Исследование антивирусов 7

Printable View

Показывать 40 сообщений этой темы на одной странице

16.07.2009, 20:21
Surfer

File SecureZIP.12.2.exe received on 2009.07.16 15:43:22 (UTC)
Result: 13/41 (31.71%)

[QUOTE][B]a-squared 4.5.0.24 2009.07.16 Trojan.Win32.Alureon!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.16 -
[B]AntiVir 7.9.0.215 2009.07.16 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.16 -
Authentium 5.1.2.4 2009.07.16 -
[B]Avast 4.8.1335.0 2009.07.16 NSIS:Fasec-AR[/B]
AVG 8.5.0.387 2009.07.16 -
BitDefender 7.2 2009.07.16 -
CAT-QuickHeal 10.00 2009.07.16 -
ClamAV 0.94.1 2009.07.16 -
Comodo 1671 2009.07.16 -
DrWeb 5.0.0.12182 2009.07.16 -
[B]eSafe 7.0.17.0 2009.07.16 Suspicious File[/B]
eTrust-Vet 31.6.6617 2009.07.15 -
F-Prot 4.4.4.56 2009.07.16 -
[B]F-Secure 8.0.14470.0 2009.07.16 Packed.Win32.Tdss.w[/B]
Fortinet 3.120.0.0 2009.07.16 -
[B]GData 19 2009.07.16 NSIS:Fasec-AR[/B]
[B]Ikarus T3.1.1.64.0 2009.07.16 Trojan.Win32.Alureon[/B]
[B]Jiangmin 11.0.800 2009.07.16 Trojan/TDSS.daa[/B]
K7AntiVirus 7.10.793 2009.07.15 -
Kaspersky 7.0.0.125 2009.07.16 -
McAfee 5677 2009.07.15 -
McAfee+Artemis 5677 2009.07.15 -
[B]McAfee-GW-Edition 6.8.5 2009.07.16 Trojan.Dropper.Gen[/B]
[B]Microsoft 1.4803 2009.07.16 Trojan:Win32/Alureon.gen!J[/B]
[B]NOD32 4250 2009.07.16 a variant of Win32/Kryptik.YR[/B]
Norman 6.01.09 2009.07.16 -
nProtect 2009.1.8.0 2009.07.16 -
Panda 10.0.0.14 2009.07.15 -
PCTools 4.4.2.0 2009.07.16 -
[B]Prevx 3.0 2009.07.16 Medium Risk Malware[/B]
Rising 21.38.34.00 2009.07.16 -
[B]Sophos 4.43.0 2009.07.16 Mal/WaledPak-D[/B]
Sunbelt 3.2.1858.2 2009.07.16 -
Symantec 1.4.4.12 2009.07.16 -
TheHacker 6.3.4.3.368 2009.07.15 -
TrendMicro 8.950.0.1094 2009.07.16 -
VBA32 3.12.10.8 2009.07.15 -
ViRobot 2009.7.16.1839 2009.07.16 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]

[url]http://www.virustotal.com/analisis/f87d7303c514b97308a07d29cb32874bc73ba46622586b70009d57afa115f1bd-1247759002[/url]
16.07.2009, 21:51
ALEX(XX)

File sdra64.exe received on 2009.07.16 17:41:52 (UTC)[CODE]Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.07.16 -
AhnLab-V3 5.0.0.2 2009.07.16 -
[B]AntiVir 7.9.0.220 2009.07.16 TR/Crypt.ZPACK.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.16 -
Authentium 5.1.2.4 2009.07.16 -
[B]Avast 4.8.1335.0 2009.07.16 Win32:MalOb-A
AVG 8.5.0.387 2009.07.16 Win32/Cryptor[/B]
[B]BitDefender 7.2 2009.07.16 Gen:Trojan.Heur.Hype.90A35C5C5C[/B]
CAT-QuickHeal 10.00 2009.07.16 -
ClamAV 0.94.1 2009.07.16 -
Comodo 1672 2009.07.16 -
DrWeb 5.0.0.12182 2009.07.16 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6617 2009.07.15 -
F-Prot 4.4.4.56 2009.07.16 -
[B]F-Secure 8.0.14470.0 2009.07.16 Trojan-Spy.Win32.Zbot.gen[/B]
Fortinet 3.120.0.0 2009.07.16 -
[B]GData 19 2009.07.16 Gen:Trojan.Heur.Hype.90A35C5C5C[/B]
Ikarus T3.1.1.64.0 2009.07.16 -
Jiangmin 11.0.800 2009.07.16 -
[B]K7AntiVirus 7.10.794 2009.07.16 Trojan-Spy.Win32.Zbot.gen
Kaspersky 7.0.0.125 2009.07.16 Trojan-Spy.Win32.Zbot.gen[/B]
McAfee 5678 2009.07.16 -
McAfee+Artemis 5678 2009.07.16 -
[B]McAfee-GW-Edition 6.8.5 2009.07.16 Trojan.Crypt.ZPACK.Gen
Microsoft 1.4803 2009.07.16 PWS:Win32/Zbot.gen!R
NOD32 4250 2009.07.16 a variant of Win32/Kryptik.TL
Norman 6.01.09 2009.07.16 W32/Zbot.ESV[/B]
nProtect 2009.1.8.0 2009.07.16 -
Panda 10.0.0.14 2009.07.16 -
PCTools 4.4.2.0 2009.07.16 -
Prevx 3.0 2009.07.16 -
Rising 21.38.34.00 2009.07.16 -
[B]Sophos 4.43.0 2009.07.16 Mal/Zbot-O
Sunbelt 3.2.1858.2 2009.07.16 Trojan-Spy.Win32.Zbot.gen (v)
Symantec 1.4.4.12 2009.07.16 Packed.Generic.232[/B]
TheHacker 6.3.4.3.368 2009.07.15 -
TrendMicro 8.950.0.1094 2009.07.16 -
VBA32 3.12.10.8 2009.07.15 -
ViRobot 2009.7.16.1839 2009.07.16 -
VirusBuster 4.6.5.0 2009.07.16 -
[/CODE]

[CODE]Additional information
File size: 156160 bytes
MD5...: f7cd54f260e52fb08dc7f38db11bb34a
SHA1..: 99c40ae7bdaa1d287178a6bb713281d543369a54
SHA256: 748ac452367616eb940189dee2caba47d7030f3ebf4151972a55da6b309d462e
ssdeep: 3072:VMrS7qraRKxp/0mrAu6hwImYKmAJOIN39+wYC6LdiBxrBQv4naihOvE25:S MKxWmrAthwIU7OINt+QNxr+7vEi 
PEiD..: -
TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x8787 timedatestamp.....: 0x48defc33 (Sun Sep 28 03:38:27 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xea70 0xec00 7.27 b197c185c06657282ce7f4e6a071c866 .rdata 0x10000 0x13a8 0x1400 5.63 55a5cbaae3794760187605f491e46a6d .data 0x12000 0x40af 0x200 2.23 aad0214b1ece39af48ce1dfb9d061b14 ( 4 imports ) > ADVAPI32.dll: StartServiceCtrlDispatcherW, RegEnumKeyExA, GetAuditedPermissionsFromAclA, RegGetKeySecurity, FreeSid, InitiateSystemShutdownA, CryptContextAddRef, SetNamedSecurityInfoExW, GetCurrentHwProfileW, LookupAccountSidA, LookupAccountNameW, RegLoadKeyW, RegisterEventSourceW, BuildTrusteeWithSidW, DuplicateTokenEx, RegSaveKeyW, QueryServiceConfigA, CryptCreateHash, LookupAccountNameA, GetMultipleTrusteeA, SetFileSecurityW, CloseServiceHandle, MakeAbsoluteSD, CryptAcquireContextA, AccessCheck, RegSetKeySecurity, AccessCheckAndAuditAlarmW, RegOpenKeyExW, GetSecurityDescriptorLength, LookupSecurityDescriptorPartsW, ConvertSecurityDescriptorToAccessA, RegConnectRegistryA, SetAclInformation, OpenEventLogW, GetFileSecurityA, RegCloseKey, RegQueryValueExA, RegQueryMultipleValuesW, RegDeleteKeyA, SetNamedSecurityInfoExA > KERNEL32.dll: GetProcessHeap, GetDefaultCommConfigA, GetProcessShutdownParameters, Module32Next, Thread32Next, lstrcmp, GetTempPathW, LCMapStringW, ConvertDefaultLocale, GetThreadContext, ReadConsoleInputA, TransmitCommChar, GetCPInfoExW, LocalAlloc, SetTapeParameters, SetThreadPriorityBoost, SetThreadContext, GetFileAttributesA, WaitNamedPipeA, FillConsoleOutputCharacterW, SetComputerNameW, CreateIoCompletionPort, CompareFileTime, PeekNamedPipe, FindResourceExW, CreateWaitableTimerA, CreateFileA, MoveFileW, LocalFree, GetPrivateProfileStructA, FatalAppExitW, OpenWaitableTimerA, EraseTape, WaitForSingleObjectEx, WaitForSingleObject, WriteFile, EnumDateFormatsExW, FoldStringA, VirtualProtect, VirtualAlloc > SHLWAPI.dll: PathIsUNCW, SHRegDuplicateHKey, SHDeleteEmptyKeyW, SHIsLowMemoryMachine, SHAutoComplete, StrStrA, UrlUnescapeW, PathCanonicalizeA, UrlGetLocationA, PathAddExtensionA, PathIsSameRootA, PathMatchSpecW, StrChrA, SHRegEnumUSKeyA, PathAddExtensionW, PathFindSuffixArrayW, SHGetThreadRef, PathFileExistsA, PathGetCharTypeA, PathGetCharTypeW, StrSpnA, PathFindExtensionA, PathUndecorateA, SHRegSetUSValueA, PathParseIconLocationW, UrlCombineA, wnsprintfA, PathIsUNCServerA, IntlStrEqWorkerA, SHRegQueryInfoUSKeyW, PathMakeSystemFolderW, PathRenameExtensionA, UrlUnescapeA, SHRegGetBoolUSValueA, SHCopyKeyW, PathCombineA, PathGetDriveNumberW, PathIsDirectoryW, SHRegEnumUSKeyW, SHRegEnumUSValueA, PathCommonPrefixA, SHRegDeleteUSValueA, StrRChrIW, PathGetArgsA, StrPBrkA, PathFindExtensionW, UrlEscapeW, PathIsUNCServerShareA, PathBuildRootA, PathIsDirectoryEmptyA, PathMakeSystemFolderA, PathIsContentTypeW, PathIsRelativeA > ole32.dll: UtGetDvtd16Info, OleRegGetUserType, CoUnmarshalHresult, OleNoteObjectVisible, OleGetAutoConvert, OleQueryCreateFromData, OleMetafilePictFromIconAndLabel, OleConvertIStorageToOLESTREAM, CoInitialize, OleGetClipboard, StringFromIID, CoQueryReleaseObject, StgGetIFillLockBytesOnFile, CoQueryClientBlanket, OleIsCurrentClipboard, CoTaskMemFree, OleConvertOLESTREAMToIStorageEx, CoDosDateTimeToFileTime, CoFreeAllLibraries, OleCreateFromData, OleIsRunning, OleQueryLinkFromData, CreateDataCache, SetConvertStg, CoGetCurrentLogicalThreadId, CoMarshalHresult, OleSetClipboard, OleLoad, ProgIDFromCLSID, OleCreateLinkFromData, CoGetCurrentProcess, CoGetObject ( 0 exports ) 
PDFiD.: -
RDS...: NSRL Reference Data Set -
[/CODE]
17.07.2009, 18:43
Surfer

Файл uwpifur.html получен 2009.07.17 13:29:43 (UTC)
Результат: 3/41 (7.32%)

[QUOTE]a-squared 4.5.0.24 2009.07.17 -
AhnLab-V3 5.0.0.2 2009.07.17 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.17 -
[B]Avast 4.8.1335.0 2009.07.16 HTML:IFrame-IE[/B]
AVG 8.5.0.387 2009.07.17 -
BitDefender 7.2 2009.07.17 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.17 -
Comodo 1679 2009.07.17 -
DrWeb 5.0.0.12182 2009.07.17 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6622 2009.07.17 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.17 -
Fortinet 3.120.0.0 2009.07.17 -
[B]GData 19 2009.07.17 HTML:IFrame-IE[/B]
Ikarus T3.1.1.64.0 2009.07.17 -
Jiangmin 11.0.800 2009.07.17 -
K7AntiVirus 7.10.794 2009.07.16 -
Kaspersky 7.0.0.125 2009.07.17 -
McAfee 5678 2009.07.16 -
McAfee+Artemis 5678 2009.07.16 -
[B]McAfee-GW-Edition 6.8.5 2009.07.17 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
Microsoft 1.4803 2009.07.17 -
NOD32 4254 2009.07.17 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.17 -
Panda 10.0.0.14 2009.07.16 -
PCTools 4.4.2.0 2009.07.17 -
Prevx 3.0 2009.07.17 -
Rising 21.38.44.00 2009.07.17 -
Sophos 4.43.0 2009.07.17 -
Sunbelt 3.2.1858.2 2009.07.17 -
Symantec 1.4.4.12 2009.07.17 -
TheHacker 6.3.4.3.369 2009.07.16 -
TrendMicro 8.950.0.1094 2009.07.17 -
VBA32 3.12.10.8 2009.07.16 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/4deb94db13626eed3b435fb4c46d13791f556202b865a51d9b1417e931d64f63-1247837383[/url]
17.07.2009, 21:51
valho

File foto18.scr received on 2009.07.17 17:30:58 (UTC)
Current status: finished
Result: 9/40 (22.50%)
[QUOTE][B]a-squared 4.5.0.24 2009.07.17 Trojan.Win32.FakeXPA!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.17 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.17 -
Avast 4.8.1335.0 2009.07.17 -
AVG 8.5.0.387 2009.07.17 -
BitDefender 7.2 2009.07.17 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.17 -
Comodo 1681 2009.07.17 -
[B]DrWeb 5.0.0.12182 2009.07.17 Trojan.MulDrop.30762[/B]
[B]eSafe 7.0.17.0 2009.07.16 Suspicious File[/B]
eTrust-Vet 31.6.6622 2009.07.17 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.17 -
Fortinet 3.120.0.0 2009.07.17 -
GData 19 2009.07.17 -
[B]Ikarus T3.1.1.64.0 2009.07.17 Trojan.Win32.FakeXPA[/B]
Jiangmin 11.0.800 2009.07.17 -
K7AntiVirus 7.10.794 2009.07.16 -
Kaspersky 7.0.0.125 2009.07.17 -
[B]McAfee 5679 2009.07.17 New Malware.ix[/B]
[B]McAfee+Artemis 5679 2009.07.17 Artemis!0BB14FB2F387[/B]
McAfee-GW-Edition 6.8.5 2009.07.17 -
[B]Microsoft 1.4803 2009.07.17 TrojanDropper:Win32/Forcud.A[/B]
NOD32 4254 2009.07.17 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.17 -
PCTools 4.4.2.0 2009.07.17 -
[B]Prevx 3.0 2009.07.17 High Risk Cloaked Malware[/B]
[B]Rising 21.38.44.00 2009.07.17 Packer.Win32.Mian007.a[/B]
Sophos 4.43.0 2009.07.17 -
Sunbelt 3.2.1858.2 2009.07.17 -
Symantec 1.4.4.12 2009.07.17 -
TheHacker 6.3.4.3.369 2009.07.16 -
TrendMicro 8.950.0.1094 2009.07.17 -
VBA32 3.12.10.8 2009.07.16 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]
Additional information
File size: 196608 bytes
MD5 : 0bb14fb2f38777f6b64b60dc8f1978ce
SHA1 : 4be7e0e8a3a5753b75cf1a2cec9c17a8595469bf
SHA256: 6be4d1588541bc4a1826b1a52d3046ea6ad2e720a8b1a93c81e97b793d09c8f1
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1187
timedatestamp.....: 0x373ADC16 (Thu May 13 16:05:10 1999)
machinetype.......: 0x14C (Intel I386)
[url]http://info.prevx.com/aboutprogramtext.asp?PX5=C8E83035000EE7DE00F80355C352F7004167BEF2[/url]
19.07.2009, 00:44
valho

File gsmlokator_nokia.jad received on 2009.07.18 20:43:03 (UTC)
Current status: finished
Result: 0/41 (0%)
[QUOTE]a-squared 4.5.0.24 2009.07.18 -
AhnLab-V3 5.0.0.2 2009.07.18 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.18 -
Avast 4.8.1335.0 2009.07.18 -
AVG 8.5.0.387 2009.07.18 -
BitDefender 7.2 2009.07.18 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.18 -
Comodo 1695 2009.07.18 -
DrWeb 5.0.0.12182 2009.07.18 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6623 2009.07.18 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.18 -
Fortinet 3.120.0.0 2009.07.18 -
GData 19 2009.07.18 -
Ikarus T3.1.1.64.0 2009.07.18 -
Jiangmin 11.0.800 2009.07.18 -
K7AntiVirus 7.10.796 2009.07.18 -
Kaspersky 7.0.0.125 2009.07.18 -
McAfee 5680 2009.07.18 -
McAfee+Artemis 5680 2009.07.18 -
McAfee-GW-Edition 6.8.5 2009.07.18 -
Microsoft 1.4803 2009.07.18 -
NOD32 4257 2009.07.18 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.18 -
Panda 10.0.0.14 2009.07.18 -
PCTools 4.4.2.0 2009.07.18 -
Prevx 3.0 2009.07.18 -
Rising 21.38.52.00 2009.07.18 -
Sophos 4.43.0 2009.07.18 -
Sunbelt 3.2.1858.2 2009.07.18 -
Symantec 1.4.4.12 2009.07.18 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.18 -
VBA32 3.12.10.8 2009.07.17 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]
Additional information
File size: 394 bytes
MD5...: f4b911f5a6922dfa86cbad1b5751f5d5
SHA1..: 2534a0e3ba2750adf82b47fbc10158e153a1859c
SHA256: a2bfeed9aa5962f32a4171436cee7ba6b58a86972636f7fca9ca64a9859ca6b6
ssdeep: 6:1KItJtf9FyuF35rB9oU+KMIgzB9ovXe2nkfSUu9VtUqYoESleOdaivv:1Tt/ff
xp5tX+KVSMX+u9VOFMleOfvv
PEiD..: -
TrID..: File type identification
Java Manifest (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
:(
21.07.2009, 12:59
VirCode

Нашёл на работе в папке %USERPROFILE%

Файл User.exe получен 2009.07.21 09:00:24 (UTC)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.21 -
[B]AhnLab-V3 5.0.0.2 2009.07.21 Win-Trojan/Downloader.39424.CQ[/B]
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.21 -
Avast 4.8.1335.0 2009.07.20 -
[B]AVG 8.5.0.387 2009.07.20 Downloader.Generic8.BCXT[/B]
BitDefender 7.2 2009.07.21 -
[B]CAT-QuickHeal 10.00 2009.07.21 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.07.21 -
Comodo 1723 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.21 -
eSafe 7.0.17.0 2009.07.20 -
eTrust-Vet 31.6.6629 2009.07.21 -
F-Prot 4.4.4.56 2009.07.20 -
F-Secure 8.0.14470.0 2009.07.21 -
[B]Fortinet 3.120.0.0 2009.07.21 Misc/Renos[/B]
GData 19 2009.07.21 -
Ikarus T3.1.1.64.0 2009.07.21 -
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.797 2009.07.20 -
[B]Kaspersky 7.0.0.125 2009.07.21 Hoax.Win32.Renos.vcgo[/B]
McAfee 5682 2009.07.20 -
McAfee+Artemis 5682 2009.07.20 -
McAfee-GW-Edition 6.8.5 2009.07.21 -
[B]Microsoft 1.4803 2009.07.21 VirTool:Win32/Obfuscator.ES[/B]
NOD32 4262 2009.07.20 -
Norman 6.01.09 2009.07.20 -
nProtect 2009.1.8.0 2009.07.21 -
[B]Panda 10.0.0.14 2009.07.20 Suspicious file[/B]
PCTools 4.4.2.0 2009.07.20 -
[B]Prevx 3.0 2009.07.21 High Risk Cloaked Malware[/B]
Rising 21.39.10.00 2009.07.21 -
Sophos 4.43.0 2009.07.21 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.21 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.21 -
VBA32 3.12.10.8 2009.07.21 -
ViRobot 2009.7.21.1844 2009.07.21 -
VirusBuster 4.6.5.0 2009.07.20 -[/QUOTE]

File size: 39424 bytes
MD5...: e17a03336c1db4cfa0f83a1de511efe7
SHA1..: 4de1074c88cb6fb3f432dd2cbf2884100d2ad6a9
SHA256: 0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d56d75be1b0ecb00
ssdeep: 768:b4doDtuG3FBR8GXMz5Fi/XzdqAjSomBg:b4uJuG3/R8GXkFlAjSoM
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

P.S: [URL="http://camas.comodo.com/cgi-bin/submit?file=0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d56d75be1b0ecb00"]http://camas.comodo.com/cgi-bin/submit?file=0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d56d75be1b0ecb00[/URL]
22.07.2009, 08:53
valho

File syschost.exe received on 2009.07.22 04:43:54 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE][B]a-squared 4.5.0.24 2009.07.22 Trojan-Dropper.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.21 -
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.22 -
Avast 4.8.1335.0 2009.07.21 -
AVG 8.5.0.387 2009.07.21 -
BitDefender 7.2 2009.07.22 -
CAT-QuickHeal 10.00 2009.07.21 -
ClamAV 0.94.1 2009.07.22 -
Comodo 1729 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.22 -
[B]eSafe 7.0.17.0 2009.07.21 Suspicious File[/B]
eTrust-Vet 31.6.6632 2009.07.22 -
F-Prot 4.4.4.56 2009.07.21 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.22 -
GData 19 2009.07.22 -
[B]Ikarus T3.1.1.64.0 2009.07.22 Trojan-Dropper.Agent[/B]
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.798 2009.07.21 -
Kaspersky 7.0.0.125 2009.07.22 -
McAfee 5683 2009.07.21 -
McAfee+Artemis 5683 2009.07.21 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4265 2009.07.21 -
Norman 6.01.09 2009.07.21 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.21 -
PCTools 4.4.2.0 2009.07.21 -
Prevx 3.0 2009.07.22 -
Rising 21.39.20.00 2009.07.22 -
Sophos 4.43.0 2009.07.22 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.22 -
TheHacker 6.3.4.3.372 2009.07.21 -
[B]TrendMicro 8.950.0.1094 2009.07.21 PAK_Generic.001[/B]
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.22.1846 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.21 -[/QUOTE]
dditional information
File size: 18432 bytes
MD5...: c5640feb5a62af27c4ae0efdf75c54c1
SHA1..: 421a9c1fe8bb604dee24f4a85c40695c8ef03f59
SHA256: eae88ba28b1c86e776a37f163c264b4b230b7788155ddf782a487b50733a59f8
ssdeep: 384:fy+x6lI2M/1EJRPjTlm1sxsB8bdhzoZlV73kYkheTj3w4:ff6JRI1sqche70
zheJ
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xfda0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

File explopep.exe received on 2009.07.22 04:44:21 (UTC)
Current status: finished
Result: 2/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.07.22 -
AhnLab-V3 5.0.0.2 2009.07.21 -
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.22 -
Avast 4.8.1335.0 2009.07.21 -
AVG 8.5.0.387 2009.07.21 -
BitDefender 7.2 2009.07.22 -
CAT-QuickHeal 10.00 2009.07.21 -
ClamAV 0.94.1 2009.07.22 -
Comodo 1729 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.22 -
[B]eSafe 7.0.17.0 2009.07.21 Suspicious File[/B]
eTrust-Vet 31.6.6632 2009.07.22 -
F-Prot 4.4.4.56 2009.07.21 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.22 -
GData 19 2009.07.22 -
Ikarus T3.1.1.64.0 2009.07.22 -
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.798 2009.07.21 -
Kaspersky 7.0.0.125 2009.07.22 -
McAfee 5683 2009.07.21 -
McAfee+Artemis 5683 2009.07.21 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4265 2009.07.21 -
Norman 6.01.09 2009.07.21 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.21 -
PCTools 4.4.2.0 2009.07.21 -
Prevx 3.0 2009.07.22 -
Rising 21.39.20.00 2009.07.22 -
Sophos 4.43.0 2009.07.22 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.22 -
TheHacker 6.3.4.3.372 2009.07.21 -
[B]TrendMicro 8.950.0.1094 2009.07.21 PAK_Generic.001[/B]
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.22.1846 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.21 -
[/QUOTE]
Additional information
File size: 19968 bytes
MD5...: 7be149ee77fa31b3f8bab455937ac76f
SHA1..: 1b226b0ef31388ebe23421ec566dc14e2d57aa6e
SHA256: 9b05fb900ef5744cded0a53ed024fdb5b79becfdd6b03c9a71c7b1a8c7151348
ssdeep: 384:Pd916tjMZUcCdOSMIOu5TFpTJ1jMBtdfir81LGDYVpmzl8:P/1cjeU0AOu5x
r5M/daOJ0
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x112d0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
23.07.2009, 07:06
valho

File WindoFixSetup.exe received on 2009.07.23 02:33:50 (UTC)
Current status: finished
Result: 0/40 (0%)
[QUOTE]a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.22 -
AntiVir 7.9.0.222 2009.07.22 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
CAT-QuickHeal 10.00 2009.07.22 -
ClamAV 0.94.1 2009.07.23 -
Comodo 1738 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.22 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
McAfee 5684 2009.07.22 -
McAfee+Artemis 5684 2009.07.22 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4268 2009.07.23 -
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
Rising 21.39.24.00 2009.07.22 -
Sophos 4.44.0 2009.07.23 -
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.22 -
ViRobot 2009.7.22.1847 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.22 -[/QUOTE]
File size: 1192959 bytes
MD5...: 12a351a1efce6b76bab9f66e41f8343b
SHA1..: 4215e12971ef73057f0354a0b2abbeadaeb51251
SHA256: 6f74cc72c14659467ede114873cb8d8ee53295f5f87af19e3c4d456c3d628aac
ssdeep: 24576:v2U3grE9z9ZWn9HGpYVViu60r0otygrOeWKgXsxtiCn1tN8YaXag:v2w2E
99cntGpYVVH6O0oRHkcXJbhaV
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x9a58
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
:(

[size="1"][color="#666686"][B][I]Добавлено через 31 минуту[/I][/B][/color][/size]

Файл RegDefense.exe получен 2009.07.23 02:54:49 (UTC)
Результат: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.22 -
AntiVir 7.9.0.222 2009.07.22 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
CAT-QuickHeal 10.00 2009.07.22 -
ClamAV 0.94.1 2009.07.23 -
Comodo 1738 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.22 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
McAfee 5684 2009.07.22 -
McAfee+Artemis 5684 2009.07.22 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4268 2009.07.23 -
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
Rising 21.39.24.00 2009.07.22 -
[B]Sophos 4.44.0 2009.07.23 PsKill[/B]
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.22 -
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.23.1848 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -[/QUOTE]
File size: 2018352 bytes
MD5...: e172a33b36458384f2422f2b4c65c2fb
SHA1..: 2f6a891b2fca21f6e03c318e88306e03eef3bc83
SHA256: c23ef87124181107bba9b0a9a2d6891839511d2bf3626342e0fdd8f195ef237c
ssdeep: 49152:pIAJPWQJKWDW+BRxj+v2HDHkPrKQhzVGRXEVF8qMXf:prJP3KWDlBCvUHs
rKQDMUVF8qe
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x323c
timedatestamp.....: 0x49a05a1a (Sat Feb 21 19:46:34 2009)
machinetype.......: 0x14c (I386)
23.07.2009, 13:40
ALEX(XX)

Свяжак
Файл avz00007.dta получен 2009.07.23 09:34:03 (UTC)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.23 -
[B]AntiVir 7.9.0.228 2009.07.23 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.23 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
[B]CAT-QuickHeal 10.00 2009.07.23 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.07.23 -
Comodo 1741 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.23 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
[B]McAfee 5684 2009.07.22 FakeAlert-DZ
McAfee+Artemis 5684 2009.07.22 FakeAlert-DZ
McAfee-GW-Edition 6.8.5 2009.07.23 Trojan.Dropper.Gen[/B]
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
[B]Rising 21.39.32.00 2009.07.23 Unknown Win32 Virus[/B]
Sophos 4.44.0 2009.07.23 -
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.23 -
VBA32 3.12.10.9 2009.07.23 -
ViRobot 2009.7.23.1849 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -
[/CODE][CODE]Дополнительная информация
File size: 742482 bytes
MD5...: 42893aa9d384edcbc1a9ca032f3ab490
SHA1..: bdd61934d7515b7a0096bcf293bf6cfab5cf8f3d
SHA256: a3620607e76385d0e2b3c8ad570a3622954df3b76ca96772450f1f3d36cc4759
ssdeep: 12288:QTC1mFBuXfXQ9sHc7rmfTwl0IbZfKrVxNIok51r6Jm:Qe1lpc7rmfT0b8B Aam 
PEiD..: -
TrID..: File type identification Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0xb2388 timedatestamp.....: 0x470a9cb6 (Mon Oct 08 21:10:14 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x15d000 0xb3e00 7.21 75112b42922338fd2df30e5a9ab440b7 .data 0x15e000 0x1000 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b .rdata 0x15f000 0x1000 0xc00 4.80 e2fa41bfcd45e3b2d083bea433814491 .rsrc 0x160000 0x1000 0x400 3.02 e10879d0fd2c52238d8d79e944ed807c ( 2 imports ) > KERNEL32.DLL: GetModuleFileNameA, InterlockedIncrement, GetCurrentProcess, GetSystemTimeAsFileTime, GetModuleFileNameW, InterlockedCompareExchange, LoadLibraryA, VirtualAlloc, GetProcAddress, GetProcAddress, HeapDestroy, GetProcessHeap, HeapDestroy, UnhandledExceptionFilter, DisableThreadLibraryCalls, GetModuleHandleA, GetTickCount, GetProcAddress, HeapDestroy, InterlockedDecrement, GetModuleFileNameA, EnterCriticalSection, InterlockedIncrement, lstrcmpiW, GetModuleFileNameW, InterlockedExchange, LocalFree, EnterCriticalSection, LoadLibraryA, GetModuleFileNameA, EnterCriticalSection, HeapFree, QueryPerformanceCounter, CloseHandle, LeaveCriticalSection, lstrlenA, GetModuleHandleW, lstrlenA, LocalFree, Sleep, EnterCriticalSection, CreateEventW, HeapFree, CreateFileW, HeapDestroy, GetModuleFileNameW, lstrcmpiW, QueryPerformanceCounter, UnhandledExceptionFilter, SetLastError, UnhandledExceptionFilter, ReadFile, GetTickCount > USER32.DLL: BeginPaint, EndPaint, PostQuitMessage, MessageBoxW, SendMessageW, KillTimer, DialogBoxParamW, SetForegroundWindow, GetDesktopWindow, GetWindowLongW, SetDlgItemTextW, DispatchMessageW, BeginPaint, GetDlgItem, EndDialog, DefWindowProcW, CreateWindowExW, DialogBoxParamW, GetSysColor, SetTimer, IsWindow, DialogBoxParamW, IsDlgButtonChecked, KillTimer, GetDesktopWindow, SetWindowLongW, PostQuitMessage, EnableWindow, SetWindowPos, GetDC, KillTimer, SetDlgItemTextW, SetWindowPos, ReleaseDC, ReleaseDC, PostQuitMessage, CreateWindowExW, LoadCursorW, GetClientRect, GetSysColor, SetWindowLongW, TranslateMessage, SendDlgItemMessageW, GetDesktopWindow, wsprintfA, GetDesktopWindow, SetCursor, GetFocus, LoadIconW, InvalidateRect, TranslateMessage, LoadStringW, SetTimer, PostQuitMessage, BeginPaint ( 0 exports ) 
PDFiD.: -
RDS...: NSRL Reference Data Set -
[/CODE]

[size="1"][color="#666686"][B][I]Добавлено через 8 минут[/I][/B][/color][/size]

Файл avz00006.dta получен 2009.07.23 09:43:29 (UTC)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.07.23 Email-Worm.Win32.Iksmas!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.23 -
AntiVir 7.9.0.228 2009.07.23 -
Antiy-AVL 2.0.3.7 2009.07.23 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
[B]AVG 8.5.0.387 2009.07.23 PSW.Generic7.SFW[/B]
BitDefender 7.2 2009.07.23 -
[B]CAT-QuickHeal 10.00 2009.07.23 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.07.23 -
Comodo 1741 2009.07.23 -
[B]DrWeb 5.0.0.12182 2009.07.23 Trojan.Spambot.4331[/B]
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
[B]F-Secure 8.0.14470.0 2009.07.23 Email-Worm.Win32.Iksmas.dgr
Fortinet 3.120.0.0 2009.07.23 W32/Iksmas.DGR@mm[/B]
GData 19 2009.07.23 -
[B]Ikarus T3.1.1.64.0 2009.07.23 Email-Worm.Win32.Iksmas[/B]
Jiangmin 11.0.800 2009.07.23 -
K7AntiVirus 7.10.799 2009.07.22 -
[B]Kaspersky 7.0.0.125 2009.07.23 Email-Worm.Win32.Iksmas.dgr[/B]
McAfee 5684 2009.07.22 -
[B]McAfee+Artemis 5684 2009.07.22 Artemis!7329B2096B15
McAfee-GW-Edition 6.8.5 2009.07.23 Heuristic.BehavesLike.Win32.Packed.I
Microsoft 1.4903 2009.07.23 Trojan:Win32/Waledac.gen!A
NOD32 4269 2009.07.23 a variant of Win32/Waledac.KA[/B]
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
[B]Panda 10.0.0.14 2009.07.22 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.07.22 -
[B]Prevx 3.0 2009.07.23 Medium Risk Malware
Rising 21.39.32.00 2009.07.23 Unknown Win32 Virus
Sophos 4.44.0 2009.07.23 Mal/WaledPak-H
Sunbelt 3.2.1858.2 2009.07.22 Email-Worm.Win32.Waledac.Gen (v)[/B]
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.23 -
VBA32 3.12.10.9 2009.07.23 -
ViRobot 2009.7.23.1849 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -
[/CODE]
[CODE]Дополнительная информация
File size: 498688 bytes
MD5...: 7329b2096b156842c7bd576b1918ec58
SHA1..: 56a6d2634f2759b425e3cc20c0c51bedd1664aac
SHA256: 8f5c16bc2b368cc4dbea79a7a84151b454f9a8dc7405e615af585b9883f9e2ff
ssdeep: 12288:0qy5DTAlioxxYRr5BeQPbd4kJqG1TskXiIedH:0qG3AlioxEfPbd4kJqwM bd 
PEiD..: -
TrID..: File type identification Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x76804 timedatestamp.....: 0x435eac41 (Tue Oct 25 22:05:53 2005) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xf3000 0x78600 7.22 ef8c82cbc04d20d825f48695fae1836f .data 0xf4000 0x1000 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b .rdata 0xf5000 0x1000 0xc00 4.49 f17d28d20a8d830c8416c375a6cf939d .rsrc 0xf6000 0x1000 0x400 2.98 f060e5acc6c09b946f5c69aacf27f77c ( 2 imports ) > KERNEL32.DLL: LocalFree, InterlockedExchange, GetCurrentProcessId, MultiByteToWideChar, GetProcAddress, GetCurrentThreadId, MultiByteToWideChar, GetModuleHandleA, InterlockedExchange, SetLastError, LeaveCriticalSection, QueryPerformanceCounter, Sleep, HeapFree, InterlockedCompareExchange, HeapFree, GetTickCount, GetProcessHeap, FreeLibrary, DisableThreadLibraryCalls, UnhandledExceptionFilter, LocalFree, ReadFile, GetCurrentProcessId, GetModuleFileNameW, GetCurrentProcessId, UnhandledExceptionFilter, ReadFile, UnhandledExceptionFilter, FreeLibrary, GetProcAddress, LoadLibraryW, GetCurrentProcessId, GetCurrentProcessId, GetProcAddress, HeapDestroy, GetModuleFileNameA, VirtualAlloc, InterlockedIncrement, CreateFileW, VirtualAlloc, LoadLibraryA, HeapFree, LocalFree, UnhandledExceptionFilter, HeapFree, LoadLibraryW, LoadLibraryA, LocalFree, GetTickCount > USER32.DLL: LoadIconW, SetTimer, LoadStringW, KillTimer, DestroyWindow, PostQuitMessage, DestroyWindow, DialogBoxParamW, SetFocus, wsprintfA, SendDlgItemMessageW, ReleaseDC, GetFocus, GetParent, PostMessageW, ReleaseDC, IsDlgButtonChecked, InvalidateRect, SetWindowLongW, SetCursor, CreateWindowExW, GetSystemMetrics, PostQuitMessage, SetWindowTextW, SetForegroundWindow, EndDialog, LoadStringW, InvalidateRect, SetDlgItemTextW, GetWindowLongW, CreateWindowExW, SetTimer, IsWindow, wsprintfA, InvalidateRect, SetWindowLongW, PostQuitMessage, MessageBoxW, IsDlgButtonChecked, SendMessageW, LoadIconW, CharNextW, GetDlgItem, IsDlgButtonChecked, EnableWindow, SetForegroundWindow, EndPaint, SetCursor, TranslateMessage, GetWindowRect, IsWindow ( 0 exports ) 
PDFiD.: -
RDS...: NSRL Reference Data Set -
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=AB6C3551001E40DA9C0E07ABED62FE00BBFD3571' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=AB6C3551001E40DA9C0E07ABED62FE00BBFD3571</a>
[/CODE]
26.07.2009, 12:56
senyak

Файл PrivateContent.exe получен 2009.07.26 08:58:44 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.07.26 Trojan.Fake!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.26 -
[B]AntiVir 7.9.0.228 2009.07.24 TR/Fake.GoogleBar.2[/B]
Antiy-AVL 2.0.3.7 2009.07.24 -
Authentium 5.1.2.4 2009.07.25 -
Avast 4.8.1335.0 2009.07.25 -
AVG 8.5.0.387 2009.07.25 -
BitDefender 7.2 2009.07.26 -
CAT-QuickHeal 10.00 2009.07.25 -
ClamAV 0.94.1 2009.07.26 -
Comodo 1770 2009.07.26 -
DrWeb 5.0.0.12182 2009.07.26 -
eSafe 7.0.17.0 2009.07.23 -
eTrust-Vet 31.6.6640 2009.07.25 -
F-Prot 4.4.4.56 2009.07.25 -
[B]F-Secure 8.0.14470.0 2009.07.25 AdWare.Win32.Cinmus.awbr[/B]
Fortinet 3.120.0.0 2009.07.26 -
GData 19 2009.07.26 -
[B]Ikarus T3.1.1.64.0 2009.07.26 Trojan.Fake[/B]
Jiangmin 11.0.800 2009.07.26 -
K7AntiVirus 7.10.802 2009.07.25 -
[B]Kaspersky 7.0.0.125 2009.07.26 not-a-virus:AdWare.Win32.Cinmus.awbr[/B]
McAfee 5688 2009.07.25 -
[B]McAfee+Artemis 5688 2009.07.25 Artemis!1AA4A28552D9[/B]
[B]McAfee-GW-Edition 6.8.5 2009.07.26 Heuristic.LooksLike.Trojan.Fake.GoogleBar.L[/B]
Microsoft 1.4903 2009.07.26 -
[B]NOD32 4278 2009.07.26 a variant of Win32/Adware.BHO.NGL[/B]
Norman 6.01.09 2009.07.24 -
nProtect 2009.1.8.0 2009.07.26 -
Panda 10.0.0.14 2009.07.25 -
PCTools 4.4.2.0 2009.07.25 -
Prevx 3.0 2009.07.26 -
Rising 21.39.61.00 2009.07.26 -
Sophos 4.44.0 2009.07.26 -
[B]Sunbelt 3.2.1858.2 2009.07.26 Adware.Cinmus[/B]
Symantec 1.4.4.12 2009.07.26 -
TheHacker 6.3.4.3.373 2009.07.24 -
TrendMicro 8.950.0.1094 2009.07.25 -
[B]VBA32 3.12.10.9 2009.07.26 BScope.Trojan.Cinmus.54[/B]
ViRobot 2009.7.25.1853 2009.07.25 -
VirusBuster 4.6.5.0 2009.07.25 -[/QUOTE]
Дополнительная информация
File size: 99328 bytes
MD5...: 1aa4a28552d9cf24878c85914c3442e8
SHA1..: 68a542ea170bd52759aee48acd8ae68682328ac6
SHA256: c4e9963578075ee1b00d95bcc8a49496925183385dbb92e2dc8fe0bd3ce0367a
ssdeep: 1536:B86UAPypaYOwPxWEMGwCcUTcDVsKdwfXpmydqjcfAp0dpv44H4YE:B86NhY
1mXUIRXwfXpmWYpgQl1
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/c4e9963578075ee1b00d95bcc8a49496925183385dbb92e2dc8fe0bd3ce0367a-1248598724[/url]
28.07.2009, 22:38
senyak

Файл flash_player.exe получен 2009.07.28 18:37:35 (UTC)
Текущий статус: закончено
Результат: 5/41 (12.2%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.07.28 Trojan-Dropper!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.28 -
[B]AntiVir 7.9.0.234 2009.07.28 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.28 -
Authentium 5.1.2.4 2009.07.28 -
Avast 4.8.1335.0 2009.07.28 -
AVG 8.5.0.387 2009.07.28 -
BitDefender 7.2 2009.07.28 -
CAT-QuickHeal 10.00 2009.07.28 -
ClamAV 0.94.1 2009.07.28 -
Comodo 1796 2009.07.28 -
[B]DrWeb 5.0.0.12182 2009.07.28 Trojan.Hosts.107[/B]
eSafe 7.0.17.0 2009.07.28 -
eTrust-Vet 31.6.6643 2009.07.28 -
F-Prot 4.4.4.56 2009.07.28 -
F-Secure 8.0.14470.0 2009.07.28 -
Fortinet 3.120.0.0 2009.07.28 -
GData 19 2009.07.28 -
[B]Ikarus T3.1.1.64.0 2009.07.28 Trojan-Dropper[/B]
Jiangmin 11.0.800 2009.07.28 -
K7AntiVirus 7.10.804 2009.07.28 -
Kaspersky 7.0.0.125 2009.07.28 -
McAfee 5691 2009.07.28 -
McAfee+Artemis 5691 2009.07.28 -
[B]McAfee-GW-Edition 6.8.5 2009.07.28 Trojan.Dropper.Gen[/B]
Microsoft 1.4903 2009.07.28 -
NOD32 4286 2009.07.28 -
Norman 6.01.09 2009.07.28 -
nProtect 2009.1.8.0 2009.07.28 -
Panda 10.0.0.14 2009.07.28 -
PCTools 4.4.2.0 2009.07.28 -
Prevx 3.0 2009.07.28 -
Rising 21.40.14.00 2009.07.28 -
Sophos 4.44.0 2009.07.28 -
Sunbelt 3.2.1858.2 2009.07.28 -
Symantec 1.4.4.12 2009.07.28 -
TheHacker 6.3.4.3.376 2009.07.28 -
TrendMicro 8.950.0.1094 2009.07.28 -
VBA32 3.12.10.9 2009.07.28 -
ViRobot 2009.7.28.1857 2009.07.28 -
VirusBuster 4.6.5.0 2009.07.28 -[/QUOTE]
Дополнительная информация
File size: 12373 bytes
MD5...: 2ece81a4431ed7908b0a088031ad3551
SHA1..: 686c75e6f401504f9f0522f04d848656ab603e1d
SHA256: 71738d8f7a8b0ee857f5dc8b89cc257f69ab4839ab59e1a30a787cf8135784c0
ssdeep: 48:yg0wSiS3XYViUS0FeB12j2ifdv8/9kSfSWtLdBFlwyCZXuClm0mZZNHJn/+K:
U3i2IoGq12j2n1kSHtdBwsCI0SH5l
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/71738d8f7a8b0ee857f5dc8b89cc257f69ab4839ab59e1a30a787cf8135784c0-1248806255[/url]
31.07.2009, 14:00
Shu_b

Вложений: 1

промежуточные итоги народного тестирования июнь-июль:
31.07.2009, 15:18
Torvic99

Файл qip.jar получен 2009.07.31 11:13:40 (UTC)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: [COLOR=red]2[/COLOR]/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.07.31-
AhnLab-V3 5.0.0.2 2009.07.30-
AntiVir 7.9.0.236 2009.07.31-
Antiy-AVL 2.0.3.7 2009.07.31-
Authentium 5.1.2.4 2009.07.31-
Avast 4.8.1335.0 2009.07.30-
AVG 8.5.0.406 2009.07.31-
BitDefender 7.2 2009.07.31-
CAT-QuickHeal 10.00 2009.07.30-
ClamAV 0.94.1 2009.07.31-
Comodo 1822 2009.07.31-
DrWeb 5.0.0.1218 22009.07.31-
eSafe 7.0.17.0 2009.07.30-
eTrust-Vet 31.6.6649 2009.07.31-
F-Prot 4.4.4.56 2009.07.30-
[B]F-Secure 8.0.14470.0 2009.07.31 Trojan-SMS.J2ME.Konov.n[/B]
Fortinet 3.120.0.0 2009.07.31-
GData 19 2009.07.31-
Ikarus T3.1.1.64.0 2009.07.31-
Jiangmin 11.0.800 2009.07.31-
K7AntiVirus 7.10.806 2009.07.30-
[B]Kaspersky 7.0.0.125 2009.07.31 Trojan-SMS.J2ME.Konov.n[/B]
McAfee 5693 2009.07.30-
McAfee+Artemis 5693 2009.07.30-
McAfee-GW-Edition 6.8.5 2009.07.31-
Microsoft 1.4903 2009.07.31-
NOD32 4293 2009.07.31-
Norman 6.01.09 2009.07.30-
nProtect 2009.1.8.0 2009.07.31-
Panda 10.0.0.14 2009.07.30-
PCTools 4.4.2.0 2009.07.29-
Prevx 3.0 2009.07.31-
Rising 21.40.43.00 2009.07.31-
Sophos 4.44.0 2009.07.31-
Sunbelt 3.2.1858.2 2009.07.31-
Symantec 1.4.4.12 2009.07.31-
TheHacker 6.3.4.3.374 2009.07.30-
TrendMicro 8.950.0.1094 2009.07.31-
VBA32 3.12.10.9 2009.07.31-
ViRobot 2009.7.31.1863 2009.07.31-
VirusBuster 4.6.5.0 2009.07.30-

Дополнительная информация
File size: 3857 bytes
MD5...: be32e6cae5a2c5c01d98a9ebace6d91c
SHA1..: cfbaea4d48e1c6f65d82bbd3e65c5b2574d80c4d
SHA256: b317560a62ac5181b1efd4095625740e468318f7279c5b5bd2bad0d1c322e00a[/QUOTE]
01.08.2009, 13:19
mseryoga

Файл vk-client-new.5.exe получен 2009.08.01 07:11:37 (UTC)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.31 -
AhnLab-V3 5.0.0.2 2009.07.31 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.07.31 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1832 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 -
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.07.31 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.807 2009.07.31 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 [B]Heuristic.LooksLike.Win32.Suspicious.L!83[/B]
Microsoft 1.4903 2009.08.01 -
[B]NOD32 4295 2009.07.31 a variant of Win32/Kryptik.LR[/B]
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.07.31 -
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
[B]Sophos 4.44.0 2009.08.01 Sus/EncPk-JG[/B]
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
[B]TrendMicro 8.950.0.1094 2009.07.31 PAK_Generic.001[/B]
VBA32 3.12.10.9 2009.07.31 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -[/QUOTE]

Дополнительная информация
File size: 23040 bytes
MD5...: e536c9d9ceec3b8686d35dc002f1f976
SHA1..: 2b1277b00cb41748c798e341b26c346bc3c80256
SHA256: 0a8c25a01f68082edac235e5f70fac1a7d7a3dfecec42c3824a3acc2f234ba1e
ssdeep: 384:VKhR1HopZov4tbrJFgFbMmRwoZVBN/ka2QlyT:w5opbJiFz9TN/50<
PEiD..: -
02.08.2009, 14:18
senyak

Файл foto.jar получен 2009.08.02 10:21:13 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.02 Trojan-SMS!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
[B]Antiy-AVL 2.0.3.7 2009.07.31 Trojan/J2ME.Konov[/B]
Authentium 5.1.2.4 2009.08.01 -
[B]Avast 4.8.1335.0 2009.08.01 Other:Malware-gen[/B]
AVG 8.5.0.406 2009.08.02 -
BitDefender 7.2 2009.08.02 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.02 -
[B]Comodo 1838 2009.08.02 TrojWare.J2ME.SMS.Konov.i
DrWeb 5.0.0.12182 2009.08.02 Java.SMSSend.51[/B]
eSafe 7.0.17.0 2009.07.30 -
[B]eTrust-Vet 31.6.6650 2009.08.01 Java/SMSTroj[/B]
F-Prot 4.4.4.56 2009.08.01 -
[B]F-Secure 8.0.14470.0 2009.08.01 Trojan-SMS.J2ME.Konov.i[/B]
Fortinet 3.120.0.0 2009.08.02 -
[B]GData 19 2009.08.02 Other:Malware-gen
Ikarus T3.1.1.64.0 2009.08.02 Trojan-SMS[/B]
Jiangmin 11.0.800 2009.08.02 -
K7AntiVirus 7.10.808 2009.08.01 -
[B]Kaspersky 7.0.0.125 2009.08.02 Trojan-SMS.J2ME.Konov.i[/B]
McAfee 5695 2009.08.01 -
McAfee+Artemis 5695 2009.08.01 -
McAfee-GW-Edition 6.8.5 2009.08.02 -
Microsoft 1.4903 2009.08.02 -
NOD32 4298 2009.08.02 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.02 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.01 -
Prevx 3.0 2009.08.02 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.02 -
Sunbelt 3.2.1858.2 2009.08.02 -
Symantec 1.4.4.12 2009.08.02 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.02 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -[/QUOTE]
Дополнительная информация
File size: 2662 bytes
MD5...: f153398fceceb5f26e840576d658e907
SHA1..: ea0b174e210c239264a3db9afc4dc0c9c4eb38ca
SHA256: f8637e1353b8339a8bd0da652ed23b67ee322f5d8c3eb60274c83156daa53748
ssdeep: 48:91FTQo0tOURs9y3VeiTExPW387mjiAlqAxBCSZyU8/scU6p7dKNZ4w:DFTiOU
Rs9qVeiTUDycSZJn6ZdkZL
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/f8637e1353b8339a8bd0da652ed23b67ee322f5d8c3eb60274c83156daa53748-1249208473[/url]
02.08.2009, 22:17
valho

File index_1_.htm received on 2009.08.02 17:44:10 (UTC)
Current status: finished
Result: 7/40 (17.50%)
[QUOTE]a-squared 4.5.0.24 2009.08.02 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.02 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.02 -
[B]Avast 4.8.1335.0 2009.08.01 JS:Obfuscated-CV[/B]
[B]AVG 8.5.0.406 2009.08.02 JS/Downloader.Agent[/B]
BitDefender 7.2 2009.08.02 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.02 -
Comodo 1840 2009.08.02 -
DrWeb 5.0.0.12182 2009.08.02 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.01 -
Fortinet 3.120.0.0 2009.08.02 -
[B]GData 19 2009.08.02 JS:Obfuscated-CV[/B]
Ikarus T3.1.1.64.0 2009.08.02 -
Jiangmin 11.0.800 2009.08.02 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.02 -
McAfee 5695 2009.08.01 -
McAfee+Artemis 5695 2009.08.01 -
[B]McAfee-GW-Edition 6.8.5 2009.08.02 Heuristic.LooksLike.JS.Suspicious.A[/B]
Microsoft 1.4903 2009.08.02 -
NOD32 4299 2009.08.02 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.02 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Rising 21.40.62.00 2009.08.02 -
Sophos 4.44.0 2009.08.02 -
Sunbelt 3.2.1858.2 2009.08.02 -
[B]Symantec 1.4.4.12 2009.08.02 Trojan.Malscript!html[/B]
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
[B]VBA32 3.12.10.9 2009.08.02 Trojan-Downloader.JS.Iframe.blg[/B]
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 6501 bytes
MD5 : c8bcdb732ed5e73d802e4404b7771e10
SHA1 : 51c76ed7f908255032f9ee0c4ca06d139b1e5e82
SHA256: d9a8404ae35297ea45d514f2502b6ca777dab88d8dbf58ccb7165689ab016ebf
TrID : File type identification
Unknown!
ssdeep: 192:bWkW3PFo3XtifBBILnfi98Ci+2XBt9PDgN/:b/so3nLK98C8Dw
PEiD : -
RDS : NSRL Reference Data Set
-
03.08.2009, 15:53
valho

Эт всё от контакта

File sms-vkontakte received on 2009.08.03 11:21:09 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.03 Riskware.JS.Obfuscator!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
[B]Ikarus T3.1.1.64.0 2009.08.03 VirTool.JS.Obfuscator[/B]
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.Script.Crypted[/B]
[B]Microsoft 1.4903 2009.08.03 VirTool:JS/Obfuscator.H[/B]
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 710 bytes
MD5...: 44493a2e5f0b3f40d78af23706e90f0e
SHA1..: 462bc9a61c5d6ad12d289c2ebbb68cdeb24d1f7a
SHA256: fff61030becae6d994f10e91d66754f133397596c6551da28eeeab8546fead0b
ssdeep: 12:X7jtNDxAqk0+qK0WEzqtjSow/EKEsN0YlE7guu5lJeinga05jwWT3wdVl:XPD
k0+qzWe2SoOdEa+7fuIin42XP
PEiD..: -
TrID..: File type identification
GZipped File (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): packed

File 549a6be38aae63e8913bd1d43b14d83a received on 2009.08.03 11:34:44 (UTC)
Current status: finished
Result: 3/41 (7.32%)
[QUOTE]a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 HTML/Psyme.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Script.Psyme.Gen[/B]
[B]Microsoft 1.4903 2009.08.03 VirTool:JS/Obfuscator.H[/B]
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 4072 bytes
MD5...: 549a6be38aae63e8913bd1d43b14d83a
SHA1..: 528fa966c136cd0f411227e20e09d08d2fe50893
SHA256: 323db2eb646c0b54669bd4dd2ecc48f0814464af3665a99e971ef2e5c453fe42
ssdeep: 96:e1M1M8Cs2Ot4LkWyC5cCJcCiw1x2TGQtqswWF7DG:kmMp9kW35JJJHgf7DG
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode

File e712330a93f5cf725ea0c6bc4c52375b received on 2009.08.03 11:34:56 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE]Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 HTML/Infected.WebPage.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
[B]Avast 4.8.1335.0 2009.08.02 HTML:Iframe-inf[/B]
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
[B]GData 19 2009.08.03 HTML:Iframe-inf[/B]
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.Script.Infected.WebPage[/B]
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
[B]Norman 6.01.09 2009.07.31 HTML/Iframe.G[/B]
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 188 bytes
MD5...: e712330a93f5cf725ea0c6bc4c52375b
SHA1..: 05fbff8903000d1deda96d01614cff5916e0bd99
SHA256: 3d7b276f53d1f676ebaa54da1e475bb445815b0055a2db329f9aa2bbf4479173
ssdeep: 3:Q4giyYFI+MKXyR+plM1yClMAlW/LXCn/lFMbCn/lFIcpAYlHlBvohalhluWlgT
:QdiLMKXyR+lM1yCWAlWWncun4cp9CsB8
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (66.6%)
MP3 audio (33.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode

Файл MW2bl2ow.exe.part получен 2009.08.03 11:39:35 (UTC)
Текущий статус: Закончено
Результат: 7/41 (17.08%)
[QUOTE]a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 TR/Dldr.Banload.zdt[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
[B]Authentium 5.1.2.4 2009.08.02 W32/Downldr2.GAZE[/B]
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
[B]ClamAV 0.94.1 2009.08.03 Trojan.Downloader-73889[/B]
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
[B]eSafe 7.0.17.0 2009.07.30 Suspicious File[/B]
eTrust-Vet 31.6.6655 2009.08.03 -
[B]F-Prot 4.4.4.56 2009.08.02 W32/Downldr2.GAZE[/B]
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Trojan.Dldr.Banload.zdt[/B]
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
[B]VirusBuster 4.6.5.0 2009.08.02 Trojan.DL.Banload.ASKT[/B
[/QUOTE]
Дополнительная информация
File size: 102200 bytes
MD5...: 244dc79fd7fe3eafc2570c58a16a1663
SHA1..: 97b927b350e485adf400956620c85476973cf1dd
SHA256: 634f850fcf1c58c008101fd2075eb6ea7ae843df508904a3615e7a3770eb3a4c
ssdeep: 1536:5YNQ+cdiUBjyWgp0oNmFqXmOWRDOib6aqkSZZZ3EPGGul5tzZWOLyfDy4cD
2IDMv:5yUBjy5OFvOWRDbbNUEPozbwDyNyID9e
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x21d00
timedatestamp.....: 0x44e24a66 (Tue Aug 15 22:27:50 2006)
machinetype.......: 0x14c (I386)

File reiting.exe received on 2009.08.03 11:45:01 (UTC)
Current status: finished
Result: 35/41 (85.37%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.03 Trojan.Win32.Qhost!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 TR/Qhost.lmb[/B]
[B]Antiy-AVL 2.0.3.7 2009.08.03 Trojan/Win32.Qhost.gen[/B]
[B]Authentium 5.1.2.4 2009.08.02 W32/Trojan2.HKKZ[/B]
[B]Avast 4.8.1335.0 2009.08.02 Win32:Trojan-gen {Other}[/B]
[B]AVG 8.5.0.406 2009.08.03 Generic13.AHII[/B]
[B]BitDefender 7.2 2009.08.03 Trojan.Generic.1910797[/B]
[B]CAT-QuickHeal 10.00 2009.08.03 Trojan.Qhost.lmb[/B]
ClamAV 0.94.1 2009.08.03 -
[B]Comodo 1849 2009.08.03 TrojWare.Win32.Qhost.lmb[/B]
[B]DrWeb 5.0.0.12182 2009.08.03 Trojan.MulDrop.31260[/B]
[B]eSafe 7.0.17.0 2009.07.30 Win32.TRQhost.Lmb[/B]
eTrust-Vet 31.6.6655 2009.08.03 -
[B]F-Prot 4.4.4.56 2009.08.02 W32/Trojan2.HKKZ[/B]
[B]F-Secure 8.0.14470.0 2009.08.03 Trojan.Win32.Qhost.lmb[/B]
[B]Fortinet 3.120.0.0 2009.08.03 W32/Qhost.LMB!tr[/B]
[B]GData 19 2009.08.03 Trojan.Generic.1910797[/B]
[B]Ikarus T3.1.1.64.0 2009.08.03 Trojan.Win32.Qhost[/B]
[B]Jiangmin 11.0.800 2009.08.03 Trojan/Qhost.tb[/B]
[B]K7AntiVirus 7.10.808 2009.08.01 Trojan.Win32.Qhost.lmb[/B]
[B]Kaspersky 7.0.0.125 2009.08.03 Trojan.Win32.Qhost.lmb[/B]
[B]McAfee 5696 2009.08.02 Generic Dropper!q[/B]
[B]McAfee+Artemis 5696 2009.08.02 Generic Dropper!q[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.BehavesLike.Win32.ModifiedUPX.B!92[/B]
[B]Microsoft 1.4903 2009.08.03 Trojan:Win32/Qhost.AY[/B]
[B]NOD32 4300 2009.08.03 Win32/Qhost.NJO[/B]
Norman 6.01.09 2009.07.31 -
[B]nProtect 2009.1.8.0 2009.08.03 Trojan/W32.Qhost.19968.E[/B]
[B]Panda 10.0.0.14 2009.08.03 Trj/Spambot.C[/B]
PCTools 4.4.2.0 2009.08.02 -
[B]Prevx 3.0 2009.08.03 High Risk Cloaked Malware[/B]
[B]Rising 21.41.02.00 2009.08.03 Dropper.Win32.Agent.zrh[/B]
[B]Sophos 4.44.0 2009.08.03 Mal/Generic-A[/B]
[B]Sunbelt 3.2.1858.2 2009.08.03 Bulk Trojan[/B]
[B]Symantec 1.4.4.12 2009.08.03 Trojan.SpamThru[/B]
[B]TheHacker 6.3.4.3.375 2009.08.01 Trojan/Qhost.lmb[/B]
[B]TrendMicro 8.950.0.1094 2009.08.03 TROJ_QHOST.TR[/B]
[B]VBA32 3.12.10.9 2009.08.03 Trojan.Win32.Qhost.lmb[/B]
ViRobot 2009.8.3.1865 2009.08.03 -
[B]VirusBuster 4.6.5.0 2009.08.02 Trojan.Qhost.BBF[/B][/QUOTE]
Additional information
File size: 19968 bytes
MD5...: 280619caade6d10b81fe8c5657dd6bdd
SHA1..: 6d00a4af9c39b7c5cb5cbaceb2b363cc6fcd1392
SHA256: b290b5c559729fd65e80dfd1063ded37958fc0ccaa7b6442afae0f38127601ae
ssdeep: 384:Iw4VGlwmBBO1IfXxZxyNVyTI7Uhy150stdRIyMaNJawcudoD7Uvm7P:rmmBI
IfDcVj15v3jFnbcuyD7UM
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xe360
timedatestamp.....: 0x49f46a61 (Sun Apr 26 14:06:25 2009)
machinetype.......: 0x14c (I386)
[url]http://info.prevx.com/aboutprogramtext.asp?PX5=FB511439005A5F2E4E92001AAC5101008711BF73[/url]
03.08.2009, 18:21
senyak

Файл avz00001.dta получен 2009.08.03 13:31:49 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 TR/Buzus.brhg[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1850 2009.08.03 -
[B]DrWeb 5.0.0.12182 2009.08.03 Win32.HLLW.Autoruner.7323[/B]
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
[B]F-Secure 8.0.14470.0 2009.08.03 Trojan.Win32.Buzus.brhg
Fortinet 3.120.0.0 2009.08.03 W32/Buzus.BRHG!tr[/B]
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
[B]Jiangmin 11.0.800 2009.08.03 Trojan/Buzus.nwc[/B]
K7AntiVirus 7.10.808 2009.08.01 -
[B]Kaspersky 7.0.0.125 2009.08.03 Trojan.Win32.Buzus.brhg[/B]
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.LooksLike.Worm.Kolab.B[/B]
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.08.03 -
nProtect 2009.1.8.0 2009.08.03 -
[B]Panda 10.0.0.14 2009.08.03 Trj/Buzus.HA[/B]
PCTools 4.4.2.0 2009.08.03 -
[B]Prevx 3.0 2009.08.03 High Risk Cloaked Malware[/B]
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
[B]Symantec 1.4.4.12 2009.08.03 Suspicious.MH690.A[/B]
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Дополнительная информация
File size: 124928 bytes
MD5...: efb23688c0132d7fea66bcb79ad7e383
SHA1..: 1ac8bb94919d7319260313994f8d7edf6298d4a7
SHA256: 8c87381aff84664d84eb160e2c1db4ff96ce620299cebd1e1b566eb15a146456
ssdeep: 1536:SIoXVBOlxvrSXsxhcXw+NeRqk3WZFfPMCVUli9FlH/FzZ9bKG8TIKnY56OU
MhyHr:oXzXBNEeZFXMto9FlHXxKG8TIipHKP
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/8c87381aff84664d84eb160e2c1db4ff96ce620299cebd1e1b566eb15a146456-1249306309[/url]

Файл avz00002.dta получен 2009.08.03 13:32:20 (UTC)
Текущий статус: закончено
Результат: 13/41 (31.71%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.03 Net-Worm.Win32.Kolab!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 -
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
[B][B]AVG 8.5.0.406 2009.08.03 Injector.FF[/B][/B]
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
[B]Comodo 1850 2009.08.03 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.03 Trojan.MulDrop.33045[/B]
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
[B]F-Secure 8.0.14470.0 2009.08.03 Net-Worm.Win32.Kolab.dft[/B]
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
[B]Ikarus T3.1.1.64.0 2009.08.03 Net-Worm.Win32.Kolab
Jiangmin 11.0.800 2009.08.03 Worm/Kolab.ro[/B]
K7AntiVirus 7.10.808 2009.08.01 -
[B]Kaspersky 7.0.0.125 2009.08.03 Net-Worm.Win32.Kolab.dft[/B]
McAfee 5696 2009.08.02 -
[B]McAfee+Artemis 5696 2009.08.02 Artemis!8E10307F9B48[/B]
McAfee-GW-Edition 6.8.5 2009.08.03 -
Microsoft 1.4903 2009.08.03 -
[B]NOD32 4300 2009.08.03 Win32/Injector.UR[/B]
Norman 6.01.09 2009.08.03 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.03 -
PCTools 4.4.2.0 2009.08.03 -
[B]Prevx 3.0 2009.08.03 High Risk Cloaked Malware[/B]
Rising 21.41.02.00 2009.08.03 -
[B]Sophos 4.44.0 2009.08.03 Mal/Generic-A[/B]
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
[B]VBA32 3.12.10.9 2009.08.03 Net-Worm.Win32.Kolab.deo[/B]
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Дополнительная информация
File size: 84992 bytes
MD5...: 8e10307f9b4879a45b86ddda9ab74884
SHA1..: 8f4c38ba2059a87cdcf5ff7e5027dbffa1b01c8c
SHA256: aa531a0162ff09b4219259988a81a684e0b8c3523159a97c9d828ceb4f7bc31b
ssdeep: 1536:C+YDy1fv/pHysT4II5UgVM7b9jA3UHvdNZMmcOr2MXlG:CnyhvBywPgVM7b
FqyVNZME1XlG
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/aa531a0162ff09b4219259988a81a684e0b8c3523159a97c9d828ceb4f7bc31b-1249306340[/url]
05.08.2009, 00:04
senyak

Файл load.exe получен 2009.08.04 20:04:22 (UTC)
Текущий статус: закончено
Результат: 4/41 (9.76%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.04 -
AhnLab-V3 5.0.0.2 2009.08.04 -
AntiVir 7.9.0.240 2009.08.04 -
Antiy-AVL 2.0.3.7 2009.08.04 -
Authentium 5.1.2.4 2009.08.04 -
Avast 4.8.1335.0 2009.08.04 -
AVG 8.5.0.406 2009.08.04 -
BitDefender 7.2 2009.08.04 -
CAT-QuickHeal 10.00 2009.08.04 -
ClamAV 0.94.1 2009.08.04 -
Comodo 1865 2009.08.04 -
DrWeb 5.0.0.12182 2009.08.04 -
eSafe 7.0.17.0 2009.08.04 -
eTrust-Vet 31.6.6657 2009.08.04 -
F-Prot 4.4.4.56 2009.08.04 -
F-Secure 8.0.14470.0 2009.08.04 -
Fortinet 3.120.0.0 2009.08.04 -
GData 19 2009.08.04 -
Ikarus T3.1.1.64.0 2009.08.04 -
[B]Jiangmin 11.0.800 2009.08.04 Trojan/Agent.cqwr[/B]
K7AntiVirus 7.10.810 2009.08.04 -
[B]Kaspersky 7.0.0.125 2009.08.04 Trojan.Win32.Inject.ahfu[/B]
McAfee 5698 2009.08.04 -
McAfee+Artemis 5698 2009.08.04 -
[B]McAfee-GW-Edition 6.8.5 2009.08.04 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Trojan.B[/B]
Microsoft 1.4903 2009.08.04 -
[B]NOD32 4306 2009.08.04 Win32/Oficla.D[/B]
Norman 6.01.09 2009.08.04 -
nProtect 2009.1.8.0 2009.08.04 -
Panda 10.0.0.14 2009.08.04 -
PCTools 4.4.2.0 2009.08.04 -
Prevx 3.0 2009.08.04 -
Rising 21.41.14.00 2009.08.04 -
Sophos 4.44.0 2009.08.04 -
Sunbelt 3.2.1858.2 2009.08.04 -
Symantec 1.4.4.12 2009.08.04 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.04 -
VBA32 3.12.10.9 2009.08.04 -
ViRobot 2009.8.4.1867 2009.08.04 -
VirusBuster 4.6.5.0 2009.08.04 -[/QUOTE]
Дополнительная информация
File size: 19456 bytes
MD5...: 3a96e2c81dfe1e59bb805e0496fe4469
SHA1..: 70e8c60a07752d4c68f37f832e08f84d1c33d491
SHA256: f5a40dbe7b81c5b5d703481d6169f4cec5edaf3c7a40d1b23da528f4100d103d
ssdeep: 384:1C5Km3pW2PFV9JKAQjfiKQYXnH22wtEWZCF:1C5KmZhrKzjaDQUy
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/f5a40dbe7b81c5b5d703481d6169f4cec5edaf3c7a40d1b23da528f4100d103d-1249416262[/url]

Файл pdf.pdf получен 2009.08.04 20:04:46 (UTC)
Текущий статус: закончено
Результат: 7/41 (17.08%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.04 -
AhnLab-V3 5.0.0.2 2009.08.04 -
AntiVir 7.9.0.240 2009.08.04 -
Antiy-AVL 2.0.3.7 2009.08.04 -
Authentium 5.1.2.4 2009.08.04 -
[B]Avast 4.8.1335.0 2009.08.04 JS:Pdfka-MM[/B]
AVG 8.5.0.406 2009.08.04 -
BitDefender 7.2 2009.08.04 -
CAT-QuickHeal 10.00 2009.08.04 -
ClamAV 0.94.1 2009.08.04 -
[B]Comodo 1865 2009.08.04 Exploit.JS.Agent.~AB[/B]
DrWeb 5.0.0.12182 2009.08.04 -
eSafe 7.0.17.0 2009.08.04 -
eTrust-Vet 31.6.6657 2009.08.04 -
F-Prot 4.4.4.56 2009.08.04 -
F-Secure 8.0.14470.0 2009.08.04 -
Fortinet 3.120.0.0 2009.08.04 -
[B]GData 19 2009.08.04 JS:Pdfka-MM[/B]
Ikarus T3.1.1.64.0 2009.08.04 -
Jiangmin 11.0.800 2009.08.04 -
K7AntiVirus 7.10.810 2009.08.04 -
Kaspersky 7.0.0.125 2009.08.04 -
McAfee 5698 2009.08.04 -
McAfee+Artemis 5698 2009.08.04 -
[B]McAfee-GW-Edition 6.8.5 2009.08.04 Exploit.PDF.Recursedecrypt.gen[/B]
Microsoft 1.4903 2009.08.04 -
NOD32 4306 2009.08.04 -
Norman 6.01.09 2009.08.04 -
nProtect 2009.1.8.0 2009.08.04 -
Panda 10.0.0.14 2009.08.04 -
PCTools 4.4.2.0 2009.08.04 -
Prevx 3.0 2009.08.04 -
Rising 21.41.14.00 2009.08.04 -
[B]Sophos 4.44.0 2009.08.04 Mal/PdfEx-C
Sunbelt 3.2.1858.2 2009.08.04 Exploit.PDF-JS.Gen (v)
Symantec 1.4.4.12 2009.08.04 Bloodhound.Exploit.196[/B]
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.04 -
VBA32 3.12.10.9 2009.08.04 -
ViRobot 2009.8.4.1867 2009.08.04 -
VirusBuster 4.6.5.0 2009.08.04 -[/QUOTE]
Дополнительная информация
File size: 2959 bytes
MD5...: 737579946352e88a6cb5d54ec102f566
SHA1..: 6853889e94b032db748edd5861b68d75258e30a2
SHA256: cfe1749cf2954e45c84bf75dd2fea339555b259d78bb542d512299cbe50bc260
ssdeep: 48:FuENYPNRgS+K5vkwzjYHSDTqG3LMlUJ7IAOBvod0rLNvSOChWAdXYCOzZzEDN
Kf6:cENY1RgNK5swzz+G3wOJ8tpod+qOChdD
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (100.0%)
PEInfo: -

[url]http://www.virustotal.com/ru/analisis/cfe1749cf2954e45c84bf75dd2fea339555b259d78bb542d512299cbe50bc260-1249416286[/url]
07.08.2009, 02:15
senyak

Файл update.exe получен 2009.08.06 10:00:53 (UTC)
Текущий статус: закончено
Результат: 22/41 (53.66%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.Win32.Bredolab!IK
AhnLab-V3 5.0.0.2 2009.08.06 Win-Trojan/Downloader.30208.BX
AntiVir 7.9.0.240 2009.08.06 BDS/Zdoogu.FA
Antiy-AVL 2.0.3.7 2009.08.05 Backdoor/Win32.Zdoogu.gen[/B]
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
[B]AVG 8.5.0.406 2009.08.06 SHeur2.AUGF[/B]
BitDefender 7.2 2009.08.06 -
[B]CAT-QuickHeal 10.00 2009.08.06 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.08.06 -
[B]Comodo 1884 2009.08.06 TrojWare.Win32.TrojanSpy.Zbot.~GAI[/B]
DrWeb 5.0.0.12182 2009.08.06 -
[B]eSafe 7.0.17.0 2009.08.05 Suspicious File[/B]
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
[B]F-Secure 8.0.14470.0 2009.08.06 Backdoor.Win32.Zdoogu.fa
Fortinet 3.120.0.0 2009.08.06 W32/Zdoogu.FA!tr.bdr[/B]
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.Win32.Bredolab[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 -
[B]Kaspersky 7.0.0.125 2009.08.06 Backdoor.Win32.Zdoogu.fa[/B]
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!424760B62B81
McAfee-GW-Edition 6.8.5 2009.08.06 Trojan.Backdoor.Zdoogu.FA
Microsoft 1.4903 2009.08.06 TrojanDownloader:Win32/Bredolab.X
NOD32 4311 2009.08.06 a variant of Win32/Kryptik.ZY[/B]
Norman 6.01.09 2009.08.06 -
[B]nProtect 2009.1.8.0 2009.08.06 Backdoor/W32.Zdoogu.30208.B
Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.05 -
[B]Prevx 3.0 2009.08.06 High Risk Cloaked Malware[/B]
Rising 21.41.32.00 2009.08.06 -
[B]Sophos 4.44.0 2009.08.06 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.05 Bulk Trojan
Symantec 1.4.4.12 2009.08.06 Packed.Generic.235[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация

File size: 30208 bytes
MD5...: 424760b62b811166b318e1200734be32
SHA1..: d1e2f80afdcd407eba63943cca789d3be075a484
SHA256: 6b4e3937cca31eca5b1b724ac27eccdd9a62f273b1f4668cebe909a9da36eb90
ssdeep: 384:91+mSCAkKT0W8kVuAxNVtqfUVas0cW/87GD+XECSQSuuQQYcMsmhCSd4jdeg
bRe/:98/rRbtq9QWk7GDz30QYJBGjjbpG5
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/6b4e3937cca31eca5b1b724ac27eccdd9a62f273b1f4668cebe909a9da36eb90-1249552853[/url]

Файл xpdeluxe.exe получен 2009.08.06 10:01:34 (UTC)
Текущий статус: закончено
Результат: 24/41 (58.54%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan.Win32.FakeRean!IK
AhnLab-V3 5.0.0.2 2009.08.06 Win-Trojan/FakeAlert.1225728
AntiVir 7.9.0.240 2009.08.06 TR/FakeRean.A.45[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
[B]Avast 4.8.1335.0 2009.08.06 Win32:Fraudo[/B]
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 [B]ApplicUnwnt.Win32.FraudTool.XPDeluxeProtector.~B[/B]
DrWeb 5.0.0.12182 2009.08.06 -
[B]eSafe 7.0.17.0 2009.08.05 Win32.TrojanFakeRean[/B]
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
[B]F-Secure 8.0.14470.0 2009.08.06 FraudTool.Win32.XPDeluxeProtector.e
Fortinet 3.120.0.0 2009.08.06 W32/FakeAlert.D!tr[/B]
GData 19 2009.08.06 Win32:Fraudo
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan.Win32.FakeRean[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus [B]7.10.811 2009.08.05 Trojan.Win32.Malware.1[/B]
[B]Kaspersky 7.0.0.125 2009.08.06 not-a-virus:FraudTool.Win32.XPDeluxeProtector.e[/B]
[B]McAfee 5699 2009.08.05 Generic FakeAlert.d!gen
McAfee+Artemis 5699 2009.08.05 Generic FakeAlert.d!gen
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.LooksLike.Worm.Wangy.H
Microsoft 1.4903 2009.08.06 Trojan:Win32/FakeRean
NOD32 4311 2009.08.06 Win32/Adware.WinPCDefender[/B]
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
[B]Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.05 -
[B]Prevx 3.0 2009.08.06 High Risk Cloaked Malware
Rising 21.41.32.00 2009.08.06 Trojan.Win32.FakeVir.rd
Sophos 4.44.0 2009.08.06 Mal/EncPk-IF
Sunbelt 3.2.1858.2 2009.08.05 FraudTool.Win32.RogueSecurity (v)
Symantec 1.4.4.12 2009.08.06 Packed.Generic.233[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
[B]VirusBuster 4.6.5.0 2009.08.05 Trojan.FakeRean.Gen[/B][/QUOTE]
Дополнительная информация
File size: 1225728 bytes
MD5...: 307e6d02ed26ff516827c6469401456e
SHA1..: 2b04ca909c2f862b8c730f4ff89be4edaa3a5673
SHA256: f1234e05df628d43db8b41e92b4ceac19a1bd9996ced88ab94c7383d7772ea09
ssdeep: 24576:0kZ67bkLe3HCGB5agRMvvsknKfqLYC1WEFNIcypeWWqxapxRd1+0:V67bY
4sgRKTnAXWNPdD
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/f1234e05df628d43db8b41e92b4ceac19a1bd9996ced88ab94c7383d7772ea09-1249552894[/url]

[size="1"][color="#666686"][B][I]Добавлено через 28 минут[/I][/B][/color][/size]

Только что у себя выцепил эти два файлика. Чет хотели мне наделать

Файл avz00001.dta получен 2009.08.06 10:15:14 (UTC)
Текущий статус: закончено
Результат: 11/41 (26.83%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan.Win32.Refroso!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
[B]Antiy-AVL 2.0.3.7 2009.08.05 Trojan/Win32.Refroso.gen[/B]
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 Generic14.PPK
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 -
[B]DrWeb 5.0.0.12182 2009.08.06 Trojan.MulDrop.33183[/B]
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan.Win32.Refroso
Jiangmin 11.0.800 2009.08.06 Trojan/Refroso.fv[/B]
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 -
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!4FF8880DC2FF[/B]
McAfee-GW-Edition 6.8.5 2009.08.06 -
[B]Microsoft 1.4903 2009.08.06 VirTool:Win32/Injector.gen!AD[/B]
NOD32 4311 2009.08.06 -
[B]Norman 6.01.09 2009.08.06 W32/Malware[/B]
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.05 -
PCTools 4.4.2.0 2009.08.05 -
[B]Prevx 3.0 2009.08.06 Medium Risk Malware[/B]
Rising 21.41.32.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.05 -
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
[B]VBA32 3.12.10.9 2009.08.06 Trojan-Downloader.Win32.Agent.ckvv[/B]
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация

File size: 300032 bytes
MD5 : 4ff8880dc2ff94dd6d04e16b18d7c073
SHA1 : 294a06c988efc569a4165e56e6092a765f8c2c4c
SHA256: a88eda6dd4c1096bacd6ecc1170e4a71349b6f94e66b23ac6bce7d25ed5905e6
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x439A
timedatestamp.....: 0x4A6FBC08 (Wed Jul 29 05:03:36 2009)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x357E 0x3600 5.76 6eaaccffcc4851eee5cf1357ee38bba1
.rdata 0x5000 0x8BA 0xA00 4.74 cf673cbdc6fd492858e8da108b3743da
.data 0x6000 0xB74 0x800 6.12 9cf3a4d11527acea903610620162d3e2
.rsrc 0x7000 0x44780 0x44800 7.78 f8e0f63f93948b8b5eed39e6a0a3886f

[url]http://www.virustotal.com/ru/analisis/a88eda6dd4c1096bacd6ecc1170e4a71349b6f94e66b23ac6bce7d25ed5905e6-1249553714[/url]

Файл 85.rar получен 2009.08.06 10:34:49 (UTC)
Текущий статус: закончено
Результат: 9/41 (21.96%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Spammer!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
[B]AVG 8.5.0.406 2009.08.06 SHeur2.AUTZ[/B]
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 -
[B]DrWeb 5.0.0.12182 2009.08.06 Trojan.Spambot.3531[/B]
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Spammer[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 -
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!5A62D71884FA[/B]
McAfee-GW-Edition 6.8.5 2009.08.06 -
[B]Microsoft 1.4903 2009.08.06 Spammer:Win32/Tedroo.I[/B]
NOD32 4311 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
[B]Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.05 -
Prevx 3.0 2009.08.06 -
[B]Rising 21.41.32.00 2009.08.06 Unknown Win32 Virus[/B]
Sophos 4.44.0 2009.08.06 -
[B]Sunbelt 3.2.1858.2 2009.08.05 Bulk Trojan[/B]
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация

File size: 45501 bytes
MD5...: 51cec740816a99f5cd1171243f74f9ae
SHA1..: cd1c8244cee634d88f6d274130aeaa604af4d059
SHA256: 92e71c4abb60c51bd5e197148d22512a3fcc83e87eade49958784c4ff3b1315d
ssdeep: 768:az2T5ey7hQKBauUNuOkPnkUu6M6aNvoVpgRwVmHuG3Tqc/KiLUO/10VAQ987
yw04:K2IIouOSkUudwVORbTjj7LU616AD7304
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/92e71c4abb60c51bd5e197148d22512a3fcc83e87eade49958784c4ff3b1315d-1249554889[/url]

[size="1"][color="#666686"][B][I]Добавлено через 4 часа 26 минут[/I][/B][/color][/size]

Еще какая-то гадость сидела в папке Windows

Файл tapi.nfo получен 2009.08.06 15:00:28 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.Win32.Small!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
[B]AntiVir 7.9.0.240 2009.08.06 TR/Dldr.Small.alyr[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
[B]AVG 8.5.0.406 2009.08.06 Downloader.Generic8.BFZA[/B]
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1887 2009.08.06 -
DrWeb 5.0.0.12182 2009.08.06 -
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
[B]F-Secure 8.0.14470.0 2009.08.06 Trojan-Downloader.Win32.Small.alyr
Fortinet 3.120.0.0 2009.08.06 W32/Small.ALYR!tr.dldr[/B]
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.Win32.Small
Jiangmin 11.0.800 2009.08.06 TrojanDownloader.Small.amya[/B]
K7AntiVirus 7.10.811 2009.08.05 -
[B]Kaspersky 7.0.0.125 2009.08.06 Trojan-Downloader.Win32.Small.alyr[/B]
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!AED17B841272
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.LooksLike.Win32.Small.L[/B]
Microsoft 1.4903 2009.08.06 -
[B]NOD32 4312 2009.08.06 Win32/Oficla.A[/B]
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
[B]Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.06 -
[B]Rising 21.41.34.00 2009.08.06 Trojan.DL.Win32.Undef.gds[/B]
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
[B]Symantec 1.4.4.12 2009.08.06 SecurityRisk.Downldr[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация
File size: 24576 bytes
MD5...: aed17b841272d835657a5c32f18e7046
SHA1..: c02cbfa8887016e74bb46dcafae238b4a5b7764a
SHA256: a704cf809922c83764c9575520237b746bca99dc373a9081569515b158823f6a
ssdeep: 384:5JtXqCog7f+9A31rhs+OgQN0On16SZTXkGT5:/QCV7W9Q5hs+uyO16Irp
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/a704cf809922c83764c9575520237b746bca99dc373a9081569515b158823f6a-1249570828[/url]

[size="1"][color="#666686"][B][I]Добавлено через 7 часов 16 минут[/I][/B][/color][/size]

Файл VK.exe получен 2009.08.06 22:18:58 (UTC)
Текущий статус: закончено
Результат: 11/41 (26.83%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan.BAT.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
[B]DrWeb 5.0.0.12182 2009.08.06 Trojan.Hosts.52
eSafe 7.0.17.0 2009.08.06 Suspicious File[/B]
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
[B]F-Secure 8.0.14470.0 2009.08.06 Trojan.BAT.Qhost.eu[/B]
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan.BAT.Agent[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
[B]Kaspersky 7.0.0.125 2009.08.06 Trojan.BAT.Qhost.eu[/B]
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.Win32.ModifiedUPX.B!92
Microsoft 1.4903 2009.08.06 Trojan:Win32/Qhost.AY[/B]
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
[B]Rising 21.41.34.00 2009.08.06 Dropper.Win32.Agent.zrh
Sophos 4.44.0 2009.08.06 Sus/Dropper-A[/B]
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
[B]TrendMicro 8.950.0.1094 2009.08.06 PAK_Generic.001[/B]
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Дополнительная информация
File size: 19968 bytes
MD5...: 55555d8215040c839dcfc2dc1f6da85e
SHA1..: facd21a1be7ac500d2b46826b5fdbaf137f9de3b
SHA256: bd2776b7e17307c480158cfed0c0c3e58a131e7fe78bacfc10938f2541429f9c
ssdeep: 384:4I38pS558OMoXvzRpKAQ9iJs3s/C20qEMu5OcZvjMaNJawcudoD7URm7P:4I
LpMSTQ9G1xhENBFnbcuyD7UW
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/bd2776b7e17307c480158cfed0c0c3e58a131e7fe78bacfc10938f2541429f9c-1249597138[/url]

Показывать 40 сообщений этой темы на одной странице