Исследование антивирусов 5

Printable View

Показывать 40 сообщений этой темы на одной странице

21.08.2007, 12:26
santy

File file.exe received on 08.21.2007 10:15:10 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 18/31 (58.07%)

Antivirus Version Last Update Result
[B]AhnLab-V3 2007.8.21.2 2007.08.21 Win-Trojan/Downloader.10330[/B]
[B]AntiVir 7.4.1.62 2007.08.21 TR/Dldr.Small.ezc[/B]
[B]Authentium 4.93.8 2007.08.20 W32/Downloader.gen10[/B]
Avast 4.7.1029.0 2007.08.20 -
[B]AVG 7.5.0.484 2007.08.20 Downloader.Generic5.QZX[/B]
[B]BitDefender 7.2 2007.08.21 BehavesLike:Trojan.Downloader[/B]
CAT-QuickHeal 9.00 2007.08.20 -
ClamAV 0.91 2007.08.21 -
[B]DrWeb 4.33 2007.08.20 Trojan.DownLoader.29701[/B]
[B]eSafe 7.0.15.0 2007.08.20 Win32.Small.ezc[/B]
eTrust-Vet 31.1.5076 2007.08.21 -
Ewido 4.0 2007.08.20 -
FileAdvisor 1 2007.08.21 -
[B]Fortinet 2.91.0.0 2007.08.21 W32/Small.EZC!tr.dldr[/B]
[B]F-Prot 4.3.2.48 2007.08.20 W32/Downloader.gen10[/B]
[B]F-Secure 6.70.13030.0 2007.08.21 Trojan-Downloader.Win32.Small.ezc[/B]
[B]Ikarus T3.1.1.12 2007.08.21 Trojan-Downloader.Win32.Small.ezc[/B]
Kaspersky 4.0.2.24 2007.08.21 -
McAfee 5101 2007.08.20 -
[B]Microsoft 1.2803 2007.08.21 TrojanDownloader:Win32/Small.gen!O[/B]
[B]NOD32v2 2472 2007.08.21 probably unknown NewHeur_PE virus[/B]
[B]Norman 5.80.02 2007.08.20 W32/DLoader.DBTS[/B]
Panda 9.0.0.4 2007.08.21 -
Prevx1 V2 2007.08.21 -
Rising 19.37.12.00 2007.08.21 -
[B]Sophos 4.20.0 2007.08.21 Mal/TinyDL-L[/B]
[B]Sunbelt 2.2.907.0 2007.08.21 Trojan-Downloader.Win32.Small.gen!O[/B]
Symantec 10 2007.08.21 -
[B]TheHacker 6.1.8.171 2007.08.21 Trojan/Downloader.Small.ezc[/B]
[B]VBA32 3.12.2.2 2007.08.21 Trojan-Downloader.Win32.Small.ezc[/B]
VirusBuster 4.3.26:9 2007.08.20 -
Additional information
File size: 10332 bytes
MD5: 4f30c174ae755b88aad65eda62549800
SHA1: 5bd178a6a4fea918d77ad19391eb05548688a80d
21.08.2007, 21:17
XL

[QUOTE]File applet.exe received on 08.21.2007 19:24:11 (CET)
Current status: finished
Result: 16/32 (50%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.8.22.0 2007.08.21 -
[B]AntiVir 7.4.1.62 2007.08.21 WORM/Zhelatin.Gen
Authentium 4.93.8 2007.08.20 Possibly a new variant of W32/Fathom.2-based!Maximus
Avast 4.7.1029.0 2007.08.21 Win32:Zhelatin-ANZ
AVG 7.5.0.484 2007.08.21 Downloader.Tibs.7.D
BitDefender 7.2 2007.08.21 DeepScan:[email protected]
CAT-QuickHeal 9.00 2007.08.21 (Suspicious) - DNAScan
ClamAV 0.91 2007.08.21 Fathom
DrWeb 4.33 2007.08.21 Trojan.Packed.142
eSafe 7.0.15.0 2007.08.20 Suspicious Trojan/Worm
eTrust-Vet 31.1.5076 2007.08.21 Win32/Sintun.AC[/B]
Ewido 4.0 2007.08.21 -
FileAdvisor 1 2007.08.21 -
Fortinet 2.91.0.0 2007.08.21 -
[B]F-Prot 4.3.2.48 2007.08.20 W32/Fathom.2-based!Maximus[/B]
F-Secure 6.70.13030.0 2007.08.21 -
Ikarus T3.1.1.12 2007.08.21 -
Kaspersky 4.0.2.24 2007.08.21 -
McAfee 5102 2007.08.21 -
Microsoft 1.2803 2007.08.21 -
NOD32v2 2473 2007.08.21 -
Norman 5.80.02 2007.08.21 -
Panda 9.0.0.4 2007.08.21 -
Prevx1 V2 2007.08.21 -
Rising 19.37.12.00 2007.08.21 -
[B]Sophos 4.20.0 2007.08.21 Mal/Dorf-E
Sunbelt 2.2.907.0 2007.08.21 VIPRE.Suspicious
Symantec 10 2007.08.21 Trojan.Packed.13[/B]
TheHacker 6.1.8.171 2007.08.21 -
[B]VBA32 3.12.2.2 2007.08.21 MalwareScope.Worm.Nuwar-Glowa.1[/B]
VirusBuster 4.3.26:9 2007.08.21 -
[B]Webwasher-Gateway 6.0.1 2007.08.21 Worm.Zhelatin.Gen[/B]
Additional information
File size: 114487 bytes
MD5: 76b73b86b9353ce30b39f852da5ca35f
SHA1: 69ed9cb4d9f9c32e3a19a53ee87808cc53cb0842
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.[/QUOTE]

Каспер с Нодом подкачали...или не успели еще :)

****

[QUOTE]File Dumped.sys received on 08.21.2007 19:33:40 (CET)
Current status: finished
Result: 4/32 (12.5%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.8.22.0 2007.08.21 -
AntiVir 7.4.1.62 2007.08.21 -
Authentium 4.93.8 2007.08.20 -
[B]Avast 4.7.1029.0 2007.08.21 Win32:Agent-FTK
AVG 7.5.0.484 2007.08.21 Obfustat.IZO[/B]
BitDefender 7.2 2007.08.21 -
CAT-QuickHeal 9.00 2007.08.21 -
ClamAV 0.91 2007.08.21 -
DrWeb 4.33 2007.08.21 -
eSafe 7.0.15.0 2007.08.20 -
eTrust-Vet 31.1.5076 2007.08.21 -
Ewido 4.0 2007.08.21 -
FileAdvisor 1 2007.08.21 -
Fortinet 2.91.0.0 2007.08.21 -
F-Prot 4.3.2.48 2007.08.20 -
F-Secure 6.70.13030.0 2007.08.21 -
[B]Ikarus T3.1.1.12 2007.08.21 Rootkit.Win32.Agent.ea[/B]
Kaspersky 4.0.2.24 2007.08.21 -
McAfee 5102 2007.08.21 -
Microsoft 1.2803 2007.08.21 -
NOD32v2 2473 2007.08.21 -
Norman 5.80.02 2007.08.21 -
Panda 9.0.0.4 2007.08.21 -
Prevx1 V2 2007.08.21 -
Rising 19.37.12.00 2007.08.21 -
Sophos 4.20.0 2007.08.21 -
Sunbelt 2.2.907.0 2007.08.21 -
Symantec 10 2007.08.21 -
TheHacker 6.1.8.171 2007.08.21 -
VBA32 3.12.2.2 2007.08.21 -
VirusBuster 4.3.26:9 2007.08.21 -
[B]Webwasher-Gateway 6.0.1 2007.08.21 Win32.Malware.gen!80 (suspicious)[/B]
Additional information
File size: 176128 bytes
MD5: 57b2356f3b70dd86a8ed66b48f589417
SHA1: d769a5ac768f22c29508e18cfdb9ed148d60f59d[/QUOTE]

А это детект дампа, снятого через RKU с одного зверька сегодня. Бился с ним более получаса, в итоге небезуспешно. Очень похож на Trojan.Srizbi, скрипт для убиения которого обсуждается в закрытом разделе форума.
21.08.2007, 23:32
vaber

[QUOTE='XL;128928']Очень похож на Trojan.Srizbi, скрипт для убиения которого обсуждается в закрытом разделе форума.[/QUOTE]
А это он и есть :) Srizbi детектируется Касперским именно как Rootkit.Win32.Agent.ea.Ну а вердикт Ikarus = Kaspersky
24.08.2007, 07:32
Winsent

File 1.exe received on 08.24.2007 05:41:04 (CET)
Current status: finished
Result: 12/32 (37.5%)

Antivirus Version Last Update Result.

AhnLab-V3 2007.8.22.0 2007.08.24 -
[B]AntiVir 7.4.1.63 2007.08.23 DR/Delphi.Gen[/B]
Authentium 4.93.8 2007.08.23 -
[B]Avast 4.7.1029.0 2007.08.24 Win32:LdPinch-NO[/B]
AVG 7.5.0.484 2007.08.23 -
[B]BitDefender 7.2 2007.08.24 MemScan:Trojan.PWS.LdPinch.BSG[/B]
CAT-QuickHeal 9.00 2007.08.23 -
[B]ClamAV 0.91 2007.08.24 Trojan.Dropper.Delf-65
DrWeb 4.33 2007.08.23 Trojan.PWS.LDPinch.1467
eSafe 7.0.15.0 2007.08.23 Suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5083 2007.08.24 -
Ewido 4.0 2007.08.23 -
FileAdvisor 1 2007.08.24 -
Fortinet 2.91.0.0 2007.08.24 -
F-Prot 4.3.2.48 2007.08.23 -
F-Secure 6.70.13030.0 2007.08.24 -
Ikarus T3.1.1.12 2007.08.24 -
[B]Kaspersky 4.0.2.24 2007.08.24 Trojan-Dropper.Win32.Agent.bqb
McAfee 5104 2007.08.23 W32/Generic.Delphi.b[/B]
Microsoft 1.2803 2007.08.24 -
[B]NOD32v2 2481 2007.08.24 a variant of Win32/PSW.LdPinch.NCB[/B]
Norman 5.80.02 2007.08.23 -
[B]Panda 9.0.0.4 2007.08.24 Suspicious file[/B]
Prevx1 V2 2007.08.24 -
Rising 19.37.40.00 2007.08.24 -
Sophos 4.20.0 2007.08.24 -
Sunbelt 2.2.907.0 2007.08.24 -
Symantec 10 2007.08.24 -
TheHacker 6.1.8.172 2007.08.24 -
[B]VBA32 3.12.2.3 2007.08.23 MalwareScope.Trojan-PSW.Pinch.1[/B]
VirusBuster 4.3.26:9 2007.08.23 -
[B]Webwasher-Gateway 6.0.1 2007.08.24 Trojan.Delphi.Gen[/B]

Additional information
File size: 78160 bytes
MD5: df12100205b0d79efb9129c8a34a75cd
SHA1: 9022ae857bc001aa2b1a008b87bb2c52b9c33167
packers: PECompact
packers: BINARYRES, PECOMPACT
packers: PecBundle, PECompact
27.08.2007, 21:57
Winsent

File sobchak.scr received on 08.27.2007 19:50:49 (CET)
Current status: finished
Result: 15/32 (46.88%)

Antivirus Version Last Update Result

AhnLab-V3 2007.8.28.0 2007.08.27 -
[B]AntiVir 7.4.1.63 2007.08.27 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.08.26 -
Avast 4.7.1029.0 2007.08.27 -
[B]AVG 7.5.0.484 2007.08.27 Win32/PolyCrypt
BitDefender 7.2 2007.08.27 Trojan.PWS.LDPinch.TAW[/B]
CAT-QuickHeal 9.00 2007.08.25 -
ClamAV 0.91 2007.08.27 -
DrWeb 4.33 2007.08.27 -
[B]eSafe 7.0.15.0 2007.08.26 Suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5088 2007.08.27 -
Ewido 4.0 2007.08.27 -
FileAdvisor 1 2007.08.27 -
Fortinet 2.91.0.0 2007.08.27 -
F-Prot 4.3.2.48 2007.08.26 -
[B]F-Secure 6.70.13260.0 2007.08.27 Trojan-PSW.Win32.LdPinch.ckf
Ikarus T3.1.1.12 2007.08.27 Trojan-PWS.Win32.Lmir.AGP
Kaspersky 4.0.2.24 2007.08.27 Packed.Win32.PolyCrypt.d
McAfee 5106 2007.08.27 New Malware.ek
Microsoft 1.2803 2007.08.27 TrojanDownloader:Win32/Small.CBA[/B]
NOD32v2 2486 2007.08.27 -
[B]Norman 5.80.02 2007.08.27 Suspicious_P.gen[/B]
Panda 9.0.0.4 2007.08.27 -
Prevx1 V2 2007.08.27 -
[B]Rising 19.38.02.00 2007.08.27 Packer.RyCrypt
Sophos 4.21.0 2007.08.27 Mal/AvPak
Sunbelt 2.2.907.0 2007.08.25 VIPRE.Suspicious[/B]
Symantec 10 2007.08.27 -
TheHacker 6.1.9.173 2007.08.27 -
VBA32 3.12.2.3 2007.08.27 -
[B]VirusBuster 4.3.26:9 2007.08.27 Trojan.DR.Cimuz.Gen.1
Webwasher-Gateway 6.0.1 2007.08.27 Trojan.Crypt.XPACK.Gen[/B]

Additional information
File size: 66755 bytes
MD5: ef2e89c62eedfa555665d344d3cf8abe
SHA1: a051df1f7eeb005bb568be9c0948a90b76e4b53f
packers: RCrypt
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
28.08.2007, 16:11
Shu_b

t-11969

File avz00002.dta received on 08.28.2007 13:21:31 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.8.28.2 2007.08.28 -
[B]AntiVir 7.4.1.63 2007.08.28 TR/Agent.GBC[/B]
Authentium 4.93.8 2007.08.28 -
Avast 4.7.1029.0 2007.08.27 -
[B]AVG 7.5.0.484 2007.08.27 SHeur.DLP
BitDefender 7.2 2007.08.28 BehavesLike:Trojan.StartPage
CAT-QuickHeal 9.00 2007.08.25 (Suspicious) - DNAScan
[/B]ClamAV 0.91 2007.08.28 -
[B]DrWeb 4.33 2007.08.28 modification of Trojan.Packed.162
eSafe 7.0.15.0 2007.08.26 -1646264482
[/B]eTrust-Vet 31.1.5091 2007.08.28 -
Ewido 4.0 2007.08.27 -
FileAdvisor 1 2007.08.28 -
Fortinet 2.91.0.0 2007.08.28 -
F-Prot 4.3.2.48 2007.08.28 -
F-Secure 6.70.13030.0 2007.08.28 -
[B]Ikarus T3.1.1.12 2007.08.28 BehavesLikeTrojan.StartPage
[/B]Kaspersky 4.0.2.24 2007.08.28 -
McAfee 5106 2007.08.27 -
Microsoft 1.2803 2007.08.28 -
NOD32v2 2488 2007.08.28 -
Norman 5.80.02 2007.08.28 -
[B]Panda 9.0.0.4 2007.08.28 Trj/Agent.GBC
Prevx1 V2 2007.08.28 Trojan.SystemPoser
Rising 19.38.12.00 2007.08.28 Trojan.Win32.Agent.gbc
[/B]Sophos 4.21.0 2007.08.28 -
[B]Sunbelt 2.2.907.0 2007.08.25 VIPRE.Suspicious
[/B]Symantec 10 2007.08.28 -
TheHacker 6.1.9.175 2007.08.28 -
VBA32 3.12.2.3 2007.08.28 -
VirusBuster 4.3.26:9 2007.08.27 -
[B]Webwasher-Gateway 6.0.1 2007.08.28 Trojan.Agent.GBC
[/B]Additional information
File size: 45743 bytes
MD5: 7ed38b35477c4be7ea4aae15478b6ef7
SHA1: 30ac390cd908a4773f47205d621afe0d0a502f04

[size="1"][color="#666686"][B][I]Добавлено через 28 минут[/I][/B][/color][/size]

File http__www.****.com_youtube__w received on 08.28.2007 14:01:03 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.8.28.2 2007.08.28 -
[B]AntiVir 7.4.1.63 2007.08.28 HEUR/Malware[/B]
Authentium 4.93.8 2007.08.28 -
Avast 4.7.1029.0 2007.08.27 -
[B]AVG 7.5.0.484 2007.08.27 Generic6.ULJ
BitDefender 7.2 2007.08.28 Dropped:Generic.Malware.Yddld!!.ACDA918A[/B]
CAT-QuickHeal 9.00 2007.08.25 -
[B]ClamAV 0.91 2007.08.28 Trojan.Dropper-2269[/B]
DrWeb 4.33 2007.08.28 -
[B]eSafe 7.0.15.0 2007.08.26 suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5091 2007.08.28 -
Ewido 4.0 2007.08.27 -
FileAdvisor 1 2007.08.28 -
[B]Fortinet 2.91.0.0 2007.08.28 W32/Agent.AVM!tr[/B]
F-Prot 4.3.2.48 2007.08.28 -
[B]F-Secure 6.70.13030.0 2007.08.28 Trojan.Win32.Agent.avm
Ikarus T3.1.1.12 2007.08.28 Win32.SuspectCrc
Kaspersky 4.0.2.24 2007.08.28 Trojan.Win32.Agent.avm[/B]
McAfee 5106 2007.08.27 -
Microsoft 1.2803 2007.08.28 -
NOD32v2 2488 2007.08.28 -
[B]Norman 5.80.02 2007.08.28 W32/Malware
Panda 9.0.0.4 2007.08.28 Trj/Downloader.MDW[/B]
Prevx1 V2 2007.08.28 -
Rising 19.38.12.00 2007.08.28 -
[B]Sophos 4.21.0 2007.08.28 Mal/Generic-A[/B]
Sunbelt 2.2.907.0 2007.08.25 -
Symantec 10 2007.08.28 -
[B]TheHacker 6.1.9.175 2007.08.28 Trojan/Agent.avm
VBA32 3.12.2.3 2007.08.28 Trojan.Win32.Agent.avm[/B]
VirusBuster 4.3.26:9 2007.08.27 -
[B]Webwasher-Gateway 6.0.1 2007.08.28 Heuristic.Malware[/B]
Additional information
File size: 113152 bytes
MD5: a2880ae984568cf6708500f7d719ddf5
SHA1: 9b0e5f41dc7ea8f74c209d99f5b4a83a5ada06c4
packers: UPX
packers: UPX, BINARYRES, UPX, BINARYRES
28.08.2007, 17:20
RobinFood

Похоже, у меня эпидемия :)

File ulsoxoi.exe received on 08.28.2007 13:51:20 (CET)
Antivirus Version Last Update Result
[b]AhnLab-V3 2007.8.28.2 2007.08.28 Win32/IRCBot.worm.504480[/b]
[b]AntiVir 7.4.1.63 2007.08.28 HEUR/Crypted[/b]
Authentium 4.93.8 2007.08.28 -
Avast 4.7.1029.0 2007.08.27 -
[b]AVG 7.5.0.484 2007.08.27 SHeur.JOR[/b]
[b]BitDefender 7.2 2007.08.28 DeepScan:Generic.Sdbot.F47A0C90[/b]
[b]CAT-QuickHeal 9.00 2007.08.25 Backdoor.SdBot.gen[/b]
ClamAV 0.91 2007.08.28 -
DrWeb 4.33 2007.08.28 -
eSafe 7.0.15.0 2007.08.26 -
eTrust-Vet 31.1.5091 2007.08.28 -
Ewido 4.0 2007.08.27 -
FileAdvisor 1 2007.08.28 -
Fortinet 2.91.0.0 2007.08.28 -
F-Prot 4.3.2.48 2007.08.28 -
F-Secure 6.70.13030.0 2007.08.28 -
[b]Ikarus T3.1.1.12 2007.08.28 Generic.Sdbot[/b]
Kaspersky 4.0.2.24 2007.08.28 -
[b]McAfee 5106 2007.08.27 New Malware.gp[/b]
Microsoft 1.2803 2007.08.28 -
NOD32v2 2488 2007.08.28 -
Norman 5.80.02 2007.08.28 -
Panda 9.0.0.4 2007.08.28 -
[b]Prevx1 V2 2007.08.28 Worm.Rbot[/b]
Rising 19.38.12.00 2007.08.28 -
Sophos 4.21.0 2007.08.28 -
[b]Sunbelt 2.2.907.0 2007.08.25 VIPRE.Suspicious[/b]
Symantec 10 2007.08.28 -
TheHacker 6.1.9.175 2007.08.28 -
VBA32 3.12.2.3 2007.08.28 -
VirusBuster 4.3.26:9 2007.08.27 -
[b]Webwasher-Gateway 6.0.1 2007.08.28 Heuristic.Crypted[/b]
Additional information
File size: 504480 bytes
MD5: e36c441a19c72d71eea9e27a3f86c292
SHA1: 679aabd092915d0e788b2b1b092e36b7a11424f5
packers: Themida
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=3695ABAFA09BD606B2F00774C10E5300F089BAE4[/url]
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
28.08.2007, 22:59
Shu_b

t=11980
File avz00001.dta received on 08.28.2007 20:47:31 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.8.29.0 2007.08.28 -
[B]AntiVir 7.4.1.63 2007.08.28 HEUR/Crypted[/B]
Authentium 4.93.8 2007.08.28 -
Avast 4.7.1029.0 2007.08.28 -
AVG 7.5.0.484 2007.08.28 -
BitDefender 7.2 2007.08.28 -
CAT-QuickHeal 9.00 2007.08.25 -
ClamAV 0.91.2 2007.08.28 -
DrWeb 4.33 2007.08.28 -
[B]eSafe 7.0.15.0 2007.08.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5091 2007.08.28 -
Ewido 4.0 2007.08.28 -
FileAdvisor 1 2007.08.28 -
Fortinet 2.91.0.0 2007.08.28 -
F-Prot 4.3.2.48 2007.08.28 -
F-Secure 6.70.13030.0 2007.08.28 -
Ikarus T3.1.1.12 2007.08.28 -
Kaspersky 4.0.2.24 2007.08.28 -
McAfee 5107 2007.08.28 -
[B]Microsoft 1.2803 2007.08.28 TrojanDownloader:Win32/Renos[/B]
NOD32v2 2489 2007.08.28 -
Norman 5.80.02 2007.08.28 -
Panda 9.0.0.4 2007.08.28 -
[B]Prevx1 V2 2007.08.28 Spyware.WinAntiVirus[/B]
Rising 19.38.12.00 2007.08.28 -
[B]Sophos 4.21.0 2007.08.28 Mal/EncPk-AV
Sunbelt 2.2.907.0 2007.08.25 VIPRE.Suspicious[/B]
Symantec 10 2007.08.28 -
TheHacker 6.1.9.175 2007.08.28 -
VBA32 3.12.2.3 2007.08.28 -
VirusBuster 4.3.26:9 2007.08.28 -
[B]Webwasher-Gateway 6.0.1 2007.08.28 Heuristic.Crypted[/B]

Additional information
File size: 16896 bytes
MD5: c4fd4f9445461a705798ee6a9b649caa
SHA1: 9fdcbec52d049ff502aba952cd6cf1b0ad79fde4
30.08.2007, 13:27
drongo

T=12012
[code] File avz00004.dta received on 08.30.2007 10:58:15 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.8.29.0 2007.08.30 -
AntiVir 7.4.1.66 2007.08.30 TR/Dldr.ConHook.Gen
Authentium 4.93.8 2007.08.29 -
Avast 4.7.1029.0 2007.08.29 -
AVG 7.5.0.484 2007.08.29 BHO.AMJ
BitDefender 7.2 2007.08.30 MemScan:Trojan.Juan.V
CAT-QuickHeal 9.00 2007.08.30 -
ClamAV 0.91.2 2007.08.29 -
DrWeb 4.33 2007.08.30 Trojan.Virtumod
eSafe 7.0.15.0 2007.08.29 suspicious Trojan/Worm
eTrust-Vet 31.1.5095 2007.08.30 -
Ewido 4.0 2007.08.29 -
FileAdvisor 1 2007.08.30 -
Fortinet 3.11.0.0 2007.08.30 -
F-Prot 4.3.2.48 2007.08.29 -
F-Secure 6.70.13030.0 2007.08.30 -
Ikarus T3.1.1.12 2007.08.30 MemScanTrojan.Juan.V
Kaspersky 4.0.2.24 2007.08.30 -
McAfee 5108 2007.08.29 -
Microsoft 1.2803 2007.08.30 -
NOD32v2 2491 2007.08.30 a variant of Win32/BHO.G
Norman 5.80.02 2007.08.29 Suspicious_R.gen
Panda 9.0.0.4 2007.08.29 Suspicious file
Prevx1 V2 2007.08.30 Generic.Malware
Rising 19.38.31.00 2007.08.30 -
Sophos 4.21.0 2007.08.30 -
Sunbelt 2.2.907.0 2007.08.25 Virtumonde
Symantec 10 2007.08.30 -
TheHacker 6.1.9.175 2007.08.30 -
VBA32 3.12.2.3 2007.08.28 Trojan.Virtumod
VirusBuster 4.3.26:9 2007.08.29 -
Webwasher-Gateway 6.0.1 2007.08.30 Trojan.Dldr.ConHook.Gen
Additional information
File size: 63598 bytes
MD5: 37ebe8949ae4f403aa037b184636d2c4
SHA1: d370ece1f3892d5b426e36cad93fd4b101f5dbc6
packers: RLPack
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=ECD659906E6212C0F82E00C91BAEAC00B5ED8FAC
Sunbelt info: Virtumonde is an adware program that displays pop-up advertisements on the desktop. Virtumonde also downloads other software from various remote servers.[/code]
31.08.2007, 14:24
santy

File Trojan.DownLoader.Nurech.BV.rar received on 08.31.2007 12:06:45 (CET)

Antivirus Version Last Update Result
AhnLab-V3 2007.9.1.0 2007.08.31 -
AntiVir 7.4.1.66 2007.08.31 -
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.30 -
[b]AVG 7.5.0.484 2007.08.31 Downloader.Generic5.TWO[/b]
BitDefender 7.2 2007.08.31 -
CAT-QuickHeal 9.00 2007.08.30 -
[b]ClamAV 0.91.2 2007.08.31 Trojan.Downloader-12895[/b]
[b]DrWeb 4.33 2007.08.31 Trojan.DownLoader.30458[/b]
eSafe 7.0.15.0 2007.08.29 -
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.30 -
FileAdvisor 1 2007.08.31 -
Fortinet 3.11.0.0 2007.08.31 -
[b]F-Prot 4.3.2.48 2007.08.31 W32/Trojan.BVZH[/b]
F-Secure 6.70.13030.0 2007.08.31 -
[b]Ikarus T3.1.1.12 2007.08.31 Trojan-Downloader.Win32.Small.evh[/b]
Kaspersky 4.0.2.24 2007.08.31 -
[b]McAfee 5109 2007.08.30 Downloader-AAP.gen[/b]
[b]Microsoft 1.2803 2007.08.31 TrojanDownloader:Win32/Agent.ABZ[/b]
[b]NOD32v2 2493 2007.08.31 a variant of Win32/TrojanDownloader.Nurech.BV[/b]
Norman 5.80.02 2007.08.30 -
Panda 9.0.0.4 2007.08.31 -
Prevx1 V2 2007.08.31 -
Rising 19.38.42.00 2007.08.31 -
[b]Sophos 4.21.0 2007.08.31 Mal/Clagger-G[/b]
Sunbelt 2.2.907.0 2007.08.25 -
Symantec 10 2007.08.31 -
TheHacker 6.1.9.175 2007.08.31 -
[b]VBA32 3.12.2.3 2007.08.30 Trojan.Win32.Inject.dj[/b]
VirusBuster 4.3.26:9 2007.08.30 -
[b]Webwasher-Gateway 6.0.1 2007.08.31 Trojan.Dldr.LooksLike.Tiny!7782[/b]
Additional information
File size: 3730 bytes
MD5: a7e49a314b2cba8f8c5f073ff08bd29e
SHA1: 2371c27b28a5a76787ee47b5b842b55ea779f73c
31.08.2007, 17:33
maXmo

AhnLab-V3 2007.9.1.0 2007.08.31 -
[B]AntiVir 7.4.1.66 2007.08.31 TR/Dldr.Small.ety.5[/B]
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.30 -
[B]AVG 7.5.0.484 2007.08.31 Obfustat.JDC[/B]
BitDefender 7.2 2007.08.31 -
[B]CAT-QuickHeal 9.00 2007.08.31 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.08.31 -
[B]DrWeb 4.33 2007.08.31 Trojan.Packed.166
eSafe 7.0.15.0 2007.08.29 suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.31 -
FileAdvisor 1 2007.08.31 -
[B]Fortinet 3.11.0.0 2007.08.31 W32/Small.ETY!tr.dldr[/B]
F-Prot 4.3.2.48 2007.08.31 -
[B]F-Secure 6.70.13030.0 2007.08.31 Trojan-Downloader.Win32.Small.ety
Ikarus T3.1.1.12 2007.08.31 Trojan-PWS.Win32.LdPinch.atw
Kaspersky 4.0.2.24 2007.08.31 Trojan-Downloader.Win32.Small.ety
McAfee 5109 2007.08.30 New Malware.bl[/B]
Microsoft 1.2803 2007.08.31 -
NOD32v2 2493 2007.08.31 -
[B]Norman 5.80.02 2007.08.31 W32/DLoader.DEUB
Panda 9.0.0.4 2007.08.31 Generic Malware[/B]
Prevx1 V2 2007.08.31 -
[B]Rising 19.38.42.00 2007.08.31 Packer.RyCrypt
Sophos 4.21.0 2007.08.31 Mal/EncPk-AW
Sunbelt 2.2.907.0 2007.08.25 VIPRE.Suspicious[/B]
Symantec 10 2007.08.31 -
[B]TheHacker 6.1.9.175 2007.08.31 Trojan/Downloader.Small.ety
VBA32 3.12.2.3 2007.08.30 Trojan-Downloader.Win32.Small.ety
VirusBuster 4.3.26:9 2007.08.30 Trojan.DR.Cimuz.Gen.1
Webwasher-Gateway 6.0.1 2007.08.31 Trojan.Dldr.Small.ety.5[/B]
Additional information
File size: 14790 bytes
MD5: d175dbe7caf6fda6bb6395462516d7fd
SHA1: 1622c193cd9e81528ced6bdb6e11fc32d32b5a83
packers: RCrypt

по ходу просто даунлоадер, буду смотреть, чего он там надаунлоадил :D

…мдя

[size="1"][color="#666686"][B][I]Добавлено через 1 час 2 минуты[/I][/B][/color][/size]

накачал-таки…

AhnLab-V3 2007.9.1.0 2007.08.31 -
[B]AntiVir 7.4.1.66 2007.08.31 TR/Crypt.U.Gen[/B]
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.30 -
AVG 7.5.0.484 2007.08.31 -
BitDefender 7.2 2007.08.31 -
CAT-QuickHeal 9.00 2007.08.31 -
ClamAV 0.91.2 2007.08.31 -
[B]DrWeb 4.33 2007.08.31 Trojan.PWS.LDPinch.1941
eSafe 7.0.15.0 2007.08.29 suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.31 -
FileAdvisor 1 2007.08.31 -
Fortinet 3.11.0.0 2007.08.31 -
F-Prot 4.3.2.48 2007.08.31 -
[B]F-Secure 6.70.13030.0 2007.08.31 Trojan-PSW.Win32.LdPinch.cgu[/B]
Ikarus T3.1.1.12 2007.08.31 -
[B]Kaspersky 4.0.2.24 2007.08.31 Trojan-PSW.Win32.LdPinch.cgu
McAfee 5109 2007.08.30 New Malware.bm[/B]
Microsoft 1.2803 2007.08.31 -
NOD32v2 2493 2007.08.31 -
Norman 5.80.02 2007.08.31 -
Panda 9.0.0.4 2007.08.31 -
Prevx1 V2 2007.08.31 -
Rising 19.38.42.00 2007.08.31 -
[B]Sophos 4.21.0 2007.08.31 Mal/Basine-C
Sunbelt 2.2.907.0 2007.08.25 VIPRE.Suspicious[/B]
Symantec 10 2007.08.31 -
TheHacker 6.1.9.175 2007.08.31 -
VBA32 3.12.2.3 2007.08.30 -
VirusBuster 4.3.26:9 2007.08.30 -
[B]Webwasher-Gateway 6.0.1 2007.08.31 Trojan.Crypt.U.Gen[/B]

Additional information
File size: 20480 bytes
MD5: 0a5c7f5e109b57f67ef2a68bd5235e7d
SHA1: e176d36fabdfca20620a83948118c60c9c5dfbe2

AhnLab-V3 2007.9.1.0 2007.08.31 -
AntiVir 7.4.1.66 2007.08.31 -
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.30 -
AVG 7.5.0.484 2007.08.31 -
BitDefender 7.2 2007.08.31 -
CAT-QuickHeal 9.00 2007.08.31 -
ClamAV 0.91.2 2007.08.31 -
DrWeb 4.33 2007.08.31 -
eSafe 7.0.15.0 2007.08.29 -
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.31 -
FileAdvisor 1 2007.08.31 -
Fortinet 3.11.0.0 2007.08.31 -
F-Prot 4.3.2.48 2007.08.31 -
F-Secure 6.70.13030.0 2007.08.31 -
[B]Ikarus T3.1.1.12 2007.08.31 Win32.SuspectCrc[/B]
Kaspersky 4.0.2.24 2007.08.31 -
McAfee 5109 2007.08.30 -
Microsoft 1.2803 2007.08.31 -
NOD32v2 2493 2007.08.31 -
[B]Norman 5.80.02 2007.08.31 W32/Xorpix.ED[/B]
Panda 9.0.0.4 2007.08.31 -
Prevx1 V2 2007.08.31 -
Rising 19.38.42.00 2007.08.31 -
Sophos 4.21.0 2007.08.31 -
[B]Sunbelt 2.2.907.0 2007.08.25 Trojan-Downloader.Win32.Small.nhl[/B]
Symantec 10 2007.08.31 -
TheHacker 6.1.9.175 2007.08.31 -
VBA32 3.12.2.3 2007.08.30 -
VirusBuster 4.3.26:9 2007.08.30 -
Webwasher-Gateway 6.0.1 2007.08.31 -

Additional information
File size: 2560 bytes
MD5: 58df7dc91763549d858991505ae65f3c
SHA1: 5a7f105b498b2e2cd29895c9915480b434fce16f

вот и думай, ложняки или нет

[B]AhnLab-V3 2007.9.1.0 2007.08.31 Win-Trojan/Downloader.12375
AntiVir 7.4.1.66 2007.08.31 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.30 -
[B]AVG 7.5.0.484 2007.08.31 Downloader.Generic6.AUO
BitDefender 7.2 2007.08.31 Trojan.AVKiller.AS
CAT-QuickHeal 9.00 2007.08.31 TrojanDownloader.Small.evl[/B]
ClamAV 0.91.2 2007.08.31 -
[B]DrWeb 4.33 2007.08.31 Trojan.MulDrop.8347
eSafe 7.0.15.0 2007.08.29 Suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.31 -
FileAdvisor 1 2007.08.31 -
Fortinet 3.11.0.0 2007.08.31 -
F-Prot 4.3.2.48 2007.08.31 -
[B]F-Secure 6.70.13030.0 2007.08.31 Trojan-Downloader.Win32.Small.evl
Ikarus T3.1.1.12 2007.08.31 Trojan-Downloader.Win32.Small.evl
Kaspersky 4.0.2.24 2007.08.31 Trojan-Downloader.Win32.Small.evl[/B]
McAfee 5109 2007.08.30 -
Microsoft 1.2803 2007.08.31 -
NOD32v2 2493 2007.08.31 -
Norman 5.80.02 2007.08.31 -
[B]Panda 9.0.0.4 2007.08.31 Suspicious file
Prevx1 V2 2007.08.31 Generic.Malware[/B]
Rising 19.38.42.00 2007.08.31 -
Sophos 4.21.0 2007.08.31 -
Sunbelt 2.2.907.0 2007.08.25 -
Symantec 10 2007.08.31 -
TheHacker 6.1.9.175 2007.08.31 -
VBA32 3.12.2.3 2007.08.30 -
[B]VirusBuster 4.3.26:9 2007.08.30 Trojan.DL.Small.VIY
Webwasher-Gateway 6.0.1 2007.08.31 Trojan.Crypt.XPACK.Gen[/B]

Additional information
File size: 12375 bytes
MD5: 57f3e4dcefb97222c500a655a451a62a
SHA1: 20f6835a99218eb0410dec50ccf8bd483a2e7ad3
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=1AAD6D9457246FA1309C00E97B3B8B00D916ABC2[/url]
31.08.2007, 21:13
icon

[QUOTE]Norman 5.80.02 2007.08.31 W32/Xorpix.ED[/QUOTE]
Хотя бы Норман заставляет задуматься. :)
31.08.2007, 21:18
Макcим

File index.html received on 08.31.2007 19:06:45 (CET)[QUOTE]AhnLab-V3 2007.9.1.0 2007.08.31 -
[B]AntiVir 7.4.1.66 2007.08.31 HTML/Crypted.Gen[/B]
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.30 -
AVG 7.5.0.484 2007.08.31 -
BitDefender 7.2 2007.08.31 -
CAT-QuickHeal 9.00 2007.08.31 -
ClamAV 0.91.2 2007.08.31 -
DrWeb 4.33 2007.08.31 -
eSafe 7.0.15.0 2007.08.29 -
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.31 -
FileAdvisor 1 2007.08.31 -
Fortinet 3.11.0.0 2007.08.31 -
F-Prot 4.3.2.48 2007.08.31 -
[B]F-Secure 6.70.13030.0 2007.08.31 Trojan-Downloader.JS.Agent.na[/B]
Ikarus T3.1.1.12 2007.08.31 -
[B]Kaspersky 4.0.2.24 2007.08.31 Trojan-Downloader.JS.Agent.na[/B]
McAfee 5110 2007.08.31 -
Microsoft 1.2803 2007.08.31 -
NOD32v2 2494 2007.08.31 -
Norman 5.80.02 2007.08.31 -
Panda 9.0.0.4 2007.08.31 -
Prevx1 V2 2007.08.31 -
Rising 19.38.42.00 2007.08.31 -
Sophos 4.21.0 2007.08.31 -
Sunbelt 2.2.907.0 2007.08.25 -
Symantec 10 2007.08.31 -
TheHacker 6.1.9.175 2007.08.31 -
VBA32 3.12.2.3 2007.08.30 -
VirusBuster 4.3.26:9 2007.08.31 -
[B]Webwasher-Gateway 6.0.1 2007.08.31 Script.Crypted.Gen[/B]

Additional information
File size: 19062 bytes
MD5: 2ca148893370116c1ecf9f97ba6a079f
SHA1: 358bd6e636458c7e17b7f7cd6cdf5a7002e469af[/QUOTE]
31.08.2007, 22:42
Winsent

File _________________________________ received on 08.31.2007 20:37:43 (CET)
Current status: finished
Result: 9/32 (28.13%)

Antivirus Version Last Update Result

AhnLab-V3 2007.9.1.0 2007.08.31 -
[B]AntiVir 7.4.1.66 2007.08.31 HEUR/Malware[/B]
Authentium 4.93.8 2007.08.31 -
Avast 4.7.1029.0 2007.08.31 -
[B]AVG 7.5.0.484 2007.08.31 Worm/Agobot.FWG[/B]
BitDefender 7.2 2007.08.31 -
CAT-QuickHeal 9.00 2007.08.31 -
ClamAV 0.91.2 2007.08.31 -
DrWeb 4.33 2007.08.31 -
eSafe 7.0.15.0 2007.08.29 -
eTrust-Vet 31.1.5099 2007.08.31 -
Ewido 4.0 2007.08.31 -
FileAdvisor 1 2007.08.31 -
Fortinet 3.11.0.0 2007.08.31 -
F-Prot 4.3.2.48 2007.08.31 -
[B]F-Secure 6.70.13030.0 2007.08.31 Trojan-Dropper.Win32.Agent.bro[/B]
Ikarus T3.1.1.12 2007.08.31 -
[B]Kaspersky 4.0.2.24 2007.08.31 Trojan-Dropper.Win32.Agent.bro
McAfee 5110 2007.08.31 New Malware.n[/B]
Microsoft 1.2803 2007.08.31 -
NOD32v2 2494 2007.08.31 -
Norman 5.80.02 2007.08.31 -
[B]Panda 9.0.0.4 2007.08.31 Suspicious file[/B]
Prevx1 V2 2007.08.31 -
Rising 19.38.42.00 2007.08.31 -
[B]Sophos 4.21.0 2007.08.31 Mal/Packer[/B]
Sunbelt 2.2.907.0 2007.08.25 -
Symantec 10 2007.08.31 -
TheHacker 6.1.9.175 2007.08.31 -
[B]VBA32 3.12.2.3 2007.08.30 Backdoor.Win32.Agobot.ajr[/B]
VirusBuster 4.3.26:9 2007.08.31 -
[B]Webwasher-Gateway 6.0.1 2007.08.31 Heuristic.Malware[/B]

Additional information
File size: 156686 bytes
MD5: 8fa1d7c14d11d2b45c72771a97677366
SHA1: 4b3ece5ddccc3bfa7a3ce3881f6e41e30cbba4ba
packers: UPACK
01.09.2007, 17:31
Winsent

File INFO.txt_.scr received on 09.01.2007 15:21:02 (CET)
Current status: finished
Result: 14/32 (43.75%)

Antivirus Version Last Update Result

AhnLab-V3 2007.9.1.0 2007.09.01 -
[B]AntiVir 7.4.1.66 2007.08.31 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.09.01 -
[B]Avast 4.7.1029.0 2007.09.01 Win32:Mytob-TC
AVG 7.5.0.484 2007.08.31 Generic7.CXR[/B]
BitDefender 7.2 2007.09.01 [B]GenPack:[email protected]
CAT-QuickHeal 9.00 2007.09.01 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.09.01 -
DrWeb 4.33 2007.09.01 -
[B]eSafe 7.0.15.0 2007.08.29 Suspicious Trojan/Worm[/B]
eTrust-Vet 31.1.5100 2007.08.31 -
Ewido 4.0 2007.09.01 -
FileAdvisor 1 2007.09.01 -
Fortinet 3.11.0.0 2007.09.01 -
F-Prot 4.3.2.48 2007.08.31 -
[B]F-Secure 6.70.13030.0 2007.08.31 Net-Worm.Win32.Mytob.ft
Ikarus T3.1.1.12 2007.09.01 Backdoor.Win32.IRCBot.acd
Kaspersky 4.0.2.24 2007.09.01 Net-Worm.Win32.Mytob.ft[/B]
McAfee 5110 2007.08.31 -
Microsoft 1.2803 2007.09.01 -
[B]NOD32v2 2495 2007.09.01 Win32/Mytob.VW[/B]
Norman 5.80.02 2007.08.31 -
[B]Panda 9.0.0.4 2007.09.01 Suspicious file[/B]
Prevx1 V2 2007.09.01 -
[B]Rising 19.38.52.00 2007.09.01 Backdoor.Win32.IRCbot.bcr[/B]
Sophos 4.21.0 2007.09.01 -
Sunbelt 2.2.907.0 2007.08.31 -
[B]Symantec 10 2007.09.01 W32.IRCBot.Gen[/B]
TheHacker 6.1.9.175 2007.08.31 -
VBA32 3.12.2.3 2007.09.01 -
VirusBuster 4.3.26:9 2007.08.31 -
[B]Webwasher-Gateway 6.0.1 2007.08.31 Trojan.Crypt.XPACK.Gen[/B]

Additional information
File size: 144896 bytes
MD5: 016fb3fe28384a10a78cfafdc87c417d
SHA1: 151f2ac08bf39d775b83a8b6cb17bee458ac3d81
packers: NTKrnl
02.09.2007, 20:01
Mr.Page

File sysuusi.exe received on 09.02.2007 17:51:34 (CET)
Result: 7/32 [B]21.88%[/B]

Antivirus Version Last Update Result

AhnLab-V3 2007.9.1.0 2007.09.01 -
AntiVir 7.4.1.66 2007.09.01 -
Authentium 4.93.8 2007.09.02 -
Avast 4.7.1029.0 2007.09.01 -
AVG 7.5.0.484 2007.09.02 -
BitDefender 7.2 2007.09.02 -
CAT-QuickHeal 9.00 2007.09.01 -
ClamAV 0.91.2 2007.09.02 -
[B]DrWeb 4.33 2007.09.02 Trojan.MulDrop.8473 [/B]
[B]eSafe 7.0.15.0 2007.09.02 Win32.QQPass [/B]
eTrust-Vet 31.1.5100 2007.08.31 -
Ewido 4.0 2007.09.02 -
FileAdvisor 1 2007.09.02 -
Fortinet 3.11.0.0 2007.09.02 -
F-Prot 4.3.2.48 2007.09.02 -
[B]F-Secure 6.70.13030.0 2007.09.02 Trojan-Spy.Win32.Webmoner.do [/B]
[B]Ikarus T3.1.1.12 2007.09.02 Trojan-Dropper.Win32.Delf.MM [/B]
[B]Kaspersky 4.0.2.24 2007.09.02 Trojan-Spy.Win32.Webmoner.do [/B]
McAfee 5110 2007.08.31 -
Microsoft 1.2803 2007.09.02 -
NOD32v2 2497 2007.09.01 -
[B]Norman 5.80.02 2007.09.02 W32/Malware.AHSU [/B]
[B]Panda 9.0.0.4 2007.09.02 Suspicious file [/B]
Prevx1 V2 2007.09.02 -
Rising 19.38.62.00 2007.09.02 -
Sophos 4.21.0 2007.09.02 -
Sunbelt 2.2.907.0 2007.08.31 -
Symantec 10 2007.09.02 -
TheHacker 6.1.9.175 2007.09.02 -
VBA32 3.12.2.3 2007.09.01 -
VirusBuster 4.3.26:9 2007.09.02 -
Webwasher-Gateway 6.0.1 2007.09.01 -

Additional information
File size: 18432 bytes
MD5: 4a7a6d06b861b9da75434d7fc85f767a
SHA1: f6d36dcb0b8bf37995cb85ecc585015f663a7585
03.09.2007, 10:38
drongo

T=12139
[code]
AhnLab-V3 2007.9.1.0 2007.09.03 -
[B]AntiVir 7.4.1.66 2007.09.02 HEUR/Crypted[/B]
Authentium 4.93.8 2007.09.02 -
Avast 4.7.1029.0 2007.09.02 -
[B]AVG 7.5.0.484 2007.09.02 Obfustat.JZS[/B]
BitDefender 7.2 2007.09.03 -
[B]CAT-QuickHeal 9.00 2007.09.01 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.09.03 -
DrWeb 4.33 2007.09.03 -
eSafe 7.0.15.0 2007.09.02 -
eTrust-Vet 31.1.5100 2007.08.31 -
Ewido 4.0 2007.09.02 -
FileAdvisor 1 2007.09.03 -
Fortinet 3.11.0.0 2007.09.03 -
F-Prot 4.3.2.48 2007.09.02 -
F-Secure 6.70.13030.0 2007.09.03 -
[B]Ikarus T3.1.1.12 2007.09.03 Email-Worm.Win32.Locksky.be[/B]
Kaspersky 4.0.2.24 2007.09.03 -
McAfee 5110 2007.08.31 -
Microsoft 1.2803 2007.09.03 -
NOD32v2 2498 2007.09.03 -
[B]Norman 5.80.02 2007.09.02 W32/Tibs.ASKH[/B]
[B]Panda 9.0.0.4 2007.09.02 Suspicious file
Prevx1 V2 2007.09.03 Trojan.VXGAME
Rising 19.39.01.00 2007.09.03 Trojan.Win32.Agent.vyl[/B]
Sophos 4.21.0 2007.09.03 -
Symantec 10 2007.09.03 -
TheHacker 6.1.9.175 2007.09.02 -
VBA32 3.12.2.3 2007.09.01 -
[B]VirusBuster 4.3.26:9 2007.09.02 Packed/FRBR
Webwasher-Gateway 6.0.1 2007.09.02 Heuristic.Crypted[/B]
Additional information
File size: 11264 bytes
MD5: 7c4ca0b78d51494df0aadd61dcee6f30
SHA1: 33c1257bd894ef72951e5233bf35ef0c756a7800
packers: BINARYRES
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=2985B6FE002E09362CBC004B1E87A000DDF2FF76
[/code]
03.09.2007, 21:05
mayas

ile default.php received on 09.03.2007 18:51:09 (CET)
Result: 4/32 (12.5%)

Antivirus Version Last Update Result
AhnLab-V3 2007.9.1.0 2007.09.03 -
AntiVir 7.4.1.66 2007.09.03 [B]HTML/Crypted.Gen[/B]
Authentium 4.93.8 2007.09.02 -
Avast 4.7.1029.0 2007.09.03 -
AVG 7.5.0.485 2007.09.03 -
BitDefender 7.2 2007.09.03 -
CAT-QuickHeal 9.00 2007.09.03 -
ClamAV 0.91.2 2007.09.03 -
DrWeb 4.33 2007.09.03 -
eSafe 7.0.15.0 2007.09.02 -
eTrust-Vet 31.1.5105 2007.09.03 -
Ewido 4.0 2007.09.03 -
FileAdvisor 1 2007.09.03 -
Fortinet 3.11.0.0 2007.09.03 -
F-Prot 4.3.2.48 2007.09.02 -
F-Secure 6.70.13030.0 2007.09.03 [B]Trojan-Clicker.HTML.IFrame.ac[/B]
Ikarus T3.1.1.12 2007.09.03 -
Kaspersky 4.0.2.24 2007.09.03 [B]Trojan-Clicker.HTML.IFrame.ac[/B]
McAfee 5110 2007.08.31 -
Microsoft 1.2803 2007.09.03 -
NOD32v2 2499 2007.09.03 -
Norman 5.80.02 2007.09.03 -
Panda 9.0.0.4 2007.09.03 -
Prevx1 V2 2007.09.03 -
Rising 19.39.02.00 2007.09.03 -
Sophos 4.21.0 2007.09.03 -
Sunbelt 2.2.907.0 2007.08.31 -
Symantec 10 2007.09.03 -
TheHacker 6.1.9.175 2007.09.02 -
VBA32 3.12.2.3 2007.09.03 -
VirusBuster 4.3.26:9 2007.09.03 -
Webwasher-Gateway 6.0.1 2007.09.03 [B]Script.Crypted.Gen[/B]
03.09.2007, 23:34
XL

Очередной штормовой zhelatin

[quote]File labor.exe received on 09.03.2007 21:23:32 (CET)
Current status: finished
Result: 15/32 (46.88%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.9.1.0 2007.09.03 -
[B]AntiVir 7.4.1.66 2007.09.03 Worm/Storm.tch[/B]
Authentium 4.93.8 2007.09.02 -
Avast 4.7.1029.0 2007.09.03 -
[B]AVG 7.5.0.485 2007.09.03 Downloader.Tibs.7.AC
BitDefender 7.2 2007.09.03 Trojan.Peed.IHT
CAT-QuickHeal 9.00 2007.09.03 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.09.03 -
[B]DrWeb 4.33 2007.09.03 Trojan.Packed.142
eSafe 7.0.15.0 2007.09.03 Suspicious Trojan/Worm
eTrust-Vet 31.1.5105 2007.09.03 Win32/Sintun.AF[/B]
Ewido 4.0 2007.09.03 -
FileAdvisor 1 2007.09.03 -
Fortinet 3.11.0.0 2007.09.03 -
F-Prot 4.3.2.48 2007.09.02 -
F-Secure 6.70.13030.0 2007.09.03 -
Ikarus T3.1.1.12 2007.09.03 -
[B]Kaspersky 4.0.2.24 2007.09.03 Email-Worm.Win32.Zhelatin.il[/B]
McAfee 5111 2007.09.03 -
[B]Microsoft 1.2803 2007.09.03 TrojanDropper:Win32/Nuwar.gen!avkill[/B]
NOD32v2 2500 2007.09.03 -
[B]Norman 5.80.02 2007.09.03 Tibs.gen134[/B]
Panda 9.0.0.4 2007.09.03 -
Prevx1 V2 2007.09.03 -
Rising 19.39.02.00 2007.09.03 -
[B]Sophos 4.21.0 2007.09.03 Mal/Dorf-A
Sunbelt 2.2.907.0 2007.08.31 VIPRE.Suspicious
Symantec 10 2007.09.03 Trojan.Packed.13[/B]
TheHacker 6.1.9.175 2007.09.02 -
VBA32 3.12.2.3 2007.09.03 -
[B]VirusBuster 4.3.26:9 2007.09.03 Trojan.Tibs.Gen!Pac.135
Webwasher-Gateway 6.0.1 2007.09.03 Worm.Storm.tch[/B]
Additional information
File size: 140021 bytes
MD5: 781e08a5dcc2c53646ed097e533d6659
SHA1: 34ed3582a1323b300673b7c79260d47d2205578b
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.[/quote]
04.09.2007, 00:31
drongo

t=12160
[code]File avz00001.dta received on 09.03.2007 22:26:26 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.9.1.0 2007.09.03 -
AntiVir 7.4.1.66 2007.09.03 -
Authentium 4.93.8 2007.09.02 -
Avast 4.7.1029.0 2007.09.03 -
[B]AVG 7.5.0.485 2007.09.03 PSW.Agent.NWI[/B]
BitDefender 7.2 2007.09.03 -
CAT-QuickHeal 9.00 2007.09.03 -
[B]ClamAV 0.91.2 2007.09.03 Trojan.Agent-7550
DrWeb 4.33 2007.09.03 Trojan.NtRootKit.361[/B]
eSafe 7.0.15.0 2007.09.03 -
eTrust-Vet 31.1.5105 2007.09.03 -
Ewido 4.0 2007.09.03 -
FileAdvisor 1 2007.09.03 -
Fortinet 3.11.0.0 2007.09.03 -
F-Prot 4.3.2.48 2007.09.02 -
F-Secure 6.70.13030.0 2007.09.03 -
Ikarus T3.1.1.12 2007.09.03 -
Kaspersky 4.0.2.24 2007.09.03 -
McAfee 5111 2007.09.03 -
Microsoft 1.2803 2007.09.03 -
[B]NOD32v2 2500 2007.09.03 Win32/SpamTool.Agent.NAJ[/B]
Norman 5.80.02 2007.09.03 -
Panda 9.0.0.4 2007.09.03 -
Prevx1 V2 2007.09.03 -
Rising 19.39.02.00 2007.09.03 -
Sophos 4.21.0 2007.09.03 -
Sunbelt 2.2.907.0 2007.08.31 -
Symantec 10 2007.09.03 -
TheHacker 6.1.9.175 2007.09.02 -
VBA32 3.12.2.3 2007.09.03 -
VirusBuster 4.3.26:9 2007.09.03 -
Webwasher-Gateway 6.0.1 2007.09.03 -
Additional information
File size: 18944 bytes
MD5: 13a366eef1bf920ffcf754716fda7ade
SHA1: a614eae1da5ee91f034958e23ebd8410ae981115[/code]

Совсем свежая гадость :Никто ещё толком не знает :
[code]
Antivirus Version Last Update Result
AhnLab-V3 2007.9.1.0 2007.09.03 -
[B]AntiVir 7.4.1.66 2007.09.03 HEUR/Crypted[/B]
Authentium 4.93.8 2007.09.02 -
Avast 4.7.1029.0 2007.09.03 -
[B]AVG 7.5.0.485 2007.09.03 Win32/PolyCrypt[/B]
BitDefender 7.2 2007.09.03 -
[B]CAT-QuickHeal 9.00 2007.09.03 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.09.03 -
DrWeb 4.33 2007.09.03 -[B]
eSafe 7.0.15.0 2007.09.03 Suspicious Trojan/Worm
[/B]eTrust-Vet 31.1.5105 2007.09.03 -
Ewido 4.0 2007.09.03 -
FileAdvisor 1 2007.09.03 -
Fortinet 3.11.0.0 2007.09.03 -
F-Prot 4.3.2.48 2007.09.02 -
F-Secure 6.70.13030.0 2007.09.03 -
Ikarus T3.1.1.12 2007.09.03 -
Kaspersky 4.0.2.24 2007.09.03 -
McAfee 5111 2007.09.03 -
Microsoft 1.2803 2007.09.03 -
NOD32v2 2500 2007.09.03 -
Norman 5.80.02 2007.09.03 -
[B]Panda 9.0.0.4 2007.09.03 Suspicious file[/B]
Prevx1 V2 2007.09.03 -
Rising 19.39.02.00 2007.09.03 -
Sophos 4.21.0 2007.09.03 -
[B]Sunbelt 2.2.907.0 2007.08.31 VIPRE.Suspicious[/B]
Symantec 10 2007.09.03 -
TheHacker 6.1.9.175 2007.09.02 -
VBA32 3.12.2.3 2007.09.03 -
VirusBuster 4.3.26:9 2007.09.03 -
[B]Webwasher-Gateway 6.0.1 2007.09.03 Heuristic.Crypted[/B]
Additional information
File size: 39317 bytes
MD5: e11af9ecc9308640109cd11b121325b1
SHA1: fb1be9b5ebc55a942b2c9241fa32a37e2a05d792
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.[/code]

Показывать 40 сообщений этой темы на одной странице