# Форум на русском языке  > Аналитика  > Тестирование  >  Исследование антивирусов 2

## Geser

В общем думал я думал как сделать более-менее объекривную оценку антивирусов, и кое что придумал. Вот в эту тему прошу всех постить результаты проверки зверей которые были пойманы исключительно ручками. Т.е. которых не видел установленный на компютере антивирус. Так выборка будет по настоящему случайной.

Постить в эту тему результаты проверки файлов исключительно пойманных руками на компьютерах.

*Не* постить результаты проверки файлов найденных на других сайтах или в коллекциях. 
*Не* постить результаты проверки файлов изначально найденных антивирусом.

Продолжение темы 

This is a report processed by VirusTotal on 05/26/2005 at 22:52:41 (CET) after scanning the file "mcsys.dll" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 05.26.2005 no virus found 
AVG 718 05.25.2005 no virus found 
Avira 6.30.0.15 05.26.2005 no virus found 
BitDefender 7.0 05.26.2005 BehavesLike:Win32.IRC-Backdoor 
ClamAV devel-20050501 05.26.2005 no virus found 
DrWeb 4.32b 05.26.2005 no virus found 
eTrust-Iris 7.1.194.0 05.26.2005 no virus found 
eTrust-Vet 11.9.1.0 05.26.2005 no virus found 
Fortinet 2.27.0.0 05.26.2005 no virus found 
Ikarus 2.32 05.25.2005 no virus found 
Kaspersky 4.0.2.24 05.26.2005 no virus found 
McAfee 4500 05.26.2005 MultiDropper-MK 
NOD32v2 1.1109 05.26.2005 no virus found 
Norman 5.70.10 05.23.2005 no virus found 
Panda 8.02.00 05.26.2005 no virus found 
Sybari 7.5.1314 05.26.2005 MultiDropper-MK 
Symantec 8.0 05.26.2005 no virus found 
VBA32 3.10.3 05.26.2005 suspected of Embedded.Trojan-PSW.Win32.PdPinch.gen

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Minos

Свеженький ISTbar попался, вот результаты тестирования:

This is a report processed by VirusTotal on 05/27/2005 at 19:32:50 (CET) after scanning the file "istsvc_updater.exe" file.

AntiVir	6.30.0.15	05.27.2005	no virus found
AVG	718	05.27.2005	no virus found
Avira	6.30.0.15	05.27.2005	no virus found
BitDefender	7.0	05.27.2005	no virus found
ClamAV	devel-20050501	05.27.2005	no virus found
DrWeb	4.32b	05.27.2005	no virus found
eTrust-Iris	7.1.194.0	05.27.2005	no virus found
eTrust-Vet	11.9.1.0	05.27.2005	no virus found
Fortinet	2.27.0.0	05.27.2005	suspicious
Ikarus	2.32	05.27.2005	Net-Worm.Win32.Shelp.A
Kaspersky	4.0.2.24	05.27.2005	no virus found
McAfee	4501	05.27.2005	potentially unwanted program Adware-ISTbar
NOD32v2	1.1112	05.27.2005	no virus found
Norman	5.70.10	05.27.2005	no virus found
Panda	8.02.00	05.27.2005	no virus found
Sybari	7.5.1314	05.27.2005	no virus found
Symantec	8.0	05.27.2005	no virus found
VBA32	3.10.3	05.27.2005	no virus found

----------


## Geser

This is a report processed by VirusTotal on 05/28/2005 at 13:15:08 (CET) after scanning the file "4e6r958fs7.tmp" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 05.28.2005 no virus found 
AVG 718 05.28.2005 no virus found 
Avira 6.30.0.15 05.28.2005 no virus found 
BitDefender 7.0 05.28.2005 no virus found 
ClamAV devel-20050501 05.28.2005 no virus found 
DrWeb 4.32b 05.27.2005 Trojan.Cassandra 
eTrust-Iris 7.1.194.0 05.28.2005 no virus found 
eTrust-Vet 11.9.1.0 05.27.2005 no virus found 
Fortinet 2.27.0.0 05.27.2005 no virus found 
Ikarus 2.32 05.27.2005 suspicious program sequence found 
Kaspersky 4.0.2.24 05.28.2005 no virus found 
McAfee 4501 05.27.2005 no virus found 
NOD32v2 1.1112 05.27.2005 no virus found 
Norman 5.70.10 05.27.2005 no virus found 
Panda 8.02.00 05.27.2005 no virus found 
Sybari 7.5.1314 05.28.2005 no virus found 
Symantec 8.0 05.27.2005 no virus found 
VBA32 3.10.3 05.28.2005 Trojan.Cassandra

----------


## Minos

Радует эвристик VBA.

This is a report processed by VirusTotal on 05/28/2005 at 19:55:42 (CET) after scanning the file "EGDACCESS.dll" file.

Antivirus	Version	Update	Result
AntiVir	6.30.0.15	05.28.2005	no virus found
AVG	718	05.28.2005	no virus found
Avira	6.30.0.15	05.28.2005	no virus found
BitDefender	7.0	05.28.2005	no virus found
ClamAV	devel-20050501	05.28.2005	Dialer-324
DrWeb	4.32b	05.28.2005	no virus found
eTrust-Iris	7.1.194.0	05.28.2005	no virus found
eTrust-Vet	11.9.1.0	05.27.2005	no virus found
Fortinet	2.27.0.0	05.27.2005	no virus found
Ikarus	2.32	05.27.2005	no virus found
Kaspersky	4.0.2.24	05.28.2005	no virus found
McAfee	4501	05.27.2005	potentially unwanted program Dialer-Generic
NOD32v2	1.1112	05.27.2005	no virus found
Norman	5.70.10	05.27.2005	no virus found
Panda	8.02.00	05.28.2005	Dialer.BBM
Sybari	7.5.1314	05.28.2005	no virus found
Symantec	8.0	05.27.2005	no virus found
VBA32	3.10.3	05.28.2005	suspected of Dialer.EGroup.1

----------


## Geser

is a report processed by VirusTotal on 05/28/2005 at 20:49:27 (CET) after scanning the file "OLEADM.DLL" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 05.28.2005 no virus found 
AVG 718 05.28.2005 no virus found 
Avira 6.30.0.15 05.28.2005 no virus found 
BitDefender 7.0 05.28.2005 no virus found 
ClamAV devel-20050501 05.28.2005 no virus found 
DrWeb 4.32b 05.28.2005 Trojan.DownLoader.2636 
eTrust-Iris 7.1.194.0 05.28.2005 no virus found 
eTrust-Vet 11.9.1.0 05.27.2005 no virus found 
Fortinet 2.27.0.0 05.27.2005 Download/Agent.NS 
Ikarus 2.32 05.27.2005 no virus found 
Kaspersky 4.0.2.24 05.28.2005 Trojan-Downloader.Win32.Agent.ns 
McAfee 4501 05.27.2005 no virus found 
NOD32v2 1.1112 05.27.2005 Win32/TrojanDownloader.Agent.NS 
Norman 5.70.10 05.27.2005 no virus found 
Panda 8.02.00 05.28.2005 Trj/Cloak.A 
Sybari 7.5.1314 05.28.2005 Trojan-Downloader.Win32.Agent.ns 
Symantec 8.0 05.27.2005 no virus found 
VBA32 3.10.3 05.28.2005 Trojan-Downloader.Win32.Agent.ns

----------


## HATTIFNATTOR

This is a report processed by VirusTotal on 05/29/2005 at 19:36:22 (CET) after scanning the file "param32.dll" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 05.28.2005 no virus found 
AVG 718 05.28.2005 no virus found 
Avira 6.30.0.15 05.28.2005 no virus found 
BitDefender 7.0 05.29.2005 no virus found 
ClamAV devel-20050501 05.28.2005 no virus found 
DrWeb 4.32b 05.29.2005 Trojan.DownLoader.2774 
eTrust-Iris 7.1.194.0 05.28.2005 no virus found 
eTrust-Vet 11.9.1.0 05.27.2005 no virus found 
Fortinet 2.27.0.0 05.27.2005 suspicious 
Ikarus 2.32 05.27.2005 no virus found 
Kaspersky 4.0.2.24 05.29.2005 no virus found 
McAfee 4501 05.27.2005 Warspy.dll 
NOD32v2 1.1113 05.29.2005 no virus found 
Norman 5.70.10 05.27.2005 no virus found 
Panda 8.02.00 05.29.2005 no virus found 
Sybari 7.5.1314 05.29.2005 Warspy.dll 
Symantec 8.0 05.28.2005 no virus found 
VBA32 3.10.3 05.29.2005 no virus found

----------


## Geser

This is a report processed by VirusTotal on 05/31/2005 at 19:54:55 (CET) after scanning the file "GMT.zip" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 05.31.2005 no virus found 
AVG 718 05.31.2005 no virus found 
Avira 6.30.0.15 05.31.2005 no virus found 
BitDefender 7.0 05.31.2005 no virus found 
ClamAV devel-20050501 05.31.2005 no virus found 
DrWeb 4.32b 05.31.2005 no virus found 
eTrust-Iris 7.1.194.0 05.31.2005 no virus found 
eTrust-Vet 11.9.1.0 05.31.2005 no virus found 
Fortinet 2.27.0.0 05.31.2005 no virus found 
Ikarus 2.32 05.31.2005 no virus found 
Kaspersky 4.0.2.24 05.31.2005 not-a-virus:AdWare.Gator.7106 
McAfee 4503 05.31.2005 potentially unwanted program Adware-GAIN 
NOD32v2 1.1117 05.31.2005 Win32/Adware.Gator 
Norman 5.70.10 05.30.2005 no virus found 
Panda 8.02.00 05.31.2005 no virus found 
Sybari 7.5.1314 05.31.2005 no virus found 
Symantec 8.0 05.30.2005 no virus found 
VBA32 3.10.3 05.31.2005 no virus found

This is a report processed by VirusTotal on 05/31/2005 at 20:00:02 (CET) after scanning the file "BO1Helper.exe" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 05.31.2005 no virus found 
AVG 718 05.31.2005 no virus found 
Avira 6.30.0.15 05.31.2005 no virus found 
BitDefender 7.0 05.31.2005 no virus found 
ClamAV devel-20050501 05.31.2005 no virus found 
DrWeb 4.32b 05.31.2005 no virus found 
eTrust-Iris 7.1.194.0 05.31.2005 no virus found 
eTrust-Vet 11.9.1.0 05.31.2005 no virus found 
Fortinet 2.27.0.0 05.31.2005 no virus found 
Ikarus 2.32 05.31.2005 no virus found 
Kaspersky 4.0.2.24 05.31.2005 not-a-virus:AdWare.Gator.d 
McAfee 4503 05.31.2005 no virus found 
NOD32v2 1.1117 05.31.2005 no virus found 
Norman 5.70.10 05.30.2005 W32/Gator 
Panda 8.02.00 05.31.2005 no virus found 
Sybari 7.5.1314 05.31.2005 W32/Gato 
Symantec 8.0 05.30.2005 no virus found 
VBA32 3.10.3 05.31.2005 Adware.Gator

----------


## Geser

This is a report processed by VirusTotal on 06/03/2005 at 18:27:07 (CET) after scanning the file "SYSHOST.EXE" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 06.03.2005 BDS/Delf.aan 
AVG 718 06.03.2005 no virus found 
Avira 6.30.0.15 06.03.2005 BDS/Delf.aan 
BitDefender 7.0 06.03.2005 no virus found 
ClamAV devel-20050501 06.03.2005 Exploit.DCOM.Gen 
DrWeb 4.32b 06.03.2005 BackDoor.IRC.Drix 
eTrust-Iris 7.1.194.0 06.02.2005 MS03-026_Exploit!Trojan 
eTrust-Vet 11.9.1.0 06.03.2005 no virus found 
Fortinet 2.27.0.0 06.03.2005 W32/Backdoor.I-tr 
Ikarus 2.32 06.03.2005 no virus found 
Kaspersky 4.0.2.24 06.03.2005 Backdoor.Win32.Delf.aan 
McAfee 4506 06.03.2005 Generic BackDoor.i 
NOD32v2 1.1125 06.03.2005 Win32/Tumbi.AN 
Norman 5.70.10 06.03.2005 no virus found 
Panda 8.02.00 06.03.2005 Bck/Anyforce.A 
Sybari 7.5.1314 06.03.2005 Generic BackDoor.i 
Symantec 8.0 06.02.2005 W32.IRCBot 
TheHacker 5.8-2.2 06.03.2005 no virus found 
VBA32 3.10.3 06.03.2005 Backdoor.Win32.Delf.aan

----------


## Geser

Antivirus Result
AntiVir no virus found
AVG no virus found
Avira no virus found
BitDefender Dropped:Exploit.LSASS.C
ClamAV no virus found
DrWeb no virus found
eTrust-Iris no virus found
eTrust-Vet no virus found
Fortinet suspicious
Ikarus Backdoor.Win32.FunFactory.10
Kaspersky Backdoor.Win32.Delf.aae
McAfee New Malware.b
NOD32v2 probably unknown NewHeur_PE virus
Norman no virus found
Panda no virus found
Sybari Backdoor.Win32.Delf.aae
Symantec no virus found
TheHacker no virus found
VBA32 suspected of Backdoor.Delphi.79

----------


## HATTIFNATTOR

This is a report processed by VirusTotal on 06/06/2005 at 22:55:52 (CET) after scanning the file "miniclipGameLoader.dll" file.
Antivirus Version Update Result 
AntiVir 6.30.0.15 06.06.2005 no virus found 
AVG 718 06.06.2005 no virus found 
Avira 6.30.0.15 06.06.2005 no virus found 
BitDefender 7.0 06.06.2005 no virus found 
ClamAV devel-20050501 06.06.2005 no virus found 
DrWeb 4.32b 06.06.2005 no virus found 
eTrust-Iris 7.1.194.0 06.05.2005 no virus found 
eTrust-Vet 11.9.1.0 06.06.2005 no virus found 
Fortinet 2.27.0.0 06.06.2005 Misc/Generic.5025 
Ikarus 2.32 06.06.2005 no virus found 
Kaspersky 4.0.2.24 06.06.2005 no virus found 
McAfee 4507 06.06.2005 potentially unwanted program Generic Downloader 
NOD32v2 1.1131 06.06.2005 no virus found 
Norman 5.70.10 06.06.2005 no virus found 
Panda 8.02.00 06.06.2005 no virus found 
Sybari 7.5.1314 06.06.2005 no virus found 
Symantec 8.0 06.06.2005 no virus found 
TheHacker 5.8-3.0 06.06.2005 no virus found 
VBA32 3.10.3 06.06.2005 suspected of Trojan.StartPage.20

----------


## Geser

AntiVir 6.31.0.7 06.17.2005 no virus found 
AVG 718 06.14.2005 no virus found 
Avira 6.31.0.7 06.17.2005 no virus found 
BitDefender 7.0 06.20.2005 BehavesLike:Trojan.FirewallBypass 
ClamAV devel-20050501 06.19.2005 Trojan.LdPinch-19 
DrWeb 4.32b 06.19.2005 Trojan.PWS.LDPinch.438 
eTrust-Iris 7.1.194.0 06.19.2005 no virus found 
eTrust-Vet 11.9.1.0 06.17.2005 no virus found 
Fortinet 2.35.0.0 06.18.2005 suspicious 
Ikarus 2.32 06.18.2005 no virus found 
Kaspersky 4.0.2.24 06.20.2005 Trojan-PSW.Win32.LdPinch.pq 
McAfee 4516 06.17.2005 no virus found 
NOD32v2 1.1145 06.18.2005 a variant of Win32/PSW.LdPinch 
Norman 5.70.10 06.17.2005 W32/EMailWorm 
Panda 8.02.00 06.19.2005 no virus found 
Sybari 7.5.1314 06.20.2005 W32/EMailWor 
Symantec 8.0 06.19.2005 no virus found 
TheHacker 5.8-3.0 06.20.2005 Posible_Worm32 
VBA32 3.10.3 06.20.2005 suspected of Trojan.LdPinch.3

----------


## Geser

This is a report processed by VirusTotal on 06/23/2005 at 19:43:27 (CET) after scanning the file "cfgmgr52.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 06.23.2005 ADSPY/BookedSpace.E 
Avira 6.31.0.7 06.23.2005 ADSPY/BookedSpace.E 
BitDefender 7.0 06.23.2005 no virus found 
ClamAV devel-20050501 06.22.2005 no virus found 
DrWeb 4.32b 06.23.2005 no virus found 
eTrust-Iris 7.1.194.0 06.23.2005 no virus found 
eTrust-Vet 11.9.1.0 06.23.2005 no virus found 
Fortinet 2.36.0.0 06.23.2005 Adware/BkdSpace 
Ikarus 2.32 06.23.2005 no virus found 
Kaspersky 4.0.2.24 06.23.2005 not-a-virus:AdWare.BookedSpace.e 
McAfee 4520 06.23.2005 potentially unwanted program Adware-BkdSpace 
NOD32v2 1.1151 06.22.2005 Win32/Adware.BkdSpace 
Norman 5.70.10 06.23.2005 no virus found 
Panda 8.02.00 06.23.2005 no virus found 
Sybari 7.5.1314 06.23.2005 no virus found 
Symantec 8.0 06.22.2005 no virus found 
TheHacker 5.8.2.058 06.23.2005 Adware/Bkdspace 
VBA32 3.10.3 06.23.2005 AdWare.BookedSpace.e 

This is a report processed by VirusTotal on 06/23/2005 at 19:48:00 (CET) after scanning the file "Estella_1.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 06.23.2005 DIAL/301233 
Avira 6.31.0.7 06.23.2005 DIAL/301233 
BitDefender 7.0 06.23.2005 Trojan.Dialer.EG 
ClamAV devel-20050501 06.22.2005 Dialer-330 
DrWeb 4.32b 06.23.2005 no virus found 
eTrust-Iris 7.1.194.0 06.23.2005 no virus found 
eTrust-Vet 11.9.1.0 06.23.2005 no virus found 
Fortinet 2.36.0.0 06.23.2005 no virus found 
Ikarus 2.32 06.23.2005 Dialer 
Kaspersky 4.0.2.24 06.23.2005 Trojan.Win32.Dialer.eg 
McAfee 4520 06.23.2005 potentially unwanted program Dialer-Generic 
NOD32v2 1.1151 06.22.2005 Win32/Dialer.EG 
Norman 5.70.10 06.23.2005 no virus found 
Panda 8.02.00 06.23.2005 Dialer.AGS 
Sybari 7.5.1314 06.23.2005 Trojan.Dialer.DZ 
Symantec 8.0 06.22.2005 no virus found 
TheHacker 5.8.2.058 06.23.2005 no virus found 
VBA32 3.10.3 06.23.2005 Trojan.Win32.Dialer.eg 


This is a report processed by VirusTotal on 06/23/2005 at 19:56:27 (CET) after scanning the file "MW1Helper.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 06.23.2005 no virus found 
Avira 6.31.0.7 06.23.2005 no virus found 
BitDefender 7.0 06.23.2005 no virus found 
ClamAV devel-20050501 06.22.2005 no virus found 
DrWeb 4.32b 06.23.2005 no virus found 
eTrust-Iris 7.1.194.0 06.23.2005 no virus found 
eTrust-Vet 11.9.1.0 06.23.2005 no virus found 
Fortinet 2.36.0.0 06.23.2005 no virus found 
Ikarus 2.32 06.23.2005 no virus found 
Kaspersky 4.0.2.24 06.23.2005 not-a-virus:AdWare.Gator.1008 
McAfee 4520 06.23.2005 no virus found 
NOD32v2 1.1151 06.22.2005 no virus found 
Norman 5.70.10 06.23.2005 no virus found 
Panda 8.02.00 06.23.2005 no virus found 
Sybari 7.5.1314 06.23.2005 no virus found 
Symantec 8.0 06.22.2005 no virus found 
TheHacker 5.8.2.058 06.23.2005 no virus found 
VBA32 3.10.3 06.23.2005 Adware.Gator 


This is a report processed by VirusTotal on 06/23/2005 at 19:58:46 (CET) after scanning the file "Starware.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 06.23.2005 no virus found 
Avira 6.31.0.7 06.23.2005 no virus found 
BitDefender 7.0 06.23.2005 no virus found 
ClamAV devel-20050501 06.22.2005 no virus found 
DrWeb 4.32b 06.23.2005 no virus found 
eTrust-Iris 7.1.194.0 06.23.2005 no virus found 
eTrust-Vet 11.9.1.0 06.23.2005 no virus found 
Fortinet 2.36.0.0 06.23.2005 no virus found 
Ikarus 2.32 06.23.2005 no virus found 
Kaspersky 4.0.2.24 06.23.2005 not-a-virus:AdWare.ToolBar.Comet.e 
McAfee 4520 06.23.2005 no virus found 
NOD32v2 1.1151 06.22.2005 no virus found 
Norman 5.70.10 06.23.2005 no virus found 
Panda 8.02.00 06.23.2005 no virus found 
Sybari 7.5.1314 06.23.2005 no virus found 
Symantec 8.0 06.22.2005 no virus found 
TheHacker 5.8.2.058 06.23.2005 no virus found 
VBA32 3.10.3 06.23.2005 no virus found

----------


## Geser

Промежуточные итоги:

AntiVir 3 
Avira 3
BitDefender 4
ClamAV 4
DrWeb 5
eTrust-Iris 1 
eTrust-Vet  
Fortinet 7
Ikarus 4
*Kaspersky 10*
*McAfee 10*
NOD32v2 7
Norman 2 
Panda 4 
Sybari 8
Symantec 1
*VBA32 12*

----------


## Крецл

This is a report processed by VirusTotal on 06/27/2005 at 01:42:41 (CET) after scanning the file "dae.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 06.24.2005 TR/Dldr.Agent.fy 
Avira 6.31.0.7 06.24.2005 TR/Dldr.Agent.fy 
BitDefender 7.0 06.27.2005 Adware.DEA.A 
ClamAV devel-20050501 06.27.2005 no virus found 
DrWeb 4.32b 06.26.2005 no virus found 
eTrust-Iris 7.1.194.0 06.26.2005 no virus found 
eTrust-Vet 11.9.1.0 06.24.2005 no virus found 
Fortinet 2.36.0.0 06.27.2005 Adware/Dae 
Ikarus 2.32 06.26.2005 no virus found 
Kaspersky 4.0.2.24 06.27.2005 not-a-virus:AdWare.AdHelper.a 
McAfee 4521 06.24.2005 potentially unwanted program Adware-Dae 
NOD32v2 1.1155 06.26.2005 no virus found 
Norman 5.70.10 06.23.2005 W32/Adhelper.A 
Panda 8.02.00 06.26.2005 Adware/DAE 
Sybari 7.5.1314 06.27.2005 W32/Adhelper. 
Symantec 8.0 06.26.2005 no virus found 
TheHacker 5.8.2.059 06.25.2005 no virus found 
VBA32 3.10.4 06.26.2005 AdWare.AdHelper.a

----------


## Geser

This is a report processed by VirusTotal on 06/30/2005 at 21:47:01 (CET) after scanning the file "winacpi.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 06.30.2005 TR/Drop.Agen.bd.A.1 
Avira 6.31.0.7 06.30.2005 TR/Drop.Agen.bd.A.1 
BitDefender 7.0 06.30.2005 no virus found 
ClamAV devel-20050501 06.30.2005 no virus found 
DrWeb 4.32b 06.30.2005 Trojan.Proxy.395 
eTrust-Iris 7.1.194.0 06.29.2005 no virus found 
eTrust-Vet 11.9.1.0 06.30.2005 no virus found 
Fortinet 2.36.0.0 06.30.2005 suspicious 
Ikarus 2.32 06.30.2005 no virus found 
Kaspersky 4.0.2.24 06.30.2005 Trojan-Proxy.Win32.Agent.ck 
McAfee 4525 06.30.2005 BackDoor-CLK.dll 
NOD32v2 1.1158 06.29.2005 no virus found 
Norman 5.70.10 06.30.2005 no virus found 
Panda 8.02.00 06.30.2005 no virus found 
Sybari 7.5.1314 06.30.2005 Trojan-Proxy.Win32.Agent.ck 
Symantec 8.0 06.30.2005 Trojan Horse 
TheHacker 5.8.2.063 06.30.2005 no virus found 
VBA32 3.10.4 06.30.2005 Trojan-Proxy.Win32.Agent.ck

----------


## ALEX(XX)

This is a report processed by VirusTotal on 07/01/2005 at 09:32:37 (CET) after scanning the file "pdump.cab" file.

Antivirus	Version	Update	Result
AntiVir	6.31.0.7	06.30.2005	no virus found
Avira	6.31.0.7	06.30.2005	no virus found
BitDefender	7.0	07.01.2005	no virus found
ClamAV	devel-20050501	07.01.2005	Trojan.LdPinch-34
DrWeb	4.32b	07.01.2005	Trojan.MulDrop.2444
eTrust-Iris	7.1.194.0	07.01.2005	no virus found
eTrust-Vet	11.9.1.0	07.01.2005	no virus found
Fortinet	2.36.0.0	07.01.2005	suspicious
Ikarus	2.32	06.30.2005	no virus found
Kaspersky	4.0.2.24	07.01.2005	no virus found
McAfee	4525	06.30.2005	PWS-LDPinch.gen.b
NOD32v2	1.1159	06.30.2005	no virus found
Norman	5.70.10	06.30.2005	no virus found
Panda	8.02.00	06.30.2005	no virus found
Sybari	7.5.1314	07.01.2005	no virus found
Symantec	8.0	06.30.2005	no virus found
TheHacker	5.8.2.063	07.01.2005	no virus found
VBA32	3.10.4	06.30.2005	suspected of Trojan.LdPinch.17

----------


## ALEX(XX)

Кстати, вот что ответили в ЛК на этот файл:"В архиве находится троянец, устанавливающий в систему другого троянца - LdPinch
Детектирование уже было добавлено в наши антивирусные базы и будет доступно в очередном обновлении"

----------


## Geser

This is a report processed by VirusTotal on 07/02/2005 at 11:26:29 (CET) after scanning the file "vbsys2.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 07.01.2005 TR/Click.Agent.AC 
Avira 6.31.0.7 07.01.2005 TR/Click.Agent.AC 
BitDefender 7.0 07.02.2005 no virus found 
ClamAV devel-20050501 07.01.2005 Trojan.Clicker.Agent-19 
DrWeb 4.32b 07.01.2005 Trojan.Click.372 
eTrust-Iris 7.1.194.0 07.02.2005 no virus found 
eTrust-Vet 11.9.1.0 07.01.2005 no virus found 
Fortinet 2.36.0.0 07.02.2005 W32/Agent.V19-tr 
Ikarus 2.32 07.01.2005 no virus found 
Kaspersky 4.0.2.24 07.02.2005 Trojan-Clicker.Win32.Agent.ac 
McAfee 4526 07.01.2005 no virus found 
NOD32v2 1.1160 07.01.2005 no virus found 
Norman 5.70.10 06.30.2005 W32/Agent.EUE 
Panda 8.02.00 07.02.2005 no virus found 
Sybari 7.5.1314 07.02.2005 Trojan-Clicker.Win32.Agent.ac 
Symantec 8.0 07.01.2005 no virus found 
TheHacker 5.8.2.063 07.01.2005 no virus found 
VBA32 3.10.4 07.01.2005 Trojan-Clicker.Win32.Agent.ac 

И того:
AntiVir 6 
Avira 6
BitDefender 5
ClamAV 6
DrWeb 8
eTrust-Iris 1 
eTrust-Vet 
Fortinet 11
Ikarus 4
*Kaspersky 13
McAfee 13*
NOD32v2 7
Norman 4
Panda 5 
Sybari 11
Symantec 2
*VBA32 15*

----------


## Geser

This is a report processed by VirusTotal on 07/04/2005 at 10 :20: 40 (CET) after scanning the file "csrss.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 07.04.2005 TR/PSW.PdPinch.26493 
Avira 6.31.0.7 07.04.2005 TR/PSW.PdPinch.26493 
BitDefender 7.0 07.04.2005 Trojan.Pws.Pdpinch.BJ 
ClamAV devel-20050501 07.03.2005 no virus found 
DrWeb 4.32b 07.04.2005 Trojan.PWS.LDPinch.431 
eTrust-Iris 7.1.194.0 07.03.2005 no virus found 
eTrust-Vet 11.9.1.0 07.04.2005 no virus found 
Fortinet 2.36.0.0 07.02.2005 W32/Ldpinch-pws 
Ikarus 2.32 07.04.2005 Trojan-PSW.Win32.PdPinch.gen 
Kaspersky 4.0.2.24 07.04.2005 Trojan-PSW.Win32.PdPinch.gen 
McAfee 4526 07.01.2005 PWS-LDPinch 
NOD32v2 1.1160 07.01.2005 Win32/PSW.LdPinch 
Norman 5.70.10 06.30.2005 W32/Backdoor 
Panda 8.02.00 07.03.2005 Trj/LdPinch.GT 
Sybari 7.5.1314 07.04.2005 Trojan-PSW.Win32.PdPinch.gen 
Symantec 8.0 07.03.2005 PWSteal.Ldpinch 
TheHacker 5.8.2.065 07.04.2005 no virus found 
VBA32 3.10.4 07.04.2005 Trojan-PSW.Win32.PdPinch.gen

----------


## ALEX(XX)

This is a report processed by VirusTotal on 07/04/2005 at 18:25:28 (CET) after scanning the file "d.x" file.

Antivirus	Version	Update	Result
AntiVir	6.31.0.7	07.04.2005	no virus found
AVG	718	07.04.2005	no virus found
Avira	6.31.0.7	07.04.2005	no virus found
BitDefender	7.0	07.04.2005	no virus found
ClamAV	devel-20050501	07.04.2005	Trojan.Downloader.JS.IstBar.A-2
DrWeb	4.32b	07.04.2005	no virus found
eTrust-Iris	7.1.194.0	07.04.2005	no virus found
eTrust-Vet	11.9.1.0	07.04.2005	no virus found
Fortinet	2.36.0.0	07.02.2005	no virus found
Ikarus	2.32	07.04.2005	no virus found
Kaspersky	4.0.2.24	07.04.2005	no virus found
McAfee	4527	07.04.2005	potentially unwanted program Adware-RBlast
NOD32v2	1.1160	07.01.2005	no virus found
Norman	5.70.10	06.30.2005	JS/Istbar.A
Panda	8.02.00	07.04.2005	Spyware/ISTbar
Sybari	7.5.1314	07.04.2005	Trojan.DL.IstBar.EI
TheHacker	5.8.2.065	07.04.2005	no virus found
VBA32	3.10.4	07.04.2005	no virus found

----------


## Geser

This is a report processed by VirusTotal on 07/07/2005 at 15:36:27 (CET) after scanning the file "svchost.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 07.06.2005 Heuristic/Trojan.Downloader 
AVG 718 07.07.2005 no virus found 
Avira 6.31.0.7 07.07.2005 Heuristic/Trojan.Downloader 
BitDefender 7.0 07.07.2005 BehavesLike:Trojan.Downloader 
ClamAV devel-20050501 07.07.2005 no virus found 
DrWeb 4.32b 07.07.2005 no virus found 
eTrust-Iris 7.1.194.0 07.07.2005 no virus found 
eTrust-Vet 11.9.1.0 07.07.2005 no virus found 
Fortinet 2.36.0.0 07.06.2005 no virus found 
Ikarus 2.32 07.07.2005 no virus found 
Kaspersky 4.0.2.24 07.07.2005 no virus found 
McAfee 4529 07.06.2005 Generic Downloader.h 
NOD32v2 1.1162 07.06.2005 no virus found 
Norman 5.70.10 07.07.2005 W32/Downloader 
Panda 8.02.00 07.07.2005 no virus found 
Sybari 7.5.1314 07.07.2005 W32/Downloade 
Symantec 8.0 07.06.2005 Download.Trojan 
TheHacker 5.8.2.067 07.07.2005 no virus found 
VBA32 3.10.4 07.06.2005 no virus found

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Geser

This is a report processed by VirusTotal on 07/07/2005 at 20:14:31 (CET) after scanning the file "kt8ml7l11.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.0.7 07.06.2005 no virus found 
AVG 718 07.07.2005 no virus found 
Avira 6.31.0.7 07.07.2005 no virus found 
BitDefender 7.0 07.07.2005 no virus found 
ClamAV devel-20050501 07.07.2005 no virus found 
DrWeb 4.32b 07.07.2005 no virus found 
eTrust-Iris 7.1.194.0 07.07.2005 Win32/Candebe!Trojan 
eTrust-Vet 11.9.1.0 07.07.2005 no virus found 
Fortinet 2.36.0.0 07.06.2005 suspicious 
Ikarus 2.32 07.07.2005 AdWare.Look2Me.AB 
Kaspersky 4.0.2.24 07.07.2005 not-a-virus:AdWare.Look2Me.ab 
McAfee 4530 07.07.2005 potentially unwanted program Adware-Look2Me 
NOD32v2 1.1162 07.06.2005 no virus found 
Norman 5.70.10 07.07.2005 no virus found 
Panda 8.02.00 07.07.2005 Adware/Look2Me 
Sybari 7.5.1314 07.07.2005 Win32/Candebe!Trojan 
Symantec 8.0 07.07.2005 no virus found 
TheHacker 5.8.2.067 07.07.2005 no virus found 
VBA32 3.10.4 07.07.2005 no virus found

----------


## Geser

This is a report processed by VirusTotal on 07/17/2005 at 21:42:02 (CET) after scanning the file "usbn.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.9 07.16.2005 Heuristic/Trojan.Downloader 
AVG 718 07.16.2005 no virus found 
Avira 6.31.0.9 07.16.2005 Heuristic/Trojan.Downloader 
BitDefender 7.0 07.17.2005 no virus found 
CAT-QuickHeal 7.03 07.17.2005 (Suspicious) - DNAScan 
ClamAV devel-20050501 07.17.2005 no virus found 
DrWeb 4.32b 07.17.2005 Trojan.DownLoader.2163 
eTrust-Iris 7.1.194.0 07.17.2005 no virus found 
eTrust-Vet 11.9.1.0 07.15.2005 no virus found 
Fortinet 2.36.0.0 07.17.2005 suspicious 
F-Prot 3.16c 07.15.2005 no virus found 
Ikarus 2.32 07.15.2005 no virus found 
Kaspersky 4.0.2.24 07.17.2005 no virus found 
McAfee 4536 07.15.2005 potentially unwanted program Dialer-RAS 
NOD32v2 1.1170 07.15.2005 a variant of Win32/Dialer.EB 
Norman 5.70.10 07.14.2005 no virus found 
Panda 8.02.00 07.17.2005 no virus found 
Sybari 7.5.1314 07.17.2005 no virus found 
Symantec 8.0 07.17.2005 no virus found 
TheHacker 5.8.2.071 07.16.2005 no virus found 
VBA32 3.10.4 07.17.2005 suspected of Trojan.Downloader.Agent.7 

This is a report processed by VirusTotal on 07/17/2005 at 21:45:24 (CET) after scanning the file "MediaGateway.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.9 07.16.2005 ADSPY/Wupd.2 
AVG 718 07.16.2005 no virus found 
Avira 6.31.0.9 07.16.2005 ADSPY/Wupd.2 
BitDefender 7.0 07.17.2005 no virus found 
CAT-QuickHeal 7.03 07.17.2005 no virus found 
ClamAV devel-20050501 07.17.2005 no virus found 
DrWeb 4.32b 07.17.2005 no virus found 
eTrust-Iris 7.1.194.0 07.17.2005 no virus found 
eTrust-Vet 11.9.1.0 07.15.2005 no virus found 
Fortinet 2.36.0.0 07.17.2005 Adware/Websearch.A 
F-Prot 3.16c 07.15.2005 no virus found 
Ikarus 2.32 07.15.2005 no virus found 
Kaspersky 4.0.2.24 07.17.2005 not-a-virus:AdWare.WinAD.be 
McAfee 4536 07.15.2005 potentially unwanted program Adware-Websearch 
NOD32v2 1.1170 07.15.2005 Win32/Adware.WUpd 
Norman 5.70.10 07.14.2005 no virus found 
Panda 8.02.00 07.17.2005 Adware/WUpd 
Sybari 7.5.1314 07.17.2005 no virus found 
Symantec 8.0 07.17.2005 no virus found 
TheHacker 5.8.2.071 07.16.2005 no virus found 
VBA32 3.10.4 07.17.2005 AdWare.WinAD.be

----------


## Geser

This is a report processed by VirusTotal on 07/17/2005 at 22:13:32 (CET) after scanning the file "bot.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.0.9 07.16.2005 no virus found 
AVG 718 07.16.2005 no virus found 
Avira 6.31.0.9 07.16.2005 no virus found 
BitDefender 7.0 07.17.2005 no virus found 
CAT-QuickHeal 7.03 07.17.2005 (Suspicious) - DNAScan 
ClamAV devel-20050501 07.17.2005 no virus found 
DrWeb 4.32b 07.17.2005 Trojan.DownLoader.3423 
eTrust-Iris 7.1.194.0 07.17.2005 no virus found 
eTrust-Vet 11.9.1.0 07.15.2005 no virus found 
Fortinet 2.36.0.0 07.17.2005 W32/Agent.AZV-dldr 
F-Prot 3.16c 07.15.2005 no virus found 
Ikarus 2.32 07.15.2005 suspicious program sequence found 
Kaspersky 4.0.2.24 07.17.2005 Trojan-Downloader.Win32.Agent.rc 
McAfee 4536 07.15.2005 BackDoor-AZV 
NOD32v2 1.1170 07.15.2005 probably unknown NewHeur_PE virus 
Norman 5.70.10 07.14.2005 no virus found 
Panda 8.02.00 07.17.2005 Bck/Agent.ACC 
Sybari 7.5.1314 07.17.2005 BackDoor-AZV 
Symantec 8.0 07.17.2005 no virus found 
TheHacker 5.8.2.071 07.16.2005 W32/SdBot(2).worm.gen 
VBA32 3.10.4 07.17.2005 Trojan-Downloader.Win32.Agent.rc

----------


## Geser

This is a report processed by VirusTotal on 07/21/2005 at 22:15:06 (CET) after scanning the file "ex.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 07.21.2005 TR/Dldr.Apher.F.1 
AVG 718 07.19.2005 no virus found 
Avira 6.31.1.0 07.21.2005 TR/Dldr.Apher.F.1 
BitDefender 7.0 07.21.2005 Trojan.Downloader.Small.FR 
CAT-QuickHeal 7.03 07.21.2005 TrojanDownloader.Apher.gen 
ClamAV devel-20050712 07.21.2005 no virus found 
DrWeb 4.32b 07.21.2005 Trojan.Aphex 
eTrust-Iris 7.1.194.0 07.21.2005 Win32/SillyDL.Afris!Trojan 
eTrust-Vet 11.9.1.0 07.21.2005 Win32.SillyDl.RU 
Fortinet 2.36.0.0 07.21.2005 W32/Dloader.AE-tr 
F-Prot 3.16c 07.21.2005 security risk or a "backdoor" program 
Ikarus 2.32 07.21.2005 Trojan-Downloader.Win32.Apher.gen 
Kaspersky 4.0.2.24 07.21.2005 Trojan-Downloader.Win32.Apher.gen 
McAfee 4540 07.21.2005 Downloader-AE 
NOD32v2 1.1175 07.21.2005 Win32/TrojanDownloader.Apher.gen 
Norman 5.70.10 07.21.2005 W32/Downloader 
Panda 8.02.00 07.21.2005 Trj/Downloader.BYH 
Sybari 7.5.1314 07.21.2005 Trojan-Downloader.Win32.Apher.gen 
Symantec 8.0 07.21.2005 no virus found 
TheHacker 5.8.2.074 07.20.2005 no virus found 
VBA32 3.10.4 07.21.2005 Trojan-Downloader.Win32.Apher.gen 

И того:
AntiVir 11
Avira 11
BitDefender 8
ClamAV 7
DrWeb 12
Fortinet 17
Ikarus 8
*Kaspersky 19*
*McAfee 21*
NOD32v2 12
Norman 8
Panda 11
Sybari 17
Symantec 4
*VBA32 20*

----------


## Grey

his is a report processed by VirusTotal on 07/22/2005 at 10:21:52 (CET) after scanning the file "f3PSSavr.scr" file.

Antivirus	Version	Update	Result	
AntiVir	6.31.1.0	07.22.2005	ADSPY/MyWebSear.5.H	
AVG	718	07.19.2005	no virus found	
Avira	6.31.1.0	07.22.2005	ADSPY/MyWebSear.5.H	
BitDefender	7.0	07.21.2005	Application.Adware.Funweb.A	
CAT-QuickHeal	7.03	07.21.2005	AdWare.ToolBar.MyWebSearch (Not a Virus)	
ClamAV	devel-20050712	07.21.2005	no virus found	
DrWeb	4.32b	07.22.2005	no virus found	
eTrust-Iris	7.1.194.0	07.22.2005	no virus found	
eTrust-Vet	11.9.1.0	07.22.2005	no virus found	
Fortinet	2.36.0.0	07.22.2005	no virus found	
F-Prot	3.16c	07.21.2005	no virus found	
Ikarus	2.32	07.21.2005	no virus found	
Kaspersky	4.0.2.24	07.22.2005	not-a-virus:AdWare.ToolBar.MyWebSearch	
McAfee	4540	07.21.2005	no virus found	
NOD32v2	1.1175	07.21.2005	no virus found	
Norman	5.70.10	07.21.2005	W32/MyWebSearch	
Panda	8.02.00	07.21.2005	Adware/FunWeb	
Sybari	7.5.1314	07.22.2005	W32/MyWebSearc	
Symantec	8.0	07.21.2005	no virus found	
TheHacker	5.8.2.074	07.21.2005	Adware/ToolBar.MyWebSearch	
VBA32	3.10.4	07.21.2005	AdWare.ToolBar.MyWebSearch

----------


## Geser

This is a report processed by VirusTotal on 07/28/2005 at 19:36:32 (CET) after scanning the file "BTGrab.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 07.28.2005 ADSPY/BiSpy.V 
AVG 718 07.28.2005 no virus found 
Avira 6.31.1.0 07.28.2005 ADSPY/BiSpy.V 
BitDefender 7.0 07.28.2005 Trojan.Bettinet.172032.A 
CAT-QuickHeal 7.03 07.28.2005 no virus found 
ClamAV devel-20050725 07.27.2005 no virus found 
DrWeb 4.32b 07.28.2005 no virus found 
eTrust-Iris 7.1.194.0 07.27.2005 Win32/Bettinet.172032.A!Trojan 
eTrust-Vet 11.9.1.0 07.28.2005 Win32.BettInet 
Fortinet 2.36.0.0 07.28.2005 Adware/BiSpy.V 
F-Prot 3.16c 07.27.2005 no virus found 
Ikarus 0.2.59.0 07.28.2005 AdWare.DlMax.A 
Kaspersky 4.0.2.24 07.28.2005 not-a-virus:AdWare.BiSpy.v 
McAfee 4545 07.28.2005 potentially unwanted program Adware-Searchcentrix 
NOD32v2 1.1180 07.28.2005 no virus found 
Norman 5.70.10 07.28.2005 W32/BiSpy.V 
Panda 8.02.00 07.28.2005 Adware/BTGrab 
Sophos 3.96.0 07.28.2005 no virus found 
Sybari 7.5.1314 07.28.2005 W32/BiSpy. 
Symantec 8.0 07.27.2005 no virus found 
TheHacker 5.8.2.077 07.27.2005 Adware/BiSpy.v 
VBA32 3.10.4 07.27.2005 AdWare.BiSpy.v

----------


## Geser

This is a report processed by VirusTotal on 07/30/2005 at 19:41:38 (CET) after scanning the file "avz00001.dta" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 07.29.2005 TR/Click.Agent.AC 
AVG 718 07.28.2005 no virus found 
Avira 6.31.1.0 07.29.2005 TR/Click.Agent.AC 
BitDefender 7.0 07.29.2005 no virus found 
CAT-QuickHeal 7.03 07.30.2005 no virus found 
ClamAV devel-20050725 07.29.2005 Trojan.Clicker.Agent-19 
DrWeb 4.32b 07.29.2005 Trojan.Click.372 
eTrust-Iris 7.1.194.0 07.30.2005 no virus found 
eTrust-Vet 11.9.1.0 07.29.2005 no virus found 
Fortinet 2.36.0.0 07.30.2005 no virus found 
F-Prot 3.16c 07.29.2005 no virus found 
Ikarus 0.2.59.0 07.29.2005 no virus found 
Kaspersky 4.0.2.24 07.30.2005 no virus found 
McAfee 4546 07.29.2005 no virus found 
NOD32v2 1.1183 07.29.2005 no virus found 
Norman 5.70.10 07.28.2005 no virus found 
Panda 8.02.00 07.29.2005 no virus found 
Sophos 3.96.0 07.30.2005 no virus found 
Sybari 7.5.1314 07.30.2005 no virus found 
Symantec 8.0 07.29.2005 no virus found 
TheHacker 5.8.2.077 07.29.2005 no virus found 
VBA32 3.10.4 07.29.2005 suspected of Trojan.Downloader.Agent.7

----------


## Geser

This is a report processed by VirusTotal on 07/30/2005 at 20:28:35 (CET) after scanning the file "usbn.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 07.29.2005 Heuristic/Trojan.Downloader 
AVG 718 07.28.2005 no virus found 
Avira 6.31.1.0 07.29.2005 Heuristic/Trojan.Downloader 
BitDefender 7.0 07.29.2005 no virus found 
CAT-QuickHeal 7.03 07.30.2005 (Suspicious) - DNAScan 
ClamAV devel-20050725 07.29.2005 no virus found 
DrWeb 4.32b 07.29.2005 Trojan.DownLoader.2163 
eTrust-Iris 7.1.194.0 07.30.2005 no virus found 
eTrust-Vet 11.9.1.0 07.29.2005 no virus found 
Fortinet 2.36.0.0 07.30.2005 suspicious 
F-Prot 3.16c 07.29.2005 no virus found 
Ikarus 0.2.59.0 07.29.2005 no virus found 
Kaspersky 4.0.2.24 07.30.2005 no virus found 
McAfee 4546 07.29.2005 potentially unwanted program Dialer-RAS 
NOD32v2 1.1183 07.29.2005 a variant of Win32/Dialer.EB 
Norman 5.70.10 07.28.2005 no virus found 
Panda 8.02.00 07.29.2005 no virus found 
Sophos 3.96.0 07.30.2005 no virus found 
Sybari 7.5.1314 07.30.2005 no virus found 
Symantec 8.0 07.29.2005 no virus found 
TheHacker 5.8.2.077 07.29.2005 no virus found 
VBA32 3.10.4 07.29.2005 suspected of Trojan.Downloader.Agent.7

----------


## Geser

This is a report processed by VirusTotal on 07/31/2005 at 07:55:36 (CET) after scanning the file "avz00001.dta" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 07.29.2005 ADSPY/WebEx.A.1 
AVG 718 07.28.2005 no virus found 
Avira 6.31.1.0 07.29.2005 ADSPY/WebEx.A.1 
BitDefender 7.0 07.29.2005 no virus found 
CAT-QuickHeal 7.03 07.30.2005 AdvWare.WebEx (Not a Virus) 
ClamAV devel-20050725 07.31.2005 no virus found 
DrWeb 4.32b 07.30.2005 no virus found 
eTrust-Iris 7.1.194.0 07.30.2005 no virus found 
eTrust-Vet 11.9.1.0 07.29.2005 no virus found 
Fortinet 2.36.0.0 07.30.2005 no virus found 
F-Prot 3.16c 07.29.2005 no virus found 
Ikarus 0.2.59.0 07.29.2005 AdWare.WebEx 
Kaspersky 4.0.2.24 07.31.2005 not-a-virus:AdWare.WebEx 
McAfee 4546 07.29.2005 no virus found 
NOD32v2 1.1183 07.29.2005 Win32/Adware.WebEx 
Norman 5.70.10 07.28.2005 W32/WebEx.A 
Panda 8.02.00 07.29.2005 no virus found 
Sophos 3.96.0 07.30.2005 no virus found 
Sybari 7.5.1314 07.31.2005 W32/WebEx. 
Symantec 8.0 07.31.2005 no virus found 
TheHacker 5.8.2.078 07.31.2005 Adware/WebEx 
VBA32 3.10.4 07.29.2005 AdWare.WebEx

----------


## DenZ

This is a report processed by VirusTotal on 08/03/2005 at 09:09:10 (CET) after scanning the file "avz00003.dta" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 08.02.2005 no virus found 
Avast 4.6.695.0 08.02.2005 no virus found 
AVG 718 08.02.2005 no virus found 
Avira 6.31.1.0 08.02.2005 no virus found 
BitDefender 7.0 07.29.2005 no virus found 
CAT-QuickHeal 7.03 08.02.2005 (Suspicious) - DNAScan 
ClamAV devel-20050725 08.02.2005 no virus found 
DrWeb 4.32b 08.03.2005 Trojan.PWS.LDPinch.462 
eTrust-Iris 7.1.194.0 08.03.2005 no virus found 
eTrust-Vet 11.9.1.0 08.02.2005 no virus found 
Fortinet 2.36.0.0 08.03.2005 no virus found 
F-Prot 3.16c 08.01.2005 no virus found 
Ikarus 0.2.59.0 08.02.2005 no virus found 
Kaspersky 4.0.2.24 08.03.2005 Trojan-PSW.Win32.LdPinch.sc 
McAfee 4548 08.02.2005 no virus found 
NOD32v2 1.1185 08.01.2005 no virus found 
Norman 5.70.10 08.01.2005 no virus found 
Panda 8.02.00 08.01.2005 no virus found 
Sophos 3.96.0 08.02.2005 no virus found 
Sybari 7.5.1314 08.03.2005 Trojan-PSW.Win32.LdPinch.sc 
Symantec 8.0 08.02.2005 no virus found 
TheHacker 5.8.2.080 08.03.2005 no virus found 
VBA32 3.10.4 08.02.2005 no virus found 

Еще позавчера этот троян "знали" только DrWeb и CAT-QuickHeal. 
Kaspersky и Sybari узнали его только сегодня...

----------


## Geser

This is a report processed by VirusTotal on 08/04/2005 at 20:02:10 (CET) after scanning the file "submithook.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 08.04.2005 no virus found 
Avast 4.6.695.0 08.04.2005 no virus found 
AVG 718 08.04.2005 no virus found 
Avira 6.31.1.0 08.04.2005 no virus found 
BitDefender 7.0 08.04.2005 no virus found 
CAT-QuickHeal 7.03 08.04.2005 no virus found 
ClamAV devel-20050725 08.04.2005 no virus found 
DrWeb 4.32b 08.04.2005 no virus found 
eTrust-Iris 7.1.194.0 08.04.2005 no virus found 
eTrust-Vet 11.9.1.0 08.04.2005 no virus found 
Fortinet 2.36.0.0 08.04.2005 Adware/FreeComm 
F-Prot 3.16c 08.04.2005 no virus found 
Ikarus 0.2.59.0 08.04.2005 no virus found 
Kaspersky 4.0.2.24 08.04.2005 not-a-virus:AdWare.ToolBar.FreeComm.b 
McAfee 4550 08.04.2005 potentially unwanted program Adware-FreeComm 
NOD32v2 1.1186 08.04.2005 no virus found 
Norman 5.70.10 08.01.2005 W32/FreeComm.B 
Panda 8.02.00 08.04.2005 no virus found 
Sophos 3.96.0 08.04.2005 no virus found 
Sybari 7.5.1314 08.04.2005 W32/FreeComm. 
Symantec 8.0 08.04.2005 no virus found 
TheHacker 5.8.2.080 08.03.2005 Adware/ToolBar.FreeComm.b 
VBA32 3.10.4 08.04.2005 AdWare.ToolBar.FreeComm.b

----------


## Geser

This is a report processed by VirusTotal on 08/05/2005 at 09:05:07 (CET) after scanning the file "ssmc.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 08.04.2005 no virus found 
Avast 4.6.695.0 08.04.2005 no virus found 
AVG 718 08.04.2005 no virus found 
Avira 6.31.1.0 08.04.2005 no virus found 
BitDefender 7.0 08.05.2005 no virus found 
CAT-QuickHeal 7.03 08.05.2005 no virus found 
ClamAV devel-20050725 08.04.2005 no virus found 
DrWeb 4.32b 08.05.2005 Trojan.PWS.LDPinch.419 
eTrust-Iris 7.1.194.0 08.04.2005 no virus found 
eTrust-Vet 11.9.1.0 08.05.2005 Win32.Pinteep 
Fortinet 2.36.0.0 08.05.2005 no virus found 
F-Prot 3.16c 08.04.2005 no virus found 
Ikarus 0.2.59.0 08.04.2005 no virus found 
Kaspersky 4.0.2.24 08.05.2005 no virus found 
McAfee 4550 08.04.2005 no virus found 
NOD32v2 1.1186 08.04.2005 no virus found 
Norman 5.70.10 08.01.2005 no virus found 
Panda 8.02.00 08.04.2005 no virus found 
Sophos 3.96.0 08.04.2005 no virus found 
Sybari 7.5.1314 08.05.2005 Win32.Pinteep 
Symantec 8.0 08.04.2005 no virus found 
TheHacker 5.8.2.081 08.05.2005 no virus found 
VBA32 3.10.4 08.04.2005 no virus found

----------


## Geser

This is a report processed by VirusTotal on 08/08/2005 at 19:21:47 (CET) after scanning the file "vbsys2.dll" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 08.08.2005 TR/Click.Agent.AC 
Avast 4.6.695.0 08.08.2005 Win32 :Stick Out Tongue: ornAd 
AVG 718 08.07.2005 Clicker.FK 
Avira 6.31.1.0 08.08.2005 TR/Click.Agent.AC 
BitDefender 7.0 08.08.2005 Trojan.Clicker.Agent.AC 
CAT-QuickHeal 7.03 08.08.2005 no virus found 
ClamAV devel-20050725 08.08.2005 Trojan.Clicker.Agent-19 
DrWeb 4.32b 08.08.2005 Trojan.Click.372 
eTrust-Iris 7.1.194.0 08.06.2005 no virus found 
eTrust-Vet 11.9.1.0 08.08.2005 no virus found 
Fortinet 2.36.0.0 08.08.2005 Adware/Agent 
F-Prot 3.16c 08.08.2005 no virus found 
Ikarus 0.2.59.0 08.08.2005 Trojan-Clicker.Win32.Agent.AC 
Kaspersky 4.0.2.24 08.08.2005 Trojan-Clicker.Win32.Agent.ac 
McAfee 4551 08.05.2005 no virus found 
NOD32v2 1.1187 08.05.2005 no virus found 
Norman 5.70.10 08.05.2005 W32/Agent.EUD 
Panda 8.02.00 08.08.2005 no virus found 
Sophos 3.96.0 08.08.2005 no virus found 
Sybari 7.5.1314 08.08.2005 Trojan-Clicker.Win32.Agent.ac 
Symantec 8.0 08.08.2005 Trojan Horse 
TheHacker 5.8.2.082 08.08.2005 no virus found 
VBA32 3.10.4 08.08.2005 TR.Click.Agent.AC

----------


## Geser

This is a report processed by VirusTotal on 08/12/2005 at 16:08:22 (CET) after scanning the file "173.chm" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 08.12.2005 no virus found 
Avast 4.6.695.0 08.12.2005 Win32:Trojano-560 
AVG 718 08.12.2005 no virus found 
Avira 6.31.1.0 08.12.2005 no virus found 
BitDefender 7.0 08.12.2005 Trojan.Downloader.Small.PS 
CAT-QuickHeal 7.03 08.12.2005 (Suspicious) - DNAScan 
ClamAV devel-20050725 08.12.2005 Trojan.Downloader.Small-103 
DrWeb 4.32b 08.12.2005 Trojan.MulDrop.1566 
eTrust-Iris 7.1.194.0 08.11.2005 HTML/CodeBase!Exploit!Trojan 
eTrust-Vet 11.9.1.0 08.12.2005 no virus found 
Fortinet 2.36.0.0 08.12.2005 no virus found 
F-Prot 3.16c 08.12.2005 no virus found 
Ikarus 0.2.59.0 08.12.2005 no virus found 
Kaspersky 4.0.2.24 08.12.2005 Trojan-Downloader.Win32.Small.vq 
McAfee 4556 08.11.2005 no virus found 
NOD32v2 1.1192 08.11.2005 Win32/TrojanDownloader.Small.VQ 
Norman 5.70.10 08.12.2005 no virus found 
Panda 8.02.00 08.12.2005 no virus found 
Sophos 3.96.0 08.12.2005 Troj/Small-VQ 
Sybari 7.5.1314 08.12.2005 Trojan-Downloader.Win32.Small.vq 
Symantec 8.0 08.12.2005 no virus found 
TheHacker 5.8.2.086 08.12.2005 no virus found 
VBA32 3.10.4 08.12.2005 TrojanDownloader.Win32.Small.vq

----------


## Shu_b

Jotti's malware scan - BHOImpl.dll

AntiVir Found nothing
ArcaVir Found Adware.Adwin.E 
Avast Found nothing
AVG Antivirus Found nothing
BitDefender 	Found nothing
ClamAV Found nothing
Dr.Web Found not a virus Adware.TDS 
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found not-a-virus:AdWare.AdWin.e 
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

На VirusTotal - только Kaspersky

----------


## ALEX(XX)

This is a report processed by VirusTotal on 08/16/2005 at 08:06:47 (CET) after scanning the file "___1052" file.

Antivirus	Version	Update	Result
AntiVir	6.31.1.0	08.15.2005	no virus found
Avast	4.6.695.0	08.15.2005	no virus found
AVG	718	08.15.2005	no virus found
Avira	6.31.1.0	08.15.2005	no virus found
BitDefender	7.0	08.16.2005	BehavesLike:Trojan.FirewallBypass
CAT-QuickHeal	7.03	08.16.2005	(Suspicious) - DNAScan
ClamAV	devel-20050725	08.15.2005	no virus found
DrWeb	4.32b	08.15.2005	no virus found
eTrust-Iris	7.1.194.0	08.16.2005	no virus found
eTrust-Vet	11.9.1.0	08.15.2005	no virus found
Fortinet	2.36.0.0	08.16.2005	suspicious
F-Prot	3.16c	08.16.2005	no virus found
Ikarus	0.2.59.0	08.12.2005	no virus found
Kaspersky	4.0.2.24	08.16.2005	no virus found
McAfee	4558	08.15.2005	New Malware.n
NOD32v2	1.1194	08.15.2005	a variant of Win32/PSW.LdPinch
Norman	5.70.10	08.15.2005	no virus found
Panda	8.02.00	08.15.2005	no virus found
Sophos	3.96.0	08.16.2005	Troj/LdPnch-Fam
Sybari	7.5.1314	08.16.2005	Troj/LdPnch-Fam
Symantec	8.0	08.15.2005	no virus found
TheHacker	5.8.2.088	08.16.2005	no virus found
VBA32	3.10.4	08.15.2005	suspected of Trojan-Dropper.Win32.Mixus.1

----------


## ALEX(XX)

This is a report processed by VirusTotal on 08/17/2005 at 09:56:58 (CET) after scanning the file "xz.exe" file.

Antivirus	Version	Update	Result
AntiVir	6.31.1.0	08.17.2005	no virus found
Avast	4.6.695.0	08.17.2005	no virus found
AVG	718	08.15.2005	no virus found
Avira	6.31.1.0	08.17.2005	no virus found
BitDefender	7.0	08.17.2005	no virus found
CAT-QuickHeal	7.03	08.17.2005	no virus found
ClamAV	devel-20050725	08.17.2005	Trojan.Spybot-123
DrWeb	4.32b	08.17.2005	no virus found
eTrust-Iris	7.1.194.0	08.17.2005	no virus found
eTrust-Vet	11.9.1.0	08.17.2005	no virus found
Fortinet	2.41.0.0	08.17.2005	W32/RBot.H-bdr
F-Prot	3.16c	08.17.2005	no virus found
Ikarus	0.2.59.0	08.16.2005	no virus found
Kaspersky	4.0.2.24	08.17.2005	Backdoor.Win32.Rbot.ye
McAfee	4560	08.17.2005	W32/Sdbot.worm.gen.h
Norman	5.70.10	08.16.2005	no virus found
Panda	8.02.00	08.17.2005	no virus found
Sophos	3.96.0	08.17.2005	no virus found
Sybari	7.5.1314	08.17.2005	Backdoor.Win32.Rbot.ye
Symantec	8.0	08.17.2005	no virus found
TheHacker	5.8.2.090	08.17.2005	no virus found
VBA32	3.10.4	08.16.2005	Backdoor.Win32.Rbot.ye

Кстати, исчез NOD32!

----------


## Гость

This is a report processed by VirusTotal on 08/20/2005 at 22:32:26 (CET) after scanning the file "crack.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.31.1.0	08.19.2005	ADSPY/WinAD.AW.1	
Avast	4.6.695.0	08.20.2005	Win32:Trojano-1918	
AVG	718	08.19.2005	no virus found	
Avira	6.31.1.0	08.19.2005	ADSPY/WinAD.AW.1	
BitDefender	7.0	08.20.2005	Dropped:Trojan.Winad.71680.DLL	
CAT-QuickHeal	7.03	08.20.2005	AdWare.WinAD.aw (Not a Virus)	
ClamAV	devel-20050725	08.18.2005	no virus found	
DrWeb	4.32b	08.20.2005	no virus found	
eTrust-Iris	7.1.194.0	08.20.2005	no virus found	
eTrust-Vet	11.9.1.0	08.19.2005	Win32.WinAd.AE	
Fortinet	2.41.0.0	08.20.2005	Adware/WinAd	
F-Prot	3.16c	08.20.2005	no virus found	
Ikarus	0.2.59.0	08.19.2005	AdWare.WinAD.AT	
Kaspersky	4.0.2.24	08.20.2005	not-a-virus:AdWare.WinAD.aw	
McAfee	4563	08.19.2005	potentially unwanted program Adware-WinAd	
NOD32v2	1.1198	08.19.2005	Win32/Adware.WUpd	
Norman	5.70.10	08.18.2005	no virus found	
Panda	8.02.00	08.20.2005	Adware/WinAD	
Sophos	3.96.0	08.20.2005	no virus found	
Sybari	7.5.1314	08.20.2005	Win32.WinAd.AE	
Symantec	8.0	08.20.2005	no virus found	
TheHacker	5.8.2.091	08.20.2005	Adware/WinAD.aw	
VBA32	3.10.4	08.19.2005	AdWare.WinAD.aw

----------


## Shu_b

This is a report processed by VirusTotal on 08/23/2005 at 15:13:01 (CET) after scanning the file "virus.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.31.1.0	08.23.2005	TR/Drop.Agent.KD.3	
Avast	4.6.695.0	08.23.2005	no virus found	
AVG	718	08.22.2005	no virus found	
Avira	6.31.1.0	08.23.2005	TR/Drop.Agent.KD.3	
BitDefender	7.0	08.23.2005	Trojan.Dropper.Agent.KD	
CAT-QuickHeal	8.00	08.22.2005	(Suspicious) - DNAScan	
ClamAV	devel-20050725	08.22.2005	no virus found	
DrWeb	4.32b	08.23.2005	no virus found	
eTrust-Iris	7.1.194.0	08.23.2005	no virus found	
eTrust-Vet	11.9.1.0	08.23.2005	no virus found	
Fortinet	2.41.0.0	08.23.2005	W32/Agent.KD-dr	
F-Prot	3.16c	08.22.2005	no virus found	
Ikarus	0.2.59.0	08.23.2005	no virus found	
Kaspersky	4.0.2.24	08.23.2005	no virus found	
McAfee	4564	08.22.2005	New Malware.h	
NOD32v2	1.1199	08.22.2005	Win32/TrojanDropper.Agent.KD	
Norman	5.70.10	08.23.2005	no virus found	
Panda	8.02.00	08.22.2005	Adware/EliteBar	
Sophos	3.96.0	08.23.2005	Troj/Multidr-DN	
Sybari	7.5.1314	08.23.2005	Trojan-Dropper.Win32.Agent.kd	
Symantec	8.0	08.23.2005	no virus found	
TheHacker	5.8.2.092	08.22.2005	no virus found	
VBA32	3.10.4	08.22.2005	Trojan-Dropper.Win32.Agent.kd

----------


## HATTIFNATTOR

This is a report processed by VirusTotal on 08/29/2005 at 19:43:24 (CET) after scanning the file "updatecfg.exe" file.

Antivirus Version Update Result 
AntiVir 6.31.1.0 08.29.2005 Worm/Rbot.103459 
Avast 4.6.695.0 08.29.2005 no virus found 
AVG 718 08.29.2005 IRC/BackDoor.SdBot.HIY 
Avira 6.31.1.0 08.29.2005 Worm/Rbot.103459 
BitDefender 7.0 08.29.2005 GenPack:Backdoor.RBot.7CF6C04B 
CAT-QuickHeal 8.00 08.28.2005 (Suspicious) - DNAScan 
ClamAV devel-20050725 08.29.2005 Worm.Mytob.GH 
DrWeb 4.32b 08.29.2005 no virus found 
eTrust-Iris 7.1.194.0 08.28.2005 no virus found 
eTrust-Vet 11.9.1.0 08.29.2005 no virus found 
Fortinet 2.41.0.0 08.27.2005 W32/RBot-bdr 
F-Prot 3.16c 08.29.2005 no virus found 
Ikarus 0.2.59.0 08.29.2005 Backdoor.Win32.Rbot.Gen 
Kaspersky 4.0.2.24 08.29.2005 Backdoor.Win32.Rbot.gen 
McAfee 4569 08.29.2005 no virus found 
NOD32v2 1.1204 08.29.2005 a variant of Win32/Rbot 
Norman 5.70.10 08.29.2005 W32/Suspicious_M.gen 
Panda 8.02.00 08.29.2005 no virus found 
Sophos 3.97.0 08.29.2005 no virus found 
Symantec 8.0 08.28.2005 W32.Spybot.Worm 
TheHacker 5.8.2.096 08.28.2005 no virus found 
VBA32 3.10.4 08.29.2005 Backdoor.Win32.Rbot.gen

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## HATTIFNATTOR

This is a report processed by VirusTotal on 08/29/2005 at 19:50:59 (CET) after scanning the file "Syg4t3Gtr.exe" file.

Antivirus Version Update Result 
AntiVir 6.31.1.0 08.29.2005 no virus found 
Avast 4.6.695.0 08.29.2005 no virus found 
AVG 718 08.29.2005 no virus found 
Avira 6.31.1.0 08.29.2005 no virus found 
BitDefender 7.0 08.29.2005 Backdoor.RBot.55ECC44A 
CAT-QuickHeal 8.00 08.28.2005 (Suspicious) - DNAScan 
ClamAV devel-20050725 08.29.2005 no virus found 
DrWeb 4.32b 08.29.2005 Win32.HLLW.MyBot.based 
eTrust-Iris 7.1.194.0 08.28.2005 Win32/SDBot!Backdoor!Server.Vari 
eTrust-Vet 11.9.1.0 08.29.2005 no virus found 
Fortinet 2.41.0.0 08.27.2005 W32/NewThreat!Morphine 
F-Prot 3.16c 08.29.2005 no virus found 
Ikarus 0.2.59.0 08.29.2005 no virus found 
Kaspersky 4.0.2.24 08.29.2005 Backdoor.Win32.Rbot.gen 
McAfee 4569 08.29.2005 New Malware.h 
NOD32v2 1.1204 08.29.2005 a variant of Win32/Rbot 
Norman 5.70.10 08.29.2005 W32/Backdoor 
Panda 8.02.00 08.29.2005 W32/Gaobot.gen.worm 
Sophos 3.97.0 08.29.2005 W32/Rbot-Fam 
Symantec 8.0 08.28.2005 no virus found 
TheHacker 5.8.2.096 08.28.2005 no virus found 
VBA32 3.10.4 08.29.2005 suspected of Worm.Mytob.9

----------


## Geser

This is a report processed by VirusTotal on 09/03/2005 at 22:21:02 (CET) after scanning the file "xpjava.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 09.02.2005 no virus found 
Avast 4.6.695.0 09.02.2005 no virus found 
AVG 718 08.31.2005 no virus found 
Avira 6.31.1.0 09.02.2005 no virus found 
BitDefender 7.0 09.02.2005 Backdoor.RBot.9777E0B3 
CAT-QuickHeal 8.00 09.03.2005 Backdoor.Rbot.gen 
ClamAV devel-20050725 09.03.2005 no virus found 
DrWeb 4.32b 09.02.2005 Win32.HLLW.MyBot 
eTrust-Iris 7.1.194.0 09.02.2005 no virus found 
eTrust-Vet 11.9.1.0 09.02.2005 no virus found 
Fortinet 2.41.0.0 09.03.2005 W32/RBot-bdr 
F-Prot 3.16c 09.02.2005 no virus found 
Ikarus 0.2.59.0 09.02.2005 Backdoor.Win32.SdBot.AAD 
Kaspersky 4.0.2.24 09.03.2005 Backdoor.Win32.Rbot.gen 
McAfee 4573 09.02.2005 W32/Sdbot.worm.gen.bx 
NOD32v2 1.1208 09.02.2005 a variant of Win32/Rbot 
Norman 5.70.10 09.02.2005 no virus found 
Panda 8.02.00 09.03.2005 no virus found 
Sophos 3.97.0 09.03.2005 W32/Rbot-Fam 
Symantec 8.0 09.03.2005 W32.Spybot.Worm 
TheHacker 5.8.2.099 09.02.2005 no virus found 
VBA32 3.10.4 09.02.2005 Backdoor.Win32.Rbot.gen

----------


## Geser

This is a report processed by VirusTotal on 09/08/2005 at 20:05:20 (CET) after scanning the file "cracker.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 09.08.2005 TR/Dldr.IstBar.IT 
Avast 4.6.695.0 09.07.2005 Win32:IstBar-AJ 
AVG 718 09.07.2005 no virus found 
Avira 6.31.1.0 09.08.2005 TR/Dldr.IstBar.IT 
BitDefender 7.0 09.02.2005 no virus found 
CAT-QuickHeal 8.00 09.08.2005 TrojanDownloader.IstBar.ja 
ClamAV devel-20050725 09.07.2005 no virus found 
DrWeb 4.32b 09.08.2005 no virus found 
eTrust-Iris 7.1.194.0 09.07.2005 no virus found 
eTrust-Vet 11.9.1.0 09.08.2005 no virus found 
Fortinet 2.41.0.0 09.07.2005 W32/IstBar.JA-dldr 
F-Prot 3.16c 09.07.2005 no virus found 
Ikarus 0.2.59.0 09.08.2005 Trojan-Downloader.Win32.IstBar.JA 
Kaspersky 4.0.2.24 09.08.2005 Trojan-Downloader.Win32.IstBar.ja 
McAfee 4577 09.08.2005 no virus found 
NOD32v2 1.1212 09.08.2005 no virus found 
Norman 5.70.10 09.08.2005 no virus found 
Panda 8.02.00 09.08.2005 no virus found 
Sophos 3.97.0 09.08.2005 no virus found 
Symantec 8.0 09.08.2005 no virus found 
TheHacker 5.8.2.102 09.08.2005 Trojan/Downloader.IstBar.ja 
VBA32 3.10.4 09.08.2005 no virus found

----------


## Geser

This is a report processed by VirusTotal on 09/09/2005 at 08:39:28 (CET) after scanning the file "weq.exe" file.
Antivirus Version Update Result 
AntiVir 6.31.1.0 09.08.2005 TR/Dldr.Lastad.R 
Avast 4.6.695.0 09.07.2005 Win32:Adan-130 
AVG 718 09.07.2005 Downloader.Generic.CFM 
Avira 6.31.1.0 09.08.2005 TR/Dldr.Lastad.R 
BitDefender 7.0 09.02.2005 no virus found 
CAT-QuickHeal 8.00 09.08.2005 TrojanDownloader.Lastad.r 
ClamAV devel-20050725 09.09.2005 no virus found 
DrWeb 4.32b 09.08.2005 no virus found 
eTrust-Iris 7.1.194.0 09.08.2005 no virus found 
eTrust-Vet 11.9.1.0 09.08.2005 no virus found 
Fortinet 2.41.0.0 09.07.2005 W32/Lastad.R-dr 
F-Prot 3.16c 09.08.2005 security risk named W32/Downloader.GMN 
Ikarus 0.2.59.0 09.08.2005 no virus found 
Kaspersky 4.0.2.24 09.09.2005 Trojan-Downloader.Win32.Lastad.r 
McAfee 4577 09.08.2005 QLowZones-27 
NOD32v2 1.1212 09.08.2005 Win32/TrojanDownloader.Lastad 
Norman 5.70.10 09.08.2005 no virus found 
Panda 8.02.00 09.08.2005 Adware/Ndware 
Sophos 3.97.0 09.08.2005 no virus found 
Symantec 8.0 09.09.2005 no virus found 
TheHacker 5.8.2.102 09.08.2005 Trojan/Downloader.Lastad.r 
VBA32 3.10.4 09.08.2005 Trojan-Downloader.Win32.Lastad.r

----------


## Grey

This is a report processed by VirusTotal on 09/16/2005 at 09:33:53 (CET) after scanning the file "tb_keygen.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.3	09.15.2005	PCK/MEW	
Avast	4.6.695.0	09.14.2005	no virus found	
AVG	718	09.15.2005	no virus found	
Avira	6.32.0.3	09.15.2005	PCK/MEW	
BitDefender	7.2	09.16.2005	no virus found	
CAT-QuickHeal	8.00	09.15.2005	(Suspicious) - DNAScan	
ClamAV	devel-20050725	09.14.2005	Worm.Mytob.GH	
DrWeb	4.32b	09.16.2005	no virus found	
eTrust-Iris	7.1.194.0	09.16.2005	no virus found	
eTrust-Vet	11.9.1.0	09.16.2005	no virus found	
Fortinet	2.41.0.0	09.07.2005	suspicious	
F-Prot	3.16c	09.15.2005	no virus found	
Ikarus	0.2.59.0	09.15.2005	Backdoor.Win32.SdBot.Gen	
Kaspersky	4.0.2.24	09.16.2005	no virus found	
McAfee	4582	09.15.2005	no virus found	
NOD32v2	1.1218	09.15.2005	no virus found	
Norman	5.70.10	09.15.2005	W32/Suspicious_M.gen	
Panda	8.02.00	09.15.2005	no virus found	
Sophos	3.97.0	09.16.2005	no virus found	
Symantec	8.0	09.15.2005	no virus found	
TheHacker	5.8.2.106	09.14.2005	no virus found	
VBA32	3.10.4	09.15.2005	suspected of Net-Worm.Mybot.10

----------


## Shu_b

Прошло почти 4 часа... (46 пост)
This is a report processed by VirusTotal on 09/16/2005 at 13:22:32 (CET) after scanning the file "tb_keygen.exe" file.

Antivirus	Version	Update	Result
AntiVir	6.32.0.3	09.16.2005	PCK/MEW
Avast	4.6.695.0	09.16.2005	no virus found
AVG	718	09.15.2005	no virus found
Avira	6.32.0.3	09.16.2005	PCK/MEW
BitDefender	7.2	09.16.2005	no virus found
CAT-QuickHeal	8.00	09.15.2005	(Suspicious) - DNAScan
ClamAV	devel-20050725	09.16.2005	Worm.Mytob.GH
DrWeb	4.32b	09.16.2005	Trojan.PWS.LDPinch.506
eTrust-Iris	7.1.194.0	09.16.2005	no virus found
eTrust-Vet	11.9.1.0	09.16.2005	no virus found
Fortinet	2.41.0.0	09.07.2005	suspicious
F-Prot	3.16c	09.16.2005	no virus found
Ikarus	0.2.59.0	09.16.2005	Backdoor.Win32.SdBot.Gen
Kaspersky	4.0.2.24	09.16.2005	Trojan-PSW.Win32.PdPinch.ad
McAfee	4582	09.15.2005	no virus found
NOD32v2	1.1218	09.15.2005	no virus found
Norman	5.70.10	09.16.2005	W32/Suspicious_M.gen
Panda	8.02.00	09.16.2005	no virus found
Sophos	3.97.0	09.16.2005	no virus found
Symantec	8.0	09.15.2005	no virus found
TheHacker	5.8.2.106	09.14.2005	no virus found
VBA32	3.10.4	09.15.2005	suspected of Net-Worm.Mybot.10


Прошло почти два дня... (в разделе помогите)
This is a report processed by VirusTotal on 09/16/2005 at 13:19:21 (CET) after scanning the file "zhgwkcamb.exe" file.

Antivirus	Version	Update	Result
AntiVir	6.32.0.3	09.16.2005	Worm/Rbot.abl
Avast	4.6.695.0	09.14.2005	no virus found
AVG	718	09.15.2005	no virus found
Avira	6.32.0.3	09.16.2005	Worm/Rbot.abl
BitDefender	7.2	09.16.2005	Backdoor.Rbot.ABL
CAT-QuickHeal	8.00	09.15.2005	Backdoor.Rbot.abl
ClamAV	devel-20050725	09.16.2005	no virus found
DrWeb	4.32b	09.16.2005	Win32.HLLW.MyBot
eTrust-Iris	7.1.194.0	09.16.2005	no virus found
eTrust-Vet	11.9.1.0	09.16.2005	no virus found
Fortinet	2.41.0.0	09.07.2005	no virus found
F-Prot	3.16c	09.16.2005	no virus found
Ikarus	0.2.59.0	09.16.2005	no virus found
Kaspersky	4.0.2.24	09.16.2005	Backdoor.Win32.Rbot.abl
McAfee	4582	09.15.2005	no virus found
NOD32v2	1.1218	09.15.2005	no virus found
Norman	5.70.10	09.16.2005	no virus found
Panda	8.02.00	09.16.2005	no virus found
Sophos	3.97.0	09.16.2005	no virus found
Symantec	8.0	09.15.2005	no virus found
TheHacker	5.8.2.106	09.14.2005	no virus found
VBA32	3.10.4	09.15.2005	Backdoor.Win32.Rbot.abl

----------


## Geser

Ну, видно БитДефендер разбирает файлы которые им пересылаются от нас  :Smiley:

----------


## Iceman

А все остальные? ;-))). Раз проверка через форму перенаправляет для всех производителей, значит, детектировать должны все.

----------


## Shu_b

Разбираем  *.CHM (этот экземпляр) virusscan.jotti.org

 File:  	 x.chm
Status: 	INFECTED/MALWARE
MD5 	ef27e1186ed2ef9b6866443cc11785ac
Packers detected: 	FSG
Scanner results
AntiVir 	Found nothing
ArcaVir 	Found nothing
Avast 	Found nothing
AVG Antivirus 	Found nothing
BitDefender 	Found Exploit.Html.Codebase.Exec.Gen, BehavesLike:Trojan.Downloader (probable variant)
ClamAV 	Found Exploit.HTML.Codebase.Exec.gen-2
Dr.Web 	Found nothing
F-Prot Antivirus 	Found nothing
Fortinet 	Found nothing
Kaspersky Anti-Virus 	Found Trojan-Downloader.Win32.Apher.gen, Exploit.HTML.ObjData
NOD32 	Found probably unknown NewHeur_PE (probable variant)
Norman Virus Control 	Found nothing
UNA 	Found nothing
VBA32 	Found Win32.Trojan.Downloader (hххp://***/openpass.exe) (probable variant)

----------


## azza

This is a report processed by VirusTotal on 09/19/2005 at 18:07:45 (CET) after scanning the file "WIWSHOST.zip" file.
Antivirus Version Update Result 
AntiVir 6.32.0.3 09.19.2005 Worm/Bagle.CQ.1 
Avast 4.6.695.0 09.19.2005 no virus found 
AVG 718 09.19.2005 no virus found 
Avira 6.32.0.3 09.19.2005 Worm/Bagle.CQ.1 
BitDefender 7.2 09.19.2005 [email protected] 
CAT-QuickHeal 8.00 09.19.2005 I-Worm.Bagle.EC1B 
ClamAV devel-20050917 09.19.2005 no virus found 
DrWeb 4.32b 09.19.2005 Win32.HLLM.Beagle.36864 
eTrust-Iris 7.1.194.0 09.18.2005 no virus found 
eTrust-Vet 11.9.1.0 09.19.2005 no virus found 
Fortinet 2.41.0.0 09.07.2005 suspicious 
F-Prot 3.16c 09.19.2005 security risk named W32/Mitglieder.FE 
Ikarus 0.2.59.0 09.19.2005 no virus found 
Kaspersky 4.0.2.24 09.19.2005 Email-Worm.Win32.Bagle.cy 
McAfee 4583 09.16.2005 no virus found 
NOD32v2 1.1220 09.19.2005 Win32/Bagle.BI 
Norman 5.70.10 09.19.2005 no virus found 
Panda 8.02.00 09.19.2005 no virus found 
Sophos 3.97.0 09.19.2005 Troj/BagleDl-U 
Symantec 8.0 09.18.2005 no virus found 
TheHacker 5.8.2.109 09.19.2005 no virus found 
VBA32 3.10.4 09.19.2005 no virus found

----------


## Sanja

This is a report processed by VirusTotal on 09/20/2005 at 19:02:40 (CET) after scanning the file "price_09.zip" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.20.2005 TR/Bagle.CW 
Avast 4.6.695.0 09.20.2005 Win32:Beagle-EC 
AVG 718 09.19.2005 I-Worm/Bagle 
Avira 6.32.0.6 09.20.2005 TR/Bagle.CW 
BitDefender 7.2 09.20.2005 [email protected] 
CAT-QuickHeal 8.00 09.19.2005 (Suspicious) - DNAScan 
ClamAV devel-20050917 09.20.2005 Worm.Bagle.Gen-3 
DrWeb 4.32b 09.20.2005 Win32.HLLM.Beagle.35146 
eTrust-Iris 7.1.194.0 09.20.2005 no virus found 
eTrust-Vet 11.9.1.0 09.20.2005 no virus found 
Fortinet 2.41.0.0 09.07.2005 suspicious 
F-Prot 3.16c 09.20.2005 security risk named W32/Mitglieder.FK 
Ikarus 0.2.59.0 09.20.2005 no virus found 
Kaspersky 4.0.2.24 09.20.2005 Email-Worm.Win32.Bagle.dg 
McAfee 4586 09.20.2005 W32/Bagle.gen 
NOD32v2 1.1224 09.20.2005 no virus found 
Norman 5.70.10 09.20.2005 no virus found 
Panda 8.02.00 09.20.2005 no virus found 
Sophos 3.97.0 09.20.2005 Troj/BagleDl-U 
Symantec 8.0 09.19.2005 no virus found 
TheHacker 5.8.2.111 09.20.2005 W32/Bagle.dg 
VBA32 3.10.4 09.20.2005 no virus found

----------


## Grey

This is a report processed by VirusTotal on 09/21/2005 at 11:39:58 (CET) after scanning the file "avz3.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	09.21.2005	no virus found	
Avast	4.6.695.0	09.20.2005	no virus found	
AVG	718	09.19.2005	no virus found	
Avira	6.32.0.6	09.21.2005	no virus found	
BitDefender	7.2	09.21.2005	no virus found	
CAT-QuickHeal	8.00	09.21.2005	no virus found	
ClamAV	devel-20050917	09.21.2005	no virus found	
DrWeb	4.32b	09.20.2005	no virus found	
eTrust-Iris	7.1.194.0	09.20.2005	no virus found	
eTrust-Vet	11.9.1.0	09.21.2005	no virus found	
Fortinet	2.41.0.0	09.07.2005	no virus found	
F-Prot	3.16c	09.21.2005	no virus found	
Ikarus	0.2.59.0	09.21.2005	no virus found	
Kaspersky	4.0.2.24	09.21.2005	no virus found	
McAfee	4586	09.20.2005	no virus found	
NOD32v2	1.1228	09.21.2005	no virus found	
Norman	5.70.10	09.20.2005	no virus found	
Panda	8.02.00	09.21.2005	no virus found	
Sophos	3.97.0	09.21.2005	no virus found	
Symantec	8.0	09.21.2005	no virus found	
TheHacker	5.8.2.113	09.21.2005	no virus found	
VBA32	3.10.4	09.21.2005	MalwareScope.Trojan-Spy.Banker.128

AVZ3.zip - это вчерашняя версия AVZ от Олега Зайцева.

----------


## RiC

Jotty - 
File: 	price_new.zip 	
Status: INFECTED/MALWARE 
MD5 	a27110ff7ef6525565cbc9d23f6f9e9b 	
Packers detected: 	
-
Scanner results 
AntiVir  Found Trojan/Bagle.CU 
ArcaVir Found Worm.Beagle.De 
Avast Found Win32:Beagle-DY 
AVG Antivirus Found I-Worm/Bagle 
BitDefender 	Found [email protected] 
ClamAV 	Found Worm.Bagle.BR-1 
Dr.Web 	Found Win32.HLLM.Beagle.35146 
F-Prot Antivirus 	Found W32/Mitglieder.FI 
Fortinet 	Found W32/Bagle.DA-mm 
Kaspersky Anti-Virus 	Found Email-Worm.Win32.Bagle.de 
*NOD32 	Found nothing*
Norman Virus Control 	Found W32/Bagle.DR 
*UNA 	Found nothing*
VBA32 	Found Email-Worm.Win32.Bagle.de

Да от NOD`a я не ожидал  :Sad: 

PS: Уже ловит.

----------


## Geser

AntiVir  Found Backdoor-Server/HacDef.BO  
ArcaVir  Found Trojan.Hacdef.Bo  
Avast  Found nothing 
AVG Antivirus  Found BackDoor.Generic.NHO  
BitDefender  Found Backdoor.Hacdef.BO  
ClamAV  Found nothing 
Dr.Web  Found BackDoor.HackDef.138  
F-Prot Antivirus  Found nothing 
Fortinet  Found W32/HacDef.BO-bdr  
Kaspersky Anti-Virus  Found Backdoor.Win32.HacDef.bo  
NOD32  Found nothing 
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found Backdoor.Win32.HacDef.bo

This is a report processed by VirusTotal on 09/30/2005 at 12:28:02 (CET) after scanning the file "mxdefdrv.sys" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.30.2005 BDS/HacDef.BO 
Avast 4.6.695.0 09.29.2005 no virus found 
AVG 718 09.29.2005 BackDoor.Generic.NHO 
Avira 6.32.0.6 09.30.2005 BDS/HacDef.BO 
BitDefender 7.2 09.30.2005 Backdoor.Hacdef.BO 
CAT-QuickHeal 8.00 09.29.2005 Backdoor.HacDef.bo 
ClamAV devel-20050917 09.29.2005 no virus found 
DrWeb 4.32b 09.30.2005 BackDoor.HackDef.138 
eTrust-Iris 7.1.194.0 09.29.2005 no virus found 
eTrust-Vet 11.9.1.0 09.30.2005 no virus found 
Fortinet 2.48.0.0 09.30.2005 W32/HacDef.BO-bdr 
F-Prot 3.16c 09.29.2005 no virus found 
Ikarus 0.2.59.0 09.29.2005 no virus found 
Kaspersky 4.0.2.24 09.30.2005 Backdoor.Win32.HacDef.bo 
McAfee 4593 09.29.2005 no virus found 
NOD32v2 1.1237 09.29.2005 no virus found 
Norman 5.70.10 09.29.2005 no virus found 
Panda 8.02.00 09.29.2005 Bck/HacDef.DT 
Sophos 3.98.0 09.30.2005 Troj/HacDef-Gen 
Symantec 8.0 09.29.2005 no virus found 
TheHacker 5.8.2.116 09.28.2005 no virus found 
VBA32 3.10.4 09.29.2005 Backdoor.Win32.HacDef.bo

----------


## Geser

AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found Adware.HideOne.ABM  
ClamAV  Found nothing 
Dr.Web  Found nothing 
F-Prot Antivirus  Found nothing 
Fortinet  Found nothing 
Kaspersky Anti-Virus  Found nothing 
NOD32  Found nothing 
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found nothing 

This is a report processed by VirusTotal on 09/30/2005 at 12:30:52 (CET) after scanning the file "bho.dll" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.30.2005 no virus found 
Avast 4.6.695.0 09.29.2005 no virus found 
AVG 718 09.29.2005 no virus found 
Avira 6.32.0.6 09.30.2005 no virus found 
BitDefender 7.2 09.30.2005 Adware.HideOne.ABM 
CAT-QuickHeal 8.00 09.29.2005 no virus found 
ClamAV devel-20050917 09.29.2005 no virus found 
DrWeb 4.32b 09.30.2005 no virus found 
eTrust-Iris 7.1.194.0 09.29.2005 no virus found 
eTrust-Vet 11.9.1.0 09.30.2005 no virus found 
Fortinet 2.48.0.0 09.30.2005 no virus found 
F-Prot 3.16c 09.29.2005 no virus found 
Ikarus 0.2.59.0 09.29.2005 no virus found 
Kaspersky 4.0.2.24 09.30.2005 no virus found 
McAfee 4593 09.29.2005 no virus found 
NOD32v2 1.1237 09.29.2005 no virus found 
Norman 5.70.10 09.29.2005 no virus found 
Panda 8.02.00 09.29.2005 no virus found 
Sophos 3.98.0 09.30.2005 no virus found 
Symantec 8.0 09.29.2005 no virus found 
TheHacker 5.8.2.116 09.28.2005 no virus found 
VBA32 3.10.4 09.29.2005 no virus found

----------


## Geser

AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
Dr.Web  Found nothing 
F-Prot Antivirus  Found nothing 
Fortinet  Found Toolbar/Mywebsearch  
Kaspersky Anti-Virus  Found not-a-virus:AdWare.Win32.MyWebSearch  
NOD32  Found nothing 
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found AdWare.ToolBar.MyWebSearch  

This is a report processed by VirusTotal on 09/30/2005 at 12:39:52 (CET) after scanning the file "eied_s7_c_7.exe" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.30.2005 no virus found 
Avast 4.6.695.0 09.29.2005 no virus found 
AVG 718 09.29.2005 no virus found 
Avira 6.32.0.6 09.30.2005 no virus found 
BitDefender 7.2 09.30.2005 no virus found 
CAT-QuickHeal 8.00 09.29.2005 TrojanDownloader.Mediket.bc 
ClamAV devel-20050917 09.29.2005 no virus found 
DrWeb 4.32b 09.30.2005 Trojan.DownLoader.4447 
eTrust-Iris 7.1.194.0 09.29.2005 no virus found 
eTrust-Vet 11.9.1.0 09.30.2005 no virus found 
Fortinet 2.48.0.0 09.30.2005 W32/Mediket.BC-tr 
F-Prot 3.16c 09.29.2005 no virus found 
Ikarus 0.2.59.0 09.29.2005 no virus found 
Kaspersky 4.0.2.24 09.30.2005 Trojan-Downloader.Win32.Mediket.bg 
McAfee 4593 09.29.2005 Generic Downloader.u 
NOD32v2 1.1237 09.29.2005 a variant of Win32/TrojanDownloader.Mediket 
Norman 5.70.10 09.29.2005 no virus found 
Panda 8.02.00 09.29.2005 Adware/MediaTickets 
Sophos 3.98.0 09.30.2005 no virus found 
Symantec 8.0 09.29.2005 no virus found 
TheHacker 5.8.2.116 09.28.2005 no virus found 
VBA32 3.10.4 09.29.2005 suspected of Trojan-Downloader.Win32.Mediket.1 

AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
Dr.Web  Found nothing 
F-Prot Antivirus  Found nothing 
Fortinet  Found W32/Mediket.BC-tr  
Kaspersky Anti-Virus  Found Trojan-Downloader.Win32.Mediket.bg  
NOD32  Found a variant of Win32/TrojanDownloader.Mediket  
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found Trojan-Downloader.Win32.Mediket.1 (probable variant)

----------


## Geser

This is a report processed by VirusTotal on 09/30/2005 at 12:46:35 (CET) after scanning the file "EGDACCESS_1064.dll" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.30.2005 DIAL/302254 
Avast 4.6.695.0 09.29.2005 no virus found 
AVG 718 09.29.2005 Dialer.ANW 
Avira 6.32.0.6 09.30.2005 DIAL/302254 
BitDefender 7.2 09.30.2005 Dialer.BAX 
CAT-QuickHeal 8.00 09.29.2005 PornDialer.InstantAccess.f (Not a Virus) 
ClamAV devel-20050917 09.29.2005 Dialer-324 
DrWeb 4.32b 09.30.2005 no virus found 
eTrust-Iris 7.1.194.0 09.29.2005 no virus found 
eTrust-Vet 11.9.1.0 09.30.2005 no virus found 
Fortinet 2.48.0.0 09.30.2005 Dial/Generic 
F-Prot 3.16c 09.29.2005 no virus found 
Ikarus 0.2.59.0 09.29.2005 no virus found 
Kaspersky 4.0.2.24 09.30.2005 not-a-virus :Stick Out Tongue: orn-Dialer.Win32.InstantAccess.f 
McAfee 4593 09.29.2005 potentially unwanted program Dialer-Generic 
NOD32v2 1.1237 09.29.2005 probably a variant of Win32/Dialer.Egroup  
Norman 5.70.10 09.29.2005 no virus found 
Panda 8.02.00 09.29.2005 Dialer.DCT 
Sophos 3.98.0 09.30.2005 no virus found 
Symantec 8.0 09.29.2005 no virus found 
TheHacker 5.8.2.116 09.28.2005 Trojan/Dialer.InstantAccess.f 
VBA32 3.10.4 09.29.2005 Porn-Dialer.Win32.InstantAccess.f 


AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found Dialer.ANW  
BitDefender  Found Dialer.BAX  
ClamAV  Found Dialer-324  
Dr.Web  Found nothing 
F-Prot Antivirus  Found nothing 
Fortinet  Found Dial/Generic  
Kaspersky Anti-Virus  Found not-a-virus :Stick Out Tongue: orn-Dialer.Win32.InstantAccess.f  
NOD32  Found probably a variant of Win32/Dialer.Egroup application (probable variant)  
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found Porn-Dialer.Win32.InstantAccess.f  

AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
Dr.Web  Found nothing 
F-Prot Antivirus  Found nothing 
Fortinet  Found nothing 
Kaspersky Anti-Virus  Found not-a-virus:AdWare.Win32.NaviPromo.c  
NOD32  Found a variant of Win32/Adware.NaviPromo application  
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found AdWare.Win32.NaviPromo.c 

This is a report processed by VirusTotal on 09/30/2005 at 12:49:12 (CET) after scanning the file "zdemuqsc.exe" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.30.2005 ADSPY/NaviPromo.C.41 
Avast 4.6.695.0 09.29.2005 no virus found 
AVG 718 09.29.2005 no virus found 
Avira 6.32.0.6 09.30.2005 ADSPY/NaviPromo.C.41 
BitDefender 7.2 09.30.2005 no virus found 
CAT-QuickHeal 8.00 09.29.2005 (Suspicious) - DNAScan 
ClamAV devel-20050917 09.29.2005 no virus found 
DrWeb 4.32b 09.30.2005 no virus found 
eTrust-Iris 7.1.194.0 09.29.2005 no virus found 
eTrust-Vet 11.9.1.0 09.30.2005 no virus found 
Fortinet 2.48.0.0 09.30.2005 suspicious 
F-Prot 3.16c 09.29.2005 no virus found 
Ikarus 0.2.59.0 09.29.2005 no virus found 
Kaspersky 4.0.2.24 09.30.2005 not-a-virus:AdWare.Win32.NaviPromo.c 
McAfee 4593 09.29.2005 no virus found 
NOD32v2 1.1237 09.29.2005 a variant of Win32/Adware.NaviPromo 
Norman 5.70.10 09.29.2005 no virus found 
Panda 8.02.00 09.29.2005 Adware/NaviPromo 
Sophos 3.98.0 09.30.2005 no virus found 
Symantec 8.0 09.29.2005 no virus found 
TheHacker 5.8.2.116 09.28.2005 no virus found 
VBA32 3.10.4 09.29.2005 AdWare.Win32.NaviPromo.c

----------


## Geser

This is a report processed by VirusTotal on 09/30/2005 at 12:52:23 (CET) after scanning the file "avz00001.dta" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 09.30.2005 TR/Rootkit.Agent.AB 
Avast 4.6.695.0 09.29.2005 Win32:Trojano-2365 
AVG 718 09.29.2005 no virus found 
Avira 6.32.0.6 09.30.2005 TR/Rootkit.Agent.AB 
BitDefender 7.2 09.30.2005 Trojan.Rootkit.Agent.AB 
CAT-QuickHeal 8.00 09.29.2005 TrojanRootkit.Agent.ae 
ClamAV devel-20050917 09.29.2005 no virus found 
DrWeb 4.32b 09.30.2005 BackDoor.IRC.Sdbot.122 
eTrust-Iris 7.1.194.0 09.29.2005 Win32/Efewe.H!Trojan 
eTrust-Vet 11.9.1.0 09.30.2005 Win32.Efewe.H 
Fortinet 2.48.0.0 09.30.2005 W32/Rootkit.AA-tr 
F-Prot 3.16c 09.29.2005 security risk named W32/FUrootkit.F 
Ikarus 0.2.59.0 09.29.2005 no virus found 
Kaspersky 4.0.2.24 09.30.2005 Rootkit.Win32.Agent.ab 
McAfee 4593 09.29.2005 FURootkit 
NOD32v2 1.1237 09.29.2005 Win32/Rootkit.Agent.AB 
Norman 5.70.10 09.29.2005 W32/Rootkit.B 
Panda 8.02.00 09.29.2005 Hacktool/Rootkit.AG 
Sophos 3.98.0 09.30.2005 Troj/RKFu-A 
Symantec 8.0 09.29.2005 Hacktool.Rootkit 
TheHacker 5.8.2.116 09.28.2005 no virus found 
VBA32 3.10.4 09.29.2005 BackDoor.IRC.Sdbot.122 


AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found Win32:Trojano-2365  
AVG Antivirus  Found nothing 
BitDefender  Found Trojan.Rootkit.Agent.AB  
ClamAV  Found nothing 
Dr.Web  Found BackDoor.IRC.Sdbot.122  
F-Prot Antivirus  Found W32/FUrootkit.F  
Fortinet  Found W32/Rootkit.AA-tr  
Kaspersky Anti-Virus  Found Rootkit.Win32.Agent.ab  
NOD32  Found Win32/Rootkit.Agent.AB  
Norman Virus Control  Found W32/Rootkit.B  
UNA  Found nothing 
VBA32  Found BackDoor.IRC.Sdbot.122

----------


## Grey

This is a report processed by VirusTotal on 09/30/2005 at 14:27:12 (CET) after scanning the file "RemoveKAV.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	09.30.2005	no virus found	
Avast	4.6.695.0	09.29.2005	no virus found	
AVG	718	09.29.2005	no virus found	
Avira	6.32.0.6	09.30.2005	no virus found	
BitDefender	7.2	09.30.2005	no virus found	
CAT-QuickHeal	8.00	09.30.2005	no virus found	
ClamAV	devel-20050917	09.29.2005	no virus found	
DrWeb	4.32b	09.30.2005	Trojan.AVKill.123	
eTrust-Iris	7.1.194.0	09.29.2005	no virus found	
eTrust-Vet	11.9.1.0	09.30.2005	no virus found	
Fortinet	2.48.0.0	09.30.2005	suspicious	
F-Prot	3.16c	09.29.2005	no virus found	
Ikarus	0.2.59.0	09.29.2005	no virus found	
Kaspersky	4.0.2.24	09.30.2005	no virus found	
McAfee	4593	09.29.2005	no virus found	
NOD32v2	1.1237	09.29.2005	no virus found	
Norman	5.70.10	09.29.2005	no virus found	
Panda	8.02.00	09.30.2005	no virus found	
Sophos	3.98.0	09.30.2005	no virus found	
Symantec	8.0	09.29.2005	no virus found	
TheHacker	5.8.2.116	09.28.2005	no virus found	
VBA32	3.10.4	09.29.2005	no virus found

P.S. пароль на аттач virus.
RemoveKAV.exe - тулзень для нормального удаления Каспера.

----------


## azza

File:  CALC.zip  
Status:  INFECTED/MALWARE  
MD5  cf75582ebf1ee94f7c919da887b2d182  
Packers detected:  UPX 
Scanner results  
AntiVir  Found Trojan/KillAV.2  
ArcaVir  Found Trojan.Spy.Lydra.P  
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
Dr.Web  Found Trojan.LydraSpy  
F-Prot Antivirus  Found nothing 
Fortinet  Found nothing 
Kaspersky Anti-Virus  Found Trojan-Spy.Win32.Lydra.p  
NOD32  Found probably a variant of Win32/Spy.Lydra (probable variant)  
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found nothing
---------------------------
Изначально троян был обнаружен эвристиком DrWeb4.33.

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Зайцев Олег

Файл "svhost.exe", 16 кб, явный троян, работает с сетью
Antivirus Version Update Result 
AntiVir 6.32.0.6 10.10.2005 PCK/MEW 
Avast 4.6.695.0 10.10.2005 no virus found 
AVG 718 10.10.2005 no virus found 
Avira 6.32.0.6 10.10.2005 PCK/MEW 
BitDefender 7.2 10.11.2005 no virus found 
CAT-QuickHeal 8.00 10.10.2005 (Suspicious) - DNAScan 
ClamAV devel-20050917 10.11.2005 Worm.Mytob.GH 
DrWeb 4.32b 10.10.2005 no virus found 
eTrust-Iris 7.1.194.0 10.10.2005 no virus found 
eTrust-Vet 11.9.1.0 10.10.2005 no virus found 
Fortinet 2.48.0.0 10.10.2005 no virus found 
F-Prot 3.16c 10.10.2005 no virus found 
Ikarus 0.2.59.0 10.10.2005 Backdoor.Win32.SdBot.Gen 
Kaspersky 4.0.2.24 10.11.2005 no virus found 
McAfee 4601 10.10.2005 no virus found 
NOD32v2 1.1248 10.10.2005 no virus found 
Norman 5.70.10 10.10.2005 W32/Suspicious_M.gen 
Panda 8.02.00 10.10.2005 no virus found 
Sophos 3.98.0 10.10.2005 no virus found 
Symantec 8.0 10.10.2005 no virus found 
TheHacker 5.8.2.121 10.10.2005 no virus found 
VBA32 3.10.4 10.10.2005 MalwareScope.Trojan-Spy.Banker.8

----------


## Зайцев Олег

AntiVir 6.32.0.6 10.10.2005 PCK/MEW 
Avast 4.6.695.0 10.10.2005 Win32:Trojano-2441 
AVG 718 10.10.2005 no virus found 
Avira 6.32.0.6 10.10.2005 PCK/MEW 
BitDefender 7.2 10.11.2005 BehavesLike:Trojan.ShellObject 
CAT-QuickHeal 8.00 10.10.2005 (Suspicious) - DNAScan 
ClamAV devel-20050917 10.11.2005 Worm.Mytob.GH 
DrWeb 4.32b 10.10.2005 no virus found 
eTrust-Iris 7.1.194.0 10.10.2005 no virus found 
eTrust-Vet 11.9.1.0 10.10.2005 no virus found 
Fortinet 2.48.0.0 10.10.2005 no virus found 
F-Prot 3.16c 10.10.2005 no virus found 
Ikarus 0.2.59.0 10.10.2005 Backdoor.Win32.SdBot.Gen 
Kaspersky 4.0.2.24 10.11.2005 no virus found 
McAfee 4601 10.10.2005 no virus found 
NOD32v2 1.1248 10.10.2005 a variant of Win32/TrojanDropper.Small.NCP 
Norman 5.70.10 10.10.2005 W32/Suspicious_M.gen 
Panda 8.02.00 10.10.2005 no virus found 
Sophos 3.98.0 10.10.2005 no virus found 
Symantec 8.0 10.10.2005 no virus found 
TheHacker 5.8.2.121 10.10.2005 no virus found 
VBA32 3.10.4 10.10.2005 no virus found

----------


## Grey

This is a report processed by VirusTotal on 10/11/2005 at 13:18:12 (CET) after scanning the file "crack.exe" file.
Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	10.11.2005	TR/Dldr.IstBar.IT	
Avast	4.6.695.0	10.10.2005	Win32:IstBar-AJ	
AVG	718	10.10.2005	Downloader.Istbar.AH	
Avira	6.32.0.6	10.11.2005	TR/Dldr.IstBar.IT	
BitDefender	7.2	10.11.2005	Trojan.Downloader.IstBar.JA	
CAT-QuickHeal	8.00	10.11.2005	TrojanDownloader.IstBar.ja	
ClamAV	devel-20050917	10.11.2005	no virus found	
DrWeb	4.32b	10.11.2005	Trojan.Isbar.335	
eTrust-Iris	7.1.194.0	10.10.2005	no virus found	
eTrust-Vet	11.9.1.0	10.11.2005	no virus found	
Fortinet	2.48.0.0	10.10.2005	W32/IstBar.JA-dldr	
F-Prot	3.16c	10.10.2005	security risk or a "backdoor" program	
Ikarus	0.2.59.0	10.10.2005	no virus found	
Kaspersky	4.0.2.24	10.11.2005	Trojan-Downloader.Win32.INService.ja	
McAfee	4601	10.10.2005	potentially unwanted program Adware-RBlast	
NOD32v2	1.1249	10.11.2005	Win32/Adware.ISTbar	
Norman	5.70.10	10.11.2005	no virus found	
Panda	8.02.00	10.10.2005	Adware/IST.ISTBar	
Sophos	3.98.0	10.11.2005	no virus found	
Symantec	8.0	10.10.2005	no virus found	
TheHacker	5.8.2.121	10.10.2005	no virus found	
VBA32	3.10.4	10.10.2005	no virus found

----------


## azza

File:  pokapoka76.exe  
Status:  INFECTED/MALWARE  
MD5  71ef6a0d1e0d3135d2b050f972eae833  
Packers detected:  UPX 
Scanner results  
AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
*Dr.Web  Found MULDROP.Trojan (probable variant)* 
F-Prot Antivirus  Found nothing 
Fortinet  Found nothing 
Kaspersky Anti-Virus  Found nothing 
*NOD32  Found a variant of Win32/Adware.EliteBar application* 
Norman Virus Control  Found nothing 
UNA  Found nothing 
*VBA32  Found Trojan.StartPage.12 (probable variant)*
-----------------------------------------------------------
Наглядная работа эвристиков.  :Smiley: 

PS. DrWeb: Возможно, MULDROP.Trojan --> Adware.EliteBar

----------


## Grey

This is a report processed by VirusTotal on 10/14/2005 at 16:34:19 (CET) after scanning the file "approved-password.txt" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	10.14.2005	Worm/Mytob.KN	
Avast	4.6.695.0	10.14.2005	Win32:Mytob-MJ	
AVG	718	10.13.2005	no virus found	
Avira	6.32.0.6	10.14.2005	Worm/Mytob.KN	
BitDefender	7.2	10.14.2005	[email protected] 
CAT-QuickHeal	8.00	10.14.2005	Mytob.dc	
ClamAV	devel-20050917	10.14.2005	Worm.Mytob.IT-2	
DrWeb	4.32b	10.14.2005	BackDoor.IRC.HellBot	
eTrust-Iris	7.1.194.0	10.14.2005	no virus found	
eTrust-Vet	11.9.1.0	10.14.2005	no virus found	
Fortinet	2.48.0.0	10.14.2005	suspicious	
F-Prot	3.16c	10.14.2005	W32/[email protected] 
Ikarus	0.2.59.0	10.14.2005	Net-Worm.Win32.Mytob.DE	
Kaspersky	4.0.2.24	10.14.2005	Net-Worm.Win32.Mytob.dc	
McAfee	4604	10.13.2005	no virus found	
NOD32v2	1.1254	10.14.2005	Win32/Mytob.LF	
Norman	5.70.10	10.14.2005	no virus found	
Panda	8.02.00	10.14.2005	no virus found	
Sophos	3.98.0	10.14.2005	W32/Mytob-EX	
Symantec	8.0	10.13.2005	no virus found	
TheHacker	5.8.2.123	10.13.2005	no virus found	
VBA32	3.10.4	10.13.2005	no virus found

----------


## RiC

Jotty, мимо проходил -
Last file scanned at least one scanner reported something about**: xingtonemodfree.exe, detected by:
Scanner 	Malware name 	
AntiVir 	X 	
ArcaVir 	X 	
Avast 	X 	
AVG Antivirus 	X 	
BitDefender 	Application.Adware.NewDotNet.Dropper 	
ClamAV 	Adware.NewDotNet.B-4 	
Dr.Web 	Adware.SaveNow 	
F-Prot Antivirus 	X 	
Fortinet 	X 	
Kaspersky Anti-Virus 	not-a-virus:AdWare.Win32.SaveNow.bo 	
NOD32 	X 	
Norman Virus Control 	X 	
UNA 	X 	
VBA32 	X

----------


## kvit

> Jotty, мимо проходил


Не хотелось бы писать в данный пост, но все же...
Jotty не лучший вариант для сбора статистики...
Вот тут я писал об этом:
http://virusinfo.info/showthread.php?t=3491

----------


## Geser

This is a report processed by VirusTotal on 10/23/2005 at 22 :20: 46 (CET) after scanning the file "photo.jpg.exe" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 10.22.2005 Heuristic/Trojan.PwdStealer 
Avast 4.6.695.0 10.21.2005 no virus found 
AVG 718 10.21.2005 no virus found 
Avira 6.32.0.6 10.22.2005 Heuristic/Trojan.PwdStealer 
BitDefender 7.2 10.22.2005 no virus found 
CAT-QuickHeal 8.00 10.22.2005 no virus found 
ClamAV devel-20050917 10.21.2005 no virus found 
DrWeb 4.32b 10.23.2005 no virus found 
eTrust-Iris 7.1.194.0 10.23.2005 no virus found 
eTrust-Vet 11.9.1.0 10.21.2005 no virus found 
Fortinet 2.48.0.0 10.22.2005 suspicious 
F-Prot 3.16c 10.20.2005 no virus found 
Ikarus 0.2.59.0 10.21.2005 no virus found 
Kaspersky 4.0.2.24 10.23.2005 no virus found 
McAfee 4610 10.21.2005 no virus found 
NOD32v2 1.1263 10.21.2005 probably unknown NewHeur_PE virus 
Norman 5.70.10 10.21.2005 no virus found 
Panda 8.02.00 10.23.2005 no virus found 
Sophos 3.98.0 10.23.2005 no virus found 
Symantec 8.0 10.23.2005 no virus found 
TheHacker 5.8.4.127 10.21.2005 no virus found 
VBA32 3.10.4 10.23.2005 no virus found 

А эвристика ловит местами

----------


## WinR

Почему не используются последние версии антивирусов при тестировании?

----------


## MOCT

AntiVir 6.32.0.6 10.10.2005 
Avira 6.32.0.6 10.10.2005 

какой смысл дважды тестировать одним и тем же?

----------


## Geser

Что на Вирустотал есть тем и тестируем  :Sad:

----------


## Grey

Прикол, пришло письмо с одного моего ящика на другой мой ящик с файликом Info_prices.zip.  Но самое интересное, что мой получатель я и отправитель я, хотя я точно знаю что ничего такого себе не слал.

This is a report processed by VirusTotal on 11/03/2005 at 10:23:52 (CET) after scanning the file "Info_prices.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.03.2005	TR/Bagle.DR	
Avast	4.6.695.0	11.02.2005	Win32:Beagle-FT	
AVG	718	11.01.2005	no virus found	
Avira	6.32.0.6	11.03.2005	TR/Bagle.DR	
BitDefender	7.2	11.03.2005	Trojan.Downloader.Bagle.1.Gen	
CAT-QuickHeal	8.00	11.03.2005	" I-Worm.Bagle.eb
ClamAV	devel-20050917	11.02.2005	no virus found (видимо давно не обновляли, у меня сегодняшняя база, и он его видит)	
DrWeb	4.33	11.03.2005	Win32.HLLM.Beagle.38912	
eTrust-Iris	7.1.194.0	11.02.2005	Win32/Glieder.CE!ZIP!Trojan	
eTrust-Vet	11.9.1.0	11.03.2005	Win32.Glieder.CC!ZIP	
Fortinet	2.48.0.0	11.02.2005	W32/Mitglieder.GB!tr	
F-Prot	3.16c	11.02.2005	security risk named W32/Mitglieder.GB	
Ikarus	0.2.59.0	11.02.2005	" Email-Worm.Win32.Bagle.EE	
Kaspersky	4.0.2.24	11.03.2005	" Email-Worm.Win32.Bagle.eb
McAfee	4618	11.02.2005	W32/Bagle.gen	
NOD32v2	1.1274	11.03.2005	Win32/Bagle.DG	
Norman	5.70.10	11.03.2005	W32/Mitglied.NH	
Panda	8.02.00	11.02.2005	Trj/Mitglieder.FL	
Sophos	3.99.0	11.03.2005	Troj/BagleDl-Y	
Symantec	8.0	11.02.2005	Trojan.Lodear.B	
TheHacker	5.9.1.027	11.02.2005	W32/Bagle.gen	
VBA32	3.10.4	11.02.2005	" Email-Worm.Win32.Bagle.eb

----------


## MOCT

> Прикол, пришло письмо с одного моего ящика на другой мой ящик с файликом Info_prices.zip. Но самое интересное, что мой получатель я и отправитель я, хотя я точно знаю что ничего такого себе не слал.


всему есть разумное объяснение  :Smiley: 
не открою большого секрета если скажу, что заразился человек, которому были известны оба этих почтовых ящика. и теперь с его компьютера рассылаются письма со случайными чужими адресами на случайные чужие адреса.

----------


## RiC

Только что со спамом "сюрприз" упал -
AntiVir	6.32.0.6	11.03.2005	TR/Bagle.DW	
Avast	4.6.695.0	11.03.2005	no virus found	
AVG	718	11.01.2005	no virus found	
Avira	6.32.0.6	11.03.2005	TR/Bagle.DW	
BitDefender	7.2	11.03.2005	[email protected] 
CAT-QuickHeal	8.00	11.03.2005	(Suspicious) - DNAScan	
ClamAV	devel-20050917	11.03.2005	Worm.Bagle.Gen-6	
DrWeb	4.33	11.03.2005	Win32.HLLM.Beagle.38912	
eTrust-Iris	7.1.194.0	11.02.2005	no virus found	
eTrust-Vet	11.9.1.0	11.03.2005	no virus found	
Fortinet	2.48.0.0	11.03.2005	W32/Mitglieder.GD!tr	
F-Prot	3.16c	11.02.2005	no virus found	
Ikarus	0.2.59.0	11.03.2005	Email-Worm.Win32.Bagle.EE	
Kaspersky	4.0.2.24	11.03.2005	no virus found	
McAfee	4618	11.02.2005	no virus found	
NOD32v2	1.1275	11.03.2005	Win32/Bagle.DL	
Norman	5.70.10	11.03.2005	W32/Malware	
Panda	8.02.00	11.02.2005	no virus found	
Sophos	3.99.0	11.03.2005	Troj/BagleDl-AB	
Symantec	8.0	11.02.2005	no virus found	
TheHacker	5.9.1.027	11.02.2005	no virus found	
VBA32	3.10.4	11.02.2005	no virus found

----------


## Grey

> Только что со спамом "сюрприз" упал -
> *TR/Bagle.DW*


Видать очередная модификация

----------


## kvit

> Kaspersky	4.0.2.24	11.03.2005	no virus found	
> McAfee 4618 11.02.2005 no virus found 
> VBA32	3.10.4	11.02.2005	no virus found


Вот так бывает... Удивлен...

----------


## sergey_gum

Вот, подарок попался...
This is a report processed by VirusTotal on 11/03/2005 at 16:59:43 (CET) after scanning the file "A0018269.exe" file.

AntiVir	6.32.0.6	11.03.2005	TR/Dldr.Agent.XT	
Avast	4.6.695.0	11.03.2005	Win32Dialer-481	
AVG	718	11.01.2005	ownloader.Agent.ALW	
Avira	6.32.0.6	11.03.2005	TR/Dldr.Agent.XT	
BitDefender	7.2	11.03.2005	Trojan.Downloader.TwainXDial	
CAT-QuickHeal	8.00	11.03.2005	TrojanDownloader.Agent.xt	
ClamAV	devel-20050917	11.03.2005	no virus found	
DrWeb	4.33	11.03.2005	Trojan.DownLoader.2163	
eTrust-Iris	7.1.194.0	11.02.2005	no virus found	
eTrust-Vet	11.9.1.0	11.03.2005	no virus found	
Fortinet	2.48.0.0	11.03.2005	Dial/Hogil	
F-Prot	3.16c	11.03.2005	no virus found	
Ikarus	0.2.59.0	11.03.2005	Trojan-Downloader.Win32.Agent.XT	
Kaspersky	4.0.2.24	11.03.2005	Trojan-Downloader.Win32.Agent.xt	
McAfee	4618	11.02.2005	potentially unwanted program Dialer-RAS	
NOD32v2	1.1275	11.03.2005	a variant of Win32/Dialer.EB	
Norman	5.70.10	11.03.2005	W32/Agent.JYM	
Panda	8.02.00	11.02.2005	no virus found	
Sophos	3.99.0	11.03.2005	no virus found	
Symantec	8.0	11.02.2005	no virus found	
TheHacker	5.9.1.027	11.02.2005	no virus found	
VBA32	3.10.4	11.03.2005	Trojan-Downloader.Win32.Agent.xt

----------


## azza

Так тоже бывает  :Smiley: 
---------------------------------------------------------------------
This is a report processed by VirusTotal on 11/03/2005 at 17:13:23 (CET) after scanning the file "unfsgv20.zip" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 11.03.2005 no virus found 
Avast 4.6.695.0 11.03.2005 no virus found 
AVG 718 11.01.2005 no virus found 
Avira 6.32.0.6 11.03.2005 no virus found 
BitDefender 7.2 11.03.2005 no virus found 
CAT-QuickHeal 8.00 11.03.2005 no virus found 
ClamAV devel-20050917 11.03.2005 no virus found 
DrWeb 4.33 11.03.2005 no virus found 
eTrust-Iris 7.1.194.0 11.02.2005 no virus found 
eTrust-Vet 11.9.1.0 11.03.2005 no virus found 
Fortinet 2.48.0.0 11.03.2005 no virus found 
F-Prot 3.16c 11.03.2005 no virus found 
Ikarus 0.2.59.0 11.03.2005 no virus found 
Kaspersky 4.0.2.24 11.03.2005 no virus found 
McAfee 4618 11.02.2005 no virus found 
NOD32v2 1.1275 11.03.2005 no virus found 
Norman 5.70.10 11.03.2005 no virus found 
Panda 8.02.00 11.02.2005 no virus found 
Sophos 3.99.0 11.03.2005 no virus found 
Symantec 8.0 11.02.2005 no virus found 
TheHacker 5.9.1.027 11.02.2005 no virus found 
VBA32 3.10.4 11.03.2005 Backdoor.UnFSG.2.0  :Smiley: 
--------------------------------------------------------------
ЗЫ. h**p://biocyborg.narod.ru/soft/unfsgv20.zip

----------


## AndreyKa

> всему есть разумное объяснение 
> не открою большого секрета если скажу, что заразился человек, которому были известны оба этих почтовых ящика. и теперь с его компьютера рассылаются письма со случайными чужими адресами на случайные чужие адреса.


Это другой случай. Данный вариант Bagle не имеет функции размножения. Видимо, рассылали по спамерским спискам и брали два соседних адреса из отсортированных по алфавиту.  :Smiley:

----------


## MOCT

> Это другой случай. Данный вариант Bagle не имеет функции размножения. Видимо, рассылали по спамерским спискам и брали два соседних адреса из отсортированных по алфавиту.


а что же это за "вирус" такой? нафига он тогда нужен? посмотреть на него где можно?

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Grey

This is a report processed by VirusTotal on 11/07/2005 at 10:30:09 (CET) after scanning the file "SLaunch.dll" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.07.2005	no virus found	
Avast	4.6.695.0	11.04.2005	no virus found	
AVG	718	11.03.2005	no virus found	
Avira	6.32.0.6	11.07.2005	no virus found	
BitDefender	7.2	11.07.2005	no virus found	
CAT-QuickHeal	8.00	11.05.2005	no virus found	
ClamAV	devel-20050917	11.06.2005	Trojan.Gobot-7	
DrWeb	4.33	11.07.2005	no virus found	
eTrust-Iris	7.1.194.0	11.04.2005	no virus found	
eTrust-Vet	11.9.1.0	11.07.2005	no virus found	
Fortinet	2.48.0.0	11.06.2005	no virus found	
F-Prot	3.16c	11.06.2005	no virus found	
Ikarus	0.2.59.0	11.06.2005	no virus found	
Kaspersky	4.0.2.24	11.07.2005	no virus found	
McAfee	4621	11.05.2005	MultiDropper-JD	
NOD32v2	1.1277	11.05.2005	no virus found	
Norman	5.70.10	11.04.2005	no virus found	
Panda	8.02.00	11.06.2005	no virus found	
Sophos	3.99.0	11.07.2005	no virus found	
Symantec	8.0	11.06.2005	no virus found	
TheHacker	5.9.1.029	11.07.2005	no virus found	
VBA32	3.10.4	11.06.2005	no virus found
------- 
Сама Dll-ка - это FAR-оский плагин.

----------


## anton_dr

This is a report processed by VirusTotal on 11/08/2005 at 10:07:46 (CET) after scanning the file "__1087" file.
Antivirus Version Update Result 
AntiVir 6.32.0.6 11.08.2005 no virus found 
Avast 4.6.695.0 11.07.2005 Win32:Beagle-gen5 
AVG 718 11.03.2005 I-Worm/Bagle 
Avira 6.32.0.6 11.07.2005 no virus found 
BitDefender 7.2 11.08.2005 BehavesLike:Win32.ExplorerHijack 
CAT-QuickHeal 8.00 11.07.2005 (Suspicious) - DNAScan 
ClamAV devel-20050917 11.07.2005 no virus found 
DrWeb 4.33 11.07.2005 no virus found 
eTrust-Iris 7.1.194.0 11.08.2005 no virus found 
eTrust-Vet 11.9.1.0 11.08.2005 Win32.Mitglieder.DG 
Fortinet 2.48.0.0 11.08.2005 suspicious 
F-Prot 3.16c 11.07.2005 could be infected with an unknown virus 
Ikarus 0.2.59.0 11.07.2005 Email-Worm.Win32.Bagle.EE 
Kaspersky 4.0.2.24 11.08.2005 Email-Worm.Win32.Bagle.pac 
McAfee 4622 11.07.2005 W32/Bagle.gen 
NOD32v2 1.1278 11.07.2005 probably unknown NewHeur_PE virus 
Norman 5.70.10 11.08.2005 W32/Malware 
Panda 8.02.00 11.07.2005 Trj/Mitglieder.gen 
Sophos 3.99.0 11.08.2005 no virus found 
Symantec 8.0 11.07.2005 no virus found 
TheHacker 5.9.1.030 11.07.2005 W32/[email protected] 
VBA32 3.10.4 11.06.2005 suspected of Email-Worm.Bagle.22

----------


## Dynamo_Kiev

Без "промежуточных итогов" тяжко стало просматривать тему  :Sad:

----------


## qantrom

> а что же это за "вирус" такой? нафига он тогда нужен? посмотреть на него где можно?


не только можно , но и нужно. вот потому я прошу Gesser_a подкинуть нам новый архивчик вирусов, так по старой дружбе )))

----------


## Alexey P.

> а что же это за "вирус" такой? нафига он тогда нужен? посмотреть на него где можно?


 Спам рассылается достаточно неслабо.  Видимо, и этого хватает.
Плюс CA в описании упоминает о загрузке его другими троянами.
 Перевод их описания я выложил тут: http://www.virusinfo.info/showthread.php?t=3894

----------


## Sanja

Чудеса... или касперы начали эвристику развивать?

http://img257.imageshack.us/img257/2...ristic23xb.png

----------


## Зайцев Олег

> Чудеса... или касперы начали эвристику развивать?
> 
> http://img257.imageshack.us/img257/2...ristic23xb.png


Это не чудеса, а судя по всему детект одноименного хакерского криптера-упаковщика, которым сжат исследуемый объект

----------


## kvit

> Это не чудеса, а судя по всему детект одноименного хакерского криптера-упаковщика, которым сжат исследуемый объект


Это точно, есть такие загону у KAV, если пакер не сильно распространен и не является коммерческим, то проще на всё что им упаковано обзывать вирусом...

----------


## MOCT

> Это точно, есть такие загону у KAV, если пакер не сильно распространен и не является коммерческим, то проще на всё что им упаковано обзывать вирусом...


а я думаю, что это парсер логов ошибся - принял сообщение об упаковке за сообщение о вредоносной программе

----------


## ZDM

> а я думаю, что это парсер логов ошибся - принял сообщение об упаковке за сообщение о вредоносной программе


 Э нет, я такое часто вижу. Это точно каспер на пакованные файлы ругатся. А вот когда AntiVir на том же Jotti обругался на файл "Yoda/Packed", вот это уже похоже на ошибку парсера.

----------


## MOCT

> Э нет, я такое часто вижу. Это точно каспер на пакованные файлы ругатся. А вот когда AntiVir на том же Jotti обругался на файл "Yoda/Packed", вот это уже похоже на ошибку парсера.


я верю только в то, что вижу сам.
раз у Вас часто такое встречается - пришлите лог работы касперского, в котором он детектирует файл именно как вредоносную программу и под именем типа приведенного на картинке. всякие очеты парсеров в рассмотрение не принимаются.

----------


## Sanja

>Это точно, есть такие загону у KAV, если пакер не сильно распространен и не является коммерческим, то проще на всё что им упаковано обзывать вирусом...

Ошибаетесь... в 99% пишется унпакер

----------


## ZDM

> раз у Вас часто такое встречается - пришлите лог работы касперского, в котором он детектирует файл именно как вредоносную программу и под именем типа приведенного на картинке.


 Надо верить людям  :Smiley: 
 Логи всегда можно сфабриковать, так что если Вы не верите мне ... то зачем вам логи. А файлы кидать я не собираюсь.
 А парсеры тут непричём, просто попользуйтесь Каспером какое то время, сами всё увидите (кстати последнее время от такие перлы откалывает ... могу выкладку таких детектов подобрать, но это опять таки логи  :Wink: )

----------


## MOCT

> Надо верить людям


как-нибудь в другой раз




> Логи всегда можно сфабриковать, так что если Вы не верите мне ... то зачем вам логи. А файлы кидать я не собираюсь.
>  А парсеры тут непричём, просто попользуйтесь Каспером какое то время, сами всё увидите (кстати последнее время от такие перлы откалывает ... могу выкладку таких детектов подобрать, но это опять таки логи )


у меня в графическом файле сдетектировал зеленых человечков. проверил - и правда зеленые человечки...  :Huh:

----------


## kvit

> Ошибаетесь... в 99% пишется унпакер


Я основывал свои выводы на высказываниях Dr.Golova:




> vmprotect_105b3.exe 
> по велению тов. Касперского субж объявлен вирусом
> 			
> 		
> 
> А вот если бы продукт был коммерческим, этот подход бы непрокатил. Хотя некоторые AV даже SVKP детектят как Virus.SVKP =)
> А насчет тенденции это понятно, если каждый китайский школьник считает своим долгом написать "пакер", то его проще задетектить чем впихивать в движок распаковку, учитывая что этот пакер встретится на сотне китайских же троянов и одной полулегальной китайской же проге (типа кейлоггер но с анинсталлером

----------


## kvit

Промежуточные результаты:

----------


## Alexey P.

Цитата:
Сообщение от Sanja
Чудеса... или касперы начали эвристику развивать?

http://img257.imageshack.us/img257/2...ristic23xb.png



> Это не чудеса, а судя по всему детект одноименного хакерского криптера-упаковщика, которым сжат исследуемый объект


 Угу, именно так. Не в первый раз такое вижу - вот это, к примеру:
DrWeb	Trojan.Lopata	http://65.75.151.192/cntr/bin/latest.exe
(ссылка уже не действует, перенесли куда-то)
 каспером детектилось как Win32.Crypt.l
причем, судя по l - очередная модификация.

 Эвристиком тут, конечно, и не пахло. Как и лечением - в смысле чистки от упакованного внутри трояна/червя. Только удаление файла.

----------


## Sanja

> а судя по всему детект одноименного хакерского криптера-упаковщика

Подтверждаю - такая запись есть в базах

----------


## Sanja

> в смысле чистки от упакованного внутри трояна/червя

Г это пока перебор - если анпакер и можно написать то пакер в 5 раз сложнее  :Smiley:

----------


## MOCT

> > а судя по всему детект одноименного хакерского криптера-упаковщика
> 
> Подтверждаю - такая запись есть в базах


то же самое про Beagle.pac - это видимо тоже детектирование упаковщика, при условии что начинка неизвестна

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## userr

> This is a report processed by VirusTotal on 11/07/2005 at 10:30:09 (CET) after scanning the file "SLaunch.dll" file.
> 
> Antivirus	Version	Update	Result	
> ...
> ClamAV	devel-20050917	11.06.2005	Trojan.Gobot-7	
> McAfee	4621	11.05.2005	MultiDropper-JD	
> ...
> ------- 
> Сама Dll-ка - это FAR-оский плагин.


То есть это ложное срабатывание?

----------


## Alexey P.

> то же самое про Beagle.pac - это видимо тоже детектирование упаковщика, при условии что начинка неизвестна


 Если мне не изменяет склероз, так детектились битые бигли (видимо, ошибка в червяке, вот и генерировал такое). Потому начинки там нету.
 Мусор, но его было много - добавили, чтоб юзера это больше не присылали.

----------


## MOCT

> Если мне не изменяет склероз, так детектились битые бигли (видимо, ошибка в червяке, вот и генерировал такое). Потому начинки там нету.
>  Мусор, но его было много - добавили, чтоб юзера это больше не присылали.


не знаю, как задумывалось изначально, но вроде бы под этим именем детектируются и те файлы, которые выкладываются авторами для автообновления. неужели и там битые файлы?

----------


## Alexey P.

> Угу, именно так. Не в первый раз такое вижу - вот это, к примеру:
> DrWeb	Trojan.Lopata	http://65.75.151.192/cntr/bin/latest.exe
> (ссылка уже не действует, перенесли куда-то)
>  каспером детектилось как Win32.Crypt.l
> причем, судя по l - очередная модификация.
> 
>  Эвристиком тут, конечно, и не пахло. Как и лечением - в смысле чистки от упакованного внутри трояна/червя. Только удаление файла.


 Нашлась пропажа  :Smiley: . Переехали по новому адресу.
hxxp://69.50.184.90/cntr/bin/latest.exe

 Проверил - все верно, каспер о крипторе не пишет ни слова. Детектит поверх сам упаковщик.
 Дрвеб распаковывает:
---------------------------------------------------------
latest.exe packed by YODA
В файле >latest.exe обнаружен вирус Trojan.Galapoper
---------------------------------------------------------

----------


## Alexey P.

Еще одна шутка юмора от каспера (с битдефендером).

This is a report processed by VirusTotal on 11/13/2005 at 18:27:03
 (CET) after scanning the file "hosts.txt" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.11.2005	no virus found	
Avast		4.6.695.0	11.11.2005	no virus found	
AVG		718		11.11.2005	no virus found	
Avira		6.32.0.6	11.11.2005	no virus found	
BitDefender	7.2		11.13.2005	Trojan.Qhost.EL	
CAT-QuickHeal	8.00		11.12.2005	no virus found	
ClamAV		devel-20051108	11.11.2005	no virus found	
DrWeb		4.33	1	1.12.2005	no virus found	
eTrust-Iris	7.1.194.0	11.13.2005	no virus found	
eTrust-Vet	11.9.1.0	11.11.2005	no virus found	
Fortinet	2.48.0.0	11.10.2005	no virus found	
F-Prot		3.16c		11.10.2005	no virus found	
Ikarus		0.2.59.0	11.11.2005	no virus found	
Kaspersky	4.0.2.24	11.13.2005	Trojan.Win32.Qhost.el	
McAfee		4626		11.11.2005	no virus found	
NOD32v2		1.1284		11.11.2005	no virus found	
Norman		5.70.10		11.11.2005	no virus found	
Panda		8.02.00		11.13.2005	no virus found	
Sophos		3.99.0		11.13.2005	no virus found	
Symantec	8.0		11.12.2005	no virus found	
TheHacker	5.9.1.033	11.11.2005	no virus found	
VBA32		3.10.4		11.12.2005	no virus found

 Фишка в том, что это обычный файл hosts, блокирующий как раз вирусные сайты  :Smiley: . Что-то вроде борьбы с конкурентами.

http://iframetraff.biz/progs/hosts.txt

----------


## Geser

> Фишка в том, что это обычный файл hosts, блокирующий как раз вирусные сайты . Что-то вроде борьбы с конкурентами.


Это известно. КАВ вроде даже лечит такое. Т.е. видимо удаляет лишние записи

----------


## Alexey P.

> Нашлась пропажа . Переехали по новому адресу.
> hxxp://69.50.184.90/cntr/bin/latest.exe
> 
>  Проверил - все верно, каспер о крипторе не пишет ни слова. Детектит поверх сам упаковщик.
>  Дрвеб распаковывает:
> ---------------------------------------------------------
> latest.exe packed by YODA
> В файле >latest.exe обнаружен вирус Trojan.Galapoper
> ---------------------------------------------------------


 Кстати, кто сомневался, что лечения не будет (только удаление файла) - троян внутри уже не раз сменился (был лопата, стал галапоппер, да и этих уже был не один), а детект каспера остался прежним - криптор используется тот же, от 21.08.

----------


## Geser

> Кстати, кто сомневался, что лечения не будет (только удаление файла) - троян внутри уже не раз сменился (был лопата, стал галапоппер, да и этих уже был не один), а детект каспера остался прежним - криптор используется тот же, от 21.08.


А чего лечить в трояне?  :Smiley: 
Конечно способ корявый, но в данном случае есть приемущество. Даже если троян неизвестен всёравно ругаться будет  :Smiley:

----------


## Alexey P.

> Это известно. КАВ вроде даже лечит такое. Т.е. видимо удаляет лишние записи


 Вот как раз этот файл лечить бы и не стоило  :Smiley: .
Сайты там неслабые заблокированы, один toolbarpartner чего стоит.
То, что с этим hosts приходит - детская забава по сравнению.

----------


## Alexey P.

> А чего лечить в трояне? 
> Конечно способ корявый, но в данном случае есть приемущество. Даже если троян неизвестен всёравно ругаться будет


 В трояне лечить нечего. А то, что им дропнуто/прописано, очень не вредно бы.
Лечить - в смысле систему от трояна.

 Да и немало уж добра этой Yoda паковано, этот голопоппер далеко не один. Этот криптер мне уже давно попадается.

----------


## MOCT

> В трояне лечить нечего. А то, что им дропнуто/прописано, очень не вредно бы.
> Лечить - в смысле систему от трояна.
> 
>  Да и немало уж добра этой Yoda паковано, этот голопоппер далеко не один. Этот криптер мне уже давно попадается.


yoda crypt 1.3 ? о да!
я бы еще запретил FSG, MEW и Upack (Dwing).  :Stick Out Tongue:

----------


## Alexey P.

> yoda crypt 1.3 ? о да!
> я бы еще запретил FSG, MEW и Upack (Dwing).


  :Smiley: .

 Точности для - это, видимо, Yoda-based. Не чистый - тот все знают.

ЗЫ: А VBA вообще чихал на упаковщики, он их эмулятором распаковывает. Медленный, правда - когда попадается неизвестная упаковка, жует файл очень долго, но результат того стоит. Эту патченную йоду он сразу распаковывал, от рождения  :Smiley: .

----------


## MOCT

> Точности для - это, видимо, Yoda-based. Не чистый - тот все знают.


ну да, исходники-то доступны.




> ЗЫ: А VBA вообще чихал на упаковщики, он их эмулятором распаковывает. Медленный, правда - когда попадается неизвестная упаковка, жует файл очень долго, но результат того стоит. Эту патченную йоду он сразу распаковывал, от рождения .


еще бы он как распаковщик работал - цены бы ему не было...

----------


## Alexey P.

> еще бы он как распаковщик работал - цены бы ему не было...


 Угу, вот это точно.

To Dr.Xmas - мож, сделаете такой ключик ? Действительно была бы сильнейшая вещь.
 И фиг с ней, таблицей импорта, кому она нужна. Нам бы ссылки изнутри выдрать, и ладушки.

/unpack_archives совсем не то, это все и архиваторы раскрывают.

----------


## WaterFish

Last file scanned at least one scanner reported something about**: jhgf.zip, detected by:


Scanner Malware name 	
AntiVir Dropper/Sober.W 	
ArcaVir X 	
Avast X 	
AVG Antivirus I-Worm/Sober.CB 	
BitDefender [email protected] 
ClamAV Worm.Sober.T 	
Dr.Web X 	
F-Prot Antivirus W32/VB.NB 	
Fortinet W32/Sober.X-dr 	
Kaspersky Anti-Virus Email-Worm.Win32.Sober.w 	
NOD32 X 	
Norman Virus Control X 	
UNA X 	
VBA32 X

----------


## kvit

> Last file scanned at least one scanner reported something about**: jhgf.zip, detected by:


Лучше тоже самое на virustotal сделать...

----------


## WaterFish

Last file scanned at least one scanner reported something about**: Word-Text_packedList.xex, detected by:


Scanner 	Malware name 	
AntiVir 	Worm/Sober.V.1 	
ArcaVir 	Worm.Sober.Z 	
Avast          Win32:Sober-X2 	
AVG            I-Worm/Sober.CC 	
BitDefender 	 [email protected] 
ClamAV 	Worm.Sober.T-3 	
Dr.Web 	Win32.HLLM.Sober 	
F-Prot  	W32/[email protected] 
Fortinet 	W32/Sober.V-dr 	
Kaspersky  	Email-Worm.Win32.Sober.u 	
NOD32 	X 	
Norman Vir	X 	
UNA 	         X 	
VBA32 	X

virustotal -не могу :Wink:

----------


## kvit

Тогда, к сожалению, в зачет не идет  :Sad: 
Там очень часто не актуальные базы....

----------


## Geser

> Промежуточные результаты:


Отличный график. Еще посортировать его по количеству детектов

----------


## kvit

> Отличный график. Еще посортировать его по количеству детектов


Отсортировать можно... Сразу предупреждаю: Брал в отчет только сканы с virustotal.

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## WaterFish

> Тогда, к сожалению, в зачет не идет 
> Там очень часто не актуальные базы....


Исходя из этого:http://virusinfo.info/showthread.php?p=59381#post59381 
скорее всего свежие

----------


## kvit

> Исходя из этого:http://virusinfo.info/showthread.php?p=59381#post59381 
> скорее всего свежие


у меня был похожий вариант... и NOD32 на моей машине с последними базами брал, а jotti не видел в упор.

вот подробности:
http://virusinfo.info/showthread.php?t=3491

Кстати ради эксперимента могу проверить, если зашлете образец на e-mail.

----------


## Alexey P.

This is a report processed by VirusTotal on 11/19/2005 at 19:05:05
 (CET) after scanning the file "open.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.19.2005	PCK/PESpin	
Avast		4.6.695.0	11.18.2005	no virus found	
AVG		718		11.18.2005	no virus found	
Avira		6.32.0.6	11.19.2005	PCK/PESpin	
BitDefender	7.2		11.19.2005	Dropped:Trojan.Small.AL	
CAT-QuickHeal	8.00		11.19.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.18.2005	Trojan.LdPinch-34	
DrWeb		4.33	1	1.19.2005	Trojan.PWS.LDPinch.165	
eTrust-Iris	7.1.194.0	11.16.2005	no virus found	
eTrust-Vet	11.9.1.0	11.17.2005	no virus found	
Fortinet	2.48.0.0	11.19.2005	suspicious	
F-Prot		3.16c		11.18.2005	no virus found	
Ikarus		0.2.59.0	11.17.2005	no virus found	
Kaspersky	4.0.2.24	11.19.2005	no virus found	
McAfee		4632		11.18.2005	no virus found	
NOD32v2		1.1292		11.19.2005	probably unknown NewHeur_PE virus	
Norman		5.70.10		11.18.2005	no virus found	
Panda		8.02.00		11.19.2005	no virus found	
Sophos		3.99.0		11.19.2005	Troj/LdPnch-Fam	
Symantec	8.0		11.19.2005	no virus found	
TheHacker	5.9.1.037	11.18.2005	no virus found	
VBA32		3.10.5		11.18.2005	no virus found

----------


## Sanja

This is a report processed by VirusTotal on 11/20/2005 at 16:44:05
(CET) after scanning the file "latest.exe" file.

Antivirus Version Update Result
AntiVir 6.32.0.6 11.20.2005 no virus found
Avast 4.6.695.0 11.20.2005 no virus found
AVG 718 11.18.2005 no virus found
Avira 6.32.0.6 11.20.2005 no virus found
BitDefender 7.2 11.20.2005 no virus found
CAT-QuickHeal 8.00 11.20.2005 (Suspicious) - DNAScan
ClamAV devel-20051108 11.18.2005 no virus found
DrWeb 4.33 11.20.2005 no virus found
eTrust-Iris 7.1.194.0 11.16.2005 no virus found
eTrust-Vet 11.9.1.0 11.17.2005 Win32.Sinteri
Fortinet 2.48.0.0 11.20.2005 suspicious
F-Prot 3.16c 11.20.2005 could be infected with an unknown virus
Ikarus 0.2.59.0 11.17.2005 no virus found
Kaspersky 4.0.2.24 11.20.2005 Packed.Win32.Klone.b
McAfee 4632 11.18.2005 Galapoper
NOD32v2 1.1294 11.20.2005 a variant of Win32/TrojanProxy.Lager.F
Norman 5.70.10 11.18.2005 no virus found
Panda 8.02.00 11.20.2005 no virus found
Sophos 3.99.0 11.20.2005 no virus found
Symantec 8.0 11.19.2005 no virus found
TheHacker 5.9.1.037 11.18.2005 no virus found
VBA32 3.10.5 11.18.2005 Trojan.Win32.Crypt.l

----------


## MOCT

Тестируя 4 файла, которые не детектировались "Антивирусом Касперского" (взяты из архива http://virusinfo.info/showthread.php?t=3992) на jotti.org, были получены такие результаты:

AntiVir, AVG Antivirus, ClamAV, Dr.Web, VBA32 нашли 2 из 4
ArcaVir, Avast, BitDefender, UNA нашли 1 из 4
NOD32 выдал 1 эвристическое сообщение
F-Prot Antivirus, Fortinet, Norman Virus Control, Kaspersky Anti-Virus не нашли ничего

----------


## Geser

> Тестируя 4 файла, которые не детектировались "Антивирусом Касперского" (взяты из архива http://virusinfo.info/showthread.php?t=3992) на jotti.org, были получены такие результаты:
> 
> AntiVir, AVG Antivirus, ClamAV, Dr.Web, VBA32 нашли 2 из 4
> ArcaVir, Avast, BitDefender, UNA нашли 1 из 4
> NOD32 выдал 1 эвристическое сообщение
> F-Prot Antivirus, Fortinet, Norman Virus Control, Kaspersky Anti-Virus не нашли ничего


В тех архивах которые ходят по нету куча мусора. Утилиты всякие, даже антивирусные попадались  :Smiley:

----------


## MOCT

> В тех архивах которые ходят по нету куча мусора. Утилиты всякие, даже антивирусные попадались


на самом деле, недетектируемых там было больше, но мусор я откинул ;-)

----------


## Alexey P.

This is a report processed by VirusTotal on 11/21/2005 at 22:12:30
 (CET) after scanning the file "test.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.21.2005	TR/Drop.Small.ajc	
Avast		4.6.695.0	11.20.2005	no virus found	
AVG		718		11.21.2005	Dropper.Generic.BVA	
Avira		6.32.0.6	11.21.2005	TR/Drop.Small.ajc	
BitDefender	7.2		11.21.2005	Trojan.Dropper.Small.AJC	
CAT-QuickHeal	8.00		11.20.2005	no virus found	
ClamAV		devel-20051108	11.21.2005	no virus found	
DrWeb		4.33	1	1.21.2005	Trojan.DownLoader.5364	
eTrust-Iris	7.1.194.0	11.21.2005	Win32/SillyDL.57344!Trojan	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	W32/Small.AJC-dr	
F-Prot		3.16c		11.21.2005	no virus found	
Ikarus		0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	Trojan-Dropper.Win32.Small.ajd	
McAfee		4633		11.21.2005	no virus found	
NOD32v2		1.1295		11.20.2005	Win32/TrojanDropper.Small.AJC	
Norman		5.70.10		11.21.2005	no virus found	
Panda		8.02.00		11.21.2005	W32/Mops.A.worm	
Sophos		3.99.0		11.21.2005	Troj/Geoload-A	
Symantec	8.0		11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32		3.10.5		11.21.2005	Trojan.DownLoader.5364

----------


## Alexey P.

This is a report processed by VirusTotal on 11/21/2005 at 22:21:22 (CET)
 after scanning the file "netmann.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.21.2005	TR/Qhost.A.1	
Avast		4.6.695.0	11.20.2005	no virus found	
AVG		718		11.21.2005	Proxy.ALN	
Avira		6.32.0.6	11.21.2005	TR/Qhost.A.1	
BitDefender	7.2		11.21.2005	BehavesLike:Win32.SiteHijack	
CAT-QuickHeal	8.00		11.20.2005	TrojanProxy.Webber.u	
ClamAV		devel-20051108	11.21.2005	Trojan.Qhost.AF	
DrWeb		4.33		11.21.2005	Trojan.Proxy.527	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	W32/Webber.U-tr	
F-Prot		3.16c		11.21.2005	no virus found	
Ikarus		0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	Trojan-Proxy.Win32.Webber.u	
McAfee		4633		11.21.2005	no virus found	
NOD32v2		1.1296		11.21.2005	probably unknown NewHeur_PE virus	
Norman		5.70.10		11.21.2005	W32/Malware	
Panda		8.02.00		11.21.2005	no virus found	
Sophos		3.99.0		11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	Trojan/Proxy.Webber.u	
VBA32		3.10.5		11.21.2005	Trojan-Proxy.Win32.Webber.u

 Интересно, что симантека тут нету. Странно. Валится, что ли..
Заслал еще - точно, симантека нет, повторяется стабильно.
 3 раза  :Smiley: .

----------


## Alexey P.

This is a report processed by VirusTotal on 11/21/2005 at 22:33:29 (CET)
 after scanning the file "icn2.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.21.2005	no virus found	
Avast		4.6.695.0	11.20.2005	Win32 :Stick Out Tongue: rox	
AVG		718		11.21.2005	no virus found	
Avira		6.32.0.6	11.21.2005	no virus found	
BitDefender	7.2		11.21.2005	GenPack:Backdoor.Prox.A.Dropper	
CAT-QuickHeal	8.00		11.20.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.21.2005	no virus found	
DrWeb		4.33		11.21.2005	Trojan.MulDrop.3041	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	suspicious	
F-Prot		3.16c		11.21.2005	no virus found	
Ikarus		0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	no virus found	
McAfee		4633		11.21.2005	no virus found	
NOD32v2		1.1296		11.21.2005	a variant of Win32/Prox	
Norman		5.70.10		11.21.2005	no virus found	
Panda		8.02.00		11.21.2005	Adware/CWS.Searchmeup	
Sophos		3.99.0		11.21.2005	no virus found	
Symantec	8.0		11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32		3.10.5		11.21.2005	no virus found

 А тут симантек снова есть. Выпадал в осадок, что ли ...
Я уж думал - убрали от греха подальше  :Smiley: .

----------


## Alexey P.

This is a report processed by VirusTotal on 11/21/2005 at 22:52:16
 (CET) after scanning the file "main.chm" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.21.2005	no virus found	
Avast		4.6.695.0	11.20.2005	no virus found	
AVG		718		11.21.2005	no virus found	
Avira		6.32.0.6	11.21.2005	no virus found	
BitDefender	7.2		11.21.2005	Exploit.ADODB.Stream.Gen	
CAT-QuickHeal	8.00		11.20.2005	no virus found	
ClamAV		devel-20051108	11.21.2005	Trojan.Downloader.JS.Small.V	
DrWeb		4.33		11.21.2005	Trojan.MulDrop.3035	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	no virus found	
F-Prot		3.16c		11.21.2005	no virus found	
Ikarus		0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	no virus found	
McAfee		4633		11.21.2005	no virus found	
NOD32v2		1.1296		11.21.2005	a variant of Win32/TrojanDropper.Small.UE	
Norman		5.70.10		11.21.2005	no virus found	
Panda		8.02.00		11.21.2005	no virus found	
Sophos		3.99.0		11.21.2005	no virus found	
Symantec	8.0		11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32		3.10.5		11.21.2005	no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 11/21/2005 at 23:06:07
 (CET) after scanning the file "x.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.21.2005	no virus found	
Avast		4.6.695.0	11.20.2005	Win32:Trojano-1320	
AVG		718		11.21.2005	BackDoor.Agent.PB	
Avira		6.32.0.6	11.21.2005	no virus found	
BitDefender	7.2		11.21.2005	Backdoor.Agent.PX	
CAT-QuickHeal	8.00		11.20.2005	no virus found	
ClamAV		devel-20051108	11.21.2005	Trojan.Agent-130	
DrWeb		4.33		11.21.2005	Trojan.DownLoader.5067	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	no virus found	
F-Prot		3.16c		11.21.2005	could be infected with an unknown virus	
Ikarus		0.2.59.0	11.21.2005	Backdoor.Win32.Agent.PX	
Kaspersky	4.0.2.24	11.21.2005	Backdoor.Win32.Agent.px	
McAfee		4633		11.21.2005	no virus found	
NOD32v2		1.1296		11.21.2005	a variant of Win32/TrojanDropper.Small.ZG	
Norman		5.70.10		11.21.2005	no virus found	
Panda		8.02.00		11.21.2005	no virus found	
Sophos		3.99.0		11.21.2005	no virus found	
Symantec	8.0		11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	Posible_Worm32	
VBA32		3.10.5		11.21.2005	Backdoor.Win32.Agent.px

----------


## Red Dragon

GDI+ JPEG Remote Exploit 
 *  By John Bissell A.K.A. HighT1mes
 *
 * Exploit Name:
 * =============
 *  JpegOfDeath.c v0.5
 *
 * Date Exploit Released:
 * ======================
 *  Sep, 23, 2004
Скомпилирован лично на MS VS2003.

This is a report processed by VirusTotal on 11/21/2005 at 23:02:50 (CET) after scanning the file "JpegOfDeath.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.21.2005	no virus found	
Avast	4.6.695.0	11.20.2005	Win32:Trojano-2054	
AVG	718	11.21.2005	no virus found	
Avira	6.32.0.6	11.21.2005	no virus found	
BitDefender	7.2	11.21.2005	no virus found	
CAT-QuickHeal	8.00	11.20.2005	no virus found	
ClamAV	devel-20051108	11.21.2005	no virus found	
DrWeb	4.33	11.21.2005	no virus found	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	no virus found	
F-Prot	3.16c	11.21.2005	no virus found	
Ikarus	0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	VirTool.Win32.MS04-028.j	
McAfee	4633	11.21.2005	no virus found	
NOD32v2	1.1296	11.21.2005	no virus found	
Norman	5.70.10	11.21.2005	no virus found	
Panda	8.02.00	11.21.2005	no virus found	
Sophos	3.99.0	11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32	3.10.5	11.21.2005	no virus found

м-да, правда он не такой уж страшный :Smiley:

----------


## Red Dragon

This is a report processed by VirusTotal on 11/21/2005 at 23:29:03 (CET) after scanning the file "winsniff.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.21.2005	TR/Sniffer.WinSmm.B	
Avast	4.6.695.0	11.20.2005	no virus found	
AVG	718	11.21.2005	no virus found	
Avira	6.32.0.6	11.21.2005	TR/Sniffer.WinSmm.B	
BitDefender	7.2	11.21.2005	no virus found	
CAT-QuickHeal	8.00	11.20.2005	no virus found	
ClamAV	devel-20051108	11.21.2005	no virus found	
DrWeb	4.33	11.21.2005	no virus found	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	W32/Winsmm.B-tr	
F-Prot	3.16c	11.21.2005	no virus found	
Ikarus	0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	Sniffer.Win32.WinSmm.b	
McAfee	4633	11.21.2005	potentially unwanted program SmmSniff	
NOD32v2	1.1296	11.21.2005	no virus found	
Norman	5.70.10	11.21.2005	no virus found	
Panda	8.02.00	11.21.2005	no virus found	
Sophos	3.99.0	11.21.2005	no virus found	
Symantec	8.0	11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32	3.10.5	11.21.2005	Win32.Sniffer.WinSmm.b

Тот же снифер паролей, но чуть подправленный (отученный от вредной привычки затирать 2 последних знака в пароле звездочками :Cheesy: )

This is a report processed by VirusTotal on 11/21/2005 at 22:58:49 (CET) after scanning the file "_winsniff.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.21.2005	TR/Sniffer.WinSmm.B	
Avast	4.6.695.0	11.20.2005	no virus found	
AVG	718	11.21.2005	no virus found	
Avira	6.32.0.6	11.21.2005	TR/Sniffer.WinSmm.B	
BitDefender	7.2	11.21.2005	no virus found	
CAT-QuickHeal	8.00	11.20.2005	no virus found	
ClamAV	devel-20051108	11.21.2005	no virus found	
DrWeb	4.33	11.21.2005	no virus found	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	no virus found	
F-Prot	3.16c	11.21.2005	no virus found	
Ikarus	0.2.59.0	11.21.2005	no virus found	
Kaspersky	4.0.2.24	11.21.2005	Sniffer.Win32.WinSmm.b	
McAfee	4633	11.21.2005	potentially unwanted program SmmSniff	
NOD32v2	1.1296	11.21.2005	no virus found	
Norman	5.70.10	11.21.2005	no virus found	
Panda	8.02.00	11.21.2005	no virus found	
Sophos	3.99.0	11.21.2005	no virus found	
Symantec	8.0	11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32	3.10.5	11.21.2005	no virus found

*цокает языком*

----------


## Alexey P.

This is a report processed by VirusTotal on 11/21/2005 at 23:40:38
 (CET) after scanning the file "1.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.21.2005	no virus found	
Avast		4.6.695.0	11.20.2005	no virus found	
AVG		718		11.21.2005	no virus found	
Avira		6.32.0.6	11.21.2005	no virus found	
BitDefender	7.2		11.21.2005	no virus found	
CAT-QuickHeal	8.00		11.20.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.21.2005	no virus found	
DrWeb		4.33		11.21.2005	Trojan.DownLoader.3862	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.21.2005	no virus found	
Fortinet	2.48.0.0	11.21.2005	no virus found	
F-Prot		3.16c		11.21.2005	could be infected with an unknown virus	
Ikarus		0.2.59.0	11.21.2005	Trojan-Downloader.Win32.CWS.J	
Kaspersky	4.0.2.24	11.21.2005	Trojan-Downloader.Win32.CWS.k	
McAfee		4633		11.21.2005	Downloader-AQV	
NOD32v2		1.1296		11.21.2005	probably unknown NewHeur_PE virus	
Norman		5.70.10		11.21.2005	no virus found	
Panda		8.02.00		11.21.2005	no virus found	
Sophos		3.99.0		11.21.2005	no virus found	
Symantec	8.0		11.21.2005	no virus found	
TheHacker	5.9.1.038	11.21.2005	no virus found	
VBA32		3.10.5		11.21.2005	suspected of Backdoor.Zarabot.1

----------


## Alexey P.

This is a report processed by VirusTotal on 11/22/2005 at 20:31:52
 (CET) after scanning the file "30.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.22.2005	no virus found	
Avast		4.6.695.0	11.22.2005	no virus found	
AVG		718		11.21.2005	no virus found	
Avira		6.32.0.6	11.22.2005	no virus found	
BitDefender	7.2		11.22.2005	no virus found	
CAT-QuickHeal	8.00		11.22.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.22.2005	no virus found	
DrWeb		4.33		11.22.2005	Trojan.DownLoader.5190	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.22.2005	no virus found	
Fortinet	2.48.0.0	11.22.2005	suspicious	
F-Prot		3.16c		11.22.2005	no virus found	
Ikarus		0.2.59.0	11.22.2005	no virus found	
Kaspersky	4.0.2.24	11.22.2005	Trojan-Downloader.Win32.Small.bve	
McAfee		4634		11.22.2005	no virus found	
NOD32v2		1.1297		11.22.2005	a variant of Win32/TrojanDownloader.Small.NFP	
Norman		5.70.10		11.22.2005	no virus found	
Panda		8.02.00		11.22.2005	no virus found	
Sophos		3.99.0		11.22.2005	no virus found	
Symantec	8.0		11.22.2005	no virus found	
TheHacker	5.9.1.041	11.22.2005	no virus found	
VBA32		3.10.5		11.22.2005	no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 11/22/2005 at 21:21:02
 (CET) after scanning the file "1.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.22.2005	no virus found	
Avast		4.6.695.0	11.22.2005	no virus found	
AVG		718		11.21.2005	no virus found	
Avira		6.32.0.6	11.22.2005	no virus found	
BitDefender	7.2		11.22.2005	Trojan.Dropper.Agent.ABU	
CAT-QuickHeal	8.00		11.22.2005	no virus found	
ClamAV		devel-20051108	11.22.2005	no virus found	
DrWeb		4.33		11.22.2005	Trojan.DownLoader.5360	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.22.2005	no virus found	
Fortinet	2.48.0.0	11.22.2005	W32/Agent.ABU-dr	
F-Prot		3.16c		11.22.2005	no virus found	
Ikarus		0.2.59.0	11.22.2005	no virus found	
Kaspersky	4.0.2.24	11.22.2005	Trojan-Dropper.Win32.Agent.abu	
McAfee		4634		11.22.2005	no virus found	
NOD32v2		1.1297		11.22.2005	no virus found	
Norman		5.70.10		11.22.2005	no virus found	
Panda		8.02.00		11.22.2005	Trj/Jupillites.A	
Sophos		3.99.0		11.22.2005	no virus found	
Symantec	8.0		11.22.2005	no virus found	
TheHacker	5.9.1.041	11.22.2005	Posible_Worm32	
VBA32		3.10.5		11.22.2005	Trojan.DownLoader.5360

----------


## Alexey P.

This is a report processed by VirusTotal on 11/22/2005 at 22:14:07
 (CET) after scanning the file "6525432109.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.22.2005	no virus found	
Avast		4.6.695.0	11.22.2005	no virus found	
AVG		718		11.21.2005	no virus found	
Avira		6.32.0.6	11.22.2005	no virus found	
BitDefender	7.2		11.22.2005	no virus found	
CAT-QuickHeal	8.00		11.22.2005	Backdoor.Small.ia	
ClamAV		devel-20051108	11.22.2005	no virus found	
DrWeb		4.33		11.22.2005	Trojan.DownLoader.4946	
eTrust-Iris	7.1.194.0	11.21.2005	no virus found	
eTrust-Vet	11.9.1.0	11.22.2005	no virus found	
Fortinet	2.48.0.0	11.22.2005	W32/Small.IA-bdr	
F-Prot		3.16c		11.22.2005	no virus found	
Ikarus		0.2.59.0	11.22.2005	no virus found	
Kaspersky	4.0.2.24	11.22.2005	Backdoor.Win32.Small.ia	
McAfee		4634		11.22.2005	no virus found	
NOD32v2		1.1297		11.22.2005	no virus found	
Norman		5.70.10		11.22.2005	no virus found	
Panda		8.02.00		11.22.2005	Trj/Lmd.A	
Sophos		3.99.0		11.22.2005	no virus found	
Symantec	8.0		11.22.2005	no virus found	
TheHacker	5.9.1.041	11.22.2005	no virus found	
VBA32		3.10.5		11.22.2005	Trojan.DownLoader.4946

----------


## santy

This is a report processed by VirusTotal on 11/23/2005 at 07:52:44 (CET) after scanning the file "services.exe" file.

Antivirus	Version	Update	Result
AntiVir	6.32.0.6	11.22.2005	Worm/Sober.Y
Avast	4.6.695.0	11.22.2005	Win32:Sober-AB
AVG	718	11.21.2005	I-Worm/Sober.CF
Avira	6.32.0.6	11.22.2005	Worm/Sober.Y
BitDefender	7.2	11.22.2005	[email protected]
CAT-QuickHeal	8.00	11.22.2005	I-Worm.Sober.y
ClamAV	devel-20051108	11.23.2005	Worm.Sober.U
DrWeb	4.33	11.22.2005	Win32.HLLM.Generic.355
eTrust-Iris	7.1.194.0	11.23.2005	Win32/Sober.W!Worm
eTrust-Vet	11.9.1.0	11.23.2005	Win32.Sober.W
Fortinet	2.48.0.0	11.23.2005	W32/Sober.AD-mm
F-Prot	3.16c	11.23.2005	W32/[email protected]
Ikarus	0.2.59.0	11.22.2005	Email-Worm.Win32.Sober.Y
Kaspersky	4.0.2.24	11.23.2005	Email-Worm.Win32.Sober.y
McAfee	4634	11.22.2005	W32/[email protected]
NOD32v2	1.1297	11.22.2005	Win32/Sober.Y
Norman	5.70.10	11.22.2005	W32/[email protected]
Panda	8.02.00	11.22.2005	W32/Sober.AH.worm
Sophos	3.99.0	11.23.2005	W32/Sober-Z
Symantec	8.0	11.22.2005	no virus found
TheHacker	5.9.1.042	11.22.2005	W32/Sober.y
VBA32	3.10.5	11.22.2005	Email-Worm.Win32.Sober.y

----------


## Alexey P.

This is a report processed by VirusTotal on 11/23/2005 at 22:54:48
 (CET) after scanning the file "release3.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.23.2005	no virus found	
Avast		4.6.695.0	11.23.2005	no virus found	
AVG		718		11.23.2005	no virus found	
Avira		6.32.0.6	11.23.2005	no virus found	
BitDefender	7.2		11.23.2005	no virus found	
CAT-QuickHeal	8.00		11.23.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.23.2005	no virus found	
DrWeb		4.33		11.23.2005	DLOADER.PWS.Trojan	
eTrust-Iris	7.1.194.0	11.23.2005	no virus found	
eTrust-Vet	11.9.1.0	11.23.2005	no virus found	
Fortinet	2.48.0.0	11.23.2005	suspicious	
F-Prot		3.16c		11.23.2005	could be infected with an unknown virus	
Ikarus		0.2.59.0	11.23.2005	no virus found	
Kaspersky	4.0.2.24	11.23.2005	no virus found	
McAfee		4635		11.23.2005	no virus found	
NOD32v2		1.1301		11.23.2005	probably unknown NewHeur_PE virus	
Norman		5.70.10		11.23.2005	no virus found	
Panda		8.02.00		11.23.2005	no virus found	
Sophos		3.99.0		11.23.2005	no virus found	
Symantec	8.0		11.22.2005	no virus found	
TheHacker	5.9.1.044	11.23.2005	no virus found	
VBA32		3.10.5		11.23.2005	no virus found


Тот же файл, прошло 4 дня.
 Кто хотел. тот добавил  :Smiley: .

This is a report processed by VirusTotal on 11/27/2005 at 13:42:19
 (CET) after scanning the file "release3.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.27.2005	no virus found	
Avast		4.6.695.0	11.26.2005	no virus found	
AVG		718		11.25.2005	BackDoor.Generic.VMA	
Avira		6.32.0.6	11.27.2005	no virus found	
BitDefender	7.2		11.27.2005	no virus found	
CAT-QuickHeal	8.00		11.25.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.25.2005	no virus found	
DrWeb		4.33		11.27.2005	Trojan.PWS.Krot	
eTrust-Iris	7.1.194.0	11.24.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.26.2005	W32/Ubriel.F!bdr	
F-Prot		3.16c		11.24.2005	could be infected with an unknown virus	
Ikarus		0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.27.2005	Backdoor.Win32.Ubriel.f	
McAfee		4637		11.25.2005	no virus found	
NOD32v2		1.1305		11.25.2005	probably unknown NewHeur_PE virus	
Norman		5.70.10		11.25.2005	no virus found	
Panda		8.02.00		11.27.2005	no virus found	
Sophos		4.00.0		11.26.2005	no virus found	
Symantec	8.0		11.27.2005	Backdoor.Trojan	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32		3.10.5		11.26.2005	Trojan.PWS.Krot

ЗЫ: Даже симсы подшевелились. Удивительно  :Smiley: .

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## Alexey P.

This is a report processed by VirusTotal on 11/23/2005 at 22:58:37
 (CET) after scanning the file "10.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.23.2005	no virus found	
Avast		4.6.695.0	11.23.2005	no virus found	
AVG		718		11.23.2005	no virus found	
Avira		6.32.0.6	11.23.2005	no virus found	
BitDefender	7.2		11.23.2005	no virus found	
CAT-QuickHeal	8.00		11.23.2005	(Suspicious) - DNAScan	
ClamAV		devel-20051108	11.23.2005	no virus found	
DrWeb		4.33		11.23.2005	Trojan.DownLoader.5444	
eTrust-Iris	7.1.194.0	11.23.2005	no virus found	
eTrust-Vet	11.9.1.0	11.23.2005	no virus found	
Fortinet	2.48.0.0	11.23.2005	suspicious	
F-Prot		3.16c		11.23.2005	no virus found	
Ikarus		0.2.59.0	11.23.2005	no virus found	
Kaspersky	4.0.2.24	11.23.2005	Trojan-Downloader.Win32.Small.bve	
McAfee		4635		11.23.2005	no virus found	
NOD32v2		1.1301		11.23.2005	a variant of Win32/TrojanDownloader.Small.NFP	
Norman		5.70.10		11.23.2005	no virus found	
Panda		8.02.00		11.23.2005	no virus found	
Sophos		3.99.0		11.23.2005	no virus found	
Symantec	8.0		11.22.2005	no virus found	
TheHacker	5.9.1.044	11.23.2005	no virus found	
VBA32		3.10.5		11.23.2005	no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 11/23/2005 at 23:02:00
 (CET) after scanning the file "30.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.23.2005	Heuristic/Virus.Win32	
Avast		4.6.695.0	11.23.2005	no virus found	
AVG		718		11.23.2005	no virus found	
Avira		6.32.0.6	11.23.2005	Heuristic/Virus.Win32	
BitDefender	7.2		11.23.2005	no virus found	
CAT-QuickHeal	8.00		11.23.2005	no virus found	
ClamAV		devel-20051108	11.23.2005	Virtool.DllInjector.Elirt-1	
DrWeb		4.33		11.23.2005	Trojan.DownLoader.5445	
eTrust-Iris	7.1.194.0	11.23.2005	no virus found	
eTrust-Vet	11.9.1.0	11.23.2005	no virus found	
Fortinet	2.48.0.0	11.23.2005	HackerTool/Dllinjector	
F-Prot		3.16c		11.23.2005	no virus found	
Ikarus		0.2.59.0	11.23.2005	no virus found	
Kaspersky	4.0.2.24	11.23.2005	no virus found	
McAfee		4635		11.23.2005	no virus found	
NOD32v2		1.1301		11.23.2005	no virus found	
Norman		5.70.10		11.23.2005	no virus found	
Panda		8.02.00		11.23.2005	no virus found	
Sophos		3.99.0		11.23.2005	no virus found	
Symantec	8.0		11.22.2005	no virus found	
TheHacker	5.9.1.044	11.23.2005	no virus found	
VBA32		3.10.5		11.23.2005	no virus found

----------


## kvit

KAV занял, считаю достойно, место лидера.
NOD32 медленно, но верно подобрался к лидерам.
Fortinet не смотря на его фиеричные показатели веры нет, слишком уж многое достигнуто за счет эвристика...

----------


## Geser

> Fortinet не смотря на его фиеричные показатели веры нет, слишком уж многое достигнуто за счет эвристика...


У нода тоже  :Smiley:

----------


## kvit

Как ни странно, но я еще ни разу в своей жизни не видел ложного срабатывания у НОДа, хотя не отрицаю, что эвристика это палка о двух концах... Ради интереса займусь исследования на досуге...

----------


## Antivirus_KZ

Мля для тестов использовался Симантек 8.0 говно полное и результаты соответствующие...
Например 10 намного лучше ловит Spyware и Adware.. 8 и 9 не видели их практически.....

----------


## Shu_b

This is a report processed by VirusTotal on 11/25/2005 at 06:02:34 (CET) after scanning the file "winldra.exe" file.

Antivirus	Version	Update	Result
AntiVir	6.32.0.6	11.24.2005	no virus found
Avast	4.6.695.0	11.24.2005	no virus found
AVG	718	11.23.2005	no virus found
Avira	6.32.0.6	11.24.2005	no virus found
BitDefender	7.2	11.25.2005	Backdoor.Dumador.VM
CAT-QuickHeal	8.00	11.24.2005	no virus found
ClamAV	devel-20051108	11.24.2005	no virus found
DrWeb	4.33	11.24.2005	BackDoor.Dumaru.34
eTrust-Iris	7.1.194.0	11.24.2005	no virus found
eTrust-Vet	11.9.1.0	11.24.2005	Win32.Bambo.BX
Fortinet	2.48.0.0	11.24.2005	suspicious
F-Prot	3.16c	11.24.2005	no virus found
Ikarus	0.2.59.0	11.24.2005	no virus found
Kaspersky	4.0.2.24	11.25.2005	no virus found
McAfee	4636	11.24.2005	no virus found
NOD32v2	1.1304	11.24.2005	no virus found
Norman	5.70.10	11.24.2005	no virus found
Panda	8.02.00	11.24.2005	Bck/Dumador.EO
Sophos	3.99.0	11.25.2005	no virus found
Symantec	8.0	11.25.2005	no virus found
TheHacker	5.9.1.044	11.24.2005	no virus found
VBA32	3.10.5	11.24.2005	suspected of Embedded.Backdoor.Win32.Dumador.eo

ps вчера его невидел никто, кроме эвристика VBA

----------


## kvit

> Panda	8.02.00	11.24.2005	Bck/Dumador.EO
> VBA32	3.10.5	11.24.2005	suspected of Embedded.Backdoor.Win32.Dumador.eo
> 
> ps вчера его невидел никто, кроме эвристика VBA


Такое ощущение что многие присваиват имена вирусам на основе анализа эвристика VBA...

----------


## Оби-Ван

This is a report processed by VirusTotal on 11/26/2005 at 01:14:12 (CET) after scanning the file "car.exe.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.25.2005	no virus found	
Avast	4.6.695.0	11.24.2005	no virus found	
AVG	718	11.25.2005	PSW.Banker.25.S	
Avira	6.32.0.6	11.25.2005	no virus found	
BitDefender	7.2	11.26.2005	Trojan.Spy.Agent.Y	
CAT-QuickHeal	8.00	11.25.2005	no virus found	
ClamAV	devel-20051108	11.25.2005	no virus found	
DrWeb	4.33	11.25.2005	Trojan.DownLoader.1817	
eTrust-Iris	7.1.194.0	11.24.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.25.2005	suspicious	
F-Prot	3.16c	11.24.2005	no virus found	
Ikarus	0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.26.2005	Trojan-Spy.Win32.Perfloger.l	
McAfee	4637	11.25.2005	Keylog-Perfect.dr	
NOD32v2	1.1305	11.25.2005	no virus found	
Norman	5.70.10	11.25.2005	no virus found	
Panda	8.02.00	11.25.2005	no virus found	
Sophos	3.99.0	11.25.2005	no virus found	
Symantec	8.0	11.26.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	Trojan/Perfect	
VBA32	3.10.5	11.26.2005	Trojan.Perflog.Mod.RAR

----------


## Alexey P.

This is a report processed by VirusTotal on 11/27/2005 at 08:23:27
 (CET) after scanning the file "test.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.26.2005	no virus found	
Avast		4.6.695.0	11.26.2005	no virus found	
AVG		718		11.25.2005	no virus found	
Avira		6.32.0.6	11.26.2005	no virus found	
BitDefender	7.2		11.26.2005	BehavesLike:Win32.ExplorerHijack	
CAT-QuickHeal	8.00		11.25.2005	no virus found	
ClamAV		devel-20051108	11.25.2005	no virus found	
DrWeb		4.33		11.26.2005	MULDROP.Trojan	
eTrust-Iris	7.1.194.0	11.24.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.26.2005	no virus found	
F-Prot		3.16c		11.24.2005	no virus found	
Ikarus		0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.27.2005	no virus found	
McAfee		4637		11.25.2005	no virus found	
NOD32v2		1.1305		11.25.2005	no virus found	
Norman		5.70.10		11.25.2005	no virus found	
Panda		8.02.00		11.26.2005	no virus found	
Sophos		4.00.0		11.26.2005	no virus found	
Symantec	8.0		11.27.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32		3.10.5		11.26.2005	suspected of Backdoor.xBot.80

----------


## Alexey P.

This is a report processed by VirusTotal on 11/26/2005 at 20:10:50
 (CET) after scanning the file "q.chm" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.26.2005	no virus found	
Avast		4.6.695.0	11.26.2005	no virus found	
AVG		718		11.25.2005	no virus found	
Avira		6.32.0.6	11.26.2005	no virus found	
BitDefender	7.2		11.26.2005	Exploit.Html.Codebase.Exec.Gen	
CAT-QuickHeal	8.00		11.25.2005	no virus found	
ClamAV		devel-20051108	11.25.2005	no virus found	
DrWeb		4.33		11.26.2005	DLOADER.Trojan	
eTrust-Iris	7.1.194.0	11.24.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.25.2005	no virus found	
F-Prot		3.16c		11.24.2005	no virus found	
Ikarus		0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.26.2005	no virus found	
McAfee		4637		11.25.2005	no virus found	
NOD32v2		1.1305		11.25.2005	no virus found	
Norman		5.70.10		11.25.2005	no virus found	
Panda		8.02.00		11.26.2005	no virus found	
Sophos		4.00.0		11.26.2005	no virus found	
Symantec	8.0		11.26.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32		3.10.5		11.26.2005	no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 11/26/2005 at 14:41:13
 (CET) after scanning the file "pi1_20.exe" file.

Antivirus	Version		Update		Result	
AntiVir		6.32.0.6	11.26.2005	Heuristic/Trojan.Downloader	
Avast		4.6.695.0	11.26.2005	no virus found	
AVG		718		11.25.2005	Downloader.Generic.IKN	
Avira		6.32.0.6	11.26.2005	Heuristic/Trojan.Downloader	
BitDefender	7.2		11.26.2005	Trojan.Downloader.Small.BUE	
CAT-QuickHeal	8.00		11.25.2005	TrojanDownloader.Small.bue	
ClamAV		devel-20051108	11.25.2005	no virus found	
DrWeb		4.33		11.26.2005	DLOADER.Trojan	
eTrust-Iris	7.1.194.0	11.24.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.25.2005	no virus found	
F-Prot		3.16c		11.24.2005	no virus found	
Ikarus		0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.26.2005	Trojan-Downloader.Win32.Small.bue	
McAfee		4637		11.25.2005	Downloader-VG	
NOD32v2		1.1305		11.25.2005	no virus found	
Norman		5.70.10		11.25.2005	no virus found	
Panda		8.02.00		11.26.2005	no virus found	
Sophos		4.00.0		11.26.2005	no virus found	
Symantec	8.0		11.26.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32		3.10.5		11.26.2005	Trojan-Downloader.Win32.Small.bue

----------


## sergey_gum

Якобы ключ для VBA, но внутри находится файл setup.exe
This is a report processed by VirusTotal on 11/27/2005 at 17:27:50 (CET) after scanning the file "vba32.key.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.27.2005	no virus found	
Avast	4.6.695.0	11.26.2005	no virus found	
AVG	718	11.27.2005	no virus found	
Avira	6.32.0.6	11.27.2005	no virus found	
BitDefender	7.2	11.27.2005	no virus found	
CAT-QuickHeal	8.00	11.25.2005	no virus found	
ClamAV	devel-20051108	11.25.2005	no virus found	
DrWeb	4.33	11.27.2005	no virus found	
eTrust-Iris	7.1.194.0	11.27.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.26.2005	suspicious	
F-Prot	3.16c	11.24.2005	no virus found	
Ikarus	0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.27.2005	no virus found	
McAfee	4637	11.25.2005	no virus found	
NOD32v2	1.1305	11.25.2005	no virus found	
Norman	5.70.10	11.25.2005	no virus found	
Panda	8.02.00	11.27.2005	no virus found	
Sophos	4.00.0	11.26.2005	no virus found	
Symantec	8.0	11.27.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32	3.10.5	11.26.2005	no virus found

----------


## sergey_gum

Еще один:
This is a report processed by VirusTotal on 11/27/2005 at 17:32:42 (CET) after scanning the file "vba32.key__1_.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.27.2005	no virus found	
Avast	4.6.695.0	11.26.2005	no virus found	
AVG	718	11.27.2005	no virus found	
Avira	6.32.0.6	11.27.2005	no virus found	
BitDefender	7.2	11.27.2005	no virus found	
CAT-QuickHeal	8.00	11.25.2005	no virus found	
ClamAV	devel-20051108	11.25.2005	no virus found	
DrWeb	4.33	11.27.2005	no virus found	
eTrust-Iris	7.1.194.0	11.27.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.26.2005	suspicious	
F-Prot	3.16c	11.24.2005	no virus found	
Ikarus	0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.27.2005	Trojan-Downloader.Win32.IstBar.nk	
McAfee	4637	11.25.2005	no virus found	
NOD32v2	1.1305	11.25.2005	no virus found	
Norman	5.70.10	11.25.2005	no virus found	
Panda	8.02.00	11.27.2005	no virus found	
Sophos	4.00.0	11.26.2005	no virus found	
Symantec	8.0	11.27.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32	3.10.5	11.26.2005	no virus found

----------


## sergey_gum

Только шо на мыло пришло:
This is a report processed by VirusTotal on 11/27/2005 at 17:36:39 (CET) after scanning the file "nathaniell.zip" file.

Antivirus Version Update Result 
AntiVir 6.32.0.6 11.27.2005 TR/Bagle.gen 
Avast 4.6.695.0 11.27.2005 Win32:Beagle-FR 
AVG 718 11.27.2005 I-Worm/Bagle 
Avira 6.32.0.6 11.27.2005 TR/Bagle.gen 
BitDefender 7.2 11.27.2005 Trojan.Bagle.BK 
CAT-QuickHeal 8.00 11.27.2005 (Suspicious) - DNAScan 
ClamAV devel-20051108 11.27.2005 Worm.Bagle.Gen-9 
DrWeb 4.33 11.27.2005 no virus found 
eTrust-Iris 7.1.194.0 11.27.2005 no virus found 
eTrust-Vet 11.9.1.0 11.27.2005 no virus found 
Fortinet 2.48.0.0 11.27.2005 W32/Mitglieder.GI!tr 
F-Prot 3.16c 11.27.2005 security risk named W32/Mitglieder.GI 
Ikarus 0.2.59.0 11.27.2005 no virus found 
Kaspersky 4.0.2.24 11.27.2005 Trojan-Downloader.Win32.Bagle.e 
McAfee 4635 11.27.2005 W32/Bagle.gen 
NOD32v2 1.1301 11.27.2005 Win32/Bagle.DR 
Norman 5.70.10 11.27.2005 W32/Mitglied.NQ 
Panda 8.02.00 11.27.2005 Trj/Mitglieder.GB 
Sophos 3.99.0 11.27.2005 no virus found 
Symantec 8.0 11.27.2005 no virus found 
TheHacker 5.9.1.044 11.27.2005 W32/[email protected] 
VBA32 3.10.5 11.27.2005 Trojan-Downloader.Win32.Bagle.f

----------


## sergey_gum

This is a report processed by VirusTotal on 11/27/2005 at 17:37:04 (CET) after scanning the file "gamejack_5.0.4.2_keygen_by_kaizer_soze___core.zip  " file.

Antivirus	Version	Update	Result	
AntiVir	6.32.0.6	11.27.2005	no virus found	
Avast	4.6.695.0	11.26.2005	no virus found	
AVG	718	11.27.2005	no virus found	
Avira	6.32.0.6	11.27.2005	no virus found	
BitDefender	7.2	11.27.2005	no virus found	
CAT-QuickHeal	8.00	11.25.2005	no virus found	
ClamAV	devel-20051108	11.25.2005	no virus found	
DrWeb	4.33	11.27.2005	no virus found	
eTrust-Iris	7.1.194.0	11.27.2005	no virus found	
eTrust-Vet	11.9.1.0	11.25.2005	no virus found	
Fortinet	2.48.0.0	11.26.2005	suspicious	
F-Prot	3.16c	11.24.2005	no virus found	
Ikarus	0.2.59.0	11.26.2005	no virus found	
Kaspersky	4.0.2.24	11.27.2005	Trojan-Downloader.Win32.IstBar.nk	
McAfee	4637	11.25.2005	no virus found	
NOD32v2	1.1305	11.25.2005	no virus found	
Norman	5.70.10	11.25.2005	no virus found	
Panda	8.02.00	11.27.2005	no virus found	
Sophos	4.00.0	11.26.2005	no virus found	
Symantec	8.0	11.27.2005	no virus found	
TheHacker	5.9.1.044	11.24.2005	no virus found	
VBA32	3.10.5	11.26.2005	no virus found

----------


## MOCT

> Якобы ключ для VBA, но внутри находится файл setup.exe
> This is a report processed by VirusTotal on 11/27/2005 at 17:27:50 (CET) after scanning the file "vba32.key.zip" file.


ну может и правда ключ, раз ничего не находит, даже эвристика...

----------


## sergey_gum

> ну может и правда ключ, раз ничего не находит, даже эвристика...


Тока стрёмно такой файл открывать...
З.Ы. Отправил в VBA.

----------


## Alexey P.

> Еще один:
> This is a report processed by VirusTotal on 11/27/2005 at 17:32:42 (CET) after scanning the file "vba32.key__1_.zip" file.
> 
> Kaspersky	4.0.2.24	11.27.2005	Trojan-Downloader.Win32.IstBar.nk


 Minos написал об этом: http://www.virusinfo.info/showthread.php?t=4085
 Фишка в том, что на любой запрос (даже при поиске файла с бредовым названием) выдается isbar - и именно с запрошенным именем архива.
 Т.е. название архива лишь говорит о том, что искали  :Smiley: .

 Социальная инженерия - шанс на запуск того, что сам искал, довольно высоки  :Smiley: . Особенно ежели оно антивирями еще не детектится.

----------


## alich

Ламерский вопрос: А каким минимальным составом (набором) тестируемых антивирусов могли быть выявлены "пойманные вручную" (в этой теме) вирусы? Т.е. какие (по минимуму) антивирусы надо использовать простому юзеру типа "ламер", чтобы свести к минимуму количество обращений к знатокам (в вирусах и пиве :Smiley: ), которые вечно заняты? Достаточно первой четверки (из графика от *kvit*)?

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## kvit

могу сказать точно - 2 не обойтись  :Smiley:  я про график.. а в реальной жизни можно и без антивируса прожить, все от пользователя зависит...

добавочка:
даже имея под рукой Kaspersky, VBA32, NOD32v2, DrWeb вместе взятые существует вероятность пропустить вирус. И я даже сужу не по реальной жизни, а по графику...
добавочка2:
а вот если в эту доблестную компанию добавить McAfee то будет 100% результат...

----------


## sergey_gum

> Minos написал об этом: http://www.virusinfo.info/showthread.php?t=4085
>  Фишка в том, что на любой запрос (даже при поиске файла с бредовым названием) выдается isbar - и именно с запрошенным именем архива.
>  Т.е. название архива лишь говорит о том, что искали .
> 
>  Социальная инженерия - шанс на запуск того, что сам искал, довольно высоки . Особенно ежели оно антивирями еще не детектится.


Пришли результаты:



> The file C:\Documents and Settings\Sergey_gum\Мои
> документы\Downloads\vba32.key.zip contains new virus/trojan/backdoor/etc.
> It is added in antivirus database.
> 
> Файл C:\Documents and Settings\Sergey_gum\Мои документы\Downloads\vba32.key.zip
> содержит новый вирус/троян/бэкдур/т.п.
> Запись добавлена в антивирусную базу.
> 
> -- 
> ...

----------


## Alexey P.

> могу сказать точно - 2 не обойтись  я про график.. а в реальной жизни можно и без антивируса прожить, все от пользователя зависит...
> 
> добавочка:
> даже имея под рукой Kaspersky, VBA32, NOD32v2, DrWeb вместе взятые существует вероятность пропустить вирус. И я даже сужу не по реальной жизни, а по графику...
> добавочка2:
> а вот если в эту доблестную компанию добавить McAfee то будет 100% результат...


 В смысле система 100% ляжет ?  :Smiley: .
Трояны тогда ничего с ней поделать не смогут.
 Мертвые пчелы не жужжат (с) народное украинское.

ЗЫ: Minos в вышеуказанной теме привел это:
==================================================  ==
Вот результат проверки одного из 14554215_srvzh_kdkjf__4_.rar файлов.

AntiVir 6.32.0.6 11.27.2005 no virus found
Avast 4.6.695.0 11.26.2005 no virus found
AVG 718 11.25.2005 no virus found
Avira 6.32.0.6 11.27.2005 no virus found
BitDefender 7.2 11.27.2005 no virus found
CAT-QuickHeal 8.00 11.25.2005 no virus found
ClamAV devel-20051108 11.25.2005 no virus found
DrWeb 4.33 11.27.2005 no virus found
eTrust-Iris 7.1.194.0 11.27.2005 no virus found
eTrust-Vet 11.9.1.0 11.25.2005 no virus found
Fortinet 2.48.0.0 11.26.2005 suspicious
F-Prot 3.16c 11.24.2005 no virus found
Ikarus 0.2.59.0 11.26.2005 no virus found
Kaspersky 4.0.2.24 11.27.2005 no virus found
McAfee 4637 11.25.2005 no virus found
NOD32v2 1.1305 11.25.2005 no virus found
Norman 5.70.10 11.25.2005 no virus found
Panda 8.02.00 11.27.2005 no virus found
Sophos 4.00.0 11.26.2005 no virus found
Symantec 8.0 11.27.2005 no virus found
TheHacker 5.9.1.044 11.24.2005 no virus found
VBA32 3.10.5 11.26.2005 no virus found
==================================================  ==

----------


## deity

This is a report processed by VirusTotal on 12/03/2005 at 01:03:59 (CET) after scanning the file "SVKP.SYS" file.
------------------------------------------
Antivirus Version Update Result 
AntiVir 6.32.1.63 12.02.2005 no virus found 
Avast 4.6.695.0 12.01.2005 no virus found 
AVG 718 12.02.2005 no virus found 
Avira 6.32.1.63 12.02.2005 no virus found 
BitDefender 7.2 12.03.2005 no virus found 
CAT-QuickHeal 8.00 12.01.2005 no virus found 
ClamAV devel-20051108 12.01.2005 no virus found 
DrWeb 4.33 12.02.2005 no virus found 
eTrust-Iris 7.1.194.0 12.02.2005 no virus found 
eTrust-Vet 11.9.1.0 12.02.2005 no virus found 
Fortinet 2.48.0.0 12.02.2005 no virus found 
F-Prot 3.16c 12.02.2005 no virus found 
Ikarus 0.2.59.0 12.02.2005 no virus found 
Kaspersky 4.0.2.24 12.03.2005 no virus found 
McAfee 4642 12.02.2005 no virus found 
NOD32v2 1.1311 12.02.2005 no virus found 
Norman 5.70.10 12.02.2005 no virus found 
Panda 8.02.00 12.02.2005 no virus found 
Sophos 4.00.0 12.02.2005 no virus found 
Symantec 8.0 12.03.2005 no virus found 
TheHacker 5.9.1.047 12.01.2005 no virus found 
*VBA32 3.10.5 12.03.2005 Virtool.SVKProtector*
----------------------------------------------

----------


## WaterFish

> This is a report processed by VirusTotal on 12/03/2005 at 01:03:59 (CET) after scanning the file "SVKP.SYS" file.
> ------------------------------------------
> Antivirus Version Update Result 
> AntiVir 6.32.1.63 12.02.2005 no virus found 
> Avast 4.6.695.0 12.01.2005 no virus found 
> AVG 718 12.02.2005 no virus found 
> Avira 6.32.1.63 12.02.2005 no virus found 
> BitDefender 7.2 12.03.2005 no virus found 
> CAT-QuickHeal 8.00 12.01.2005 no virus found 
> ...


Virtools - далеко не есть вирь :Smiley:

----------


## Geser

> Virtools - далеко не есть вирь


Однако часто указывает на его наличие в системе

----------


## deity

> Virtools - далеко не есть вирь


http://shield.prevx.com/pxparall.asp?PXC=dd5435884
This system file is malware and is not considered safe, it is part of a Malware group sometimes referred to as Virtool.SVKProtector. It should be Jailed.

----------


## Geser

> http://shield.prevx.com/pxparall.asp?PXC=dd5435884
> This system file is malware and is not considered safe, it is part of a Malware group sometimes referred to as Virtool.SVKProtector. It should be Jailed.


Это не так. Это драйвер от супернаварочанного протектора. В теории может использоваться как всякими троянами так и вполне легитимным софтом.

----------


## Alexey P.

Кто вирустоталу чего-то несъедобное подсунул ?
Лежит, бедняга  :Smiley: .

==================================================  =
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /xhtml/index_en.html.
Reason: Error reading from remote server

Apache/1.3.33 Ben-SSL/1.55 Server at www.virustotal.com Port 80
==================================================  =

----------


## azza

Ещё один сомнительный с точки зрения необходимости детектирования файл: 
-------------------------------------------------------------------
File:  NSupd9x.zip  
Status:  INFECTED/MALWARE  
MD5  496217343c2a1229b6574794cb06fe5f  
Packers detected:  - 
Scanner results  
AntiVir  Found nothing 
ArcaVir  Found nothing 
Avast  Found nothing 
AVG Antivirus  Found nothing 
BitDefender  Found nothing 
ClamAV  Found nothing 
Dr.Web  Found nothing 
F-Prot Antivirus  Found nothing 
Fortinet  Found nothing 
Kaspersky Anti-Virus  Found nothing 
NOD32  Found nothing 
Norman Virus Control  Found nothing 
UNA  Found nothing 
VBA32  Found Malware.Dialer  
-------------------------------------------
AVZ  Found TrojanDownloader.Win32.Dyfuca

----------


## Grey

This is a report processed by VirusTotal on 12/08/2005 at 09 :20: 36 (CET) after scanning the file "abf_keygenreal.zip" file.

Antivirus	Version	Update	Result	
AntiVir	6.33.0.61	12.08.2005	no virus found	
Avast	4.6.695.0	12.07.2005	no virus found	
AVG	718	12.05.2005	no virus found	
Avira	6.33.0.61	12.08.2005	no virus found	
BitDefender	7.2	12.08.2005	no virus found	
CAT-QuickHeal	8.00	12.08.2005	(Suspicious) - DNAScan	
ClamAV	devel-20051108	12.07.2005	no virus found	
DrWeb	4.33	12.08.2005	no virus found	
eTrust-Iris	7.1.194.0	12.07.2005	no virus found	
eTrust-Vet	11.9.1.0	12.08.2005	no virus found	
Fortinet	2.54.0.0	12.08.2005	suspicious	
F-Prot	3.16c	12.07.2005	security risk named W32/Sdbot.JZL	
Ikarus	0.2.59.0	12.08.2005	no virus found	
Kaspersky	4.0.2.24	12.08.2005	Trojan-Dropper.Win32.Juntador.c	
McAfee	4645	12.07.2005	New Malware.p	
NOD32v2	1.1315	12.07.2005	no virus found	
Norman	5.70.10	12.07.2005	no virus found	
Panda	8.02.00	12.07.2005	Suspect File	
Sophos	4.00.0	12.08.2005	no virus found	
Symantec	8.0	12.07.2005	no virus found	
TheHacker	5.9.1.051	12.08.2005	no virus found	
VBA32	3.10.5	12.07.2005	suspected of Backdoor.xBot.16

----------


## umask

This is a report processed by VirusTotal on 12/10/2005 at 11:23:28 (CET) after scanning the file "sp.html" file.

Antivirus	Version	Update	Result	
AntiVir	6.33.0.61	12.09.2005	no virus found	
Avast	4.6.695.0	12.10.2005	no virus found	
AVG	718	12.08.2005	no virus found	
Avira	6.33.0.61	12.09.2005	no virus found	
BitDefender	7.2	12.10.2005	no virus found	
CAT-QuickHeal	8.00	12.09.2005	no virus found	
ClamAV	devel-20051108	12.09.2005	no virus found	
DrWeb	4.33	12.10.2005	Exploit.Firehist	
eTrust-Iris	7.1.194.0	12.09.2005	no virus found	
eTrust-Vet	11.9.1.0	12.09.2005	no virus found	
Fortinet	2.54.0.0	12.10.2005	no virus found	
F-Prot	3.16c	12.09.2005	no virus found	
Ikarus	0.2.59.0	12.10.2005	no virus found	
Kaspersky	4.0.2.24	12.10.2005	no virus found	
McAfee	4647	12.09.2005	no virus found	
NOD32v2	1.1317	12.09.2005	no virus found	
Norman	5.70.10	12.09.2005	no virus found	
Panda	8.02.00	12.09.2005	no virus found	
Sophos	4.00.0	12.10.2005	no virus found	
Symantec	8.0	12.10.2005	no virus found	
TheHacker	5.9.1.052	12.09.2005	no virus found	
VBA32	3.10.5	12.09.2005	no virus found

:-)

----------


## Geser

This is a report processed by VirusTotal on 12/10/2005 at 16:39:47 (CET) after scanning the file "ip41_qc.dll" file.
Antivirus Version Update Result 
AntiVir 6.33.0.61 12.09.2005 ADSPY/Look2Me.ab 
Avast 4.6.695.0 12.10.2005 no virus found 
AVG 718 12.08.2005 no virus found 
Avira 6.33.0.61 12.09.2005 ADSPY/Look2Me.ab 
BitDefender 7.2 12.10.2005 Adware.Dinky.A 
CAT-QuickHeal 8.00 12.09.2005 Adware.Look2Me 
ClamAV devel-20051108 12.09.2005 no virus found 
DrWeb 4.33 12.10.2005 no virus found 
eTrust-Iris 7.1.194.0 12.09.2005 Win32/Candebe!Trojan 
eTrust-Vet 11.9.1.0 12.09.2005 Win32.Canbede 
Fortinet 2.54.0.0 12.10.2005 suspicious 
F-Prot 3.16c 12.09.2005 no virus found 
Ikarus 0.2.59.0 12.10.2005 AdWare.Look2Me.U 
Kaspersky 4.0.2.24 12.10.2005 not-a-virus:AdWare.Win32.Look2Me.ab 
McAfee 4647 12.09.2005 potentially unwanted program Adware-Look2Me 
NOD32v2 1.1317 12.09.2005 a variant of Win32/Adware.Look2Me 
Norman 5.70.10 12.09.2005 W32/Look2Me.DJ 
Panda 8.02.00 12.10.2005 Adware/Look2Me 
Sophos 4.00.0 12.10.2005 no virus found 
Symantec 8.0 12.10.2005 no virus found 
TheHacker 5.9.1.052 12.09.2005 Adware/Look2Me 
VBA32 3.10.5 12.09.2005 no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 12/10/2005 at 17:40:05
 (CET) after scanning the file "avpi32.dll" file.

Antivirus       Version         Update          Result  
AntiVir         6.33.0.61       12.09.2005      no virus found  
Avast           4.6.695.0       12.10.2005      no virus found  
AVG             718             12.08.2005      no virus found  
Avira           6.33.0.61       12.09.2005      no virus found  
BitDefender     7.2             12.10.2005      no virus found  
CAT-QuickHeal   8.00            12.09.2005      no virus found  
ClamAV          devel-20051108  12.09.2005      no virus found  
DrWeb           4.33            12.10.2005      BackDoor.Haxdoor.176    
eTrust-Iris     7.1.194.0       12.09.2005      Win32/Haxdoor.37152!DLL!Trojan  
eTrust-Vet      11.9.1.0        12.09.2005      Win32.Haxdoor.AP        
Fortinet        2.54.0.0        12.10.2005      suspicious      
F-Prot          3.16c           12.09.2005      no virus found  
Ikarus          0.2.59.0        12.10.2005      no virus found  
Kaspersky       4.0.2.24        12.10.2005      no virus found  
McAfee          4647            12.09.2005      no virus found  
NOD32v2         1.1317          12.09.2005      a variant of Win32/Haxdoor      
Norman          5.70.10         12.09.2005      no virus found  
Panda           8.02.00         12.10.2005      no virus found  
Sophos          4.00.0          12.10.2005      Troj/Haxdor-Fam 
Symantec        8.0             12.10.2005      no virus found  
TheHacker       5.9.1.052       12.09.2005      no virus found  
VBA32           3.10.5          12.09.2005      suspected of Malware.Agent.44

----------


## Geser

This is a report processed by VirusTotal on 12/12/2005 at 21:18:02 (CET) after scanning the file "oddd3d9.exe" file.
Antivirus Version Update Result 
AntiVir 6.33.0.61 12.12.2005 no virus found 
Avast 4.6.695.0 12.10.2005 no virus found 
AVG 718 12.08.2005 no virus found 
Avira 6.33.0.61 12.12.2005 no virus found 
BitDefender 7.2 12.12.2005 no virus found 
CAT-QuickHeal 8.00 12.12.2005 (Suspicious) - DNAScan 
ClamAV devel-20051108 12.12.2005 no virus found 
DrWeb 4.33 12.12.2005 no virus found 
eTrust-Iris 7.1.194.0 12.11.2005 no virus found 
eTrust-Vet 12.3.3.0 12.12.2005 Win32/Propo 
Fortinet 2.54.0.0 12.11.2005 no virus found 
F-Prot 3.16c 12.09.2005 no virus found 
Ikarus 0.2.59.0 12.12.2005 no virus found 
Kaspersky 4.0.2.24 12.12.2005 Trojan.Win32.Crypt.t 
McAfee 4648 12.12.2005 no virus found 
NOD32v2 1.1319 12.12.2005 no virus found 
Norman 5.70.10 12.12.2005 no virus found 
Panda 8.02.00 12.12.2005 no virus found 
Sophos 4.00.0 12.12.2005 no virus found 
Symantec 8.0 12.12.2005 no virus found 
TheHacker 5.9.1.053 12.12.2005 no virus found 
VBA32 3.10.5 12.12.2005 no virus found 

This is a report processed by VirusTotal on 12/12/2005 at 21:18:34 (CET) after scanning the file "mssmnmdd.sys" file.
Antivirus Version Update Result 
AntiVir 6.33.0.61 12.12.2005 TR/Rootkit.SMA.A 
Avast 4.6.695.0 12.10.2005 no virus found 
AVG 718 12.08.2005 no virus found 
Avira 6.33.0.61 12.12.2005 TR/Rootkit.SMA.A 
BitDefender 7.2 12.12.2005 no virus found 
CAT-QuickHeal 8.00 12.12.2005 no virus found 
ClamAV devel-20051108 12.12.2005 no virus found 
DrWeb 4.33 12.12.2005 no virus found 
eTrust-Iris 7.1.194.0 12.11.2005 no virus found 
eTrust-Vet 12.3.3.0 12.12.2005 Win32/Smamate 
Fortinet 2.54.0.0 12.11.2005 suspicious 
F-Prot 3.16c 12.09.2005 no virus found 
Ikarus 0.2.59.0 12.12.2005 no virus found 
Kaspersky 4.0.2.24 12.12.2005 Rootkit.Win32.Agent.ao 
McAfee 4648 12.12.2005 no virus found 
NOD32v2 1.1319 12.12.2005 no virus found 
Norman 5.70.10 12.12.2005 no virus found 
Panda 8.02.00 12.12.2005 no virus found 
Sophos 4.00.0 12.12.2005 no virus found 
Symantec 8.0 12.12.2005 no virus found 
TheHacker 5.9.1.053 12.12.2005 no virus found 
VBA32 3.10.5 12.12.2005 no virus found 

This is a report processed by VirusTotal on 12/12/2005 at 21:22:39 (CET) after scanning the file "ace.dll" file.
Antivirus Version Update Result 
AntiVir 6.33.0.61 12.12.2005 no virus found 
Avast 4.6.695.0 12.10.2005 no virus found 
AVG 718 12.08.2005 no virus found 
Avira 6.33.0.61 12.12.2005 no virus found 
BitDefender 7.2 12.12.2005 no virus found 
CAT-QuickHeal 8.00 12.12.2005 no virus found 
ClamAV devel-20051108 12.12.2005 no virus found 
DrWeb 4.33 12.12.2005 no virus found 
eTrust-Iris 7.1.194.0 12.11.2005 no virus found 
eTrust-Vet 12.3.3.0 12.12.2005 Win32/Propo 
Fortinet 2.54.0.0 12.11.2005 no virus found 
F-Prot 3.16c 12.09.2005 no virus found 
Ikarus 0.2.59.0 12.12.2005 no virus found 
Kaspersky 4.0.2.24 12.12.2005 Trojan.Win32.Crypt.t 
McAfee 4648 12.12.2005 no virus found 
NOD32v2 1.1319 12.12.2005 no virus found 
Norman 5.70.10 12.12.2005 no virus found 
Panda 8.02.00 12.12.2005 no virus found 
Sophos 4.00.0 12.12.2005 no virus found 
Symantec 8.0 12.12.2005 no virus found 
TheHacker 5.9.1.053 12.12.2005 no virus found 
VBA32 3.10.5 12.12.2005 no virus found

----------


## NRoman

This is a report processed by VirusTotal on 12/13/2005 at 15:55:58 (CET) after scanning the file "lexplorer.exe" file.
Antivirus Version Update Result
AntiVir 6.33.0.61 12.13.2005 no virus found
Avast 4.6.695.0 12.13.2005 no virus found
AVG 718 12.08.2005 BackDoor.Generic.SZK
Avira 6.33.0.61 12.13.2005 no virus found
BitDefender 7.2 12.13.2005 no virus found
CAT-QuickHeal 8.00 12.13.2005 no virus found
ClamAV devel-20051108 12.12.2005 no virus found
DrWeb 4.33 12.13.2005 no virus found
eTrust-Iris 7.1.194.0 12.13.2005 no virus found
eTrust-Vet 12.3.3.0 12.13.2005 no virus found
Fortinet 2.54.0.0 12.12.2005 no virus found
F-Prot 3.16c 12.12.2005 no virus found
Ikarus 0.2.59.0 12.13.2005 no virus found
Kaspersky 4.0.2.24 12.13.2005 Backdoor.Win32.Delf.aik
McAfee 4648 12.12.2005 no virus found
NOD32v2 1.1320 12.12.2005 probably unknown NewHeur_PE virus
Norman 5.70.10 12.13.2005 W32/Delf.BQI
Panda 8.02.00 12.13.2005 no virus found
Sophos 4.00.0 12.13.2005 no virus found
Symantec 8.0 12.13.2005 no virus found
TheHacker 5.9.1.054 12.13.2005 no virus found
VBA32 3.10.5 12.13.2005 no virus found

----------


## umask

Уважаемый Geser, я думаю вы и так должны знать, что детектирование по упаковщику может быть ошибочным :-(
Поэтому результат можно сильно исказить.
(нижеследующее не относится к словам выше)



--------------------------
AntiVir	6.33.0.61	12.13.2005	no virus found	
Avast	4.6.695.0	12.13.2005	no virus found	
AVG	718	12.08.2005	no virus found	
Avira	6.33.0.61	12.13.2005	no virus found	
BitDefender	7.2	12.13.2005	no virus found	
CAT-QuickHeal	8.00	12.13.2005	no virus found	
ClamAV	devel-20051108	12.12.2005	no virus found	
DrWeb	4.33	12.13.2005	no virus found	
eTrust-Iris	7.1.194.0	12.13.2005	no virus found	
eTrust-Vet	12.3.3.0	12.13.2005	no virus found	
Fortinet	2.54.0.0	12.12.2005	no virus found	
F-Prot	3.16c	12.12.2005	no virus found	
Ikarus	0.2.59.0	12.13.2005	Trojan-Dropper.Win32.Delf.NO	
Kaspersky	4.0.2.24	12.13.2005	no virus found	
McAfee	4649	12.13.2005	no virus found	
NOD32v2	1.1321	12.13.2005	no virus found	
Norman	5.70.10	12.13.2005	no virus found	
Panda	8.02.00	12.13.2005	no virus found	
Sophos	4.00.0	12.13.2005	no virus found	
Symantec	8.0	12.13.2005	no virus found	
TheHacker	5.9.1.054	12.13.2005	no virus found	
VBA32	3.10.5	12.13.2005	Trojan.MulDrop.2873

----------


## Sanja

Обычно можно выделить нормальный упаковщик от "хакерского" коим и является модифицированный Yoda Protector 1.3 детектируемый как Win32.Crypt.t и измененный только ради вирусов  :Smiley: 

Найдется хорошая программа запакованная этим чудом - будет написан и анпакер а так - зря силы тратить

----------


## Geser

> Уважаемый Geser, я думаю вы и так должны знать, что детектирование по упаковщику может быть ошибочным :-(


В указанном выше случае детектирование не было ошибочным. Как и большинство файлов которые я проверяю эти были сняты с зараженного компьютера

----------


## umask

Моё сообщение выше - номер 178 - false alarm.


AntiVir	6.33.0.61	12.14.2005	no virus found	
Avast	4.6.695.0	12.14.2005	no virus found	
AVG	718	12.08.2005	no virus found	
Avira	6.33.0.61	12.14.2005	no virus found	
BitDefender	7.2	12.14.2005	no virus found	
CAT-QuickHeal	8.00	12.13.2005	no virus found	
ClamAV	devel-20051108	12.12.2005	no virus found	
DrWeb	4.33	12.14.2005	no virus found	
eTrust-Iris	7.1.194.0	12.14.2005	no virus found	
eTrust-Vet	12.3.3.0	12.14.2005	no virus found	
Fortinet	2.54.0.0	12.14.2005	no virus found	
F-Prot	3.16c	12.13.2005	no virus found	
Ikarus	0.2.59.0	12.14.2005	no virus found	
Kaspersky	4.0.2.24	12.14.2005	no virus found	
McAfee	4649	12.13.2005	no virus found	
NOD32v2	1.1321	12.13.2005	no virus found	
Norman	5.70.10	12.14.2005	no virus found	
Panda	8.02.00	12.14.2005	no virus found	
Sophos	4.00.0	12.14.2005	no virus found	
Symantec	8.0	12.14.2005	no virus found	
TheHacker	5.9.1.055	12.14.2005	no virus found	
VBA32	3.10.5	12.13.2005	VBS.Trojan.Sinkin

----------

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

----------


## azza

1. This is a report processed by VirusTotal on 12/14/2005 at 20:46:17 (CET) after scanning the file "auto_update_loader.exe" file.
Antivirus Version Update Result 
-----------------------------------------------------------------
AntiVir 6.33.0.61 12.14.2005 TR/Dldr.Apropo.s.1 
Avast 4.6.695.0 12.14.2005 no virus found 
AVG 718 12.14.2005 no virus found 
Avira 6.33.0.61 12.14.2005 TR/Dldr.Apropo.s.1 
BitDefender 7.2 12.14.2005 no virus found 
CAT-QuickHeal 8.00 12.13.2005 no virus found 
ClamAV devel-20051108 12.12.2005 Trojan.Downloader.Apropo-8 
DrWeb 4.33 12.14.2005 Trojan.DownLoader.5934 
eTrust-Iris 7.1.194.0 12.14.2005 no virus found 
eTrust-Vet 12.3.3.0 12.14.2005 no virus found 
Fortinet 2.54.0.0 12.14.2005 no virus found 
F-Prot 3.16c 12.13.2005 no virus found 
Ikarus 0.2.59.0 12.14.2005 no virus found 
Kaspersky 4.0.2.24 12.14.2005 no virus found 
McAfee 4650 12.14.2005 potentially unwanted program Adware-Apropos 
NOD32v2 1.1322 12.14.2005 no virus found 
Norman 5.70.10 12.14.2005 no virus found 
Panda 8.02.00 12.14.2005 no virus found 
Sophos 4.00.0 12.14.2005 no virus found 
Symantec 8.0 12.14.2005 no virus found 
TheHacker 5.9.1.055 12.14.2005 no virus found 
VBA32 3.10.5 12.14.2005 no virus found 
----------------------------------------------------------------------

2. This is a report processed by VirusTotal on 12/14/2005 at 20:50:41 (CET) after scanning the file "sys2gt.exe" file.
Antivirus Version Update Result 

AntiVir 6.33.0.61 12.14.2005 no virus found 
Avast 4.6.695.0 12.14.2005 no virus found 
AVG 718 12.14.2005 no virus found 
Avira 6.33.0.61 12.14.2005 no virus found 
BitDefender 7.2 12.14.2005 no virus found 
CAT-QuickHeal 8.00 12.13.2005 (Suspicious) - DNAScan 
ClamAV devel-20051108 12.12.2005 no virus found 
DrWeb 4.33 12.14.2005 Trojan.DownLoader.5935 
eTrust-Iris 7.1.194.0 12.14.2005 no virus found 
eTrust-Vet 12.3.3.0 12.14.2005 no virus found 
Fortinet 2.54.0.0 12.14.2005 no virus found 
F-Prot 3.16c 12.13.2005 no virus found 
Ikarus 0.2.59.0 12.14.2005 no virus found 
Kaspersky 4.0.2.24 12.14.2005 Trojan-Downloader.Win32.Agent.ji 
McAfee 4650 12.14.2005 no virus found 
NOD32v2 1.1322 12.14.2005 no virus found 
Norman 5.70.10 12.14.2005 no virus found 
Panda 8.02.00 12.14.2005 no virus found 
Sophos 4.00.0 12.14.2005 no virus found 
Symantec 8.0 12.14.2005 no virus found 
TheHacker 5.9.1.055 12.14.2005 no virus found 
VBA32 3.10.5 12.14.2005 no virus found 
------------------------------------------------------------------

----------


## Alexey P.

This is a report processed by VirusTotal on 12/15/2005 at 02:09:52 (CET) after scanning the file "bot.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.33.0.61	12.14.2005	no virus found	
Avast	4.6.695.0	12.14.2005	no virus found	
AVG	718	12.14.2005	no virus found	
Avira	6.33.0.61	12.14.2005	no virus found	
BitDefender	7.2	12.14.2005	BehavesLike:Win32.ExplorerHijack	
CAT-QuickHeal	8.00	12.13.2005	(Suspicious) - DNAScan	
ClamAV	devel-20051108	12.12.2005	no virus found	
DrWeb	4.33	12.14.2005	Trojan.Inject.38	
eTrust-Iris	7.1.194.0	12.14.2005	no virus found	
eTrust-Vet	12.3.3.0	12.14.2005	no virus found	
Fortinet	2.54.0.0	12.14.2005	suspicious	
F-Prot	3.16c	12.15.2005	no virus found	
Ikarus	0.2.59.0	12.15.2005	no virus found	
Kaspersky	4.0.2.24	12.15.2005	Trojan-Proxy.Win32.Xorpix.g	
McAfee	4650	12.14.2005	no virus found	
NOD32v2	1.1322	12.14.2005	no virus found	
Norman	5.70.10	12.14.2005	no virus found	
Panda	8.02.00	12.14.2005	Bck/Mtpoom.A	
Sophos	4.00.0	12.15.2005	no virus found	
Symantec	8.0	12.15.2005	no virus found	
TheHacker	5.9.1.055	12.14.2005	no virus found	
VBA32	3.10.5	12.14.2005	no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 12/15/2005 at 02 :20: 02 (CET) after scanning the file "acodec42.exe" file.

Antivirus	Version	Update	Result	
AntiVir	6.33.0.61	12.14.2005	no virus found	
Avast	4.6.695.0	12.14.2005	no virus found	
AVG	718	12.14.2005	no virus found	
Avira	6.33.0.61	12.14.2005	no virus found	
BitDefender	7.2	12.14.2005	BehavesLike:Trojan.ShellObject	
CAT-QuickHeal	8.00	12.13.2005	no virus found	
ClamAV	devel-20051108	12.12.2005	no virus found	
DrWeb	4.33	12.14.2005	Trojan.DownLoader.5565	
eTrust-Iris	7.1.194.0	12.14.2005	no virus found	
eTrust-Vet	12.3.3.0	12.14.2005	no virus found	
Fortinet	2.54.0.0	12.15.2005	no virus found	
F-Prot	3.16c	12.15.2005	no virus found	
Ikarus	0.2.59.0	12.15.2005	no virus found	
Kaspersky	4.0.2.24	12.15.2005	no virus found	
McAfee	4650	12.14.2005	no virus found	
NOD32v2	1.1322	12.14.2005	no virus found	
Norman	5.70.10	12.14.2005	no virus found	
Panda	8.02.00	12.14.2005	no virus found	
Sophos	4.00.0	12.15.2005	no virus found	
Symantec	8.0	12.15.2005	no virus found	
TheHacker	5.9.1.055	12.14.2005	no virus found	
VBA32	3.10.5	12.14.2005	no virus found

----------


## ALEX(XX)

This is a report processed by VirusTotal on 12/16/2005 at 09:53:47 (CET) after scanning the file "crack.exe" file.
Antivirus	Version	Update	Result
AntiVir	6.33.0.61	12.16.2005	no virus found
Avast	4.6.695.0	12.15.2005	no virus found
AVG	718	12.15.2005	no virus found
Avira	6.33.0.61	12.16.2005	no virus found
BitDefender	7.2	12.16.2005	no virus found
CAT-QuickHeal	8.00	12.16.2005	no virus found
ClamAV	devel-20051108	12.15.2005	no virus found
DrWeb	4.33	12.16.2005	no virus found
eTrust-Iris	7.1.194.0	12.16.2005	no virus found
eTrust-Vet	12.3.3.0	12.16.2005	no virus found
Fortinet	2.54.0.0	12.16.2005	Misc/TPatch
F-Prot	3.16c	12.15.2005	no virus found
Ikarus	0.2.59.0	12.16.2005	no virus found
Kaspersky	4.0.2.24	12.16.2005	no virus found
McAfee	4651	12.15.2005	potentially unwanted program Tool-TPatch
NOD32v2	1.1325	12.15.2005	a variant of Win32/Tool.TPE.A
Norman	5.70.10	12.16.2005	no virus found
Panda	8.02.00	12.15.2005	no virus found
Sophos	4.00.0	12.16.2005	no virus found
Symantec	8.0	12.16.2005	no virus found
TheHacker	5.9.1.057	12.16.2005	no virus found
VBA32	3.10.5	12.15.2005	no virus found

----------


## Geser

Свежачек:

This is a report processed by VirusTotal on 12/17/2005 at 13:14:17 (CET) after scanning the file "card.scr" file.
Antivirus Version Update Result
AntiVir 6.33.0.61 12.16.2005 no virus found
Avast 4.6.695.0 12.16.2005 no virus found
AVG 718 12.15.2005 no virus found
Avira 6.33.0.61 12.16.2005 no virus found
BitDefender 7.2 12.17.2005 BehavesLike:Trojan.FirewallBypass
CAT-QuickHeal 8.00 12.16.2005 (Suspicious) - DNAScan
ClamAV devel-20051108 12.16.2005 no virus found
DrWeb 4.33 12.16.2005 no virus found
eTrust-Iris 7.1.194.0 12.17.2005 no virus found
eTrust-Vet 12.3.3.0 12.16.2005 no virus found
Fortinet 2.54.0.0 12.17.2005 suspicious
F-Prot 3.16c 12.15.2005 no virus found
Ikarus 0.2.59.0 12.17.2005 no virus found
Kaspersky 4.0.2.24 12.17.2005 Email-Worm.Win32.Monikey.j
McAfee 4652 12.16.2005 no virus found
NOD32v2 1.1326 12.16.2005 no virus found
Norman 5.70.10 12.16.2005 W32/Downloader
Panda 8.02.00 12.16.2005 no virus found
Sophos 4.01.0 12.16.2005 no virus found
Symantec 8.0 12.17.2005 no virus found
TheHacker 5.9.1.057 12.16.2005 no virus found
VBA32 3.10.5 12.16.2005 suspected of Trojan-PSW.LdPinch.12

----------


## Alexey P.

This is a report processed by VirusTotal on 12/22/2005 at 14:52:54
 (CET) after scanning the file "ase3.exe" file.

Antivirus       Version         Update          Result  
AntiVir         6.33.0.70       12.22.2005      PCK/MEW 
Avast           4.6.695.0       12.22.2005      Win32:Trojano-3141      
AVG             718             12.21.2005      no virus found  
Avira           6.33.0.70       12.22.2005      PCK/MEW 
BitDefender     7.2             12.22.2005      no virus found  
CAT-QuickHeal   8.00            12.21.2005      (Suspicious) - DNAScan  
ClamAV          devel-20051108  12.19.2005      no virus found  
DrWeb           4.33            12.22.2005      Trojan.PWS.Banker.1423  
eTrust-Iris     7.1.194.0       12.22.2005      no virus found  
eTrust-Vet      12.4.1.0        12.22.2005      no virus found  
Fortinet        2.54.0.0        12.22.2005      suspicious      
F-Prot          3.16c           12.20.2005      no virus found  
Ikarus          0.2.59.0        12.21.2005      no virus found  
Kaspersky       4.0.2.24        12.22.2005      no virus found  
McAfee          4655            12.21.2005      no virus found  
NOD32v2         1.1333          12.22.2005      probably unknown NewHeur_PE virus       
Norman          5.70.10         12.22.2005      W32/Suspicious_M.gen    
Panda           8.02.00         12.22.2005      no virus found  
Sophos          4.01.0          12.22.2005      no virus found  
Symantec        8.0             12.22.2005      no virus found  
TheHacker       5.9.1.060       12.21.2005      no virus found  
VBA32           3.10.5          12.22.2005      no virus found

----------


## Alexey P.

This is a report processed by VirusTotal on 12/22/2005 at 14:54:16
 (CET) after scanning the file "ms1688.exe" file.

Antivirus       Version         Update          Result  
AntiVir         6.33.0.70       12.22.2005      no virus found  
Avast           4.6.695.0       12.22.2005      no virus found  
AVG             718             12.21.2005      no virus found  
Avira           6.33.0.70       12.22.2005      no virus found  
BitDefender     7.2             12.22.2005      no virus found  
CAT-QuickHeal   8.00            12.21.2005      (Suspicious) - DNAScan  
ClamAV          devel-20051108  12.19.2005      no virus found  
DrWeb           4.33            12.22.2005      Trojan.MulDrop.3176     
eTrust-Iris     7.1.194.0       12.22.2005      no virus found  
eTrust-Vet      12.4.1.0        12.22.2005      no virus found  
Fortinet        2.54.0.0        12.22.2005      no virus found  
F-Prot          3.16c           12.20.2005      no virus found  
Ikarus          0.2.59.0        12.21.2005      no virus found  
Kaspersky       4.0.2.24        12.22.2005      no virus found  
McAfee          4655            12.21.2005      no virus found  
NOD32v2         1.1333          12.22.2005      no virus found  
Norman          5.70.10         12.22.2005      W32/Malware     
Panda           8.02.00         12.22.2005      no virus found  
Sophos          4.01.0          12.22.2005      no virus found  
Symantec        8.0             12.22.2005      no virus found  
TheHacker       5.9.1.060       12.21.2005      no virus found  
VBA32           3.10.5          12.22.2005      no virus found

----------


## Geser

This is a report processed by VirusTotal on 12/29/2005 at 21:24:00 (CET) after scanning the file "mjcshext.dll" file.
Antivirus Version Update Result 
AntiVir 6.33.0.70 12.29.2005 ADSPY/Look2Me.ab 
Avast 4.6.695.0 12.29.2005 no virus found 
AVG 718 12.29.2005 no virus found 
Avira 6.33.0.70 12.29.2005 ADSPY/Look2Me.ab 
BitDefender 7.2 12.29.2005 Adware.Dinky.A 
CAT-QuickHeal 8.00 12.29.2005 Adware.Look2Me 
ClamAV devel-20051123 12.29.2005 Adware.Lookme-26 
DrWeb 4.33 12.29.2005 no virus found 
eTrust-Iris 7.1.194.0 12.29.2005 Win32/Candebe!Trojan 
eTrust-Vet 12.4.1.0 12.29.2005 Win32/Canbede 
Ewido 3.5 12.29.2005 Spyware.Look2Me 
Fortinet 2.54.0.0 12.29.2005 Adware/Look2me 
F-Prot 3.16c 12.29.2005 no virus found 
Ikarus 0.2.59.0 12.29.2005 AdWare.Look2Me.U 
Kaspersky 4.0.2.24 12.29.2005 not-a-virus:AdWare.Win32.Look2Me.ab 
McAfee 4662 12.29.2005 potentially unwanted program Adware-Look2Me 
NOD32v2 1.1343 12.28.2005 a variant of Win32/Adware.Look2Me 
Norman 5.70.10 12.29.2005 W32/Look2Me.DJ 
Panda 9.0.0.4 12.28.2005 Adware/Look2Me 
Sophos 4.01.0 12.29.2005 no virus found 
Symantec 8.0 12.29.2005 no virus found 
TheHacker 5.9.1.064 12.28.2005 Adware/Look2Me 
UNA 1.83 12.29.2005 Adware.Look2Me 
VBA32 3.10.5 12.28.2005 no virus found

----------


## Terry

На вирус тотал добавлено два продукта: Ewido и UNA. Может имеет смысл завести тему "Исследование антивирусов 3" и сбросить текущие счётчики в 0 ?

----------


## Geser

> На вирус тотал добавлено два продукта: Ewido и UNA. Может имеет смысл завести тему "Исследование антивирусов 3" и сбросить текущие счётчики в 0 ?


Наверное стоит  :Smiley: 
Продолжение темы

----------

