PDA

Просмотр полной версии : Исследование антивирусов 5



Страницы : [1] 2 3

anton_dr
08.01.2007, 15:41
В общем думал я думал как сделать более-менее объективную оценку антивирусов, и кое что придумал. Вот в эту тему прошу всех постить результаты проверки зверей которые были пойманы исключительно ручками. Т.е. которых не видел установленный на компютере антивирус. Так выборка будет по настоящему случайной.

Постить в эту тему результаты проверки файлов исключительно пойманных руками на компьютерах.

Не постить результаты проверки файлов найденных на других сайтах или в коллекциях.
Не постить результаты проверки файлов изначально найденных антивирусом.

Продолжим в новой теме, так как появились новые действующие лица.
Предыдущий топик здесь (http://virusinfo.info/showthread.php?t=5802). Результаты его в прикрепленном файле. Спасибо Shu_b за титанический труд :)

borka
08.01.2007, 16:30
Спасибо Shu_b за титанический труд :)

Shu_b, респект. :)

Winsent
08.01.2007, 22:30
Antivirus Version Update Result

AntiVir 7.3.0.21 01.08.2007 TR/Dldr.Injloader.A
Authentium 4.93.8 12.30.2006 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.08.2007 no virus found
BitDefender 7.2 01.08.2007 no virus found
CAT-QuickHeal 9.00 01.08.2007 TrojanDownloader.Agent.aii
ClamAV devel-20060426 01.08.2007 no virus found
DrWeb 4.33 01.08.2007 Trojan.DownLoader.17213
eSafe 7.0.14.0 01.08.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.107 01.06.2007 no virus found
eTrust-Vet 30.3.3311 01.08.2007 no virus found
Ewido 4.0 01.08.2007 Downloader.Agent.aii
Fortinet 2.82.0.0 01.08.2007 no virus found
F-Prot 3.16f 01.05.2007 no virus found
F-Prot4 4.2.1.29 01.05.2007 no virus found
Ikarus T3.1.0.27 01.08.2007 no virus found
Kaspersky 4.0.2.24 01.08.2007 no virus found
McAfee 4934 01.08.2007 no virus found
Microsoft 1.1904 01.07.2007 no virus found
NOD32v2 1963 01.08.2007 no virus found
Norman 5.80.02 12.31.2007 W32/Malware
Panda 9.0.0.4 01.07.2007 Suspicious file
Prevx1 V2 01.08.2007 no virus found
Sophos 4.13.0 01.05.2007 Mal/Behav-080
Sunbelt 2.2.907.0 01.05.2007 no virus found
TheHacker 6.0.3.146 01.08.2007 no virus found
UNA 1.83 01.06.2007 no virus found
VBA32 3.11.1 01.08.2007 no virus found
VirusBuster 4.3.19:9 01.08.2007 no virus found

Aditional Information
File size: 23552 bytes
MD5: 073bc4974a0c451b0f1145338f19ef53
SHA1: e1fc27d75f1aee86935554726c103cd30ed56883
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 23552 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

Winsent
09.01.2007, 10:20
Complete scanning result of "mail.exe", received in VirusTotal at 01.09.2007, 08:17:19 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.21 01.08.2007 TR/PSW.LdPinch.bjf
Authentium 4.93.8 12.30.2006 could be a corrupted executable file
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.08.2007 PSW.Ldpinch.DHV
BitDefender 7.2 01.09.2007 Trojan.PSW.LdPinch.A
CAT-QuickHeal 9.00 01.08.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.09.2007 no virus found
DrWeb 4.33 01.09.2007 no virus found
eSafe 7.0.14.0 01.08.2007 Win32.LdPinch.bjf
eTrust-InoculateIT 23.73.109 01.09.2007 no virus found
eTrust-Vet 30.3.3313 01.09.2007 no virus found
Ewido 4.0 01.08.2007 no virus found
Fortinet 2.82.0.0 01.09.2007 W32/LdPinch.BJF!tr.pws
F-Prot 3.16f 01.08.2007 Possibly a new variant of W32/CrazyCrunch-based!Maximus
F-Prot4 4.2.1.29 01.09.2007 W32/CrazyCrunch-based!Maximus
Ikarus T3.1.0.27 01.09.2007 Trojan-PSW.Win32.LdPinch.bjf
Kaspersky 4.0.2.24 01.09.2007 Trojan-PSW.Win32.LdPinch.bjf
McAfee 4934 01.08.2007 no virus found
Microsoft 1.1904 01.09.2007 no virus found
NOD32v2 1963 01.08.2007 no virus found
Norman 5.80.02 12.31.2007 no virus found
Panda 9.0.0.4 01.08.2007 no virus found
Prevx1 V2 01.09.2007 no virus found
Sophos 4.13.0 01.05.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 VIPRE.Suspicious
TheHacker 6.0.3.146 01.08.2007 Trojan/PSW.LdPinch.bjf
UNA 1.83 01.06.2007 no virus found
VBA32 3.11.2 01.08.2007 no virus found
VirusBuster 4.3.19:9 01.08.2007 no virus found

Aditional Information
File size: 32287 bytes
MD5: eabd75799719ea4f61ac13d6e8fb95fb
SHA1: a407ac7ca8fcb44bfeef1b4c31064896a3b48d18
packers: PecBundle, PECompact
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
09.01.2007, 17:52
Complete scanning result of "porno.scr", received in VirusTotal at 01.09.2007, 15:50:08 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.21 01.09.2007 TR/FwBypass.A.669
Authentium 4.93.8 12.30.2006 could be a corrupted executable file
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.09.2007 no virus found
BitDefender 7.2 01.09.2007 BehavesLike:Trojan.FirewallBypass
CAT-QuickHeal 9.00 01.09.2007 no virus found
ClamAV devel-20060426 01.09.2007 no virus found
DrWeb 4.33 01.09.2007 no virus found
eSafe 7.0.14.0 01.09.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.109 01.09.2007 no virus found
eTrust-Vet 30.3.3313 01.09.2007 no virus found
Ewido 4.0 01.09.2007 no virus found
Fortinet 2.82.0.0 01.09.2007 suspicious
F-Prot 3.16f 01.08.2007 no virus found
F-Prot4 4.2.1.29 01.09.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 Trojan-PSW.Win32.LdPinch.apk
Kaspersky 4.0.2.24 01.09.2007 no virus found
McAfee 4934 01.08.2007 no virus found
Microsoft 1.1904 01.09.2007 no virus found
NOD32v2 1966 01.09.2007 no virus found
Norman 5.80.02 12.31.2007 no virus found
Panda 9.0.0.4 01.08.2007 no virus found
Prevx1 V2 01.09.2007 no virus found
Sophos 4.13.0 01.05.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 VIPRE.Suspicious
TheHacker 6.0.3.146 01.08.2007 no virus found
UNA 1.83 01.06.2007 no virus found
VBA32 3.11.2 01.09.2007 no virus found
VirusBuster 4.3.19:9 01.09.2007 no virus found

Aditional Information
File size: 53818 bytes
MD5: 5bf0802a969477b8b87d044abea0fd33
SHA1: 79306b7c7032f6f0ef99de08776d9c3c0aa2a844
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Shu_b
10.01.2007, 06:36
Complete scanning result of "avz00006.dta", received in VirusTotal at 01.09.2007, 19:46:15 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.21 01.09.2007 no virus found
Authentium 4.93.8 01.09.2007 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.09.2007 Collected.9.AM
BitDefender 7.2 01.09.2007 no virus found
CAT-QuickHeal 9.00 01.09.2007 no virus found
ClamAV devel-20060426 01.09.2007 no virus found
DrWeb 4.33 01.09.2007 no virus found
eSafe 7.0.14.0 01.09.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.109 01.09.2007 no virus found
eTrust-Vet 30.3.3313 01.09.2007 no virus found
Ewido 4.0 01.09.2007 no virus found
Fortinet 2.82.0.0 01.09.2007 suspicious
F-Prot 3.16f 01.09.2007 no virus found
F-Prot4 4.2.1.29 01.09.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.09.2007 no virus found
McAfee 4935 01.09.2007 no virus found
Microsoft 1.1904 01.09.2007 no virus found
NOD32v2 1967 01.09.2007 a variant of Win32/Spabot.NAC
Norman 5.80.02 12.31.2007 no virus found
Panda 9.0.0.4 01.09.2007 no virus found
Prevx1 V2 01.09.2007 no virus found
Sophos 4.13.0 01.05.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 no virus found
TheHacker 6.0.3.146 01.08.2007 no virus found
UNA 1.83 01.09.2007 no virus found
VBA32 3.11.2 01.09.2007 no virus found
VirusBuster 4.3.19:9 01.09.2007 Trojan.DL.Obfusc.Gen.4

Aditional Information
File size: 90624 bytes
MD5: c733ec1bca41bc95c4da11cbe95654f4
SHA1: 82918417039ee57b4071650d42d4692601ee6ae6
packers: UPX

drweb - Trojan.Spambot

Shu_b
10.01.2007, 10:41
Complete scanning result of "avz00009__1_._ta", received in VirusTotal at 01.10.2007, 08:28:03 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.21 01.09.2007 TR/Drop.WSO.A.2
Authentium 4.93.8 01.09.2007 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.09.2007 no virus found
BitDefender 7.2 01.10.2007 Trojan.Downloader.Agent.AEY
CAT-QuickHeal 9.00 01.09.2007 no virus found
ClamAV devel-20060426 01.09.2007 no virus found
DrWeb 4.33 01.10.2007 Trojan.Fakealert.229
eSafe 7.0.14.0 01.09.2007 Win32.Downloader
eTrust-InoculateIT 23.73.109 01.09.2007 no virus found
eTrust-Vet 30.3.3313 01.09.2007 no virus found
Ewido 4.0 01.09.2007 Adware.WorldSecurityOnline
Fortinet 2.82.0.0 01.10.2007 W32/FakeAlert
F-Prot 3.16f 01.09.2007 no virus found
F-Prot4 4.2.1.29 01.09.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.10.2007 not-a-virus:FraudTool.Win32.WorldSecurityOnline.c
McAfee 4935 01.09.2007 FakeAlert-G
Microsoft 1.1904 01.10.2007 no virus found
NOD32v2 1968 01.09.2007 Win32/TrojanDownloader.Zlob
Norman 5.80.02 12.31.2007 no virus found
Panda 9.0.0.4 01.09.2007 Application/AntiVermins
Prevx1 V2 01.10.2007 Generic.Zlob!DL
Sophos 4.13.0 01.05.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 no virus found
TheHacker 6.0.3.146 01.08.2007 no virus found
UNA 1.83 01.10.2007 no virus found
VBA32 3.11.2 01.09.2007 no virus found
VirusBuster 4.3.19:9 01.09.2007 no virus found

Aditional Information
File size: 20992 bytes
MD5: 75128e61b82c63deacd8f4975a3e1a99
SHA1: 0c91b00ab6a888030bcda451853b7d46e523de2b

Winsent
10.01.2007, 21:16
Complete scanning result of "setup.exe", received in VirusTotal at 01.10.2007, 19:16:10 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.21 01.09.2007 no virus found
Authentium 4.93.8 01.10.2007 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.10.2007 no virus found
BitDefender 7.2 01.10.2007 no virus found
CAT-QuickHeal 9.00 01.10.2007 no virus found
ClamAV devel-20060426 01.10.2007 no virus found
DrWeb 4.33 01.10.2007 no virus found
eSafe 7.0.14.0 01.10.2007 no virus found
eTrust-InoculateIT 23.73.110 01.10.2007 no virus found
eTrust-Vet 30.3.3316 01.10.2007 no virus found
Ewido 4.0 01.10.2007 no virus found
Fortinet 2.82.0.0 01.10.2007 no virus found
F-Prot 3.16f 01.10.2007 no virus found
F-Prot4 4.2.1.29 01.10.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.10.2007 no virus found
McAfee 4935 01.09.2007 no virus found
Microsoft 1.1904 01.10.2007 no virus found
NOD32v2 1970 01.10.2007 no virus found
Norman 5.80.02 01.10.2007 W32/Malware
Panda 9.0.0.4 01.09.2007 Suspicious file
Prevx1 V2 01.10.2007 no virus found
Sophos 4.13.0 01.10.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 no virus found
TheHacker 6.0.3.146 01.08.2007 no virus found
UNA 1.83 01.10.2007 no virus found
VBA32 3.11.2 01.09.2007 no virus found
VirusBuster 4.3.19:9 01.10.2007 no virus found

Aditional Information
File size: 49152 bytes
MD5: 398c8390385d73aefce3712c6420076f
SHA1: 292bd5a7d56982a888272cc8134041c42cafddac
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* File length: 49152 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

Winsent
14.01.2007, 15:43
Complete scanning result of "Anna.scr", received in VirusTotal at 01.14.2007, 13:40:38 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.21 01.09.2007 HEUR/Crypted
Authentium 4.93.8 01.12.2007 no virus found
Avast 4.7.936.0 01.13.2007 Win32:LdPinch-NO
AVG 386 01.13.2007 no virus found
BitDefender 7.2 01.14.2007 MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal 9.00 01.12.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.14.2007 Trojan.Dropper.Agent-106
DrWeb 4.33 01.14.2007 Trojan.PWS.LDPinch.1217
eSafe 7.0.14.0 01.14.2007 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.113 01.13.2007 no virus found
eTrust-Vet 30.3.3324 01.12.2007 no virus found
Ewido 4.0 01.14.2007 no virus found
Fortinet 2.82.0.0 01.13.2007 no virus found
F-Prot 3.16f 01.12.2007 no virus found
F-Prot4 4.2.1.29 01.12.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.14.2007 Trojan-PSW.Win32.LdPinch.bfy
McAfee 4938 01.12.2007 no virus found
Microsoft 1.1904 01.14.2007 Win32/Ldpinch
NOD32v2 1977 01.13.2007 a variant of Win32/PSW.LdPinch.NCB
Norman 5.80.02 01.12.2007 no virus found
Panda 9.0.0.4 01.13.2007 Suspicious file
Prevx1 V2 01.14.2007 no virus found
Sophos 4.13.0 01.13.2007 Troj/LdPinch-PZ
Sunbelt 2.2.907.0 01.12.2007 VIPRE.Suspicious
TheHacker 6.0.3.148 01.14.2007 no virus found
UNA 1.83 01.12.2007 no virus found
VBA32 3.11.2 01.14.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.19:9 01.13.2007 no virus found

Aditional Information
File size: 32256 bytes
MD5: 743b218ce24362d18399d169ac9dccb4
SHA1: bc82515174f5a50e3a8b5704263f16a185e80f94
packers: PECompact
packers: PECOMPACT
packers: PecBundle, PECompact
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
15.01.2007, 20:21
Complete scanning result of "setup.exe", received in VirusTotal at 01.15.2007, 18:19:53 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.21 01.09.2007 no virus found
Authentium 4.93.8 01.15.2007 no virus found
Avast 4.7.936.0 01.15.2007 no virus found
AVG 386 01.15.2007 no virus found
BitDefender 7.2 01.15.2007 no virus found
CAT-QuickHeal 9.00 01.15.2007 no virus found
ClamAV devel-20060426 01.15.2007 no virus found
DrWeb 4.33 01.15.2007 no virus found
eSafe 7.0.14.0 01.15.2007 no virus found
eTrust-InoculateIT 23.73.113 01.13.2007 no virus found
eTrust-Vet 30.3.3329 01.15.2007 no virus found
Ewido 4.0 01.15.2007 Downloader.Agent.aii
Fortinet 2.82.0.0 01.15.2007 no virus found
F-Prot 3.16f 01.15.2007 no virus found
F-Prot4 4.2.1.29 01.12.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.15.2007 no virus found
McAfee 4938 01.12.2007 no virus found
Microsoft 1.1904 01.15.2007 no virus found
NOD32v2 1980 01.15.2007 no virus found
Norman 5.80.02 01.15.2007 W32/Malware
Panda 9.0.0.4 01.14.2007 Suspicious file
Prevx1 V2 01.15.2007 no virus found
Sophos 4.13.0 01.13.2007 no virus found
Sunbelt 2.2.907.0 01.12.2007 no virus found
TheHacker 6.0.3.148 01.14.2007 no virus found
UNA 1.83 01.12.2007 no virus found
VBA32 3.11.2 01.15.2007 suspected of Trojan-Proxy.Horst.170 (paranoid heuristics)
VirusBuster 4.3.19:9 01.15.2007 no virus found

Aditional Information
File size: 49152 bytes
MD5: 98fe527323b8643dfc97f172c0de5732
SHA1: ff433500cea0f62fc970d88de355025807bf9939
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* File length: 49152 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

Winsent
18.01.2007, 13:13
Complete scanning result of "Mashka.scr", received in VirusTotal at 01.18.2007, 11:10:32 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.21 01.17.2007 HEUR/Crypted
Authentium 4.93.8 01.17.2007 no virus found
Avast 4.7.936.0 01.17.2007 no virus found
AVG 386 01.18.2007 no virus found
BitDefender 7.2 01.18.2007 MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal 9.00 01.17.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.18.2007 no virus found
DrWeb 4.33 01.18.2007 no virus found
eSafe 7.0.14.0 01.18.2007 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.116 01.18.2007 no virus found
eTrust-Vet 30.3.3334 01.18.2007 no virus found
Ewido 4.0 01.17.2007 no virus found
Fortinet 2.82.0.0 01.18.2007 suspicious
F-Prot 3.16f 01.17.2007 no virus found
F-Prot4 4.2.1.29 01.17.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.18.2007 Trojan-PSW.Win32.LdPinch.bkc
McAfee 4941 01.17.2007 no virus found
Microsoft 1.1904 01.18.2007 no virus found
NOD32v2 1988 01.18.2007 no virus found
Norman 5.80.02 01.17.2007 no virus found
Panda 9.0.0.4 01.17.2007 Suspicious file
Prevx1 V2 01.18.2007 no virus found
Sophos 4.13.0 01.17.2007 no virus found
Sunbelt 2.2.907.0 01.12.2007 VIPRE.Suspicious
TheHacker 6.0.3.148 01.14.2007 no virus found
UNA 1.83 01.17.2007 no virus found
VBA32 3.11.2 01.17.2007 no virus found
VirusBuster 4.3.19:9 01.18.2007 no virus found

Aditional Information
File size: 33805 bytes
MD5: a1cae0b3e11a5787892ac677f963b1c8
SHA1: ec3d276cffccd9d4ea86389a96b5667f8a678fe0
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Зайцев Олег
18.01.2007, 19:44
STATUS: FINISHEDComplete scanning result of "_4.exe", received in VirusTotal at 01.18.2007, 17:39:47 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.21 01.18.2007 HEUR/Crypted
Authentium 4.93.8 01.17.2007 could be a corrupted executable file
Avast 4.7.936.0 01.18.2007 no virus found
AVG 386 01.18.2007 no virus found
BitDefender 7.2 01.18.2007 no virus found
CAT-QuickHeal 9.00 01.17.2007 no virus found
ClamAV devel-20060426 01.18.2007 no virus found
DrWeb 4.33 01.18.2007 no virus found
eSafe 7.0.14.0 01.18.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.116 01.18.2007 no virus found
eTrust-Vet 30.3.3334 01.18.2007 no virus found
Ewido 4.0 01.17.2007 no virus found
Fortinet 2.82.0.0 01.18.2007 no virus found
F-Prot 3.16f 01.17.2007 no virus found
F-Prot4 4.2.1.29 01.18.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 Trojan-PSW.Win32.LdPinch.apk
Kaspersky 4.0.2.24 01.18.2007 no virus found
McAfee 4941 01.17.2007 no virus found
Microsoft 1.1904 01.18.2007 no virus found
NOD32v2 1988 01.18.2007 no virus found
Norman 5.80.02 01.18.2007 no virus found
Panda 9.0.0.4 01.17.2007 Suspicious file
Prevx1 V2 01.18.2007 no virus found
Sophos 4.13.0 01.17.2007 no virus found
Sunbelt 2.2.907.0 01.12.2007 VIPRE.Suspicious
TheHacker 6.0.3.149 01.18.2007 no virus found
UNA 1.83 01.17.2007 no virus found
VBA32 3.11.2 01.18.2007 no virus found
VirusBuster 4.3.19:9 01.18.2007 no virus found

Aditional Information
File size: 26526 bytes
MD5: 48ae2a22ffd78b439a9c9ecd861d9104
SHA1: 4d50dcca103b9bd01e53a1e0ca615fa9ede19e26
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

По данным моего анализатора - это модификация пинча.

anton_dr
20.01.2007, 16:31
Из темы http://virusinfo.info/showthread.php?t=7594

Complete scanning result of "avz00001.dta", received in VirusTotal at 01.20.2007, 14:07:42 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.20.2007 no virus found
Authentium 4.93.8 01.20.2007 no virus found
Avast 4.7.936.0 01.18.2007 no virus found
AVG 386 01.20.2007 no virus found
BitDefender 7.2 01.20.2007 Trojan.FatObfus.Gen
CAT-QuickHeal 9.00 01.20.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.20.2007 no virus found
DrWeb 4.33 01.20.2007 no virus found
eSafe 7.0.14.0 01.20.2007 no virus found
eTrust-InoculateIT 23.73.118 01.20.2007 no virus found
eTrust-Vet 30.3.3336 01.19.2007 no virus found
Ewido 4.0 01.19.2007 no virus found
Fortinet 2.82.0.0 01.20.2007 suspicious
F-Prot 3.16f 01.20.2007 no virus found
F-Prot4 4.2.1.29 01.19.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 not-a-virus:AdWare.Win32.Lop.ag
Kaspersky 4.0.2.24 01.20.2007 no virus found
McAfee 4943 01.19.2007 no virus found
Microsoft 1.1904 01.20.2007 no virus found
NOD32v2 1992 01.20.2007 no virus found
Norman 5.80.02 01.19.2007 no virus found
Panda 9.0.0.4 01.20.2007 Suspicious file
Prevx1 V2 01.20.2007 Adware.Lop
Sophos 4.13.0 01.20.2007 no virus found
Sunbelt 2.2.907.0 01.12.2007 no virus found
TheHacker 6.0.3.151 01.19.2007 no virus found
UNA 1.83 01.19.2007 no virus found
VBA32 3.11.2 01.19.2007 suspected of Trojan-Downloader.Obfuscated.1 (paranoid heuristics)
VirusBuster 4.3.19:9 01.20.2007 no virus found

Aditional Information
File size: 228864 bytes
MD5: 308dd917c8c1cab36df22b25e95c0df1
SHA1: 7bd08b83f5ac23065c049770a459256f1a8fdcdb
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=614c69782788

Geser
20.01.2007, 21:42
AntiVir 7.3.0.26 01.20.2007 TR/PCK.Klone.V.6
Authentium 4.93.8 01.20.2007 no virus found
Avast 4.7.936.0 01.18.2007 no virus found
AVG 386 01.20.2007 Generic2.MUX
BitDefender 7.2 01.20.2007 Trojan.Klone.H
CAT-QuickHeal 9.00 01.20.2007 no virus found
ClamAV devel-20060426 01.20.2007 no virus found
DrWeb 4.33 01.20.2007 Trojan.Mezzia
eSafe 7.0.14.0 01.20.2007 Win32.Klone.v
eTrust-InoculateIT 23.73.118 01.20.2007 Win32/Nebuler.AO!DLL!Trojan
eTrust-Vet 30.3.3336 01.19.2007 Win32/Nebuler.AO
Ewido 4.0 01.20.2007 Trojan.Agent.nff
Fortinet 2.82.0.0 01.20.2007 W32/Nebule.V!tr
F-Prot 3.16f 01.20.2007 no virus found
F-Prot4 4.2.1.29 01.20.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 Trojan.Win32.Agent.vg
Kaspersky 4.0.2.24 01.20.2007 Packed.Win32.Klone.v
McAfee 4943 01.19.2007 BackDoor-CVT
Microsoft 1.1904 01.20.2007 no virus found
NOD32v2 1992 01.20.2007 Win32/Agent.NFF
Norman 5.80.02 01.19.2007 W32/Agent.AUNX
Panda 9.0.0.4 01.20.2007 Trj/Nebule.B
Prevx1 V2 01.20.2007 Polynomial.Code.Exploit
Sophos 4.13.0 01.20.2007 Troj/Nebule-Gen
Sunbelt 2.2.907.0 01.12.2007 Trojan.Klone.H
TheHacker 6.0.3.151 01.19.2007 Trojan/Klone.v
UNA 1.83 01.19.2007 Trojan.Win32.Klone.2C6C
VBA32 3.11.2 01.19.2007 Trojan.Win32.Agent.NFF

ISO
22.01.2007, 13:32
Complete scanning result of "r57.pl", received in VirusTotal at 01.22.2007, 09:39:18 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.26 01.22.2007 no virus found
Authentium 4.93.8 01.21.2007 no virus found
Avast 4.7.936.0 01.18.2007 no virus found
AVG 386 01.22.2007 no virus found
BitDefender 7.2 01.22.2007 no virus found
CAT-QuickHeal 9.00 01.22.2007 no virus found
ClamAV devel-20060426 01.21.2007 no virus found
DrWeb 4.33 01.22.2007 Exploit.phpBB
eSafe 7.0.14.0 01.21.2007 no virus found
eTrust-InoculateIT 23.73.119 01.22.2007 no virus found
eTrust-Vet 30.3.3343 01.22.2007 no virus found
Ewido 4.0 01.21.2007 no virus found
Fortinet 2.82.0.0 01.22.2007 no virus found
F-Prot 3.16f 01.21.2007 no virus found
F-Prot4 4.2.1.29 01.21.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.22.2007 Exploit.Perl.Board.c
McAfee 4943 01.19.2007 Perl/Exploit.gen
Microsoft 1.1904 01.22.2007 no virus found
NOD32v2 1995 01.21.2007 no virus found
Norman 5.80.02 01.22.2007 no virus found
Panda 9.0.0.4 01.21.2007 no virus found
Prevx1 V2 01.22.2007 no virus found
Sophos 4.13.0 01.20.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.154 01.22.2007 no virus found
UNA 1.83 01.19.2007 no virus found
VBA32 3.11.2 01.22.2007 no virus found
VirusBuster 4.3.19:9 01.21.2007 no virus found

Aditional Information
File size: 16761 bytes
MD5: 3175fc5b7fea821faf3b620bf15bee33
SHA1: bf9a27982b610fed8c02c45e2c4704f2b8d6fd55

ISO
22.01.2007, 13:33
Complete scanning result of "phpRemoteView.php", received in VirusTotal at 01.22.2007, 09:31:40 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.26 01.22.2007 no virus found
Authentium 4.93.8 01.21.2007 no virus found
Avast 4.7.936.0 01.18.2007 no virus found
AVG 386 01.22.2007 no virus found
BitDefender 7.2 01.22.2007 no virus found
CAT-QuickHeal 9.00 01.22.2007 no virus found
ClamAV devel-20060426 01.21.2007 no virus found
DrWeb 4.33 01.22.2007 no virus found
eSafe 7.0.14.0 01.21.2007 Win32.Hacktool
eTrust-InoculateIT 23.73.119 01.22.2007 no virus found
eTrust-Vet 30.3.3343 01.22.2007 no virus found
Ewido 4.0 01.21.2007 no virus found
Fortinet 2.82.0.0 01.22.2007 RAT/RemView
F-Prot 3.16f 01.21.2007 no virus found
F-Prot4 4.2.1.29 01.21.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.22.2007 not-a-virus:RemoteAdmin.PHP.RemView.a
McAfee 4943 01.19.2007 no virus found
Microsoft 1.1904 01.22.2007 no virus found
NOD32v2 1995 01.21.2007 PHP/RemoteAdmin.RemView.A
Norman 5.80.02 01.22.2007 no virus found
Panda 9.0.0.4 01.21.2007 no virus found
Prevx1 V2 01.22.2007 no virus found
Sophos 4.13.0 01.20.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.154 01.22.2007 no virus found
UNA 1.83 01.19.2007 no virus found
VBA32 3.11.2 01.22.2007 no virus found
VirusBuster 4.3.19:9 01.21.2007 no virus found

Aditional Information
File size: 91159 bytes
MD5: b4a09911a5b23e00b55abe546ded691c
SHA1: 9a5f1bd37fa992b69bbc3f2e8ddfc18cb27c8ea3

ISO
22.01.2007, 19:20
Complete scanning result of "fsb2.exe", received in VirusTotal at 01.22.2007, 17:12:26 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.26 01.22.2007 HEUR/Crypted
Authentium 4.93.8 01.21.2007 no virus found
Avast 4.7.936.0 01.22.2007 no virus found
AVG 386 01.22.2007 no virus found
BitDefender 7.2 01.22.2007 DeepScan:Generic.Dialer.61C27394
CAT-QuickHeal 9.00 01.22.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.22.2007 no virus found
DrWeb 4.33 01.22.2007 no virus found
eSafe 7.0.14.0 01.21.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.119 01.22.2007 no virus found
eTrust-Vet 30.3.3343 01.22.2007 no virus found
Ewido 4.0 01.22.2007 no virus found
Fortinet 2.82.0.0 01.22.2007 suspicious
F-Prot 3.16f 01.21.2007 no virus found
F-Prot4 4.2.1.29 01.21.2007 generic
Ikarus T3.1.0.27 01.22.2007 no virus found
Kaspersky 4.0.2.24 01.22.2007 no virus found
McAfee 4944 01.22.2007 no virus found
Microsoft 1.1904 01.22.2007 no virus found
NOD32v2 1997 01.22.2007 Win32/PSW.LdPinch.BFP
Norman 5.80.02 01.22.2007 no virus found
Panda 9.0.0.4 01.22.2007 Suspicious file
Prevx1 V2 01.22.2007 no virus found
Sophos 4.13.0 01.20.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 VIPRE.Suspicious
TheHacker 6.0.3.154 01.22.2007 no virus found
UNA 1.83 01.19.2007 no virus found
VBA32 3.11.2 01.22.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.19:9 01.22.2007 no virus found

Aditional Information
File size: 36320 bytes
MD5: 902499f4ad65093eaa9ae4fefa115235
SHA1: 87364cc8107af30b2a42ccd3b6565662cf33146b
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

ISO
22.01.2007, 19:29
Complete scanning result of "patch.exe", received in VirusTotal at 01.22.2007, 17:23:45 (CET).
Antivirus Version Update Result
AntiVir 7.3.0.26 01.22.2007 no virus found
Authentium 4.93.8 01.21.2007 no virus found
Avast 4.7.936.0 01.22.2007 no virus found
AVG 386 01.22.2007 no virus found
BitDefender 7.2 01.22.2007 BehavesLike:Trojan.ShellObject
CAT-QuickHeal 9.00 01.22.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.22.2007 no virus found
DrWeb 4.33 01.22.2007 Trojan.PWS.Wmsender
eSafe 7.0.14.0 01.21.2007 no virus found
eTrust-InoculateIT 23.73.119 01.22.2007 no virus found
eTrust-Vet 30.3.3343 01.22.2007 no virus found
Ewido 4.0 01.22.2007 no virus found
Fortinet 2.82.0.0 01.22.2007 suspicious
F-Prot 3.16f 01.21.2007 no virus found
F-Prot4 4.2.1.29 01.21.2007 no virus found
Ikarus T3.1.0.27 01.22.2007 no virus found
Kaspersky 4.0.2.24 01.22.2007 no virus found
McAfee 4944 01.22.2007 New Win32.g2
Microsoft 1.1904 01.22.2007 no virus found
NOD32v2 1997 01.22.2007 probably a variant of Win32/TrojanDropper.Small.NCP
Norman 5.80.02 01.22.2007 no virus found
Panda 9.0.0.4 01.22.2007 Suspicious file
Prevx1 V2 01.22.2007 no virus found
Sophos 4.13.0 01.20.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 VIPRE.Suspicious
TheHacker 6.0.3.154 01.22.2007 no virus found
UNA 1.83 01.19.2007 no virus found
VBA32 3.11.2 01.22.2007 Trojan.PWS.Wmsender
VirusBuster 4.3.19:9 01.22.2007 no virus found

Aditional Information
File size: 8704 bytes
MD5: 6573745c6dc2b364977729a3aef35272
SHA1: a30a6de1f2fcdb8ee157c66c0195a585560a76b5
packers: PECRYPT
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

urbanangel
23.01.2007, 20:52
Complete scanning result of "Web_Money.exe", received in VirusTotal at 01.23.2007,
18:43:16 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.23.2007 TR/Drop.Tiny.M.3
Authentium 4.93.8 01.22.2007 no virus found
Avast 4.7.936.0 01.23.2007 no virus found
AVG 386 01.23.2007 no virus found
BitDefender 7.2 01.23.2007 no virus found
CAT-QuickHeal 9.00 01.22.2007 no virus found
ClamAV devel-20060426 01.23.2007 no virus found
DrWeb 4.33 01.23.2007 Trojan.MulDrop.5419
eSafe 7.0.14.0 01.23.2007 Win32.Tiny.m
eTrust-InoculateIT 23.73.120 01.23.2007 no virus found
eTrust-Vet 30.3.3344 01.23.2007 no virus found
Ewido 4.0 01.23.2007 no virus found
Fortinet 2.82.0.0 01.23.2007 no virus found
F-Prot 3.16f 01.22.2007 no virus found
F-Prot4 4.2.1.29 01.22.2007 no virus found
Ikarus T3.1.0.27 01.23.2007 Trojan-Clicker.Win32.NetBuie.H
Kaspersky 4.0.2.24 01.23.2007 Trojan-Dropper.Win32.Tiny.m
McAfee 4947 01.23.2007 no virus found
Microsoft 1.1904 01.23.2007 no virus found
NOD32v2 2000 01.23.2007 no virus found
Norman 5.80.02 01.23.2007 W32/Suspicious_M.gen.dropper
Panda 9.0.0.4 01.23.2007 Suspicious file
Prevx1 V2 01.23.2007 no virus found
Sophos 4.13.0 01.20.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.154 01.22.2007 no virus found
UNA 1.83 01.23.2007 no virus found
VBA32 3.11.2 01.23.2007 Trojan.MulDrop.5038
VirusBuster 4.3.19:9 01.23.2007 no virus found

Aditional Information
File size: 552972 bytes
MD5: 34c0a2aade69879dea99a77b41b6a2e7
SHA1: 6205dfebf30757d2bce2d954522d3b1f7a0b3970

Winsent
24.01.2007, 07:51
Complete scanning result of "Lena.scr", received in VirusTotal at 01.24.2007, 05:44:59 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.26 01.23.2007 HEUR/Crypted
Authentium 4.93.8 01.23.2007 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.936.0 01.23.2007 Win32:Ldpinch-AH
AVG 386 01.23.2007 no virus found
BitDefender 7.2 01.24.2007 Generic.PWStealer.C5C991E0
CAT-QuickHeal 9.00 01.22.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.23.2007 no virus found
DrWeb 4.33 01.23.2007 MULDROP.PWS.Trojan
eSafe 7.0.14.0 01.23.2007 Win32.LdPinch.bkn
eTrust-InoculateIT 23.73.121 01.24.2007 no virus found
eTrust-Vet 30.3.3346 01.23.2007 no virus found
Ewido 4.0 01.23.2007 Trojan.LdPinch.bkn
Fortinet 2.85.0.0 01.24.2007 no virus found
F-Prot 3.16f 01.23.2007 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
F-Prot4 4.2.1.29 01.23.2007 W32/HLLI-MewOrleans-based!Maximus
Ikarus T3.1.0.27 01.24.2007 IM-Worm.Win32.Sumom.C
Kaspersky 4.0.2.24 01.24.2007 Trojan-PSW.Win32.LdPinch.bkn
McAfee 4947 01.23.2007 no virus found
Microsoft 1.1904 01.24.2007 Win32/Ldpinch
NOD32v2 2001 01.24.2007 probably a variant of Win32/PSW.LdPinch
Norman 5.80.02 01.23.2007 W32/Suspicious_M.gen
Panda 9.0.0.4 01.24.2007 no virus found
Prevx1 V2 01.24.2007 no virus found
Sophos 4.13.0 01.24.2007 Mal/Packer
Sunbelt 2.2.907.0 01.22.2007 VIPRE.Suspicious
TheHacker 6.0.3.155 01.24.2007 Trojan/PSW.LdPinch.bkn
UNA 1.83 01.23.2007 no virus found
VBA32 3.11.2 01.23.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.19:9 01.23.2007 novirus:Packed/MEW

Aditional Information
File size: 51181 bytes
MD5: 8733b36ec7c5e66544350599277d942b
SHA1: 791f43d2dd8a1f05a779b031841905a46e443724
packers: MEW
packers: MEW
packers: MEW
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
25.01.2007, 16:48
Complete scanning result of "demo.rar", received in VirusTotal at 01.25.2007, 14:45:39 (CET).


Antivirus Version Update Result

AntiVir 7.3.0.26 01.25.2007 no virus found
Authentium 4.93.8 01.24.2007 no virus found
Avast 4.7.936.0 01.24.2007 no virus found
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 no virus found
ClamAV devel-20060426 01.25.2007 no virus found
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 no virus found
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.25.2007 no virus found
Kaspersky 4.0.2.24 01.25.2007 Trojan-Dropper.Win32.Small.abb
McAfee 4948 01.24.2007 W32/NGVCK.a
Microsoft 1.1904 01.25.2007 no virus found
NOD32v2 2005 01.25.2007 probably unknown WIN32 virus
Norman 5.80.02 01.25.2007 no virus found
Panda 9.0.0.4 01.25.2007 Suspicious file
Prevx1 V2 01.25.2007 no virus found
Sophos 4.13.0 01.24.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 VIPRE.Suspicious
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 Win32.virus
VBA32 3.11.2 01.24.2007 Trojan.PWS.Ragnarok
VirusBuster 4.3.19:9 01.24.2007 no virus found

Aditional Information
File size: 92289 bytes
MD5: 1db342abd759cc8358fda97bdd92e9ed
SHA1: 301453c537e5474da5edcc35bbf7e8db9dcd529c
packers: embedded
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

ALEX(XX)
25.01.2007, 19:16
Из http://virusinfo.info/showthread.php?t=7646
Complete scanning result of "avz00010.dta", received in VirusTotal at 01.25.2007, 17:12:09 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.25.2007 HEUR/Crypted
Authentium 4.93.8 01.24.2007 no virus found
Avast 4.7.936.0 01.24.2007 no virus found
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.25.2007 no virus found
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 Suspicious Trojan/Worm
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.25.2007 no virus found
Kaspersky 4.0.2.24 01.25.2007 no virus found
McAfee 4948 01.24.2007 no virus found
Microsoft 1.1904 01.25.2007 TrojanDownloader:Win32/Clagger.gen!B
NOD32v2 2005 01.25.2007 no virus found
Norman 5.80.02 01.25.2007 Suspicious_F.gen
Panda 9.0.0.4 01.25.2007 Suspicious file
Prevx1 V2 01.25.2007 no virus found
Sophos 4.13.0 01.24.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 VIPRE.Suspicious
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 no virus found
VBA32 3.11.2 01.24.2007 no virus found
VirusBuster 4.3.19:9 01.24.2007 novirus:Packed/FSG

File size: 27021 bytes
MD5: 4243b966baff1c80fb72ee5485858089
SHA1: 324dd146ca237096acdc78b81a855c9f05f34058
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

saicat
26.01.2007, 01:13
Complete scanning result of "msg.UT79cY", received in VirusTotal at 01.25.2007, 23:09:08 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.25.2007 HEUR/Crypted.E
Authentium 4.93.8 01.24.2007 could be infected with an unknown virus
Avast 4.7.936.0 01.24.2007 no virus found
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 no virus found
ClamAV devel-20060426 01.25.2007 no virus found
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 no virus found
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 generic
Ikarus T3.1.0.27 01.25.2007 no virus found
Kaspersky 4.0.2.24 01.25.2007 no virus found
McAfee 4948 01.24.2007 Downloader-AAP!eml
Microsoft 1.1904 01.25.2007 no virus found
NOD32v2 2005 01.25.2007 error occurred while reading archive
Norman 5.80.02 01.25.2007 Suspicious_F.gen
Panda 9.0.0.4 01.25.2007 Suspicious file
Prevx1 V2 01.25.2007 no virus found
Sophos 4.13.0 01.24.2007 Mal/Packer
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 no virus found
VBA32 3.11.2 01.24.2007 suspected of I-Worm (double extension)
VirusBuster 4.3.19:9 01.24.2007 novirus:Packed/FSG

saicat
26.01.2007, 01:20
Complete scanning result of "virus-20070125-220411-12881", received in VirusTotal at 01.25.2007, 23:16:31 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.25.2007 no virus found
Authentium 4.93.8 01.24.2007 W32/Tibs.RG
Avast 4.7.936.0 01.24.2007 no virus found
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 no virus found
ClamAV devel-20060426 01.25.2007 no virus found
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 no virus found
F-Prot 4.2.1.29 01.25.2007 W32/Tibs.RG
Ikarus T3.1.0.27 01.25.2007 no virus found
Kaspersky 4.0.2.24 01.25.2007 no virus found
McAfee 4948 01.24.2007 New Malware.j
Microsoft 1.1904 01.25.2007 Win32/Vxidl.gen!B
NOD32v2 2005 01.25.2007 no virus found
Norman 5.80.02 01.25.2007 no virus found
Panda 9.0.0.4 01.25.2007 no virus found
Prevx1 V2 01.25.2007 no virus found
Sophos 4.13.0 01.24.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 no virus found
VBA32 3.11.2 01.24.2007 no virus found
VirusBuster 4.3.19:9 01.24.2007 no virus found

Aditional Information
File size: 71755 bytes
MD5: 27400f875229a27d03d00150dfeb7e32
SHA1: 45a7d3723613807532139a9e1f9be0651b9037dd

Kuzz
26.01.2007, 10:01
STATUS: FINISHEDComplete scanning result of "axosetup.336.exe", received in VirusTotal at 01.26.2007, 07:57:28 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.25.2007 DR/Zlob.Gen
Authentium 4.93.8 01.24.2007 no virus found
Avast 4.7.936.0 01.24.2007 no virus found
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 no virus found
ClamAV devel-20060426 01.25.2007 no virus found
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.25.2007 no virus found
Kaspersky 4.0.2.24 01.25.2007 no virus found
McAfee 4948 01.24.2007 no virus found
Microsoft 1.1904 01.25.2007 no virus found
NOD32v2 2005 01.25.2007 no virus found
Norman 5.80.02 01.25.2007 W32/Zlob.ACRE
Panda 9.0.0.4 01.25.2007 no virus found
Prevx1 V2 01.26.2007 no virus found
Sophos 4.13.0 01.24.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 no virus found
VBA32 3.11.2 01.24.2007 MalwareScope.Downloader.Zlob.1
VirusBuster 4.3.19:9 01.24.2007 no virus found


Aditional Information
File size: 61528 bytes
MD5: 79e86a6a4369ab3b8d830d8998349e1e
SHA1: 9a5636e749bff1326df0eb18bee883c675f1b583
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

ALEX(XX)
26.01.2007, 10:02
Complete scanning result of "Keygen_KyivStar.exe", received in VirusTotal at 01.26.2007, 07:46:33 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.25.2007 no virus found
Authentium 4.93.8 01.24.2007 no virus found
Avast 4.7.936.0 01.24.2007 no virus found
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 no virus found
ClamAV devel-20060426 01.25.2007 no virus found
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 no virus found
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.25.2007 Backdoor.Win32.PcClient.GV
Kaspersky 4.0.2.24 01.25.2007 not-virus:Hoax.Win32.KyivStar.b
McAfee 4948 01.24.2007 no virus found
Microsoft 1.1904 01.25.2007 no virus found
NOD32v2 2005 01.25.2007 no virus found
Norman 5.80.02 01.25.2007 no virus found
Panda 9.0.0.4 01.25.2007 no virus found
Prevx1 V2 01.26.2007 no virus found
Sophos 4.13.0 01.24.2007 Mal/Packer
Sunbelt 2.2.907.0 01.22.2007 no virus found
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 no virus found
VBA32 3.11.2 01.24.2007 suspected of Downloader.Banload.16 (paranoid heuristics)
VirusBuster 4.3.19:9 01.24.2007 novirus:Packed/NSPack

Aditional Information
File size: 345389 bytes
MD5: ecce86c3458d15930e81486752249b89
SHA1: 9243813916e36b21ffb132c280d42d1194c7891b
packers: NSPACK
packers: RAR, NSPack, PE_Patch

Kuzz
26.01.2007, 11:11
STATUS: FINISHEDComplete scanning result of "keygenerator.ex_", received in VirusTotal at 01.26.2007, 08:48:49 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.26 01.25.2007 no virus found
Authentium 4.93.8 01.24.2007 no virus found
Avast 4.7.936.0 01.24.2007 Win32: Zlob-SX
AVG 386 01.24.2007 no virus found
BitDefender 7.2 01.25.2007 no virus found
CAT-QuickHeal 9.00 01.25.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.25.2007 Worm.Stration.QR-1
DrWeb 4.33 01.25.2007 no virus found
eSafe 7.0.14.0 01.24.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.123 01.25.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.24.2007 no virus found
Fortinet 2.85.0.0 01.24.2007 no virus found
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.25.2007 Trojan-Dropper.Win32.ExeBind
Kaspersky 4.0.2.24 01.25.2007 no virus found
McAfee 4948 01.24.2007 no virus found
Microsoft 1.1904 01.25.2007 no virus found
NOD32v2 2005 01.25.2007 no virus found
Norman 5.80.02 01.25.2007 W32/Suspicious_M.gen
Panda 9.0.0.4 01.25.2007 Suspicious file
Prevx1 V2 01.26.2007 Trojan.AccessSetup
Sophos 4.13.0 01.24.2007 no virus found
Sunbelt 2.2.907.0 01.22.2007 VIPRE.Suspicious
TheHacker 6.0.3.156 01.25.2007 no virus found
UNA 1.83 01.24.2007 no virus found
VBA32 3.11.2 01.24.2007 MalwareScope.Downloader.Zlob.1
VirusBuster 4.3.19:9 01.24.2007 novirus:Packed/MEW


Aditional Information
File size: 11225 bytes
MD5: c97803c2c0155ea96cb0e3d95c2a414f
SHA1: c7ba321a93d3b8481d529b409deb4d0ade543366
packers: MEW
packers: MEW

Shu_b
26.01.2007, 13:20
Complete scanning result of "msio32.dll (http://virusinfo.info/showthread.php?t=7647)", received in VirusTotal at 01.26.2007, 11:12:10 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.32 01.26.2007 HEUR/Malware
Authentium 4.93.8 01.26.2007 no virus found
Avast 4.7.936.0 01.26.2007 no virus found
AVG 386 01.26.2007 no virus found
BitDefender 7.2 01.26.2007 no virus found
CAT-QuickHeal 9.00 01.26.2007 no virus found
ClamAV devel-20060426 01.26.2007 no virus found
DrWeb 4.33 01.26.2007 no virus found
eSafe 7.0.14.0 01.26.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.124 01.26.2007 no virus found
eTrust-Vet 30.3.3349 01.25.2007 no virus found
Ewido 4.0 01.26.2007 no virus found
Fortinet 2.85.0.0 01.26.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.26.2007 no virus found
Kaspersky 4.0.2.24 01.26.2007 no virus found
McAfee 4949 01.26.2007 no virus found
Microsoft 1.2101 01.26.2007 Spammer:Win32/Mailbot.P
NOD32v2 2008 01.26.2007 a variant of Win32/Spabot.NAC
Norman 5.80.02 01.26.2007 no virus found
Panda 9.0.0.4 01.26.2007 no virus found
Prevx1 V2 01.26.2007 no virus found
Sophos 4.13.0 01.24.2007 no virus found
Sunbelt 2.2.907.0 01.26.2007 no virus found
TheHacker 6.0.3.158 01.26.2007 no virus found
UNA 1.83 01.26.2007 no virus found
VBA32 3.11.2 01.26.2007 no virus found
VirusBuster 4.3.19:9 01.26.2007 Trojan.DL.Obfusc.Gen.4

Aditional Information
File size: 335033 bytes
MD5: df804fd1a5e9fc3836332073ed0ef073
SHA1: 8c6e83f9b51491f422b33c6d48df6e809b1edc40
packers: UPX
packers: UPX, UPX
packers: UPX

Kuzz
26.01.2007, 18:49
STATUS: FINISHEDComplete scanning result of "teleport.pro.1.29.2050.keygen-rev", received in VirusTotal at 01.26.2007, 16:41:16 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.32 01.26.2007 no virus found
Authentium 4.93.8 01.26.2007 no virus found
Avast 4.7.936.0 01.26.2007 no virus found
AVG 386 01.26.2007 no virus found
BitDefender 7.2 01.26.2007 no virus found
CAT-QuickHeal 9.00 01.26.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.26.2007 Worm.Bagle.Gen-1
DrWeb 4.33 01.26.2007 no virus found
eSafe 7.0.14.0 01.26.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.124 01.26.2007 no virus found
eTrust-Vet 30.3.3352 01.26.2007 no virus found
Ewido 4.0 01.26.2007 no virus found
Fortinet 2.85.0.0 01.26.2007 suspicious
F-Prot 4.2.1.29 01.25.2007 no virus found
Ikarus T3.1.0.27 01.26.2007 no virus found
Kaspersky 4.0.2.24 01.26.2007 no virus found
McAfee 4949 01.26.2007 no virus found
Microsoft 1.2101 01.26.2007 no virus found
NOD32v2 2009 01.26.2007 no virus found
Norman 5.80.02 01.26.2007 no virus found
Panda 9.0.0.4 01.26.2007 no virus found
Prevx1 V2 01.26.2007 no virus found
Sophos 4.13.0 01.24.2007 Mal/Packer
Sunbelt 2.2.907.0 01.26.2007 VIPRE.Suspicious
TheHacker 6.0.3.158 01.26.2007 no virus found
UNA 1.83 01.26.2007 no virus found
VBA32 3.11.2 01.26.2007 no virus found
VirusBuster 4.3.19:9 01.26.2007 no virus found


Aditional Information
File size: 44119 bytes
MD5: 727fd57b0bcf9e9adb0239627b70ed64
SHA1: f47d31139549294d5b41b0404d40543e2a6832dc
packers: UPX
packers: PECRYPT, PECRYPT, UPX
packers: UPX
Sunbelt info: VIPRE.Suspicious

saicat
28.01.2007, 17:49
Complete scanning result of "virus-20070128-151323-15106", received in VirusTotal at 01.28.2007, 15:30:23 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.32 01.27.2007 TR/Crypt.ULPM.Gen
Authentium 4.93.8 01.26.2007 Possibly a new variant of W32/CodeCru-based!Maximus
Avast 4.7.936.0 01.27.2007 no virus found
AVG 386 01.28.2007 no virus found
BitDefender 7.2 01.28.2007 no virus found
CAT-QuickHeal 9.00 01.27.2007 no virus found
ClamAV devel-20060426 01.28.2007 Trojan.Downloader-749
DrWeb 4.33 01.28.2007 Packed.Generic
eSafe 7.0.14.0 01.26.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.126 01.27.2007 no virus found
eTrust-Vet 30.3.3353 01.27.2007 no virus found
Ewido 4.0 01.28.2007 no virus found
Fortinet 2.85.0.0 01.28.2007 no virus found
F-Prot 4.2.1.29 01.26.2007 W32/CodeCru-based!Maximus
Ikarus T3.1.0.27 01.28.2007 Trojan-Downloader.Win32.Small.gen
Kaspersky 4.0.2.24 01.28.2007 no virus found
McAfee 4950 01.26.2007 New Malware.j
Microsoft 1.2101 01.28.2007 Win32/Vxidl.gen!B
NOD32v2 2014 01.28.2007 no virus found
Norman 5.80.02 01.26.2007 no virus found
Panda 9.0.0.4 01.28.2007 no virus found
Prevx1 V2 01.28.2007 no virus found
Sophos 4.13.0 01.28.2007 Mal/HckPk-A
Sunbelt 2.2.907.0 01.26.2007 no virus found
TheHacker 6.0.3.159 01.28.2007 no virus found
UNA 1.83 01.26.2007 no virus found
VBA32 3.11.2 01.28.2007 no virus found
VirusBuster 4.3.19:9 01.28.2007 Trojan.Tibs.Gen!Pac26

Aditional Information
File size: 70685 bytes
MD5: e119923387453279f2069d6b1313818c
SHA1: 5512d113bd0f07ba0b815cf3559a3735f720cf3c

Kuzz
31.01.2007, 21:25
Antivirus Version Update Result
AntiVir 7.3.1.33 01.31.2007 no virus found
Authentium 4.93.8 01.30.2007 could be a corrupted executable file
Avast 4.7.936.0 01.31.2007 no virus found
AVG 386 01.31.2007 no virus found
BitDefender 7.2 01.31.2007 Trojan.Agent.AJJ
CAT-QuickHeal 9.00 01.31.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.31.2007 no virus found
DrWeb 4.33 01.31.2007 no virus found
eSafe 7.0.14.0 01.31.2007 suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3361 01.31.2007 no virus found
eTrust-Vet 30.4.3361 01.31.2007 no virus found
Ewido 4.0 01.31.2007 no virus found
Fortinet 2.85.0.0 01.31.2007 suspicious
F-Prot 4.2.1.29 01.30.2007 no virus found
Ikarus T3.1.0.27 01.31.2007 no virus found
Kaspersky 4.0.2.24 01.31.2007 no virus found
McAfee 4953 01.31.2007 no virus found
Microsoft 1.2101 01.31.2007 no virus found
NOD32v2 2023 01.31.2007 no virus found
Norman 5.80.02 01.31.2007 no virus found
Panda 9.0.0.4 01.31.2007 no virus found
Prevx1 V2 01.31.2007 no virus found
Sophos 4.13.0 01.31.2007 no virus found
Sunbelt 2.2.907.0 01.31.2007 VIPRE.Suspicious
Symantec 10 01.30.2007 no virus found
TheHacker 6.0.3.160 01.31.2007 no virus found
UNA 1.83 01.30.2007 no virus found
VBA32 3.11.2 01.31.2007 no virus found
VirusBuster 4.3.19:9 01.31.2007 no virus found


Aditional Information
File size: 12921 bytes
MD5: 83c007180ec47456d90a37e3102bde8c
SHA1: 3a814e86943052ad4fff26862a4f0e49aa25a166
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
01.02.2007, 14:35
Complete scanning result of "setup.exe", received in VirusTotal at 02.01.2007, 12:33:20 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.33 02.01.2007 no virus found
Authentium 4.93.8 02.01.2007 no virus found
Avast 4.7.936.0 02.01.2007 Win32:Horst-GV
AVG 386 01.31.2007 no virus found
BitDefender 7.2 02.01.2007 no virus found
CAT-QuickHeal 9.00 01.31.2007 no virus found
ClamAV devel-20060426 02.01.2007 Trojan.Proxy.Horst-438
DrWeb 4.33 02.01.2007 no virus found
eSafe 7.0.14.0 01.31.2007 no virus found
eTrust-InoculateIT 30.4.3363 02.01.2007 no virus found
eTrust-Vet 30.4.3363 02.01.2007 Win32/Boxed!generic
Ewido 4.0 01.31.2007 no virus found
Fortinet 2.85.0.0 02.01.2007 no virus found
F-Prot 4.2.1.29 02.01.2007 no virus found
Ikarus T3.1.0.31 02.01.2007 no virus found
Kaspersky 4.0.2.24 02.01.2007 no virus found
McAfee 4953 01.31.2007 no virus found
Microsoft 1.2101 02.01.2007 no virus found
NOD32v2 2025 02.01.2007 no virus found
Norman 5.80.02 01.31.2007 W32/Malware
Panda 9.0.0.4 02.01.2007 Suspicious file
Prevx1 V2 02.01.2007 no virus found
Sophos 4.13.0 01.31.2007 no virus found
Sunbelt 2.2.907.0 02.01.2007 no virus found
Symantec 10 02.01.2007 no virus found
TheHacker 6.0.3.161 02.01.2007 no virus found
UNA 1.83 01.31.2007 no virus found
VBA32 3.11.2 02.01.2007 suspected of Trojan-Proxy.Horst.170 (paranoid heuristics)
VirusBuster 4.3.19:9 01.31.2007 no virus found

Aditional Information
File size: 49152 bytes
MD5: 66647e9567b366e4ab358b3123e112a2
SHA1: c187a55fb72c81fb15ca9e7d4df67711667d111d
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* File length: 49152 bytes.

[ Process/window information ]
* Modifies other process memory.
* Modifies execution flow of a remote process.

Geser
02.02.2007, 18:26
AntiVir 7.3.1.34 02.02.2007 BDS/Haxdoor.LQ
Authentium 4.93.8 02.01.2007 W32/Backdoor.ACIC
Avast 4.7.936.0 02.01.2007 no virus found
AVG 386 02.01.2007 BackDoor.Generic4.QBO
BitDefender 7.2 02.02.2007 no virus found
CAT-QuickHeal 9.00 02.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.02.2007 no virus found
DrWeb 4.33 02.02.2007 BackDoor.Haxdoor.423
eSafe 7.0.14.0 02.02.2007 Win32.Haxdoor.lq
eTrust-InoculateIT 30.4.3364 02.02.2007 no virus found
eTrust-Vet 30.4.3364 02.02.2007 no virus found
Ewido 4.0 02.01.2007 Backdoor.Haxdoor.lq
Fortinet 2.85.0.0 02.02.2007 W32/Haxdoor.LQ!tr.bdr
F-Prot 4.2.1.29 02.01.2007 W32/Backdoor.ACIC
Ikarus T3.1.0.31 02.02.2007 Backdoor.Win32.Haxdoor.lq
Kaspersky 4.0.2.24 02.02.2007 Backdoor.Win32.Haxdoor.lq
McAfee 4954 02.01.2007 no virus found
Microsoft 1.2101 02.02.2007 no virus found
NOD32v2 2030 02.02.2007 unpack error
Norman 5.80.02 02.02.2007 no virus found
Panda 9.0.0.4 02.02.2007 Bck/BeastDoor.HF
Prevx1 V2 02.02.2007 Covert.Sys.Exec
Sophos 4.13.0 02.02.2007 no virus found
Sunbelt 2.2.907.0 02.01.2007 Haxdoor.Fam
Symantec 10 02.02.2007 no virus found
TheHacker 6.0.3.162 02.02.2007 Backdoor/Haxdoor.lq
UNA 1.83 02.01.2007 Backdoor.Haxdoor.D5A4
VBA32 3.11.2 02.02.2007 MalwareScope.Trojan-PSW.Pinch.2
VirusBuster 4.3.19:9 02.02.2007 novirus:Packed/FSG

Winsent
02.02.2007, 23:16
Complete scanning result of "happy.rar", received in VirusTotal at 02.02.2007, 21:07:37 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.34 02.02.2007 no virus found
Authentium 4.93.8 02.02.2007 could be a corrupted executable file
Avast 4.7.936.0 02.01.2007 no virus found
AVG 386 02.02.2007 no virus found
BitDefender 7.2 02.02.2007 no virus found
CAT-QuickHeal 9.00 02.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.02.2007 no virus found
DrWeb 4.33 02.02.2007 BACKDOOR.PWS.Trojan
eSafe 7.0.14.0 02.02.2007 Suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3364 02.02.2007 no virus found
eTrust-Vet 30.4.3364 02.02.2007 no virus found
Ewido 4.0 02.02.2007 no virus found
Fortinet 2.85.0.0 02.02.2007 suspicious
F-Prot 4.2.1.29 02.01.2007 no virus found
Ikarus T3.1.0.31 02.02.2007 no virus found
Kaspersky 4.0.2.24 02.02.2007 no virus found
McAfee 4955 02.02.2007 no virus found
Microsoft 1.2101 02.02.2007 no virus found
NOD32v2 2031 02.02.2007 no virus found
Norman 5.80.02 02.02.2007 no virus found
Panda 9.0.0.4 02.02.2007 Suspicious file
Prevx1 V2 02.02.2007 no virus found
Sophos 4.13.0 02.02.2007 Mal/Packer
Sunbelt 2.2.907.0 02.01.2007 VIPRE.Suspicious
Symantec 10 02.02.2007 no virus found
TheHacker 6.0.3.162 02.02.2007 no virus found
UNA 1.83 02.01.2007 Win32.CRYPT.virus
VBA32 3.11.2 02.02.2007 no virus found
VirusBuster 4.3.19:9 02.02.2007 novirus:Packed/Yoda

Aditional Information
File size: 280660 bytes
MD5: 54ce29bd8d11567c363765965118b9f8
SHA1: a2e727235ecd92dfc16e46e0256d63411f10a93e
packers: YODA
packers: Yoda
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
04.02.2007, 11:48
Complete scanning result of "girl.exe", received in VirusTotal at 02.04.2007, 09:44:35 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.34 02.03.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 02.03.2007 no virus found
Avast 4.7.936.0 02.03.2007 no virus found
AVG 386 02.04.2007 no virus found
BitDefender 7.2 02.04.2007 Trojan.Dropper.Zlob.C
CAT-QuickHeal 9.00 02.03.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.03.2007 no virus found
DrWeb 4.33 02.04.2007 no virus found
eSafe 7.0.14.0 02.03.2007 Suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3364 02.02.2007 no virus found
eTrust-Vet 30.3.3366 02.03.2007 no virus found
Ewido 4.0 02.03.2007 no virus found
Fortinet 2.85.0.0 02.04.2007 suspicious
F-Prot 4.2.1.29 02.03.2007 no virus found
Ikarus T3.1.0.31 02.04.2007 no virus found
Kaspersky 4.0.2.24 02.04.2007 Trojan.Win32.Crypt.g
McAfee 4955 02.02.2007 W32/NGVCK.a
Microsoft 1.2101 02.04.2007 no virus found
NOD32v2 2035 02.03.2007 no virus found
Norman 5.80.02 02.02.2007 no virus found
Panda 9.0.0.4 02.04.2007 Suspicious file
Prevx1 V2 02.04.2007 no virus found
Sophos 4.13.0 02.02.2007 no virus found
Sunbelt 2.2.907.0 02.02.2007 VIPRE.Suspicious
Symantec 10 02.04.2007 no virus found
TheHacker 6.0.3.162 02.02.2007 no virus found
UNA 1.83 02.03.2007 no virus found
VBA32 3.11.2 02.03.2007 Trojan-PSW.Win32.LdPinch.bgi
VirusBuster 4.3.19:9 02.03.2007 no virus found

Aditional Information
File size: 28672 bytes
MD5: 32c1c78019c2225ff4806cf6bc8643c5
SHA1: c5ee4f6f1a704c2d61720440755bf6416c347e30
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Surfer
06.02.2007, 19:29
Complete scanning result of "happy.exe", received in VirusTotal at 02.06.2007, 17:20:39 (CET).

AntiVir 7.3.1.34 02.06.2007 no virus found
Authentium 4.93.8 02.06.2007 no virus found
Avast 4.7.936.0 02.06.2007 no virus found
AVG 386 02.06.2007 no virus found
BitDefender 7.2 02.05.2007 Win32.Worm.IM.Sramota.G
CAT-QuickHeal 9.00 02.06.2007 no virus found
ClamAV devel-20060426 02.06.2007 no virus found
DrWeb 4.33 02.06.2007 Win32.HLLM.Fire
eSafe 7.0.14.0 02.06.2007 no virus found
eTrust-InoculateIT 30.4.3372 02.06.2007 no virus found
eTrust-Vet 30.4.3372 02.06.2007 no virus found
Ewido 4.0 02.06.2007 Worm.Sramota.e
Fortinet 2.85.0.0 02.06.2007 no virus found
F-Prot 4.2.1.29 02.06.2007 no virus found
Ikarus T3.1.0.31 02.06.2007 no virus found
Kaspersky 4.0.2.24 02.06.2007 no virus found
McAfee 4956 02.05.2007 no virus found
Microsoft 1.2101 02.06.2007 no virus found
NOD32v2 2040 02.06.2007 a variant of Win32/Sramota
Norman 5.80.02 02.06.2007 no virus found
Panda 9.0.0.4 02.06.2007 Suspicious file
Prevx1 V2 02.06.2007 no virus found
Sophos 4.13.0 02.05.2007 no virus found
Sunbelt 2.2.907.0 02.02.2007 no virus found
Symantec 10 02.06.2007 no virus found
TheHacker 6.1.6.052 02.05.2007 no virus found
UNA 1.83 02.06.2007 no virus found
VBA32 3.11.2 02.06.2007 no virus found
VirusBuster 4.3.19:9 02.06.2007 no virus found

Aditional Information
File size: 380416 bytes
MD5: bbf4c002e6a8a877b7868e5fed6e93aa
SHA1: 835e6b28673b5f26b0d8493a84a607114430b689

Geser
06.02.2007, 23:44
Antivirus Version Update Result
AntiVir 7.3.1.34 02.06.2007 TR/Agent.5120.30
Authentium 4.93.8 02.06.2007 Possibly a new variant of W32/new-malware!Maximus
Avast 4.7.936.0 02.06.2007 Win32:BZub-AU
AVG 386 02.06.2007 no virus found
BitDefender 7.2 02.05.2007 DeepScan:Generic.Malware.dld!!.866D5D22
CAT-QuickHeal 9.00 02.06.2007 no virus found
ClamAV devel-20060426 02.06.2007 no virus found
DrWeb 4.33 02.06.2007 no virus found
eSafe 7.0.14.0 02.06.2007 suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3372 02.06.2007 no virus found
eTrust-Vet 30.4.3372 02.06.2007 no virus found
Ewido 4.0 02.06.2007 no virus found
Fortinet 2.85.0.0 02.06.2007 suspicious
F-Prot 4.2.1.29 02.06.2007 W32/new-malware!Maximus
Ikarus T3.1.0.31 02.06.2007 MalwareScope.Trojan-Spy.BZub.3
Kaspersky 4.0.2.24 02.06.2007 no virus found
McAfee 4957 02.06.2007 no virus found
Microsoft 1.2101 02.06.2007 PWS:Win32/Bzup.gen
NOD32v2 2041 02.06.2007 a variant of Win32/Spy.BZub
Norman 5.80.02 02.06.2007 no virus found
Panda 9.0.0.4 02.06.2007 Suspicious file
Prevx1 V2 02.06.2007 no virus found
Sophos 4.13.0 02.05.2007 Mal/Cimuz-A
Sunbelt 2.2.907.0 02.02.2007 VIPRE.Suspicious
Symantec 10 02.06.2007 no virus found
TheHacker 6.1.6.052 02.05.2007 no virus found
UNA 1.83 02.06.2007 no virus found
VBA32 3.11.2 02.06.2007 MalwareScope.Trojan-Spy.BZub.3
VirusBuster 4.3.19:9 02.06.2007 Trojan.DR.BZub.Gen.5

Shu_b
07.02.2007, 15:58
Герои дня...

Complete scanning result of "svchost.exe", received in VirusTotal at 02.07.2007, 13:44:19 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.34 02.07.2007 no virus found
Authentium 4.93.8 02.07.2007 no virus found
Avast 4.7.936.0 02.06.2007 no virus found
AVG 386 02.06.2007 no virus found
BitDefender 7.2 02.05.2007 no virus found
CAT-QuickHeal 9.00 02.07.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.07.2007 no virus found
DrWeb 4.33 02.07.2007 no virus found
eSafe 7.0.14.0 02.07.2007 suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3374 02.07.2007 no virus found
eTrust-Vet 30.4.3374 02.07.2007 no virus found
Ewido 4.0 02.06.2007 no virus found
Fortinet 2.85.0.0 02.07.2007 suspicious
F-Prot 4.2.1.29 02.07.2007 no virus found
F-Secure 6.70.13030.0 02.07.2007 W32/Suspicious_F.gen
Ikarus T3.1.0.31 02.07.2007 no virus found
Kaspersky 4.0.2.24 02.07.2007 no virus found
McAfee 4957 02.06.2007 no virus found
Microsoft 1.2101 02.07.2007 no virus found
NOD32v2 2043 02.07.2007 no virus found
Norman 5.80.02 02.06.2007 W32/Suspicious_F.gen
Panda 9.0.0.4 02.07.2007 Suspicious file
Prevx1 V2 02.07.2007 no virus found
Sophos 4.13.0 02.05.2007 Mal/Packer
Sunbelt 2.2.907.0 02.02.2007 VIPRE.Suspicious
Symantec 10 02.07.2007 no virus found
TheHacker 6.1.6.053 02.07.2007 no virus found
UNA 1.83 02.06.2007 no virus found
VBA32 3.11.2 02.07.2007 no virus found
VirusBuster 4.3.19:9 02.06.2007 novirus:Packed/FSG

Aditional Information
File size: 5000 bytes
MD5: d202d3700618b409f70302b89e7e7962
SHA1: 7430bba46aa68f04b56c8d66fd89d3c19f83b687
packers: FSG

Complete scanning result of "partnership.dll", received in VirusTotal at 02.07.2007, 13:44:19 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.34 02.07.2007 HEUR/Malware
Authentium 4.93.8 02.07.2007 no virus found
Avast 4.7.936.0 02.06.2007 no virus found
AVG 386 02.06.2007 no virus found
BitDefender 7.2 02.05.2007 no virus found
CAT-QuickHeal 9.00 02.07.2007 no virus found
ClamAV devel-20060426 02.07.2007 no virus found
DrWeb 4.33 02.07.2007 BACKDOOR.Trojan
eSafe 7.0.14.0 02.07.2007 suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3374 02.07.2007 no virus found
eTrust-Vet 30.4.3374 02.07.2007 Win32/Hsow!generic
Ewido 4.0 02.06.2007 no virus found
Fortinet 2.85.0.0 02.07.2007 suspicious
F-Prot 4.2.1.29 02.07.2007 no virus found
F-Secure 6.70.13030.0 02.07.2007 no virus found
Ikarus T3.1.0.31 02.07.2007 Trojan-Spy.Win32.Banker.ahy
Kaspersky 4.0.2.24 02.07.2007 no virus found
McAfee 4957 02.06.2007 Proxy-Agent.ai
Microsoft 1.2101 02.07.2007 no virus found
NOD32v2 2043 02.07.2007 a variant of Win32/TrojanProxy.Xorpix
Norman 5.80.02 02.06.2007 W32/Suspicious_U.gen
Panda 9.0.0.4 02.07.2007 Suspicious file
Prevx1 V2 02.07.2007 no virus found
Sophos 4.13.0 02.05.2007 Mal/Packer
Sunbelt 2.2.907.0 02.02.2007 VIPRE.Suspicious
Symantec 10 02.07.2007 no virus found
TheHacker 6.1.6.053 02.07.2007 no virus found
UNA 1.83 02.06.2007 no virus found
VBA32 3.11.2 02.07.2007 no virus found
VirusBuster 4.3.19:9 02.06.2007 novirus:Packed/Upack

Aditional Information
File size: 13351 bytes
MD5: d37c87bb8cd8229c4c878e752e46eeeb
SHA1: 6074ddf6e898dd19c145e2d201bca5928b3ff6e8
packers: UPACK


Complete scanning result of "svchctrl.exe", received in VirusTotal at 02.07.2007, 13:38:39 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.34 02.07.2007 TR/Crypt.ULPM.Gen
Authentium 4.93.8 02.07.2007 no virus found
Avast 4.7.936.0 02.06.2007 no virus found
AVG 386 02.06.2007 BackDoor.Generic4.XY
BitDefender 7.2 02.05.2007 no virus found
CAT-QuickHeal 9.00 02.07.2007 no virus found
ClamAV devel-20060426 02.07.2007 no virus found
DrWeb 4.33 02.07.2007 no virus found
eSafe 7.0.14.0 02.07.2007 suspicious Trojan/Worm
eTrust-InoculateIT 30.4.3374 02.07.2007 no virus found
eTrust-Vet 30.4.3374 02.07.2007 no virus found
Ewido 4.0 02.06.2007 no virus found
Fortinet 2.85.0.0 02.07.2007 BDoor.CYL!tr.bdr
F-Prot 4.2.1.29 02.07.2007 no virus found
F-Secure 6.70.13030.0 02.07.2007 W32/Smalldoor.NWU
Ikarus T3.1.0.31 02.07.2007 Backdoor.Win32.ShBot.b
Kaspersky 4.0.2.24 02.07.2007 no virus found
McAfee 4957 02.06.2007 BackDoor-CYL
Microsoft 1.2101 02.07.2007 no virus found
NOD32v2 2043 02.07.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 02.06.2007 W32/Smalldoor.NWU
Panda 9.0.0.4 02.07.2007 Trj/Shellbot.AK
Prevx1 V2 02.07.2007 no virus found
Sophos 4.13.0 02.05.2007 no virus found
Sunbelt 2.2.907.0 02.02.2007 no virus found
Symantec 10 02.07.2007 Backdoor.Shellbot
TheHacker 6.1.6.053 02.07.2007 no virus found
UNA 1.83 02.06.2007 no virus found
VBA32 3.11.2 02.07.2007 no virus found
VirusBuster 4.3.19:9 02.06.2007 no virus found

Aditional Information
File size: 11264 bytes
MD5: ffd07878b6e9b88dde0e69646432eaab
SHA1: 6b7450171ef185bc53771010e19298480fd8bd09
packers: UPX

Geser
07.02.2007, 22:07
Complete scanning result of "avz00001.dta", received in VirusTotal at 02.07.2007, 20:01:54 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.34 02.07.2007 no virus found
Authentium 4.93.8 02.07.2007 no virus found
Avast 4.7.936.0 02.07.2007 no virus found
AVG 386 02.07.2007 no virus found
BitDefender 7.2 02.07.2007 no virus found
CAT-QuickHeal 9.00 02.07.2007 no virus found
ClamAV devel-20060426 02.07.2007 no virus found
DrWeb 4.33 02.07.2007 Trojan.Sender
eSafe 7.0.14.0 02.07.2007 no virus found
eTrust-InoculateIT 30.4.3374 02.07.2007 no virus found
eTrust-Vet 30.4.3374 02.07.2007 no virus found
Ewido 4.0 02.06.2007 no virus found
Fortinet 2.85.0.0 02.07.2007 no virus found
F-Prot 4.2.1.29 02.07.2007 no virus found
F-Secure 6.70.13030.0 02.07.2007 no virus found
Ikarus T3.1.0.31 02.07.2007 Trojan.Sender
Kaspersky 4.0.2.24 02.07.2007 no virus found
McAfee 4958 02.07.2007 no virus found
Microsoft 1.2101 02.07.2007 no virus found
NOD32v2 2043 02.07.2007 no virus found
Norman 5.80.02 02.07.2007 no virus found
Panda 9.0.0.4 02.07.2007 no virus found
Prevx1 V2 02.07.2007 no virus found
Sophos 4.13.0 02.05.2007 no virus found
Sunbelt 2.2.907.0 02.02.2007 no virus found
Symantec 10 02.07.2007 no virus found
TheHacker 6.1.6.053 02.07.2007 no virus found
UNA 1.83 02.07.2007 no virus found
VBA32 3.11.2 02.07.2007 Trojan.Sender
VirusBuster 4.3.19:9 02.07.2007 no virus found

CENT
10.02.2007, 08:59
Complete scanning result of "SetupDurakFull.exe", received in VirusTotal at 02.10.2007, 06:38:11 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 no virus found
Authentium 4.93.8 02.09.2007 no virus found
Avast 4.7.936.0 02.09.2007 no virus found
AVG 386 02.09.2007 no virus found
BitDefender 7.2 02.10.2007 no virus found
CAT-QuickHeal 9.00 02.09.2007 no virus found
ClamAV devel-20060426 02.09.2007 no virus found
DrWeb 4.33 02.09.2007 no virus found
eSafe 7.0.14.0 02.09.2007 no virus found
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.09.2007 no virus found
Fortinet 2.85.0.0 02.10.2007 no virus found
F-Prot 4.2.1.29 02.09.2007 no virus found
F-Secure 6.70.13030.0 02.10.2007 no virus found
Ikarus T3.1.0.31 02.10.2007 Backdoor.Win32.Nerte.76
Kaspersky 4.0.2.24 02.10.2007 no virus found
McAfee 4960 02.09.2007 no virus found
Microsoft 1.2204 02.10.2007 no virus found
NOD32v2 2049 02.10.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.09.2007 no virus found
Prevx1 V2 02.10.2007 no virus found
Sophos 4.13.0 02.08.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.10.2007 no virus found
TheHacker 6.1.6.055 02.09.2007 no virus found
UNA 1.83 02.09.2007 no virus found
VBA32 3.11.2 02.09.2007 no virus found
VirusBuster 4.3.19:9 02.09.2007 no virus found

Aditional Information
File size: 6583701 bytes
MD5: cb5a66732e2e3172fca141bd6a620fec
SHA1: 2282dfb8299fd63ff3ff731bcb5c17295ae5cf59

Geser
10.02.2007, 11:06
08:59:48 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 TR/Crypt.PCMM.Gen
Authentium 4.93.8 02.09.2007 no virus found
Avast 4.7.936.0 02.09.2007 no virus found
AVG 386 02.09.2007 no virus found
BitDefender 7.2 02.10.2007 no virus found
CAT-QuickHeal 9.00 02.09.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.09.2007 no virus found
DrWeb 4.33 02.09.2007 BackDoor.Mailbot
eSafe 7.0.14.0 02.09.2007 Win32.SdBot.beb
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.09.2007 Backdoor.SdBot.beb
Fortinet 2.85.0.0 02.10.2007 W32/SDBot.BEB!tr.bdr
F-Prot 4.2.1.29 02.09.2007 no virus found
F-Secure 6.70.13030.0 02.10.2007 Backdoor.Win32.SdBot.beb
Ikarus T3.1.0.31 02.10.2007 Backdoor.Win32.SdBot.beb
Kaspersky 4.0.2.24 02.10.2007 Backdoor.Win32.SdBot.beb
McAfee 4960 02.09.2007 W32/Sdbot.worm!76714
Microsoft 1.2204 02.10.2007 no virus found
NOD32v2 2049 02.10.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.09.2007 W32/Sdbot.JKF.worm
Prevx1 V2 02.10.2007 no virus found
Sophos 4.13.0 02.08.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 VIPRE.Suspicious
Symantec 10 02.10.2007 no virus found
TheHacker 6.1.6.055 02.09.2007 no virus found
UNA 1.83 02.09.2007 Backdoor.SdBot.1217
VBA32 3.11.2 02.09.2007 Backdoor.Win32.SdBot.beb
VirusBuster 4.3.19:9 02.09.2007 no virus found

saicat
10.02.2007, 13:37
Complete scanning result of "msg.nyNVvm", received in VirusTotal at 02.10.2007, 11:27:26 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 TR/Dldr.iBill.L
Authentium 4.93.8 02.09.2007 W32/Downloader.BBAV
Avast 4.7.936.0 02.09.2007 no virus found
AVG 386 02.09.2007 no virus found
BitDefender 7.2 02.10.2007 no virus found
CAT-QuickHeal 9.00 02.09.2007 no virus found
ClamAV devel-20060426 02.10.2007 no virus found
DrWeb 4.33 02.09.2007 no virus found
eSafe 7.0.14.0 02.09.2007 no virus found
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.09.2007 no virus found
Fortinet 2.85.0.0 02.10.2007 suspicious
F-Prot 4.2.1.29 02.09.2007 W32/Downloader.BBAV
F-Secure 6.70.13030.0 02.10.2007 no virus found
Ikarus T3.1.0.31 02.10.2007 no virus found
Kaspersky 4.0.2.24 02.10.2007 no virus found
McAfee 4960 02.09.2007 New Win32
Microsoft 1.2204 02.10.2007 no virus found
NOD32v2 2049 02.10.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.09.2007 Suspicious file
Prevx1 V2 02.10.2007 no virus found
Sophos 4.13.0 02.08.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.10.2007 no virus found
TheHacker 6.1.6.055 02.09.2007 no virus found
UNA 1.83 02.09.2007 no virus found
VBA32 3.11.2 02.09.2007 suspected of I-Worm (double extension)
VirusBuster 4.3.19:9 02.09.2007 no virus found

Aditional Information
File size: 15309 bytes
MD5: 2d07870d80655861f25bb91989f85d09
SHA1: 7e3e1320480d899263b284e5a84492f6b2eaf2ea

Geser
10.02.2007, 17:54
15:48:22 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 no virus found
Authentium 4.93.8 02.09.2007 no virus found
Avast 4.7.936.0 02.09.2007 no virus found
AVG 386 02.09.2007 no virus found
BitDefender 7.2 02.10.2007 Adware.MyWebSearch.AU
CAT-QuickHeal 9.00 02.09.2007 no virus found
ClamAV devel-20060426 02.10.2007 Adware.Mywebsearch-2
DrWeb 4.33 02.10.2007 no virus found
eSafe 7.0.14.0 02.09.2007 no virus found
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.10.2007 no virus found
Fortinet 2.85.0.0 02.10.2007 W32/MyWebSearch
F-Prot 4.2.1.29 02.09.2007 no virus found
F-Secure 6.70.13030.0 02.10.2007 no virus found
Ikarus T3.1.0.31 02.10.2007 not-a-virus:AdWare.Win32.MyWebSearch
Kaspersky 4.0.2.24 02.10.2007 not-a-virus:AdTool.Win32.MyWebSearch
McAfee 4960 02.09.2007 potentially unwanted program MWS
Microsoft 1.2204 02.10.2007 no virus found
NOD32v2 2050 02.10.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.10.2007 Application/MyWebSearch
Prevx1 V2 02.10.2007 no virus found
Sophos 4.13.0 02.08.2007 MyWebSearch
Sunbelt 2.2.907.0 02.09.2007 MyWebSearch Toolbar
Symantec 10 02.10.2007 no virus found
TheHacker 6.1.6.055 02.09.2007 no virus found
UNA 1.83 02.09.2007 no virus found
VBA32 3.11.2 02.09.2007 no virus found
VirusBuster 4.3.19:9 02.09.2007 no virus found

Winsent
11.02.2007, 11:39
Complete scanning result of "foto.rar", received in VirusTotal at 02.11.2007, 09:35:26 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.36 02.09.2007 TR/PSW.LdPinch.bmh
Authentium 4.93.8 02.09.2007 no virus found
Avast 4.7.936.0 02.11.2007 no virus found
AVG 386 02.10.2007 PSW.Ldpinch.EJI
BitDefender 7.2 02.11.2007 no virus found
CAT-QuickHeal 9.00 02.09.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.10.2007 no virus found
DrWeb 4.33 02.10.2007 Trojan.PWS.LDPinch.1423
eSafe 7.0.14.0 02.09.2007 Win32.LdPinch.bmh
eTrust-Vet 30.4.3384 02.10.2007 no virus found
Ewido 4.0 02.10.2007 Trojan.LdPinch.bmh
Fortinet 2.85.0.0 02.11.2007 W32/LdPinch.BMH!tr.pws
F-Prot 4.2.1.29 02.09.2007 no virus found
F-Secure 6.70.13030.0 02.10.2007 Trojan-PSW.Win32.LdPinch.bmh
Ikarus T3.1.0.31 02.11.2007 no virus found
Kaspersky 4.0.2.24 02.11.2007 Trojan-PSW.Win32.LdPinch.bmh
McAfee 4960 02.09.2007 no virus found
Microsoft 1.2204 02.11.2007 no virus found
NOD32v2 2051 02.10.2007 no virus found
Norman 5.80.02 02.09.2007 no virus found
Panda 9.0.0.4 02.10.2007 Suspicious file
Prevx1 V2 02.11.2007 no virus found
Sophos 4.13.0 02.08.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.11.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 Trojan/PSW.LdPinch.bmh
UNA 1.83 02.09.2007 no virus found
VBA32 3.11.2 02.10.2007 Trojan-PSW.Win32.LdPinch.bmh
VirusBuster 4.3.19:9 02.10.2007 no virus found

Aditional Information
File size: 29180 bytes
MD5: d1ba2c7856a3be5559a76bfdd1eade6e
SHA1: 89cb4bf8f76b618d662ab4b16e5a97a2ac3c5ff6

Winsent
12.02.2007, 18:49
Complete scanning result of "flash.exe", received in VirusTotal at 02.12.2007, 16:44:55 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.36 02.12.2007 DIAL/30835.A
Authentium 4.93.8 02.12.2007 no virus found
Avast 4.7.936.0 02.12.2007 no virus found
AVG 386 02.12.2007 no virus found
BitDefender 7.2 02.12.2007 Trojan.Dropper.Zlob.C
CAT-QuickHeal 9.00 02.12.2007 no virus found
ClamAV devel-20060426 02.12.2007 no virus found
DrWeb 4.33 02.12.2007 Trojan.MulDrop.5509
eSafe 7.0.14.0 02.12.2007 Win32.LdPinch.bia
eTrust-Vet 30.4.3391 02.12.2007 no virus found
Ewido 4.0 02.11.2007 no virus found
Fortinet 2.85.0.0 02.12.2007 W32/LdPinch.BIA!tr.pws
F-Prot 4.2.1.29 02.12.2007 no virus found
F-Secure 6.70.13030.0 02.12.2007 Trojan-PSW.Win32.LdPinch.bia
Ikarus T3.1.0.31 02.12.2007 Trojan-PWS.Win32.LdPinch.bia
Kaspersky 4.0.2.24 02.12.2007 Trojan-PSW.Win32.LdPinch.bia
McAfee 4960 02.09.2007 no virus found
Microsoft 1.2204 02.12.2007 no virus found
NOD32v2 2055 02.12.2007 no virus found
Norman 5.80.02 02.12.2007 no virus found
Panda 9.0.0.4 02.12.2007 Suspicious file
Prevx1 V2 02.12.2007 no virus found
Sophos 4.13.0 02.12.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.12.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.09.2007 no virus found
VBA32 3.11.2 02.11.2007 Trojan.MulDrop.5509
VirusBuster 4.3.19:9 02.12.2007 no virus found

Aditional Information
File size: 30219 bytes
MD5: eaf40e9230cf1de78a8a8f50bbca5b7d
SHA1: 19c1ffd9ff9f6139bb9595dc9463299788bf05c6

anton_dr
13.02.2007, 14:09
Из темы http://virusinfo.info/showthread.php?t=7935
Complete scanning result of "avz00001.dta", received in VirusTotal at 02.13.2007, 11:34:20 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.36 02.13.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 02.12.2007 W32/PWStealer.FJQ
Avast 4.7.936.0 02.12.2007 no virus found
AVG 386 02.12.2007 PSW.Generic3.CWB
BitDefender 7.2 02.13.2007 no virus found
CAT-QuickHeal 9.00 02.13.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.12.2007 no virus found
DrWeb 4.33 02.13.2007 Trojan.PWS.Pero
eSafe 7.0.14.0 02.12.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3394 02.13.2007 no virus found
Ewido 4.0 02.12.2007 Trojan.Ceda.a
Fortinet 2.85.0.0 02.13.2007 suspicious
F-Prot 4.2.1.29 02.12.2007 W32/PWStealer.FJQ
F-Secure 6.70.13030.0 02.13.2007 Trojan-PSW.Win32.Ceda.a
Ikarus T3.1.0.31 02.13.2007 no virus found
Kaspersky 4.0.2.24 02.13.2007 Trojan-PSW.Win32.Ceda.a
McAfee 4961 02.12.2007 no virus found
Microsoft 1.2204 02.13.2007 TrojanDownloader:Win32/Clagger.gen!B
NOD32v2 2056 02.12.2007 probably a variant of Win32/Genetik
Norman 5.80.02 02.13.2007 Suspicious_F.gen
Panda 9.0.0.4 02.13.2007 Suspicious file
Prevx1 V2 02.13.2007 Trojan.SystemPoser
Sophos 4.13.0 02.12.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 VIPRE.Suspicious
Symantec 10 02.13.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.09.2007 no virus found
VBA32 3.11.2 02.12.2007 no virus found
VirusBuster 4.3.19:9 02.12.2007 novirus:Packed/FSG

Aditional Information
File size: 27021 bytes
MD5: 4243b966baff1c80fb72ee5485858089
SHA1: 324dd146ca237096acdc78b81a855c9f05f34058
packers: FSG
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=fbc175572579
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Geser
13.02.2007, 22:05
Complete scanning result of "msrdwint.exe", received in VirusTotal at 02.13.2007, 19:50:54 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.13.2007 no virus found
Authentium 4.93.8 02.12.2007 no virus found
Avast 4.7.936.0 02.13.2007 no virus found
AVG 386 02.13.2007 no virus found
BitDefender 7.2 02.13.2007 no virus found
CAT-QuickHeal 9.00 02.13.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.13.2007 no virus found
DrWeb 4.33 02.13.2007 Win32.HLLM.Limar
eSafe 7.0.14.0 02.12.2007 Suspicious Trojan/Worm
eTrust-Vet 30.4.3394 02.13.2007 no virus found
Ewido 4.0 02.13.2007 no virus found
Fortinet 2.85.0.0 02.13.2007 suspicious
F-Prot 4.2.1.29 02.12.2007 no virus found
F-Secure 6.70.13030.0 02.13.2007 no virus found
Ikarus T3.1.0.31 02.13.2007 Backdoor.Win32.Agobot.NQ
Kaspersky 4.0.2.24 02.13.2007 no virus found
McAfee 4961 02.12.2007 New Malware.n
Microsoft 1.2204 02.13.2007 no virus found
NOD32v2 2057 02.13.2007 a variant of Win32/Stration.XJ
Norman 5.80.02 02.13.2007 no virus found
Panda 9.0.0.4 02.13.2007 Suspicious file
Prevx1 V2 02.13.2007 Malware:SysCovert
Sophos 4.14.0 02.13.2007 Mal/Packer
Sunbelt 2.2.907.0 02.09.2007 VIPRE.Suspicious
Symantec 10 02.13.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.13.2007 no virus found
VBA32 3.11.2 02.13.2007 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.19:9 02.13.2007 novirus:Packed/Upack

anton_dr
13.02.2007, 22:51
Complete scanning result of "avz00006.dta", received in VirusTotal at 02.13.2007, 20:22:46 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.13.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 02.12.2007 no virus found
Avast 4.7.936.0 02.13.2007 no virus found
AVG 386 02.13.2007 no virus found
BitDefender 7.2 02.13.2007 no virus found
CAT-QuickHeal 9.00 02.13.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.13.2007 no virus found
DrWeb 4.33 02.13.2007 no virus found
eSafe 7.0.14.0 02.12.2007 Suspicious Trojan/Worm
eTrust-Vet 30.4.3394 02.13.2007 no virus found
Ewido 4.0 02.13.2007 no virus found
Fortinet 2.85.0.0 02.13.2007 suspicious
F-Prot 4.2.1.29 02.12.2007 no virus found
F-Secure 6.70.13030.0 02.13.2007 no virus found
Ikarus T3.1.0.31 02.13.2007 no virus found
Kaspersky 4.0.2.24 02.13.2007 no virus found
McAfee 4961 02.12.2007 no virus found
Microsoft 1.2204 02.13.2007 no virus found
NOD32v2 2057 02.13.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 02.13.2007 no virus found
Panda 9.0.0.4 02.13.2007 no virus found
Prevx1 V2 02.13.2007 Worm.Beagle.DZ
Sophos 4.14.0 02.13.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.13.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.13.2007 no virus found
VBA32 3.11.2 02.13.2007 no virus found
VirusBuster 4.3.19:9 02.13.2007 no virus found

Aditional Information
File size: 51131 bytes
MD5: 1c3e1e796c98e60c2c8b91e48e401c23
SHA1: 4cf32a92de29a80b420d09de327999050136de16
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=31eb77103843

anton_dr
13.02.2007, 22:52
Complete scanning result of "avz00003.dta", received in VirusTotal at 02.13.2007, 20:22:02 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.13.2007 TR/Dldr.Stration.Gen
Authentium 4.93.8 02.12.2007 no virus found
Avast 4.7.936.0 02.13.2007 no virus found
AVG 386 02.13.2007 no virus found
BitDefender 7.2 02.13.2007 no virus found
CAT-QuickHeal 9.00 02.13.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.13.2007 no virus found
DrWeb 4.33 02.13.2007 Win32.HLLM.Beagle
eSafe 7.0.14.0 02.12.2007 Suspicious Trojan/Worm
eTrust-Vet 30.4.3394 02.13.2007 no virus found
Ewido 4.0 02.13.2007 no virus found
Fortinet 2.85.0.0 02.13.2007 suspicious
F-Prot 4.2.1.29 02.12.2007 no virus found
F-Secure 6.70.13030.0 02.13.2007 no virus found
Ikarus T3.1.0.31 02.13.2007 no virus found
Kaspersky 4.0.2.24 02.13.2007 no virus found
McAfee 4961 02.12.2007 no virus found
Microsoft 1.2204 02.13.2007 no virus found
NOD32v2 2057 02.13.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 02.13.2007 no virus found
Panda 9.0.0.4 02.13.2007 no virus found
Prevx1 V2 02.13.2007 Malware.Trojan.Backdoor.Gen
Sophos 4.14.0 02.13.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.13.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.13.2007 no virus found
VBA32 3.11.2 02.13.2007 no virus found
VirusBuster 4.3.19:9 02.13.2007 no virus found

Aditional Information
File size: 22192 bytes
MD5: 2b9bb0434814b7ea3556dd8648cc5669
SHA1: b869f85ffe96f9be1aa595e79dc2d357d5d1c876
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=391077103630

anton_dr
13.02.2007, 23:03
Это не хотел постить, но результат ВБА удивил.

Complete scanning result of "avz00005.dta", received in VirusTotal at 02.13.2007, 20:55:03 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.13.2007 TR/Dldr.Bagle.BH
Authentium 4.93.8 02.12.2007 W32/Mitglieder.VK
Avast 4.7.936.0 02.13.2007 no virus found
AVG 386 02.13.2007 I-Worm/Bagle
BitDefender 7.2 02.13.2007 Trojan.Downloader.Bagle.AS
CAT-QuickHeal 9.00 02.13.2007 no virus found
ClamAV devel-20060426 02.13.2007 Trojan.Downloader-548
DrWeb 4.33 02.13.2007 Win32.HLLM.Beagle
eSafe 7.0.14.0 02.12.2007 no virus found
eTrust-Vet 30.4.3394 02.13.2007 Win32/Glieder.EH
Ewido 4.0 02.13.2007 no virus found
Fortinet 2.85.0.0 02.13.2007 W32/Bagle.BH!tr.dldr
F-Prot 4.2.1.29 02.12.2007 W32/Mitglieder.VK
F-Secure 6.70.13030.0 02.13.2007 Trojan-Downloader.Win32.Bagle.bh
Ikarus T3.1.0.31 02.13.2007 Trojan-Downloader.Win32.Bagle.bh
Kaspersky 4.0.2.24 02.13.2007 Trojan-Downloader.Win32.Bagle.bh
McAfee 4961 02.12.2007 W32/Bagle.gen
Microsoft 1.2204 02.13.2007 Win32/Bagle.gen!encrypted
NOD32v2 2057 02.13.2007 Win32/Bagle.HJ
Norman 5.80.02 02.13.2007 W32/Mitglied.ACA
Panda 9.0.0.4 02.13.2007 Trj/Mitglieder.ME
Prevx1 V2 02.13.2007 no virus found
Sophos 4.14.0 02.13.2007 Mal/Bagpk-A
Sunbelt 2.2.907.0 02.09.2007 VIPRE.Suspicious
Symantec 10 02.13.2007 Trojan.Tooso.R
TheHacker 6.1.6.056 02.11.2007 Trojan/Downloader.Bagle.bh
UNA 1.83 02.13.2007 TrojanDownloader.Win32.Bagle.A227
VBA32 3.11.2 02.13.2007 no virus found
VirusBuster 4.3.19:9 02.13.2007 Trojan.DL.Bagle.LJ

Aditional Information
File size: 1958746 bytes
MD5: ab26d999ae025c410a2b721cb25be695
SHA1: 16f075f768d0aa2bfe8dca51bb077934fb2f52f7
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

anton_dr
13.02.2007, 23:04
Complete scanning result of "avz00002.dta", received in VirusTotal at 02.13.2007, 20:54:08 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.13.2007 TR/Rkit.Bagle.GL
Authentium 4.93.8 02.12.2007 no virus found
Avast 4.7.936.0 02.13.2007 no virus found
AVG 386 02.13.2007 no virus found
BitDefender 7.2 02.13.2007 no virus found
CAT-QuickHeal 9.00 02.13.2007 no virus found
ClamAV devel-20060426 02.13.2007 no virus found
DrWeb 4.33 02.13.2007 no virus found
eSafe 7.0.14.0 02.12.2007 no virus found
eTrust-Vet 30.4.3394 02.13.2007 no virus found
Ewido 4.0 02.13.2007 no virus found
Fortinet 2.85.0.0 02.13.2007 suspicious
F-Prot 4.2.1.29 02.12.2007 no virus found
F-Secure 6.70.13030.0 02.13.2007 Email-Worm.Win32.Bagle.hj
Ikarus T3.1.0.31 02.13.2007 no virus found
Kaspersky 4.0.2.24 02.13.2007 Email-Worm.Win32.Bagle.hj
McAfee 4961 02.12.2007 NTRootKit-W
Microsoft 1.2204 02.13.2007 no virus found
NOD32v2 2057 02.13.2007 a variant of Win32/Bagle
Norman 5.80.02 02.13.2007 no virus found
Panda 9.0.0.4 02.13.2007 no virus found
Prevx1 V2 02.13.2007 Bagle.Rootkit
Sophos 4.14.0 02.13.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.13.2007 no virus found
TheHacker 6.1.6.056 02.11.2007 no virus found
UNA 1.83 02.13.2007 no virus found
VBA32 3.11.2 02.13.2007 no virus found
VirusBuster 4.3.19:9 02.13.2007 no virus found

Aditional Information
File size: 69248 bytes
MD5: a3769f16f8a603eced9ef13ffa9e312f
SHA1: d2248764a45d38125050cc95693c7334e7e441f5
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=5a2f77103519

MedvedD
14.02.2007, 13:09
scanning result of "winzlo32.dll", received in VirusTotal at 02.14.2007, 11:03:53 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.14.2007 TR/Crypt.PEC2X.Gen
Authentium 4.93.8 02.14.2007 no virus found
Avast 4.7.936.0 02.14.2007 no virus found
AVG 386 02.14.2007 Generic3.AGG
BitDefender 7.2 02.14.2007 no virus found
CAT-QuickHeal 9.00 02.13.2007 no virus found
ClamAV devel-20060426 02.14.2007 no virus found
DrWeb 4.33 02.14.2007 no virus found
eSafe 7.0.14.0 02.14.2007 Win32.Agent.qt
eTrust-Vet 30.4.3397 02.14.2007 no virus found
Ewido 4.0 02.13.2007 no virus found
Fortinet 2.85.0.0 02.14.2007 W32/Agent.QT!tr
F-Prot 4.2.1.29 02.14.2007 no virus found
F-Secure 6.70.13030.0 02.14.2007 Trojan.Win32.Agent.qt
Ikarus T3.1.0.31 02.14.2007 Trojan.Win32.Agent.qt
Kaspersky 4.0.2.24 02.14.2007 Trojan.Win32.Agent.qt
McAfee 4962 02.13.2007 BackDoor-CVT
Microsoft 1.2204 02.14.2007 no virus found
NOD32v2 2059 02.14.2007 a variant of Win32/Agent.QT
Norman 5.80.02 02.14.2007 W32/Agent.dam
Panda 9.0.0.4 02.14.2007 Suspicious file
Prevx1 V2 02.14.2007 no virus found
Sophos 4.14.0 02.13.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 VIPRE.Suspicious
Symantec 10 02.14.2007 no virus found
TheHacker 6.1.6.057 02.14.2007 Trojan/Agent.qt
UNA 1.83 02.13.2007 no virus found
VBA32 3.11.2 02.13.2007 no virus found
VirusBuster 4.3.19:9 02.14.2007 no virus found


Aditional Information
File size: 18432 bytes
MD5: b5fa8436d10db4252e3bc03f9de95458
SHA1: d9ebb3f031fa05c30df11a467a2fcc04cffcaf48
packers: PECOMPACT
packers: PecBundle, PECompact
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Что характерно, два дня назад его никто не обнаруживал..

saicat
15.02.2007, 01:40
Complete scanning result of "access-dvd1183.exe", received in VirusTotal at 02.14.2007, 23:28:31 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.14.2007 no virus found
Authentium 4.93.8 02.14.2007 no virus found
Avast 4.7.936.0 02.14.2007 no virus found
AVG 386 02.14.2007 no virus found
BitDefender 7.2 02.14.2007 no virus found
CAT-QuickHeal 9.00 02.14.2007 no virus found
ClamAV devel-20060426 02.14.2007 no virus found
DrWeb 4.33 02.14.2007 no virus found
eSafe 7.0.14.0 02.14.2007 no virus found
eTrust-Vet 30.4.3397 02.14.2007 no virus found
Ewido 4.0 02.14.2007 no virus found
Fortinet 2.85.0.0 02.14.2007 no virus found
F-Prot 4.2.1.29 02.14.2007 no virus found
F-Secure 6.70.13030.0 02.14.2007 W32/Malware.IFN
Ikarus T3.1.0.31 02.14.2007 no virus found
Kaspersky 4.0.2.24 02.14.2007 no virus found
McAfee 4963 02.14.2007 no virus found
Microsoft 1.2204 02.14.2007 password protected
NOD32v2 2061 02.14.2007 the file is probably password protected.
Norman 5.80.02 02.14.2007 no virus found
Panda 9.0.0.4 02.14.2007 no virus found
Prevx1 V2 02.14.2007 no virus found
Sophos 4.14.0 02.13.2007 no virus found
Sunbelt 2.2.907.0 02.09.2007 no virus found
Symantec 10 02.14.2007 no virus found
TheHacker 6.1.6.057 02.14.2007 no virus found
UNA 1.83 02.14.2007 no virus found
VBA32 3.11.2 02.14.2007 MalwareScope.Worm.Warezov.7
VirusBuster 4.3.19:9 02.14.2007 no virus found

Aditional Information
File size: 197799 bytes
MD5: 081e0dfd0fee8ba2efb4e69c87221285
SHA1: d775cbe62ac3c672202bfd07ef79a1f5a39264d5
packers: BINARYRES, UPX, BINARYRES

Shu_b
15.02.2007, 14:11
Complete scanning result of "ndis.sys", received in VirusTotal at 02.15.2007, 11:12:53 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.15.2007 no virus found
Authentium 4.93.8 02.15.2007 no virus found
Avast 4.7.936.0 02.14.2007 no virus found
AVG 386 02.14.2007 no virus found
BitDefender 7.2 02.15.2007 Trojan.Agent.AJH
CAT-QuickHeal 9.00 02.15.2007 SpamTool.Agent.u (Not a Virus)
ClamAV devel-20060426 02.15.2007 no virus found
DrWeb 4.33 02.15.2007 no virus found
eSafe 7.0.14.0 02.14.2007 no virus found
eTrust-Vet 30.4.3400 02.15.2007 no virus found
Ewido 4.0 02.14.2007 no virus found
Fortinet 2.85.0.0 02.15.2007 suspicious
F-Prot 4.2.1.29 02.15.2007 no virus found
F-Secure 6.70.13030.0 02.15.2007 SpamTool.Win32.Agent.y
Ikarus T3.1.0.31 02.15.2007 no virus found
Kaspersky 4.0.2.24 02.15.2007 SpamTool.Win32.Agent.y
McAfee 4963 02.14.2007 no virus found
Microsoft 1.2204 02.15.2007 Spammer:Win32/Mailbot.P
NOD32v2 2062 02.15.2007 a variant of Win32/Spabot.NAC
Norman 5.80.02 02.14.2007 no virus found
Panda 9.0.0.4 02.15.2007 no virus found
Prevx1 V2 02.15.2007 no virus found
Sophos 4.14.0 02.13.2007 no virus found
Sunbelt 2.2.907.0 02.15.2007 no virus found
Symantec 10 02.15.2007 no virus found
TheHacker 6.1.6.057 02.14.2007 no virus found
UNA 1.83 02.14.2007 SpamTool.Win32.Agent.2889
VBA32 3.11.2 02.14.2007 no virus found
VirusBuster 4.3.19:9 02.14.2007 no virus found

Aditional Information
File size: 274564 bytes
MD5: 036adf7c154ecf2ff14e55fb664fffcc
SHA1: 1137f4601593773336fa42e08535bc9355c24e56
packers: UPX
packers: BINARYRES, UPX
packers: UPX

CKYHC
18.02.2007, 05:34
Прикреплён в соответствии с правилами.
Лог на Virustotal - вот.
Есть зверь или ругается на пакер - непонятно, ибо Upack-анпекера нет.
Файл сохранён как 070218_053653_rld-wfkg_45d7bbc5ee5fb.rar
Размер файла 1812
MD5 9f34f530fb24e661b32637ee7a79d1eb

Complete scanning result of "rld-wfkg.exe", received in VirusTotal at 02.18.2007, 03:27:34 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.17.2007 no virus found
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.17.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.17.2007 no virus found
DrWeb 4.33 02.17.2007 no virus found
eSafe 7.0.14.0 02.16.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3408 02.17.2007 no virus found
Ewido 4.0 02.17.2007 no virus found
Fortinet 2.85.0.0 02.17.2007 suspicious
F-Prot 4.2.1.29 02.16.2007 no virus found
F-Secure 6.70.13030.0 02.17.2007 no virus found
Ikarus T3.1.0.31 02.17.2007 Trojan-Dropper.Win32.Agent.ane
Kaspersky 4.0.2.24 02.18.2007 no virus found
McAfee 4965 02.16.2007 no virus found
Microsoft 1.2204 02.17.2007 no virus found
NOD32v2 2067 02.17.2007 no virus found
Norman 5.80.02 02.16.2007 W32/Suspicious_U.gen
Panda 9.0.0.4 02.17.2007 Suspicious file
Prevx1 V2 02.18.2007 no virus found
Sophos 4.14.0 02.16.2007 Mal/Packer
Sunbelt 2.2.907.0 02.17.2007 VIPRE.Suspicious
Symantec 10 02.18.2007 no virus found
TheHacker 6.1.6.059 02.16.2007 no virus found
UNA 1.83 02.16.2007 no virus found
VBA32 3.11.2 02.17.2007 no virus found
VirusBuster 4.3.19:9 02.17.2007 novirus:Packed/Upack

Aditional Information
File size: 2027 bytes
MD5: 914c221671792964f666a4864d9000f1
SHA1: a206bfec16b3f8dfc35fbab9d2961f088a0d9c0b
packers: UPACK
packers: UPack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
========================

add: ложное срабатывание

Muffler
19.02.2007, 03:52
Complete scanning result of "fail.scr", received in VirusTotal at 02.19.2007, 01:48:37 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.18.2007 HEUR/Crypted
Authentium 4.93.8 02.16.2007 no virus found
Avast 4.7.936.0 02.18.2007 no virus found
AVG 386 02.18.2007 no virus found
BitDefender 7.2 02.18.2007 no virus found
CAT-QuickHeal 9.00 02.16.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.18.2007 no virus found
DrWeb 4.33 02.18.2007 no virus found
eSafe 7.0.14.0 02.18.2007 no virus found
eTrust-Vet 30.4.3410 02.18.2007 no virus found
Ewido 4.0 02.18.2007 no virus found
Fortinet 2.85.0.0 02.18.2007 suspicious
F-Prot 4.2.1.29 02.16.2007 no virus found
F-Secure 6.70.13030.0 02.18.2007 no virus found
Ikarus T3.1.0.31 02.18.2007 no virus found
Kaspersky 4.0.2.24 02.19.2007 no virus found
McAfee 4965 02.16.2007 no virus found
Microsoft 1.2204 02.18.2007 no virus found
NOD32v2 2069 02.18.2007 no virus found
Norman 5.80.02 02.16.2007 no virus found
Panda 9.0.0.4 02.18.2007 Suspicious file
Prevx1 V2 02.19.2007 no virus found
Sophos 4.14.0 02.19.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 VIPRE.Suspicious
TheHacker 6.1.6.059 02.16.2007 no virus found
UNA 1.83 02.16.2007 no virus found
VBA32 3.11.2 02.18.2007 no virus found
VirusBuster 4.3.19:9 02.18.2007 no virus found

Aditional Information
File size: 51147 bytes
MD5: 4ccfbe54d9c49077a988082804d56ea5
SHA1: 0164d8376693f5f0680a69aafe9378e8911414b1
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

После обновления баз по КАВ это будет Trojan-PSW.Win32.LdPinch.bmk

mvlab
20.02.2007, 01:34
Complete scanning result of "jkhhe.2ll", received in VirusTotal at 02.19.2007, 23:21:13 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.19.2007 TR/Vundo.Gen
Authentium 4.93.8 02.19.2007 no virus found
Avast 4.7.936.0 02.19.2007 no virus found
AVG 386 02.19.2007 no virus found
BitDefender 7.2 02.19.2007 MemScan:Trojan.Vundo.W
CAT-QuickHeal 9.00 02.19.2007 no virus found
ClamAV devel-20060426 02.19.2007 no virus found
DrWeb 4.33 02.19.2007 Trojan.Virtumod
eSafe 7.0.14.0 02.19.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3412 02.19.2007 no virus found
Ewido 4.0 02.19.2007 no virus found
FileAdvisor 1 02.19.2007 no virus found
Fortinet 2.85.0.0 02.19.2007 suspicious
F-Prot 4.2.1.29 02.19.2007 no virus found
F-Secure 6.70.13030.0 02.19.2007 no virus found
Ikarus T3.1.0.31 02.19.2007 Trojan.Vundo.W
Kaspersky 4.0.2.24 02.19.2007 no virus found
McAfee 4966 02.19.2007 no virus found
Microsoft 1.2204 02.19.2007 no virus found
NOD32v2 2070 02.19.2007 no virus found
Norman 5.80.02 02.19.2007 no virus found
Panda 9.0.0.4 02.19.2007 no virus found
Prevx1 V2 02.19.2007 no virus found
Sophos 4.14.0 02.19.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 VIPRE.Suspicious
Symantec 10 02.19.2007 Trojan.Vundo
TheHacker 6.1.6.060 02.19.2007 no virus found
UNA 1.83 02.19.2007 no virus found
VBA32 3.11.2 02.19.2007 Adware.Virtumonde
VirusBuster 4.3.19:9 02.19.2007 Adware.Vundo.Gen!Pac3


Aditional Information
File size: 277059 bytes
MD5: 5b41e6272a35e6eac178426484a20fef
SHA1: 84e41ddca116c518d3e066630b880e0824442173
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Shu_b
20.02.2007, 16:14
t=8032
Complete scanning result of "higehsg.dll", received in VirusTotal at 02.20.2007, 13:20:11 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.20.2007 no virus found
Authentium 4.93.8 02.19.2007 no virus found
Avast 4.7.936.0 02.19.2007 no virus found
AVG 386 02.19.2007 Generic3.AHO
BitDefender 7.2 02.20.2007 no virus found
CAT-QuickHeal 9.00 02.20.2007 Hoax.Renos.na (Not a Virus)
ClamAV devel-20060426 02.20.2007 no virus found
DrWeb 4.33 02.20.2007 Trojan.Fakealert.236
eSafe 7.0.14.0 02.20.2007 no virus found
eTrust-Vet 30.4.3414 02.20.2007 Win32/Spax!generic
Ewido 4.0 02.19.2007 no virus found
FileAdvisor 1 02.20.2007 no virus found
Fortinet 2.85.0.0 02.20.2007 FakeAlert.G!tr
F-Prot 4.2.1.29 02.19.2007 no virus found
F-Secure 6.70.13030.0 02.20.2007 no virus found
Ikarus T3.1.0.31 02.20.2007 no virus found
Kaspersky 4.0.2.24 02.20.2007 no virus found
McAfee 4966 02.19.2007 FakeAlert-G
Microsoft 1.2204 02.20.2007 no virus found
NOD32v2 2072 02.20.2007 Win32/Hoax.Renos.NAP
Norman 5.80.02 02.20.2007 W32/Renos.IV
Panda 9.0.0.4 02.20.2007 no virus found
Prevx1 V2 02.20.2007 Generic.Zlob!DL
Sophos 4.14.0 02.19.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 Trojan.FakeAlert
Symantec 10 02.20.2007 no virus found
TheHacker 6.1.6.061 02.20.2007 no virus found
UNA 1.83 02.20.2007 no virus found
VBA32 3.11.2 02.19.2007 suspected of Downloader.Zlob.28 (paranoid heuristics)
VirusBuster 4.3.19:9 02.19.2007 no virus found

Aditional Information
File size: 20992 bytes
MD5: af9a727cb610c8569e5b1a8c15a15b8d
SHA1: 7e63cd2fe98be1e34f6a5bbe6953dfb5d99c611f

Logan
21.02.2007, 01:15
Ложное срабатывание

Скачал программу FAST Defrag внутри есть файлик close.com AVZ закричал Warezov, закинул на VirusTotal:
AntiVir 7.3.1.37 02.20.2007 no virus found
Authentium 4.93.8 02.19.2007 no virus found
Avast 4.7.936.0 02.20.2007 no virus found
AVG 386 02.20.2007 no virus found
BitDefender 7.2 02.20.2007 Trojan.Spy.Keysave.B
CAT-QuickHeal 9.00 02.20.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.20.2007 no virus found
DrWeb 4.33 02.20.2007 no virus found
eSafe 7.0.14.0 02.20.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3414 02.20.2007 no virus found
Ewido 4.0 02.20.2007 Worm.Warezov.fh
FileAdvisor 1 02.20.2007 no virus found
Fortinet 2.85.0.0 02.20.2007 W32/Stration.FH@mm
F-Prot 4.2.1.29 02.19.2007 no virus found
F-Secure 6.70.13030.0 02.20.2007 no virus found
Ikarus T3.1.0.31 02.20.2007 Trojan-Spy.Win32.KeySave
Kaspersky 4.0.2.24 02.20.2007 no virus found
McAfee 4967 02.20.2007 no virus found
Microsoft 1.2204 02.20.2007 no virus found
NOD32v2 2072 02.20.2007 no virus found
Norman 5.80.02 02.20.2007 no virus found
Panda 9.0.0.4 02.20.2007 no virus found
Prevx1 V2 02.20.2007 no virus found
Sophos 4.14.0 02.19.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 VIPRE.Suspicious
Symantec 10 02.20.2007 no virus found
TheHacker 6.1.6.061 02.20.2007 no virus found
UNA 1.83 02.20.2007 I-Worm.Warezov.fh
VBA32 3.11.2 02.20.2007 Email-Worm.Win32.Warezov.fh
VirusBuster 4.3.19:9 02.20.2007 no virus found

Отослал [email protected] действительно клин :)

Shu_b
21.02.2007, 09:55
из t=8046

Complete scanning result of "brrotate.dll", received in VirusTotal at 02.21.2007, 07:45:50 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.20.2007 HEUR/Malware
Authentium 4.93.8 02.19.2007 no virus found
Avast 4.7.936.0 02.20.2007 no virus found
AVG 386 02.20.2007 no virus found
BitDefender 7.2 02.21.2007 no virus found
CAT-QuickHeal 9.00 02.20.2007 no virus found
ClamAV devel-20060426 02.20.2007 no virus found
DrWeb 4.33 02.20.2007 no virus found
eSafe 7.0.14.0 02.20.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3414 02.20.2007 no virus found
Ewido 4.0 02.20.2007 no virus found
FileAdvisor 1 02.21.2007 no virus found
Fortinet 2.85.0.0 02.21.2007 suspicious
F-Prot 4.2.1.29 02.19.2007 no virus found
F-Secure 6.70.13030.0 02.20.2007 no virus found
Ikarus T3.1.0.31 02.21.2007 no virus found
Kaspersky 4.0.2.24 02.21.2007 no virus found
McAfee 4967 02.20.2007 no virus found
Microsoft 1.2204 02.21.2007 no virus found
NOD32v2 2072 02.20.2007 no virus found
Norman 5.80.02 02.20.2007 no virus found
Panda 9.0.0.4 02.20.2007 Adware/AdRotator
Prevx1 V2 02.21.2007 no virus found
Sophos 4.14.0 02.19.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.21.2007 no virus found
TheHacker 6.1.6.062 02.21.2007 no virus found
UNA 1.83 02.20.2007 no virus found
VBA32 3.11.2 02.20.2007 no virus found
VirusBuster 4.3.19:9 02.20.2007 no virus found

Aditional Information
File size: 61440 bytes
MD5: 95f5983e3368f34aee4a2df3db3d0477
SHA1: ff7d4ad9e387570bb474618f69d06d5594405df6
packers: UPX
packers: UPX
packers: UPX


Complete scanning result of "xpupdate.exe", received in VirusTotal at 02.21.2007, 07:47:09 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.20.2007 TR/Peed.A.39
Authentium 4.93.8 02.19.2007 no virus found
Avast 4.7.936.0 02.20.2007 no virus found
AVG 386 02.20.2007 Downloader.Tibs
BitDefender 7.2 02.21.2007 Trojan.Peed.Gen
CAT-QuickHeal 9.00 02.20.2007 I-Worm.Zhelatine.ah
ClamAV devel-20060426 02.20.2007 no virus found
DrWeb 4.33 02.20.2007 Trojan.Packed.29
eSafe 7.0.14.0 02.20.2007 Suspicious Trojan/Worm
eTrust-Vet 30.4.3414 02.20.2007 Win32/Tibs!generic
Ewido 4.0 02.20.2007 no virus found
FileAdvisor 1 02.21.2007 no virus found
Fortinet 2.85.0.0 02.21.2007 suspicious
F-Prot 4.2.1.29 02.19.2007 no virus found
F-Secure 6.70.13030.0 02.20.2007 W32/Tibs.gen39
Ikarus T3.1.0.31 02.21.2007 Email-Worm.Win32.Zhelatin.ah
Kaspersky 4.0.2.24 02.21.2007 no virus found
McAfee 4967 02.20.2007 no virus found
Microsoft 1.2204 02.21.2007 no virus found
NOD32v2 2072 02.20.2007 Win32/Nuwar.gen
Norman 5.80.02 02.20.2007 W32/Tibs.gen39
Panda 9.0.0.4 02.20.2007 Adware/BraveSentry
Prevx1 V2 02.21.2007 Win32.Malware.gen
Sophos 4.14.0 02.19.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 VIPRE.Suspicious
Symantec 10 02.21.2007 no virus found
TheHacker 6.1.6.062 02.21.2007 no virus found
UNA 1.83 02.20.2007 no virus found
VBA32 3.11.2 02.20.2007 Worm.Win32.Nuwar.gen
VirusBuster 4.3.19:9 02.20.2007 Trojan.Tibs.Gen!Pac44

Shu_b
21.02.2007, 16:57
t=8056

Complete scanning result of "tuvsqrs.dll", received in VirusTotal at 02.21.2007, 13:56:11 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.21.2007 TR/Crypt.ULPM.Gen
Authentium 4.93.8 02.21.2007 no virus found
Avast 4.7.936.0 02.21.2007 no virus found
AVG 386 02.20.2007 no virus found
BitDefender 7.2 02.21.2007 MemScan:Adware.VirtuMonde.DY
CAT-QuickHeal 9.00 02.20.2007 no virus found
ClamAV devel-20060426 02.21.2007 no virus found
DrWeb 4.33 02.21.2007 Trojan.Virtumod
eSafe 7.0.14.0 02.20.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3417 02.21.2007 no virus found
Ewido 4.0 02.21.2007 no virus found
FileAdvisor 1 02.21.2007 no virus found
Fortinet 2.85.0.0 02.21.2007 suspicious
F-Prot 4.2.1.29 02.21.2007 no virus found
F-Secure 6.70.13030.0 02.21.2007 no virus found
Ikarus T3.1.0.31 02.21.2007 not-a-virus:AdWare.Win32.Virtumonde.ha
Kaspersky 4.0.2.24 02.21.2007 not-a-virus:AdWare.Win32.Virtumonde.ha
McAfee 4967 02.20.2007 no virus found
Microsoft 1.2204 02.21.2007 no virus found
NOD32v2 2072 02.20.2007 no virus found
Norman 5.80.02 02.21.2007 no virus found
Panda 9.0.0.4 02.20.2007 Suspicious file
Prevx1 V2 02.21.2007 no virus found
Sophos 4.14.0 02.21.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.21.2007 no virus found
TheHacker 6.1.6.062 02.21.2007 no virus found
UNA 1.83 02.20.2007 no virus found
VBA32 3.11.2 02.20.2007 no virus found
VirusBuster 4.3.19:9 02.20.2007 no virus found

Aditional Information
File size: 26637 bytes
MD5: f88ecb520077b1dbe8fbb4b45b4c455b
SHA1: de6d9f0ec5d06cec4394591409fabfd232183a72


Complete scanning result of "iifef.dll", received in VirusTotal at 02.21.2007, 14:33:14 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.21.2007 no virus found
Authentium 4.93.8 02.21.2007 no virus found
Avast 4.7.936.0 02.21.2007 no virus found
AVG 386 02.20.2007 Downloader.Zlob.FC
BitDefender 7.2 02.21.2007 MemScan:Adware.Virtumonde.EB
CAT-QuickHeal 9.00 02.20.2007 no virus found
ClamAV devel-20060426 02.21.2007 no virus found
DrWeb 4.33 02.21.2007 Trojan.Virtumod
eSafe 7.0.14.0 02.20.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3417 02.21.2007 no virus found
Ewido 4.0 02.21.2007 no virus found
FileAdvisor 1 02.21.2007 no virus found
Fortinet 2.85.0.0 02.21.2007 suspicious
F-Prot 4.2.1.29 02.21.2007 no virus found
F-Secure 6.70.13030.0 02.21.2007 no virus found
Ikarus T3.1.0.31 02.21.2007 no virus found
Kaspersky 4.0.2.24 02.21.2007 no virus found (not-a-virus:AdWare.Win32.Virtumonde.ha)*
McAfee 4967 02.20.2007 no virus found
Microsoft 1.2204 02.21.2007 no virus found
NOD32v2 2072 02.20.2007 no virus found
Norman 5.80.02 02.21.2007 no virus found
Panda 9.0.0.4 02.20.2007 Suspicious file
Prevx1 V2 02.21.2007 no virus found
Sophos 4.14.0 02.21.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.21.2007 no virus found
TheHacker 6.1.6.062 02.21.2007 no virus found
UNA 1.83 02.20.2007 no virus found
VBA32 3.11.2 02.20.2007 no virus found
VirusBuster 4.3.19:9 02.20.2007 Trojan.DL.Vundo.Gen!Pac.6

Aditional Information
File size: 281652 bytes
MD5: e0874ae53b943bf78ae30a9325235699
SHA1: 670030f9ff6c89762df22f96dd30c72eb181dffd

* по ответу вирлаба KAV

saicat
22.02.2007, 00:53
Complete scanning result of "x.exw", received in VirusTotal at 02.21.2007, 22:43:25 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.37 02.21.2007 TR/Rootkit.Gen
Authentium 4.93.8 02.21.2007 no virus found
Avast 4.7.936.0 02.21.2007 Win32:Agent-EXH
AVG 386 02.21.2007 no virus found
BitDefender 7.2 02.21.2007 no virus found
CAT-QuickHeal 9.00 02.21.2007 no virus found
ClamAV devel-20060426 02.21.2007 no virus found
DrWeb 4.33 02.21.2007 no virus found
eSafe 7.0.14.0 02.21.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3417 02.21.2007 no virus found
Ewido 4.0 02.21.2007 Rootkit.Small
FileAdvisor 1 02.21.2007 no virus found
Fortinet 2.85.0.0 02.21.2007 no virus found
F-Prot 4.2.1.29 02.21.2007 no virus found
F-Secure 6.70.13030.0 02.21.2007 no virus found
Ikarus T3.1.0.31 02.21.2007 no virus found
Kaspersky 4.0.2.24 02.21.2007 no virus found
McAfee 4968 02.21.2007 no virus found
Microsoft 1.2204 02.21.2007 no virus found
NOD32v2 2073 02.21.2007 no virus found
Norman 5.80.02 02.21.2007 no virus found
Panda 9.0.0.4 02.21.2007 Suspicious file
Prevx1 V2 02.21.2007 Downloader.Drev.A
Sophos 4.14.0 02.21.2007 no virus found
Sunbelt 2.2.907.0 02.17.2007 no virus found
Symantec 10 02.21.2007 no virus found
TheHacker 6.1.6.062 02.21.2007 no virus found
UNA 1.83 02.21.2007 no virus found
VBA32 3.11.2 02.20.2007 suspected of Embedded.Backdoor.Win32.Agent.aiu
VirusBuster 4.3.19:9 02.21.2007 no virus found

Aditional Information
File size: 13824 bytes
MD5: 4c058f13d8bafa55ad8e6499ab0c095d
SHA1: 251fd0028509cb4bc13caad29e602c8aabf264c4
packers: UPX
packers: UPX
packers: UPX, BINARYRES
packers: UPX
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=52c859786634

Surfer
23.02.2007, 20:22
Complete scanning result of "setup.exe", received in VirusTotal at 02.23.2007, 18:09:10 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.23.2007 DR/Zlob.Gen
Authentium 4.93.8 02.23.2007 no virus found
Avast 4.7.936.0 02.23.2007 no virus found
AVG 386 02.23.2007 no virus found
BitDefender 7.2 02.23.2007 no virus found
CAT-QuickHeal 9.00 02.23.2007 no virus found
ClamAV devel-20060426 02.22.2007 no virus found
DrWeb 4.33 02.23.2007 no virus found
eSafe 7.0.14.0 02.23.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3424 02.23.2007 no virus found
Ewido 4.0 02.23.2007 no virus found
FileAdvisor 1 02.23.2007 no virus found
Fortinet 2.85.0.0 02.23.2007 suspicious
F-Prot 4.3.1.45 02.22.2007 no virus found
F-Secure 6.70.13030.0 02.23.2007 no virus found
Ikarus T3.1.0.31 02.23.2007 no virus found
Kaspersky 4.0.2.24 02.23.2007 no virus found
McAfee 4969 02.22.2007 no virus found
Microsoft 1.2204 02.23.2007 no virus found
NOD32v2 2077 02.23.2007 no virus found
Norman 5.80.02 02.23.2007 no virus found
Panda 9.0.0.4 02.23.2007 no virus found
Prevx1 V2 02.23.2007 no virus found
Sophos 4.14.0 02.21.2007 no virus found
Sunbelt 2.2.907.0 02.22.2007 no virus found
Symantec 10 02.23.2007 no virus found
TheHacker 6.1.6.063 02.23.2007 no virus found
UNA 1.83 02.22.2007 no virus found
VBA32 3.11.2 02.22.2007 no virus found
VirusBuster 4.3.19:9 02.23.2007 no virus found

Aditional Information
File size: 61146 bytes
MD5: e0c7f961d8e8db449199a93c3b1a3900
SHA1: 172b4e5a32dfe08b177f72186b123641829674e6
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

urbanangel
26.02.2007, 00:51
Complete scanning result of "Photo.rar", received in VirusTotal at 02.25.2007,
18:51:54 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.25.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 02.25.2007 no virus found
Avast 4.7.936.0 02.23.2007 no virus found
AVG 386 02.25.2007 Win32/Ngvck
BitDefender 7.2 02.25.2007 no virus found
CAT-QuickHeal 9.00 02.24.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.25.2007 no virus found
DrWeb 4.33 02.25.2007 no virus found
eSafe 7.0.14.0 02.25.2007 Suspicious Trojan/Worm
eTrust-Vet 30.4.3424 02.23.2007 no virus found
Ewido 4.0 02.25.2007 Trojan.LdPinch.bkg
FileAdvisor 1 02.25.2007 no virus found
Fortinet 2.85.0.0 02.25.2007 W32/LdPinch.BKG!tr.pws
F-Prot 4.3.1.45 02.25.2007 no virus found
F-Secure 6.70.13030.0 02.25.2007 Trojan-PSW.Win32.LdPinch.bkg
Ikarus T3.1.0.31 02.25.2007 Trojan.Win32.Agent.aee
Kaspersky 4.0.2.24 02.25.2007 Trojan-PSW.Win32.LdPinch.bkg
McAfee 4970 02.23.2007 no virus found
Microsoft 1.2204 02.25.2007 no virus found
NOD32v2 2080 02.25.2007 no virus found
Norman 5.80.02 02.23.2007 no virus found
Panda 9.0.0.4 02.25.2007 Suspicious file
Prevx1 V2 02.25.2007 no virus found
Sophos 4.14.0 02.24.2007 no virus found
Sunbelt 2.2.907.0 02.24.2007 VIPRE.Suspicious
Symantec 10 02.25.2007 no virus found
TheHacker 6.1.6.064 02.25.2007 Trojan/PSW.LdPinch.bkg
UNA 1.83 02.23.2007 Trojan.PSW.Win32.LdPinch.C807
VBA32 3.11.2 02.24.2007 suspected of Trojan-PSW.Pinch.7 (paranoid heuristics)
VirusBuster 4.3.19:9 02.25.2007 no virus found

Aditional Information
File size: 32471 bytes
MD5: 2a2be2bafab184dfd68c0f7eeb42a95b
SHA1: dd08f991bbdc67260718cea698c9e412b40789d3
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that
are deemed suspicious through heuristics.

Kuzz
26.02.2007, 18:49
Симантек сегодня "порадовал":
Complete scanning result of "autoexec.ex_", received in VirusTotal at 02.26.2007, 16:33:11 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.26.2007 HEUR/Crypted
Authentium 4.93.8 02.25.2007 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.936.0 02.26.2007 no virus found
AVG 386 02.25.2007 no virus found
BitDefender 7.2 02.26.2007 no virus found
CAT-QuickHeal 9.00 02.26.2007 W32.Brontok.Q
ClamAV devel-20060426 02.26.2007 no virus found
DrWeb 4.33 02.26.2007 no virus found
eSafe 7.0.14.0 02.25.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3434 02.26.2007 no virus found
Ewido 4.0 02.26.2007 no virus found
FileAdvisor 1 02.26.2007 no virus found
Fortinet 2.85.0.0 02.26.2007 no virus found
F-Prot 4.3.1.45 02.26.2007 W32/Threat-HLLIM-based!Maximus
F-Secure 6.70.13030.0 02.26.2007 no virus found
Ikarus T3.1.1.3 02.26.2007 Backdoor.Win32.Ciadoor.N
Kaspersky 4.0.2.24 02.26.2007 no virus found
McAfee 4970 02.23.2007 no virus found
Microsoft 1.2204 02.26.2007 no virus found
NOD32v2 2081 02.26.2007 no virus found
Norman 5.80.02 02.26.2007 W32/Suspicious_M.gen
Panda 9.0.0.4 02.26.2007 Suspicious file
Prevx1 V2 02.26.2007 no virus found
Sophos 4.14.0 02.24.2007 Mal/Basine-A
Sunbelt 2.2.907.0 02.24.2007 VIPRE.Suspicious
Symantec 10 02.26.2007 no virus found
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.23.2007 no virus found
VBA32 3.11.2 02.25.2007 MalwareScope.Trojan-PSW.Pinch.6
VirusBuster 4.3.19:9 02.26.2007 novirus: Packed/MEW

Aditional Information
File size: 23884 bytes
MD5: f5d74a9696f24aeafdcde3e09a6eca24
SHA1: 6ad1bad5b2165a3eab1b440fe27273277131ab88
packers: MEW

два раза:

Complete scanning result of "avz00001.dta", received in VirusTotal at 02.26.2007, 16:36:59 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.26.2007 TR/Agent.36441
Authentium 4.93.8 02.25.2007 no virus found
Avast 4.7.936.0 02.26.2007 no virus found
AVG 386 02.25.2007 Downloader.Generic3.QQD
BitDefender 7.2 02.26.2007 Trojan.AVKiller.Agent.D
CAT-QuickHeal 9.00 02.26.2007 TrojanDownloader.Agent.awf
ClamAV devel-20060426 02.26.2007 no virus found
DrWeb 4.33 02.26.2007 Trojan.DownLoader.18943
eSafe 7.0.14.0 02.26.2007 Win32.Agent.awf
eTrust-Vet 30.4.3434 02.26.2007 no virus found
Ewido 4.0 02.26.2007 Downloader.Agent.awf
FileAdvisor 1 02.26.2007 no virus found
Fortinet 2.85.0.0 02.26.2007 W32/Tibs.gen
F-Prot 4.3.1.45 02.26.2007 no virus found
F-Secure 6.70.13030.0 02.26.2007 Trojan-Downloader.Win32.Agent.awf
Ikarus T3.1.1.3 02.26.2007 Trojan-Downloader.Win32.Agent.awf
Kaspersky 4.0.2.24 02.26.2007 Trojan-Downloader.Win32.Agent.awf
McAfee 4970 02.23.2007 no virus found
Microsoft 1.2204 02.26.2007 no virus found
NOD32v2 2081 02.26.2007 probably a variant of Win32/TrojanDownloader.Agent.AWF
Norman 5.80.02 02.26.2007 W32/DLoader.CBHX
Panda 9.0.0.4 02.26.2007 Trj/Lozyt.A
Prevx1 V2 02.26.2007 no virus found
Sophos 4.14.0 02.24.2007 no virus found
Sunbelt 2.2.907.0 02.24.2007 no virus found
Symantec 10 02.26.2007 no virus found
TheHacker 6.1.6.065 02.26.2007 Trojan/FakeMsg
UNA 1.83 02.23.2007 TrojanDownloader.Win32.Agent.241C
VBA32 3.11.2 02.25.2007 Trojan-Downloader.Win32.Agent.awf
VirusBuster 4.3.19:9 02.26.2007 Trojan.DL.Agent.SJJ

Aditional Information
File size: 37141 bytes
MD5: 56fa464c5d410675b72089f95f0690d1
SHA1: ea67d4be4d72ef7d18d57609f331fca774fc0522
packers: UPX
packers: UPX
packers: UPX

в результате чего скоропостижно скончался...:'-(

Shu_b
27.02.2007, 11:28
t=8163
Complete scanning result of "usr32.dll", received in VirusTotal at 02.27.2007, 09:19:16 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.27.2007 TR/Agent.AKR.8
Authentium 4.93.8 02.26.2007 no virus found
Avast 4.7.936.0 02.26.2007 Win32:Agent-EQR
AVG 386 02.25.2007 Downloader.Agent.IOY
BitDefender 7.2 02.27.2007 Trojan.Agent.AKR
CAT-QuickHeal 9.00 02.26.2007 no virus found
ClamAV devel-20060426 02.27.2007 no virus found
DrWeb 4.33 02.27.2007 no virus found
eSafe 7.0.14.0 02.27.2007 suspicious Trojan/Worm
eTrust-Vet 30.4.3438 02.27.2007 no virus found
Ewido 4.0 02.26.2007 Downloader.Agent.bga
FileAdvisor 1 02.27.2007 no virus found
Fortinet 2.85.0.0 02.27.2007 suspicious
F-Prot 4.3.1.45 02.26.2007 no virus found
F-Secure 6.70.13030.0 02.27.2007 Trojan-Downloader.Win32.Agent.bga
Ikarus T3.1.1.3 02.27.2007 no virus found
Kaspersky 4.0.2.24 02.27.2007 Trojan-Downloader.Win32.Agent.bga
McAfee 4971 02.26.2007 no virus found
Microsoft 1.2204 02.27.2007 no virus found
NOD32v2 2082 02.26.2007 no virus found
Norman 5.80.02 02.26.2007 W32/DLoader.CAFT
Panda 9.0.0.4 02.27.2007 Suspicious file
Prevx1 V2 02.27.2007 no virus found
Sophos 4.14.0 02.26.2007 Troj/Agent-ECG
Sunbelt 2.2.907.0 02.24.2007 VIPRE.Suspicious
Symantec 10 02.27.2007 no virus found
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.26.2007 TrojanDownloader.Win32.Agent.F8B6
VBA32 3.11.2 02.26.2007 Trojan-Downloader.Win32.Agent.bga
VirusBuster 4.3.19:9 02.26.2007 novirus:Packed/Upack

Aditional Information
File size: 4995 bytes
MD5: af7fd47b25284e9cda67aa6685ecaa61
SHA1: 0c0efd4dba99b2ab07ca17534e9eca01833561ef
packers: Upack

Winsent
27.02.2007, 13:55
Complete scanning result of "britney.rar", received in VirusTotal at 02.27.2007, 11:50:24 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.38 02.27.2007 TR/PSW.LdPinch.boi
Authentium 4.93.8 02.26.2007 no virus found
Avast 4.7.936.0 02.26.2007 no virus found
AVG 386 02.25.2007 no virus found
BitDefender 7.2 02.27.2007 no virus found
CAT-QuickHeal 9.00 02.26.2007 no virus found
ClamAV devel-20060426 02.27.2007 no virus found
DrWeb 4.33 02.27.2007 no virus found
eSafe 7.0.14.0 02.27.2007 no virus found
eTrust-Vet 30.4.3438 02.27.2007 no virus found
Ewido 4.0 02.27.2007 Downloader.Nurech.aa
FileAdvisor 1 02.27.2007 no virus found
Fortinet 2.85.0.0 02.27.2007 no virus found
F-Prot 4.3.1.45 02.26.2007 no virus found
F-Secure 6.70.13030.0 02.27.2007 Trojan-PSW.Win32.LdPinch.boi
Ikarus T3.1.1.3 02.27.2007 MalwareScope.Trojan-Spy.BZub.1
Kaspersky 4.0.2.24 02.27.2007 Trojan-PSW.Win32.LdPinch.boi
McAfee 4971 02.26.2007 MultiDropper-JD
Microsoft 1.2204 02.27.2007 no virus found
NOD32v2 2082 02.26.2007 no virus found
Norman 5.80.02 02.27.2007 no virus found
Panda 9.0.0.4 02.27.2007 no virus found
Prevx1 V2 02.27.2007 no virus found
Sophos 4.14.0 02.26.2007 Mal/Basine-A
Sunbelt 2.2.907.0 02.24.2007 no virus found
Symantec 10 02.27.2007 no virus found
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.26.2007 no virus found
VBA32 3.11.2 02.26.2007 suspected of Embedded.MalwareScope.Trojan-PSW.Pinch.26
VirusBuster 4.3.19:9 02.26.2007 novirus:Packed/FSG

Aditional Information
File size: 44179 bytes
MD5: c4b52934d5622deea62edd8ccab5c048
SHA1: 9d683933f7de07c9e2e595629c034d0a5326ee5d
packers: BINARYRES, FSG

Winsent
27.02.2007, 20:19
Complete scanning result of "Paris_Hilton.scr", received in VirusTotal at 02.27.2007, 18:12:38 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.38 02.27.2007 TR/PSW.LdPinch.bog
Authentium 4.93.8 02.26.2007 no virus found
Avast 4.7.936.0 02.27.2007 no virus found
AVG 7.5.0.441 02.27.2007 no virus found
BitDefender 7.2 02.27.2007 no virus found
CAT-QuickHeal 9.00 02.27.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.27.2007 no virus found
DrWeb 4.33 02.27.2007 Trojan.PWS.LDPinch.1407
eSafe 7.0.14.0 02.27.2007 Suspicious Trojan/Worm
eTrust-Vet 30.4.3438 02.27.2007 no virus found
Ewido 4.0 02.27.2007 Trojan.LdPinch.bog
FileAdvisor 1 02.27.2007 no virus found
Fortinet 2.85.0.0 02.27.2007 PossibleThreat
F-Prot 4.3.1.45 02.26.2007 no virus found
F-Secure 6.70.13030.0 02.27.2007 Trojan-PSW.Win32.LdPinch.bog
Ikarus T3.1.1.3 02.27.2007 no virus found
Kaspersky 4.0.2.24 02.27.2007 Trojan-PSW.Win32.LdPinch.bog
McAfee 4971 02.26.2007 New Poly Win32
Microsoft 1.2204 02.27.2007 no virus found
NOD32v2 2083 02.27.2007 no virus found
Norman 5.80.02 02.27.2007 no virus found
Panda 9.0.0.4 02.27.2007 Suspicious file
Prevx1 V2 02.27.2007 no virus found
Sophos 4.14.0 02.26.2007 no virus found
Sunbelt 2.2.907.0 02.24.2007 VIPRE.Suspicious
Symantec 10 02.27.2007 Infostealer
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.26.2007 no virus found
VBA32 3.11.2 02.26.2007 no virus found
VirusBuster 4.3.19:9 02.27.2007 no virus found

Aditional Information
File size: 33758 bytes
MD5: 719e2cc705df87c03826468c7797c2f3
SHA1: 16ec93296530819507ace53c2c62efb5d542a84a
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Dandy
27.02.2007, 23:05
Пришел по ICQ:

Complete scanning result of "ICQUpdate.exe", received in VirusTotal at 02.27.2007, 20:58:03 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.27.2007 TR/Crypt.XDR.Gen
Authentium 4.93.8 02.26.2007 no virus found
Avast 4.7.936.0 02.27.2007 no virus found
AVG 7.5.0.441 02.27.2007 no virus found
BitDefender 7.2 02.27.2007 no virus found
CAT-QuickHeal 9.00 02.27.2007 Trojan.Donn.U
ClamAV devel-20060426 02.27.2007 Trojan.Downloader-88
DrWeb 4.33 02.27.2007 no virus found
eSafe 7.0.14.0 02.27.2007 no virus found
eTrust-Vet 30.4.3438 02.27.2007 no virus found
Ewido 4.0 02.27.2007 no virus found
FileAdvisor 1 02.27.2007 no virus found
Fortinet 2.85.0.0 02.27.2007 suspicious
F-Prot 4.3.1.45 02.26.2007 no virus found
F-Secure 6.70.13030.0 02.27.2007 no virus found
Ikarus T3.1.1.3 02.27.2007 no virus found
Kaspersky 4.0.2.24 02.27.2007 no virus found
McAfee 4972 02.27.2007 no virus found
Microsoft 1.2204 02.27.2007 no virus found
NOD32v2 2083 02.27.2007 no virus found
Norman 5.80.02 02.27.2007 no virus found
Panda 9.0.0.4 02.27.2007 Suspicious file
Prevx1 V2 02.27.2007 no virus found
Sophos 4.14.0 02.26.2007 no virus found
Sunbelt 2.2.907.0 02.24.2007 no virus found
Symantec 10 02.27.2007 no virus found
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.27.2007 no virus found
VBA32 3.11.2 02.26.2007 suspected of Trojan-PSW.Pinch.23 (paranoid heuristics)
VirusBuster 4.3.19:9 02.27.2007 no virus found

Aditional Information
File size: 60891 bytes
MD5: dbf567de5884e8c18dadc15f02d9680a
SHA1: 70b5869c48469f34673142309ce84e0c035d6c1d
packers: ASPACK
packers: Aspack

Geser
28.02.2007, 20:50
Complete scanning result of "avz00001.dta", received in VirusTotal at 02.28.2007, 18:43:38 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 02.28.2007 TR/PSW.Small.BS.52
Authentium 4.93.8 02.27.2007 could be infected with an unknown virus
Avast 4.7.936.0 02.28.2007 no virus found
AVG 7.5.0.447 02.28.2007 PSW.Generic3.ESQ
BitDefender 7.2 02.28.2007 Trojan.PWS.Pinch.A
CAT-QuickHeal 9.00 02.28.2007 TrojanPSW.Small.bs
ClamAV devel-20060426 02.28.2007 no virus found
DrWeb 4.33 02.28.2007 Trojan.PWS.Haiuy
eSafe 7.0.14.0 02.28.2007 Win32.Polipos.sus
eTrust-Vet 30.6.3441 02.28.2007 Win32/Ursnif!generic
Ewido 4.0 02.28.2007 Trojan.Small.bs
FileAdvisor 1 02.28.2007 no virus found
Fortinet 2.85.0.0 02.28.2007 suspicious
F-Prot 4.3.1.45 02.28.2007 no virus found
F-Secure 6.70.13030.0 02.28.2007 Trojan-PSW.Win32.Small.bs
Ikarus T3.1.1.3 02.28.2007 Trojan-Downloader.Win32.Zlob.and
Kaspersky 4.0.2.24 02.28.2007 Trojan-PSW.Win32.Small.bs
McAfee 4972 02.27.2007 New Malware.aj
Microsoft 1.2204 02.28.2007 PWS:Win32/Agent.BC
NOD32v2 2085 02.28.2007 no virus found
Norman 5.80.02 02.28.2007 W32/Smalltroj.ZWV
Panda 9.0.0.4 02.28.2007 Trj/Spyforms.H
Prevx1 V2 02.28.2007 Malware.Trojan.Backdoor.Gen
Sophos 4.14.0 02.26.2007 Mal/Behav-027
Sunbelt 2.2.907.0 02.24.2007 VIPRE.Suspicious
Symantec 10 02.28.2007 Infostealer.Snifula.B
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.27.2007 Win32.virus
VBA32 3.11.2 02.27.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.19:9 02.28.2007 Packed/Upack

Winsent
28.02.2007, 22:28
Complete scanning result of "fail.exe", received in VirusTotal at 02.28.2007, 20:19:51 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.38 02.28.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 02.27.2007 no virus found
Avast 4.7.936.0 02.28.2007 no virus found
AVG 7.5.0.447 02.28.2007 no virus found
BitDefender 7.2 02.28.2007 no virus found
CAT-QuickHeal 9.00 02.28.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 02.28.2007 no virus found
DrWeb 4.33 02.28.2007 no virus found
eSafe 7.0.14.0 02.28.2007 no virus found
eTrust-Vet 30.6.3441 02.28.2007 no virus found
Ewido 4.0 02.28.2007 no virus found
FileAdvisor 1 02.28.2007 no virus found
Fortinet 2.85.0.0 02.28.2007 suspicious
F-Prot 4.3.1.45 02.28.2007 no virus found
F-Secure 6.70.13030.0 02.28.2007 W32/Malware
Ikarus T3.1.1.3 02.28.2007 no virus found
Kaspersky 4.0.2.24 02.28.2007 no virus found
McAfee 4973 02.28.2007 no virus found
Microsoft 1.2204 02.28.2007 no virus found
NOD32v2 2085 02.28.2007 probably a variant of Win32/PSW.LdPinch
Norman 5.80.02 02.28.2007 W32/Malware
Panda 9.0.0.4 02.28.2007 Suspicious file
Prevx1 V2 02.28.2007 no virus found
Sophos 4.14.0 02.26.2007 no virus found
Sunbelt 2.2.907.0 02.24.2007 VIPRE.Suspicious
Symantec 10 02.28.2007 no virus found
TheHacker 6.1.6.065 02.26.2007 no virus found
UNA 1.83 02.27.2007 no virus found
VBA32 3.11.2 02.27.2007 no virus found
VirusBuster 4.3.19:9 02.28.2007 no virus found

Aditional Information
File size: 52190 bytes
MD5: 838e6db101a1774b6b8079d2d4474b74
SHA1: 779078906b99ab7502b536f777b87cb45663790b
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* **Locates window "NULL [class AVP.AlertDialog]" on desktop.
* **Locates window "NULL [class AVP.AhAppChangedDialog]" on desktop.
* **Locates window "NULL [class AVP.AhLearnDialog]" on desktop.
* **Locates window "NULL [class AVP.Product_Notification]" on desktop.

[ Network ]
* Bypass installed firewall.

Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.



опять пинчи...

Complete scanning result of "britney1._xe", received in VirusTotal at 02.28.2007, 07:37:14 (CET).

Повтор... (http://virusinfo.info/showpost.php?p=97474&postcount=68)

[Shu] Спасибо, убрал.

Winsent
01.03.2007, 07:24
Complete scanning result of "Sex_Uniform.scr", received in VirusTotal at 03.01.2007, 05:18:35 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.38 02.28.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 02.28.2007 no virus found
Avast 4.7.936.0 02.28.2007 no virus found
AVG 7.5.0.447 02.28.2007 no virus found
BitDefender 7.2 03.01.2007 no virus found
CAT-QuickHeal 9.00 02.28.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.01.2007 no virus found
DrWeb 4.33 02.28.2007 Trojan.PWS.LDPinch.1417
eSafe 7.0.14.0 02.28.2007 Suspicious Trojan/Worm
eTrust-Vet 30.6.3443 02.28.2007 no virus found
Ewido 4.0 02.28.2007 no virus found
FileAdvisor 1 03.01.2007 no virus found
Fortinet 2.85.0.0 02.28.2007 suspicious
F-Prot 4.3.1.45 02.28.2007 no virus found
F-Secure 6.70.13030.0 02.28.2007 Trojan-PSW.Win32.LdPinch.bex
Ikarus T3.1.1.3 02.28.2007 no virus found
Kaspersky 4.0.2.24 03.01.2007 Trojan-PSW.Win32.LdPinch.bex
McAfee 4973 02.28.2007 New Poly Win32
Microsoft 1.2204 03.01.2007 no virus found
NOD32v2 2085 02.28.2007 a variant of Win32/PSW.LdPinch.NCB
Norman 5.80.02 02.28.2007 no virus found
Panda 9.0.0.4 02.28.2007 Suspicious file
Prevx1 V2 03.01.2007 no virus found
Sophos 4.14.0 03.01.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.01.2007 Bloodhound.W32.1
TheHacker 6.1.6.066 03.01.2007 no virus found
UNA 1.83 02.28.2007 no virus found
VBA32 3.11.2 02.28.2007 no virus found
VirusBuster 4.3.19:9 02.28.2007 no virus found

Aditional Information
File size: 24542 bytes
MD5: 8733c4c4e8b1c8e30294f0ca1bbc3d65
SHA1: 2c86ad5be6de42e359741af72df8f111592884b5
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Erekle
01.03.2007, 07:31
STATUS: FINISHEDComplete scanning result of "svcipa.exe", received in VirusTotal at 03.01.2007, 05:23:48 (CET).

Antivirus Version Update Result

AntiVir 7.3.1.38 02.28.2007 TR/Agent.36441
Authentium 4.93.8 02.28.2007 is a security risk or a "backdoor" program
Avast 4.7.936.0 02.28.2007 no virus found
AVG 7.5.0.447 02.28.2007 Downloader.Generic3.QQD
BitDefender 7.2 03.01.2007 Trojan.AVKiller.Agent.D
CAT-QuickHeal 9.00 02.28.2007 TrojanDownloader.Agent.awf
ClamAV devel-20060426 03.01.2007 no virus found
DrWeb 4.33 02.28.2007 Trojan.DownLoader.18943
eSafe 7.0.14.0 02.28.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3443 02.28.2007 Win32/Pidyay.A
Ewido 4.0 02.28.2007 Downloader.Agent.awf
FileAdvisor 1 03.01.2007 no virus found
Fortinet 2.85.0.0 02.28.2007 W32/Tibs.gen
F-Prot 4.3.1.45 02.28.2007 W32/Downloader
F-Secure 6.70.13030.0 02.28.2007 Trojan-Downloader.Win32.Agent.awf
Ikarus T3.1.1.3 02.28.2007 no virus found
Kaspersky 4.0.2.24 03.01.2007 Trojan-Downloader.Win32.Agent.awf
McAfee 4973 02.28.2007 no virus found
Microsoft 1.2204 03.01.2007 Trojan:Win32/Zonebac.A
NOD32v2 2085 02.28.2007 probably a variant of Win32/TrojanDownloader.Agent.AWF
Norman 5.80.02 02.28.2007 W32/DLoader.CBHX
Panda 9.0.0.4 02.28.2007 Trj/Lozyt.A
Prevx1 V2 03.01.2007 no virus found
Sophos 4.14.0 03.01.2007 Troj/Agent-ECV
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.01.2007 Trojan.Zonebac (а имеющийся "на страже" не замечает, хотя файл в памяти)
TheHacker 6.1.6.066 03.01.2007 Trojan/FakeMsg
UNA 1.83 02.28.2007 TrojanDownloader.Win32.Agent.241C
VBA32 3.11.2 02.28.2007 Trojan-Downloader.Win32.Agent.awf
VirusBuster 4.3.19:9 02.28.2007 Trojan.DL.Agent.SJJ

Aditional Information
File size: 36736 bytes
MD5: 60159534ec7ce9da0b55c98895ae3e00
SHA1: e54abed2d30ab4451505a06ddb56994ca248d291
packers: UPX
packers: UPX

anton_dr
01.03.2007, 20:18
Из темы http://virusinfo.info/showthread.php?t=8200

Complete scanning result of "avz00003.dta", received in VirusTotal at 03.01.2007, 18:03:46 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.01.2007 TR/Spy.Vundo.AF
Authentium 4.93.8 02.28.2007 no virus found
Avast 4.7.936.0 03.01.2007 no virus found
AVG 7.5.0.447 03.01.2007 Downloader.Zlob.FC
BitDefender 7.2 03.01.2007 MemScan:Trojan.Vundo.AF
CAT-QuickHeal 9.00 03.01.2007 no virus found
ClamAV devel-20060426 03.01.2007 no virus found
DrWeb 4.33 03.01.2007 Trojan.Virtumod
eSafe 7.0.14.0 02.28.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3444 03.01.2007 no virus found
Ewido 4.0 03.01.2007 no virus found
FileAdvisor 1 03.01.2007 no virus found
Fortinet 2.85.0.0 03.01.2007 suspicious
F-Prot 4.3.1.45 02.28.2007 no virus found
F-Secure 6.70.13030.0 03.01.2007 no virus found
Ikarus T3.1.1.3 03.01.2007 MemScanTrojan.Vundo.AF
Kaspersky 4.0.2.24 03.01.2007 no virus found
McAfee 4973 02.28.2007 no virus found
Microsoft 1.2204 03.01.2007 no virus found
NOD32v2 2087 03.01.2007 probably a variant of Win32/Adware.Virtumonde.O
Norman 5.80.02 03.01.2007 no virus found
Panda 9.0.0.4 03.01.2007 Suspicious file
Prevx1 V2 03.01.2007 no virus found
Sophos 4.14.0 03.01.2007 Virtumundo
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.01.2007 Trojan.Vundo
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 02.28.2007 no virus found
VBA32 3.11.2 02.28.2007 no virus found
VirusBuster 4.3.19:9 03.01.2007 Trojan.DL.Vundo.Gen!Pac.6

Aditional Information
File size: 281652 bytes
MD5: a20cafe5da9b51d58a5d7f3384cd23fc
SHA1: 88795b7dbb9d17a04c7aa994212561e5332ee535

anton_dr
01.03.2007, 22:07
Из темы http://virusinfo.info/showthread.php?t=8200

Complete scanning result of "livemsgr.exe", received in VirusTotal at 03.01.2007, 19:56:27 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.01.2007 Worm/Sdbot.223232.3
Authentium 4.93.8 03.01.2007 no virus found
Avast 4.7.936.0 03.01.2007 no virus found
AVG 7.5.0.447 03.01.2007 Generic3.FZL
BitDefender 7.2 03.01.2007 DeepScan:Generic.Sdbot.2A3939A7
CAT-QuickHeal 9.00 03.01.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.01.2007 no virus found
DrWeb 4.33 03.01.2007 no virus found
eSafe 7.0.14.0 02.28.2007 no virus found
eTrust-Vet 30.6.3444 03.01.2007 no virus found
Ewido 4.0 03.01.2007 no virus found
FileAdvisor 1 03.01.2007 no virus found
Fortinet 2.85.0.0 03.01.2007 suspicious
F-Prot 4.3.1.45 02.28.2007 no virus found
F-Secure 6.70.13030.0 03.01.2007 no virus found
Ikarus T3.1.1.3 03.01.2007 no virus found
Kaspersky 4.0.2.24 03.01.2007 no virus found
McAfee 4974 03.01.2007 no virus found
Microsoft 1.2204 03.01.2007 no virus found
NOD32v2 2087 03.01.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 03.01.2007 no virus found
Panda 9.0.0.4 03.01.2007 W32/Gaobot.PGR.worm
Prevx1 V2 03.01.2007 Malware.Trojan.Backdoor.Gen
Sophos 4.14.0 03.01.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.01.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.01.2007 no virus found
VBA32 3.11.2 02.28.2007 suspected of Backdoor.Hupigon.14 (paranoid heuristics)
VirusBuster 4.3.19:9 03.01.2007 no virus found

Aditional Information
File size: 226304 bytes
MD5: 70c7860b65f1f5119858ce4f39b28e09
SHA1: 7bf42148ddc7dc42c45f7e751c222f5f4ef1ce76
packers: PE-Armor
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=51f679492710
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

silky-one
02.03.2007, 03:31
Привет всем, выловила тут очередной, уже третий за последний год вирус. avast установленый по случаю поимки, ничего не отдетектил (нашёл правда в system32 пару библиотек давно удалённых троянов, брутфорс и т.п. :) ). Это кстати камень в огород тому, кто высказывался тут в том духе что антивирус на компьютере должен быть обязательно, пару разделов назад. За сим прошу откланятся. Спасибо что вы есть.

Complete scanning result of "itunesff.exe", received in VirusTotal at 03.02.2007, 01:12:32 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.01.2007 DIAL/Generic
Authentium 4.93.8 03.01.2007 no virus found
Avast 4.7.936.0 03.01.2007 no virus found
AVG 7.5.0.447 03.01.2007 Potentially harmful program Dialer.DXX
BitDefender 7.2 03.02.2007 no virus found
CAT-QuickHeal 9.00 03.01.2007 no virus found
ClamAV devel-20060426 03.02.2007 no virus found
DrWeb 4.33 03.01.2007 no virus found
eSafe 7.0.14.0 02.28.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3446 03.02.2007 no virus found
Ewido 4.0 03.01.2007 Dialer.Delf.i
FileAdvisor 1 03.02.2007 no virus found
Fortinet 2.85.0.0 03.01.2007 Dial/Delf
F-Prot 4.3.1.45 03.01.2007 no virus found
F-Secure 6.70.13030.0 03.01.2007 W32/Dialer.BECS
Ikarus T3.1.1.3 03.01.2007 not-a-virus:Dialer.Win32.Delf.i
Kaspersky 4.0.2.24 03.02.2007 not-a-virus:Dialer.Win32.Delf.i
McAfee 4974 03.01.2007 no virus found
Microsoft 1.2204 03.01.2007 no virus found
NOD32v2 2087 03.01.2007 no virus found
Norman 5.80.02 03.01.2007 W32/Dialer.BECS
Panda 9.0.0.4 03.01.2007 Suspicious file
Prevx1 V2 03.02.2007 no virus found
Sophos 4.14.0 03.01.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.02.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.01.2007 Dialer.Delf.F3C0
VBA32 3.11.2 03.01.2007 Dialer.Win32.Delf.i
VirusBuster 4.3.19:9 03.01.2007 no virus found

Aditional Information
File size: 29696 bytes
MD5: 1ecb1da7d037d1fce4037450c1b15a7d
SHA1: 55134fa1073412423ebc46d173b3ea18caa1af49
packers: UPX

Erekle
02.03.2007, 04:47
STATUS: FINISHEDComplete scanning result of "counter_1_.htm", received in VirusTotal at 03.01.2007, 19:35:10 (CET).

Antivirus Version Update Result

AntiVir 7.3.1.38 03.01.2007 no virus found
Authentium 4.93.8 03.01.2007 no virus found
Avast 4.7.936.0 03.01.2007 no virus found
AVG 7.5.0.447 03.01.2007 no virus found
BitDefender 7.2 03.01.2007 no virus found
CAT-QuickHeal 9.00 03.01.2007 no virus found
ClamAV devel-20060426 03.01.2007 no virus found
DrWeb 4.33 03.01.2007 Trojan.DownLoader.18376
eSafe 7.0.14.0 02.28.2007 Win32.VBS.Agent.n
eTrust-Vet 30.6.3444 03.01.2007 VBS/Petch
Ewido 4.0 03.01.2007 Downloader.Agent.n
FileAdvisor 1 03.01.2007 no virus found
Fortinet 2.85.0.0 03.01.2007 VBS/Agent.N!tr.dldr
F-Prot 4.3.1.45 02.28.2007 no virus found
F-Secure 6.70.13030.0 03.01.2007 Trojan-Downloader.VBS.Agent.n
Ikarus T3.1.1.3 03.01.2007 Trojan-Downloader.VBS.Agent.n
Kaspersky 4.0.2.24 03.01.2007 Trojan-Downloader.VBS.Agent.n
McAfee 4974 03.01.2007 no virus found
Microsoft 1.2204 03.01.2007 TrojanDownloader:VBS/Agent.B
NOD32v2 2087 03.01.2007 no virus found
Norman 5.80.02 03.01.2007 no virus found
Panda 9.0.0.4 03.01.2007 Trj/Downloader.NBT
Prevx1 V2 03.01.2007 no virus found
Sophos 4.14.0 03.01.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.01.2007 Downloader
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.01.2007 no virus found
VBA32 3.11.2 02.28.2007 no virus found
VirusBuster 4.3.19:9 03.01.2007 JS.Psyme.CT

Aditional Information
File size: 1899 bytes
MD5: e5d265c972c3001345e41b1d83ffeba0
SHA1: 65b1e6b635db74b1012d8b21b798bb47ff50b70b
packers: ENCODED SCRIPT

--------------------------
P.S. Погрешил на домашний Симантек в предыдущем сообщении. Он всё прекрасно видит, - если восстановить повторной (поверх) инсталляцией функции, покореженные упомянутым там трояном. :L

Синауридзе Александр
03.03.2007, 11:57
Complete scanning result of "___1059", received in VirusTotal at 03.03.2007, 09:44:27 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.02.2007 no virus found
Authentium 4.93.8 03.02.2007 no virus found
Avast 4.7.936.0 03.02.2007 Win32:Tibs-AFH
AVG 7.5.0.447 03.02.2007 no virus found
BitDefender 7.2 03.03.2007 no virus found
CAT-QuickHeal 9.00 03.02.2007 no virus found
ClamAV devel-20060426 03.03.2007 no virus found
DrWeb 4.33 03.02.2007 no virus found
eSafe 7.0.14.0 02.28.2007 no virus found
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.02.2007 no virus found
FileAdvisor 1 03.03.2007 no virus found
Fortinet 2.85.0.0 03.03.2007 no virus found
F-Prot 4.3.1.45 03.03.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 Trojan-Downloader.Win32.Small.dam
Ikarus T3.1.1.3 03.03.2007 no virus found
Kaspersky 4.0.2.24 03.03.2007 Trojan-Downloader.Win32.Small.dam
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.03.2007 no virus found
NOD32v2 2091 03.03.2007 Win32/Fuclip.A
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.03.2007 no virus found
Prevx1 V2 03.03.2007 no virus found
Sophos 4.14.0 03.03.2007 Troj/Small-DOR
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.03.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 OScope.Worm.GSDA.Nuwar
VirusBuster 4.3.19:9 03.02.2007 Trojan.DL.Tibs.Gen!Pac13

Aditional Information
File size: 839627 bytes
MD5: 6a2dadad633bcb7ec825f52ea2cc9381
SHA1: efb11f4fb4ec7e311d0b34481ec4f471470cb746

Dandy
03.03.2007, 13:53
File "serv.exe" received on 03.03.2007 at 11:49:20 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.

Antivirus Version Update Result
AntiVir 7.3.1.38 03.02.2007 TR/Crypt.XDR.Gen
Authentium 4.93.8 03.02.2007 no virus found
Avast 4.7.936.0 03.03.2007 Win32:Warezov-BDI
AVG 7.5.0.447 03.03.2007 I-Worm/Stration
BitDefender 7.2 03.03.2007 DeepScan:Generic.Stration.12101348
CAT-QuickHeal 9.00 03.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.03.2007 no virus found
DrWeb 4.33 03.03.2007 no virus found
eSafe 7.0.14.0 02.28.2007 Suspicious Trojan/Worm
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.03.2007 no virus found
FileAdvisor 1 03.03.2007 no virus found
Fortinet 2.85.0.0 03.03.2007 suspicious
F-Prot 4.3.1.45 03.03.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 no virus found
Ikarus T3.1.1.3 03.03.2007 Backdoor.Win32.Agobot.NQ
Kaspersky 4.0.2.24 03.03.2007 no virus found
McAfee 4975 03.02.2007 New Malware.n
Microsoft 1.2204 03.03.2007 no virus found
NOD32v2 2091 03.03.2007 a variant of Win32/Stration.XJ
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.03.2007 Suspicious file
Prevx1 V2 03.03.2007 no virus found
Sophos 4.14.0 03.03.2007 Mal/Packer
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious

Aditional Information
File size: 111190 bytes
MD5: 117e94346705cafc71d233f4a757ad68
SHA1: 18f4de893227db557739bcc1621eac9948053571
packers: Upack
packers: UPACK
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Kuzz
03.03.2007, 15:17
Complete scanning result of "setup.ex_", received in VirusTotal at 03.03.2007, 13:08:36 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.02.2007 no virus found
Authentium 4.93.8 03.02.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.03.2007 no virus found
BitDefender 7.2 03.03.2007 Trojan.Zlob.Y
CAT-QuickHeal 9.00 03.02.2007 no virus found
ClamAV devel-20060426 03.03.2007 no virus found
DrWeb 4.33 03.03.2007 no virus found
eSafe 7.0.14.0 02.28.2007 no virus found
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.03.2007 no virus found
FileAdvisor 1 03.03.2007 no virus found
Fortinet 2.85.0.0 03.03.2007 suspicious
F-Prot 4.3.1.45 03.03.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 Trojan-Downloader.Win32.Zlob.bpl
Ikarus T3.1.1.3 03.03.2007 no virus found
Kaspersky 4.0.2.24 03.03.2007 Trojan-Downloader.Win32.Zlob.bpl
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.03.2007 no virus found
NOD32v2 2091 03.03.2007 Win32/TrojanDownloader.Zlob.ASV
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.03.2007 no virus found
Prevx1 V2 03.03.2007 no virus found
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.03.2007 Trojan.Emcodec
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 suspected of Downloader.Zlob.16 (paranoid heuristics)
VirusBuster 4.3.19:9 03.02.2007 no virus found

Aditional Information
File size: 72447 bytes
MD5: 3ba70123c97b4a1faa14103052a54e9c
SHA1: c4cb7148e73c2070627ff21888a1371b83502705
packers: BINARYRES, BINARYRES

Arhimed
03.03.2007, 21:37
Complete scanning result of "Update-KB5046-x86.exe", received in VirusTotal at 03.03.2007, 19:23:20 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.02.2007 TR/Dldr.Stration.Gen
Authentium 4.93.8 03.02.2007 W32/Warezov.gen!W32DL
Avast 4.7.936.0 03.03.2007 Win32:Warezov-BDJ
AVG 7.5.0.447 03.03.2007 I-Worm/Stration.CHC
BitDefender 7.2 03.03.2007 Win32.Warezov.BE@mm
CAT-QuickHeal 9.00 03.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.03.2007 Worm.Stration.pac
DrWeb 4.33 03.03.2007 no virus found
eSafe 7.0.14.0 02.28.2007 Win32.Warezov.gen
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.03.2007 no virus found
FileAdvisor 1 03.03.2007 no virus found
Fortinet 2.85.0.0 03.03.2007 W32/Stration.JQ@mm
F-Prot 4.3.1.45 03.03.2007 W32/Warezov.gen!W32DL
F-Secure 6.70.13030.0 03.03.2007 Email-Worm.Win32.Warezov.jx
Ikarus T3.1.1.3 03.03.2007 Email-Worm.Win32.Warezov.jq
Kaspersky 4.0.2.24 03.03.2007 Email-Worm.Win32.Warezov.jx
McAfee 4975 03.02.2007 New Malware.n
Microsoft 1.2204 03.03.2007 no virus found
NOD32v2 2093 03.03.2007 Win32/Stration.XW
Norman 5.80.02 03.02.2007 W32/Downloader
Panda 9.0.0.4 03.03.2007 Suspicious file
Prevx1 V2 03.03.2007 Trojan.Update-KB
Sophos 4.14.0 03.03.2007 W32/Strati-Gen
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.03.2007 W32.Stration@mm
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 MalwareScope.Worm.Warezov.6
VirusBuster 4.3.19:9 03.03.2007 I-Worm.Opnis.OK

Aditional Information
File size: 17386 bytes
MD5: 12de945d2141bc21ef7a24b74ff4af64
SHA1: 222b5c02117089c354b52b68d2191fc2ac45598a
packers: Upack
packers: UPACK

Surfer
04.03.2007, 17:57
Complete scanning result of "Generator_V.3.0.exe", received in VirusTotal at 03.04.2007, 15:40:55 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.04.2007 TR/PSW.LdPinch.bod
Authentium 4.93.8 03.04.2007 Possibly a new variant of W32/HLLI-MewOrleans-based!Maximus
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.03.2007 PSW.Ldpinch.EVE
BitDefender 7.2 03.04.2007 Trojan.PWS.LdPinch.BM
CAT-QuickHeal 9.00 03.02.2007 W32.Brontok.Q
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 no virus found
eSafe 7.0.14.0 03.04.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.04.2007 no virus found
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 SPY/LdPinch
F-Prot 4.3.1.45 03.04.2007 W32/Threat-HLLIM-based!Maximus
F-Secure 6.70.13030.0 03.03.2007 Trojan-PSW.Win32.LdPinch.bod
Ikarus T3.1.1.3 03.04.2007 IM-Worm.Win32.Sumom.C
Kaspersky 4.0.2.24 03.04.2007 Trojan-PSW.Win32.LdPinch.bod
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2093 03.03.2007 a variant of Win32/PSW.LdPinch.BOB
Norman 5.80.02 03.02.2007 W32/Suspicious_M.gen
Panda 9.0.0.4 03.04.2007 no virus found
Prevx1 V2 03.04.2007 no virus found
Sophos 4.14.0 03.03.2007 Mal/Basine-A
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.04.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 MalwareScope.Trojan-PSW.Pinch.36
VirusBuster 4.3.19:9 03.03.2007 Packed/MEW

Aditional Information
File size: 23236 bytes
MD5: 26ae0aa99b74c693b08e28b62cbb0e92
SHA1: 38039d3ca4939a00512044c4cd92f492d0f8352b
packers: MEW
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Shu_b
04.03.2007, 18:03
Complete scanning result of "flash_postcard.zip", received in VirusTotal at 03.04.2007, 13:52:10 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.38 03.02.2007 no virus found
Authentium 4.93.8 03.04.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.03.2007 no virus found
BitDefender 7.2 03.04.2007 no virus found
CAT-QuickHeal 9.00 03.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 no virus found
eSafe 7.0.14.0 02.28.2007 no virus found
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.03.2007 no virus found
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 suspicious
F-Prot 4.3.1.45 03.04.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 no virus found
Ikarus T3.1.1.3 03.04.2007 Trojan-PWS.Win32.Delf.JS
Kaspersky 4.0.2.24 03.04.2007 no virus found
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2093 03.03.2007 no virus found
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.03.2007 Suspicious file
Prevx1 V2 03.04.2007 no virus found
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 Elkern.a (v)
Symantec 10 03.04.2007 W32.Mixor.Q@mm
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 no virus found
VirusBuster 4.3.19:9 03.03.2007 Trojan.DL.Delf.VWJ

Aditional Information
File size: 22760 bytes
MD5: 6827e32a24784c52633daa1a6d9ea77b
SHA1: 352da594b60947ff307a9359df618d48c907a3be
packers: BINARYRES

Complete scanning result of "ibm00002.dll", received in VirusTotal at 03.04.2007, 14:33:40 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.38 03.04.2007 TR/Hijack.Agent.BO
Authentium 4.93.8 03.04.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.03.2007 Generic3.FAX
BitDefender 7.2 03.04.2007 no virus found
CAT-QuickHeal 9.00 03.02.2007 no virus found
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 no virus found
eSafe 7.0.14.0 03.04.2007 Suspicious Trojan/Worm
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.03.2007 no virus found
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 suspicious
F-Prot 4.3.1.45 03.04.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 no virus found
Ikarus T3.1.1.3 03.04.2007 no virus found
Kaspersky 4.0.2.24 03.04.2007 Trojan-PSW.Win32.Sinowal.co
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2093 03.03.2007 no virus found
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.04.2007 Suspicious file
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.04.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 Trojan.PSW.Win32.Sinowal.2500
VBA32 3.11.2 03.03.2007 no virus found
VirusBuster 4.3.19:9 03.03.2007 no virus found

File size: 43008 bytes
MD5: 4429fbc4bff05325b9d754cd466a8bca
SHA1: a3c55c5b9981da09ff330a70d3482dac44809e57


Complete scanning result of "d3ui32.dll", received in VirusTotal at 03.04.2007, 14:33:48 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.38 03.04.2007 no virus found
Authentium 4.93.8 03.04.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.03.2007 no virus found
BitDefender 7.2 03.04.2007 no virus found
CAT-QuickHeal 9.00 03.02.2007 no virus found
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 no virus found
eSafe 7.0.14.0 03.04.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.03.2007 no virus found
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 suspicious
F-Prot 4.3.1.45 03.04.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 no virus found
Ikarus T3.1.1.3 03.04.2007 no virus found
Kaspersky 4.0.2.24 03.04.2007 SpamTool.Win32.Agent.u
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2093 03.03.2007 no virus found
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.04.2007 no virus found
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.04.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 no virus found
VirusBuster 4.3.19:9 03.03.2007 no virus found

Aditional Information
File size: 91648 bytes
MD5: 6b656414452aacdb038bb3fbf4d1bec5
SHA1: 87c2ae1f70410bf4e45191cea641de022661c311
packers: UPX

Dandy
04.03.2007, 22:07
Вот такой интересный 3-ех метровый дистрибутив пришел по асе...
Complete scanning result of "samp3.1.exe", received in VirusTotal at 03.04.2007, 19:51:35 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.04.2007 no virus found
Authentium 4.93.8 03.04.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.04.2007 no virus found
BitDefender 7.2 03.04.2007 no virus found
CAT-QuickHeal 9.00 03.02.2007 no virus found
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 no virus found
eSafe 7.0.14.0 03.04.2007 no virus found
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.04.2007 no virus found
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 suspicious
F-Prot 4.3.1.45 03.04.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 no virus found
Ikarus T3.1.1.3 03.04.2007 no virus found
Kaspersky 4.0.2.24 03.04.2007 no virus found
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2094 03.04.2007 no virus found
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.04.2007 Suspicious file
Prevx1 V2 03.04.2007 no virus found
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 no virus found
Symantec 10 03.04.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.19:9 03.04.2007 no virus found

Aditional Information
File size: 3900592 bytes
MD5: f26f49585e2b826cd953bb4b852f0791
SHA1: be00bc28b9a63260b7f589392f9683f5a1d600c6
packers: BINARYRES, UPX, UPX

Winsent
04.03.2007, 23:48
Complete scanning result of "Photo.scr", received in VirusTotal at 03.04.2007, 21:43:32 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.38 03.04.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 03.04.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.04.2007 Win32/Ngvck
BitDefender 7.2 03.04.2007 no virus found
CAT-QuickHeal 9.00 03.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 Trojan.PWS.LDPinch.1417
eSafe 7.0.14.0 03.04.2007 Win32.LdPinch.bkg
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.04.2007 Trojan.LdPinch.bkg
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 W32/LdPinch.BKG!tr.pws
F-Prot 4.3.1.45 03.04.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 Trojan-PSW.Win32.LdPinch.bkg
Ikarus T3.1.1.3 03.04.2007 Trojan.Win32.Agent.aee
Kaspersky 4.0.2.24 03.04.2007 Trojan-PSW.Win32.LdPinch.bkg
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2094 03.04.2007 no virus found
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.04.2007 Trj/Ldpinch.YG
Prevx1 V2 03.04.2007 no virus found
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.04.2007 Trojan Horse
TheHacker 6.1.6.067 03.01.2007 Trojan/PSW.LdPinch.bkg
UNA 1.83 03.02.2007 Trojan.PSW.Win32.LdPinch.C807
VBA32 3.11.2 03.03.2007 Trojan-PSW.Win32.LdPinch.bkg
VirusBuster 4.3.19:9 03.04.2007 no virus found

Aditional Information
File size: 33792 bytes
MD5: 6fc2be0ffeee2faf85b946ca689aca9d
SHA1: 3849e0e8ed73d3d3193c60cb7a4271c79c5961b4
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
04.03.2007, 23:49
Complete scanning result of "dengi.exe", received in VirusTotal at 03.04.2007, 21:43:44 (CET).


Antivirus Version Update Result

AntiVir 7.3.1.38 03.04.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 03.04.2007 no virus found
Avast 4.7.936.0 03.03.2007 no virus found
AVG 7.5.0.447 03.04.2007 no virus found
BitDefender 7.2 03.04.2007 Trojan.Peed.Gen
CAT-QuickHeal 9.00 03.02.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.04.2007 no virus found
DrWeb 4.33 03.04.2007 no virus found
eSafe 7.0.14.0 03.04.2007 Win32.Polipos.sus
eTrust-Vet 30.6.3449 03.03.2007 no virus found
Ewido 4.0 03.04.2007 no virus found
FileAdvisor 1 03.04.2007 no virus found
Fortinet 2.85.0.0 03.04.2007 suspicious
F-Prot 4.3.1.45 03.04.2007 no virus found
F-Secure 6.70.13030.0 03.03.2007 W32/Malware
Ikarus T3.1.1.3 03.04.2007 no virus found
Kaspersky 4.0.2.24 03.04.2007 no virus found
McAfee 4975 03.02.2007 no virus found
Microsoft 1.2204 03.04.2007 no virus found
NOD32v2 2094 03.04.2007 no virus found
Norman 5.80.02 03.02.2007 W32/Malware
Panda 9.0.0.4 03.04.2007 Suspicious file
Prevx1 V2 03.04.2007 no virus found
Sophos 4.14.0 03.03.2007 no virus found
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.04.2007 no virus found
TheHacker 6.1.6.067 03.01.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 no virus found
VirusBuster 4.3.19:9 03.04.2007 no virus found

Aditional Information
File size: 52708 bytes
MD5: 130cd97b40bd9a43f1d2fd975a6fce8c
SHA1: 870c3d83f0edd36d5c16831fc7e32f6e76365f0e
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: [email protected] - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* **Locates window "NULL [class AVP.AlertDialog]" on desktop.
* **Locates window "NULL [class AVP.AhAppChangedDialog]" on desktop.
* **Locates window "NULL [class AVP.AhLearnDialog]" on desktop.
* **Locates window "NULL [class AVP.Product_Notification]" on desktop.

[ Network ]
* Bypass installed firewall.

Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Shu_b
05.03.2007, 10:42
t=8242

Complete scanning result of "lsass.exe", received in VirusTotal at 03.05.2007, 08:32:54 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.38 03.05.2007 no virus found
Authentium 4.93.8 03.04.2007 Possibly a new variant of W32/Dlr-Trojan-Malware-based!Maximus
Avast 4.7.936.0 03.03.2007 Win32:Agent-BSU
AVG 7.5.0.447 03.04.2007 no virus found
BitDefender 7.2 03.05.2007 Generic.Malware.Bdldprn.453CA4F4
CAT-QuickHeal 9.00 03.05.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.05.2007 Trojan.Downloader-2739
DrWeb 4.33 03.05.2007 no virus found
eSafe 7.0.14.0 03.04.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3455 03.05.2007 no virus found
Ewido 4.0 03.04.2007 no virus found
FileAdvisor 1 03.05.2007 no virus found
Fortinet 2.85.0.0 03.05.2007 suspicious
F-Prot 4.3.1.45 03.04.2007 W32/Dlr-Trojan-Malware-based!Maximus
F-Secure 6.70.13030.0 03.05.2007 no virus found
Ikarus T3.1.1.3 03.05.2007 no virus found
Kaspersky 4.0.2.24 03.05.2007 no virus found
McAfee 4975 03.02.2007 Generic AdClicker.b
Microsoft 1.2204 03.05.2007 TrojanClicker:Win32/Agent.ET
NOD32v2 2094 03.04.2007 a variant of Win32/TrojanDownloader.Small.CYF
Norman 5.80.02 03.02.2007 no virus found
Panda 9.0.0.4 03.04.2007 Suspicious file
Prevx1 V2 03.05.2007 no virus found
Sophos 4.14.0 03.03.2007 Mal/Packer
Sunbelt 2.2.907.0 03.01.2007 VIPRE.Suspicious
Symantec 10 03.05.2007 Downloader
TheHacker 6.1.6.069 03.05.2007 no virus found
UNA 1.83 03.02.2007 no virus found
VBA32 3.11.2 03.03.2007 no virus found
VirusBuster 4.3.19:9 03.04.2007 Packed/FSG

File size: 16112 bytes
MD5: 2a75cecc230587c54f8d3badc6ff27f7
SHA1: 43756d86e53013dcdb8041f7d97ebe7b649acb25
packers: FSG

Shu_b
06.03.2007, 20:26
t=8286

Complete scanning result of "lsasss.exe", received in VirusTotal at 03.06.2007, 18:12:17 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.38 03.06.2007 TR/Agent.37320
Authentium 4.93.8 03.05.2007 no virus found
Avast 4.7.936.0 03.06.2007 no virus found
AVG 7.5.0.447 03.06.2007 Downloader.Generic3.VVP
BitDefender 7.2 03.06.2007 DeepScan:Generic.Malware.SP!Pk!.021DF1A8
CAT-QuickHeal 9.00 03.06.2007 no virus found
ClamAV devel-20060426 03.06.2007 no virus found
DrWeb 4.33 03.06.2007 no virus found
eSafe 7.0.14.0 03.06.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3458 03.06.2007 no virus found
Ewido 4.0 03.06.2007 no virus found
FileAdvisor 1 03.06.2007 no virus found
Fortinet 2.85.0.0 03.06.2007 W32/Tibs.gen
F-Prot 4.3.1.45 03.06.2007 no virus found
F-Secure 6.70.13030.0 03.06.2007 no virus found
Ikarus T3.1.1.3 03.06.2007 Trojan-Proxy.Win32.Horst.ls
Kaspersky 4.0.2.24 03.06.2007 no virus found
McAfee 4977 03.06.2007 no virus found
Microsoft 1.2204 03.06.2007 Trojan:Win32/Zonebac.A
NOD32v2 2098 03.06.2007 probably a variant of Win32/TrojanDownloader.Agent.AWF
Norman 5.80.02 03.06.2007 no virus found
Panda 9.0.0.4 03.06.2007 Suspicious file
Prevx1 V2 03.06.2007 no virus found
Sophos 4.15.0 03.06.2007 no virus found
Sunbelt 2.2.907.0 03.05.2007 no virus found
Symantec 10 03.06.2007 no virus found
TheHacker 6.1.6.070 03.06.2007 no virus found
UNA 1.83 03.05.2007 no virus found
VBA32 3.11.2 03.05.2007 no virus found
VirusBuster 4.3.19:9 03.06.2007 no virus found

Aditional Information
File size: 37722 bytes
MD5: 3db073b042eb6dd1d61a09ab178ce5d4
SHA1: 6ed79641237602ea70795fbab9c54041cbdb4e90
packers: UPX

Erekle
07.03.2007, 02:15
Complete scanning result of "index_1_.htm", received in VirusTotal at 03.06.2007, 23:47:22 (CET).

Antivirus Version Update Result

AntiVir 7.3.1.38 03.06.2007 no virus found
Authentium 4.93.8 03.06.2007 no virus found
Avast 4.7.936.0 03.06.2007 no virus found
AVG 7.5.0.447 03.06.2007 no virus found
BitDefender 7.2 03.06.2007 no virus found
CAT-QuickHeal 9.00 03.06.2007 no virus found
ClamAV devel-20060426 03.06.2007 no virus found
DrWeb 4.33 03.06.2007 no virus found
eSafe 7.0.14.0 03.06.2007 no virus found
eTrust-Vet 30.6.3458 03.06.2007 no virus found
Ewido 4.0 03.06.2007 no virus found
FileAdvisor 1 03.06.2007 no virus found
Fortinet 2.85.0.0 03.06.2007 no virus found
F-Prot 4.3.1.45 03.06.2007 no virus found
F-Secure 6.70.13030.0 03.06.2007 no virus found
Ikarus T3.1.1.3 03.06.2007 no virus found
Kaspersky 4.0.2.24 03.06.2007 no virus found
McAfee 4978 03.06.2007 no virus found
Microsoft 1.2204 03.06.2007 no virus found
NOD32v2 2099 03.06.2007 no virus found
Norman 5.80.02 03.06.2007 no virus found
Panda 9.0.0.4 03.06.2007 no virus found
Prevx1 V2 03.06.2007 no virus found
Sophos 4.15.0 03.06.2007 no virus found
Sunbelt 2.2.907.0 03.05.2007 no virus
Symantec 10 03.06.2007 no virus found
TheHacker 6.1.6.070 03.06.2007 no virus found
UNA 1.83 03.06.2007 Exploit.HTML.Agent
VBA32 3.11.2 03.05.2007 no virus found
VirusBuster 4.3.19:9 03.06.2007 no virus found

Aditional Information
File size: 5969 bytes
MD5: 760404a399d821a9dd99fde5bb143bd6
SHA1: b015dd0b6c616f3413e68348f2058de58385badf


Complete scanning result of "gxlaad.exe", received in VirusTotal at 03.07.2007, 00:08:36 (CET).

Antivirus Version Update Result

AntiVir 7.3.1.38 03.06.2007 TR/Crypt.XPACK.Gen
Authentium 4.93.8 03.06.2007 no virus found
Avast 4.7.936.0 03.06.2007 no virus found
AVG 7.5.0.447 03.06.2007 no virus found
BitDefender 7.2 03.06.2007 no virus found
CAT-QuickHeal 9.00 03.06.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.06.2007 no virus found
DrWeb 4.33 03.06.2007 no virus found
eSafe 7.0.14.0 03.06.2007 Suspicious Trojan/Worm
eTrust-Vet 30.6.3458 03.06.2007 no virus found
Ewido 4.0 03.06.2007 no virus found
FileAdvisor 1 03.07.2007 no virus found
Fortinet 2.85.0.0 03.06.2007 suspicious
F-Prot 4.3.1.45 03.06.2007 no virus found
F-Secure 6.70.13030.0 03.06.2007 no virus found
Ikarus T3.1.1.3 03.06.2007 Generic.Dialer
Kaspersky 4.0.2.24 03.06.2007 no virus found
McAfee 4978 03.06.2007 no virus found
Microsoft 1.2204 03.06.2007 no virus found
NOD32v2 2099 03.06.2007 no virus found
Norman 5.80.02 03.06.2007 no virus found
Panda 9.0.0.4 03.06.2007 Suspicious file
Prevx1 V2 03.07.2007 no virus found
Sophos 4.15.0 03.06.2007 no virus found
Sunbelt 2.2.907.0 03.05.2007 no virus found
Symantec 10 03.06.2007 no virus found
TheHacker 6.1.6.070 03.06.2007 no virus found
UNA 1.83 03.06.2007 no virus found
VBA32 3.11.2 03.05.2007 no virus found
VirusBuster 4.3.19:9 03.06.2007 no virus found

Aditional Information
File size: 32768 bytes
MD5: 3ead1e78a2b9d95b0683e6a3bde02dfd
SHA1: 86c5711e87597d892d4ad39a59d8bb179b55740f

Shu_b
07.03.2007, 22:18
t=8292

Complete scanning result of "jguyswyr.dll", received in VirusTotal at 03.07.2007, 20:08:10 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.41 03.07.2007 HEUR/Crypted
Authentium 4.93.8 03.07.2007 no virus found
Avast 4.7.936.0 03.07.2007 no virus found
AVG 7.5.0.447 03.07.2007 no virus found
BitDefender 7.2 03.07.2007 no virus found
CAT-QuickHeal 9.00 03.07.2007 no virus found
ClamAV devel-20060426 03.07.2007 no virus found
DrWeb 4.33 03.07.2007 Trojan.Virtumod
eSafe 7.0.14.0 03.07.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3461 03.07.2007 Win32/Vundo!generic
Ewido 4.0 03.07.2007 no virus found
FileAdvisor 1 03.07.2007 no virus found
Fortinet 2.85.0.0 03.07.2007 suspicious
F-Prot 4.3.1.45 03.07.2007 no virus found
F-Secure 6.70.13030.0 03.07.2007 no virus found
Ikarus T3.1.1.3 03.07.2007 no virus found
Kaspersky 4.0.2.24 03.07.2007 no virus found
McAfee 4979 03.07.2007 no virus found
Microsoft 1.2204 03.07.2007 no virus found
NOD32v2 2101 03.07.2007 no virus found
Norman 5.80.02 03.07.2007 no virus found
Panda 9.0.0.4 03.07.2007 no virus found
Prevx1 V2 03.07.2007 no virus found
Sophos 4.15.0 03.07.2007 Virtumundo
Sunbelt 2.2.907.0 03.05.2007 no virus found
Symantec 10 03.07.2007 no virus found
TheHacker 6.1.6.072 03.07.2007 no virus found
UNA 1.83 03.07.2007 no virus found
VBA32 3.11.2 03.07.2007 no virus found
VirusBuster 4.3.19:9 03.07.2007 no virus found

Aditional Information
File size: 123412 bytes
MD5: d63b74f7f8d82d652b4565fabb7e69dd
SHA1: a856c93ed46830c5a857c19827ddfee98fbded37

saicat
08.03.2007, 15:10
Complete scanning result of "server.exw", received in VirusTotal at 03.08.2007, 12:42:19 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.41 03.08.2007 TR/Hijack.Explor.2175
Authentium 4.93.8 03.07.2007 Possibly a new variant of W32/VB-Backdoor-ESVR-based!Maximus
Avast 4.7.936.0 03.07.2007 no virus found
AVG 7.5.0.447 03.07.2007 no virus found
BitDefender 7.2 03.08.2007 BehavesLike:Win32.ExplorerHijack
CAT-QuickHeal 9.00 03.07.2007 no virus found
ClamAV devel-20060426 03.08.2007 no virus found
DrWeb 4.33 03.08.2007 no virus found
eSafe 7.0.14.0 03.07.2007 no virus found
eTrust-Vet 30.6.3464 03.08.2007 no virus found
Ewido 4.0 03.07.2007 no virus found
FileAdvisor 1 03.08.2007 no virus found
Fortinet 2.85.0.0 03.08.2007 PossibleThreat
F-Prot 4.3.1.45 03.07.2007 W32/VB-Backdoor-ESVR-based!Maximus
F-Secure 6.70.13030.0 03.08.2007 no virus found
Ikarus T3.1.1.3 03.08.2007 BehavesLikeWin32.ExplorerHijack
Kaspersky 4.0.2.24 03.08.2007 no virus found
McAfee 4979 03.07.2007 no virus found
Microsoft 1.2204 03.08.2007 no virus found
NOD32v2 2102 03.08.2007 no virus found
Norman 5.80.02 03.07.2007 no virus found
Panda 9.0.0.4 03.08.2007 Suspicious file
Prevx1 V2 03.08.2007 no virus found
Sophos 4.15.0 03.07.2007 no virus found
Sunbelt 2.2.907.0 03.07.2007 Win32.ExplorerHijack
Symantec 10 03.08.2007 no virus found
TheHacker 6.1.6.072 03.07.2007 no virus found
UNA 1.83 03.07.2007 no virus found
VBA32 3.11.2 03.07.2007 Backdoor.ESVR
VirusBuster 4.3.19:9 03.07.2007 no virus found

Aditional Information
File size: 24620 bytes
MD5: 07956680a35d44ce625483dd2f0eb27a
SHA1: 519afd053d278eeeef0e303a805122d0ccbec16a

yu_mor
09.03.2007, 11:03
всё больше хочу поставить себе немца AntiVir или белоруса VBA..

Complete scanning result of "activedsj.exe", received in VirusTotal at 03.09.2007, 08:48:45 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.41 03.09.2007 HEUR/Crypted
Authentium 4.93.8 03.08.2007 no virus found
Avast 4.7.936.0 03.08.2007 no virus found
AVG 7.5.0.447 03.08.2007 no virus found
BitDefender 7.2 03.09.2007 no virus found
CAT-QuickHeal 9.00 03.08.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.09.2007 no virus found
DrWeb 4.33 03.09.2007 Trojan.Proxy.1405
eSafe 7.0.14.0 03.08.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3467 03.09.2007 no virus found
Ewido 4.0 03.07.2007 no virus found
FileAdvisor 1 03.09.2007 no virus found
Fortinet 2.85.0.0 03.09.2007 PossibleThreat!025469
F-Prot 4.3.1.45 03.08.2007 no virus found
F-Secure 6.70.13030.0 03.09.2007 Trojan-PSW.Win32.Ceda.d
Ikarus T3.1.1.3 03.09.2007 Trojan-PWS.Win32.Ceda.c
Kaspersky 4.0.2.24 03.09.2007 Trojan-PSW.Win32.Ceda.d
McAfee 4980 03.08.2007 no virus found
Microsoft 1.2204 03.09.2007 no virus found
NOD32v2 2104 03.08.2007 no virus found
Norman 5.80.02 03.07.2007 Suspicious_F.gen
Panda 9.0.0.4 03.08.2007 Trj/PWSteal.BU
Prevx1 V2 03.09.2007 Spyware.Spy.Sheriff
Sophos 4.15.0 03.09.2007 Mal/Packer
Sunbelt 2.2.907.0 03.07.2007 VIPRE.Suspicious
Symantec 10 03.09.2007 no virus found
TheHacker 6.1.6.073 03.09.2007 no virus found
UNA 1.83 03.07.2007 no virus found
VBA32 3.11.2 03.08.2007 Trojan-PSW.Win32.Ceda.c
VirusBuster 4.3.19:9 03.08.2007 Packed/FSG

File size: 29297 bytes
MD5: 9e5e1deddc40214c51cdd0d1476c43d0
SHA1: ea70c581363190f835484ddd22c25edafb835f7b


Complete scanning result of "msnetax.dll", received in VirusTotal at 03.09.2007, 09:09:08 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.41 03.09.2007 TR/Agent.afg
Authentium 4.93.8 03.08.2007 W32/Trojan.YKC
Avast 4.7.936.0 03.08.2007 Win32:Agent-ERY
AVG 7.5.0.447 03.08.2007 Generic3.MX
BitDefender 7.2 03.09.2007 Trojan.Agent.AFG
CAT-QuickHeal 9.00 03.08.2007 Trojan.Agent.afg
ClamAV devel-20060426 03.09.2007 no virus found
DrWeb 4.33 03.09.2007 Trojan.Sender
eSafe 7.0.14.0 03.08.2007 Win32.Agent.afg
eTrust-Vet 30.6.3467 03.09.2007 no virus found
Ewido 4.0 03.07.2007 Trojan.Agent.afg
FileAdvisor 1 03.09.2007 no virus found
Fortinet 2.85.0.0 03.09.2007 W32/Agent.AFG!tr
F-Prot 4.3.1.45 03.08.2007 W32/Trojan.YKC
F-Secure 6.70.13030.0 03.09.2007 Trojan.Win32.Agent.afg
Ikarus T3.1.1.3 03.09.2007 Trojan.Win32.Agent.afg
Kaspersky 4.0.2.24 03.09.2007 Trojan.Win32.Agent.afg
McAfee 4980 03.08.2007 no virus found
Microsoft 1.2204 03.09.2007 TrojanDownloader:Win32/Agent.B (threat-c)
NOD32v2 2104 03.08.2007 no virus found
Norman 5.80.02 03.07.2007 no virus found
Panda 9.0.0.4 03.08.2007 Trj/Spammer.ZO
Prevx1 V2 03.09.2007 Malicious
Sophos 4.15.0 03.09.2007 no virus found
Sunbelt 2.2.907.0 03.07.2007 Trojan.Win32.Agent.afg
Symantec 10 03.09.2007 Trojan Horse
TheHacker 6.1.6.073 03.09.2007 no virus found
UNA 1.83 03.07.2007 Trojan.Win32.Agent.EDFA
VBA32 3.11.2 03.08.2007 Trojan.Sender
VirusBuster 4.3.19:9 03.08.2007 Trojan.Agent.SCY

Aditional Information
File size: 20480 bytes
MD5: e9858c5c723dadfa8825383b0847b164
SHA1: 022b3e782a4ea879e0b37cc7ed1f4a1655118647

Complete scanning result of "lsp.dll", received in VirusTotal at 03.09.2007, 09:20:07 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.41 03.09.2007 no virus found
Authentium 4.93.8 03.08.2007 no virus found
Avast 4.7.936.0 03.08.2007 no virus found
AVG 7.5.0.447 03.08.2007 no virus found
BitDefender 7.2 03.09.2007 no virus found
CAT-QuickHeal 9.00 03.08.2007 no virus found
ClamAV devel-20060426 03.09.2007 no virus found
DrWeb 4.33 03.09.2007 no virus found
eSafe 7.0.14.0 03.08.2007 no virus found
eTrust-Vet 30.6.3467 03.09.2007 no virus found
Ewido 4.0 03.07.2007 no virus found
FileAdvisor 1 03.09.2007 no virus found
Fortinet 2.85.0.0 03.09.2007 no virus found
F-Prot 4.3.1.45 03.08.2007 no virus found
F-Secure 6.70.13030.0 03.09.2007 no virus found
Ikarus T3.1.1.3 03.09.2007 no virus found
Kaspersky 4.0.2.24 03.09.2007 no virus found
McAfee 4980 03.08.2007 no virus found
Microsoft 1.2204 03.09.2007 no virus found
NOD32v2 2104 03.08.2007 no virus found
Norman 5.80.02 03.07.2007 no virus found
Panda 9.0.0.4 03.08.2007 no virus found
Prevx1 V2 03.09.2007 no virus found
Sophos 4.15.0 03.09.2007 no virus found
Sunbelt 2.2.907.0 03.07.2007 no virus found
Symantec 10 03.09.2007 no virus found
TheHacker 6.1.6.073 03.09.2007 no virus found
UNA 1.83 03.07.2007 no virus found
VBA32 3.11.2 03.08.2007 suspected of Trojan-PSW.Lmir.4 (paranoid heuristics)
VirusBuster 4.3.19:9 03.08.2007 no virus found

Aditional Information
File size: 45056 bytes
MD5: 0cb0c6a562da8f4e8154854e77a23ae6
SHA1: f0fafc879f2b10a23b838186709f83ab9daa77ca

Complete scanning result of "svshost.dll", received in VirusTotal at 03.09.2007, 10:00:39 (CET).
Antivirus Version Update Result
AntiVir 7.3.1.41 03.09.2007 no virus found
Authentium 4.93.8 03.08.2007 W32/Backdoor.AIGG
Avast 4.7.936.0 03.08.2007 Win32:Small-CHC
AVG 7.5.0.447 03.08.2007 no virus found
BitDefender 7.2 03.09.2007 no virus found
CAT-QuickHeal 9.00 03.08.2007 no virus found
ClamAV devel-20060426 03.09.2007 no virus found
DrWeb 4.33 03.09.2007 no virus found
eSafe 7.0.14.0 03.08.2007 no virus found
eTrust-Vet 30.6.3467 03.09.2007 no virus found
Ewido 4.0 03.07.2007 no virus found
FileAdvisor 1 03.09.2007 no virus found
Fortinet 2.85.0.0 03.09.2007 no virus found
F-Prot 4.3.1.45 03.08.2007 W32/Backdoor.AIGG
F-Secure 6.70.13030.0 03.09.2007 Backdoor.Win32.Small.ls
Ikarus T3.1.1.3 03.09.2007 no virus found
Kaspersky 4.0.2.24 03.09.2007 Backdoor.Win32.Small.ls
McAfee 4980 03.08.2007 no virus found
Microsoft 1.2204 03.09.2007 no virus found
NOD32v2 2104 03.08.2007 no virus found
Norman 5.80.02 03.07.2007 no virus found
Panda 9.0.0.4 03.08.2007 no virus found
Prevx1 V2 03.09.2007 no virus found
Sophos 4.15.0 03.09.2007 no virus found
Sunbelt 2.2.907.0 03.07.2007 no virus found
Symantec 10 03.09.2007 no virus found
TheHacker 6.1.6.073 03.09.2007 no virus found
UNA 1.83 03.07.2007 Backdoor.Small.F4DA
VBA32 3.11.2 03.08.2007 no virus found
VirusBuster 4.3.19:9 03.08.2007 no virus found

Aditional Information
File size: 2560 bytes
MD5: 9a0d958283e67487384d719c43981e04
SHA1: d14358364c3886b5236848620ebbff0a7df62fc3

anton_dr
13.03.2007, 14:57
АВЗ - Src=C:\WINDOWS\himem.exe
Complete scanning result of "avz00012.dta", received in VirusTotal at 03.13.2007, 12:48:02 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.41 03.13.2007 WORM/Stration.Gen
Authentium 4.93.8 03.13.2007 no virus found
Avast 4.7.936.0 03.12.2007 no virus found
AVG 7.5.0.447 03.12.2007 no virus found
BitDefender 7.2 03.13.2007 Win32.Stration.Gen@mm
CAT-QuickHeal 9.00 03.12.2007 no virus found
ClamAV devel-20060426 03.13.2007 no virus found
DrWeb 4.33 03.13.2007 no virus found
eSafe 7.0.14.0 03.12.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3474 03.13.2007 no virus found
Ewido 4.0 03.13.2007 no virus found
FileAdvisor 1 03.13.2007 no virus found
Fortinet 2.85.0.0 03.13.2007 no virus found
F-Prot 4.3.1.45 03.13.2007 no virus found
F-Secure 6.70.13030.0 03.13.2007 no virus found
Ikarus T3.1.1.3 03.13.2007 no virus found
Kaspersky 4.0.2.24 03.13.2007 no virus found
McAfee 4982 03.12.2007 no virus found
Microsoft 1.2306 03.13.2007 no virus found
NOD32v2 2111 03.13.2007 a variant of Win32/Stration
Norman 5.80.02 03.13.2007 no virus found
Panda 9.0.0.4 03.12.2007 no virus found
Prevx1 V2 03.13.2007 Win32.Malware.gen
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.10.2007 no virus found
Symantec 10 03.13.2007 no virus found
TheHacker 6.1.6.074 03.12.2007 no virus found
UNA 1.83 03.12.2007 no virus found
VBA32 3.11.2 03.13.2007 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.19:9 03.12.2007 no virus found

Aditional Information
File size: 192000 bytes
MD5: 28dce299b307e1bd794138a19e3733f3
SHA1: a02df953d67d9b638a80f8ce095c3cc77d43355a
packers: UPX
packers: UPX
packers: UPX
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=e1cd82553318

anton_dr
13.03.2007, 14:58
АВЗ - Src=C:\WINDOWS\system32\sgdqfuod.dll

Complete scanning result of "avz00009.dta", received in VirusTotal at 03.13.2007, 12:47:50 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.41 03.13.2007 WORM/Stration.Gen
Authentium 4.93.8 03.13.2007 Possibly a new variant of W32/Bongler-based
Avast 4.7.936.0 03.12.2007 no virus found
AVG 7.5.0.447 03.12.2007 no virus found
BitDefender 7.2 03.13.2007 no virus found
CAT-QuickHeal 9.00 03.12.2007 no virus found
ClamAV devel-20060426 03.13.2007 no virus found
DrWeb 4.33 03.13.2007 no virus found
eSafe 7.0.14.0 03.12.2007 no virus found
eTrust-Vet 30.6.3474 03.13.2007 no virus found
Ewido 4.0 03.13.2007 no virus found
FileAdvisor 1 03.13.2007 no virus found
Fortinet 2.85.0.0 03.13.2007 no virus found
F-Prot 4.3.1.45 03.13.2007 W32/Bongler-based
F-Secure 6.70.13030.0 03.13.2007 no virus found
Ikarus T3.1.1.3 03.13.2007 no virus found
Kaspersky 4.0.2.24 03.13.2007 no virus found
McAfee 4982 03.12.2007 no virus found
Microsoft 1.2306 03.13.2007 Trojan:Win32/Stration.A!dll
NOD32v2 2111 03.13.2007 a variant of Win32/Stration
Norman 5.80.02 03.13.2007 no virus found
Panda 9.0.0.4 03.12.2007 no virus found
Prevx1 V2 03.13.2007 no virus found
Sophos 4.15.0 03.13.2007 W32/Strati-Gen
Sunbelt 2.2.907.0 03.10.2007 no virus found
Symantec 10 03.13.2007 W32.Stration@mm
TheHacker 6.1.6.074 03.12.2007 no virus found
UNA 1.83 03.12.2007 no virus found
VBA32 3.11.2 03.13.2007 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.19:9 03.12.2007 no virus found

Aditional Information
File size: 65536 bytes
MD5: c65c6a61ea71b92b738671c901e3cd97
SHA1: 710e74a0003546a593f7e3efef67a09f3a15eee2

anton_dr
13.03.2007, 14:59
АВЗ - Src=C:\WINDOWS\system32\cer6ge.exe

Complete scanning result of "avz00003.dta", received in VirusTotal at 03.13.2007, 12:47:13 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.41 03.13.2007 no virus found
Authentium 4.93.8 03.13.2007 no virus found
Avast 4.7.936.0 03.12.2007 no virus found
AVG 7.5.0.447 03.12.2007 no virus found
BitDefender 7.2 03.13.2007 Win32.Stration.Gen@mm
CAT-QuickHeal 9.00 03.12.2007 no virus found
ClamAV devel-20060426 03.13.2007 no virus found
DrWeb 4.33 03.13.2007 no virus found
eSafe 7.0.14.0 03.12.2007 no virus found
eTrust-Vet 30.6.3474 03.13.2007 no virus found
Ewido 4.0 03.13.2007 no virus found
FileAdvisor 1 03.13.2007 no virus found
Fortinet 2.85.0.0 03.13.2007 no virus found
F-Prot 4.3.1.45 03.13.2007 no virus found
F-Secure 6.70.13030.0 03.13.2007 no virus found
Ikarus T3.1.1.3 03.13.2007 no virus found
Kaspersky 4.0.2.24 03.13.2007 no virus found
McAfee 4982 03.12.2007 no virus found
Microsoft 1.2306 03.13.2007 no virus found
NOD32v2 2111 03.13.2007 a variant of Win32/Stration
Norman 5.80.02 03.13.2007 no virus found
Panda 9.0.0.4 03.12.2007 no virus found
Prevx1 V2 03.13.2007 Malicious
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.10.2007 no virus found
Symantec 10 03.13.2007 no virus found
TheHacker 6.1.6.074 03.12.2007 no virus found
UNA 1.83 03.12.2007 no virus found
VBA32 3.11.2 03.13.2007 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.19:9 03.12.2007 no virus found

Aditional Information
File size: 45056 bytes
MD5: e13bdb0698209bd517b6faa7d110e7b2
SHA1: 5e81b9ed135288a165e970fa1065866755583ebe
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=364982554304



Надо отметить, что эти три вырисовались после чистки карантина Касперским.

saicat
13.03.2007, 15:41
Complete scanning result of "server.exw", received in VirusTotal at 03.13.2007, 13:30:02 (CET).

Antivirus Version Update Result
AntiVir 7.3.1.41 03.13.2007 no virus found
Authentium 4.93.8 03.13.2007 no virus found
Avast 4.7.936.0 03.12.2007 no virus found
AVG 7.5.0.447 03.12.2007 Downloader.Generic3.YOO
BitDefender 7.2 03.13.2007 no virus found
CAT-QuickHeal 9.00 03.12.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 03.13.2007 no virus found
DrWeb 4.33 03.13.2007 no virus found
eSafe 7.0.14.0 03.12.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3474 03.13.2007 no virus found
Ewido 4.0 03.13.2007 Downloader.VB.aug
FileAdvisor 1 03.13.2007 no virus found
Fortinet 2.85.0.0 03.13.2007 suspicious
F-Prot 4.3.1.45 03.13.2007 no virus found
F-Secure 6.70.13030.0 03.13.2007 Trojan-Downloader.Win32.VB.aug
Ikarus T3.1.1.3 03.13.2007 no virus found
Kaspersky 4.0.2.24 03.13.2007 Trojan-Downloader.Win32.VB.aug
McAfee 4982 03.12.2007 no virus found
Microsoft 1.2306 03.13.2007 no virus found
NOD32v2 2111 03.13.2007 Win32/TrojanDownloader.VB.AUG
Norman 5.80.02 03.13.2007 Suspicious_F.gen
Panda 9.0.0.4 03.12.2007 Suspicious file
Prevx1 V2 03.13.2007 no virus found
Sophos 4.15.0 03.13.2007 Mal/Packer
Sunbelt 2.2.907.0 03.10.2007 VIPRE.Suspicious
Symantec 10 03.13.2007 no virus found
TheHacker 6.1.6.074 03.12.2007 no virus found
UNA 1.83 03.12.2007 no virus found
VBA32 3.11.2 03.13.2007 Trojan-Downloader.Win32.VB.aug
VirusBuster 4.3.19:9 03.12.2007 Packed/FSG

Aditional Information
File size: 3913 bytes
MD5: b025e1a31974a3b9813b593cbb70b23a
SHA1: d62e18d50f9e4187cd90333b1198807f3e8c0af3
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

mvlab
16.03.2007, 02:41
Complete scanning result of "qknqump.777", received in VirusTotal at 03.16.2007, 00:33:45 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.15.0 03.15.2007 no virus found
AntiVir 7.3.1.43 03.15.2007 no virus found
Authentium 4.93.8 03.15.2007 W32/Downloader.gen10
Avast 4.7.936.0 03.15.2007 no virus found
AVG 7.5.0.447 03.15.2007 no virus found
BitDefender 7.2 03.16.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.15.2007 no virus found
DrWeb 4.33 03.15.2007 no virus found
eSafe 7.0.14.0 03.15.2007 no virus found
eTrust-Vet 30.6.3481 03.15.2007 no virus found
Ewido 4.0 03.15.2007 no virus found
FileAdvisor 1 03.16.2007 no virus found
Fortinet 2.85.0.0 03.15.2007 PossibleThreat
F-Prot 4.3.1.45 03.15.2007 W32/Downloader.gen10
F-Secure 6.70.13030.0 03.15.2007 W32/Downloader.UJ
Ikarus T3.1.1.3 03.15.2007 no virus found
Kaspersky 4.0.2.24 03.15.2007 no virus found
McAfee 4985 03.15.2007 no virus found
Microsoft 1.2306 03.15.2007 no virus found
NOD32v2 2117 03.15.2007 no virus found
Norman 5.80.02 03.15.2007 W32/Downloader.UJ
Panda 9.0.0.4 03.15.2007 no virus found
Prevx1 V2 03.16.2007 Malicious
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.15.2007 no virus found
Symantec 10 03.16.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.15.2007 no virus found
VBA32 3.11.2 03.15.2007 no virus found
VirusBuster 4.3.7:9 03.15.2007 no virus found


Aditional Information
File size: 3108 bytes
MD5: 09db522508fdd11bcabad415f317c6ef
SHA1: 8d1f817d2993211057737d2a6050b14c8dca93c8
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=102c82858505

Shu_b
16.03.2007, 09:52
t=8438
Complete scanning result of "fccbxvs.dll", received in VirusTotal at 03.16.2007, 07:45:19 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.15.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.15.2007 TR/Vundo.Gen
Authentium 4.93.8 03.15.2007 no virus found
Avast 4.7.936.0 03.15.2007 no virus found
AVG 7.5.0.447 03.15.2007 no virus found
BitDefender 7.2 03.16.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.15.2007 Trojan.Virtumod
eSafe 7.0.14.0 03.15.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3484 03.16.2007 Win32/Chisyne!generic
Ewido 4.0 03.15.2007 no virus found
FileAdvisor 1 03.16.2007 no virus found
Fortinet 2.85.0.0 03.16.2007 no virus found
F-Prot 4.3.1.45 03.15.2007 no virus found
F-Secure 6.70.13030.0 03.16.2007 no virus found
Ikarus T3.1.1.3 03.16.2007 no virus found
Kaspersky 4.0.2.24 03.16.2007 no virus found
McAfee 4985 03.15.2007 Vundo
Microsoft 1.2306 03.16.2007 no virus found
NOD32v2 2118 03.16.2007 no virus found
Norman 5.80.02 03.15.2007 no virus found
Panda 9.0.0.4 03.15.2007 Suspicious file
Prevx1 V2 03.16.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.15.2007 no virus found
Symantec 10 03.16.2007 Trojan.Vundo
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.15.2007 no virus found
VBA32 3.11.2 03.15.2007 no virus found
VirusBuster 4.3.7:9 03.15.2007 no virus found

Aditional Information
File size: 26685 bytes
MD5: 1286b221305c9c1f24fcc9e059d317d3
SHA1: 7c0d6f8dcd36dcdb9b268a6e65832caf9ea6bb98

Shu_b
16.03.2007, 11:15
t=8439

Complete scanning result of "dbahcjji.dll", received in VirusTotal at 03.16.2007, 09:06:14 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.15.0 03.16.2007 Win-Trojan/Jmcodec.137728
AntiVir 7.3.1.43 03.16.2007 TR/JMCodec.A.2
Authentium 4.93.8 03.15.2007 no virus found
Avast 4.7.936.0 03.15.2007 no virus found
AVG 7.5.0.447 03.15.2007 Adware Generic.VRT
BitDefender 7.2 03.16.2007 MemScan:Trojan.JMCodec.A
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.16.2007 no virus found
eSafe 7.0.14.0 03.15.2007 Win32.Polipos.sus
eTrust-Vet 30.6.3484 03.16.2007 no virus found
Ewido 4.0 03.15.2007 Trojan.JMCodec.a
FileAdvisor 1 03.16.2007 Not analyzed yet
Fortinet 2.85.0.0 03.16.2007 suspicious
F-Prot 4.3.1.45 03.15.2007 no virus found
F-Secure 6.70.13030.0 03.16.2007 no virus found
Ikarus T3.1.1.3 03.16.2007 MemScanTrojan.JMCodec.A
Kaspersky 4.0.2.24 03.16.2007 no virus found
McAfee 4985 03.15.2007 no virus found
Microsoft 1.2306 03.16.2007 no virus found
NOD32v2 2118 03.16.2007 Win32/Adware.JMCodec
Norman 5.80.02 03.15.2007 no virus found
Panda 9.0.0.4 03.15.2007 Suspicious file
Prevx1 V2 03.16.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.15.2007 VIPRE.Suspicious
Symantec 10 03.16.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.15.2007 no virus found
VBA32 3.11.2 03.15.2007 no virus found
VirusBuster 4.3.7:9 03.15.2007 no virus found

Aditional Information
File size: 137728 bytes
MD5: ca87f20354b8226cf55c05ecb024b781
SHA1: d38259910cf4aaef9d3f0793ad00613af410bddf

Dandy
16.03.2007, 19:27
Complete scanning result of "regger.exe", received in VirusTotal at 03.16.2007, 17:17:19 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.17.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.16.2007 HEUR/Crypted
Authentium 4.93.8 03.15.2007 no virus found
Avast 4.7.936.0 03.16.2007 no virus found
AVG 7.5.0.447 03.16.2007 no virus found
BitDefender 7.2 03.16.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 (Suspicious) - DNAScan
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.16.2007 no virus found
eSafe 7.0.14.0 03.16.2007 no virus found
eTrust-Vet 30.6.3484 03.16.2007 no virus found
Ewido 4.0 03.16.2007 Trojan.LdPinch.bjx
FileAdvisor 1 03.16.2007 no virus found
Fortinet 2.85.0.0 03.16.2007 suspicious
F-Prot 4.3.1.45 03.16.2007 no virus found
F-Secure 6.70.13030.0 03.16.2007 no virus found
Ikarus T3.1.1.3 03.16.2007 no virus found
Kaspersky 4.0.2.24 03.16.2007 no virus found
McAfee 4985 03.15.2007 no virus found
Microsoft 1.2306 03.16.2007 no virus found
NOD32v2 2121 03.16.2007 no virus found
Norman 5.80.02 03.16.2007 no virus found
Panda 9.0.0.4 03.15.2007 Suspicious file
Prevx1 V2 03.16.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.15.2007 VIPRE.Suspicious
Symantec 10 03.16.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.15.2007 no virus found
VBA32 3.11.2 03.15.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.7:9 03.16.2007 no virus found

Aditional Information
File size: 51634 bytes
MD5: 1df8658f645e0fe988b5e9a9a0230e10
SHA1: b053da1a69114ac1a67d05225ae293d97f4686cf
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Dandy
17.03.2007, 03:58
Complete scanning result of "out.rar", received in VirusTotal at 03.17.2007, 01:54:32 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.17.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.16.2007 EXP/Scano
Authentium 4.93.8 03.16.2007 VBS/Scano@dr
Avast 4.7.936.0 03.16.2007 no virus found
AVG 7.5.0.447 03.16.2007 I-Worm/Scano
BitDefender 7.2 03.16.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.16.2007 no virus found
eSafe 7.0.14.0 03.16.2007 no virus found
eTrust-Vet 30.6.3486 03.16.2007 no virus found
Ewido 4.0 03.16.2007 no virus found
FileAdvisor 1 03.17.2007 no virus found
Fortinet 2.85.0.0 03.16.2007 no virus found
F-Prot 4.3.1.45 03.16.2007 VBS/Scano@dr
F-Secure 6.70.13030.0 03.16.2007 VBS/Scano@dr
Ikarus T3.1.1.3 03.16.2007 no virus found
Kaspersky 4.0.2.24 03.17.2007 no virus found
McAfee 4986 03.16.2007 potentially unwanted program Hoax-LocalIFrame
Microsoft 1.2306 03.16.2007 TrojanDropper:VBS/Scano.gen
NOD32v2 2121 03.16.2007 no virus found
Norman 5.80.02 03.16.2007 no virus found
Panda 9.0.0.4 03.16.2007 no virus found
Prevx1 V2 03.17.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.17.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.16.2007 no virus found
VirusBuster 4.3.7:9 03.16.2007 VBS.Scano.AU

Aditional Information
File size: 64796 bytes
MD5: 09e469c6292eed8ae0c7e23748f335df
SHA1: d9f611a633e169620665ea9221aa6876866ad2f7

Dandy
17.03.2007, 04:10
Complete scanning result of "_30743_1232743078_2.eml", received in VirusTotal at 03.17.2007, 02:06:29 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.17.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.16.2007 no virus found
Authentium 4.93.8 03.16.2007 VBS/Scano@dr
Avast 4.7.936.0 03.16.2007 no virus found
AVG 7.5.0.447 03.16.2007 no virus found
BitDefender 7.2 03.16.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.16.2007 no virus found
eSafe 7.0.14.0 03.16.2007 no virus found
eTrust-Vet 30.6.3486 03.16.2007 no virus found
Ewido 4.0 03.16.2007 no virus found
FileAdvisor 1 03.17.2007 no virus found
Fortinet 2.85.0.0 03.16.2007 no virus found
F-Prot 4.3.1.45 03.16.2007 VBS/Scano@dr
F-Secure 6.70.13030.0 03.16.2007 no virus found
Ikarus T3.1.1.3 03.16.2007 no virus found
Kaspersky 4.0.2.24 03.17.2007 no virus found
McAfee 4986 03.16.2007 no virus found
Microsoft 1.2306 03.16.2007 TrojanDropper:VBS/Scano.gen
NOD32v2 2121 03.16.2007 no virus found
Norman 5.80.02 03.16.2007 no virus found
Panda 9.0.0.4 03.16.2007 HTML/Areses.gen
Prevx1 V2 03.17.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.17.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.16.2007 no virus found
VirusBuster 4.3.7:9 03.16.2007 no virus found

Aditional Information
File size: 110409 bytes
MD5: 7b5c5bd54be36b85950351058a0f0d9e
SHA1: d9b0c04f2acc8cffc50c496c69f9023b6dc71eac

Kuzz
17.03.2007, 07:28
Complete scanning result of "player-codec1330.exe", received in VirusTotal at 03.17.2007, 05:20:39 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.17.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.16.2007 no virus found
Authentium 4.93.8 03.16.2007 no virus found
Avast 4.7.936.0 03.16.2007 no virus found
AVG 7.5.0.447 03.16.2007 no virus found
BitDefender 7.2 03.16.2007 Trojan.FakeCodecs.E
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.16.2007 no virus found
eSafe 7.0.14.0 03.16.2007 no virus found
eTrust-Vet 30.6.3486 03.16.2007 no virus found
Ewido 4.0 03.16.2007 no virus found
FileAdvisor 1 03.17.2007 no virus found
Fortinet 2.85.0.0 03.17.2007 no virus found
F-Prot 4.3.1.45 03.16.2007 no virus found
F-Secure 6.70.13030.0 03.16.2007 no virus found
Ikarus T3.1.1.3 03.16.2007 no virus found
Kaspersky 4.0.2.24 03.17.2007 no virus found
McAfee 4986 03.16.2007 no virus found
Microsoft 1.2306 03.16.2007 no virus found
NOD32v2 2122 03.17.2007 no virus found
Norman 5.80.02 03.16.2007 no virus found
Panda 9.0.0.4 03.16.2007 no virus found
Prevx1 V2 03.17.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.17.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 Trojan/DNSChanger.ik
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.16.2007 no virus found
VirusBuster 4.3.7:9 03.16.2007 no virus found

Aditional Information
File size: 72153 bytes
MD5: 57782a94bbcc11766c51ee7878d1ab37
SHA1: 0e9586d10d9ee7dc71faa752628e294b81177684
packers: BINARYRES, BINARYRES

Shu_b
17.03.2007, 12:10
t=8451

Complete scanning result of "cssrss.exe", received in VirusTotal at 03.17.2007, 09:59:46 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.3.17.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.16.2007 no virus found
Authentium 4.93.8 03.16.2007 no virus found
Avast 4.7.936.0 03.16.2007 Win32:Ldpinch-PR
AVG 7.5.0.447 03.16.2007 no virus found
BitDefender 7.2 03.17.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 (Suspicious) - DNAScan
ClamAV 0.90.1 03.16.2007 no virus found
DrWeb 4.33 03.16.2007 no virus found
eSafe 7.0.14.0 03.16.2007 no virus found
eTrust-Vet 30.6.3486 03.16.2007 no virus found
Ewido 4.0 03.17.2007 no virus found
FileAdvisor 1 03.17.2007 no virus found
Fortinet 2.85.0.0 03.17.2007 suspicious
F-Prot 4.3.1.45 03.16.2007 no virus found
F-Secure 6.70.13030.0 03.16.2007 W32/Malware.IBH
Ikarus T3.1.1.3 03.17.2007 no virus found
Kaspersky 4.0.2.24 03.17.2007 no virus found
McAfee 4986 03.16.2007 no virus found
Microsoft 1.2306 03.17.2007 no virus found
NOD32v2 2122 03.17.2007 no virus found
Norman 5.80.02 03.16.2007 W32/Malware.IBH
Panda 9.0.0.4 03.16.2007 Trj/Ldpinch.WV
Prevx1 V2 03.17.2007 Trojan.SystemPoser
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.17.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.16.2007 no virus found
VirusBuster 4.3.7:9 03.16.2007 no virus found

Aditional Information
File size: 9733 bytes
MD5: 05fbd2c62d58041f6400c7b2736a0fd7
SHA1: 2bd797a05b025af2460e61cc8ba4ff8eecbab832

Shu_b
17.03.2007, 21:02
t=8418

Complete scanning result of "ipv6mons.dll", received in VirusTotal at 03.17.2007, 18:50:16 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.3.17.0 03.16.2007 no virus found
AntiVir 7.3.1.43 03.17.2007 HEUR/Crypted
Authentium 4.93.8 03.17.2007 no virus found
Avast 4.7.936.0 03.16.2007 no virus found
AVG 7.5.0.447 03.17.2007 no virus found
BitDefender 7.2 03.17.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV 0.90.1 03.17.2007 no virus found
DrWeb 4.33 03.17.2007 no virus found
eSafe 7.0.14.0 03.16.2007 Suspicious Trojan/Worm
eTrust-Vet 30.6.3486 03.16.2007 no virus found
Ewido 4.0 03.17.2007 no virus found
FileAdvisor 1 03.17.2007 no virus found
Fortinet 2.85.0.0 03.17.2007 no virus found
F-Prot 4.3.1.45 03.17.2007 no virus found
F-Secure 6.70.13030.0 03.16.2007 no virus found
Ikarus T3.1.1.3 03.17.2007 no virus found
Kaspersky 4.0.2.24 03.17.2007 no virus found
McAfee 4986 03.16.2007 no virus found
Microsoft 1.2306 03.17.2007 no virus found
NOD32v2 2123 03.17.2007 no virus found
Norman 5.80.02 03.16.2007 W32/Vundo.gen7
Panda 9.0.0.4 03.17.2007 Suspicious file
Prevx1 V2 03.17.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.17.2007 no virus found
TheHacker 6.1.6.076 03.15.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.16.2007 MalwareScope.Trojan-Spy.BZub.1
VirusBuster 4.3.7:9 03.17.2007 no virus found

Aditional Information
File size: 48736 bytes
MD5: e30fac4b1f9d01eacbb5b5df37849524
SHA1: 0a9e7aab770eea1d0da46d1a698a7447c33a8d80

drongo
19.03.2007, 14:56
T= 8501
Complete scanning result of "avz00004.dta", received in VirusTotal at 03.19.2007, 12:47:07 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.19.0 03.19.2007 no virus found
AntiVir 7.3.1.43 03.19.2007 TR/Vundo.Gen
Authentium 4.93.8 03.17.2007 no virus found
Avast 4.7.936.0 03.19.2007 no virus found
AVG 7.5.0.447 03.18.2007 Lop.BF
BitDefender 7.2 03.19.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV devel-20070312 03.19.2007 no virus found
DrWeb 4.33 03.19.2007 Trojan.Virtumod
eSafe 7.0.14.0 03.19.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3491 03.19.2007 Win32/Vundo!generic
Ewido 4.0 03.18.2007 no virus found
FileAdvisor 1 03.19.2007 no virus found
Fortinet 2.85.0.0 03.19.2007 suspicious
F-Prot 4.3.1.45 03.17.2007 no virus found
F-Secure 6.70.13030.0 03.19.2007 no virus found
Ikarus T3.1.1.3 03.19.2007 no virus found
Kaspersky 4.0.2.24 03.19.2007 no virus found
McAfee 4986 03.16.2007 Vundo
Microsoft 1.2306 03.19.2007 no virus found
NOD32v2 2126 03.19.2007 no virus found
Norman 5.80.02 03.16.2007 Vundo.gen7
Panda 9.0.0.4 03.19.2007 Suspicious file
Prevx1 V2 03.19.2007 no virus found
Sophos 4.15.0 03.13.2007 Virtumundo
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.19.2007 Trojan.Vundo
TheHacker 6.1.6.077 03.19.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.18.2007 no virus found
VirusBuster 4.3.7:9 03.18.2007 Trojan.DL.Vundo.Gen!Pac.6

Aditional Information
File size: 282212 bytes
MD5: 9a322eb1feb3613af9dd94349fcd147a
SHA1: c36353db90cfcd3e6fdbb0d38659d5fbb60d0fb0




Complete scanning result of "avz00003.dta", received in VirusTotal at 03.19.2007, 12:36:52 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.19.0 03.19.2007 no virus found
AntiVir 7.3.1.43 03.19.2007 TR/Vundo.Gen
Authentium 4.93.8 03.17.2007 no virus found
Avast 4.7.936.0 03.19.2007 no virus found
AVG 7.5.0.447 03.18.2007 Lop.BG
BitDefender 7.2 03.19.2007 MemScan:Trojan.Virtumod.GE
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV devel-20070312 03.19.2007 no virus found
DrWeb 4.33 03.19.2007 Trojan.Virtumod
eSafe 7.0.14.0 03.19.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3491 03.19.2007 Win32/Chisyne!generic
Ewido 4.0 03.18.2007 no virus found
FileAdvisor 1 03.19.2007 no virus found
Fortinet 2.85.0.0 03.19.2007 Vundo!tr
F-Prot 4.3.1.45 03.17.2007 no virus found
F-Secure 6.70.13030.0 03.19.2007 no virus found
Ikarus T3.1.1.3 03.19.2007 MemScanTrojan.Virtumod.GE
Kaspersky 4.0.2.24 03.19.2007 no virus found
McAfee 4986 03.16.2007 Vundo
Microsoft 1.2306 03.19.2007 no virus found
NOD32v2 2126 03.19.2007 no virus found
Norman 5.80.02 03.16.2007 no virus found
Panda 9.0.0.4 03.19.2007 Malware Generic
Prevx1 V2 03.19.2007 Polynomial.Code.Exploit
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.19.2007 Trojan.Vundo
TheHacker 6.1.6.077 03.19.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.18.2007 no virus found
VirusBuster 4.3.7:9 03.18.2007 no virus found

Aditional Information
File size: 26685 bytes
MD5: 1286b221305c9c1f24fcc9e059d317d3
SHA1: 7c0d6f8dcd36dcdb9b268a6e65832caf9ea6bb98
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=945883347023

omplete scanning result of "avz00002.dta", received in VirusTotal at 03.19.2007, 13:03:05 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.19.0 03.19.2007 no virus found
AntiVir 7.3.1.43 03.19.2007 DR/Padonak.A
Authentium 4.93.8 03.17.2007 no virus found
Avast 4.7.936.0 03.19.2007 Win32:Trojan-gen. {VC}
AVG 7.5.0.447 03.18.2007 Collected.10.AI
BitDefender 7.2 03.19.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV devel-20070312 03.19.2007 no virus found
DrWeb 4.33 03.19.2007 Trojan.AVKill.248
eSafe 7.0.14.0 03.19.2007 no virus found
eTrust-Vet 30.6.3491 03.19.2007 no virus found
Ewido 4.0 03.19.2007 Worm.Padonak.a
FileAdvisor 1 03.19.2007 no virus found
Fortinet 2.85.0.0 03.19.2007 W32/Padonak.A!worm.p2p
F-Prot 4.3.1.45 03.17.2007 no virus found
F-Secure 6.70.13030.0 03.19.2007 P2P-Worm.Win32.Padonak.a
Ikarus T3.1.1.3 03.19.2007 P2P-Worm.Win32.Padonak.a
Kaspersky 4.0.2.24 03.19.2007 P2P-Worm.Win32.Padonak.a
McAfee 4986 03.16.2007 no virus found
Microsoft 1.2306 03.19.2007 no virus found
NOD32v2 2126 03.19.2007 no virus found
Norman 5.80.02 03.19.2007 no virus found
Panda 9.0.0.4 03.19.2007 no virus found
Prevx1 V2 03.19.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.19.2007 no virus found
TheHacker 6.1.6.077 03.19.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.18.2007 P2P-Worm.Win32.Padonak.a
VirusBuster 4.3.7:9 03.18.2007 no virus found

Aditional Information
File size: 424136 bytes
MD5: df5f260dde744cd6776b059d28624ef1
SHA1: bc247f454ee353f3c1a3276faac11880dace2cb9

drongo
20.03.2007, 13:21
T=8511
Complete scanning result of " jkklk.dll", received in VirusTotal at 03.20.2007, 10:57:17 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.20.1 03.20.2007 no virus found
AntiVir 7.3.1.43 03.20.2007 TR/Vundo.AH
Authentium 4.93.8 03.20.2007 no virus found
Avast 4.7.936.0 03.19.2007 no virus found
AVG 7.5.0.447 03.20.2007 Lop.AX
BitDefender 7.2 03.20.2007 MemScan:Trojan.Virtumod.IX
CAT-QuickHeal 9.00 03.20.2007 no virus found
ClamAV devel-20070312 03.20.2007 no virus found
DrWeb 4.33 03.20.2007 Trojan.Virtumod
eSafe 7.0.14.0 03.19.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3494 03.20.2007 Win32/Vundo!generic
Ewido 4.0 03.19.2007 no virus found
FileAdvisor 1 03.20.2007 no virus found
Fortinet 2.85.0.0 03.20.2007 suspicious
F-Prot 4.3.1.45 03.19.2007 no virus found
F-Secure 6.70.13030.0 03.20.2007 no virus found
Ikarus T3.1.1.3 03.20.2007 MemScanTrojan.Virtumod.IX
Kaspersky 4.0.2.24 03.20.2007 no virus found
McAfee 4987 03.19.2007 Vundo
Microsoft 1.2306 03.20.2007 no virus found
NOD32v2 2128 03.19.2007 no virus found
Norman 5.80.02 03.19.2007 no virus found
Panda 9.0.0.4 03.20.2007 Suspicious file
Prevx1 V2 03.20.2007 no virus found
Sophos 4.15.0 03.13.2007 Virtumundo
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.20.2007 Trojan.Vundo
TheHacker 6.1.6.078 03.20.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.19.2007 no virus found
VirusBuster 4.3.7:9 03.19.2007 Trojan.DL.Vundo.Gen!Pac.6
Webwasher-Gateway 6.0.1 03.20.2007 Trojan.Vundo.AH

Aditional Information
File size: 282212 bytes
MD5: f6eee9825892179ca467c0afce9d9095
SHA1: e1bc77fd71b638fa423682945a906bec2fd92b6a

Exxx
23.03.2007, 02:40
Complete scanning result of "setup.exe", received in VirusTotal at 03.23.2007, 00:34:00 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.23.0 03.22.2007 no virus found
AntiVir 7.3.1.44 03.22.2007 DR/Zlob.Gen
Authentium 4.93.8 03.22.2007 no virus found
Avast 4.7.936.0 03.22.2007 no virus found
AVG 7.5.0.447 03.22.2007 no virus found
BitDefender 7.2 03.23.2007 no virus found
CAT-QuickHeal 9.00 03.22.2007 no virus found
ClamAV devel-20070312 03.22.2007 no virus found
DrWeb 4.33 03.22.2007 no virus found
eSafe 7.0.14.0 03.22.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3501 03.22.2007 no virus found
Ewido 4.0 03.22.2007 no virus found
FileAdvisor 1 03.23.2007 no virus found
Fortinet 2.85.0.0 03.22.2007 suspicious
F-Prot 4.3.1.45 03.22.2007 no virus found
F-Secure 6.70.13030.0 03.22.2007 no virus found
Ikarus T3.1.1.3 03.22.2007 Trojan-Downloader.Win32.Zlob.bpg
Kaspersky 4.0.2.24 03.23.2007 Trojan-Downloader.Win32.Zlob.bqp
McAfee 4990 03.22.2007 no virus found
Microsoft 1.2306 03.22.2007 no virus found
NOD32v2 2137 03.22.2007 no virus found
Norman 5.80.02 03.22.2007 no virus found
Panda 9.0.0.4 03.22.2007 no virus found
Prevx1 V2 03.23.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.22.2007 no virus found
Symantec 10 03.23.2007 no virus found
TheHacker 6.1.6.079 03.22.2007 Trojan/Downloader.Zlob.bpl
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.22.2007 no virus found
VirusBuster 4.3.7:9 03.22.2007 no virus found
Webwasher-Gateway 6.0.1 03.22.2007 Trojan.Zlob.Gen

Aditional Information
File size: 60766 bytes
MD5: 2ebfc9c0c23eb0785767cb3cc6931174
SHA1: 75853e5d30a5a27eb30b54895fc96315aaef92f1
packers: UPX
packers: UPX, BINARYRES, BINARYRES
packers: UPX

Shu_b
24.03.2007, 15:11
t-8600

Complete scanning result of "65exgmail2.9.exe", received in VirusTotal at 03.24.2007, 12:57:17 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.3.24.1 03.24.2007 no virus found
AntiVir 7.3.1.44 03.23.2007 TR/Proxy.Horst.Gen
Authentium 4.93.8 03.23.2007 no virus found
Avast 4.7.936.0 03.23.2007 no virus found
AVG 7.5.0.447 03.23.2007 no virus found
BitDefender 7.2 03.24.2007 Generic.Malware.Yd!dld.EC36A030
CAT-QuickHeal 9.00 03.23.2007 no virus found
ClamAV devel-20070312 03.24.2007 no virus found
DrWeb 4.33 03.24.2007 Win32.HLLW.Medbod
eSafe 7.0.14.0 03.22.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3506 03.23.2007 no virus found
Ewido 4.0 03.24.2007 no virus found
FileAdvisor 1 03.24.2007 no virus found
Fortinet 2.85.0.0 03.24.2007 suspicious
F-Prot 4.3.1.45 03.23.2007 no virus found
F-Secure 6.70.13030.0 03.24.2007 no virus found
Ikarus T3.1.1.3 03.24.2007 no virus found
Kaspersky 4.0.2.24 03.24.2007 no virus found
McAfee 4991 03.23.2007 no virus found
Microsoft 1.2306 03.24.2007 no virus found
NOD32v2 2142 03.24.2007 no virus found
Norman 5.80.02 03.23.2007 no virus found
Panda 9.0.0.4 03.23.2007 Suspicious file
Prevx1 V2 03.24.2007 no virus found
Sophos 4.15.0 03.23.2007 no virus found
Sunbelt 2.2.907.0 03.24.2007 no virus found
Symantec 10 03.24.2007 no virus found
TheHacker 6.1.6.080 03.23.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.24.2007 no virus found
VirusBuster 4.3.7:9 03.23.2007 no virus found
Webwasher-Gateway 6.0.1 03.24.2007 Trojan.Proxy.Horst.Gen

Aditional Information
File size: 26112 bytes
MD5: 735848a0cc218ec009639d573be78628
SHA1: 16216012a92675ddcd6815d712a3a9b248626b90
packers: UPX


Complete scanning result of "12excontenter8.exe", received in VirusTotal at 03.24.2007, 12:55:58 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.3.24.1 03.24.2007 no virus found
AntiVir 7.3.1.44 03.23.2007 no virus found
Authentium 4.93.8 03.23.2007 no virus found
Avast 4.7.936.0 03.23.2007 no virus found
AVG 7.5.0.447 03.23.2007 no virus found
BitDefender 7.2 03.24.2007 no virus found
CAT-QuickHeal 9.00 03.23.2007 no virus found
ClamAV devel-20070312 03.24.2007 no virus found
DrWeb 4.33 03.24.2007 no virus found
eSafe 7.0.14.0 03.22.2007 suspicious Trojan/Worm
eTrust-Vet 30.6.3506 03.23.2007 no virus found
Ewido 4.0 03.24.2007 no virus found
FileAdvisor 1 03.24.2007 no virus found
Fortinet 2.85.0.0 03.24.2007 suspicious
F-Prot 4.3.1.45 03.23.2007 no virus found
F-Secure 6.70.13030.0 03.24.2007 no virus found
Ikarus T3.1.1.3 03.24.2007 no virus found
Kaspersky 4.0.2.24 03.24.2007 no virus found
McAfee 4991 03.23.2007 no virus found
Microsoft 1.2306 03.24.2007 no virus found
NOD32v2 2142 03.24.2007 no virus found
Norman 5.80.02 03.23.2007 no virus found
Panda 9.0.0.4 03.23.2007 no virus found
Prevx1 V2 03.24.2007 no virus found
Sophos 4.15.0 03.23.2007 no virus found
Sunbelt 2.2.907.0 03.24.2007 no virus found
Symantec 10 03.24.2007 no virus found
TheHacker 6.1.6.080 03.23.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.24.2007 no virus found
VirusBuster 4.3.7:9 03.23.2007 no virus found
Webwasher-Gateway 6.0.1 03.24.2007 Worm.Win32.ModifiedUPX.gen!90 (suspicious)
Aditional Information
File size: 20480 bytes
MD5: bb1d0b8558ed3589f05fef4c25ad25cd
SHA1: c0523d7601cc531511fcc3c4cbb293f16a24cd49
packers: UPX

Winsent
24.03.2007, 19:54
Complete scanning result of "vzlom.exe", received in VirusTotal at 03.24.2007, 17:40:15 (CET).


Antivirus Version Update Result

AhnLab-V3 2007.3.24.1 03.24.2007 no virus found
AntiVir 7.3.1.44 03.23.2007 HEUR/Crypted
Authentium 4.93.8 03.24.2007 no virus found
Avast 4.7.936.0 03.23.2007 no virus found
AVG 7.5.0.447 03.23.2007 no virus found
BitDefender 7.2 03.24.2007 MemScan:Trojan.PWS.PdPinch.L
CAT-QuickHeal 9.00 03.23.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 03.24.2007 no virus found
DrWeb 4.33 03.24.2007 no virus found
eSafe 7.0.14.0 03.22.2007 no virus found
eTrust-Vet 30.6.3506 03.23.2007 no virus found
Ewido 4.0 03.24.2007 no virus found
FileAdvisor 1 03.24.2007 no virus found
Fortinet 2.85.0.0 03.24.2007 suspicious
F-Prot 4.3.1.45 03.23.2007 no virus found
F-Secure 6.70.13030.0 03.24.2007 no virus found
Ikarus T3.1.1.3 03.24.2007 no virus found
Kaspersky 4.0.2.24 03.24.2007 no virus found
McAfee 4991 03.23.2007 no virus found
Microsoft 1.2306 03.24.2007 no virus found
NOD32v2 2142 03.24.2007 a variant of Win32/PSW.LdPinch.NCB
Norman 5.80.02 03.23.2007 no virus found
Panda 9.0.0.4 03.24.2007 Suspicious file
Prevx1 V2 03.24.2007 no virus found
Sophos 4.15.0 03.23.2007 no virus found
Sunbelt 2.2.907.0 03.24.2007 no virus found
Symantec 10 03.24.2007 no virus found
TheHacker 6.1.6.080 03.23.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.24.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.7:9 03.24.2007 no virus found
Webwasher-Gateway 6.0.1 03.24.2007 Heuristic.Crypted

Aditional Information
File size: 40725 bytes
MD5: 04d517fe5e81e8afe725b717d100bbb2
SHA1: 4b7c623ceb24e721a3a184ddaf25d8aaa7a666cd

drongo
30.03.2007, 19:43
Complete scanning result of "avz00015.dta", received in VirusTotal at 03.30.2007, 17:28:49 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.30.0 03.30.2007 Win-Trojan/Pakes.29184.D
AntiVir 7.3.1.46 03.30.2007 HEUR/Malware
Authentium 4.93.8 03.30.2007 no virus found
Avast 4.7.936.0 03.30.2007 no virus found
AVG 7.5.0.447 03.30.2007 Generic3.NLG
BitDefender 7.2 03.30.2007 no virus found
CAT-QuickHeal 9.00 03.29.2007 no virus found
ClamAV devel-20070312 03.30.2007 no virus found
DrWeb 4.33 03.30.2007 no virus found
eSafe 7.0.15.0 03.29.2007 no virus found
eTrust-Vet 30.6.3524 03.30.2007 Win32/Cutwail!generic
Ewido 4.0 03.30.2007 Trojan.Pakes
FileAdvisor 1 03.30.2007 no virus found
Fortinet 2.85.0.0 03.30.2007 no virus found
F-Prot 4.3.1.45 03.30.2007 no virus found
F-Secure 6.70.13030.0 03.30.2007 Trojan.Win32.Pakes
Ikarus T3.1.1.3 03.30.2007 no virus found
Kaspersky 4.0.2.24 03.30.2007 Trojan.Win32.Pakes
McAfee 4995 03.29.2007 no virus found
Microsoft 1.2306 03.30.2007 no virus found
NOD32v2 2157 03.30.2007 Win32/Wigon.R
Norman 5.80.02 03.30.2007 no virus found
Panda 9.0.0.4 03.30.2007 W32/Sdbot.KBB.worm
Prevx1 V2 03.30.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 03.29.2007 no virus found
Symantec 10 03.30.2007 Trojan.Pandex
TheHacker 6.1.6.083 03.30.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.3 03.29.2007 no virus found
VirusBuster 4.3.7:9 03.30.2007 no virus found
Webwasher-Gateway 6.0.1 03.30.2007 Heuristic.Malware

Aditional Information
File size: 29184 bytes
MD5: ae6ae9a864f6ce3d63aed2c616a75ab3
SHA1: 46a44acd733e3277dbe580340c5a30d3bf6560b7

Dandy
01.04.2007, 02:25
Complete scanning result of "regger.exe", received in VirusTotal at 04.01.2007, 00:20:18 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.31.0 03.31.2007 no virus found
AntiVir 7.3.1.47 03.31.2007 TR/Spy.Webmoner.BQ.7
Authentium 4.93.8 03.31.2007 no virus found
Avast 4.7.936.0 03.31.2007 no virus found
AVG 7.5.0.447 03.31.2007 PSW.Generic3.CRT
BitDefender 7.2 04.01.2007 no virus found
CAT-QuickHeal 9.00 03.31.2007 TrojanSpy.Webmoner.bq
ClamAV devel-20070312 04.01.2007 no virus found
DrWeb 4.33 03.31.2007 Trojan.PWS.Webmonier
eSafe 7.0.15.0 03.31.2007 Win32.Webmoner.bq
eTrust-Vet 30.6.3527 03.31.2007 no virus found
Ewido 4.0 03.31.2007 Logger.Webmoner.bq
FileAdvisor 1 04.01.2007 no virus found
Fortinet 2.85.0.0 03.31.2007 Spy/Webmoner
F-Prot 4.3.1.45 03.30.2007 no virus found
F-Secure 6.70.13030.0 03.31.2007 Trojan-Spy.Win32.Webmoner.bq
Ikarus T3.1.1.3 03.31.2007 Trojan-Clicker.Win32.NetBuie.H
Kaspersky 4.0.2.24 04.01.2007 Trojan-Spy.Win32.Webmoner.bq
McAfee 4997 03.31.2007 no virus found
Microsoft 1.2306 03.31.2007 no virus found
NOD32v2 2160 03.31.2007 probably unknown NewHeur_PE virus
Norman 5.80.02 03.31.2007 W32/Smalltroj.BFPU
Panda 9.0.0.4 03.31.2007 no virus found
Prevx1 V2 04.01.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 03.31.2007 Trojan-Spy.Win32.Webmoner.bq
Symantec 10 03.31.2007 no virus found
TheHacker 6.1.6.083 03.30.2007 Trojan/Spy.Webmoner.bq
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.3 03.30.2007 Trojan-Spy.Win32.Webmoner.bq
VirusBuster 4.3.7:9 03.31.2007 no virus found
Webwasher-Gateway 6.0.1 03.31.2007 Trojan.Spy.Webmoner.BQ.7

Aditional Information
File size: 28672 bytes
MD5: 99279721cdb014db213567634d62c0b9
SHA1: b5abcc0bdeb3306be86ea04616e1ef51b52459c1

Alex_Goodwin
01.04.2007, 03:18
STATUS: FINISHEDComplete scanning result of "regger.exe", received in VirusTotal at 04.01.2007, 01:14:48 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.31.0 03.31.2007 no virus found
AntiVir 7.3.1.47 03.31.2007 HEUR/Crypted
Authentium 4.93.8 03.31.2007 no virus found
Avast 4.7.936.0 03.31.2007 no virus found
AVG 7.5.0.447 03.31.2007 no virus found
BitDefender 7.2 04.01.2007 DeepScan:Generic.Dialer.A076647F
CAT-QuickHeal 9.00 03.31.2007 no virus found
ClamAV devel-20070312 04.01.2007 no virus found
DrWeb 4.33 03.31.2007 no virus found
eSafe 7.0.15.0 03.31.2007 no virus found
eTrust-Vet 30.6.3527 03.31.2007 no virus found
Ewido 4.0 03.31.2007 no virus found
FileAdvisor 1 04.01.2007 no virus found
Fortinet 2.85.0.0 03.31.2007 suspicious
F-Prot 4.3.1.45 03.30.2007 no virus found
F-Secure 6.70.13030.0 03.31.2007 no virus found
Ikarus T3.1.1.3 03.31.2007 Trojan.Peed
Kaspersky 4.0.2.24 04.01.2007 no virus found
McAfee 4997 03.31.2007 New Malware.bl
Microsoft 1.2306 04.01.2007 no virus found
NOD32v2 2160 03.31.2007 a variant of Win32/PSW.LdPinch.NCB
Norman 5.80.02 03.31.2007 no virus found
Panda 9.0.0.4 03.31.2007 Suspicious file
Prevx1 V2 04.01.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 03.31.2007 VIPRE.Suspicious
Symantec 10 03.31.2007 no virus found
TheHacker 6.1.6.083 03.30.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.3 03.30.2007 MalwareScope.Trojan-PSW.Pinch.1
VirusBuster 4.3.7:9 03.31.2007 no virus found
Webwasher-Gateway 6.0.1 03.31.2007 Heuristic.Crypted


Aditional Information
File size: 51193 bytes
MD5: 0b20c998fc371512ce3ad8c56b4f2347
SHA1: 6bd111d9b5815ffe39a76d223a98780326479ebc
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
давно я сдесь не писал...

santy
03.04.2007, 07:09
Complete scanning result of "stration_XX.zip", received in VirusTotal at 04.03.2007, 04:48:38 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.3.0 04.02.2007 no virus found
AntiVir 7.3.1.48 04.02.2007 TR/Dldr.Stration.Gen
Authentium 4.93.8 03.31.2007 W32/Warezov.gen!W32DL
Avast 4.7.936.0 04.02.2007 no virus found
AVG 7.5.0.447 04.02.2007 no virus found
BitDefender 7.2 04.03.2007 BehavesLike:Trojan.Downloader
CAT-QuickHeal 9.00 04.02.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 04.03.2007 Worm.Stration.pac-1
DrWeb 4.33 04.03.2007 no virus found
eSafe 7.0.15.0 04.02.2007 Win32.Warezov.gen
eTrust-Vet 30.6.3535 04.02.2007 Win32/Stration!ZIP!generic
Ewido 4.0 04.02.2007 no virus found
FileAdvisor 1 04.03.2007 no virus found
Fortinet 2.85.0.0 04.02.2007 W32/Stration.JQ@mm
F-Prot 4.3.1.45 03.30.2007 W32/Warezov.gen!W32DL
F-Secure 6.70.13030.0 04.03.2007 W32/Downloader
Ikarus T3.1.1.3 04.02.2007 Email-Worm.Win32.Warezov.jq
Kaspersky 4.0.2.24 04.03.2007 no virus found
McAfee 4998 04.02.2007 W32/Stration.dr
Microsoft 1.2306 04.03.2007 TrojanDownloader:Win32/Stration!ZIP
NOD32v2 2164 04.02.2007 a variant of Win32/Stration.XW
Norman 5.80.02 04.02.2007 W32/Downloader
Panda 9.0.0.4 04.02.2007 Suspicious file
Prevx1 V2 04.03.2007 Possibly: Trojan.Update-KB
Sophos 4.16.0 03.30.2007 W32/Strati-Gen
Sunbelt 2.2.907.0 04.03.2007 VIPRE.Suspicious
Symantec 10 04.03.2007 no virus found
TheHacker 6.1.6.084 04.02.2007 W32/Stration.gen
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.3 04.02.2007 no virus found
VirusBuster 4.3.7:9 04.02.2007 no virus found
Webwasher-Gateway 6.0.1 04.03.2007 Trojan.Dldr.Stration.Gen

Sanja
03.04.2007, 07:25
Соррь что не по теме но есть идейка...

Потестит новый эмулятор каспа на этих зверях... т.к он еще месяца 2 в бете будет то ждать его на virustotal - долго.. а результаты интересны.

Соррь за оффтопик ж)

Вот для примера чего откопалось в файловом обменнике virusinfo.info

detected: virus Invader (modification) File: C:\virs\070402_002731_Quarantine_461015b368119.zip/Quarantine/2007-04-02/avz00005.dta

STATUS: FINISHEDComplete scanning result of "avz00005.dta", received in VirusTotal at 04.03.2007, 05:17:39 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.3.0 04.02.2007 Win-Trojan/Xema.53248.J
AntiVir 7.3.1.48 04.02.2007 BDS/Delf.ach.1
Authentium 4.93.8 03.31.2007 W32/Backdoor.CNN
Avast 4.7.936.0 04.02.2007 no virus found
AVG 7.5.0.447 04.02.2007 BackDoor.Generic.FEP
BitDefender 7.2 04.03.2007 no virus found
CAT-QuickHeal 9.00 04.02.2007 no virus found
ClamAV devel-20070312 04.03.2007 no virus found
DrWeb 4.33 04.03.2007 no virus found
eSafe 7.0.15.0 04.02.2007 no virus found
eTrust-Vet 30.6.3535 04.02.2007 no virus found
Ewido 4.0 04.02.2007 no virus found
FileAdvisor 1 04.03.2007 no virus found
Fortinet 2.85.0.0 04.02.2007 W32/Delf.ACH!tr.bdr
F-Prot 4.3.1.45 03.30.2007 W32/Backdoor.CNN
F-Secure 6.70.13030.0 04.03.2007 W32/Delf.ALZ
Ikarus T3.1.1.3 04.02.2007 Backdoor.Win32.Delf.ACH
Kaspersky 4.0.2.24 04.03.2007 no virus found
McAfee 4998 04.02.2007 no virus found
Microsoft 1.2306 04.03.2007 Backdoor:Win32/Delf.ACH
NOD32v2 2164 04.02.2007 no virus found
Norman 5.80.02 04.02.2007 W32/Delf.ALZ
Panda 9.0.0.4 04.02.2007 no virus found
Prevx1 V2 04.03.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 no virus found
Symantec 10 04.03.2007 no virus found
TheHacker 6.1.6.084 04.02.2007 no virus found
UNA 1.83 03.16.2007 Backdoor.Delf.6A06
VBA32 3.11.3 04.02.2007 Backdoor.Win32.Delf.ach
VirusBuster 4.3.7:9 04.02.2007 Backdoor.Delf.AAW!AU
Webwasher-Gateway 6.0.1 04.03.2007 Trojan.Delf.ach.1

urbanangel
04.04.2007, 22:41
STATUS: FINISHEDComplete scanning result of "foto.rar", received in VirusTotal at 04.04.2007, 20:14:04 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.5.0 04.04.2007 no virus found
AntiVir 7.3.1.48 04.04.2007 HEUR/Crypted
Authentium 4.93.8 04.03.2007 no virus found
Avast 4.7.936.0 04.04.2007 no virus found
AVG 7.5.0.447 04.04.2007 no virus found
BitDefender 7.2 04.04.2007 no virus found
CAT-QuickHeal 9.00 04.04.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 04.04.2007 no virus found
DrWeb 4.33 04.04.2007 no virus found
eSafe 7.0.15.0 04.03.2007 no virus found
eTrust-Vet 30.7.3540 04.04.2007 no virus found
Ewido 4.0 04.04.2007 no virus found
FileAdvisor 1 04.04.2007 no virus found
Fortinet 2.85.0.0 04.04.2007 suspicious
F-Prot 4.3.1.45 04.03.2007 no virus found
F-Secure 6.70.13030.0 04.04.2007 no virus found
Ikarus T3.1.1.3 04.04.2007 no virus found
Kaspersky 4.0.2.24 04.04.2007 no virus found
McAfee 5001 04.04.2007 no virus found
Microsoft 1.2405 04.04.2007 no virus found
NOD32v2 2168 04.04.2007 unpack error
Norman 5.80.02 04.04.2007 no virus found
Panda 9.0.0.4 04.04.2007 Suspicious file
Prevx1 V2 04.04.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 VIPRE.Suspicious
Symantec 10 04.04.2007 no virus found
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.03.2007 no virus found
VirusBuster 4.3.7:9 04.04.2007 Packed/FSG
Webwasher-Gateway 6.0.1 04.04.2007 Heuristic.Crypted


Aditional Information
File size: 666 bytes
MD5: 402b26f6ac05450fa157175738d53144
SHA1: 79af98b17abc35c829f69cc651f9501444e12579
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Shu_b
05.04.2007, 08:54
t-8810
Complete scanning result of "sms.zip", received in VirusTotal at 04.05.2007, 06:38:22 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.5.0 04.04.2007 no virus found
AntiVir 7.3.1.48 04.04.2007 no virus found
Authentium 4.93.8 04.04.2007 no virus found
Avast 4.7.936.0 04.04.2007 Win32:StartPage-187
AVG 7.5.0.447 04.04.2007 no virus found
BitDefender 7.2 04.05.2007 no virus found
CAT-QuickHeal 9.00 04.04.2007 no virus found
ClamAV devel-20070312 04.05.2007 no virus found
DrWeb 4.33 04.04.2007 no virus found
eSafe 7.0.15.0 04.04.2007 no virus found
eTrust-Vet 30.7.3543 04.05.2007 no virus found
Ewido 4.0 04.04.2007 no virus found
FileAdvisor 1 04.05.2007 no virus found
Fortinet 2.85.0.0 04.05.2007 no virus found
F-Prot 4.3.1.45 04.04.2007 no virus found
F-Secure 6.70.13030.0 04.05.2007 no virus found
Ikarus T3.1.1.3 04.05.2007 no virus found
Kaspersky 4.0.2.24 04.05.2007 no virus found
McAfee 5001 04.04.2007 no virus found
Microsoft 1.2405 04.05.2007 no virus found
NOD32v2 2168 04.04.2007 no virus found
Norman 5.80.02 04.04.2007 no virus found
Panda 9.0.0.4 04.05.2007 no virus found
Prevx1 V2 04.05.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 no virus found
Symantec 10 04.05.2007 no virus found
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.04.2007 Trojan.StartPage.1535
VirusBuster 4.3.7:9 04.04.2007 no virus found
Webwasher-Gateway 6.0.1 04.05.2007 no virus found

Aditional Information
File size: 14619 bytes
MD5: 832bdb10977e006c13b2efd5ac9592d9
SHA1: 216ffd17a808e0bccc6979cf8efa3ee18b90a0f3

PavelA
05.04.2007, 16:08
т-8636 Анализ C:\WINDOWS\help\45AD9FCA.dll

AhnLab-V3 2007.4.5.0 04.05.2007 no virus found
AntiVir 7.3.1.48 04.05.2007 TR/Crypt.NSPM.Gen
Authentium 4.93.8 04.04.2007 Possibly a new variant of W32/PWStealer.gen1
Avast 4.7.936.0 04.05.2007 Win32:Tibs-ADO
AVG 7.5.0.447 04.04.2007 no virus found
BitDefender 7.2 04.05.2007 no virus found
CAT-QuickHeal 9.00 04.04.2007 no virus found
ClamAV devel-20070312 04.05.2007 no virus found
DrWeb 4.33 04.05.2007 no virus found
eSafe 7.0.15.0 04.04.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3544 04.05.2007 Win32/NSAnti
Ewido 4.0 04.04.2007 no virus found
FileAdvisor 1 04.05.2007 no virus found
Fortinet 2.85.0.0 04.05.2007 PossibleThreat
F-Prot 4.3.1.45 04.04.2007 W32/PWStealer.gen1
F-Secure 6.70.13030.0 04.05.2007 no virus found
Ikarus T3.1.1.3 04.05.2007 MalwareScope.Worm.Viking.3
Kaspersky 4.0.2.24 04.05.2007 no virus found
McAfee 5001 04.04.2007 no virus found
Microsoft 1.2405 04.05.2007 no virus found
NOD32v2 2169 04.05.2007 no virus found
Norman 5.80.02 04.05.2007 no virus found
Panda 9.0.0.4 04.05.2007 Trj/QQPass.XB
Prevx1 V2 04.05.2007 no virus found
Sophos 4.16.0 03.30.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 no virus found
Symantec 10 04.05.2007 no virus found
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.04.2007 Trojan-PSW.Win32.Nilage.ara
VirusBuster 4.3.7:9 04.04.2007 no virus found
Webwasher-Gateway 6.0.1 04.05.2007 Trojan.Crypt.NSPM.Gen

Shu_b
06.04.2007, 15:21
t=8833
Complete scanning result of "AlxRes.dll.bak", received in VirusTotal at 04.06.2007, 13:14:37 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.5.0 04.06.2007 no virus found
AntiVir 7.3.1.48 04.06.2007 no virus found
Authentium 4.93.8 04.06.2007 no virus found
Avast 4.7.936.0 04.05.2007 no virus found
AVG 7.5.0.447 04.05.2007 Adware Generic.SNO
BitDefender 7.2 04.06.2007 Adware.Alexabar.P
CAT-QuickHeal 9.00 04.05.2007 no virus found
ClamAV devel-20070312 04.06.2007 no virus found
DrWeb 4.33 04.06.2007 no virus found
eSafe 7.0.15.0 04.06.2007 no virus found
eTrust-Vet 30.7.3546 04.06.2007 no virus found
Ewido 4.0 04.06.2007 Adware.AlexaBar
FileAdvisor 1 04.06.2007 High threat detected
Fortinet 2.85.0.0 04.06.2007 no virus found
F-Prot 4.3.1.45 04.04.2007 W32/Adware.DMK
F-Secure 6.70.13030.0 04.06.2007 no virus found
Ikarus T3.1.1.3 04.06.2007 not-a-virus:AdWare.Win32.AlexaBar.j
Kaspersky 4.0.2.24 04.06.2007 not-a-virus:AdWare.Win32.AlexaBar.j
McAfee 5002 04.05.2007 potentially unwanted program Adware-Alexa
Microsoft 1.2405 04.06.2007 no virus found
NOD32v2 2170 04.05.2007 Win32/Adware.Alexa
Norman 5.80.02 04.05.2007 no virus found
Panda 9.0.0.4 04.06.2007 no virus found
Prevx1 V2 04.06.2007 no virus found
Sophos 4.16.0 04.06.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 no virus found
Symantec 10 04.06.2007 Trackware.Alexa
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.04.2007 AdWare.Win32.AlexaBar.j
VirusBuster 4.3.7:9 04.05.2007 no virus found
Webwasher-Gateway 6.0.1 04.06.2007 Win32.Vulnerable.gen!High (suspicious)

Aditional Information
File size: 446464 bytes

RobinFood
06.04.2007, 21:59
Complete scanning result of "ipv6monl.dll", received in VirusTotal at 04.06.2007, 19:44:36 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.7.0 04.06.2007 no virus found
AntiVir 7.3.1.48 04.06.2007 TR/Spy.BZub.IH.9
Authentium 4.93.8 04.06.2007 no virus found
Avast 4.7.936.0 04.06.2007 Win32:BZub-DK
AVG 7.5.0.447 04.05.2007 PSW.Generic3.OWR
BitDefender 7.2 04.06.2007 no virus found
CAT-QuickHeal 9.00 04.06.2007 TrojanSpy.BZub.ih
ClamAV devel-20070312 04.06.2007 Trojan.Spy-1412
DrWeb 4.33 04.06.2007 Trojan.PWS.Tanspy
eSafe 7.0.15.0 04.06.2007 no virus found
eTrust-Vet 30.7.3546 04.06.2007 no virus found
Ewido 4.0 04.06.2007 Logger.BZub.ndh
FileAdvisor 1 04.06.2007 no virus found
Fortinet 2.85.0.0 04.06.2007 no virus found
F-Prot 4.3.1.45 04.04.2007 no virus found
F-Secure 6.70.13030.0 04.06.2007 Trojan-Spy.Win32.BZub.ih
Ikarus T3.1.1.3 04.06.2007 Trojan-Spy.Win32.BZub.ih
Kaspersky 4.0.2.24 04.06.2007 Trojan-Spy.Win32.BZub.ih
McAfee 5003 04.06.2007 Spy-Agent.ba
Microsoft 1.2405 04.06.2007 TrojanSpy:Win32/Bzub.gen!dll
NOD32v2 2171 04.06.2007 Win32/Spy.BZub.NDH
Norman 5.80.02 04.05.2007 W32/BZub.RT
Panda 9.0.0.4 04.06.2007 Trj/Bzub.W
Prevx1 V2 04.06.2007 no virus found
Sophos 4.16.0 04.06.2007 Mal/Cimuz-A
Sunbelt 2.2.907.0 04.03.2007 no virus found
Symantec 10 04.06.2007 Infostealer.Bzup
TheHacker 6.1.6.085 04.04.2007 Trojan/Spy.BZub.ih
VBA32 3.11.3 04.04.2007 no virus found
VirusBuster 4.3.7:9 04.06.2007 TrojanSpy.BZub.Gen.9
Webwasher-Gateway 6.0.1 04.06.2007 Trojan.Spy.BZub.IH.9


Aditional Information
File size: 65240 bytes
MD5: 3ff67578719d68ab938739dae4be8e51
SHA1: abd93765fa4317e2c6fe4981dff195b8a0c8a512

RobinFood
06.04.2007, 22:49
Complete scanning result of "tr.exe", received in VirusTotal at 04.06.2007, 20:23:52 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.7.0 04.06.2007 Win-Trojan/Bzub.90840
AntiVir 7.3.1.48 04.06.2007 TR/Spy.BZub.AI.1
Authentium 4.93.8 04.06.2007 no virus found
Avast 4.7.936.0 04.06.2007 Win32:BZub-DA
AVG 7.5.0.447 04.05.2007 Proxy.LSH
BitDefender 7.2 04.06.2007 MemScan:Trojan.Spy.BZub.AI
CAT-QuickHeal 9.00 04.06.2007 no virus found
ClamAV devel-20070312 04.06.2007 no virus found
DrWeb 4.33 04.06.2007 Trojan.Spambot
eSafe 7.0.15.0 04.06.2007 Suspicious Trojan/Worm
eTrust-Vet 30.7.3546 04.06.2007 no virus found
Ewido 4.0 04.06.2007 Downloader.Agent.bhc
FileAdvisor 1 04.06.2007 no virus found
Fortinet 2.85.0.0 04.06.2007 Spy/BZub
F-Prot 4.3.1.45 04.04.2007 no virus found
F-Secure 6.70.13030.0 04.06.2007 W32/Malware.MRI
Ikarus T3.1.1.3 04.06.2007 Trojan-Spy.Win32.Goldun.lw
Kaspersky 4.0.2.24 04.06.2007 no virus found
McAfee 5003 04.06.2007 no virus found
Microsoft 1.2405 04.06.2007 no virus found
NOD32v2 2171 04.06.2007 Win32/TrojanProxy.Cimuz.NAG
Norman 5.80.02 04.05.2007 W32/Malware.MRI
Panda 9.0.0.4 04.06.2007 Suspicious file
Prevx1 V2 04.06.2007 Spyware.Banker
Sophos 4.16.0 04.06.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 Trojan-Spy.BZub.AI
Symantec 10 04.06.2007 no virus found
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.04.2007 Trojan.Win32.TrojanProxy.Cimuz.NAG
VirusBuster 4.3.7:9 04.06.2007 Trojan.DR.BZub.Gen.8
Webwasher-Gateway 6.0.1 04.06.2007 Trojan.Spy.BZub.AI.1

Aditional Information
File size: 90840 bytes
MD5: df57118c6759c33c73e4fcb612400894
SHA1: dc22dffc0ae29584af7fd7c215a3664083616cfe
packers: ASPack
packers: ASPACK
packers: Aspack
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=03e684081895

RobinFood
06.04.2007, 22:52
Complete scanning result of "zu.exe", received in VirusTotal at 04.06.2007, 20:24:23 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.7.0 04.06.2007 Win-Trojan/Proxy.98816
AntiVir 7.3.1.48 04.06.2007 TR/Proxy.Cimuz.NAH
Authentium 4.93.8 04.06.2007 no virus found
Avast 4.7.936.0 04.06.2007 Win32:BZub-DA
AVG 7.5.0.447 04.05.2007 Proxy.LSH
BitDefender 7.2 04.06.2007 no virus found
CAT-QuickHeal 9.00 04.06.2007 no virus found
ClamAV devel-20070312 04.06.2007 no virus found
DrWeb 4.33 04.06.2007 Trojan.Spambot
eSafe 7.0.15.0 04.06.2007 Suspicious Trojan/Worm
eTrust-Vet 30.7.3546 04.06.2007 no virus found
Ewido 4.0 04.06.2007 Downloader.Agent.bhc
FileAdvisor 1 04.06.2007 Not analyzed yet
Fortinet 2.85.0.0 04.06.2007 Spy/BZub
F-Prot 4.3.1.45 04.04.2007 no virus found
F-Secure 6.70.13030.0 04.06.2007 W32/Malware.MRJ
Ikarus T3.1.1.3 04.06.2007 Trojan-Downloader.Win32.Nurech.BF
Kaspersky 4.0.2.24 04.06.2007 no virus found
McAfee 5003 04.06.2007 no virus found
Microsoft 1.2405 04.06.2007 no virus found
NOD32v2 2171 04.06.2007 Win32/TrojanProxy.Cimuz.NAG
Norman 5.80.02 04.05.2007 W32/Malware.MRJ
Panda 9.0.0.4 04.06.2007 Suspicious file
Prevx1 V2 04.06.2007 Worm.Stormy
Sophos 4.16.0 04.06.2007 no virus found
Sunbelt 2.2.907.0 04.03.2007 no virus found
Symantec 10 04.06.2007 no virus found
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.04.2007 Trojan.Win32.TrojanProxy.Cimuz.NAG
VirusBuster 4.3.7:9 04.06.2007 Trojan.DR.BZub.Gen.8
Webwasher-Gateway 6.0.1 04.06.2007 Trojan.Proxy.Cimuz.NAH


Aditional Information
File size: 98816 bytes
MD5: 2c01310bc493ac8a9b2d4ff00bfa17f4
SHA1: af4a333a17bb8c6f62c92c8714d5c220035c0906
packers: ASPack
packers: ASPACK
Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=2c01310bc493ac8a9b2d4ff00bfa17f4
packers: Aspack
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=c6dd84081896

ZDM
06.04.2007, 23:19
Complete scanning result of "flash.exe", received in VirusTotal at 04.06.2007, 21:06:45 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.7.0 04.06.2007 Win32/Stration.worm.Gen
AntiVir 7.3.1.48 04.06.2007 TR/Crypt.XDR.Gen
Authentium 4.93.8 04.06.2007 no virus found
Avast 4.7.936.0 04.06.2007 no virus found
AVG 7.5.0.447 04.05.2007 I-Worm/Stration
BitDefender 7.2 04.06.2007 DeepScan:Generic.Stration.3ACAC7FF
CAT-QuickHeal 9.00 04.06.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 04.06.2007 Worm.Stration.ACF-5
DrWeb 4.33 04.06.2007 Win32.HLLM.Limar
eSafe 7.0.15.0 04.06.2007 Suspicious Trojan/Worm
eTrust-Vet 30.7.3546 04.06.2007 no virus found
Ewido 4.0 04.06.2007 no virus found
FileAdvisor 1 04.06.2007 no virus found
Fortinet 2.85.0.0 04.06.2007 suspicious
F-Prot 4.3.1.45 04.04.2007 no virus found
F-Secure 6.70.13030.0 04.06.2007 Email-Worm.Win32.Warezov.mx
Ikarus T3.1.1.3 04.06.2007 Trojan-Spy.Win32.Agent.hz
Kaspersky 4.0.2.24 04.06.2007 Email-Worm.Win32.Warezov.mx
McAfee 5003 04.06.2007 New Malware.n
Microsoft 1.2405 04.06.2007 Trojan:Win32/Stration.gen!dr
NOD32v2 2171 04.06.2007 a variant of Win32/Stration.XJ
Norman 5.80.02 04.05.2007 no virus found
Panda 9.0.0.4 04.06.2007 Suspicious file
Prevx1 V2 04.06.2007 no virus found
Sophos 4.16.0 04.06.2007 Mal/Packer
Sunbelt 2.2.907.0 04.03.2007 VIPRE.Suspicious
Symantec 10 04.06.2007 no virus found
TheHacker 6.1.6.085 04.04.2007 no virus found
VBA32 3.11.3 04.04.2007 MalwareScope.Worm.Warezov.6
VirusBuster 4.3.7:9 04.06.2007 Packed/Upack
Webwasher-Gateway 6.0.1 04.06.2007 Trojan.Crypt.XDR.Gen


Aditional Information
File size: 89116 bytes
MD5: 4e2f154f466c122f37e995945d4b7824
SHA1: 1f91f318191f0747ab22e87adda45735c46ae4ad
packers: UPACK
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Shu_b
09.04.2007, 16:54
Новой страничке - новые промежуточные ;)

Shu_b
10.04.2007, 15:48
Complete scanning result of "win26825.dll", received in VirusTotal at 04.10.2007, 12:36:03 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.10.0 04.10.2007 no virus found
AntiVir 7.3.1.48 04.10.2007 no virus found
Authentium 4.93.8 04.09.2007 no virus found
Avast 4.7.936.0 04.08.2007 Win32:Agent-FSP
AVG 7.5.0.447 04.10.2007 no virus found
BitDefender 7.2 04.10.2007 no virus found
CAT-QuickHeal 9.00 04.09.2007 no virus found
ClamAV devel-20070312 04.10.2007 no virus found
DrWeb 4.33 04.10.2007 no virus found
eSafe 7.0.15.0 04.09.2007 no virus found
eTrust-Vet 30.7.3557 04.10.2007 no virus found
Ewido 4.0 04.10.2007 no virus found
FileAdvisor 1 04.10.2007 no virus found
Fortinet 2.85.0.0 04.10.2007 no virus found
F-Prot 4.3.1.45 04.08.2007 no virus found
F-Secure 6.70.13030.0 04.10.2007 no virus found
Ikarus T3.1.1.3 04.10.2007 no virus found
Kaspersky 4.0.2.24 04.10.2007 no virus found
McAfee 5004 04.09.2007 no virus found
Microsoft 1.2405 04.10.2007 no virus found
NOD32v2 2176 04.10.2007 no virus found
Norman 5.80.02 04.10.2007 no virus found
Panda 9.0.0.4 04.09.2007 Suspicious file
Prevx1 V2 04.10.2007 no virus found
Sophos 4.16.0 04.06.2007 no virus found
Sunbelt 2.2.907.0 04.07.2007 no virus found
Symantec 10 04.10.2007 Infostealer
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.09.2007 suspected of Email-Worm.Mydoom.20
VirusBuster 4.3.7:9 04.09.2007 no virus found
Webwasher-Gateway 6.0.1 04.10.2007 Win32.Malware.gen!90 (suspicious)

Aditional Information
File size: 1342976 bytes
MD5: 83bfd9358c229326ba0a8cd0e0796599
SHA1: 23625d8fa516b9e44a0b1433ab10146c2d1a8b50


Complete scanning result of "svchost.exe", received in VirusTotal at 04.10.2007, 13:27:32 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.10.0 04.10.2007 no virus found
AntiVir 7.3.1.48 04.10.2007 DR/Spy.Delf.AR.32
Authentium 4.93.8 04.09.2007 no virus found
Avast 4.7.936.0 04.08.2007 no virus found
AVG 7.5.0.447 04.10.2007 no virus found
BitDefender 7.2 04.10.2007 Dropped:Trojan.Spy.Delf.AR
CAT-QuickHeal 9.00 04.09.2007 no virus found
ClamAV devel-20070312 04.10.2007 no virus found
DrWeb 4.33 04.10.2007 no virus found
eSafe 7.0.15.0 04.09.2007 no virus found
eTrust-Vet 30.7.3557 04.10.2007 no virus found
Ewido 4.0 04.10.2007 no virus found
FileAdvisor 1 04.10.2007 no virus found
Fortinet 2.85.0.0 04.10.2007 suspicious
F-Prot 4.3.1.45 04.08.2007 no virus found
F-Secure 6.70.13030.0 04.10.2007 no virus found
Ikarus T3.1.1.5 04.10.2007 no virus found
Kaspersky 4.0.2.24 04.10.2007 no virus found
McAfee 5004 04.09.2007 no virus found
Microsoft 1.2405 04.10.2007 no virus found
NOD32v2 2176 04.10.2007 no virus found
Norman 5.80.02 04.10.2007 no virus found
Panda 9.0.0.4 04.09.2007 no virus found
Prevx1 V2 04.10.2007 no virus found
Sophos 4.16.0 04.06.2007 no virus found
Sunbelt 2.2.907.0 04.07.2007 no virus found
Symantec 10 04.10.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.09.2007 suspected of Backdoor.Delf.57
VirusBuster 4.3.7:9 04.09.2007 no virus found
Webwasher-Gateway 6.0.1 04.10.2007 Trojan.Spy.Delf.AR.32

Aditional Information
File size: 603648 bytes
MD5: 1eb49e6da9c18e3878e609f3d11e726b
SHA1: a964aab10c4e88f30e6fe1a18efd6093aa566c13
packers: BINARYRES

Shu_b
11.04.2007, 12:58
t-8937

Complete scanning result of "ntos.exe", received in VirusTotal at 04.11.2007, 08:26:44 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.10.0 04.10.2007 no virus found
AntiVir 7.3.1.50 04.10.2007 TR/Hijack.Age.38400
Authentium 4.93.8 04.11.2007 no virus found
Avast 4.7.936.0 04.10.2007 no virus found
AVG 7.5.0.447 04.11.2007 no virus found
BitDefender 7.2 04.11.2007 no virus found
CAT-QuickHeal 9.00 04.10.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 04.11.2007 no virus found
DrWeb 4.33 04.11.2007 no virus found
eSafe 7.0.15.0 04.10.2007 no virus found
eTrust-Vet 30.7.3559 04.11.2007 no virus found
Ewido 4.0 04.10.2007 no virus found
FileAdvisor 1 04.11.2007 no virus found
Fortinet 2.85.0.0 04.11.2007 suspicious
F-Prot 4.3.1.45 04.11.2007 no virus found
F-Secure 6.70.13030.0 04.11.2007 no virus found
Ikarus T3.1.1.5 04.11.2007 no virus found
Kaspersky 4.0.2.24 04.11.2007 no virus found
McAfee 5005 04.10.2007 New Malware.ci
Microsoft 1.2405 04.11.2007 no virus found
NOD32v2 2178 04.10.2007 no virus found
Norman 5.80.02 04.10.2007 no virus found
Panda 9.0.0.4 04.11.2007 Trj/Wsnpoem.V
Prevx1 V2 04.11.2007 no virus found
Sophos 4.16.0 04.06.2007 no virus found
Sunbelt 2.2.907.0 04.07.2007 VIPRE.Suspicious
Symantec 10 04.11.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.10.2007 no virus found
VirusBuster 4.3.7:9 04.10.2007 no virus found
Webwasher-Gateway 6.0.1 04.11.2007 Trojan.Hijack.Age.38400

Aditional Information
File size: 288256 bytes
MD5: ee0942b164d424a3b5c66f26a47e9c92
SHA1: e6d86e2c9106065301b2f34023422eaaa9d81486


Complete scanning result of "ipv6monk.dll", received in VirusTotal at 04.11.2007, 08:31:23 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.10.0 04.10.2007 no virus found
AntiVir 7.3.1.50 04.10.2007 HEUR/Malware
Authentium 4.93.8 04.11.2007 no virus found
Avast 4.7.936.0 04.10.2007 no virus found
AVG 7.5.0.447 04.11.2007 no virus found
BitDefender 7.2 04.11.2007 no virus found
CAT-QuickHeal 9.00 04.10.2007 no virus found
ClamAV devel-20070312 04.11.2007 no virus found
DrWeb 4.33 04.11.2007 no virus found
eSafe 7.0.15.0 04.10.2007 no virus found
eTrust-Vet 30.7.3559 04.11.2007 no virus found
Ewido 4.0 04.10.2007 no virus found
FileAdvisor 1 04.11.2007 no virus found
Fortinet 2.85.0.0 04.11.2007 no virus found
F-Prot 4.3.1.45 04.11.2007 no virus found
F-Secure 6.70.13030.0 04.11.2007 no virus found
Ikarus T3.1.1.5 04.11.2007 no virus found
Kaspersky 4.0.2.24 04.11.2007 no virus found
McAfee 5005 04.10.2007 Spy-Agent.ba
Microsoft 1.2405 04.11.2007 no virus found
NOD32v2 2178 04.10.2007 no virus found
Norman 5.80.02 04.10.2007 no virus found
Panda 9.0.0.4 04.11.2007 no virus found
Prevx1 V2 04.11.2007 no virus found
Sophos 4.16.0 04.06.2007 Mal/Cimuz-A
Sunbelt 2.2.907.0 04.07.2007 no virus found
Symantec 10 04.11.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.10.2007 no virus found
VirusBuster 4.3.7:9 04.10.2007 no virus found
Webwasher-Gateway 6.0.1 04.11.2007 Heuristic.Malware

Aditional Information
File size: 64728 bytes
MD5: 22e74473941a34eb787fd059c9bcae1f
SHA1: b3b94288e309c1447e8d343017171e90bc36ce87

aZm
12.04.2007, 03:29
Complete scanning result of "Giper_WM.exe_aq", received in VirusTotal at 04.12.2007, 00:56:34 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.12.0 04.11.2007 no virus found
AntiVir 7.3.1.50 04.11.2007 TR/Crypt.XDR.Gen
Authentium 4.93.8 04.11.2007 is a security risk or a "backdoor" program
Avast 4.7.936.0 04.11.2007 no virus found
AVG 7.5.0.447 04.11.2007 no virus found
BitDefender 7.2 04.12.2007 Dropped:Trojan.Peed.Gen
CAT-QuickHeal 9.00 04.11.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 04.12.2007 Trojan.Dropper-653
DrWeb 4.33 04.11.2007 Trojan.PWS.LDPinch.1622
eSafe 7.0.15.0 04.11.2007 Win32.LdPinch.bgj
eTrust-Vet 30.7.3560 04.11.2007 no virus found
Ewido 4.0 04.10.2007 Trojan.LdPinch.bgj
FileAdvisor 1 04.12.2007 no virus found
Fortinet 2.85.0.0 04.11.2007 W32/LdPinch.BGJ!tr.pws
F-Prot 4.3.1.45 04.11.2007 W32/PWStealer
F-Secure 6.70.13030.0 04.11.2007 Trojan-PSW.Win32.LdPinch.bgj
Ikarus T3.1.1.5 04.11.2007 Trojan-PWS.Win32.LdPinch.bgj
Kaspersky 4.0.2.24 04.11.2007 Trojan-PSW.Win32.LdPinch.bgj
McAfee 5006 04.11.2007 no virus found
Microsoft 1.2405 04.11.2007 no virus found
NOD32v2 2182 04.11.2007 no virus found
Norman 5.80.02 04.11.2007 W32/LdPinch.JAY
Panda 9.0.0.4 04.11.2007 Suspicious file
Prevx1 V2 04.12.2007 no virus found
Sophos 4.16.0 04.11.2007 no virus found
Sunbelt 2.2.907.0 04.07.2007 no virus found
Symantec 10 04.11.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.10.2007 Trojan-PSW.Win32.LdPinch.bgj
VirusBuster 4.3.7:9 04.11.2007 Trojan.PWS.LdPinch.AXS
Webwasher-Gateway 6.0.1 04.11.2007 Trojan.Crypt.XDR.Gen

Aditional Information
File size: 43174 bytes
MD5: 37bdc87bf1150179feb7bf00c8534101
SHA1: 524c57b769a56927aa70ee487f14d59ad4afe624

Shu_b
12.04.2007, 12:15
t-8722

Complete scanning result of "TIMEMP316.exe", received in VirusTotal at 04.12.2007, 10:01:41 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.12.0 04.12.2007 no virus found
AntiVir 7.3.1.50 04.12.2007 TR/Dldr.Swizzor.Gen
Authentium 4.93.8 04.12.2007 no virus found
Avast 4.7.936.0 04.11.2007 no virus found
AVG 7.5.0.447 04.11.2007 no virus found
BitDefender 7.2 04.12.2007 Trojan.FatObfus.Gen
CAT-QuickHeal 9.00 04.11.2007 (Suspicious) - DNAScan
ClamAV devel-20070312 04.12.2007 no virus found
DrWeb 4.33 04.12.2007 no virus found
eSafe 7.0.15.0 04.11.2007 no virus found
eTrust-Vet 30.7.3562 04.12.2007 no virus found
Ewido 4.0 04.10.2007 no virus found
FileAdvisor 1 04.12.2007 no virus found
Fortinet 2.85.0.0 04.12.2007 suspicious
F-Prot 4.3.1.45 04.12.2007 no virus found
F-Secure 6.70.13030.0 04.12.2007 Trojan.Win32.Obfuscated.en
Ikarus T3.1.1.5 04.12.2007 not-a-virus:AdWare.Win32.Lop.ag
Kaspersky 4.0.2.24 04.12.2007 Trojan.Win32.Obfuscated.en
McAfee 5006 04.11.2007 no virus found
Microsoft 1.2405 04.11.2007 no virus found
NOD32v2 2182 04.11.2007 no virus found
Norman 5.80.02 04.11.2007 no virus found
Panda 9.0.0.4 04.12.2007 no virus found
Sophos 4.16.0 04.12.2007 no virus found
Sunbelt 2.2.907.0 04.07.2007 no virus found
Symantec 10 04.12.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.10.2007 MalwareScope.Trojan-Downloader.Obfuscated.2
VirusBuster 4.3.7:9 04.11.2007 Adware.Lop.Gen
Webwasher-Gateway 6.0.1 04.12.2007 Trojan.Dldr.Swizzor.Gen

Aditional Information
File size: 254464 bytes
MD5: b32a0a30bb3800f8d5b4f35fb116dfc2
SHA1: 6d4062651b954691ec22483e6032c2ed665b6609

drongo
14.04.2007, 14:56
T= 8993

Complete scanning result of "avz00001.dta", received in VirusTotal at 04.14.2007, 12:41:04 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.14.0 04.13.2007 no virus found
AntiVir 7.3.1.50 04.13.2007 ADSPY/Virtumonde.IG.1
Authentium 4.93.8 04.14.2007 no virus found
Avast 4.7.936.0 04.13.2007 no virus found
AVG 7.5.0.447 04.13.2007 no virus found
BitDefender 7.2 04.14.2007 MemScan:Trojan.Vundo.DLM
CAT-QuickHeal 9.00 04.13.2007 no virus found
ClamAV devel-20070312 04.13.2007 Trojan.Packed-7
DrWeb 4.33 04.14.2007 Trojan.Virtumod
eSafe 7.0.15.0 04.12.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3567 04.14.2007 Win32/Chisyne!generic
Ewido 4.0 04.14.2007 Adware.Virtumonde
FileAdvisor 1 04.14.2007 no virus found
Fortinet 2.85.0.0 04.14.2007 no virus found
F-Prot 4.3.2.48 04.13.2007 W32/Adware.IHC
F-Secure 6.70.13030.0 04.13.2007 Vundo.gen17
Ikarus T3.1.1.5 04.14.2007 not-a-virus:AdWare.Win32.Virtumonde.bq
Kaspersky 4.0.2.24 04.14.2007 not-a-virus:AdWare.Win32.Virtumonde.ig
McAfee 5009 04.13.2007 potentially unwanted program Vundo
Microsoft 1.2405 04.14.2007 no virus found
NOD32v2 2187 04.13.2007 Win32/Adware.Virtumonde
Norman 5.80.02 04.14.2007 W32/Virtumonde.GAG
Panda 9.0.0.4 04.14.2007 Suspicious file
Prevx1 V2 04.14.2007 SpywareQuake
Sophos 4.16.0 04.12.2007 no virus found
Sunbelt 2.2.907.0 04.14.2007 VIPRE.Suspicious
Symantec 10 04.14.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 Adware/Virtumonde.ig
VBA32 3.11.3 04.13.2007 AdWare.Win32.Virtumonde.ig
VirusBuster 4.3.7:9 04.13.2007 Adware.Vundo.Gen!Pac.8
Webwasher-Gateway 6.0.1 04.13.2007 Ad-Spyware.Virtumonde.IG.1

Aditional Information
File size: 26694 bytes
MD5: 63243513b3e5fdb7a3f3ddd775e98f25
SHA1: d1b58b9fcb6b31ea4d8e4b42ebcefb2569754cbd
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=47cf87067768
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.





Complete scanning result of "avz00002.dta", received in VirusTotal at 04.14.2007, 12:16:22 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.14.0 04.13.2007 no virus found
AntiVir 7.3.1.50 04.13.2007 no virus found
Authentium 4.93.8 04.14.2007 no virus found
Avast 4.7.936.0 04.13.2007 no virus found
AVG 7.5.0.447 04.13.2007 no virus found
BitDefender 7.2 04.14.2007 no virus found
CAT-QuickHeal 9.00 04.13.2007 no virus found
ClamAV devel-20070312 04.13.2007 no virus found
DrWeb 4.33 04.14.2007 Trojan.Virtumod
eSafe 7.0.15.0 04.12.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3567 04.14.2007 Win32/Vundo!generic
Ewido 4.0 04.14.2007 no virus found
FileAdvisor 1 04.14.2007 no virus found
Fortinet 2.85.0.0 04.14.2007 suspicious
F-Prot 4.3.2.48 04.13.2007 no virus found
F-Secure 6.70.13030.0 04.13.2007 Vundo.gen17
Ikarus T3.1.1.5 04.14.2007 no virus found
Kaspersky 4.0.2.24 04.14.2007 no virus found
McAfee 5009 04.13.2007 no virus found
Microsoft 1.2405 04.14.2007 no virus found
NOD32v2 2187 04.13.2007 no virus found
Norman 5.80.02 04.14.2007 Vundo.gen17
Panda 9.0.0.4 04.14.2007 Suspicious file
Prevx1 V2 04.14.2007 no virus found
Sophos 4.16.0 04.12.2007 no virus found
Sunbelt 2.2.907.0 04.14.2007 VIPRE.Suspicious
Symantec 10 04.14.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.3 04.13.2007 no virus found
VirusBuster 4.3.7:9 04.13.2007 Adware.Vundo.Gen!Pac.8
Webwasher-Gateway 6.0.1 04.13.2007 Win32.UPXpacked.gen (suspicious)

Aditional Information
File size: 280676 bytes
MD5: 5231ec5b06afc427c5a22312a1861b52
SHA1: dfaf82aef9b09df072e8e98de403ed317e8f44f2
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Winsent
15.04.2007, 12:44
File: reg.exe
Status: INFECTED/MALWARE
MD5 c1e9fbf2fbdfcfab0c185c8b1382a2d6
Packers detected: -


Scanner results

Scan taken on 15 Apr 2007 08:18:20 (GMT)

AntiVir Found TR/Crypt.XPACK.Gen
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found Trojan.Peed.Gen
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan-PSW.Win32.LdPinch.but
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-PSW.Win32.LdPinch.but
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing

drongo
15.04.2007, 21:47
T=9014

Complete scanning result of "flash.rar", received in VirusTotal at 04.15.2007, 19:02:46 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.14.0 04.13.2007 no virus found
AntiVir 7.3.1.52 04.14.2007 no virus found
Authentium 4.93.8 04.14.2007 no virus found
Avast 4.7.981.0 04.15.2007 no virus found
AVG 7.5.0.447 04.15.2007 no virus found
BitDefender 7.2 04.15.2007 no virus found
CAT-QuickHeal 9.00 04.14.2007 no virus found
ClamAV devel-20070312 04.15.2007 no virus found
DrWeb 4.33 04.15.2007 no virus found
eSafe 7.0.15.0 04.15.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3567 04.14.2007 no virus found
Ewido 4.0 04.15.2007 no virus found
FileAdvisor 1 04.15.2007 no virus found
Fortinet 2.85.0.0 04.15.2007 no virus found
F-Prot 4.3.2.48 04.13.2007 no virus found
F-Secure 6.70.13030.0 04.14.2007 no virus found
Ikarus T3.1.1.5 04.15.2007 Backdoor.Win32.Ciadoor.13
Kaspersky 4.0.2.24 04.15.2007 no virus found
McAfee 5009 04.13.2007 no virus found
Microsoft 1.2405 04.15.2007 no virus found
NOD32v2 2187 04.13.2007 no virus found
Norman 5.80.02 04.14.2007 no virus found
Panda 9.0.0.4 04.15.2007 Suspicious file
Prevx1 V2 04.15.2007 no virus found
Sophos 4.16.0 04.12.2007 no virus found
Sunbelt 2.2.907.0 04.14.2007 no virus found
Symantec 10 04.15.2007 no virus found
TheHacker 6.1.6.094 04.14.2007 no virus found
VBA32 3.11.3 04.14.2007 no virus found
VirusBuster 4.3.7:9 04.15.2007 no virus found
Webwasher-Gateway 6.0.1 04.14.2007 Worm.Win32.ModifiedUPX.gen!90 (suspicious)

Aditional Information
File size: 72352 bytes
MD5: 558b6d738131fc85269346cf9409daa5
SHA1: e9b7d9310819aade575cf3cd21099129970b2a0d
packers: UPX
packers: UPX
packers: UPX

Shu_b
17.04.2007, 23:19
t-9080

Complete scanning result of "arprmdg0.dll", received in VirusTotal at 04.17.2007, 21:09:54 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.4.18.0 04.17.2007 no virus found
AntiVir 7.3.1.53 04.17.2007 TR/Agent.20983
Authentium 4.93.8 04.17.2007 no virus found
Avast 4.7.981.0 04.17.2007 no virus found
AVG 7.5.0.447 04.17.2007 PSW.Generic3.VQG
BitDefender 7.2 04.17.2007 Generic.Malware.SFYdlwdld.54C1D768
CAT-QuickHeal 9.00 04.17.2007 no virus found
ClamAV devel-20070312 04.17.2007 no virus found
DrWeb 4.33 04.17.2007 no virus found
eSafe 7.0.15.0 04.17.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3574 04.17.2007 Win32/Hanlo!generic
Ewido 4.0 04.17.2007 no virus found
FileAdvisor 1 04.17.2007 no virus found
Fortinet 2.85.0.0 04.17.2007 suspicious
F-Prot 4.3.2.48 04.17.2007 no virus found
F-Secure 6.70.13030.0 04.17.2007 W32/Horst.gen28
Ikarus T3.1.1.5 04.17.2007 no virus found
Kaspersky 4.0.2.24 04.17.2007 no virus found
McAfee 5011 04.17.2007 no virus found
Microsoft 1.2405 04.17.2007 TrojanSpy:Win32/Goldun.gen!dll
NOD32v2 2199 04.17.2007 a variant of Win32/Spy.Goldun.GU
Norman 5.80.02 04.17.2007 W32/Horst.gen28
Panda 9.0.0.4 04.17.2007 Suspicious file
Prevx1 V2 04.17.2007 no virus found
Sophos 4.16.0 04.17.2007 Mal/Behav-007
Sunbelt 2.2.907.0 04.14.2007 no virus found
Symantec 10 04.17.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.3 04.17.2007 suspected of Trojan-Spy.Banker.51
VirusBuster 4.3.7:9 04.17.2007 no virus found
Webwasher-Gateway 6.0.1 04.17.2007 Trojan.Agent.20983

Aditional Information
File size: 20589 bytes
MD5: de0eaba4203aa36dbbb8888317e3817f
SHA1: 7bb9bcb72e8198ff8e332a88fda0d9d6e133d85d
packers: UPX

darzanebor
19.04.2007, 23:34
Trojan.Win32.Agent.qt




AhnLab-V3 2007.4.19.1 04.19.2007 no virus found
AntiVir 7.3.1.53 04.19.2007 TR/Crypt.PEC2X.Gen
Authentium 4.93.8 04.18.2007 no virus found
Avast 4.7.981.0 04.19.2007 no virus found
AVG 7.5.0.447 04.18.2007 Generic3.UEB
BitDefender 7.2 04.19.2007 no virus found
CAT-QuickHeal 9.00 04.18.2007 no virus found
ClamAV devel-20070416 04.19.2007 no virus found
DrWeb 4.33 04.19.2007 no virus found
eSafe 7.0.15.0 04.18.2007 Win32.Agent.qt
eTrust-Vet 30.7.3579 04.19.2007 no virus found
Ewido 4.0 04.19.2007 Trojan.Agent.qt
FileAdvisor 1 04.19.2007 no virus found
Fortinet 2.85.0.0 04.19.2007 W32/Agent.QT!tr
F-Prot 4.3.2.48 04.18.2007 no virus found
F-Secure 6.70.13030.0 04.19.2007 Trojan.Win32.Agent.qt
Ikarus T3.1.1.5 04.19.2007 Trojan.Win32.Agent.qt
Kaspersky 4.0.2.24 04.19.2007 Trojan.Win32.Agent.qt
McAfee 5012 04.18.2007 no virus found
Microsoft 1.2405 04.19.2007 Trojan:Win32/Agent.PA
NOD32v2 2204 04.19.2007 probably a variant of Win32/Agent.QT
Norman 5.80.02 04.19.2007 no virus found
Panda 9.0.0.4 04.19.2007 Spyware/Virtumonde
Prevx1 V2 04.19.2007 Polynomial.Code.Exploit
Sophos 4.16.0 04.17.2007 Troj/Nebule-Gen
Sunbelt 2.2.907.0 04.07.2007 VIPRE.Suspicious
Symantec 10 04.19.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.3 04.19.2007 no virus found
VirusBuster 4.3.7:9 04.18.2007 no virus found
Webwasher-Gateway 6.0.1 04.19.2007 Trojan.Crypt.PEC2X.Gen

Kuzz
20.04.2007, 22:29
Complete scanning result of "avz00004.dta", received in VirusTotal at 04.20.2007, 20:22:51 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.21.0 04.20.2007 no virus found
AntiVir 7.3.1.53 04.20.2007 HEUR/Malware
Authentium 4.93.8 04.20.2007 no virus found
Avast 4.7.981.0 04.20.2007 no virus found
AVG 7.5.0.464 04.19.2007 no virus found
BitDefender 7.2 04.20.2007 no virus found
CAT-QuickHeal 9.00 04.20.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 04.20.2007 no virus found
DrWeb 4.33 04.20.2007 no virus found
eSafe 7.0.15.0 04.19.2007 Suspicious Trojan/Worm
eTrust-Vet 30.7.3581 04.20.2007 no virus found
Ewido 4.0 04.20.2007 no virus found
FileAdvisor 1 04.20.2007 No threat detected
Fortinet 2.85.0.0 04.20.2007 suspicious
F-Prot 4.3.2.48 04.20.2007 W32/Threat-HLLSI-based!Maximus
F-Secure 6.70.13030.0 04.20.2007 no virus found
Ikarus T3.1.1.5 04.20.2007 no virus found
Kaspersky 4.0.2.24 04.20.2007 no virus found
McAfee 5014 04.20.2007 no virus found
Microsoft 1.2405 04.20.2007 no virus found
NOD32v2 2207 04.20.2007 no virus found
Norman 5.80.02 04.20.2007 W32/Malware.PKD
Panda 9.0.0.4 04.19.2007 no virus found
Prevx1 V2 04.20.2007 no virus found
Sophos 4.16.0 04.20.2007 Troj/Dowdec-Gen
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.20.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.20.2007 suspected of Downloader.Small.34
VirusBuster 4.3.7:9 04.20.2007 Packed/FSG
Webwasher-Gateway 6.0.1 04.20.2007 Heuristic.Malware

Aditional Information
File size: 12962 bytes
MD5: ca64887c85940f4755006f6340eb7973
SHA1: 7babc964fe4f1b956d0c39e63d177844ae06d71e
packers: FSG
Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=ca64887c85940f4755006f6340eb7973
packers: embedded

Winsent
21.04.2007, 11:13
Complete scanning result of "love.scr", received in VirusTotal at 04.21.2007, 09:08:30 (CET).


Antivirus Version Update Result

AhnLab-V3 2007.4.21.0 04.20.2007 no virus found
AntiVir 7.3.1.53 04.20.2007 TR/PSW.LdPinch.btg
Authentium 4.93.8 04.20.2007 Possibly a new variant of W32/new-malware!Maximus
Avast 4.7.981.0 04.20.2007 Win32:PdPinch-BO
AVG 7.5.0.464 04.20.2007 PSW.Ldpinch.FYQ
BitDefender 7.2 04.21.2007 no virus found
CAT-QuickHeal 9.00 04.20.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 04.20.2007 no virus found
DrWeb 4.33 04.20.2007 no virus found
eSafe 7.0.15.0 04.19.2007 Win32.LdPinch.btg
eTrust-Vet 30.7.3583 04.21.2007 no virus found
Ewido 4.0 04.20.2007 Trojan.LdPinch.btg
FileAdvisor 1 04.21.2007 no virus found
Fortinet 2.85.0.0 04.21.2007 W32/LdPinch.BTG!tr.pws
F-Prot 4.3.2.48 04.20.2007 W32/new-malware!Maximus
F-Secure 6.70.13030.0 04.20.2007 Trojan-PSW.Win32.LdPinch.btg
Ikarus T3.1.1.5 04.21.2007 Trojan-Downloader.Win32.Banload.ams
Kaspersky 4.0.2.24 04.21.2007 Trojan-PSW.Win32.LdPinch.btg
McAfee 5014 04.20.2007 no virus found
Microsoft 1.2405 04.21.2007 no virus found
NOD32v2 2208 04.21.2007 Win32/PSW.LdPinch.NCB
Norman 5.80.02 04.20.2007 W32/LdPinch.JBK
Panda 9.0.0.4 04.20.2007 Suspicious file
Prevx1 V2 04.21.2007 no virus found
Sophos 4.16.0 04.20.2007 Mal/Basine-A
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.20.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 Trojan/PSW.LdPinch.btg
VBA32 3.11.4 04.21.2007 MalwareScope.Trojan-PSW.Pinch.42
VirusBuster 4.3.7:9 04.20.2007 Packed/FSG
Webwasher-Gateway 6.0.1 04.21.2007 Trojan.PSW.LdPinch.btg

Aditional Information
File size: 48669 bytes
MD5: bd7645ca7a50754dc2b2f73d6f1cf69b
SHA1: 18baf768f4833c164587f335452b99a3992f2112
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

drongo
22.04.2007, 15:23
Complete scanning result of "avz00006.dta", received in VirusTotal at 04.22.2007, 13:17:09 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.21.0 04.20.2007 no virus found
AntiVir 7.3.1.53 04.20.2007 TR/PSW.LdPinch.BNL
Authentium 4.93.8 04.20.2007 no virus found
Avast 4.7.981.0 04.21.2007 no virus found
AVG 7.5.0.464 04.21.2007 no virus found
BitDefender 7.2 04.22.2007 no virus found
CAT-QuickHeal 9.00 04.21.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 04.21.2007 no virus found
DrWeb 4.33 04.22.2007 no virus found
eSafe 7.0.15.0 04.19.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3585 04.21.2007 no virus found
Ewido 4.0 04.21.2007 no virus found
FileAdvisor 1 04.22.2007 no virus found
Fortinet 2.85.0.0 04.22.2007 W32/LdPinch.BMO!tr.pws
F-Prot 4.3.2.48 04.20.2007 no virus found
F-Secure 6.70.13030.0 04.22.2007 no virus found
Ikarus T3.1.1.5 04.22.2007 no virus found
Kaspersky 4.0.2.24 04.22.2007 no virus found
McAfee 5014 04.20.2007 New Poly Win32
Microsoft 1.2405 04.22.2007 no virus found
NOD32v2 2209 04.21.2007 Win32/PSW.LdPinch.BMO
Norman 5.80.02 04.21.2007 no virus found
Panda 9.0.0.4 04.22.2007 Trj/Ldpinch.ACD
Prevx1 V2 04.22.2007 no virus found
Sophos 4.16.0 04.20.2007 Mal/Basine-C
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.22.2007 Bloodhound.W32.1
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.21.2007 no virus found
VirusBuster 4.3.7:9 04.21.2007 Packed/MEW
Webwasher-Gateway 6.0.1 04.22.2007 Trojan.PSW.LdPinch.BNL

Aditional Information
File size: 37603 bytes
MD5: aba92bf22fac44a0d87fb74a47b6939a
SHA1: 135988c5ba72ef2a4bd9b208130662f804fd8c11
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

P.S. редкий экземпьярчик - касперскуй не знает, а symantec знает.

Kuzz
23.04.2007, 18:01
В аське здесь бегал..

Complete scanning result of "my_img.pif", received in VirusTotal at 04.23.2007, 15:49:13 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.21.0 04.23.2007 Win32/Stration.worm.Gen
AntiVir 7.4.0.14 04.23.2007 TR/Crypt.XDR.Gen
Authentium 4.93.8 04.23.2007 no virus found
Avast 4.7.981.0 04.21.2007 no virus found
AVG 7.5.0.464 04.22.2007 I-Worm/Stration
BitDefender 7.2 04.23.2007 DeepScan:Generic.Stration.5DDF19F0
CAT-QuickHeal 9.00 04.23.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 04.23.2007 no virus found
DrWeb 4.33 04.23.2007 no virus found
eSafe 7.0.15.0 04.22.2007 Suspicious Trojan/Worm
eTrust-Vet 30.7.3589 04.23.2007 no virus found
Ewido 4.0 04.23.2007 no virus found
FileAdvisor 1 04.23.2007 no virus found
Fortinet 2.85.0.0 04.23.2007 suspicious
F-Prot 4.3.2.48 04.23.2007 no virus found
F-Secure 6.70.13030.0 04.23.2007 no virus found
Ikarus T3.1.1.5 04.23.2007 Trojan-Spy.Win32.Agent.hz
Kaspersky 4.0.2.24 04.23.2007 no virus found
McAfee 5014 04.20.2007 New Malware.n
Microsoft 1.2405 04.23.2007 TrojanDropper:Win32/Stration.gen!E
NOD32v2 2212 04.23.2007 a variant of Win32/Stration.XJ
Norman 5.80.02 04.23.2007 no virus found
Panda 9.0.0.4 04.23.2007 Suspicious file
Prevx1 V2 04.23.2007 no virus found
Sophos 4.16.0 04.20.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.23.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.4 04.23.2007 MalwareScope.Worm.Warezov.1
VirusBuster 4.3.7:9 04.23.2007 Packed/Upack
Webwasher-Gateway 6.0.1 04.23.2007 Trojan.Crypt.XDR.Gen

Aditional Information
File size: 103459 bytes
MD5: 6da0222a35429e4c49f941e68a0cbb14
SHA1: a2931571c6dfd1e99daff459595b2bc7d19edcd9
packers: UPACK
packers: UPack

Kuzz
23.04.2007, 18:33
А это сюда, в голосование закинули:
Complete scanning result of "review-play1191.exe", received in VirusTotal at 04.23.2007, 16:22:26 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.24.0 04.23.2007 no virus found
AntiVir 7.4.0.14 04.23.2007 no virus found
Authentium 4.93.8 04.23.2007 no virus found
Avast 4.7.981.0 04.23.2007 no virus found
AVG 7.5.0.464 04.22.2007 no virus found
BitDefender 7.2 04.23.2007 no virus found
CAT-QuickHeal 9.00 04.23.2007 no virus found
ClamAV devel-20070416 04.23.2007 no virus found
DrWeb 4.33 04.23.2007 no virus found
eSafe 7.0.15.0 04.23.2007 no virus found
eTrust-Vet 30.7.3589 04.23.2007 no virus found
Ewido 4.0 04.23.2007 no virus found
FileAdvisor 1 04.23.2007 No threat detected
Fortinet 2.85.0.0 04.23.2007 no virus found
F-Prot 4.3.2.48 04.23.2007 no virus found
F-Secure 6.70.13030.0 04.23.2007 no virus found
Ikarus T3.1.1.5 04.23.2007 no virus found
Kaspersky 4.0.2.24 04.23.2007 no virus found
McAfee 5014 04.20.2007 no virus found
Microsoft 1.2405 04.23.2007 no virus found
NOD32v2 2212 04.23.2007 no virus found
Norman 5.80.02 04.23.2007 no virus found
Panda 9.0.0.4 04.23.2007 no virus found
Prevx1 V2 04.23.2007 Trojan.MoviesDVDS
Sophos 4.16.0 04.20.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.23.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 Trojan/DNSChanger.ik
VBA32 3.11.4 04.23.2007 no virus found
VirusBuster 4.3.7:9 04.23.2007 no virus found
Webwasher-Gateway 6.0.1 04.23.2007 no virus found

Aditional Information
File size: 72044 bytes
MD5: 9eedeefeb8f9cf30ea4b3daf73e53b42
SHA1: 5df35968083d0866ea8551bfcb192002ca9c5394
packers: BINARYRES, BINARYRES
Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=9eedeefeb8f9cf30ea4b3daf73e53b42
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=aaaf86229590

Kuzz
25.04.2007, 17:25
Complete scanning result of "avz00002.dta", received in VirusTotal at 04.25.2007, 15:11:12 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.25.2007 no virus found
AntiVir 7.4.0.15 04.25.2007 TR/Rootkit.Agent.CC
Authentium 4.93.8 04.24.2007 no virus found
Avast 4.7.981.0 04.25.2007 no virus found
AVG 7.5.0.464 04.25.2007 no virus found
BitDefender 7.2 04.25.2007 Trojan.Rootkit.Agent.CC
CAT-QuickHeal 9.00 04.24.2007 no virus found
ClamAV devel-20070416 04.25.2007 no virus found
DrWeb 4.33 04.25.2007 no virus found
eSafe 7.0.15.0 04.25.2007 no virus found
eTrust-Vet 30.7.3594 04.25.2007 no virus found
Ewido 4.0 04.24.2007 no virus found
FileAdvisor 1 04.25.2007 no virus found
Fortinet 2.85.0.0 04.25.2007 no virus found
F-Prot 4.3.2.48 04.24.2007 no virus found
F-Secure 6.70.13030.0 04.25.2007 no virus found
Ikarus T3.1.1.5 04.25.2007 Trojan.Rootkit.Agent.CC
Kaspersky 4.0.2.24 04.25.2007 no virus found
McAfee 5016 04.24.2007 no virus found
Microsoft 1.2405 04.25.2007 no virus found
NOD32v2 2217 04.25.2007 no virus found
Norman 5.80.02 04.24.2007 no virus found
Panda 9.0.0.4 04.25.2007 no virus found
Prevx1 V2 04.25.2007 no virus found
Sophos 4.16.0 04.23.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.25.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.25.2007 no virus found
VirusBuster 4.3.7:9 04.25.2007 no virus found
Webwasher-Gateway 6.0.1 04.25.2007 Trojan.Rootkit.Agent.CC

Aditional Information
File size: 8105 bytes
MD5: 9e3cfddc91678f7a53bbb747b0959b22
SHA1: eeb134297935c81dd0537c02c39b8a6fa19fd2d1

saicat
25.04.2007, 20:37
Complete scanning result of "Vertrag.doc.exw", received in VirusTotal at 04.25.2007, 18:18:10 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.25.2007 no virus found
AntiVir 7.4.0.15 04.25.2007 no virus found
Authentium 4.93.8 04.24.2007 no virus found
Avast 4.7.981.0 04.25.2007 no virus found
AVG 7.5.0.464 04.25.2007 no virus found
BitDefender 7.2 04.25.2007 no virus found
CAT-QuickHeal 9.00 04.25.2007 no virus found
ClamAV devel-20070416 04.25.2007 Trojan.Fakebill-1
DrWeb 4.33 04.25.2007 DLOADER.Trojan
eSafe 7.0.15.0 04.25.2007 no virus found
eTrust-Vet 30.7.3594 04.25.2007 no virus found
Ewido 4.0 04.25.2007 no virus found
FileAdvisor 1 04.25.2007 no virus found
Fortinet 2.85.0.0 04.25.2007 no virus found
F-Prot 4.3.2.48 04.24.2007 no virus found
F-Secure 6.70.13030.0 04.25.2007 no virus found
Ikarus T3.1.1.5 04.25.2007 Trojan-Downloader.Win32.Small
Kaspersky 4.0.2.24 04.25.2007 no virus found
McAfee 5017 04.25.2007 Downloader-AAP
Microsoft 1.2405 04.25.2007 no virus found
NOD32v2 2218 04.25.2007 a variant of Win32/TrojanDownloader.Nurech.BG
Norman 5.80.02 04.25.2007 no virus found
Panda 9.0.0.4 04.25.2007 Suspicious file
Prevx1 V2 04.25.2007 no virus found
Sophos 4.16.0 04.23.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.25.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.25.2007 no virus found
VirusBuster 4.3.7:9 04.25.2007 no virus found
Webwasher-Gateway 6.0.1 04.25.2007 no virus found

Aditional Information
File size: 19456 bytes
MD5: ca0b6a262396cc85869455150f8ef94f
SHA1: bfdb87d4fd273865493e2308544c1feeac83ba6c

mvlab
27.04.2007, 00:01
Complete scanning result of "Gay-Lesbian-Photo.3xe", received in VirusTotal at 04.26.2007, 22:00:11 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.26.2007 no virus found
AntiVir 7.4.0.15 04.26.2007 TR/Click.Delf.FZ.8
Authentium 4.93.8 04.26.2007 W32/Trojan.ACCO
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 Clicker.EYG
BitDefender 7.2 04.26.2007 no virus found
CAT-QuickHeal 9.00 04.26.2007 no virus found
ClamAV devel-20070416 04.26.2007 no virus found
DrWeb 4.33 04.26.2007 Trojan.Click.2270
eSafe 7.0.15.0 04.25.2007 Win32.Delf.fz
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 Hijacker.Delf.fz
FileAdvisor 1 04.26.2007 no virus found
Fortinet 2.85.0.0 04.26.2007 Adware/Delf
F-Prot 4.3.2.48 04.26.2007 W32/Trojan.ACCO
F-Secure 6.70.13030.0 04.26.2007 Trojan-Clicker.Win32.Delf.fz
Ikarus T3.1.1.5 04.26.2007 no virus found
Kaspersky 4.0.2.24 04.26.2007 Trojan-Clicker.Win32.Delf.fz
McAfee 5018 04.26.2007 no virus found
Microsoft 1.2405 04.26.2007 no virus found
NOD32v2 2221 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 no virus found
Panda 9.0.0.4 04.26.2007 Adware/Pview
Prevx1 V2 04.26.2007 Win32.Malware.gen
Sophos 4.16.0 04.23.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.26.2007 Trojan Horse
TheHacker 6.1.6.095 04.15.2007 Trojan/Clicker.Delf.fz
VBA32 3.11.4 04.26.2007 Trojan-Clicker.Win32.Delf.fz
VirusBuster 4.3.7:9 04.26.2007 no virus found
Webwasher-Gateway 6.0.1 04.26.2007 Trojan.Click.Delf.FZ.8

Aditional Information
File size: 314368 bytes
MD5: c12dfc9983f041765a633051cca06789
SHA1: 1385c8e0090852877a75030ef518265623d1de62
packers: UPX
packers: UPX
packers: UPX
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=bcab84711036

mvlab
27.04.2007, 00:38
Complete scanning result of "yayvw._ll", received in VirusTotal at 04.26.2007, 22:37:23 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.26.2007 no virus found
AntiVir 7.4.0.15 04.26.2007 no virus found
Authentium 4.93.8 04.26.2007 could be a corrupted executable file
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 Lop.AQ
BitDefender 7.2 04.26.2007 no virus found
CAT-QuickHeal 9.00 04.26.2007 no virus found
ClamAV devel-20070416 04.26.2007 no virus found
DrWeb 4.33 04.26.2007 no virus found
eSafe 7.0.15.0 04.25.2007 no virus found
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 no virus found
FileAdvisor 1 04.26.2007 no virus found
Fortinet 2.85.0.0 04.26.2007 suspicious
F-Prot 4.3.2.48 04.26.2007 W32/AdwareX.GD
F-Secure 6.70.13030.0 04.26.2007 no virus found
Ikarus T3.1.1.5 04.26.2007 no virus found
Kaspersky 4.0.2.24 04.26.2007 not-a-virus:AdWare.Win32.Virtumonde.fj
McAfee 5018 04.26.2007 no virus found
Microsoft 1.2405 04.26.2007 no virus found
NOD32v2 2221 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 no virus found
Panda 9.0.0.4 04.26.2007 Suspicious file
Prevx1 V2 04.26.2007 no virus found
Sophos 4.16.0 04.23.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.26.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.26.2007 AdWare.Win32.Virtumonde.fj
VirusBuster 4.3.7:9 04.26.2007 no virus found
Webwasher-Gateway 6.0.1 04.26.2007 Win32.Malware.dam (suspicious)

Aditional Information
File size: 490321 bytes
MD5: 126a1f3e5936bc87d30c48bd9dd48412
SHA1: 86a06733b9b5bf0472ee6eac96a552273e78f125

ISO
27.04.2007, 07:44
Complete scanning result of "service.exe", received in VirusTotal at 04.27.2007, 05:40:08 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.26.2007 no virus found
Authentium 4.93.8 04.26.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 no virus found
BitDefender 7.2 04.27.2007 no virus found
CAT-QuickHeal 9.00 04.26.2007 no virus found
ClamAV devel-20070416 04.26.2007 no virus found
DrWeb 4.33 04.26.2007 Trojan.Starter.167
eSafe 7.0.15.0 04.25.2007 no virus found
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 no virus found
FileAdvisor 1 04.27.2007 no virus found
Fortinet 2.85.0.0 04.27.2007 no virus found
F-Prot 4.3.2.48 04.26.2007 no virus found
F-Secure 6.70.13030.0 04.27.2007 Trojan.Win32.Starter.z
Ikarus T3.1.1.5 04.26.2007 Trojan.Win32.Starter.z
Kaspersky 4.0.2.24 04.27.2007 Trojan.Win32.Starter.z
McAfee 5018 04.26.2007 no virus found
Microsoft 1.2405 04.27.2007 no virus found
NOD32v2 2222 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 no virus found
Panda 9.0.0.4 04.26.2007 no virus found
Prevx1 V2 04.27.2007 Trojan.SystemPoser
Sophos 4.16.0 04.23.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 Trojan-PWS.Win32.Lmir.AOE
Symantec 10 04.27.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.27.2007 no virus found
VirusBuster 4.3.7:9 04.26.2007 Trojan.Starter.AJ
Webwasher-Gateway 6.0.1 04.27.2007 no virus found

Aditional Information
File size: 45568 bytes
MD5: f7903b227fa3668edd19f2821cc1ec6e
SHA1: dbdd807f0563b0aff94c172d052aea067ea20f86

ISO
27.04.2007, 07:56
Complete scanning result of "1.exe", received in VirusTotal at 04.27.2007, 05:51:39 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.26.2007 TR/Crypt.PCMM.Gen
Authentium 4.93.8 04.26.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 BackDoor.Generic5.QAS
BitDefender 7.2 04.27.2007 Backdoor.SDBot.AAU
CAT-QuickHeal 9.00 04.26.2007 Backdoor.IRCBot.aak
ClamAV devel-20070416 04.26.2007 Trojan.Small-1671
DrWeb 4.33 04.26.2007 BackDoor.Mailbot
eSafe 7.0.15.0 04.25.2007 Win32.IRCBot.aak
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 Backdoor.IRCBot.aak
FileAdvisor 1 04.27.2007 no virus found
Fortinet 2.85.0.0 04.27.2007 W32/IRCBot.AAK!tr.bdr
F-Prot 4.3.2.48 04.26.2007 no virus found
F-Secure 6.70.13030.0 04.27.2007 Backdoor.Win32.IRCBot.aak
Ikarus T3.1.1.5 04.26.2007 Backdoor.Win32.Rbot.aeu
Kaspersky 4.0.2.24 04.27.2007 Backdoor.Win32.IRCBot.aak
McAfee 5018 04.26.2007 W32/Sdbot.worm.gen.l
Microsoft 1.2405 04.27.2007 Backdoor:Win32/IRCbot.OL
NOD32v2 2222 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 no virus found
Panda 9.0.0.4 04.26.2007 Trj/Mailbot.CE
Prevx1 V2 04.27.2007 Win32.Malware.gen
Sophos 4.16.0 04.23.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.27.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 Backdoor/IRCBot.aak
VBA32 3.11.4 04.27.2007 Backdoor.Win32.IRCBot.aak
VirusBuster 4.3.7:9 04.26.2007 Worm.Sdbot.FBL
Webwasher-Gateway 6.0.1 04.27.2007 Trojan.Crypt.PCMM.Gen

Aditional Information
File size: 72919 bytes
MD5: e4cac028a6e4555fac80d8feba060869
SHA1: af6374ea21f6453f5dd753cbf478662debfe442c
packers: NSPack

ISO
27.04.2007, 08:09
Complete scanning result of "3.exe", received in VirusTotal at 04.27.2007, 06:04:21 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.27.2007 Win-Trojan/Slaper.69496
AntiVir 7.4.0.15 04.26.2007 TR/Crypt.PCMM.Gen
Authentium 4.93.8 04.26.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 Proxy.NBR
BitDefender 7.2 04.27.2007 no virus found
CAT-QuickHeal 9.00 04.26.2007 TrojanProxy.Slaper.e
ClamAV devel-20070416 04.26.2007 Trojan.Small-1671
DrWeb 4.33 04.26.2007 BackDoor.Mailbot
eSafe 7.0.15.0 04.25.2007 Win32.Slaper.e
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 Proxy.Slaper.e
FileAdvisor 1 04.27.2007 no virus found
Fortinet 2.85.0.0 04.27.2007 W32/SLAPER.E!tr
F-Prot 4.3.2.48 04.26.2007 no virus found
F-Secure 6.70.13030.0 04.27.2007 Trojan-Proxy.Win32.Slaper.e
Ikarus T3.1.1.5 04.26.2007 Trojan-Proxy.Win32.Slaper.e
Kaspersky 4.0.2.24 04.27.2007 Trojan-Proxy.Win32.Slaper.e
McAfee 5018 04.26.2007 no virus found
Microsoft 1.2405 04.27.2007 no virus found
NOD32v2 2222 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 W32/Slaper.DS
Panda 9.0.0.4 04.26.2007 Trj/MailBot.CN
Prevx1 V2 04.27.2007 Win32.Malware.gen
Sophos 4.16.0 04.23.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.27.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 Trojan/Proxy.Slaper.e
VBA32 3.11.4 04.27.2007 suspected of Embedded.Trojan-Proxy.Win32.Slaper.e
VirusBuster 4.3.7:9 04.26.2007 Worm.Sdbot.FBL
Webwasher-Gateway 6.0.1 04.27.2007 Trojan.Crypt.PCMM.Gen

Aditional Information
File size: 69496 bytes
MD5: 9cbcd4e77f8a03d46865e7c2ad861b09
SHA1: 1d013b25a82dca91b49aa2fb20a1b3bd5492b923
packers: NSPack

ISO
27.04.2007, 08:17
Complete scanning result of "2.exe", received in VirusTotal at 04.27.2007, 06:14:21 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.27.2007 Win-Trojan/Slaper.69431
AntiVir 7.4.0.15 04.26.2007 TR/Crypt.PCMM.Gen
Authentium 4.93.8 04.26.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 IRC/BackDoor.SdBot2.YMI
BitDefender 7.2 04.27.2007 Backdoor.Sdbot.AGW
CAT-QuickHeal 9.00 04.26.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 04.26.2007 Trojan.Small-1671
DrWeb 4.33 04.26.2007 no virus found
eSafe 7.0.15.0 04.25.2007 Win32.Slaper.t
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 Proxy.Slaper.t
FileAdvisor 1 04.27.2007 no virus found
Fortinet 2.85.0.0 04.27.2007 W32/Sdbot.T!tr
F-Prot 4.3.2.48 04.26.2007 no virus found
F-Secure 6.70.13030.0 04.27.2007 Trojan-Proxy.Win32.Slaper.t
Ikarus T3.1.1.5 04.26.2007 Trojan-Proxy.Win32.Slaper.e
Kaspersky 4.0.2.24 04.27.2007 Trojan-Proxy.Win32.Slaper.t
McAfee 5018 04.26.2007 W32/Sdbot.worm.gen.l
Microsoft 1.2405 04.27.2007 no virus found
NOD32v2 2222 04.26.2007 Win32/TrojanProxy.Slaper.C
Norman 5.80.02 04.26.2007 W32/Slaper.DU
Panda 9.0.0.4 04.26.2007 Trj/Mailbot.AH
Prevx1 V2 04.27.2007 Win32.Malware.gen
Sophos 4.16.0 04.23.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.27.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 Trojan/Proxy.Slaper.t
VBA32 3.11.4 04.27.2007 Trojan-Proxy.Win32.Slaper.t
VirusBuster 4.3.7:9 04.26.2007 Worm.Sdbot.FBL
Webwasher-Gateway 6.0.1 04.27.2007 Trojan.Crypt.PCMM.Gen

Aditional Information
File size: 69431 bytes
MD5: 3d9a82d381fb9e90ecb4714b123b701a
SHA1: 2d72fc3b9a600b3fd0897cf82ca330c5f49308a5
packers: NSPack

ISO
27.04.2007, 08:25
Complete scanning result of "4.exe", received in VirusTotal at 04.27.2007, 06:21:52 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.26.0 04.27.2007 Win-Trojan/Slaper.71363
AntiVir 7.4.0.15 04.26.2007 TR/Crypt.PCMM.Gen
Authentium 4.93.8 04.26.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 Proxy.MVH
BitDefender 7.2 04.27.2007 no virus found
CAT-QuickHeal 9.00 04.26.2007 TrojanProxy.Slaper.e
ClamAV devel-20070416 04.26.2007 Trojan.Small-1671
DrWeb 4.33 04.26.2007 no virus found
eSafe 7.0.15.0 04.25.2007 Win32.Slaper.e
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 Proxy.Slaper.e
FileAdvisor 1 04.27.2007 no virus found
Fortinet 2.85.0.0 04.27.2007 W32/SLAPER.E!tr
F-Prot 4.3.2.48 04.26.2007 no virus found
F-Secure 6.70.13030.0 04.27.2007 Trojan-Proxy.Win32.Slaper.e
Ikarus T3.1.1.5 04.26.2007 Trojan-Proxy.Win32.Slaper.e
Kaspersky 4.0.2.24 04.27.2007 Trojan-Proxy.Win32.Slaper.e
McAfee 5018 04.26.2007 no virus found
Microsoft 1.2405 04.27.2007 no virus found
NOD32v2 2222 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 W32/Slaper.DK
Panda 9.0.0.4 04.26.2007 Suspicious file
Prevx1 V2 04.27.2007 no virus found
Sophos 4.16.0 04.23.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.27.2007 no virus found
TheHacker 6.1.6.088 04.09.2007 no virus found
VBA32 3.11.4 04.27.2007 suspected of Embedded.Trojan-Proxy.Win32.Slaper.e
VirusBuster 4.3.7:9 04.26.2007 Worm.Sdbot.FBL
Webwasher-Gateway 6.0.1 04.27.2007 Trojan.Crypt.PCMM.Gen

Aditional Information
File size: 71363 bytes
MD5: 7f6ed559cdd6006f028fe47c0a297420
SHA1: e2691db858e9b10b75b8fcf11cb8c7e0fd142e88
packers: NSPack

ISO
27.04.2007, 08:34
Complete scanning result of "6.exe"
AhnLab-V3 2007.4.26.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.26.2007 TR/Crypt.PCMM.Gen
Authentium 4.93.8 04.26.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 Proxy.NBV
BitDefender 7.2 04.27.2007 no virus found
CAT-QuickHeal 9.00 04.26.2007 TrojanProxy.Slaper.e
ClamAV devel-20070416 04.26.2007 Trojan.Small-1671
DrWeb 4.33 04.26.2007 BackDoor.Mailbot
eSafe 7.0.15.0 04.25.2007 Win32.Slaper.e
eTrust-Vet 30.7.3597 04.26.2007 no virus found
Ewido 4.0 04.26.2007 Proxy.Slaper.e
FileAdvisor 1 04.27.2007 no virus found
Fortinet 2.85.0.0 04.27.2007 suspicious
F-Prot 4.3.2.48 04.26.2007 no virus found
F-Secure 6.70.13030.0 04.27.2007 Trojan-Proxy.Win32.Slaper.e
Ikarus T3.1.1.5 04.26.2007 Trojan-Proxy.Win32.Slaper.e
Kaspersky 4.0.2.24 04.27.2007 Trojan-Proxy.Win32.Slaper.e
McAfee 5018 04.26.2007 no virus found
Microsoft 1.2405 04.27.2007 no virus found
NOD32v2 2222 04.26.2007 no virus found
Norman 5.80.02 04.26.2007 W32/Slaper.DT
Panda 9.0.0.4 04.26.2007 Trj/MailBot.CN
Prevx1 V2 04.27.2007 Trojan.ModalDigits
Sophos 4.16.0 04.23.2007 Mal/Packer
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.27.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 Trojan/Proxy.Slaper.e
VBA32 3.11.4 04.27.2007 BackDoor.Mailbot
VirusBuster 4.3.7:9 04.26.2007 Worm.Sdbot.FBL
Webwasher-Gateway 6.0.1 04.27.2007 Trojan.Crypt.PCMM.Gen

Aditional Information
File size: 70581 bytes
MD5: afb2d474a81eef3492a2a1bf445d7447
SHA1: cf1573ac4f11a8f26601a3d1a39f9e7c8225a9ba
packers: NSPack

Dandy
29.04.2007, 11:17
Complete scanning result of "Rezhim_pitanija__1_.doc", received in VirusTotal at 04.29.2007, 09:14:09 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.28.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.28.2007 EXP/Word.Dropper.Gen
Authentium 4.93.8 04.27.2007 no virus found
Avast 4.7.981.0 04.26.2007 MW97:CVE-2006-2492.Gen
AVG 7.5.0.464 04.26.2007 no virus found
BitDefender 7.2 04.29.2007 Exploit.MSWord.Ginwui.Gen
CAT-QuickHeal 9.00 04.28.2007 no virus found
ClamAV devel-20070416 04.29.2007 no virus found
DrWeb 4.33 04.28.2007 no virus found
eSafe 7.0.15.0 04.27.2007 no virus found
eTrust-Vet 30.7.3601 04.27.2007 W97M/SmartTags!exploit
Ewido 4.0 04.27.2007 no virus found
FileAdvisor 1 04.29.2007 no virus found
Fortinet 2.85.0.0 04.29.2007 no virus found
F-Prot 4.3.2.48 - CVE-2006-2492
F-Secure 6.70.13030.0 04.28.2007 no virus found
Ikarus T3.1.1.5 04.29.2007 no virus found
Kaspersky 4.0.2.24 04.29.2007 no virus found
McAfee 5019 04.27.2007 Exploit-MS06-027
Microsoft 1.2405 04.29.2007 Exploit:Win32/Wordjmp.gen
NOD32v2 2227 04.29.2007 a variant of Win32/Exploit.MSWord.Smtag
Norman 5.80.02 04.27.2007 W97M/CVE-2006-2492
Panda 9.0.0.4 04.28.2007 no virus found
Prevx1 V2 04.29.2007 no virus found
Sophos 4.17.0 04.28.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.29.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.28.2007 no virus found
VirusBuster 4.3.7:9 04.28.2007 no virus found
Webwasher-Gateway 6.0.1 04.29.2007 Exploit.Word.Dropper.Gen

Aditional Information
File size: 80563 bytes
MD5: fcb08c76730dc50879741d6502f5cfce
SHA1: cd313437064ed99fd0947e41447d80053cb5789e

drongo
29.04.2007, 12:15
t=9340
Complete scanning result of "avz00006.dta", received in VirusTotal at 04.29.2007, 10:11:28 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.4.28.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.28.2007 no virus found
Authentium 4.93.8 04.27.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 7.5.0.464 04.26.2007 no virus found
BitDefender 7.2 04.29.2007 Trojan.Juan.G
CAT-QuickHeal 9.00 04.28.2007 no virus found
ClamAV devel-20070416 04.29.2007 no virus found
DrWeb 4.33 04.28.2007 no virus found
eSafe 7.0.15.0 04.27.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3601 04.27.2007 no virus found
Ewido 4.0 04.27.2007 no virus found
FileAdvisor 1 04.29.2007 no virus found
Fortinet 2.85.0.0 04.29.2007 Spy/JuanSearch
F-Prot 4.3.2.48 - no virus found
F-Secure 6.70.13030.0 04.28.2007 no virus found
Ikarus T3.1.1.5 04.29.2007 no virus found
Kaspersky 4.0.2.24 04.29.2007 no virus found
McAfee 5019 04.27.2007 no virus found
Microsoft 1.2405 04.29.2007 VirTool:Win32/Obfuscator.C
NOD32v2 2227 04.29.2007 no virus found
Norman 5.80.02 04.27.2007 W32/Suspicious_U.gen
Panda 9.0.0.4 04.28.2007 Suspicious file
Prevx1 V2 04.29.2007 Polynomial.Code.Exploit
Sophos 4.17.0 04.28.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.29.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.28.2007 no virus found
VirusBuster 4.3.7:9 04.28.2007 Packed/Upack
Webwasher-Gateway 6.0.1 04.29.2007 Win32.Malware.gen#Upack (suspicious)

Aditional Information
File size: 38066 bytes
MD5: 0eb5212bbf2bdb27d1d8de9b3f7ddb04
SHA1: 4918a17bbf40f1994e8ee795f9a7e00efd0a2884
packers: UPack
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=0cde91848981
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.