21.2006	no virus found*
McAfee	4923	12.20.2006	no virus found
Microsoft	1.1904	12.21.2006	no virus found
*NOD32v2	1932	12.20.2006	no virus found*
Norman	5.80.02	12.20.2006	Suspicious_F.gen
Panda	9.0.0.4	12.21.2006	Suspicious file
Prevx1	V2	12.21.2006	no virus found
Sophos	4.12.0	12.21.2006	Mal/Packer
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.135	12.20.2006	no virus found
UNA	1.83	12.20.2006	no virus found
VBA32	3.11.1	12.20.2006	suspected of Downloader.Harnig.39
VirusBuster	4.3.19:9	12.21.2006	novirus :Stick Out Tongue: acked/FSG

Aditional Information
File size: 10645 bytes
MD5: c0b6b8d350f718b63afdb9c329d754d2
SHA1: 3b1f7f0f16319fcb4ba8b55ec162fe6a3a858200
packers: FSG
packers: FSG
packers: FSG

----------


## Winsent

Complete scanning result of "document1_zip_sfx.exe", received in VirusTotal at 12.21.2006, 17:58:13 (CET).


Antivirus	Version	Update	Result

AntiVir	7.3.0.19	12.21.2006	no virus found
Authentium	4.93.8	12.21.2006	no virus found
*Avast	4.7.892.0	12.21.2006	Win32elf-CAT*
AVG	386	12.20.2006	no virus found
BitDefender	7.2	12.21.2006	no virus found
*CAT-QuickHeal	8.00	12.21.2006	(Suspicious) - DNAScan*
ClamAV	devel-20060426	12.21.2006	no virus found
DrWeb	4.33	12.21.2006	no virus found
eSafe	7.0.14.0	12.21.2006	no virus found
eTrust-InoculateIT	23.73.93	12.21.2006	no virus found
eTrust-Vet	30.3.3268	12.21.2006	no virus found
Ewido	4.0	12.21.2006	no virus found
Fortinet	2.82.0.0	12.21.2006	no virus found
F-Prot	3.16f	12.21.2006	no virus found
F-Prot4	4.2.1.29	12.21.2006	no virus found
*Ikarus	T3.1.0.27	12.21.2006	Trojan-PSW.Win32.LdPinch.FI*
Kaspersky	4.0.2.24	12.21.2006	no virus found
McAfee	4923	12.20.2006	no virus found
Microsoft	1.1904	12.21.2006	no virus found
NOD32v2	1933	12.21.2006	no virus found
Norman	5.80.02	12.21.2006	no virus found
*Panda	9.0.0.4	12.21.2006	Suspicious file*
Prevx1	V2	12.21.2006	no virus found
Sophos	4.12.0	12.21.2006	no virus found
*Sunbelt	2.2.907.0	12.18.2006	VIPRE.Suspicious*
TheHacker	6.0.3.135	12.20.2006	no virus found
UNA	1.83	12.20.2006	no virus found
*VBA32	3.11.1	12.20.2006	MalwareScope.Trojan-PSW.Pinch.2*
VirusBuster	4.3.19:9	12.21.2006	no virus found

Aditional Information
File size: 49519 bytes
MD5: 052bb19f357ef961b89f0cae3ff61b22
SHA1: 91d2b1f347520af1afa90084b211d136f924c669
packers: UPX
packers: PECRYPT, UPX, BINARYRES
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.


Оказался совсем и не Pinch, а *Net-Worm.Win32.Agent.b* по KAV

----------


## DoSTR

Complete scanning result of "DSC_03546.exe", received in VirusTotal at 12.22.2006, 14:22:24 (CET).

_Antivirus	Version	Update	Result_

AntiVir	7.3.0.21	12.22.2006	TR/PSW.PdPinch.L.68
Authentium	4.93.8	12.22.2006	no virus found
Avast	4.7.892.0	12.21.2006	no virus found
AVG	386	12.21.2006	no virus found
BitDefender	7.2	12.22.2006	MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal	8.00	12.21.2006	no virus found
ClamAV	devel-20060426	12.21.2006	no virus found
DrWeb	4.33	12.22.2006	Trojan.MulDrop.4906
eSafe	7.0.14.0	12.21.2006	no virus found
eTrust-InoculateIT	23.73.95	12.22.2006	no virus found
eTrust-Vet	30.3.3269	12.22.2006	no virus found
Ewido	4.0	12.22.2006	no virus found
Fortinet	2.82.0.0	12.22.2006	no virus found
F-Prot	3.16f	12.21.2006	no virus found
F-Prot4	4.2.1.29	12.21.2006	no virus found
Ikarus	T3.1.0.27	12.22.2006	no virus found
Kaspersky	4.0.2.24	12.22.2006	Trojan-PSW.Win32.LdPinch.bhg
McAfee	4924	12.21.2006	no virus found
Microsoft	1.1904	12.22.2006	no virus found
NOD32v2	1934	12.21.2006	a variant of Win32/PSW.LdPinch.NCB
Norman	5.80.02	12.22.2006	W32/EMailWorm.AR
Panda	9.0.0.4	12.22.2006	Suspicious file
Prevx1	V2	12.22.2006	no virus found
Sophos	4.12.0	12.22.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.135	12.20.2006	no virus found
UNA	1.83	12.21.2006	no virus found
VBA32	3.11.1	12.21.2006	no virus found
VirusBuster	4.3.19:9	12.21.2006	no virus found

Aditional Information
File size: 135542 bytes
MD5: d7f8adcf172a47399f9b174fdc3b9a07
SHA1: d368ce2e8ed5a91bd8219d44270ca5cd86bb6c1f

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Синауридзе Александр

Complete scanning result of "sp_m2_v127_333.exe", received in VirusTotal at 12.22.2006, 23:01:43 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.21	12.22.2006	TR/Spambot.BXE
Authentium	4.93.8	12.22.2006	no virus found
Avast	4.7.892.0	12.21.2006	no virus found
AVG	386	12.22.2006	Proxy.JBD
BitDefender	7.2	12.22.2006	Trojan.Spambot.BXE
CAT-QuickHeal	8.00	12.22.2006	TrojanProxy.Dlena.bd
ClamAV	devel-20060426	12.22.2006	no virus found
DrWeb	4.33	12.22.2006	no virus found
eSafe	7.0.14.0	12.21.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.95	12.22.2006	no virus found
eTrust-Vet	30.3.3269	12.22.2006	no virus found
Ewido	4.0	12.22.2006	Proxy.Dlena.bd
Fortinet	2.82.0.0	12.22.2006	no virus found
F-Prot	3.16f	12.22.2006	no virus found
F-Prot4	4.2.1.29	12.21.2006	no virus found
Ikarus	T3.1.0.27	12.22.2006	Trojan.Spambot.BXE
Kaspersky	4.0.2.24	12.22.2006	Trojan-Proxy.Win32.Dlena.bd
McAfee	4925	12.22.2006	no virus found
Microsoft	1.1904	12.22.2006	no virus found
*NOD32v2	1935	12.22.2006	no virus found*
Norman	5.80.02	12.22.2006	no virus found
Panda	9.0.0.4	12.22.2006	no virus found
Prevx1	V2	12.22.2006	Trojan.RPCC.Payload
Sophos	4.12.0	12.22.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.135	12.20.2006	Trojan/Proxy.Dlena.bd
UNA	1.83	12.22.2006	TrojanProxy.Win32.Dlena.2A57
VBA32	3.11.1	12.22.2006	no virus found
VirusBuster	4.3.19:9	12.22.2006	no virus found

Aditional Information
File size: 30720 bytes
MD5: a178ae2b44868723792f80452414ce6c
SHA1: 07cc219c6bc321e115e597449f0eb78dc5e98b76
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=a0b863369501

----------


## HATTIFNATTOR

Complete scanning result of "postcard4.zip", received in VirusTotal at 12.25.2006, 13:07:03 (CET).


Antivirus Version Update Result 
AntiVir 7.3.0.21 12.24.2006 TR/Dldr.Stration.Gen 
Authentium 4.93.8 12.22.2006 W32/Warezov.gen3!W32DL 
Avast 4.7.892.0 12.21.2006  no virus found 
AVG 386 12.25.2006 Downloader.Generic3.EAT 
BitDefender 7.2 12.25.2006 Generic.Malware.dld!!.FDC38EE1 
CAT-QuickHeal 8.00 12.23.2006  no virus found 
ClamAV devel-20060426 12.25.2006 Trojan.Downloader-326 
DrWeb 4.33 12.25.2006 DLOADER.Trojan 
eSafe 7.0.14.0 12.24.2006  no virus found 
eTrust-InoculateIT 23.73.98 12.24.2006  no virus found 
eTrust-Vet 30.3.3271 12.23.2006  no virus found 
Ewido 4.0 12.25.2006  no virus found 
Fortinet 2.82.0.0 12.25.2006  no virus found 
F-Prot 3.16f 12.22.2006 W32/Warezov.gen3!W32DL 
F-Prot4 4.2.1.29 12.22.2006 W32/Warezov.gen3!W32DL 
Ikarus T3.1.0.27 12.25.2006 Win32.Outbreak 
Kaspersky 4.0.2.24 12.25.2006 Trojan-Downloader.Win32.Small.edn 
McAfee 4925 12.22.2006  no virus found 
Microsoft 1.1904 12.25.2006  no virus found 
NOD32v2 1938 12.25.2006 Win32/TrojanDownloader.Small.EDN 
Norman 5.80.02 12.22.2006 W32/Downloader 
Panda 9.0.0.4 12.24.2006 Suspicious file 
Prevx1 V2 12.25.2006  no virus found 
Sophos 4.12.0 12.24.2006  no virus found 
Sunbelt 2.2.907.0 12.18.2006  no virus found 
TheHacker 6.0.3.136 12.24.2006  no virus found 
UNA 1.83 12.22.2006  no virus found 
VBA32 3.11.1 12.25.2006 suspected of Win32.Trojan.Downloader (http://...) 
VirusBuster 4.3.19:9 12.25.2006 no virus found 


Aditional Information 
File size: 1401 bytes 
MD5: 8e87e3a0a92210a5aecbc8aec70a79f3 
SHA1: a08fd3506dae5ae8df4b903ef5ab3595814283bd 
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* File length: 3588 bytes.

[ Changes to filesystem ]
* Creates file C:WINDOWSmodule.exe.

[ Network services ]
* Opens URL: hххp://www6.easeruikingandefunjs.com/chr/893/nt.exe.

[ Security issues ]
* Starting downloaded file - potential security problem.





Complete scanning result of "nt.exe", received in VirusTotal at 12.25.2006, 13:10:33 (CET).

Antivirus Version Update Result 
AntiVir 7.3.0.21 12.24.2006 Worm/Stration.C 
Authentium 4.93.8 12.22.2006 W32/Warezov.gen4 
Avast 4.7.892.0 12.21.2006  no virus found 
AVG 386 12.25.2006 I-Worm/Stration.BMS 
BitDefender 7.2 12.25.2006 DeepScan:Generic.Malware.SFign!.59DD4136 
CAT-QuickHeal 8.00 12.23.2006  no virus found 
ClamAV devel-20060426 12.25.2006 Worm.Stration.WR 
DrWeb 4.33 12.25.2006  no virus found 
eSafe 7.0.14.0 12.24.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.98 12.24.2006 Win32/Stration.Variant!Worm 
eTrust-Vet 30.3.3271 12.23.2006 Win32/Stration!generic 
Ewido 4.0 12.25.2006  no virus found 
Fortinet 2.82.0.0 12.25.2006 W32/[email protected] 
F-Prot 3.16f 12.22.2006 W32/Warezov.gen4 
F-Prot4 4.2.1.29 12.22.2006 W32/Warezov.gen4 
Ikarus T3.1.0.27 12.25.2006  no virus found 
Kaspersky 4.0.2.24 12.25.2006 Email-Worm.Win32.Warezov.fh 
McAfee 4925 12.22.2006  no virus found 
Microsoft 1.1904 12.25.2006 Win32/Stration.gen!dr 
NOD32v2 1938 12.25.2006 Win32/Stration.UF 
Norman 5.80.02 12.22.2006 W32/Malware 
Panda 9.0.0.4 12.24.2006  no virus found 
Prevx1 V2 12.25.2006 Win32.Malware.gen 
Sophos 4.12.0 12.24.2006 W32/Strati-Gen 
Sunbelt 2.2.907.0 12.18.2006  no virus found 
TheHacker 6.0.3.136 12.24.2006 W32/Warezov.hb 
UNA 1.83 12.22.2006  no virus found 
VBA32 3.11.1 12.25.2006 MalwareScope.Worm.Warezov.1 
VirusBuster 4.3.19:9 12.25.2006 no virus found 


Aditional Information 
File size: 89088 bytes 
MD5: 5f7a2d9bc74fa5ad8727dc65572581e5 
SHA1: f7ed50ce05b6ca252cb8a17f58671277d070078b 
packers: UPX 
packers: UPX 
packers: UPX 
packers: UPX, embedded 
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 89088 bytes.

[ Changes to filesystem ]
* Creates file C:WINDOWSwqpd32.exe.
* Creates file C:WINDOWSwqpd32.dat.
* Creates file C:WINDOWSSYSTEM32e1.dll.

[ Changes to registry ]
* Creates value "wqpd32"="C:WINDOWSwqpd32.exe s" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun  ".

[ Process/window information ]
* Will automatically restart after boot (I'll be back...).
* Enumerates running processes.
* Modifies other process memory.
* Creates a remote thread.


Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=c4ad65554348

----------


## ISO

Complete scanning result of "win32update.exe", received in VirusTotal at 12.27.2006, 09:04:22 (CET).
Antivirus	Version	Update	Result
AntiVir	7.3.0.21	12.27.2006	TR/Proxy.Agent.HD.18
Authentium	4.93.8	12.22.2006	no virus found
Avast	4.7.892.0	12.21.2006	Win32:Agent-DCJ
AVG	386	12.26.2006	Proxy.CEA
BitDefender	7.2	12.27.2006	Trojan.Proxy.Agent.ED
CAT-QuickHeal	8.00	12.26.2006	no virus found
ClamAV	devel-20060426	12.26.2006	no virus found
DrWeb	4.33	12.27.2006	Trojan.Proxy.870
eSafe	7.0.14.0	12.26.2006	no virus found
eTrust-InoculateIT	23.73.99	12.27.2006	no virus found
eTrust-Vet	30.3.3271	12.23.2006	Win32/SillyProxy.AV
Ewido	4.0	12.26.2006	Proxy.Agent.hd
Fortinet	2.82.0.0	12.27.2006	W32/Agent.HD!tr
F-Prot	3.16f	12.22.2006	no virus found
F-Prot4	4.2.1.29	12.22.2006	generic
Ikarus	T3.1.0.27	12.27.2006	Trojan-Proxy.Win32.Agent.hd
Kaspersky	4.0.2.24	12.27.2006	Trojan-Proxy.Win32.Agent.hd
McAfee	4926	12.26.2006	no virus found
Microsoft	1.1904	12.27.2006	TrojanProxy:Win32/Agent.IN
NOD32v2	1939	12.26.2006	a variant of Win32/TrojanProxy.Ranky
Norman	5.80.02	12.26.2006	W32/Agent.AHUU
Panda	9.0.0.4	12.27.2006	Adware/WUpd
Prevx1	V2	12.27.2006	Covert.Sys.Exec
Sophos	4.13.0	12.26.2006	Troj/Ranck-Gen
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.136	12.24.2006	no virus found
UNA	1.83	12.26.2006	TrojanProxy.Win32.Agent.B86C
VBA32	3.11.1	12.26.2006	Trojan-Proxy.Win32.Agent.hd
VirusBuster	4.3.19:9	12.26.2006	no virus found

Aditional Information
File size: 188494 bytes
MD5: 3d533d78a26c13e4ce1fef680c6ddd6a
SHA1: 04f6cba0023b1167cef0fe4aa5f4dbcf0489316d
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=70a316676736

----------


## Winsent

Complete scanning result of "Savicheva_XXX.exe", received in VirusTotal at 12.28.2006, 06:42:52 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.21	12.27.2006	HEUR/Crypted*
Authentium	4.93.8	12.27.2006	no virus found
Avast	4.7.892.0	12.21.2006	no virus found
AVG	386	12.28.2006	no virus found
*BitDefender	7.2	12.28.2006	MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal	8.00	12.27.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.27.2006	Trojan.Dropper.Agent-106
DrWeb	4.33	12.27.2006	Trojan.PWS.LDPinch.1217
eSafe	7.0.14.0	12.26.2006	Suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.100	12.28.2006	no virus found
eTrust-Vet	30.3.3283	12.27.2006	no virus found
Ewido	4.0	12.27.2006	no virus found
Fortinet	2.82.0.0	12.27.2006	no virus found
F-Prot	3.16f	12.22.2006	no virus found
F-Prot4	4.2.1.29	12.22.2006	no virus found
Ikarus	T3.1.0.27	12.28.2006	no virus found
*Kaspersky	4.0.2.24	12.28.2006	Trojan-PSW.Win32.LdPinch.bgj*
McAfee	4927	12.27.2006	no virus found
*Microsoft	1.1904	12.27.2006	Win32/Ldpinch
NOD32v2	1941	12.28.2006	a variant of Win32/PSW.LdPinch.NCB*
Norman	5.80.02	12.27.2006	no virus found
*Panda	9.0.0.4	12.28.2006	Suspicious file*
Prevx1	V2	12.28.2006	no virus found
Sophos	4.13.0	12.26.2006	no virus found
*Sunbelt	2.2.907.0	12.18.2006	VIPRE.Suspicious*
TheHacker	6.0.3.138	12.28.2006	no virus found
UNA	1.83	12.27.2006	no virus found
*VBA32	3.11.1	12.27.2006	MalwareScope.Trojan-PSW.Pinch.1*
VirusBuster	4.3.19:9	12.27.2006	no virus found

Aditional Information
File size: 32256 bytes
MD5: 365a362e1022ee45f45d50fcbb6f177c
SHA1: 5421f84286dee6008cbf395fee3c00086104b216
packers: PECOMPACT
packers: PecBundle, PECompact
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## Winsent

Complete scanning result of "setup.exe", received in VirusTotal at 12.29.2006, 20:48:24 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.21	12.29.2006	TR/Proxy.Horst.Gen*
Authentium	4.93.8	12.29.2006	no virus found
Avast	4.7.892.0	12.21.2006	no virus found
*AVG	386	12.29.2006	Proxy.26.M
BitDefender	7.2	12.29.2006	DeepScan:Generic.Horst.7E87FB89*
CAT-QuickHeal	8.00	12.29.2006	no virus found
ClamAV	devel-20060426	12.29.2006	no virus found
DrWeb	4.33	12.29.2006	no virus found
*eSafe	7.0.14.0	12.28.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.101	12.29.2006	no virus found
*eTrust-Vet	30.3.3289	12.29.2006	Win32/Boxed!generic*
Ewido	4.0	12.29.2006	no virus found
Fortinet	2.82.0.0	12.29.2006	no virus found
F-Prot	3.16f	12.29.2006	no virus found
F-Prot4	4.2.1.29	12.29.2006	no virus found
Ikarus	T3.1.0.27	12.29.2006	no virus found
*Kaspersky	4.0.2.24	12.29.2006	Trojan-Proxy.Win32.Horst.gen*
*McAfee	4929	12.29.2006	BackDoor-CMQ.dldr*
Microsoft	1.1904	12.27.2006	no virus found
NOD32v2	1946	12.29.2006	no virus found
*Norman	5.80.02	12.29.2006	W32/Malware
Panda	9.0.0.4	12.29.2006	Suspicious file*
Prevx1	V2	12.29.2006	no virus found
*Sophos	4.13.0	12.28.2006	Mal/Behav-080*
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
*VBA32	3.11.1	12.29.2006	MalwareScope.Trojan-Proxy.Horst.1*
VirusBuster	4.3.19:9	12.29.2006	no virus found

Aditional Information
File size: 42496 bytes
MD5: 7b429cc811c739822ddf355494637a2a
SHA1: 66452cb3ef2c65338d19f4eb732d550639d7f711
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 42496 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

----------


## Winsent

Complete scanning result of "__________ICQ.exe", received in VirusTotal at 12.29.2006, 21:44:08 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.21	12.29.2006	HEUR/Crypted*
Authentium	4.93.8	12.29.2006	no virus found
Avast	4.7.892.0	12.21.2006	no virus found
AVG	386	12.29.2006	no virus found
*BitDefender	7.2	12.29.2006	MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal	8.00	12.29.2006	(Suspicious) - DNAScan*
ClamAV	devel-20060426	12.29.2006	no virus found
*DrWeb	4.33	12.29.2006	Trojan.PWS.LDPinch.1217*
eSafe	7.0.14.0	12.28.2006	no virus found
eTrust-InoculateIT	23.73.101	12.29.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
*Ewido	4.0	12.29.2006	Trojan.LdPinch.bet*
Fortinet	2.82.0.0	12.29.2006	suspicious
F-Prot	3.16f	12.29.2006	no virus found
F-Prot4	4.2.1.29	12.29.2006	no virus found
*Ikarus	T3.1.0.27	12.29.2006	Trojan-PSW.Win32.LdPinch.apk
Kaspersky	4.0.2.24	12.29.2006	Trojan-PSW.Win32.LdPinch.bgj*
McAfee	4929	12.29.2006	no virus found
*Microsoft	1.1904	12.27.2006	Win32/Ldpinch
NOD32v2	1946	12.29.2006	a variant of Win32/PSW.LdPinch.NCB*
Norman	5.80.02	12.29.2006	no virus found
*Panda	9.0.0.4	12.29.2006	Suspicious file*
Prevx1	V2	12.29.2006	no virus found
Sophos	4.13.0	12.28.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
*VBA32	3.11.1	12.29.2006	MalwareScope.Trojan-PSW.Pinch.*4
VirusBuster	4.3.19:9	12.29.2006	no virus found

Aditional Information
File size: 48057 bytes
MD5: 3aa158d23b0e149bb2cfbd5186b36f79
SHA1: 25fdda6cf8a1f41289c16c188acc03fc10ab7573

----------


## gines

> Complete scanning result of "__________ICQ.exe", received in VirusTotal at 12.29.2006, 21:44:08 (CET).


То же самое в 305 топике.

----------


## drongo

Complete scanning result of "DCOMgui.zip", received in VirusTotal at 12.30.2006, 09:05:23 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.21	12.29.2006	no virus found
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	Win32:Interlac-B
AVG	386	12.29.2006	no virus found
BitDefender	7.2	12.30.2006	no virus found
CAT-QuickHeal	8.00	12.29.2006	(Suspicious) - DNAScan
ClamAV	devel-20060426	12.30.2006	no virus found
DrWeb	4.33	12.30.2006	BackDoor.Pigeon.516
eSafe	7.0.14.0	12.30.2006	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	12.29.2006	Dropper.Interlac.10.b
Fortinet	2.82.0.0	12.30.2006	suspicious
F-Prot	3.16f	12.29.2006	no virus found
F-Prot4	4.2.1.29	12.29.2006	no virus found
Ikarus	T3.1.0.27	12.30.2006	Backdoor.Win32.Hupigon.BV
Kaspersky	4.0.2.24	12.30.2006	Trojan-Dropper.Win32.Interlac.10.b
McAfee	4929	12.29.2006	New Malware.u
Microsoft	1.1904	12.27.2006	no virus found
NOD32v2	1947	12.30.2006	no virus found
Norman	5.80.02	12.29.2006	no virus found
Panda	9.0.0.4	12.30.2006	Suspicious file
Prevx1	V2	12.30.2006	no virus found
Sophos	4.13.0	12.28.2006	Mal/Packer
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
VBA32	3.11.1	12.29.2006	no virus found
VirusBuster	4.3.19:9	12.29.2006	novirus :Stick Out Tongue: acked/NSPack

Aditional Information
File size: 257436 bytes
MD5: 860e5b99b176b3120388234cdfb632d6
SHA1: 0f35491c52a52e2f5d192910ee61beb2afa068b0
packers: NsPack, Morphine
packers: NSPack, PE_Patch

----------


## pig

Это письмо, в нём postcard.exe. На момент проверки Доктор зверя уже знал, а на момент прохождения ещё нет, и письмо я просто глазом в ящике нашёл.



> Complete scanning result of "mzukh_completepkgltd.com_111_3731", received in VirusTotal at 12.30.2006, 10:53:32 (CET).
> 
> Antivirus Version Update Result 
> AntiVir 7.3.0.21 12.30.2006 TR/Dldr.Tibs.JZ 
> Authentium 4.93.8 12.30.2006  no virus found 
> Avast 4.7.892.0 12.30.2006  no virus found 
> AVG 386 12.29.2006 Downloader.Tibs 
> BitDefender 7.2 12.30.2006  no virus found 
> CAT-QuickHeal 8.00 12.29.2006  no virus found 
> ...

----------


## Winsent

Complete scanning result of "cheker.exe", received in VirusTotal at 12.30.2006, 11:02:21 (CET).


Antivirus	Version	Update	Result

*AntiVir	7.3.0.21	12.30.2006	HEUR/Crypted*
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	12.29.2006	no virus found
*BitDefender	7.2	12.30.2006	BehavesLike:Trojan.ShellObject*
*CAT-QuickHeal	8.00	12.29.2006	(Suspicious) - DNAScan*
ClamAV	devel-20060426	12.30.2006	no virus found
DrWeb	4.33	12.30.2006	no virus found
*eSafe	7.0.14.0	12.30.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	12.29.2006	no virus found
Fortinet	2.82.0.0	12.30.2006	suspicious
F-Prot	3.16f	12.29.2006	no virus found
*F-Prot4	4.2.1.29	12.29.2006	generic*
Ikarus	T3.1.0.27	12.30.2006	no virus found
Kaspersky	4.0.2.24	12.30.2006	no virus found
McAfee	4929	12.29.2006	no virus found
Microsoft	1.1904	12.27.2006	no virus found
NOD32v2	1947	12.30.2006	no virus found
Norman	5.80.02	12.29.2006	no virus found
*Panda	9.0.0.4	12.30.2006	Suspicious file*
Prevx1	V2	12.30.2006	no virus found
Sophos	4.13.0	12.30.2006	no virus found
*Sunbelt	2.2.907.0	12.18.2006	VIPRE.Suspicious*
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
*VBA32	3.11.1	12.29.2006	Trojan.PWS.Wmsender*
VirusBuster	4.3.19:9	12.29.2006	no virus found

Aditional Information
File size: 11232 bytes
MD5: d3ccd699d4a6726795b2037635d79a35
SHA1: 1d6cc5d4ab10ad7eded76d672d41d2f0cac56e9b
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.





> То же самое в 305 топике.


Размер разный, детектят не все что в прошлый раз. Название только такое же

----------


## gines

> Размер разный, детектят не все что в прошлый раз. Название только такое же


Размер, по-моему, не показатель. Первый вроде как сжат. Но, если всё-таки это две разновидности, то странно, что и касперский и доктор веб присвоили им одинаковые имена.

----------


## Geser

AntiVir 7.3.0.21 12.30.2006 TR/Dldr.Tibs.JY.A 
Authentium 4.93.8 12.30.2006  no virus found 
Avast 4.7.892.0 12.30.2006  no virus found 
AVG 386 12.30.2006 Downloader.Tibs 
BitDefender 7.2 12.30.2006 GenPack:Trojan.Downloader.Agent.YC 
CAT-QuickHeal 8.00 12.29.2006  no virus found 
ClamAV devel-20060426 12.30.2006 Trojan.Small-914 
DrWeb 4.33 12.30.2006 Win32.Dref 
eSafe 7.0.14.0 12.30.2006 suspicious Trojan/Worm 
eTrust-InoculateIT 23.73.102 12.30.2006  no virus found 
eTrust-Vet 30.3.3289 12.29.2006 Win32/Tibs!generic 
Ewido 4.0 12.30.2006  no virus found 
Fortinet 2.82.0.0 12.30.2006 suspicious 
F-Prot 3.16f 12.30.2006  no virus found 
F-Prot4 4.2.1.29 12.30.2006  no virus found 
Ikarus T3.1.0.27 12.30.2006 Trojan-Downloader.Win32.Tibs.jy 
Kaspersky 4.0.2.24 12.30.2006 Trojan-Downloader.Win32.Tibs.jy 
McAfee 4929 12.29.2006  no virus found 
Microsoft 1.1904 12.30.2006  no virus found 
NOD32v2 1949 12.30.2006 Win32/Nuwar.M 
Norman 5.80.02 12.29.2006  no virus found 
Panda 9.0.0.4 12.30.2006 Trj/Alanchum.MU 
Prevx1 V2 12.30.2006 Spyware.VirusBurst 
Sophos 4.13.0 12.30.2006  no virus found 
Sunbelt 2.2.907.0 12.18.2006  no virus found 
TheHacker 6.0.3.139 12.29.2006 Trojan/Downloader.Generic 
UNA 1.83 12.29.2006  no virus found 
VBA32 3.11.1 12.30.2006  no virus found 
VirusBuster 4.3.19:9 12.30.2006 Trojan.DL.Tibs.Gen!Pac10 


Aditional Information 
File size: 54423 bytes 
MD5: 80250d4b948dfb40013cedfa1261a997 
SHA1: a01f706c20c2110394dd27d4eda33268844c8148 
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=b20f66499269

----------


## Winsent

Antivirus	Version	Update	Result


*AntiVir	7.3.0.21	12.30.2006	HEUR/Crypted*
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	12.30.2006	no virus found
*BitDefender	7.2	12.31.2006	DeepScan:Generic.PWStealer.A02C0538*
CAT-QuickHeal	8.00	12.31.2006	no virus found
ClamAV	devel-20060426	12.30.2006	no virus found
DrWeb	4.33	12.31.2006	no virus found
*eSafe	7.0.14.0	12.30.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	12.30.2006	no virus found
Fortinet	2.82.0.0	12.31.2006	suspicious
F-Prot	3.16f	12.30.2006	no virus found
F-Prot4	4.2.1.29	12.30.2006	no virus found
*Ikarus	T3.1.0.27	12.31.2006	Trojan-PSW.Win32.LdPinch.apk
Kaspersky	4.0.2.24	12.31.2006	Trojan-PSW.Win32.LdPinch.bik*
McAfee	4929	12.29.2006	no virus found
*Microsoft	1.1904	12.31.2006	Win32/Ldpinch
NOD32v2	1949	12.30.2006	Win32/PSW.LdPinch.NCS*
Norman	5.80.02	12.29.2006	no virus found
Panda	9.0.0.4	12.30.2006	Suspicious file
Prevx1	V2	12.31.2006	no virus found
Sophos	4.13.0	12.30.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
*VBA32	3.11.1	12.30.2006	MalwareScope.Trojan-PSW.Pinch.1*
VirusBuster	4.3.19:9	12.30.2006	no virus found

Aditional Information
File size: 25600 bytes
MD5: 6c548c3a41bccae7c7cd75ef34a2b12c
SHA1: 0b46fee4995c0cb1cd3229f56f6a0676ba9117c9
packers: UPX
packers: UPX
packers: UPX

----------


## Winsent

Antivirus	Version	Update	Result


*AntiVir	7.3.0.21	12.30.2006	HEUR/Crypted*
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	12.30.2006	no virus found
*BitDefender	7.2	12.31.2006	DeepScan:Generic.PWStealer.9D8B9DC6*
CAT-QuickHeal	8.00	12.31.2006	no virus found
ClamAV	devel-20060426	12.30.2006	no virus found
DrWeb	4.33	12.31.2006	no virus found
*eSafe	7.0.14.0	12.30.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	12.30.2006	no virus found
*Fortinet	2.82.0.0	12.31.2006	suspicious*
F-Prot	3.16f	12.30.2006	no virus found
F-Prot4	4.2.1.29	12.30.2006	no virus found
*Ikarus	T3.1.0.27	12.31.2006	Trojan-PSW.Win32.LdPinch.apk*
Kaspersky	4.0.2.24	12.31.2006	no virus found
McAfee	4929	12.29.2006	no virus found
*Microsoft	1.1904	12.31.2006	Win32/Ldpinch*
NOD32v2	1949	12.30.2006	no virus found
Norman	5.80.02	12.29.2006	no virus found
*Panda	9.0.0.4	12.30.2006	Suspicious file*
Prevx1	V2	12.31.2006	no virus found
Sophos	4.13.0	12.30.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
*VBA32	3.11.1	12.30.2006	MalwareScope.Trojan-PSW.Pinch.1*
VirusBuster	4.3.19:9	12.30.2006	no virus found

Aditional Information
File size: 53248 bytes
MD5: 55ceb3fdc230b833e5f3a9aa84d1120b
SHA1: e5f2a7463b0bcbf8383fa87925f027cd4e3ab7d7
packers: UPX
packers: UPX
packers: UPX

----------


## Surfer

Complete scanning result of "1.exe", received in VirusTotal at 12.31.2006, 14 :20: 09 (CET).

Antivirus	Version	Update	Result
*AntiVir	7.3.0.21	12.30.2006	HEUR/Malware*
*Authentium	4.93.8	12.30.2006	W32/Warezov.gen4*
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	12.30.2006	no virus found
*BitDefender	7.2	12.31.2006	DeepScan:Generic.Sdbot.01ACBA66*
CAT-QuickHeal	8.00	12.31.2006	no virus found
ClamAV	devel-20060426	12.31.2006	no virus found
DrWeb	4.33	12.31.2006	no virus found
*eSafe	7.0.14.0	12.31.2006	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	12.31.2006	no virus found
*Fortinet	2.82.0.0	12.31.2006	suspicious*
*F-Prot	3.16f	12.30.2006	W32/Warezov.gen4*
*F-Prot4	4.2.1.29	12.30.2006	W32/Warezov.gen4*
*Ikarus	T3.1.0.27	12.31.2006	Trojan-PSW.Win32.LdPinch.apk*
Kaspersky	4.0.2.24	12.31.2006	no virus found
McAfee	4929	12.29.2006	no virus found
*Microsoft	1.1904	12.31.2006	Win32/Ldpinch*
NOD32v2	1949	12.30.2006	no virus found
Norman	5.80.02	12.31.2006	no virus found
*Panda	9.0.0.4	12.31.2006	Suspicious file*
Prevx1	V2	12.31.2006	no virus found
Sophos	4.13.0	12.30.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.139	12.29.2006	no virus found
UNA	1.83	12.29.2006	no virus found
*VBA32	3.11.1	12.30.2006	MalwareScope.Trojan-PSW.Pinch.1*
VirusBuster	4.3.19:9	12.30.2006	no virus found

Aditional Information
File size: 30720 bytes
MD5: 3945ca8dc0b7cfe4e568b22d23b78223
SHA1: 41f7fb7bd794c0f13172aa318d164fe120697fa9
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Шло вместе с поющим Путиным  :Cheesy:  Ушло в вирлаб ЛК

----------


## Exxx

Complete scanning result of "maxsetup.1307.exe", received in VirusTotal at 01.01.2007, 18:56:32 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.21	12.31.2006	DR/Zlob.Gen
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	01.01.2007	Downloader.Zlob.FWR
BitDefender	7.2	01.01.2007	Trojan.Zlob.GT
CAT-QuickHeal	8.00	01.01.2007	TrojanDownloader.Zlob.gen
ClamAV	devel-20060426	01.01.2007	Trojan.Downloader.Zlob-545
DrWeb	4.33	12.31.2006	no virus found
eSafe	7.0.14.0	01.01.2007	suspicious Trojan/Worm
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	01.01.2007	no virus found
Fortinet	2.82.0.0	01.01.2007	suspicious
F-Prot	3.16f	12.30.2006	no virus found
F-Prot4	4.2.1.29	12.30.2006	no virus found
Ikarus	T3.1.0.27	01.01.2007	Trojan-Downloader.Win32.Zlob.ni
Kaspersky	4.0.2.24	01.01.2007	Trojan-Downloader.Win32.Zlob.bbr
McAfee	4929	12.29.2006	no virus found
Microsoft	1.1904	12.31.2006	no virus found
NOD32v2	1950	01.01.2007	no virus found
Norman	5.80.02	12.31.2007	W32/Zlob.XJU
Panda	9.0.0.4	01.01.2007	no virus found
Prevx1	V2	01.01.2007	no virus found
Sophos	4.13.0	12.30.2006	no virus found
Sunbelt	2.2.907.0	12.18.2006	no virus found
TheHacker	6.0.3.141	01.01.2007	no virus found
VBA32	3.11.1	01.01.2007	no virus found
VirusBuster	4.3.19:9	01.01.2007	Trojan.DR.Zlob.Gen!Pac13

Aditional Information
File size: 60347 bytes
MD5: a7f0bb706da9e508014ba8b6579c9177
SHA1: 7e5421398dd8d363c38e09b48dc27121bca642c8
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

----------


## Winsent

Antivirus	Version	Update	Result

*AntiVir	7.3.0.21	01.02.2007	HEUR/Crypted*
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	01.01.2007	no virus found
*BitDefender	7.2	01.02.2007	MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal	8.00	01.01.2007	(Suspicious) - DNAScan*
ClamAV	devel-20060426	01.01.2007	no virus found
*DrWeb	4.33	01.02.2007	Trojan.MulDrop.4896*
eSafe	7.0.14.0	01.01.2007	no virus found
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3296	01.02.2007	no virus found
Ewido	4.0	01.01.2007	no virus found
*Fortinet	2.82.0.0	01.02.2007	suspicious*
F-Prot	3.16f	12.30.2006	no virus found
F-Prot4	4.2.1.29	12.30.2006	no virus found
Ikarus	T3.1.0.27	01.02.2007	no virus found
Kaspersky	4.0.2.24	01.02.2007	no virus found
*McAfee	4929	12.29.2006	New Win32*
Microsoft	1.1904	01.02.2007	no virus found
*NOD32v2	1951	01.01.2007	a variant of Win32/PSW.LdPinch.NCB*
Norman	5.80.02	12.31.2007	no virus found
*Panda	9.0.0.4	01.01.2007	Suspicious file*
Prevx1	V2	01.02.2007	no virus found
*Sophos	4.13.0	01.01.2007	no virus found
Sunbelt	2.2.907.0	12.18.2006	VIPRE.Suspicious*
TheHacker	6.0.3.141	01.01.2007	no virus found
*VBA32	3.11.1	01.01.2007	suspected of Embedded.MalwareScope.Trojan-PSW.Pinch.*1
VirusBuster	4.3.19:9	01.01.2007	no virus found

Aditional Information
File size: 51200 bytes
MD5: 7d69316e4faa3e2dfc5ab4814e5e0781
SHA1: f9b1e2f20b12b9b3c33505b6ac79e4a4ea0295fd
packers: PECRYPT
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

----------


## Winsent

Antivirus	Version	Update	Result

*AntiVir	7.3.0.21	01.05.2007	HEUR/Crypted
Authentium	4.93.8	12.30.2006	W32/Warezov.gen4*
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	01.05.2007	no virus found
BitDefender	7.2	01.06.2007	no virus found
CAT-QuickHeal	9.00	01.05.2007	no virus found
ClamAV	devel-20060426	01.06.2007	no virus found
DrWeb	4.33	01.06.2007	no virus found
*eSafe	7.0.14.0	01.05.2007	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.107	01.06.2007	no virus found
eTrust-Vet	30.3.3307	01.06.2007	no virus found
Ewido	4.0	01.05.2007	no virus found
*Fortinet	2.82.0.0	01.06.2007	suspicious*
*F-Prot	3.16f	01.05.2007	W32/Warezov.gen4
F-Prot4	4.2.1.29	01.05.2007	W32/Warezov.gen4
Ikarus	T3.1.0.27	01.06.2007	Trojan-PSW.Win32.LdPinch.apk*
Kaspersky	4.0.2.24	01.06.2007	no virus found
McAfee	4933	01.05.2007	no virus found
*Microsoft	1.1904	01.06.2007	Win32/Ldpinch
NOD32v2	1959	01.05.2007	a variant of Win32/PSW.LdPinch.BIE*
Norman	5.80.02	12.31.2007	no virus found
*Panda	9.0.0.4	01.05.2007	Suspicious file*
Prevx1	V2	01.06.2007	no virus found
Sophos	4.13.0	01.05.2007	no virus found
Sunbelt	2.2.907.0	01.05.2007	no virus found
TheHacker	6.0.3.143	01.05.2007	no virus found
UNA	1.83	01.04.2007	no virus found
*VBA32	3.11.1	01.06.2007	MalwareScope.Trojan-PSW.Pinch.1*
VirusBuster	4.3.19:9	01.05.2007	no virus found

Aditional Information
File size: 31232 bytes
MD5: 1e3fb61c39e4921d65c3435b5c55f7f0
SHA1: ab91df5eafbc2244c543097d2ba302d9fa97081c
packers: UPX
packers: UPX
packers: UPX
packers: UPX

----------


## Winsent

Antivirus	Version	Update	Result


*AntiVir	7.3.0.21	01.05.2007	TR/Proxy.Horst.Gen*
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	01.05.2007	no virus found
BitDefender	7.2	01.06.2007	no virus found
CAT-QuickHeal	9.00	01.05.2007	no virus found
ClamAV	devel-20060426	01.06.2007	no virus found
DrWeb	4.33	01.06.2007	no virus found
*eSafe	7.0.14.0	01.05.2007	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.107	01.06.2007	no virus found
eTrust-Vet	30.3.3307	01.06.2007	no virus found
Ewido	4.0	01.05.2007	no virus found
*Fortinet	2.82.0.0	01.06.2007	suspicious
F-Prot	3.16f	01.05.2007	W32/Methodbod.gen2
F-Prot4	4.2.1.29	01.05.2007	W32/Methodbod.gen2*
Ikarus	T3.1.0.27	01.06.2007	no virus found
Kaspersky	4.0.2.24	01.06.2007	no virus found
McAfee	4933	01.05.2007	no virus found
Microsoft	1.1904	01.06.2007	no virus found
NOD32v2	1959	01.05.2007	no virus found
*Norman	5.80.02	12.31.2007	W32/Malware
Panda	9.0.0.4	01.05.2007	Suspicious file*
Prevx1	V2	01.06.2007	no virus found
*Sophos	4.13.0	01.05.2007	Mal/Behav-080*
Sunbelt	2.2.907.0	01.05.2007	no virus found
TheHacker	6.0.3.143	01.05.2007	no virus found
UNA	1.83	01.04.2007	no virus found
VBA32	3.11.1	01.06.2007	no virus found
VirusBuster	4.3.19:9	01.05.2007	no virus found

Aditional Information
File size: 40448 bytes
MD5: ea7cfb190fa77011adb15b6072fa33bd
SHA1: 62ebc531b0b44ad33d133f9ceaeadb6ad6d972d6
packers: UPX
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 40448 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

----------


## Winsent

Antivirus	Version	Update	Result

AntiVir	7.3.0.21	01.07.2007	no virus found
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
*AVG	386	01.06.2007	Proxy.JMO*
BitDefender	7.2	01.07.2007	no virus found
CAT-QuickHeal	9.00	01.06.2007	no virus found
ClamAV	devel-20060426	01.07.2007	no virus found
DrWeb	4.33	01.06.2007	no virus found
*eSafe	7.0.14.0	01.07.2007	suspicious Trojan/Worm*
eTrust-InoculateIT	23.73.107	01.06.2007	no virus found
eTrust-Vet	30.3.3307	01.06.2007	no virus found
Ewido	4.0	01.06.2007	no virus found
Fortinet	2.82.0.0	01.07.2007	no virus found
F-Prot	3.16f	01.05.2007	no virus found
F-Prot4	4.2.1.29	01.05.2007	no virus found
Ikarus	T3.1.0.27	01.07.2007	no virus found
*Kaspersky	4.0.2.24	01.07.2007	Trojan-Downloader.Win32.Agent.aii*
McAfee	4933	01.05.2007	no virus found
Microsoft	1.1904	01.07.2007	no virus found
NOD32v2	1960	01.06.2007	no virus found
*Norman	5.80.02	12.31.2007	W32/Malware
Panda	9.0.0.4	01.06.2007	Suspicious file*
Prevx1	V2	01.07.2007	no virus found
*Sophos	4.13.0	01.05.2007	Mal/Behav-080*
Sunbelt	2.2.907.0	01.05.2007	no virus found
TheHacker	6.0.3.145	01.07.2007	no virus found
UNA	1.83	01.06.2007	no virus found
VBA32	3.11.1	01.07.2007	no virus found
VirusBuster	4.3.19:9	01.06.2007	no virus found

Aditional Information
File size: 23552 bytes
MD5: 86dc7913bd1c9a1ed56702c557d2abee
SHA1: 886d4c9f426e5379b48b69d1b5a016c7cc59548f
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 23552 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## saicat

Complete scanning result of "speedupmypc3.exe", received in VirusTotal at 01.07.2007, 23:26:58 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.21	01.07.2007	no virus found
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	01.07.2007	Dropper.Generic.IBY
BitDefender	7.2	01.07.2007	BehavesLike:Trojan.FirewallBypass
CAT-QuickHeal	9.00	01.06.2007	no virus found
ClamAV	devel-20060426	01.07.2007	no virus found
DrWeb	4.33	01.07.2007	Trojan.MulDrop.5038
eSafe	7.0.14.0	01.07.2007	no virus found
eTrust-InoculateIT	23.73.107	01.06.2007	no virus found
eTrust-Vet	30.3.3307	01.06.2007	no virus found
Ewido	4.0	01.07.2007	no virus found
Fortinet	2.82.0.0	01.07.2007	no virus found
F-Prot	3.16f	01.05.2007	no virus found
F-Prot4	4.2.1.29	01.05.2007	generic
Ikarus	T3.1.0.27	01.07.2007	no virus found
Kaspersky	4.0.2.24	01.07.2007	no virus found
McAfee	4933	01.05.2007	no virus found
Microsoft	1.1904	01.07.2007	no virus found
NOD32v2	1960	01.06.2007	no virus found
Norman	5.80.02	12.31.2007	no virus found
Panda	9.0.0.4	01.07.2007	Suspicious file
Prevx1	V2	01.07.2007	no virus found
Sophos	4.13.0	01.05.2007	no virus found
Sunbelt	2.2.907.0	01.05.2007	no virus found
TheHacker	6.0.3.145	01.07.2007	no virus found
UNA	1.83	01.06.2007	no virus found
VBA32	3.11.1	01.07.2007	suspected of Embedded.MalwareScope.Trojan-PSW.Pinch.1
VirusBuster	4.3.19:9	01.07.2007	no virus found

Aditional Information
File size: 5597184 bytes
MD5: 996a2b586d8651bd158ef99031fa4eca
SHA1: fee0b3a753629e14f638937eefc8d0a07293ab80
packers: embedded, UPX

----------


## Tony Montana

На старуху случилась проруха с стареньким адварчиком 2005 года!
См. картинко!  :Smiley: pozornikDrWeb.jpg

А вот и сам адварчик, кому интересно (*ОСТОРОЖНО, ПЛИЗ!*) Вложение 5592

Вот вам и всемогущий дохтур  :Smiley: 


moderated
желающие посмотреть зверя - в личку к *Tony Montana*
А автору - устное замечание. Не стоит выкладывать здесь заразу.

----------


## Tony Montana

Видать. сегодня день апокалипсиса для Др. Вэба.  :Smiley:  Второй раз пропускает позорный старенький адварь, который даже второй эшелон знает. Позор, товарищу Данилову  :Smiley:  Владельцы этого антивира, вам не стремно? 

File "Adware_1_.Flashkin.rar" received on 01.08.2007 at 09:25:44 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.

AntiVir	7.3.0.21	01.08.2007	ADSPY/LinkOptimizer.A.3
Authentium	4.93.8	12.30.2006	W32/Downloader.AFBH
Avast	4.7.892.0	12.30.2006	Win32:Agent-gen
AVG	386	01.07.2007	Downloader.Agent.EFO
BitDefender	7.2	01.08.2007	Trojan.Downloader.Agent.BQ
CAT-QuickHeal	9.00	01.06.2007	no virus found
ClamAV	devel-20060426	01.07.2007	no virus found
DrWeb	4.33	01.07.2007	no virus found
eSafe	7.0.14.0	01.07.2007	Win32.Agent.bq
eTrust-InoculateIT	23.73.107	01.06.2007	no virus found
eTrust-Vet	30.3.3311	01.08.2007	no virus found
Ewido	4.0	01.07.2007	Adware.LinkOptimizer
Fortinet	2.82.0.0	01.08.2007	Adware/LinkOptimizer
F-Prot	3.16f	01.05.2007	security risk named W32/Downloader.AFBH
F-Prot4	4.2.1.29	01.05.2007	W32/Downloader.AFBH
Ikarus	T3.1.0.27	01.08.2007	Trojan-Downloader.Win32.Agent.BQ
Kaspersky	4.0.2.24	01.08.2007	Trojan-Downloader.Win32.Agent.bq
McAfee	4933	01.05.2007	potentially unwanted program LinkOptimizer
Microsoft	1.1904	01.07.2007	TrojanDownloader:Win32/WinShow.gen!C
NOD32v2	1961	01.08.2007	probably a variant of Win32/TrojanDownloader.Agent.BQ
Norman	5.80.02	12.31.2007	no virus found
Panda	9.0.0.4	01.07.2007	Spyware/Lefeat
Prevx1	V2	01.08.2007	Trojan.Linkoptimizer
Sophos	4.13.0	01.05.2007	Troj/LinkOpt-A
Sunbelt	2.2.907.0	01.05.2007	Trojan-Downloader.Agent.BQ
TheHacker	6.0.3.146	01.08.2007	Trojan/Downloader.Agent.bq
UNA	1.83	01.06.2007	Adware.LinkOptimizer.E895
VBA32	3.11.1	01.08.2007	AdWare.Win32.LinkOptimizer.a
VirusBuster	4.3.19:9	01.07.2007	Trojan.DL.Agent.DRV

----------


## Shu_b

Ну... где-то так. Некоторые дубли не учтены.

----------


## anton_dr

Вот и дождались  :Smiley: . За сим тему закрываем. Дальнейшее - в продолжении.

----------

