Исследование антивирусов 7

Printable View

Показывать 40 сообщений этой темы на одной странице

16.11.2010, 08:10
olejah

Новенький блокиратор, пойман в Помогите - [B]C:\Documents and Settings\Администратор\wlock\wlock.exe[/B]

File name: -wlock.exe-
Submission date: 2010-11-15 11:36:07 (UTC)
Current status: finished
Result: [B][COLOR="Red"]3[/COLOR] /42 (7.1%)[/B]

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.11.15.05 2010.11.15 -
AntiVir 7.10.13.240 2010.11.15 -
Antiy-AVL 2.0.3.7 2010.11.15 -
Authentium 5.2.0.5 2010.11.15 -
Avast 4.8.1351.0 2010.11.15 -
Avast5 5.0.594.0 2010.11.15 -
AVG 9.0.0.851 2010.11.15 -
BitDefender 7.2 2010.11.15 -
CAT-QuickHeal 11.00 2010.11.09 -
ClamAV 0.96.4.0 2010.11.15 -
Comodo 6725 2010.11.15 -
[B]DrWeb 5.0.2.03300 2010.11.15 - [COLOR="Red"]Trojan.Winlock.2540[/B][/COLOR]
Emsisoft 5.0.0.50 2010.11.15 -
eTrust-Vet 36.1.7976 2010.11.15 -
F-Prot 4.6.2.117 2010.11.15 -
F-Secure 9.0.16160.0 2010.11.15 -
Fortinet 4.2.249.0 2010.11.15 -
GData 21 2010.11.15 -
Ikarus T3.1.1.90.0 2010.11.15 -
Jiangmin 13.0.900 2010.11.15 -
K7AntiVirus 9.67.2973 2010.11.12 -
Kaspersky 7.0.0.125 2010.11.15 -
McAfee 5.400.0.1158 2010.11.15 -
McAfee-GW-Edition 2010.1C 2010.11.15 -
Microsoft 1.6301 2010.11.15 -
[B]NOD32 5620 2010.11.15 - [COLOR="Red"]Win32/LockScreen.WU[/COLOR][/B]
Norman 6.06.10 2010.11.15 -
nProtect 2010-11-15.01 2010.11.15 -
Panda 10.0.2.7 2010.11.14 -
PCTools 7.0.3.5 2010.11.15 -
Prevx 3.0 2010.11.15 -
Rising 22.73.06.04 2010.11.15 -
[B]Sophos 4.59.0 2010.11.15 - [COLOR="Red"]Sus/UnkPack-C[/COLOR][/B]
Sunbelt 7315 2010.11.15 -
SUPERAntiSpyware 4.40.0.1006 2010.11.15 -
Symantec 20101.2.0.161 2010.11.15 -
TheHacker 6.7.0.1.083 2010.11.15 -
TrendMicro 9.120.0.1004 2010.11.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.15 -
VBA32 3.12.14.2 2010.11.15 -
ViRobot 2010.11.15.4148 2010.11.15 -
VirusBuster 12.75.3.0 2010.11.14 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=f8c83309c15581d6f57b789fa0a3af82cef7d00facefb77f6dcf8bc9f1eb19d7-1289820967"]virustotal.com[/URL]
16.11.2010, 19:37
Nexus

[B]C:\WINDOWS\system32\rescue32.exe[/B]

File name:
avz00001.dta
Submission date:
2010-11-16 16:21:26 (UTC)
Current status:
finished
Result:
3/ 43 (7.0%)

[quote]Antivirus Version Last Update Result
AhnLab-V3 2010.11.16.00 2010.11.15 -
AntiVir 7.10.14.11 2010.11.16 -
Antiy-AVL 2.0.3.7 2010.11.16 -
Avast 4.8.1351.0 2010.11.16 -
Avast5 5.0.594.0 2010.11.16 -
AVG 9.0.0.851 2010.11.16 -
BitDefender 7.2 2010.11.16 -
CAT-QuickHeal 11.00 2010.11.09 -
ClamAV 0.96.4.0 2010.11.16 -
Command 5.2.11.5 2010.11.16 -
[B]Comodo 6741 2010.11.16 - [COLOR="Red"]TrojWare.Win32.Trojan.Agent.Gen[/COLOR]
DrWeb 5.0.2.03300 2010.11.16 - [COLOR="#ff0000"]Trojan.DownLoader1.36945[/COLOR][/B]
Emsisoft 5.0.0.50 2010.11.16 -
eSafe 7.0.17.0 2010.11.16 -
eTrust-Vet 36.1.7980 2010.11.16 -
F-Prot 4.6.2.117 2010.11.16 -
F-Secure 9.0.16160.0 2010.11.16 -
Fortinet 4.2.249.0 2010.11.15 -
GData 21 2010.11.16 -
Ikarus T3.1.1.90.0 2010.11.16 -
Jiangmin 13.0.900 2010.11.16 -
K7AntiVirus 9.67.2973 2010.11.12 -
Kaspersky 7.0.0.125 2010.11.16 -
McAfee 5.400.0.1158 2010.11.16 -
McAfee-GW-Edition 2010.1C 2010.11.16 -
Microsoft 1.6301 2010.11.16 -
NOD32 5624 2010.11.16 -
Norman 6.06.10 2010.11.16 -
nProtect 2010-11-16.02 2010.11.16 -
Panda 10.0.2.7 2010.11.15 -
PCTools 7.0.3.5 2010.11.16 -
Prevx 3.0 2010.11.16 -
Rising 22.74.00.01 2010.11.16 -
Sophos 4.59.0 2010.11.16 -
SUPERAntiSpyware 4.40.0.1006 2010.11.16 -
Symantec 20101.2.0.161 2010.11.16 -
TheHacker 6.7.0.1.085 2010.11.16 -
TrendMicro 9.120.0.1004 2010.11.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.11.16 -
VBA32 3.12.14.2 2010.11.16 -
[B]VIPRE 7326 2010.11.16 - [COLOR="#ff0000"]Trojan.Win32.Generic!SB.0[/COLOR][/B]
ViRobot 2010.11.16.4151 2010.11.16 -
VirusBuster 12.76.1.0 2010.11.15 -

MD5 : 45751a87d1a8f7428755c32d58a6e770
SHA1 : 914f61d113e6986006dc5a3a6d652354c06ea8e0
SHA256: 48a154465f99a23fec3410f94e1ec055b71a7e51fb8146a1dfb9e19299f0997e[/quote]
27.11.2010, 13:12
Nexus

File name:
1.vbs
Submission date:
2010-11-27 10:07:36 (UTC)
Current status:
finished
Result:
6/ 43 (14.0%)

[QUOTE][i]Antivirus results[/i]
AhnLab-V3 - 2010.11.27.00 - 2010.11.26 - -
AntiVir - 7.10.14.125 - 2010.11.26 - [color=red]VBS/Toow.A.1 [/color]
Antiy-AVL - 2.0.3.7 - 2010.11.27 - -
Avast - 4.8.1351.0 - 2010.11.26 - -
Avast5 - 5.0.594.0 - 2010.11.26 - -
AVG - 9.0.0.851 - 2010.11.27 - -
BitDefender - 7.2 - 2010.11.27 - -
CAT-QuickHeal - 11.00 - 2010.11.26 - -
ClamAV - 0.96.4.0 - 2010.11.27 - [color=red]PUA.JS.Xored [/color]
Command - 5.2.11.5 - 2010.11.27 - -
Comodo - 6865 - 2010.11.27 - -
DrWeb - 5.0.2.03300 - 2010.11.26 - -
Emsisoft - 5.0.0.50 - 2010.11.27 - -
eSafe - 7.0.17.0 - 2010.11.24 - -
eTrust-Vet - 36.1.8003 - 2010.11.26 - -
F-Prot - 4.6.2.117 - 2010.11.26 - -
F-Secure - 9.0.16160.0 - 2010.11.27 - -
Fortinet - 4.2.254.0 - 2010.11.26 - -
GData - 21 - 2010.11.27 - -
Ikarus - T3.1.1.90.0 - 2010.11.27 - -
Jiangmin - 13.0.900 - 2010.11.27 - -
K7AntiVirus - 9.69.3095 - 2010.11.26 - -
Kaspersky - 7.0.0.125 - 2010.11.27 - -
McAfee - 5.400.0.1158 - 2010.11.27 - -
McAfee-GW-Edition - 2010.1C - 2010.11.26 - [color=red]Heuristic.BehavesLike.VBS.Exploit.A [/color]
Microsoft - 1.6402 - 2010.11.27 - [color=red]Exploit:VBS/Privoot.A [/color]
NOD32 - 5652 - 2010.11.26 - -
Norman - 6.06.10 - 2010.11.27 - -
nProtect - 2010-11-26.01 - 2010.11.26 - -
Panda - 10.0.2.7 - 2010.11.27 - -
PCTools - 7.0.3.5 - 2010.11.27 - -
Prevx - 3.0 - 2010.11.27 - -
Rising - 22.75.04.00 - 2010.11.27 - -
Sophos - 4.60.0 - 2010.11.27 - [color=red]Troj/Toow-A [/color]
SUPERAntiSpyware - 4.40.0.1006 - 2010.11.27 - -
Symantec - 20101.2.0.161 - 2010.11.27 - -
TheHacker - 6.7.0.1.091 - 2010.11.26 - -
TrendMicro - 9.120.0.1004 - 2010.11.27 - -
TrendMicro-HouseCall - 9.120.0.1004 - 2010.11.27 - -
VBA32 - 3.12.14.2 - 2010.11.26 - [color=red]Exploit.VBS.Privoot.A [/color]
VIPRE - 7424 - 2010.11.27 - -
ViRobot - 2010.11.19.4158 - 2010.11.27 - -
VirusBuster - 13.6.62.0 - 2010.11.26 - -[/QUOTE]
[i]File info:[/i]
MD5: e3d1466d7635a989d09ff71bc3b8b16a
SHA1: 82c44cf239cb0f2c722342b51cc16a853680382f
SHA256: 71e5681c079048598dd305e228cf14dcff7d3a0817cdece0cd1792ac7453f566
File size: 9885 bytes
06.12.2010, 23:18
Nexus

File name:
firefox-update.exe
Submission date:
2010-12-06 20:13:22 (UTC)
Current status:
finished
Result:
15/ 43 (34.9%)

[quote][I]Antivirus results[/I]
AhnLab-V3 2010.12.06.01 2010.12.06 [COLOR="Red"]Trojan/Win32.FakeAV[/COLOR]
AntiVir 7.10.14.201 2010.12.06 -
Antiy-AVL 2.0.3.7 2010.12.06 -
Avast 4.8.1351.0 2010.12.06 -
Avast5 5.0.677.0 2010.12.06 -
AVG 9.0.0.851 2010.12.06 -
BitDefender 7.2 2010.12.06 [COLOR="#ff0000"]Gen:Variant.Kazy.4874[/COLOR]
CAT-QuickHeal 11.00 2010.12.06 -
ClamAV 0.96.4.0 2010.12.06 -
Command 5.2.11.5 2010.12.06 [COLOR="#ff0000"]W32/Renos.A!Generic[/COLOR]
Comodo 6964 2010.12.06 [COLOR="#ff0000"]MalCrypt.Indus![/COLOR]
DrWeb 5.0.2.03300 2010.12.06 -
Emsisoft 5.0.0.50 2010.12.06 -
eSafe 7.0.17.0 2010.12.05 -
eTrust-Vet 36.1.8018 2010.12.05 [COLOR="#ff0000"]Win32/Renos.D!generic[/COLOR]
F-Prot 4.6.2.117 2010.12.06 [COLOR="#ff0000"]W32/Renos.A!Generic[/COLOR]
F-Secure 9.0.16160.0 2010.12.06 -
Fortinet 4.2.254.0 2010.12.06 -
GData 21 2010.12.06 [COLOR="#ff0000"]Gen:Variant.Kazy.4874[/COLOR]
Ikarus T3.1.1.90.0 2010.12.06 -
Jiangmin 13.0.900 2010.12.06 -
K7AntiVirus 9.70.3174 2010.12.06 [COLOR="#ff0000"]Virus[/COLOR]
Kaspersky 7.0.0.125 2010.12.06 -
McAfee 5.400.0.1158 2010.12.06 -
McAfee-GW-Edition 2010.1C 2010.12.06 [COLOR="#ff0000"]Heuristic.BehavesLike.Win32.Backdoor.H[/COLOR]
Microsoft 1.6402 2010.12.06 -
NOD32 5679 2010.12.06 -
Norman 6.06.10 2010.12.06 [COLOR="#ff0000"]W32/Obfuscated.M[/COLOR]
nProtect 2010-12-06.01 2010.12.06 -
Panda 10.0.2.7 2010.12.06 [COLOR="#ff0000"]Suspicious file[/COLOR]
PCTools 7.0.3.5 2010.12.06 -
Prevx 3.0 2010.12.06 [COLOR="#ff0000"]Medium Risk Malware[/COLOR]
Rising 22.76.06.04 2010.12.06 [COLOR="#ff0000"]Packer.Win32.Agent.bk[/COLOR]
Sophos 4.60.0 2010.12.06 [COLOR="#ff0000"]Mal/EncPk-ND[/COLOR]
SUPERAntiSpyware 4.40.0.1006 2010.12.06 -
Symantec 20101.2.0.161 2010.12.06 -
TheHacker 6.7.0.1.096 2010.12.06 -
TrendMicro 9.120.0.1004 2010.12.06 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.06 -
VBA32 3.12.14.2 2010.12.06 -
VIPRE 7537 2010.12.06 [COLOR="#ff0000"]VirTool.Win32.Obfuscator.hg!b1 (v)[/COLOR]
ViRobot 2010.12.6.4187 2010.12.06 -
VirusBuster 13.6.77.0 2010.12.06 -[/quote]

[I]File info:[/I]
MD5 : 7f5defc7ee63dfea9232ce7490317b48
SHA1 : 7df97500f67ca9991745ac8518cd6f7980544e2e
SHA256: 29977b585c69db323caa89b834d1330a13cc502f76433ffc6aee30582e90855c
19.12.2010, 23:16
zorro84

Пойман через флешки

File name:
services.exe
Submission date:
2010-12-19 20:08:42 (UTC)
Result:
28/ 43 (65.1%)

Antivirus Version Last Update Result
[B]AhnLab-V3 2010.12.20.00 2010.12.19 Win-Trojan/Securisk[/B]
[B]AntiVir 7.11.0.84 2010.12.19 TR/Agent.ayo.5[/B]
Antiy-AVL 2.0.3.7 2010.12.19 -
[B]Avast 4.8.1351.0 2010.12.19 Win32:Malware-gen[/B]
[B]Avast5 5.0.677.0 2010.12.19 Win32:Malware-gen[/B]
[B]AVG 9.0.0.851 2010.12.19 Agent2.BSHM[/B]
[B]BitDefender 7.2 2010.12.19 Trojan.Generic.5014159[/B]
[B]CAT-QuickHeal 11.00 2010.12.19 Trojan.Agent.fpdl[/B]
ClamAV 0.96.4.0 2010.12.19 -
Command 5.2.11.5 2010.12.19 -
[B]Comodo 7119 2010.12.19 UnclassifiedMalware[/B]
[B]DrWeb 5.0.2.03300 2010.12.19 Win32.HLLW.Autoruner.29931[/B]
[B]Emsisoft 5.1.0.1 2010.12.19 Trojan.Win32.Agent!IK[/B]
eSafe 7.0.17.0 2010.12.19 -
eTrust-Vet 36.1.8048 2010.12.17 -
F-Prot 4.6.2.117 2010.12.19 -
[B]F-Secure 9.0.16160.0 2010.12.19 Trojan.Generic.5014159[/B]
[B]Fortinet 4.2.254.0 2010.12.19 W32/Agent.FPDL!tr[/B]
[B]GData 21 2010.12.19 Trojan.Generic.5014159[/B]
[B]Ikarus T3.1.1.90.0 2010.12.19 Trojan.Win32.Agent[/B]
Jiangmin 13.0.900 2010.12.19 -
[B]K7AntiVirus 9.73.3286 2010.12.18 Trojan[/B]
[B]Kaspersky 7.0.0.125 2010.12.19 Trojan.Win32.Agent.fpdl[/B]
[B]McAfee 5.400.0.1158 2010.12.19 Artemis!63EDD8FC59B7[/B]
[B]McAfee-GW-Edition 2010.1C 2010.12.19 Artemis!63EDD8FC59B7[/B]
Microsoft 1.6402 2010.12.19 -
NOD32 5716 2010.12.19 -
Norman 6.06.12 2010.12.19 -
[B]nProtect 2010-12-19.01 2010.12.19 Trojan/W32.Agent.144896.CZ[/B]
[B]Panda 10.0.2.7 2010.12.19 Trj/CI.A[/B]
[B]PCTools 7.0.3.5 2010.12.19 Trojan.Gen[/B]
Prevx 3.0 2010.12.19 -
[B]Rising 22.78.05.00 2010.12.19 Trojan.Win32.Generic.5236BE5F[/B]
Sophos 4.60.0 2010.12.19 -
SUPERAntiSpyware 4.40.0.1006 2010.12.19 -
[B]Symantec 20101.3.0.103 2010.12.19 Trojan.Gen[/B]
[B]TheHacker 6.7.0.1.101 2010.12.15 Trojan/Agent.fpdl[/B]
[B]TrendMicro 9.120.0.1004 2010.12.19 TROJ_GEN.R74C3K9[/B]
[B]TrendMicro-HouseCall 9.120.0.1004 2010.12.19 TROJ_GEN.R74C3K9[/B]
[B]VBA32 3.12.14.2 2010.12.17 Trojan.Agent.fpdl[/B]
[B]VIPRE 7722 2010.12.19 Trojan.Win32.Generic!BT[/B]
ViRobot 2010.12.18.4208 2010.12.19 -
VirusBuster 13.6.102.0 2010.12.19 -
23.12.2010, 06:47
ISO

Очередной winlock, лежал в кеше IE +запись в userinit, shell + еще звери в system32
File name:
[B]flash_player[1].exe[/B]
Submission date:
2010-12-23 03:40:53 (UTC)
Result:
6/ 43 (14.0%)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.12.23.01 2010.12.22 -
AntiVir 7.11.0.144 2010.12.22 -
Antiy-AVL 2.0.3.7 2010.12.23 -
Avast 4.8.1351.0 2010.12.22 -
Avast5 5.0.677.0 2010.12.22 -
AVG 9.0.0.851 2010.12.23 -
[B]BitDefender 7.2 2010.12.23 Trojan.Generic.5250379[/B]
CAT-QuickHeal 11.00 2010.12.22 -
ClamAV 0.96.4.0 2010.12.23 -
Command 5.2.11.5 2010.12.23 -
Comodo 7155 2010.12.22 -
[B]DrWeb 5.0.2.03300 2010.12.23 Trojan.Winlock.2741[/B]
Emsisoft 5.1.0.1 2010.12.23 -
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8055 2010.12.22 -
F-Prot 4.6.2.117 2010.12.22 -
F-Secure 9.0.16160.0 2010.12.23 -
Fortinet 4.2.254.0 2010.12.21 -
[B]GData 21 2010.12.23 Trojan.Generic.5250379[/B]
Ikarus T3.1.1.90.0 2010.12.23 -
Jiangmin 13.0.900 2010.12.22 -
K7AntiVirus 9.74.3319 2010.12.22 -
[B]Kaspersky 7.0.0.125 2010.12.23 Trojan-Ransom.Win32.Gimemo.fc[/B]
McAfee 5.400.0.1158 2010.12.23 -
McAfee-GW-Edition 2010.1C 2010.12.22 -
Microsoft 1.6402 2010.12.22 -
NOD32 5726 2010.12.22 -
Norman 6.06.12 2010.12.22 -
nProtect 2010-12-22.01 2010.12.22 -
[B]Panda 10.0.2.7 2010.12.22 Suspicious file[/B]
PCTools 7.0.3.5 2010.12.23 -
Prevx 3.0 2010.12.23 -
Rising 22.79.02.01 2010.12.23 -
[B]Sophos 4.60.0 2010.12.23 Mal/FakeAV-BW[/B]
SUPERAntiSpyware 4.40.0.1006 2010.12.23 -
Symantec 20101.3.0.103 2010.12.23 -
TheHacker 6.7.0.1.104 2010.12.21 -
TrendMicro 9.120.0.1004 2010.12.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.23 -
VBA32 3.12.14.2 2010.12.21 -
VIPRE 7767 2010.12.23 -
ViRobot 2010.12.23.4215 2010.12.23 -
VirusBuster 13.6.108.0 2010.12.22 -[/QUOTE]
Additional information
Show all
MD5 : ef685c8811dec5511cbd3071464f3f20
SHA1 : 5408acb14dc1375884bac4a12626c889ebcecf7f
SHA256: e5288888e1760116b72f63ca68827c94bfaf18d52ae38fe01ee7ba4ec49fafa6
[url]http://www.virustotal.com/file-scan/report.html?id=e5288888e1760116b72f63ca68827c94bfaf18d52ae38fe01ee7ba4ec49fafa6-1293075653[/url]
24.12.2010, 17:23
Nexus

File name:
foto.exe
Submission date:
2010-12-24 14:17:12 (UTC)
Current status:
finished
Result:
7/ 43 (16.3%)

[quote]Antivirus Version Last update Result
AhnLab-V3 2010.12.24.00 2010.12.23 -
AntiVir 7.11.0.174 2010.12.24 -
Antiy-AVL 2.0.3.7 2010.12.24 -
Avast 4.8.1351.0 2010.12.24 -
Avast5 5.0.677.0 2010.12.24 -
[B]AVG 9.0.0.851 2010.12.24 Hosts[/B]
BitDefender 7.2 2010.12.24 -
CAT-QuickHeal 11.00 2010.12.24 -
ClamAV 0.96.4.0 2010.12.24 -
Command 5.2.11.5 2010.12.24 -
[B]Comodo 7172 2010.12.24 Heur.Suspicious[/B]
[B]DrWeb 5.0.2.03300 2010.12.24 Trojan.Qhost.3324[/B]
[B]Emsisoft 5.1.0.1 2010.12.24 Virus.Hosts!IK[/B]
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8059 2010.12.24 -
F-Prot 4.6.2.117 2010.12.24 -
F-Secure 9.0.16160.0 2010.12.24 -
Fortinet 4.2.254.0 2010.12.24 -
GData 21 2010.12.24 -
[B]Ikarus T3.1.1.90.0 2010.12.24 Virus.Hosts[/B]
Jiangmin 13.0.900 2010.12.24 -
K7AntiVirus 9.74.3335 2010.12.24 -
Kaspersky 7.0.0.125 2010.12.24 -
McAfee 5.400.0.1158 2010.12.24 -
McAfee-GW-Edition 2010.1C 2010.12.24 -
Microsoft 1.6402 2010.12.24 -
NOD32 5729 2010.12.24 -
[B]Norman 6.06.12 2010.12.24 W32/Malware[/B]
nProtect 2010-12-24.01 2010.12.24 -
Panda 10.0.2.7 2010.12.24 -
PCTools 7.0.3.5 2010.12.24 -
Prevx 3.0 2010.12.24 -
Rising 22.79.03.04 2010.12.24 -
Sophos 4.60.0 2010.12.24 -
SUPERAntiSpyware 4.40.0.1006 2010.12.24 -
Symantec 20101.3.0.103 2010.12.24 -
TheHacker 6.7.0.1.104 2010.12.21 -
TrendMicro 9.120.0.1004 2010.12.24 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.24 -
VBA32 3.12.14.2 2010.12.23 -
[B]VIPRE 7803 2010.12.24 Trojan.Win32.Generic!BT[/B]
ViRobot 2010.12.24.4218 2010.12.24 -
VirusBuster 13.6.111.0 2010.12.24 -
[/quote]

MD5: 3b8d792a232de5f2aaa37bdc9418a08b
SHA1: 6c47bc0d019fa99c58c2c075f90690a0f288a019
SHA256: 419bb73aac5835e0f6ed61fa6aac96210e90f3ea3e01c7334eaa669003c292ff
File size: 97913 bytes
26.12.2010, 00:50
Nvidia

File name:
srce.exe
Submission date:
2010-12-25 21:41:48 (UTC)
Current status:
queued queued (#1) analysing finished
Result:
11/ 43 (25.6%)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.12.26.00 2010.12.25 -
AntiVir 7.11.0.177 2010.12.25 -
Antiy-AVL 2.0.3.7 2010.12.25 -
Avast 4.8.1351.0 2010.12.25 -
Avast5 5.0.677.0 2010.12.25 -
AVG 9.0.0.851 2010.12.25 -
[B]BitDefender 7.2 2010.12.25 Trojan.Generic.KD.94098[/B]
CAT-QuickHeal 11.00 2010.12.25 -
ClamAV 0.96.4.0 2010.12.25 -
Command 5.2.11.5 2010.12.25 -
[B]Comodo 7185 2010.12.25 Heur.Suspicious
DrWeb 5.0.2.03300 2010.12.25 Trojan.Inject.18064
Emsisoft 5.1.0.1 2010.12.25 Trojan.Crypt!IK[/B]
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8060 2010.12.24 -
F-Prot 4.6.2.117 2010.12.25 -
[B]F-Secure 9.0.16160.0 2010.12.25 Trojan.Generic.KD.94098[/B]
Fortinet 4.2.254.0 2010.12.25 -
[B]GData 21 2010.12.25 Trojan.Generic.KD.94098
Ikarus T3.1.1.90.0 2010.12.25 Trojan.Crypt[/B]
Jiangmin 13.0.900 2010.12.25 -
K7AntiVirus 9.74.3335 2010.12.24 -
Kaspersky 7.0.0.125 2010.12.25 -
McAfee 5.400.0.1158 2010.12.25 -
McAfee-GW-Edition 2010.1C 2010.12.25 -
Microsoft 1.6402 2010.12.25 -
NOD32 5732 2010.12.25 -
Norman 6.06.12 2010.12.24 -
nProtect 2010-12-25.01 2010.12.25 -
[B]Panda 10.0.2.7 2010.12.25 Suspicious file[/B]
PCTools 7.0.3.5 2010.12.25 -
[B]Prevx 3.0 2010.12.25 High Risk Cloaked Malware[/B]
Rising 22.79.04.00 2010.12.25 -
Sophos 4.60.0 2010.12.25 -
[B]SUPERAntiSpyware 4.40.0.1006 2010.12.25 Trojan.Agent/Gen-Gameject[/B]
Symantec 20101.3.0.103 2010.12.25 -
TheHacker 6.7.0.1.105 2010.12.25 -
TrendMicro 9.120.0.1004 2010.12.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.25 -
VBA32 3.12.14.2 2010.12.24 -
[B]VIPRE 7823 2010.12.25 Trojan.Win32.Generic.pak!cobra[/B]
ViRobot 2010.12.25.4220 2010.12.25 -
VirusBuster 13.6.112.0 2010.12.25 -
[/QUOTE]

MD5 : e6499e33e6c53a01ebea24eff643625e
SHA1 : 9b0d5753b4b5c7879ebd86c278e2097ad48476bc
SHA256: b23ae5717d9e777928cb84c85f79f7eacfa837ee619cf504aa52df97cc218816

[size="1"][color="#666686"][B][I]Добавлено через 4 минуты[/I][/B][/color][/size]

File name:
image96523489.exe
Submission date:
2010-12-25 21:47:12 (UTC)
Current status:
queued (#1) queued (#1) analysing finished
Result:
10/ 41 (24.4%)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2010.12.26.00 2010.12.25 -
AntiVir 7.11.0.177 2010.12.25 -
Antiy-AVL 2.0.3.7 2010.12.25 -
Avast 4.8.1351.0 2010.12.25 -
Avast5 5.0.677.0 2010.12.25 -
AVG 9.0.0.851 2010.12.25 -
[B]BitDefender 7.2 2010.12.25 GenPack:Worm.FaceBlocker.B[/B]
CAT-QuickHeal 11.00 2010.12.25 -
ClamAV 0.96.4.0 2010.12.25 -
Command 5.2.11.5 2010.12.25 -
Comodo 7185 2010.12.25 P2PWorm.Win32.Palevo.GZA
DrWeb 5.0.2.03300 2010.12.25 -
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8060 2010.12.24 -
F-Prot 4.6.2.117 2010.12.25 -
[B]F-Secure 9.0.16160.0 2010.12.25 GenPack:Worm.FaceBlocker.B[/B]
Fortinet 4.2.254.0 2010.12.25 -
[B]GData 21 2010.12.25 GenPack:Worm.FaceBlocker.B
Ikarus T3.1.1.90.0 2010.12.25 Win32.SuspectCrc[/B]
Jiangmin 13.0.900 2010.12.25 -
K7AntiVirus 9.74.3335 2010.12.24 -
McAfee 5.400.0.1158 2010.12.25 -
[B]McAfee-GW-Edition 2010.1C 2010.12.25 -[/B]
Microsoft 1.6402 2010.12.25 -
NOD32 5732 2010.12.25 -
Norman 6.06.12 2010.12.24 -
[B]nProtect 2010-12-25.01 2010.12.25 GenPack:Worm.FaceBlocker.B[/B]
Panda 10.0.2.7 2010.12.25 -
PCTools 7.0.3.5 2010.12.25 -
Prevx 3.0 2010.12.25 -
Rising 22.79.04.00 2010.12.25 -
[B]Sophos 4.60.0 2010.12.25 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2010.12.25 Trojan.Agent/Gen-FakeAlert[/B]
Symantec 20101.3.0.103 2010.12.25 -
TheHacker 6.7.0.1.105 2010.12.25 -
TrendMicro 9.120.0.1004 2010.12.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.25 -
[B]VBA32 3.12.14.2 2010.12.24 Malware-Cryptor.Inject.gen
VIPRE 7823 2010.12.25 Trojan.Win32.Generic.pak!cobra[/B]
ViRobot 2010.12.25.4220 2010.12.25 -
VirusBuster 13.6.112.0 2010.12.25 -[/QUOTE]

MD5 : a65d7a1fda9ec0325195c5267699bd88
SHA1 : fbe6f92b43706c76aa11c94a95cab1f4f7d8ad4d
SHA256: aa985ebc69e695a1cc77b1a70ac74d21db131e034f84141a9d695cb4fdee7d62
06.01.2011, 20:42
Nvidia

File name: unlock.exe
Submission date: 2011-01-06 17:33:46 (UTC)
Current status: finished
Result: 4 /43 (9.3%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.01.06.01 2011.01.06 -
AntiVir 7.11.1.34 2011.01.05 -
Antiy-AVL 2.0.3.7 2011.01.06 -
Avast 4.8.1351.0 2011.01.06 -
Avast5 5.0.677.0 2011.01.06 -
AVG 9.0.0.851 2011.01.06 -
BitDefender 7.2 2011.01.06 -
CAT-QuickHeal 11.00 2011.01.06 -
ClamAV 0.96.4.0 2011.01.05 -
Command 5.2.11.5 2011.01.06 -
[B]Comodo 7315 2011.01.06 Heur.Suspicious [/B]
DrWeb 5.0.2.03300 2011.01.06 -
[B]Emsisoft 5.1.0.1 2011.01.06 Trojan.Win32.VkHost!IK [/B]
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet 36.1.8084 2011.01.06 -
F-Prot 4.6.2.117 2011.01.05 -
F-Secure 9.0.16160.0 2011.01.06 -
Fortinet 4.2.254.0 2011.01.06 -
GData 21 2011.01.06 -
[B]Ikarus T3.1.1.90.0 2011.01.06 Trojan.Win32.VkHost [/B]
Jiangmin 13.0.900 2011.01.06 -
K7AntiVirus 9.75.3461 2011.01.06 -
Kaspersky 7.0.0.125 2011.01.06 -
McAfee 5.400.0.1158 2011.01.06 -
McAfee-GW-Edition 2010.1C 2011.01.06 -
Microsoft 1.6402 2011.01.06 -
NOD32 5765 2011.01.06 -
Norman 6.06.12 2011.01.06 -
nProtect 2011-01-06.01 2011.01.06 -
Panda 10.0.2.7 2011.01.06 -
PCTools 7.0.3.5 2011.01.06 -
Prevx 3.0 2011.01.06 -
Rising 22.81.03.00 2011.01.06 -
[B]Sophos 4.60.0 2011.01.06 Mal/Generic-L [/B]
SUPERAntiSpyware 4.40.0.1006 2011.01.06 -
Symantec 20101.3.0.103 2011.01.06 -
TheHacker 6.7.0.1.111 2011.01.06 -
TrendMicro 9.120.0.1004 2011.01.06 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.06 -
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7976 2011.01.06 -
ViRobot 2011.1.6.4240 2011.01.06 -
VirusBuster 13.6.132.0 2011.01.06 -[/QUOTE]

MD5 : a3db3989ea2268719fc7d5ff49b6b5ae
SHA1 : 8aa872a068aff86350c635df7979d67161705f26
SHA256: ef2fc41fe7de6e354b9ff208384a1573ea5ce4d4975862d9eb07f86c3851ce4d
07.01.2011, 10:47
valho

File name: tam_vdali_za_rekoy.exe
Submission date: 2011-01-07 07:23:46 (UTC)
Current status: finished
Result: 5/ 42 (11.9%)
[QUOTE]AhnLab-V3 2011.01.07.00 2011.01.06 -
AntiVir 7.11.1.35 2011.01.06 -
Antiy-AVL 2.0.3.7 2011.01.07 -
[B]Avast 4.8.1351.0 2011.01.06 Win32:FraudTool-SB[/B]
[B]Avast5 5.0.677.0 2011.01.06 Win32:PUP-gen[/B]
AVG 9.0.0.851 2011.01.07 -
BitDefender 7.2 2011.01.07 -
CAT-QuickHeal 11.00 2011.01.06 -
ClamAV 0.96.4.0 2011.01.07 -
Command 5.2.11.5 2011.01.07 -
Comodo 7318 2011.01.06 -
[B]DrWeb 5.0.2.03300 2011.01.07 Trojan.SMSSend.240[/B]
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet 36.1.8085 2011.01.06 -
F-Prot 4.6.2.117 2011.01.06 -
F-Secure 9.0.16160.0 2011.01.07 -
Fortinet 4.2.254.0 2011.01.06 -
GData 21 2011.01.07 -
Ikarus T3.1.1.90.0 2011.01.07 -
Jiangmin 13.0.900 2011.01.07 -
K7AntiVirus 9.75.3461 2011.01.06 -
Kaspersky 7.0.0.125 2011.01.07 -
McAfee 5.400.0.1158 2011.01.07 -
McAfee-GW-Edition 2010.1C 2011.01.06 -
Microsoft 1.6402 2011.01.07 -
NOD32 5765 2011.01.06 -
Norman 6.06.12 2011.01.07 -
nProtect 2011-01-06.01 2011.01.06 -
[B]Panda 10.0.2.7 2011.01.06 Suspicious file[/B]
PCTools 7.0.3.5 2011.01.07 -
[B]Prevx 3.0 2011.01.07 High Risk Cloaked Malware[/B]
Rising 22.81.04.01 2011.01.07 -
Sophos 4.61.0 2011.01.07 -
SUPERAntiSpyware 4.40.0.1006 2011.01.07 -
Symantec 20101.3.0.103 2011.01.07 -
TheHacker 6.7.0.1.111 2011.01.06 -
TrendMicro 9.120.0.1004 2011.01.07 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.07 -
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7985 2011.01.07 -
ViRobot 2011.1.7.4241 2011.01.07 -
VirusBuster 13.6.132.0 2011.01.06 -[/QUOTE]
Additional information
MD5 : 26eaf5e434c6b4a577c4d0b8e6cbb6a1
SHA1 : a136ae5df8b10c6420d8150d1d1621c1423b8344
SHA256: 4f2f925774c0f9a043f48940cc5027e2b211b12d2213a90ae969c338377cd2a7
ssdeep: 196608:tj6bJXVuTs2aQ1FA/gOMg7pU3naNGm/Bwb:Qb1AkmA/X+fEwb
File size : 7948288 bytes

TrID:
UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%)
07.01.2011, 19:09
balu_1

Этот и следующий найдены в корне системного диска. КИС 2011 не видит в упор
File name:
gakjob.pif
Submission date:
2011-01-07 15:45:08 (UTC)
Result:
[COLOR=red]12[/COLOR]/ 42 (28.6%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.01.07.04 2011.01.07 -
AntiVir 7.11.1.54 2011.01.07 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2011.01.07 -
Avast 4.8.1351.0 2011.01.07 -
Avast5 5.0.677.0 2011.01.07 -
AVG 9.0.0.851 2011.01.07 Win32/Sality.dropper
BitDefender 7.2 2011.01.07 -
CAT-QuickHeal 11.00 2011.01.07 (Suspicious) - DNAScan
ClamAV 0.96.4.0 2011.01.07 -
Command 5.2.11.5 2011.01.07 W32/Sality.C.gen!Eldorado
Comodo 7327 2011.01.07 Win32.Kashu.RA
DrWeb 5.0.2.03300 2011.01.07 -
Emsisoft 5.1.0.1 2011.01.07 -
eTrust-Vet 36.1.8086 2011.01.07 -
F-Prot 4.6.2.117 2011.01.06 W32/Sality.C.gen!Eldorado
F-Secure 9.0.16160.0 2011.01.07 -
Fortinet 4.2.254.0 2011.01.07 -
GData 21 2011.01.07 -
Ikarus T3.1.1.90.0 2011.01.07 -
Jiangmin 13.0.900 2011.01.07 Trojan/Inject.lyc
K7AntiVirus 9.75.3472 2011.01.07 Trojan
Kaspersky 7.0.0.125 2011.01.07 -
McAfee 5.400.0.1158 2011.01.07 -
McAfee-GW-Edition 2010.1C 2011.01.07 -
Microsoft 1.6402 2011.01.07 -
NOD32 5767 2011.01.07 -
Norman 6.06.12 2011.01.07 -
nProtect 2011-01-07.01 2011.01.07 -
Panda 10.0.2.7 2011.01.07 W32/Sality.AK.drp
PCTools 7.0.3.5 2011.01.07 -
Prevx 3.0 2011.01.07 -
Rising 22.81.04.04 2011.01.07 Trojan.Win32.KUKU.a
Sophos 4.61.0 2011.01.07 Troj/SalLoad-C
SUPERAntiSpyware 4.40.0.1006 2011.01.07 -
Symantec 20101.3.0.103 2011.01.07 -
TheHacker 6.7.0.1.111 2011.01.06 -
TrendMicro 9.120.0.1004 2011.01.07 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.07 -
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7989 2011.01.07 -
ViRobot 2011.1.7.4242 2011.01.07 Trojan.Win32.Sality.103140
VirusBuster 13.6.133.0 2011.01.07 -
[/QUOTE]MD5 : 3369dba29e2ecce70cd8faa436df8420
SHA1 : b047b308735639a685d22bd95c82d9991ec4d1a7
SHA256: 50260cf30be8747434c813d7cab3c0d2aa042c4ad1283dea6d7b6f95ec815704

File name:
autorun.inf
Submission date:
2011-01-07 15:36:23 (UTC)
Result:
17/ 42 (40.5%)
[QUOTE]AhnLab-V3 2011.01.07.04 2011.01.07 -
AntiVir 7.11.1.54 2011.01.07 -
Antiy-AVL 2.0.3.7 2011.01.07 -
Avast 4.8.1351.0 2011.01.07 -
Avast5 5.0.677.0 2011.01.07 INF:AutoRun-gen
AVG 9.0.0.851 2011.01.07 Worm/AutoRun
BitDefender 7.2 2011.01.07 Trojan.AutorunINF.Gen
CAT-QuickHeal 11.00 2011.01.07 -
ClamAV 0.96.4.0 2011.01.07 -
Command 5.2.11.5 2011.01.07 -
Comodo 7327 2011.01.07 -
DrWeb 5.0.2.03300 2011.01.07 -
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet 36.1.8086 2011.01.07 -
F-Prot 4.6.2.117 2011.01.06 -
F-Secure 9.0.16160.0 2011.01.07 Trojan.AutorunINF.Gen
Fortinet 4.2.254.0 2011.01.07 INF/AutoRun!tr
GData 21 2011.01.07 Trojan.AutorunINF.Gen
Ikarus T3.1.1.90.0 2011.01.07 -
Jiangmin 13.0.900 2011.01.07 -
K7AntiVirus 9.75.3461 2011.01.06 -
Kaspersky 7.0.0.125 2011.01.07 -
McAfee 5.400.0.1158 2011.01.07 Generic!atr.b
McAfee-GW-Edition 2010.1C 2011.01.07 -
Microsoft 1.6402 2011.01.07 VirTool:INF/Autorun.gen
NOD32 5767 2011.01.07 INF/Autorun.gen
Norman 6.06.12 2011.01.07 -
nProtect 2011-01-07.01 2011.01.07 Trojan.AutorunINF.Gen
Panda 10.0.2.7 2011.01.07 BAT/Autorun.JUM
PCTools 7.0.3.5 2011.01.07 -
Prevx 3.0 2011.01.07 -
Rising 22.81.04.04 2011.01.07 -
Sophos 4.61.0 2011.01.07 Mal/AutoInf-B
SUPERAntiSpyware 4.40.0.1006 2011.01.07 -
Symantec 20101.3.0.103 2011.01.07 -
TheHacker 6.7.0.1.111 2011.01.06 Trojan/Autorun.gen
TrendMicro 9.120.0.1004 2011.01.07 Mal_Otorun1
TrendMicro-HouseCall 9.120.0.1004 2011.01.07 Mal_Otorun1
VBA32 3.12.14.2 2011.01.06 -
VIPRE 7988 2011.01.07 INF.Autorun (v)
ViRobot 2011.1.7.4242 2011.01.07 -
VirusBuster 13.6.133.0 2011.01.07 INF.Autorun.Gen[/QUOTE]MD5 : eed81b63a8a21196462e987ee8b0adcd
SHA1 : bc629f46db30c58adace0f0542694ee99e3051cf
SHA256: 3256cd97b8574ce7d37c9fa2fc923b47e17e51f57cadd70e00c068b8800112dc5ec815704
10.01.2011, 08:42
ISO

Очередной winlock, сидел в кеше IE, прописан был в параметре Shell куста реестра HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
File name:
[B]readme[1].exe[/B]
Submission date:
2011-01-10 04:43:58 (UTC)
Result:
1/ 43 (2.3%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.01.10.00 2011.01.09 -
AntiVir 7.11.1.58 2011.01.09 -
Antiy-AVL 2.0.3.7 2011.01.10 -
Avast 4.8.1351.0 2011.01.09 -
Avast5 5.0.677.0 2011.01.09 -
AVG 9.0.0.851 2011.01.10 -
BitDefender 7.2 2011.01.10 -
CAT-QuickHeal 11.00 2011.01.09 -
ClamAV 0.96.4.0 2011.01.10 -
Command 5.2.11.5 2011.01.10 -
Comodo 7347 2011.01.10 -
DrWeb 5.0.2.03300 2011.01.10 -
Emsisoft 5.1.0.1 2011.01.10 -
eSafe 7.0.17.0 2011.01.06 -
eTrust-Vet None 2011.01.07 -
F-Prot 4.6.2.117 2011.01.09 -
F-Secure 9.0.16160.0 2011.01.10 -
Fortinet 4.2.254.0 2011.01.09 -
GData 21 2011.01.10 -
Ikarus T3.1.1.90.0 2011.01.10 -
Jiangmin 13.0.900 2011.01.09 -
K7AntiVirus 9.75.3472 2011.01.07 -
Kaspersky 7.0.0.125 2011.01.10 -
McAfee 5.400.0.1158 2011.01.10 -
McAfee-GW-Edition 2010.1C 2011.01.09 -
Microsoft 1.6402 2011.01.09 -
NOD32 5772 2011.01.09 -
Norman 6.06.12 2011.01.09 -
nProtect 2011-01-09.01 2011.01.09 -
Panda 10.0.2.7 2011.01.09 -
PCTools 7.0.3.5 2011.01.10 -
Prevx 3.0 2011.01.10 -
Rising 22.82.00.00 2011.01.10 -
Sophos 4.61.0 2011.01.10 -
SUPERAntiSpyware 4.40.0.1006 2011.01.10 -
Symantec 20101.3.0.103 2011.01.10 -
TheHacker 6.7.0.1.112 2011.01.09 -
TrendMicro 9.120.0.1004 2011.01.09 -
[B]TrendMicro-HouseCall 9.120.0.1004 2011.01.10 TROJ_LOCKSCR.VTG[/B]
VBA32 3.12.14.2 2011.01.06 -
VIPRE 8014 2011.01.10 -
ViRobot 2011.1.10.4245 2011.01.10 -
VirusBuster 13.6.136.0 2011.01.09 -[/QUOTE]
Additional information
Show all
MD5 : b900d781b0146a8e771e60e7fe02495c
SHA1 : c6b9b47767653ac3132161628526320aa8a51493
SHA256: 0c2e852fdd4bb9f9ad7d16ab9d456af72afef8f442f659ac294a1eba6adfc56e
[url]http://www.virustotal.com/file-scan/report.html?id=0c2e852fdd4bb9f9ad7d16ab9d456af72afef8f442f659ac294a1eba6adfc56e-1294634638[/url]
13.01.2011, 16:18
Юльча

File name:xxx_video.exe
Submission date:2011-01-13 12:50:21 (UTC)
Result:[B]7/ 43 (16.3%)[/B]

[QUOTE]
Antivirus Version Last Update Result
AhnLab-V3 2011.01.13.00 2011.01.12 -
AntiVir 7.11.1.116 2011.01.13 -
Antiy-AVL 2.0.3.7 2011.01.13 -
[B]Avast 4.8.1351.0 2011.01.13 Win32: LockScreen-O
Avast5 5.0.677.0 2011.01.13 Win32: LockScreen-O[/B]
AVG 10.0.0.1190 2011.01.13 -
BitDefender 7.2 2011.01.13 -
CAT-QuickHeal 11.00 2011.01.13 -
ClamAV 0.96.4.0 2011.01.13 -
Command 5.2.11.5 2011.01.13 -
[B]Comodo 7379 2011.01.13 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.13 Trojan.Inject.19660[/B]
Emsisoft 5.1.0.1 2011.01.13 -
eSafe 7.0.17.0 2011.01.12 -
eTrust-Vet 36.1.8097 2011.01.13 -
F-Prot 4.6.2.117 2011.01.12 -
F-Secure 9.0.16160.0 2011.01.13 -
Fortinet 4.2.254.0 2011.01.13 -
[B]GData 21 2011.01.13 Win32: LockScreen-O[/B]
Ikarus T3.1.1.97.0 2011.01.13 -
Jiangmin 13.0.900 2011.01.13 -
K7AntiVirus 9.75.3523 2011.01.12 -
Kaspersky 7.0.0.125 2011.01.13 -
McAfee 5.400.0.1158 2011.01.13 -
McAfee-GW-Edition 2010.1C 2011.01.13 -
Microsoft 1.6402 2011.01.13 -
[B]NOD32 5783 2011.01.13 Win32/LockScreen.QX[/B]
Norman 6.06.12 2011.01.13 -
nProtect 2011-01-13.01 2011.01.13 -
[B]Panda 10.0.2.7 2011.01.12 Suspicious file[/B]
PCTools 7.0.3.5 2011.01.13 -
Prevx 3.0 2011.01.13 -
Rising 22.82.03.04 2011.01.13 -
Sophos 4.61.0 2011.01.13 -
SUPERAntiSpyware 4.40.0.1006 2011.01.13 -
Symantec 20101.3.0.103 2011.01.13 -
TheHacker 6.7.0.1.114 2011.01.13 -
TrendMicro 9.120.0.1004 2011.01.13 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.13 -
VBA32 3.12.14.2 2011.01.13 -
VIPRE 8058 2011.01.13 -
ViRobot 2011.1.13.4252 2011.01.13 -
VirusBuster 13.6.143.1 2011.01.13 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=c7a2b1fa119852cd1f2901fa84309378a68767ac92037cbea3a3ceda2ae37db8-1294923021"]report[/URL]
14.01.2011, 21:12
Юльча

File name:wing.exe
Submission date:2011-01-13 22:43:44 (UTC)
Result:4 /43 (9.3%)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.01.14.00 2011.01.13 -
[B]AntiVir 7.11.1.122 2011.01.13 Worm/Autorun.bzma[/B]
Antiy-AVL 2.0.3.7 2011.01.13 -
Avast 4.8.1351.0 2011.01.13 -
Avast5 5.0.677.0 2011.01.13 -
AVG 10.0.0.1190 2011.01.13 -
BitDefender 7.2 2011.01.13 -
CAT-QuickHeal 11.00 2011.01.13 -
ClamAV 0.96.4.0 2011.01.13 -
Command 5.2.11.5 2011.01.13 -
Comodo 7381 2011.01.13 -
DrWeb 5.0.2.03300 2011.01.13 -
[B]Emsisoft 5.1.0.1 2011.01.13 Backdoor.Gen2!IK[/B]
eSafe 7.0.17.0 2011.01.13 -
eTrust-Vet 36.1.8098 2011.01.13 -
F-Prot 4.6.2.117 2011.01.13 -
F-Secure 9.0.16160.0 2011.01.13 -
Fortinet 4.2.254.0 2011.01.13 -
GData 21 2011.01.13 -
[B]Ikarus T3.1.1.97.0 2011.01.13 Backdoor.Gen2[/B]
Jiangmin 13.0.900 2011.01.13 -
K7AntiVirus 9.75.3535 2011.01.13 -
[B]Kaspersky 7.0.0.125 2011.01.13 Worm.Win32.AutoRun.bzma[/B]
McAfee 5.400.0.1158 2011.01.13 -
McAfee-GW-Edition 2010.1C 2011.01.13 -
Microsoft 1.6402 2011.01.13 -
NOD32 5785 2011.01.13 -
Norman 6.06.12 2011.01.13 -
nProtect 2011-01-13.01 2011.01.13 -
Panda 10.0.2.7 2011.01.13 -
PCTools 7.0.3.5 2011.01.13 -
Prevx 3.0 2011.01.13 -
Rising 22.82.03.04 2011.01.13 -
Sophos 4.61.0 2011.01.13 -
SUPERAntiSpyware 4.40.0.1006 2011.01.13 -
Symantec 20101.3.0.103 2011.01.13 -
TheHacker 6.7.0.1.114 2011.01.13 -
TrendMicro 9.120.0.1004 2011.01.13 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.13 -
VBA32 3.12.14.2 2011.01.13 -
VIPRE 8064 2011.01.13 -
ViRobot 2011.1.13.4252 2011.01.13 -
VirusBuster 13.6.144.0 2011.01.13 -[/QUOTE]

[URL="http://www.virustotal.com/file-scan/report.html?id=90634d30466a97a903941148655fb393f52522146f2d89c52a70c797e45c3884-1294958624"]VT[/URL]
17.01.2011, 18:59
ISO

Очередной блокиратор windows< на этот раз прописан был в реестре в параметре shell профиля пользователя. Грузился из кэша Opera.
xxx_video_41774.avi.exe
Submission date:
2011-01-17 15:09:16 (UTC)
Result:
2 /43 (4.7%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.01.16.00 2011.01.16 -
AntiVir 7.11.1.153 2011.01.17 -
Antiy-AVL 2.0.3.7 2011.01.17 -
Avast 4.8.1351.0 2011.01.17 -
Avast5 5.0.677.0 2011.01.17 -
AVG 10.0.0.1190 2011.01.17 -
BitDefender 7.2 2011.01.17 -
CAT-QuickHeal 11.00 2011.01.17 -
ClamAV 0.96.4.0 2011.01.17 -
Command 5.2.11.5 2011.01.16 -
Comodo 7420 2011.01.17 -
DrWeb 5.0.2.03300 2011.01.17 -
Emsisoft 5.1.0.1 2011.01.17 -
eSafe 7.0.17.0 2011.01.17 -
eTrust-Vet 36.1.8104 2011.01.17 -
F-Prot 4.6.2.117 2011.01.16 -
F-Secure 9.0.16160.0 2011.01.17 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.17 -
Ikarus T3.1.1.97.0 2011.01.17 -
Jiangmin 13.0.900 2011.01.17 -
K7AntiVirus 9.75.3548 2011.01.14 -
Kaspersky 7.0.0.125 2011.01.17 -
McAfee 5.400.0.1158 2011.01.17 -
McAfee-GW-Edition 2010.1C 2011.01.17 -
[B]Microsoft 1.6402 2011.01.17 Trojan:Win32/Ransom.BY[/B]
NOD32 5793 2011.01.17 -
Norman 6.06.12 2011.01.17 -
nProtect 2011-01-17.01 2011.01.17 -
Panda 10.0.2.7 2011.01.16 -
PCTools 7.0.3.5 2011.01.17 -
Prevx 3.0 2011.01.17 -
Rising 22.83.00.03 2011.01.17 -
Sophos 4.61.0 2011.01.17 -
SUPERAntiSpyware 4.40.0.1006 2011.01.17 -
Symantec 20101.3.0.103 2011.01.17 -
TheHacker 6.7.0.1.115 2011.01.14 -
[B]TrendMicro 9.120.0.1004 2011.01.17 PAK_Generic.001[/B]
TrendMicro-HouseCall 9.120.0.1004 2011.01.17 -
VBA32 3.12.14.2 2011.01.17 -
VIPRE 8099 2011.01.17 -
ViRobot 2011.1.17.4259 2011.01.17 -
VirusBuster 13.6.150.0 2011.01.17 -[/QUOTE]
Additional information
Show all
MD5 : 42fcd8c9f0d04a9ff9f821a97640537e
SHA1 : e43c044fb8e456fccba6eeb9d436ff5d0d593c06
SHA256: 8241f904b3ec6c8b45211cf2226263ca73653a201eb4accb1eb9455fe342f2bf
[url]http://www.virustotal.com/file-scan/report.html?id=8241f904b3ec6c8b45211cf2226263ca73653a201eb4accb1eb9455fe342f2bf-1295276956[/url]
18.01.2011, 11:30
Юльча

File name: javaobe.jar
Submission date: 2011-01-18 07:56:57 (UTC)
Result: 3/ 43 (7.0%)

[QUOTE] Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.01.15.01 2011.01.15 -
AntiVir 7.11.1.163 2011.01.17 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.17 -
Avast5 5.0.677.0 2011.01.17 -
AVG 10.0.0.1190 2011.01.12 -
BitDefender 7.2 2011.01.18 -
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7427 2011.01.18 -
[B]DrWeb 5.0.2.03300 2011.01.18 Java.Downloader.164 [/B]
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.17 -
eTrust-Vet 36.1.8105 2011.01.17 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.17 -
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
[B]Kaspersky 7.0.0.125 2011.01.18 Trojan-Downloader.Java.OpenConnection.cw [/B]
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.17 -
Microsoft 1.6402 2011.01.18 -
[B]NOD32 5795 2011.01.17 a variant of Java/TrojanDownloader.OpenStream.NAY [/B]
Norman 6.06.12 2011.01.17 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.17 -
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.01 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.115 2011.01.14 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.17 -
VIPRE 8108 2011.01.18 -
ViRobot 2011.1.18.4260 2011.01.18 -
VirusBuster 13.6.151.0 2011.01.17 - [/QUOTE]

Additional informationShow all
MD5 : dfb15e56a0f61c49ea298edef2b0aac7
SHA1 : 9f570a76f1b8dd0ba86a1d9e36d80e53ec127c2d

[URL="http://www.virustotal.com/file-scan/report.html?id=ca2e6613c4bd7f2e1b70c1eb807cbab7b7f8fa5f1ab4b7f38461af13e58599f9-1295337417"]VT[/URL]
18.01.2011, 18:23
5ergi0

Очередной winlock, создает пару файлов в \windows - rundll.bat и nvcvc32.exe, в HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon меняет Shell на EXPLORER.EXE %WINDIR%\RUNDLL.BAT Номера телефонов - 3116 и 84444

File name:
nvcvc32.exe
Submission date:
2011-01-18 14:25:12 (UTC)
Current status:
finished
Result:
11 /43 (25.6%)

[QUOTE]Antivirus Version Last Update Result
[B]AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot[/B]
AntiVir 7.11.1.170 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
[B]BitDefender 7.2 2011.01.18 Trojan.Generic.KDV.112122[/B]
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
[B]Comodo 7431 2011.01.18 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.18 Trojan.Winlock.2884
Emsisoft 5.1.0.1 2011.01.18 Virus.Win32.Induc!IK[/B]
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 -
Fortinet 4.2.254.0 2011.01.16 -
[B]GData 21 2011.01.18 Trojan.Generic.KDV.112122
Ikarus T3.1.1.97.0 2011.01.18 Virus.Win32.Induc[/B]
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
[B]McAfee 5.400.0.1158 2011.01.18 Artemis!3B25DE57F5BA
McAfee-GW-Edition 2010.1C 2011.01.18 Artemis!3B25DE57F5BA
Microsoft 1.6402 2011.01.18 Virus:Win32/Induc.A
NOD32 5797 2011.01.18 Win32/Induc.A[/B]
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.17 -
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.115 2011.01.14 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8111 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.151.0 2011.01.17 -[/QUOTE]

Additional information

MD5 : 3b25de57f5baf962ded3b1f300f2a1c7
SHA1 : 7b86c12ee65224f0fb827306a9884b190efb81ca
SHA256: e485495c8a9e15deae56f78884706c7c30c881b485d0cd97b9b2136d35b37e6d

[URL="http://www.virustotal.com/file-scan/report.html?id=e485495c8a9e15deae56f78884706c7c30c881b485d0cd97b9b2136d35b37e6d-1295360712"]VT[/URL]
18.01.2011, 21:20
ISO

[B]0.701673132117444.exe[/B]
Submission date:
2011-01-18 18:00:53 (UTC)

Result:
2 /43 (4.7%)
[QUOTE]Antivirus Version Last Update Result
[B]AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot[/B]
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
BitDefender 7.2 2011.01.18 -
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7432 2011.01.18 -
DrWeb 5.0.2.03300 2011.01.18 -
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
F-Secure 9.0.16160.0 2011.01.18 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.18 -
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.18 -
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
[B]Panda 10.0.2.7 2011.01.18 Suspicious file[/B]
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -[/QUOTE]
Additional information
Show all
MD5 : 86680943c428158604eeecc98f05bb09
SHA1 : 9a1bfc7f652c613598b53bbf8fd3650365b630d8
SHA256: 7746f6b7ae6fa7c9ee3476214f87aee481938c39641e651fa2aeeb66bafbe287

File name:
0.4371517777213674.exe
Submission date:
2011-01-18 18:18:07 (UTC)
Result:
11/ 43 (25.6%)
[QUOTE]Antivirus Version Last Update Result
[B]AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot[/B]
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
[B]BitDefender 7.2 2011.01.18 Gen:Variant.Kazy.8575[/B]
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
[B]Comodo 7432 2011.01.18 Heur.Suspicious
DrWeb 5.0.2.03300 2011.01.18 Trojan.Winlock.2741
Emsisoft 5.1.0.1 2011.01.18 Gen.Variant.Kazy!IK[/B]
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
[B]F-Secure 9.0.16160.0 2011.01.18 Gen:Variant.Kazy.8575[/B]
Fortinet 4.2.254.0 2011.01.16 -
[B]GData 21 2011.01.18 Gen:Variant.Kazy.8575
Ikarus T3.1.1.97.0 2011.01.18 Gen.Variant.Kazy[/B]
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
[B]McAfee 5.400.0.1158 2011.01.18 Artemis!60AC4669D676
McAfee-GW-Edition 2010.1C 2011.01.18 Artemis!60AC4669D676[/B]
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
[B]Panda 10.0.2.7 2011.01.18 Suspicious file[/B]
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -[/QUOTE]
Additional information
Show all
MD5 : 60ac4669d676ab648b4f3b5963014ebb
SHA1 : 95941db7c452bc8a46ed134b35bbe14856cca6bc
SHA256: a5002de8515dc0e11692a1d774cd89a5a824097bff36e7622c5c243021fb4978

File name:
0.835926453763574.exe
Submission date:
2011-01-18 18:18:47 (UTC)
Result:
7/ 42 (16.7%)
[QUOTE]Antivirus Version Last Update Result
[B]AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot[/B]
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
[B]AVG 10.0.0.1190 2011.01.18 unknown virus Win32/DH.CAFF82016F
BitDefender 7.2 2011.01.18 Gen:Variant.Kazy.8575[/B]
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
[B]Comodo 7432 2011.01.18 Heur.Suspicious[/B]
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
[B]F-Secure 9.0.16160.0 2011.01.18 Gen:Variant.Kazy.8575[/B]
Fortinet 4.2.254.0 2011.01.16 -
[B]GData 21 2011.01.18 Gen:Variant.Kazy.8575[/B]
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.18 -
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
[B]Panda 10.0.2.7 2011.01.18 Suspicious file[/B]
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -[/QUOTE]
Additional information
Show all
MD5 : 9cbdf91f71253fa9ff3ee2a465d8d136
SHA1 : 13e1739dc00ab9316d42ba65359196fda13caa87
SHA256: 07054ca47514a542d15e8843abab8fb77277089f9ae711f02484a2f7f4578d66

File name:
0.8896806878863428.exe
Submission date:
2011-01-18 18:25:01 (UTC)
Result:
4/ 43 (9.3%)

[QUOTE]Antivirus Version Last Update Result
[B]AhnLab-V3 2011.01.18.00 2011.01.17 Trojan/Win32.Zbot[/B]
AntiVir 7.11.1.174 2011.01.18 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.18 -
Avast5 5.0.677.0 2011.01.18 -
AVG 10.0.0.1190 2011.01.18 -
[B]BitDefender 7.2 2011.01.18 Gen:Variant.Kazy.8581[/B]
CAT-QuickHeal 11.00 2011.01.18 -
ClamAV 0.96.4.0 2011.01.18 -
Commtouch 5.2.11.5 2011.01.18 -
Comodo 7432 2011.01.18 -
DrWeb 5.0.2.03300 2011.01.18 -
Emsisoft 5.1.0.1 2011.01.18 -
eSafe 7.0.17.0 2011.01.18 -
eTrust-Vet 36.1.8106 2011.01.18 -
F-Prot 4.6.2.117 2011.01.17 -
[B]F-Secure 9.0.16160.0 2011.01.18 Gen:Variant.Kazy.8581[/B]
Fortinet 4.2.254.0 2011.01.16 -
[B]GData 21 2011.01.18 Gen:Variant.Kazy.8581[/B]
Ikarus T3.1.1.97.0 2011.01.18 -
Jiangmin 13.0.900 2011.01.18 -
K7AntiVirus 9.77.3570 2011.01.18 -
Kaspersky 7.0.0.125 2011.01.18 -
McAfee 5.400.0.1158 2011.01.18 -
McAfee-GW-Edition 2010.1C 2011.01.18 -
Microsoft 1.6402 2011.01.18 -
NOD32 5797 2011.01.18 -
Norman 6.06.12 2011.01.18 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.18 -
PCTools 7.0.3.5 2011.01.18 -
Prevx 3.0 2011.01.18 -
Rising 22.83.01.03 2011.01.18 -
Sophos 4.61.0 2011.01.18 -
SUPERAntiSpyware 4.40.0.1006 2011.01.18 -
Symantec 20101.3.0.103 2011.01.18 -
TheHacker 6.7.0.1.116 2011.01.18 -
TrendMicro 9.120.0.1004 2011.01.18 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.18 -
VBA32 3.12.14.2 2011.01.18 -
VIPRE 8113 2011.01.18 -
ViRobot 2011.1.18.4261 2011.01.18 -
VirusBuster 13.6.152.1 2011.01.18 -[/QUOTE]
Additional information
Show all
MD5 : 2e20a5ac8eeefa55b92f3ffb673c46e5
SHA1 : f690d1df62c5a555196c4cd9b9c16cc3ec5b8ef4
SHA256: 098401201c235b663071d95dc0f1d487e25d79cb7a2a6fb62209683db4dd4bf1
21.01.2011, 20:46
amcenter

File name: system.exe
Submission date: 2011-01-21 17:02:15 (UTC)
Current status: finished
Result: 8 /43 (18.6%)
[QUOTE]
Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 -
AntiVir 7.11.1.210 2011.01.21 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.21 -
Avast5 5.0.677.0 2011.01.21 -
AVG 10.0.0.1190 2011.01.21 -
[b]BitDefender 7.2 2011.01.21 Trojan.Generic.KD.114491[/b]
CAT-QuickHeal 11.00 2011.01.21 -
ClamAV 0.96.4.0 2011.01.21 -
Commtouch 5.2.11.5 2011.01.21 -
[b]Comodo 7465 2011.01.21 TrojWare.Win32.Trojan.Agent.Gen[/b]
[b]DrWeb 5.0.2.03300 2011.01.21 Trojan.Click1.29439[/b]
Emsisoft 5.1.0.1 2011.01.21 -
eSafe 7.0.17.0 2011.01.20 -
eTrust-Vet 36.1.8114 2011.01.21 -
F-Prot 4.6.2.117 2011.01.20 -
F-Secure 9.0.16160.0 2011.01.21 -
[b]Fortinet 4.2.254.0 2011.01.21 W32/Refroso.AGEA!tr[/b]
[b]GData 21 2011.01.21 Trojan.Generic.KD.114491[/b]
Ikarus T3.1.1.97.0 2011.01.21 -
Jiangmin 13.0.900 2011.01.21 -
K7AntiVirus 9.77.3616 2011.01.21 -
Kaspersky 7.0.0.125 2011.01.21 -
McAfee 5.400.0.1158 2011.01.21 -
McAfee-GW-Edition 2010.1C 2011.01.21 -
Microsoft 1.6502 2011.01.21 -
[b]NOD32 5806 2011.01.21 Win32/AutoRun.Agent.WF[/b]
Norman 6.06.12 2011.01.21 -
nProtect 2011-01-18.01 2011.01.18 -
[b]Panda 10.0.2.7 2011.01.21 Suspicious file[/b]
PCTools 7.0.3.5 2011.01.21 -
Prevx 3.0 2011.01.21 -
Rising 23.41.04.06 2011.01.21 -
[b]Sophos 4.61.0 2011.01.21 Mal/Generic-L[/b]
SUPERAntiSpyware 4.40.0.1006 2011.01.21 -
Symantec 20101.3.0.103 2011.01.21 -
TheHacker 6.7.0.1.118 2011.01.21 -
TrendMicro 9.120.0.1004 2011.01.21 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.21 -
VBA32 3.12.14.3 2011.01.21 -
VIPRE 8143 2011.01.21 -
ViRobot 2011.1.21.4267 2011.01.21 -
VirusBuster 13.6.157.1 2011.01.21 -
Additional information
Show all
MD5 : ed14c178be5cb21d95020ec7db12a1c3
SHA1 : ac2c1ad6efc0115fa87f3e543da767a35753c3b0
SHA256: 7843b56666d385a27073c5d786b809d8ee6ab8eb438687ea1e187a3d0589856f
[/QUOTE]

[url]http://www.virustotal.com/file-scan/report.html?id=7843b56666d385a27073c5d786b809d8ee6ab8eb438687ea1e187a3d0589856f-1295629335[/url]

Анализ действий:
[url]http://www.threatexpert.com/report.aspx?md5=ed14c178be5cb21d95020ec7db12a1c3[/url]
23.01.2011, 10:20
Korvelle

Соц. сети это кладезь новых образцов.download_10285781-.zip.exe
Submission date:
2011-01-23 07:13:45 (UTC)
Result:
[COLOR=red]2[/COLOR]/ 43 (4.7%)
[RIGHT] [URL="http://www.virustotal.com/file-scan/report.html?id=feb0d01e8aa1a9bfd010243425b70aebcaee642ccfb186a4f47499ed1f0124fd-1295766825#"]Compact[/URL] [/RIGHT]
[QUOTE] Antivirus Version Last Update Result
AhnLab-V32011.01.18.002011.01.17-
AntiVir7.11.1.2162011.01.21-
Antiy-AVL2.0.3.72011.01.18-
Avast4.8.1351.02011.01.22-
Avast55.0.677.02011.01.22-
AVG10.0.0.11902011.01.23-
BitDefender7.22011.01.23-
CAT-QuickHeal11.002011.01.22-
ClamAV0.96.4.02011.01.23-
Commtouch5.2.11.52011.01.23-
Comodo74762011.01.23-
[B][COLOR=Red]DrWeb[/COLOR][/B][B][COLOR=Red]5.0.2.03300[/COLOR][/B][B][COLOR=Red]2011.01.23[/COLOR][/B][B][COLOR=Red]Trojan.SMSSend.326[/COLOR][/B]
Emsisoft5.1.0.12011.01.23-
eSafe7.0.17.02011.01.20-
eTrust-Vet36.1.81152011.01.21-
F-Prot4.6.2.1172011.01.22-
F-Secure9.0.16160.02011.01.23-
Fortinet4.2.254.02011.01.23-
GData212011.01.23-
IkarusT3.1.1.97.02011.01.23-
Jiangmin13.0.9002011.01.23-
K7AntiVirus9.77.36182011.01.22-
Kaspersky7.0.0.1252011.01.23-
McAfee5.400.0.11582011.01.23-
McAfee-GW-Edition2010.1C2011.01.22-
Microsoft1.65022011.01.23-
NOD3258092011.01.22-
Norman6.06.122011.01.22-
nProtect2011-01-18.012011.01.18-
Panda10.0.2.72011.01.22-
PCTools7.0.3.52011.01.22-
Prevx3.02011.01.23-
Rising23.41.05.032011.01.22-
[B][COLOR=Red]Sophos[/COLOR][/B][B][COLOR=Red]4.61.0[/COLOR][/B][B][COLOR=Red]2011.01.23[/COLOR][/B][B][COLOR=Red]Sus/ComPack-L[/COLOR][/B]
SUPERAntiSpyware4.40.0.10062011.01.22-
Symantec20101.3.0.1032011.01.23-
TheHacker6.7.0.1.1182011.01.21-
TrendMicro9.120.0.10042011.01.23-
TrendMicro-HouseCall9.120.0.10042011.01.23-
VBA323.12.14.32011.01.21-
VIPRE81632011.01.23-
ViRobot2011.1.22.42692011.01.22-
VirusBuster13.6.159.22011.01.22- [/QUOTE]
Additional information
Show all
MD5 : ec19535de1e6fdca70b978c199420b57 SHA1 : 7e79ddb7188fa629c5e2b1a420306c5b35ce8d84 SHA256: feb0d01e8aa1a9bfd010243425b70aebcaee642ccfb186a4f47499ed1f0124fd
26.01.2011, 12:59
Winsent

File name: avloader_2042-8_tty8.exe
Submission date: 2011-01-26 09:34:52 (UTC)
Current status: queued queued analysing finished
Result: 8/ 42 (19.0%)

[QUOTE]Compact Print results Antivirus Version Last Update Result

AhnLab-V3 2011.01.18.00 2011.01.17 -
AntiVir 7.11.1.245 2011.01.25 -
Antiy-AVL 2.0.3.7 2011.01.26 -
Avast 4.8.1351.0 2011.01.25 -
Avast5 5.0.677.0 2011.01.25 -
AVG 10.0.0.1190 2011.01.26 -
[COLOR="Red"][B]BitDefender 7.2 2011.01.26 Trojan.Generic.KD.117686 [/B][/COLOR]
CAT-QuickHeal 11.00 2011.01.25 -
ClamAV 0.96.4.0 2011.01.26 -
Commtouch 5.2.11.5 2011.01.26 -
[COLOR="red"][B]Comodo 7504 2011.01.26 Heur.Packed.Unknown[/B][/COLOR]
DrWeb 5.0.2.03300 2011.01.26 -
Emsisoft 5.1.0.1 2011.01.26 -
eSafe 7.0.17.0 2011.01.24 -
[COLOR="red"][B]eTrust-Vet 36.1.8120 2011.01.26 Win32/Renos.D!generic[/B][/COLOR]
F-Prot 4.6.2.117 2011.01.25 -
[COLOR="red"][B]F-Secure 9.0.16160.0 2011.01.26 Trojan.Generic.KD.117686[/B] [/COLOR]
Fortinet 4.2.254.0 2011.01.26 -
[COLOR="red"][B]GData 21 2011.01.26 Trojan.Generic.KD.117686[/B][/COLOR]
Ikarus T3.1.1.97.0 2011.01.26 -
Jiangmin 13.0.900 2011.01.26 -
K7AntiVirus 9.78.3647 2011.01.25 -
Kaspersky 7.0.0.125 2011.01.26 -
McAfee 5.400.0.1158 2011.01.26 -
McAfee-GW-Edition 2010.1C 2011.01.25 -
[COLOR="red"][B]Microsoft 1.6502 2011.01.26 Rogue:Win32/FakeXPA[/B][/COLOR]
NOD32 5819 2011.01.26 -
Norman 6.06.12 2011.01.26 -
nProtect 2011-01-18.01 2011.01.18 -
[COLOR="red"][B]Panda 10.0.2.7 2011.01.25 Suspicious file[/B][/COLOR]
PCTools 7.0.3.5 2011.01.26 -
[COLOR="red"][B]Prevx 3.0 2011.01.26 Medium Risk Malware[/B][/COLOR]
Rising 23.42.02.03 2011.01.26 -
Sophos 4.61.0 2011.01.26 -
SUPERAntiSpyware 4.40.0.1006 2011.01.26 -
Symantec 20101.3.0.103 2011.01.26 -
TheHacker 6.7.0.1.120 2011.01.26 -
TrendMicro 9.120.0.1004 2011.01.26 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.26 -
VIPRE 8200 2011.01.26 -
ViRobot 2011.1.26.4276 2011.01.26 -
VirusBuster 13.6.164.1 2011.01.25 -[/QUOTE]
31.01.2011, 15:55
big_boss

File name:
123242235.exe
Submission date:
2011-01-31 12:48:29 (UTC)
Current status:
finished
Result:
7/ 43 (16.3%) VT Community

not reviewed
Safety score: -

[QUOTE]Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.37 2011.01.31 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.01.31 -
Avast5 5.0.677.0 2011.01.31 -
AVG 10.0.0.1190 2011.01.31 -
BitDefender 7.2 2011.01.31 [B]Gen:Variant.Kazy.9799[/B]
CAT-QuickHeal 11.00 2011.01.31 -
ClamAV 0.96.4.0 2011.01.30 -
Commtouch 5.2.11.5 2011.01.31 -
Comodo 7552 2011.01.31 -
DrWeb 5.0.2.03300 2011.01.31 -
Emsisoft 5.1.0.1 2011.01.31 -
eSafe 7.0.17.0 2011.01.30 -
eTrust-Vet 36.1.8129 2011.01.31 -
F-Prot 4.6.2.117 2011.01.30 -
F-Secure 9.0.16160.0 2011.01.31 [B]Gen:Variant.Kazy.9799[/B]
Fortinet 4.2.254.0 2011.01.31 -
GData 21 2011.01.31 [B]Gen:Variant.Kazy.9799[/B]
Ikarus T3.1.1.97.0 2011.01.31 -
Jiangmin 13.0.900 2011.01.31 -
K7AntiVirus 9.78.3690 2011.01.31 -
Kaspersky 7.0.0.125 2011.01.31 -
McAfee 5.400.0.1158 2011.01.31 -
McAfee-GW-Edition 2010.1C 2011.01.31 -
Microsoft 1.6502 2011.01.31 -
NOD32 5833 2011.01.31 -
Norman 6.06.12 2011.01.30 -
nProtect 2011-01-31.01 2011.01.31 [B]Gen:Variant.Kazy.9799[/B]
Panda 10.0.3.5 2011.01.30 -
PCTools 7.0.3.5 2011.01.29 -
Prevx 3.0 2011.01.31 -
Rising 23.43.00.02 2011.01.31 [B][I][Suspicious][/I][/B]
Sophos 4.61.0 2011.01.31 -
SUPERAntiSpyware 4.40.0.1006 2011.01.30 -
Symantec 20101.3.0.103 2011.01.31 -
TheHacker 6.7.0.1.122 2011.01.30 -
TrendMicro 9.120.0.1004 2011.01.31 [B]TROJ_SPYEYE.SMEP[/B]
TrendMicro-HouseCall 9.120.0.1004 2011.01.31 [B]TROJ_SPYEYE.SMEP[/B]
VBA32 3.12.14.3 2011.01.31 -
VIPRE 8261 2011.01.31 -
ViRobot 2011.1.31.4284 2011.01.31 -
VirusBuster 13.6.173.1 2011.01.31 -[/QUOTE]
01.02.2011, 11:08
jurok04

SMS блокер, впервые был пойман 05.01.2011 -
сразу послан в ЛК лаб через helpdesk, 19.01.2011
вторичное заражение, отсылка в ЛК и Есет
(после чего в течение 24 часов появился детект Есет).
На сегодня (01.02.2011) ситуация такая:

File name: servercfg.exe
Submission date:
2011-02-01 07:47:04 (UTC)
Current status:
queued queued analysing finished
Result:
30/ 43 (69.8%)

[QUOTE]
Цитата:
[B][SIZE=3][FONT=Times New Roman]AhnLab-V3 2011.01.27.01 2011.01.27 Trojan/Win32.Gen [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]AntiVir 7.11.2.39 2011.01.31 TR/Crypt.FKM.Gen [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]Antiy-AVL 2.0.3.7 2011.01.28 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]Avast 4.8.1351.0 2011.01.31 Win32:Malware-gen [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Avast5 5.0.677.0 2011.01.31 Win32:Malware-gen [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]AVG 10.0.0.1190 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]BitDefender 7.2 2011.02.01 Trojan.Generic.5358855 [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]CAT-QuickHeal 11.00 2011.02.01 - [/FONT][/SIZE]
[SIZE=3][FONT=Times New Roman]ClamAV 0.96.4.0 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]Commtouch 5.2.11.5 2011.02.01 W32/VBTrojan.Downloader.1D!Maximus [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Comodo 7559 2011.01.31 UnclassifiedMalware [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]DrWeb 5.0.2.03300 2011.02.01 Trojan.Winlock.2804 [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Emsisoft 5.1.0.1 2011.02.01 Trojan.Crypt!IK [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]eSafe 7.0.17.0 2011.01.31 Win32.TRCrypt.Fkm [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]eTrust-Vet 36.1.8132 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]F-Prot 4.6.2.117 2011.01.31 W32/VBTrojan.Downloader.1D!Maximus [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]F-Secure 9.0.16160.0 2011.02.01 Trojan.Generic.5358855 [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]Fortinet 4.2.254.0 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]GData 21 2011.02.01 Trojan.Generic.5358855 [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Ikarus T3.1.1.97.0 2011.02.01 Trojan.Crypt [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]Jiangmin 13.0.900 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]K7AntiVirus 9.79.3702 2011.02.01 Trojan [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]Kaspersky 7.0.0.125 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]McAfee 5.400.0.1158 2011.02.01 Suspect-AB!A130EA2EE30C [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]McAfee-GW-Edition 2010.1C 2011.01.31 Heuristic.BehavesLike.Win32.Downloader.A [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Microsoft 1.6502 2011.02.01 Trojan:Win32/Msposer.A [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]NOD32 5835 2011.01.31 Win32/LockScreen.ACK [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Norman 6.06.12 2011.01.31 W32/Suspicious_Gen2.GKTSZ [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]nProtect 2011-01-31.01 2011.01.31 Trojan.Generic.5358855 [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Panda 10.0.3.5 2011.01.31 Trj/CI.A [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]PCTools 7.0.3.5 2011.01.31 Trojan.Gen [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]Prevx 3.0 2011.02.01 - [/FONT][/SIZE]
[SIZE=3][FONT=Times New Roman]Rising 23.43.01.00 2011.02.01 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]Sophos 4.61.0 2011.02.01 Sus/Behav-1021 [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]SUPERAntiSpyware 4.40.0.1006 2011.02.01 Adware.Vundo/Variant-MSFake [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]Symantec 20101.3.0.103 2011.02.01 Trojan.Gen [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]TheHacker 6.7.0.1.122 2011.01.30 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]TrendMicro 9.120.0.1004 2011.02.01 TROJ_GEN.R47C3AA [/FONT][/SIZE][/B]
[B][SIZE=3][FONT=Times New Roman]TrendMicro-HouseCall 9.120.0.1004 2011.02.01 TROJ_GEN.R47C3AA [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]VBA32 3.12.14.3 2011.01.31 - [/FONT][/SIZE]
[B][SIZE=3][FONT=Times New Roman]VIPRE 8271 2011.02.01 Trojan.Win32.Generic!BT [/FONT][/SIZE][/B]
[SIZE=3][FONT=Times New Roman]ViRobot 2011.2.1.4285 2011.02.01 - [/FONT][/SIZE]
[B][FONT=Times New Roman][SIZE=3]VirusBuster 13.6.174.0 2011.01.31 Trojan.LockScreen!gBMNhQgt4xg[/SIZE][/FONT][/B]
[/QUOTE]

[URL]http://www.virustotal.com/file-scan/report.html?id=01005d1b57bf0fdea43cbc41ffe95ae554db278ebf08ebc871ce59f86a8a5529-1296546424[/URL]
05.02.2011, 20:39
maksimog

Нашел на зараженном пк

[QUOTE]
File name:
pornoplayer.exe
Submission date:
2011-02-05 17:35:46 (UTC)
Current status:
queued queued analysing finished
Result:
2/ 43 (4.7%)

VT Community

malware
Safety score: 0.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.80 2011.02.04 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.02.05 -
Avast5 5.0.677.0 2011.02.05 -
AVG 10.0.0.1190 2011.02.05 -
BitDefender 7.2 2011.02.05 -
CAT-QuickHeal 11.00 2011.02.04 -
ClamAV 0.96.4.0 2011.02.05 -
Commtouch 5.2.11.5 2011.02.05 -
Comodo 7595 2011.02.04 -
DrWeb 5.0.2.03300 2011.02.05 -
Emsisoft 5.1.0.2 2011.02.05 -
eSafe 7.0.17.0 2011.02.03 -
eTrust-Vet 36.1.8141 2011.02.04 -
F-Prot 4.6.2.117 2011.02.04 -
F-Secure 9.0.16160.0 2011.02.05 -
Fortinet 4.2.254.0 2011.02.05 -
GData 21 2011.02.05 -
Ikarus T3.1.1.97.0 2011.02.05 -
Jiangmin 13.0.900 2011.02.05 -
K7AntiVirus 9.81.3752 2011.02.05 -
Kaspersky 7.0.0.125 2011.02.05 -
McAfee 5.400.0.1158 2011.02.05 -
McAfee-GW-Edition 2010.1C 2011.02.05 -
Microsoft 1.6502 2011.02.05 -
[B]NOD32 5849 2011.02.05 Win32/Agent.SFM
Norman 6.07.03 2011.02.05 W32/Obfuscated.DP1!genr[/B]
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.05 -
PCTools 7.0.3.5 2011.02.05 -
Prevx 3.0 2011.02.05 -
Rising 23.43.05.06 2011.02.05 -
Sophos 4.61.0 2011.02.05 -
SUPERAntiSpyware 4.40.0.1006 2011.02.05 -
Symantec 20101.3.0.103 2011.02.05 -
TheHacker 6.7.0.1.124 2011.02.04 -
TrendMicro 9.200.0.1012 2011.02.05 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.05 -
VBA32 3.12.14.3 2011.02.04 -
VIPRE 8317 2011.02.05 -
ViRobot 2011.2.5.4294 2011.02.05 -
VirusBuster 13.6.184.0 2011.02.05 -
[/QUOTE]
05.02.2011, 22:00
Iron Monk

[B]ICQ Trojan & KeyLogger[/B]
[QUOTE]File name:
MS_Helper.exe
Submission date:
2011-02-05 18:53:06 (UTC)
Current status:
finished
Result:
[B][COLOR="Red"]18[/COLOR][/B]/ 43 (41.9%) VT Community

Print results Antivirus Version Last Update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.80 2011.02.04 TR/Spy.Banker.Gen
Antiy-AVL 2.0.3.7 2011.01.28 Flooder/Win32.ICQBomber.gen
Avast 4.8.1351.0 2011.02.05 Win32:Malware-gen
Avast5 5.0.677.0 2011.02.05 Win32:Malware-gen
AVG 10.0.0.1190 2011.02.05 Generic19.BXMT
BitDefender 7.2 2011.02.05 Backdoor.Generic.529798
CAT-QuickHeal 11.00 2011.02.04 -
ClamAV 0.96.4.0 2011.02.05 BC.Heuristic.Trojan.SusPacked.TMS
Commtouch 5.2.11.5 2011.02.05 W32/Banload.E.gen!Eldorado
Comodo 7596 2011.02.05 -
DrWeb 5.0.2.03300 2011.02.05 -
Emsisoft 5.1.0.2 2011.02.05 IM-Flooder.Win32.ICQBomber!IK
eSafe 7.0.17.0 2011.02.03 -
eTrust-Vet 36.1.8141 2011.02.04 -
F-Prot 4.6.2.117 2011.02.04 W32/Banload.E.gen!Eldorado
F-Secure 9.0.16160.0 2011.02.05 Backdoor.Generic.529798
Fortinet 4.2.254.0 2011.02.05 -
GData 21 2011.02.05 Backdoor.Generic.529798
Ikarus T3.1.1.97.0 2011.02.05 IM-Flooder.Win32.ICQBomber
Jiangmin 13.0.900 2011.02.05 -
K7AntiVirus 9.81.3752 2011.02.05 Trojan
Kaspersky 7.0.0.125 2011.02.05 IM-Flooder.Win32.ICQBomber.js
McAfee 5.400.0.1158 2011.02.05 -
McAfee-GW-Edition 2010.1C 2011.02.05 -
Microsoft 1.6502 2011.02.05 -
NOD32 5849 2011.02.05 probably unknown NewHeur_PE
Norman 6.07.03 2011.02.05 -
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.05 Suspicious file
PCTools 7.0.3.5 2011.02.05 -
Prevx 3.0 2011.02.05 -
Rising 23.43.05.06 2011.02.05 -
Sophos 4.61.0 2011.02.05 -
SUPERAntiSpyware 4.40.0.1006 2011.02.05 -
Symantec 20101.3.0.103 2011.02.05 -
TheHacker 6.7.0.1.124 2011.02.04 -
TrendMicro 9.200.0.1012 2011.02.05 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.05 -
VBA32 3.12.14.3 2011.02.04 -
VIPRE 8318 2011.02.05 -
ViRobot 2011.2.5.4294 2011.02.05 -
VirusBuster 13.6.184.0 2011.02.05 Flooder.ICQBomber!fgx5BjLVkWo[/QUOTE]
08.02.2011, 19:14
maksimog

Пытался загрузится на каком то сайте

[QUOTE]
File name:
a409deaadc925c4386d12a379ae1cc79.malware
Submission date:
2011-02-08 16:04:55 (UTC)
Current status:
finished
Result:
6 /43 (14.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.02.06.00 2011.02.06 -
AntiVir 7.11.2.102 2011.02.08 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.02.08 -
Avast5 5.0.677.0 2011.02.08 -
AVG 10.0.0.1190 2011.02.08 -
BitDefender 7.2 2011.02.08 -
CAT-QuickHeal 11.00 2011.02.08 -
ClamAV 0.96.4.0 2011.02.08 -
Commtouch 5.2.11.5 2011.02.08 -
Comodo 7618 2011.02.08 -
DrWeb 5.0.2.03300 2011.02.08 -
Emsisoft 5.1.0.2 2011.02.08 -
eSafe 7.0.17.0 2011.02.06 -
eTrust-Vet 36.1.8146 2011.02.08 -
F-Prot 4.6.2.117 2011.02.04 -
F-Secure 9.0.16160.0 2011.02.08 -
Fortinet 4.2.254.0 2011.02.07 -
GData 21 2011.02.08 -
Ikarus T3.1.1.97.0 2011.02.08 -
Jiangmin 13.0.900 2011.02.08 -
K7AntiVirus 9.81.3788 2011.02.08 -
Kaspersky 7.0.0.125 2011.02.08 -
McAfee 5.400.0.1158 2011.02.08 -
[B]McAfee-GW-Edition 2010.1C 2011.02.08 Heuristic.BehavesLike.Win32.ModifiedUPX.C
Microsoft 1.6502 2011.02.08 Trojan:Win32/Whizelgo.A
NOD32 5856 2011.02.08 a variant of Win32/TrojanDownloader.FraudLoad.NAJ[/B]
Norman 6.07.03 2011.02.08 -
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.08 Trj/CI.A
PCTools 7.0.3.5 2011.02.07 -
Prevx 3.0 2011.02.08 -
Rising 23.44.01.06 2011.02.08 -
Sophos 4.61.0 2011.02.08 -
SUPERAntiSpyware 4.40.0.1006 2011.02.08 -
Symantec 20101.3.0.103 2011.02.08 -
TheHacker 6.7.0.1.126 2011.02.08 -
[B]TrendMicro 9.200.0.1012 2011.02.08 ADW_ZANGO
TrendMicro-HouseCall 9.200.0.1012 2011.02.08 ADW_ZANGO[/B]
VBA32 3.12.14.3 2011.02.08 -
VIPRE 8348 2011.02.08 -
ViRobot 2011.2.8.4299 2011.02.08 -
VirusBuster 13.6.189.0 2011.02.08 -
Additional information
Show all
MD5 : a409deaadc925c4386d12a379ae1cc79
SHA1 : 337472df125e40c70e4f23a44b1e0cfecdb1eb5b
SHA256: bf28c2cdbfbb1c951a0c8e5800cbcd6eeaf3f4d7ca290c4658ab80b94d2c499b

[/QUOTE]
11.02.2011, 11:03
ZhIV

File name: 0.6532615156020773.exe
Submission date: 2011-02-09 13:16:56 (UTC)
Current status: finished
Result: 23 /43 (53.5%)

[Quote]
[i]Antivirus results[/i]
AhnLab-V3 - 2011.02.06.00 - 2011.02.06 - [color=red]Trojan/Win32.Zbot [/color]
AntiVir - 7.11.2.107 - 2011.02.09 - [color=red]TR/Ransom.CP [/color]
Antiy-AVL - 2.0.3.7 - 2011.01.28 - -
Avast - 4.8.1351.0 - 2011.02.09 - [color=red]Win32:Malware-gen [/color]
Avast5 - 5.0.677.0 - 2011.02.09 - [color=red]Win32:Malware-gen [/color]
AVG - 10.0.0.1190 - 2011.02.09 - -
BitDefender - 7.2 - 2011.02.09 - [color=red]Trojan.Generic.KDV.127318 [/color]
CAT-QuickHeal - 11.00 - 2011.02.09 - -
ClamAV - 0.96.4.0 - 2011.02.09 - -
Commtouch - 5.2.11.5 - 2011.02.09 - -
Comodo - 7627 - 2011.02.09 - -
DrWeb - 5.0.2.03300 - 2011.02.09 - [color=red]Trojan.Winlock.2953 [/color]
Emsisoft - 5.1.0.2 - 2011.02.09 - [color=red]Trojan.Win32.LockScreen!IK [/color]
eSafe - 7.0.17.0 - 2011.02.08 - -
eTrust-Vet - 36.1.8149 - 2011.02.09 - -
F-Prot - 4.6.2.117 - 2011.02.04 - -
F-Secure - 9.0.16160.0 - 2011.02.09 - [color=red]Trojan.Generic.KDV.127318 [/color]
Fortinet - 4.2.254.0 - 2011.02.09 - -
GData - 21 - 2011.02.09 - [color=red]Trojan.Generic.KDV.127318 [/color]
Ikarus - T3.1.1.97.0 - 2011.02.09 - [color=red]Trojan.Win32.LockScreen [/color]
Jiangmin - 13.0.900 - 2011.02.09 - -
K7AntiVirus - 9.81.3796 - 2011.02.09 - -
Kaspersky - 7.0.0.125 - 2011.02.09 - [color=red]Trojan-Ransom.Win32.PornoCodec.bt [/color]
McAfee - 5.400.0.1158 - 2011.02.09 - [color=red]Artemis!83EB7FC3BE05 [/color]
McAfee-GW-Edition - 2010.1C - 2011.02.08 - [color=red]Artemis!83EB7FC3BE05 [/color]
Microsoft - 1.6502 - 2011.02.09 - [color=red]Trojan:Win32/Ransom.CP [/color]
NOD32 - 5858 - 2011.02.09 - [color=red]Win32/LockScreen.ACR [/color]
Norman - 6.07.03 - 2011.02.09 - [color=red]W32/Zbot.WTG [/color]
nProtect - 2011-01-27.01 - 2011.02.02 - -
Panda - 10.0.3.5 - 2011.02.08 - [color=red]Trj/CI.A [/color]
PCTools - 7.0.3.5 - 2011.02.09 - [color=red]Trojan.Generic [/color]
Prevx - 3.0 - 2011.02.09 - [color=red]Medium Risk Malware [/color]
Rising - 23.44.02.05 - 2011.02.09 - [color=red][Suspicious] [/color]
Sophos - 4.61.0 - 2011.02.09 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.02.09 - -
Symantec - 20101.3.0.103 - 2011.02.09 - [color=red]Trojan Horse [/color]
TheHacker - 6.7.0.1.126 - 2011.02.08 - -
TrendMicro - 9.200.0.1012 - 2011.02.09 - -
TrendMicro-HouseCall - 9.200.0.1012 - 2011.02.09 - -
VBA32 - 3.12.14.3 - 2011.02.08 - [color=red]Trojan-Ransom.ScreenLock.Pn [/color]
VIPRE - 8359 - 2011.02.09 - [color=red]Trojan.Win32.Generic!BT [/color]
ViRobot - 2011.2.9.4301 - 2011.02.09 - -
VirusBuster - 13.6.190.0 - 2011.02.09 - -[/quote]
File info:
MD5: 83eb7fc3be057ca452d66e54d5962f35
SHA1: d41f520c4b393e2763cc241021c49fa8486d77aa
SHA256: 6e2e7838b548370262dd78e45901fd570646990f16524fd1b572f4315d7d019b
16.02.2011, 08:42
Vadim_SVN

File name: 0.11796125916210298.exe
Date first seen: 2011-02-15 13:09:32 (UTC)
Result: [B][COLOR="Red"]4[/COLOR] /43[/B] (9.3%)
[QUOTE][B]AhnLab-V3 2011.02.14.02 2011.02.14 Trojan/Win32.Zbot[/B]
AntiVir 7.11.3.93 2011.02.15 -
Antiy-AVL 2.0.3.7 2011.02.15 -
Avast 4.8.1351.0 2011.02.16 -
Avast5 5.0.677.0 2011.02.16 -
AVG 10.0.0.1190 2011.02.16 -
BitDefender 7.2 2011.02.16 -
CAT-QuickHeal 11.00 2011.02.15 -
ClamAV 0.96.4.0 2011.02.16 -
Commtouch 5.2.11.5 2011.02.16 -
Comodo 7703 2011.02.16 -
DrWeb 5.0.2.03300 2011.02.16 -
Emsisoft 5.1.0.2 2011.02.16 -
eSafe 7.0.17.0 2011.02.15 -
eTrust-Vet 36.1.8161 2011.02.15 -
F-Prot 4.6.2.117 2011.02.15 -
F-Secure 9.0.16160.0 2011.02.16 -
Fortinet 4.2.254.0 2011.02.16 -
GData 21 2011.02.16 -
Ikarus T3.1.1.97.0 2011.02.16 -
Jiangmin 13.0.900 2011.02.15 -
K7AntiVirus 9.85.3859 2011.02.15 -
Kaspersky 7.0.0.125 2011.02.16 -
McAfee 5.400.0.1158 2011.02.16 -
McAfee-GW-Edition 2010.1C 2011.02.16 -
[B]Microsoft 1.6502 2011.02.15 Trojan:Win32/LockScreen.AO
NOD32 5878 2011.02.15 a variant of Win32/Kryptik.KSA[/B]
Norman 6.07.03 2011.02.15 -
nProtect 2011-02-10.01 2011.02.15 -
[B]Panda 10.0.3.5 2011.02.15 Suspicious file[/B]
PCTools 7.0.3.5 2011.02.16 -
Prevx 3.0 2011.02.16 -
Rising 23.45.01.06 2011.02.15 -
Sophos 4.61.0 2011.02.16 -
SUPERAntiSpyware 4.40.0.1006 2011.02.16 -
Symantec 20101.3.0.103 2011.02.16 -
TheHacker 6.7.0.1.131 2011.02.15 -
TrendMicro 9.200.0.1012 2011.02.16 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.15 -
VBA32 3.12.14.3 2011.02.15 -
VIPRE 8435 2011.02.16 -
ViRobot 2011.2.16.4312 2011.02.16 -
VirusBuster 13.6.202.1 2011.02.15 -[/QUOTE]
Additional information
Show all
MD5 : 9774f3c9e7a3ccca15b4286cb49d651d
SHA1 : 7e39ddade06bb41b76c939cf8bf802bf5eaca1a9
SHA256: 2b12b799fa3bbb882c11a94679140309f9e056057dd3ca71d86105566260df0d

[url]http://www.virustotal.com/file-scan/report.html?id=2b12b799fa3bbb882c11a94679140309f9e056057dd3ca71d86105566260df0d-1297827462[/url]

Сэмпл разослан.
Ответ DrWeb: Угроза: Trojan.Winlock.2741
08.03.2011, 01:55
amcenter

File name: AntiSpyWareSetup.exe
Submission date:
2011-03-07 21:59:27 (UTC)
Current status:
analysing finished
Result:
[b]5[/b]/ 43 (11.6%)

[quote]
Antivirus Version Last Update Result
AhnLab-V3 2011.03.07.06 2011.03.07 -
AntiVir 7.11.4.100 2011.03.07 -
Antiy-AVL 2.0.3.7 2011.03.06 -
Avast 4.8.1351.0 2011.03.07 -
Avast5 5.0.677.0 2011.03.07 -
AVG 10.0.0.1190 2011.03.07 -
BitDefender 7.2 2011.03.07 -
CAT-QuickHeal 11.00 2011.03.07 -
ClamAV 0.96.4.0 2011.03.07 -
Commtouch 5.2.11.5 2011.03.07 -
Comodo 7907 2011.03.07 -
DrWeb 5.0.2.03300 2011.03.07 -
Emsisoft 5.1.0.2 2011.03.07 -
eSafe 7.0.17.0 2011.03.07 -
[b]eTrust-Vet 36.1.8200 2011.03.07 Win32/Kelihos.BR[/b]
F-Prot 4.6.2.117 2011.03.07 -
F-Secure 9.0.16440.0 2011.03.07 -
Fortinet 4.2.254.0 2011.03.07 -
GData 21 2011.03.07 -
Ikarus T3.1.1.97.0 2011.03.07 -
Jiangmin 13.0.900 2011.03.07 -
K7AntiVirus 9.92.4048 2011.03.07 -
Kaspersky 7.0.0.125 2011.03.07 -
McAfee 5.400.0.1158 2011.03.07 -
McAfee-GW-Edition 2010.1C 2011.03.07 -
Microsoft 1.6603 2011.03.07 -
[b]NOD32 5934 2011.03.07 a variant of Win32/Kryptik.LKH[/b]
Norman 6.07.03 2011.03.07 -
nProtect 2011-02-10.01 2011.02.15 -
Panda 10.0.3.5 2011.03.07 -
PCTools 7.0.3.5 2011.03.07 -
Prevx 3.0 2011.03.07 -
Rising 23.48.00.06 2011.03.07 -
[b]Sophos 4.63.0 2011.03.07 Mal/FakeAV-IH[/b]
[b]SUPERAntiSpyware 4.40.0.1006 2011.03.07 Trojan.Agent/Gen-FraudLoad[/b]
Symantec 20101.3.0.103 2011.03.07 -
TheHacker 6.7.0.1.145 2011.03.06 -
TrendMicro 9.200.0.1012 2011.03.07 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.07 -
VBA32 3.12.14.3 2011.03.04 -
[b]VIPRE 8630 2011.03.07 FraudTool.Win32.SecurityShield.ek!e (v)[/b]
ViRobot 2011.3.7.4345 2011.03.07 -
VirusBuster 13.6.239.0 2011.03.07 -
Additional information
Show all
MD5 : 0103edbd091fc8068dff20175f1657df
SHA1 : 8e7f6a56fccd50432ddf09d792121b73ea11e573
SHA256: 1cd2e25695d085190a841c5a2cf59aff74a537cd89fd45d85bef631f9af3300f
[/quote]

ThreatExpert стал халтурить с подробным анализом,
от Комодо и Анубиса дали правильные соответствующие заключения.

PS. Что за ерунда с размещением ссылок [quote]Вы не можете размещать ссылки на другие сайты, изображения или видео, у вас пока недостаточно сообщений[/quote], получается нужно флудить?
14.03.2011, 00:18
Korvelle

Мой agnitum не захотел определять. Оказалось, он не один такой.

[B]File name:[/B] Nora Roberts - Angel Gabrielya_17258885-3217608.zip.exe
[B]Submission date:[/B] 2011-03-13 20:46:56 (UTC)
[B]Current status:[/B] finished
[B]Result:[/B] [COLOR="Red"]6[/COLOR]/ 43 (14.0%)
[QUOTE]
AhnLab-V3 2011.03.13.00 2011.03.12 -
[COLOR="red"]AntiVir 7.11.4.178 2011.03.13 TR/Crypt.XPACK.Gen3[/COLOR]
Antiy-AVL 2.0.3.7 2011.03.12 -
Avast 4.8.1351.0 2011.03.13 -
Avast5 5.0.677.0 2011.03.13 -
AVG 10.0.0.1190 2011.03.13 -
[COLOR="red"]BitDefender 7.2 2011.03.13 Gen:Variant.Adware.SMSHoax.14[/COLOR]
CAT-QuickHeal 11.00 2011.03.13 -
ClamAV 0.96.4.0 2011.03.13 -
Commtouch 5.2.11.5 2011.03.12 -
Comodo 7969 2011.03.13 -
DrWeb 5.0.2.03300 2011.03.13 -
Emsisoft 5.1.0.2 2011.03.13 -
eSafe 7.0.17.0 2011.03.13 -
eTrust-Vet 36.1.8211 2011.03.11 -
F-Prot 4.6.2.117 2011.03.13 -
[COLOR="red"]F-Secure 9.0.16440.0 2011.03.13 Gen:Variant.Adware.SMSHoax.14[/COLOR]
Fortinet 4.2.254.0 2011.03.13 -
[COLOR="red"]GData 21 2011.03.13 Gen:Variant.Adware.SMSHoax.14[/COLOR]
Ikarus T3.1.1.97.0 2011.03.13 -
Jiangmin 13.0.900 2011.03.13 -
K7AntiVirus 9.93.4087 2011.03.11 -
[COLOR="red"]Kaspersky 7.0.0.125 2011.03.13 Hoax.Win32.ArchSMS.hgzl[/COLOR]
McAfee 5.400.0.1158 2011.03.13 -
McAfee-GW-Edition 2010.1C 2011.03.13 -
Microsoft 1.6603 2011.03.13 -
[COLOR="Red"]NOD32 5950 2011.03.13 a variant of Win32/Hoax.ArchSMS.IK[/COLOR]
Norman 6.07.03 2011.03.13 -
nProtect 2011-02-10.01 2011.02.15 -
Panda 10.0.3.5 2011.03.13 -
PCTools 7.0.3.5 2011.03.11 -
Prevx 3.0 2011.03.13 -
Rising 23.48.05.03 2011.03.12 -
Sophos 4.63.0 2011.03.13 -
SUPERAntiSpyware 4.40.0.1006 2011.03.13 -
Symantec 20101.3.0.103 2011.03.13 -
TheHacker 6.7.0.1.149 2011.03.13 -
TrendMicro 9.200.0.1012 2011.03.13 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.13 -
VBA32 3.12.14.3 2011.03.12 -
VIPRE 8693 2011.03.13 -
ViRobot 2011.3.12.4354 2011.03.13 -
VirusBuster 13.6.248.0 2011.03.13 -[/QUOTE]
19.03.2011, 10:47
Nexus

Выловил пару минут назад.
File name:
avz00001.dta
Submission date:
2011-03-19 07:40:12 (UTC)
Current status:
finished
Result:
7/ 43 (16.3%)

[quote][COLOR="Red"]AhnLab-V3 2011.03.19.00 2011.03.18 Trojan/Win32.FakeAV[/COLOR]
AntiVir 7.11.5.1 2011.03.18 -
Antiy-AVL 2.0.3.7 2011.03.19 -
Avast 4.8.1351.0 2011.03.18 -
Avast5 5.0.677.0 2011.03.18 -
AVG 10.0.0.1190 2011.03.18 -
BitDefender 7.2 2011.03.19 -
CAT-QuickHeal 11.00 2011.03.19 -
ClamAV 0.96.4.0 2011.03.19 -
Commtouch 5.2.11.5 2011.03.18 -
[COLOR="#ff0000"]Comodo 8033 2011.03.19 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2011.03.19 BackDoor.Siggen.28461[/COLOR]
Emsisoft 5.1.0.2 2011.03.19 -
eSafe 7.0.17.0 2011.03.17 -
eTrust-Vet 36.1.8223 2011.03.18 -
F-Prot 4.6.2.117 2011.03.18 -
F-Secure 9.0.16440.0 2011.03.18 -
Fortinet 4.2.254.0 2011.03.19 -
GData 21 2011.03.19 -
Ikarus T3.1.1.97.0 2011.03.19 -
Jiangmin 13.0.900 2011.03.18 -
K7AntiVirus 9.94.4145 2011.03.18 -
[COLOR="#ff0000"]Kaspersky 7.0.0.125 2011.03.19 Trojan.Win32.Agent.hpet[/COLOR]
McAfee 5.400.0.1158 2011.03.19 -
McAfee-GW-Edition 2010.1C 2011.03.19 -
Microsoft 1.6603 2011.03.19 -
[COLOR="#ff0000"]NOD32 5967 2011.03.18 a variant of Win32/Kryptik.LRF[/COLOR]
Norman 6.07.03 2011.03.18 -
nProtect 2011-02-10.01 2011.02.15 -
Panda 10.0.3.5 2011.03.18 -
PCTools 7.0.3.5 2011.03.19 -
[COLOR="#ff0000"]Prevx 3.0 2011.03.19 Medium Risk Malware[/COLOR]
Rising 23.49.04.05 2011.03.18 -
[COLOR="#ff0000"]Sophos 4.63.0 2011.03.19 Mal/FakeAV-IS[/COLOR]
SUPERAntiSpyware 4.40.0.1006 2011.03.19 -
Symantec 20101.3.0.103 2011.03.19 -
TheHacker 6.7.0.1.151 2011.03.18 -
TrendMicro 9.200.0.1012 2011.03.19 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.19 -
VBA32 3.12.14.3 2011.03.18 -
VIPRE 8750 2011.03.19 -
ViRobot 2011.3.19.4365 2011.03.19 -
VirusBuster 13.6.256.1 2011.03.18 -[/quote]

MD5 : 491ff648f66cce66581da477cebe920a
SHA1 : bd83923831e9a879d0923d034a91d0ab0bca7450

[url]http://www.virustotal.com/file-scan/report.html?id=b22c3f26ba2d3ea144f11221fc922fbc2b046ca6a6ee3d8443ce410ff2d6530c-1300520412#[/url]
19.03.2011, 11:39
Korvelle

Странно что справляются с этим не все.

File name: Install_Flash-Player.exe
Submission date: 2011-03-19 08:10:24 (UTC)
Current status: finished
Result:[COLOR="Red"] 20[/COLOR] /42 (47.6%)

[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.03.19.00 2011.03.18 -
[COLOR="red"]AntiVir 7.11.5.1 2011.03.18 TR/ScreenLogger.A[/COLOR]
Antiy-AVL 2.0.3.7 2011.03.19 -
[COLOR="red"]Avast 4.8.1351.0 2011.03.18 Win32:Malware-gen
Avast5 5.0.677.0 2011.03.18 Win32:Malware-gen
AVG 10.0.0.1190 2011.03.18 Generic21.AOVJ
BitDefender 7.2 2011.03.19 Trojan.Generic.KDV.156942[/COLOR]
CAT-QuickHeal 11.00 2011.03.19 -
ClamAV 0.96.4.0 2011.03.19 -
Commtouch 5.2.11.5 2011.03.18 -
Comodo 8033 2011.03.19 -
[COLOR="red"]DrWeb 5.0.2.03300 2011.03.19 Trojan.Winlock.3170[/COLOR]
eSafe 7.0.17.0 2011.03.17 -
[COLOR="red"]eTrust-Vet 36.1.8223 2011.03.18 Win32/FakeAV.RKH[/COLOR]
F-Prot 4.6.2.117 2011.03.18 -
F-Secure 9.0.16440.0 2011.03.18 -
Fortinet 4.2.254.0 2011.03.19 -
[COLOR="red"]GData 21 2011.03.19 Trojan.Generic.KDV.156942
Ikarus T3.1.1.97.0 2011.03.19 Trojan.Win32.Fakewarn[/COLOR]
Jiangmin 13.0.900 2011.03.18 -
K7AntiVirus 9.94.4145 2011.03.18 -
[COLOR="red"]Kaspersky 7.0.0.125 2011.03.19 Trojan.Win32.FakeWarn.d[/COLOR]
McAfee 5.400.0.1158 2011.03.19 -
McAfee-GW-Edition 2010.1C 2011.03.19 -
[COLOR="red"]Microsoft 1.6603 2011.03.19 Trojan:Win32/Serubsit.A
NOD32 5967 2011.03.18 Win32/LockScreen.AFD
Norman 6.07.03 2011.03.18 W32/LockScreen.R[/COLOR]
nProtect 2011-02-10.01 2011.02.15 -
[COLOR="red"]Panda 10.0.3.5 2011.03.18 Generic Trojan
PCTools 7.0.3.5 2011.03.19 Trojan.Gen
Prevx 3.0 2011.03.19 High Risk Cloaked Malware[/COLOR]
Rising 23.49.04.05 2011.03.18 -
Sophos 4.63.0 2011.03.19 -
[COLOR="red"]SUPERAntiSpyware 4.40.0.1006 2011.03.19 Trojan.Agent/Gen-Frauder
Symantec 20101.3.0.103 2011.03.19 Trojan.Gen[/COLOR]
TheHacker 6.7.0.1.151 2011.03.18 -
TrendMicro 9.200.0.1012 2011.03.19 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.19 -
[COLOR="red"]VBA32 3.12.14.3 2011.03.18 Trojan.FakeWarn.d
VIPRE 8750 2011.03.19 Trojan.Win32.Generic.pak!cobra[/COLOR]
ViRobot 2011.3.19.4366 2011.03.19 -
VirusBuster 13.6.256.1 2011.03.18 -[/QUOTE]
21.03.2011, 18:33
5ergi0

File name: 30E5392F00F8BBDBC0F800059F0FCD0025F7E997.dll
Submission date: 2011-03-21 10:02:08 (UTC)
Current status: finished
Result: 3 /41 (7.3%)

[QUOTE][i]Antivirus results[/i]
AhnLab-V3 - 2011.03.21.01 - 2011.03.21 - -
AntiVir - 7.11.5.3 - 2011.03.21 - -
Antiy-AVL - 2.0.3.7 - 2011.03.20 - -
Avast - 4.8.1351.0 - 2011.03.20 - -
Avast5 - 5.0.677.0 - 2011.03.20 - -
AVG - 10.0.0.1190 - 2011.03.20 - -
BitDefender - 7.2 - 2011.03.21 - -
CAT-QuickHeal - 11.00 - 2011.03.21 - -
ClamAV - 0.96.4.0 - 2011.03.20 - -
Commtouch - 5.2.11.5 - 2011.03.21 - -
Comodo - 8055 - 2011.03.21 - -
DrWeb - 5.0.2.03300 - 2011.03.21 - [color=red]Trojan.Siggen.64625 [/color]
eSafe - 7.0.17.0 - 2011.03.17 - -
eTrust-Vet - 36.1.8226 - 2011.03.21 - -
F-Prot - 4.6.2.117 - 2011.03.20 - -
F-Secure - 9.0.16440.0 - 2011.03.21 - -
Fortinet - 4.2.254.0 - 2011.03.21 - -
GData - 21 - 2011.03.21 - -
Ikarus - T3.1.1.97.0 - 2011.03.21 - [color=red]Trojan.Win32.Zapchast [/color]
Jiangmin - 13.0.900 - 2011.03.21 - -
K7AntiVirus - 9.94.4155 - 2011.03.19 - -
McAfee - 5.400.0.1158 - 2011.03.21 - -
McAfee-GW-Edition - 2010.1C - 2011.03.21 - -
Microsoft - 1.6603 - 2011.03.21 - -
NOD32 - 5969 - 2011.03.20 - -
Norman - 6.07.03 - 2011.03.20 - -
nProtect - 2011-02-10.01 - 2011.02.15 - -
Panda - 10.0.3.5 - 2011.03.20 - [color=red]Suspicious file [/color]
PCTools - 7.0.3.5 - 2011.03.21 - -
Prevx - 3.0 - 2011.03.21 - -
Rising - 23.50.00.03 - 2011.03.21 - -
Sophos - 4.63.0 - 2011.03.21 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.03.20 - -
Symantec - 20101.3.0.103 - 2011.03.21 - -
TheHacker - 6.7.0.1.154 - 2011.03.21 - -
TrendMicro - 9.200.0.1012 - 2011.03.21 - -
TrendMicro-HouseCall - 9.200.0.1012 - 2011.03.21 - -
VBA32 - 3.12.14.3 - 2011.03.18 - -
VIPRE - 8769 - 2011.03.21 - -
ViRobot - 2011.3.21.4368 - 2011.03.21 - -
VirusBuster - 13.6.259.2 - 2011.03.20 - -
[i]File info:[/i]
MD5: a1bcfa6f36abc360430ee826153a4b92
SHA1: 59fd408dee0a330d37d26b9d702831980f628a26
SHA256: 6f2c3dbcef9bbfb462faef30afd0cc9c063dc5dd3221fb0af3e81b0ef1b53bf0
File size: 49152 bytes
Scan date: 2011-03-21 10:02:08 (UTC)[/QUOTE]
22.03.2011, 07:23
ISO

Очередной банер на рабочем столе.
[B]29966592.EXE[/B]
Submission date:
2011-03-22 04:09:34 (UTC)
Result:
11/ 43 (25.6%)
[QUOTE]Antivirus Version Last Update Result
AhnLab-V3 2011.03.22.01 2011.03.22 -
AntiVir 7.11.5.21 2011.03.22 -
Antiy-AVL 2.0.3.7 2011.03.22 -
[B]Avast 4.8.1351.0 2011.03.22 Win32:Zbot-MZQ
Avast5 5.0.677.0 2011.03.22 Win32:Zbot-MZQ[/B]
AVG 10.0.0.1190 2011.03.21 -
[B]BitDefender 7.2 2011.03.22 Gen:Variant.Oficla.11[/B]
CAT-QuickHeal 11.00 2011.03.22 -
ClamAV 0.96.4.0 2011.03.22 -
Commtouch 5.2.11.5 2011.03.22 -
Comodo 8062 2011.03.22 -
[B]DrWeb 5.0.2.03300 2011.03.21 Trojan.Packed.1905[/B]
Emsisoft 5.1.0.4 2011.03.22 -
eSafe 7.0.17.0 2011.03.21 -
eTrust-Vet 36.1.8228 2011.03.21 -
F-Prot 4.6.2.117 2011.03.22 -
[B]F-Secure 9.0.16440.0 2011.03.22 Gen:Variant.Oficla.11[/B]
Fortinet 4.2.254.0 2011.03.22 -
[B]GData 21 2011.03.22 Gen:Variant.Oficla.11[/B]
Ikarus T3.1.1.97.0 2011.03.22 -
Jiangmin 13.0.900 2011.03.21 -
K7AntiVirus 9.94.4169 2011.03.21 -
Kaspersky 7.0.0.125 2011.03.22 -
McAfee 5.400.0.1158 2011.03.22 -
McAfee-GW-Edition 2010.1C 2011.03.22 -
[B]Microsoft 1.6603 2011.03.21 VirTool:Win32/Obfuscator.DO
NOD32 5973 2011.03.22 a variant of Win32/Kryptik.LOD[/B]
Norman 6.07.03 2011.03.20 -
nProtect 2011-02-10.01 2011.02.15 -
[B]Panda 10.0.3.5 2011.03.21 Suspicious file[/B]
PCTools 7.0.3.5 2011.03.21 -
Prevx 3.0 2011.03.22 -
Rising 23.50.00.05 2011.03.21 -
[B]Sophos 4.63.0 2011.03.22 Mal/FakeAV-GQ[/B]
SUPERAntiSpyware 4.40.0.1006 2011.03.22 -
[B]Symantec 20101.3.0.103 2011.03.22 Suspicious.Cloud[/B]
TheHacker 6.7.0.1.154 2011.03.21 -
TrendMicro 9.200.0.1012 2011.03.21 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.22 -
VBA32 3.12.14.3 2011.03.21 -
VIPRE 8779 2011.03.22 -
ViRobot 2011.3.22.4369 2011.03.22 -
VirusBuster 13.6.261.0 2011.03.21 -[/QUOTE]
Additional information
Show all
MD5 : fdc223e81a4c60391f8b7422181aec0a
SHA1 : 146e82414ce508721fe63af6e2a6f374da034f21
[url]http://www.virustotal.com/file-scan/report.html?id=36e4fc5cdb2e22bf2262f47cc5bf2c30f4d71a573c02f5d27eeb1217bc8f3d21-1300766974[/url]
28.03.2011, 09:37
Vadim_SVN

На 25.03.2011
File name: WBVBZQC.DLL._BD09E6201922B14C02C8DA599E9B85B412E3DCB6
Submission date: 2011-03-25 12:42:40 (UTC)
[B]Result: [COLOR="Red"]3[/COLOR] /41 (7.3%)[/B]

[QUOTE]Полное имя C:\WINDOWS\SYSTEM32\WBVBZQC.DLL
Имя файла WBVBZQC.DLL
Статус АКТИВНЫЙ ?ВИРУС? ВНЕДРЯЕМЫЙ ПОДОЗРИТЕЛЬНЫЙ DLL в автозапуске
Размер 49152 байт
Создан 24.03.2011 в 20:40:10
Изменен 24.03.2011 в 20:40:10
Тип файла 32-х битный ИСПОЛНЯЕМЫЙ
Цифр. подпись проверка не производилась

Статус ПОДОЗРИТЕЛЬНЫЙ ОБЪЕКТ
Автозапуск Неизвестный файл использует ключ реестра часто используемый вирусами

Доп. информация на момент обновления списка
SHA1 BD09E6201922B14C02C8DA599E9B85B412E3DCB6

Процессы на момент обновления списка
Процесс C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Процесс C:\WINDOWS\SYSTEM32\SERVICES.EXE
Процесс C:\WINDOWS\SYSTEM32\LSASS.EXE
Процесс C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Процесс C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
Процесс C:\WINDOWS\EXPLORER.EXE
Процесс C:\WINDOWS\RTHDCPL.EXE
Процесс C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
Процесс C:\WINDOWS\SYSTEM32\HKCMD.EXE
Процесс C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
Процесс C:\WINDOWS\SYSTEM32\IGFXSRVC.EXE
Процесс C:\WINDOWS\SYSTEM32\CTFMON.EXE
Процесс C:\WINDOWS\SYSTEM32\MMC.EXE
Процесс C:\PROGRAM FILES\ICQ6TOOLBAR\ICQ SERVICE.EXE
Процесс C:\WINDOWS\SYSTEM32\ALG.EXE

[url]www.virustotal.com[/url] 2011-03-24 23:07:57 (UTC)
Panda Suspicious file
VIPRE Trojan-Downloader.Win32.Vundo.hiy (v)

Ссылки на объект
Ссылка HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Appinit_Dlls C:\WINDOWS\system32\wbvbzqc.dll[/QUOTE]

[CODE]Antivirus Version Last Update Result
AhnLab-V3 2011.03.25.01 2011.03.25 -
AntiVir 7.11.5.70 2011.03.25 -
Antiy-AVL 2.0.3.7 2011.03.25 -
Avast 4.8.1351.0 2011.03.25 -
Avast5 5.0.677.0 2011.03.25 -
AVG 10.0.0.1190 2011.03.25 -
BitDefender 7.2 2011.03.25 -
CAT-QuickHeal 11.00 2011.03.25 -
ClamAV 0.96.4.0 2011.03.25 -
Commtouch 5.2.11.5 2011.03.24 -
Comodo 8100 2011.03.25 -
[B]DrWeb 5.0.2.03300 2011.03.25 Trojan.Siggen.64625[/B]
eSafe 7.0.17.0 2011.03.24 -
eTrust-Vet 36.1.8235 2011.03.25 -
F-Prot 4.6.2.117 2011.03.24 -
F-Secure 9.0.16440.0 2011.03.23 -
Fortinet 4.2.254.0 2011.03.25 -
GData 21 2011.03.25 -
Ikarus T3.1.1.97.0 2011.03.25 -
Jiangmin 13.0.900 2011.03.25 -
K7AntiVirus 9.94.4211 2011.03.25 -
McAfee 5.400.0.1158 2011.03.25 -
McAfee-GW-Edition 2010.1C 2011.03.25 -
Microsoft 1.6702 2011.03.25 -
NOD32 5984 2011.03.25 -
Norman 6.07.03 2011.03.24 -
nProtect 2011-02-10.01 2011.02.15 -
[B]Panda 10.0.3.5 2011.03.24 Suspicious file[/B]
PCTools 7.0.3.5 2011.03.25 -
Prevx 3.0 2011.03.25 -
Rising 23.50.04.06 2011.03.25 -
Sophos 4.64.0 2011.03.25 -
SUPERAntiSpyware 4.40.0.1006 2011.03.25 -
Symantec 20101.3.0.103 2011.03.25 -
TheHacker 6.7.0.1.156 2011.03.24 -
TrendMicro 9.200.0.1012 2011.03.25 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.25 -
VBA32 3.12.14.3 2011.03.24 -
[B]VIPRE 8814 2011.03.25 Trojan-Downloader.Win32.Vundo.hiy (v)[/B]
ViRobot 2011.3.25.4376 2011.03.25 -
VirusBuster 13.6.269.0 2011.03.25 -

Additional information
MD5 : 46efe97461bbc760d6c7e63434f860ae
SHA1 : bd09e6201922b14c02c8da599e9b85b412e3dcb6
SHA256: 5f7cda113ce3c7acc84b8229afb1a425b4301dd6190ba30c78d4d9794e7442a7[/CODE]

Сэмпл разослан.
На 28.03.2011:
[CODE]File name: WBVBZQC.DLL._BD09E6201922B14C02C8DA599E9B85B412E3DCB6
Submission date: 2011-03-28 05:32:27 (UTC)
Result: 8/ 41 (19.5%)[/CODE]
25.04.2011, 14:58
ragalt

[B]File name:[/B]
avz00001.dta (ex. C:\ProgramData\22CC6C32.exe)
[B]Submission date:[/B]
2011-04-25 10:55:35 (UTC)
[B]Current status:[/B]
finished
[B]Result:[/B]
8/ 42 (19.0%)
Antivirus Version Last Update Result
AhnLab-V3 2011.04.25.02 2011.04.25 -
AntiVir 7.11.7.4 2011.04.25 -
Antiy-AVL 2.0.3.7 2011.04.25 -
Avast 4.8.1351.0 2011.04.24 -
[B]Avast5[/B] 5.0.677.0 2011.04.25 Win32:Malware-gen
[B]AVG[/B] 10.0.0.1190 2011.04.24 Generic22.STV
BitDefender 7.2 2011.04.25 -
CAT-QuickHeal 11.00 2011.04.24 -
ClamAV 0.97.0.0 2011.04.25 -
Commtouch 5.3.2.6 2011.04.25 -
[B]Comodo[/B] 8468 2011.04.25 Heur.Suspicious
DrWeb 5.0.2.03300 2011.04.25 -
Emsisoft 5.1.0.5 2011.04.25 -
eSafe 7.0.17.0 2011.04.24 -
eTrust-Vet 36.1.8289 2011.04.25 -
F-Prot 4.6.2.117 2011.04.25 -
F-Secure 9.0.16440.0 2011.04.25 -
Fortinet 4.2.257.0 2011.04.25 -
GData 22 2011.04.25 -
Ikarus T3.1.1.103.0 2011.04.25 -
Jiangmin 13.0.900 2011.04.24 -
K7AntiVirus 9.98.4458 2011.04.23 -
[B]Kaspersky [/B]9.0.0.837 2011.04.25 Trojan-Ransom.Win32.Agent.pv
McAfee 5.400.0.1158 2011.04.25 -
McAfee-GW-Edition 2010.1D 2011.04.24 -
Microsoft 1.6802 2011.04.25 -
NOD32 6068 2011.04.25 -
Norman 6.07.07 2011.04.25 -
[B]Panda [/B]10.0.3.5 2011.04.24 Suspicious file
PCTools 7.0.3.5 2011.04.21 -
Prevx 3.0 2011.04.25 -
Rising 23.54.06.06 2011.04.24 -
[B]Sophos [/B]4.64.0 2011.04.25 Mal/Generic-L
SUPERAntiSpyware 4.40.0.1006 2011.04.25 -
[B]Symantec [/B]20101.3.2.89 2011.04.25 Suspicious.Cloud
TheHacker 6.7.0.1.182 2011.04.24 -
TrendMicro 9.200.0.1012 2011.04.25 -
TrendMicro-HouseCall 9.200.0.1012 2011.04.25 -
VBA32 3.12.16.0 2011.04.22 -
[B]VIPRE [/B]9112 2011.04.25 Trojan.Win32.Generic!BT
ViRobot 2011.4.25.4427 2011.04.25 -
VirusBuster 13.6.319.2 2011.04.24 -
05.05.2011, 04:50
grobik

File name: [B]pack107_2112.exe[/B]

Submission date: 2011-05-05 00:33:25 (UTC)
Current status: finished

Result: [B][COLOR="Red"]2[/COLOR][/B]/ 41 ([B]4.9%[/B])

AhnLab-V3 2011.05.05.00 2011.05.04 -
AntiVir 7.11.7.150 2011.05.04 -
Antiy-AVL 2.0.3.7 2011.05.05 -
Avast 4.8.1351.0 2011.05.04 -
Avast5 5.0.677.0 2011.05.04 -
AVG 10.0.0.1190 2011.05.04 -
BitDefender 7.2 2011.05.04 -
CAT-QuickHeal 11.00 2011.05.04 -
ClamAV 0.97.0.0 2011.05.04 -
Commtouch 5.3.2.6 2011.05.04 -
Comodo 8584 2011.05.05 -
DrWeb 5.0.2.03300 2011.05.05 -
eSafe 7.0.17.0 2011.05.04 -
eTrust-Vet 36.1.8307 2011.05.04 -
F-Prot 4.6.2.117 2011.05.04 -
F-Secure 9.0.16440.0 2011.05.04 -
[B]Fortinet[/B] 4.2.257.0 2011.05.05 [B][COLOR="Red"]W32/Injector.fam!tr[/COLOR][/B]
GData 22 2011.05.05 -
Ikarus T3.1.1.103.0 2011.05.05 -
Jiangmin 13.0.900 2011.05.03 -
K7AntiVirus 9.100.4563 2011.05.04 -
Kaspersky 9.0.0.837 2011.05.05 -
McAfee 5.400.0.1158 2011.05.05 -
McAfee-GW-Edition 2010.1D 2011.05.05 -
Microsoft 1.6802 2011.05.04 -
NOD32 6095 2011.05.05 -
Norman 6.07.07 2011.05.04 -
[B]Panda[/B] 10.0.3.5 2011.05.04 [B][COLOR="red"]Suspicious file[/COLOR][/B]
PCTools 7.0.3.5 2011.05.04 -
Prevx 3.0 2011.05.05 -
Rising 23.56.02.06 2011.05.04 -
Sophos 4.64.0 2011.05.05 -
SUPERAntiSpyware 4.40.0.1006 2011.05.05 -
Symantec 20101.3.2.89 2011.05.04 -
TheHacker 6.7.0.1.187 2011.05.03 -
TrendMicro 9.200.0.1012 2011.05.04 -
TrendMicro-HouseCall 9.200.0.1012 2011.05.05 -
VBA32 3.12.16.0 2011.05.04 -
VIPRE 9193 2011.05.04 -
ViRobot 2011.5.4.4446 2011.05.05 -
VirusBuster 13.6.336.0 2011.05.04 -

MD5 : 6ab4e45ea9436cfef7353dd5f558fa48
SHA1 : 70bd3957c5ef45e773ff8c2a2437601e3b0c9dfb
SHA256: a28967aeea711fb66f1b6ad6797a8224f095100c7757de351e9107859931c702
ssdeep: 6144:cdz8D9j6LDKRajieMpgfdEiCATSxiqlo5CPIYfQbQKjFGep7:cVyjTbGfqATSM9CgFV
File size : 279552 bytes

First seen: 2011-05-05 00:33:25
Last seen : 2011-05-05 00:33:25

[url]http://www.virustotal.com/file-scan/report.html?id=a28967aeea711fb66f1b6ad6797a8224f095100c7757de351e9107859931c702-1304555605[/url]
08.05.2011, 13:28
ragalt

[B]File name:[/B]
virus
[B]Submission date:[/B]
2011-05-08 09:22:40 (UTC)
[B]Current status:[/B]
finished
[B]Result:[/B]
[COLOR="Red"][B]4/ 41 (9.8%)[/B][/COLOR]
Antivirus Version Last Update Result
AhnLab-V3 2011.05.08.00 2011.05.07 -
AntiVir 7.11.7.176 2011.05.06 -
Antiy-AVL 2.0.3.7 2011.05.08 -
Avast 4.8.1351.0 2011.05.07 -
Avast5 5.0.677.0 2011.05.07 -
AVG 10.0.0.1190 2011.05.07 -
[COLOR="Red"]BitDefender 7.2 2011.05.08 Gen:Variant.Kazy.22259[/COLOR]
CAT-QuickHeal 11.00 2011.05.08 -
ClamAV 0.97.0.0 2011.05.07 -
Commtouch 5.3.2.6 2011.05.07 -
[COLOR="Red"]Comodo 8623 2011.05.08 TrojWare.Win32.Trojan.Agent.Gen[/COLOR]
DrWeb 5.0.2.03300 2011.05.08 -
eSafe 7.0.17.0 2011.05.05 -
eTrust-Vet 36.1.8312 2011.05.06 -
F-Prot 4.6.2.117 2011.05.08 -
[COLOR="Red"]F-Secure 9.0.16440.0 2011.05.08 Gen:Variant.Kazy.22259[/COLOR]
Fortinet 4.2.257.0 2011.05.08 -
[COLOR="Red"]GData 22 2011.05.08 Gen:Variant.Kazy.22259[/COLOR]
Ikarus T3.1.1.103.0 2011.05.08 -
Jiangmin 13.0.900 2011.05.05 -
K7AntiVirus 9.102.4584 2011.05.06 -
Kaspersky 9.0.0.837 2011.05.08 -
McAfee 5.400.0.1158 2011.05.08 -
McAfee-GW-Edition 2010.1D 2011.05.07 -
Microsoft 1.6802 2011.05.08 -
NOD32 6103 2011.05.08 -
Norman 6.07.07 2011.05.07 -
Panda 10.0.3.5 2011.05.07 -
PCTools 7.0.3.5 2011.05.06 -
Prevx 3.0 2011.05.08 -
Rising 23.56.05.03 2011.05.07 -
Sophos 4.65.0 2011.05.08 -
SUPERAntiSpyware 4.40.0.1006 2011.05.08 -
Symantec 20101.3.2.89 2011.05.08 -
TheHacker 6.7.0.1.191 2011.05.08 -
TrendMicro 9.200.0.1012 2011.05.08 -
TrendMicro-HouseCall 9.200.0.1012 2011.05.08 -
VBA32 3.12.16.0 2011.05.08 -
VIPRE 9220 2011.05.08 -
ViRobot 2011.5.7.4450 2011.05.07 -
VirusBuster 13.6.342.0 2011.05.07 -
[B]Additional information[/B]
MD5 : cf9d54b50fd05a33551229a6d8c60182
SHA1 : cd777dfc1b98fb3fb38896d7fdf5725dc75d2452
SHA256: 659d7a1ea3131339333493d2f6fe51374c49d9fbbbf28c3fb769855c4fd57934
ssdeep: 3072:bquGM723Pa6DKL1Wm5mFWp7GnCdEhB6uSDpKxfNyWbWK1e8I01dMCMlz:bbl2/X2xWYmFW
Vh86uSDpgfNyWBtKCQ
File size : 196096 bytes
First seen: 2011-05-08 09:22:40
Last seen : 2011-05-08 09:22:40
TrID:
Win64 Executable Generic (80.9%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
DOS Executable Generic (1.8%)
sigcheck:
publisher....: [B]Panda Security, S.L.[/B]
copyright....: titmal
product......: Torpescence
description..: Norsk
original name: n/a
internal name: n/a
file version.: 5.1.7.2
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[url]http://www.virustotal.com/file-scan/report.html?id=659d7a1ea3131339333493d2f6fe51374c49d9fbbbf28c3fb769855c4fd57934-1304846560[/url]
22.05.2011, 19:41
Winsent

[i]Antivirus results[/i]

AhnLab-V3 - 2011.05.23.00 - 2011.05.22 - [color=red]Trojan/Win32.FakeAV [/color]
AntiVir - 7.11.8.89 - 2011.05.21 - -
Antiy-AVL - 2.0.3.7 - 2011.05.22 - -
Avast - 4.8.1351.0 - 2011.05.22 - -
Avast5 - 5.0.677.0 - 2011.05.22 - -
AVG - 10.0.0.1190 - 2011.05.22 - -
BitDefender - 7.2 - 2011.05.22 - -
CAT-QuickHeal - 11.00 - 2011.05.22 - [color=red](Suspicious) - DNAScan [/color]
ClamAV - 0.97.0.0 - 2011.05.22 - -
Commtouch - 5.3.2.6 - 2011.05.22 - -
Comodo - 8794 - 2011.05.22 - -
DrWeb - 5.0.2.03300 - 2011.05.22 - -
Emsisoft - 5.1.0.5 - 2011.05.22 - -
eSafe - 7.0.17.0 - 2011.05.19 - -
eTrust-Vet - 36.1.8339 - 2011.05.20 - -
F-Prot - 4.6.2.117 - 2011.05.22 - -
F-Secure - 9.0.16440.0 - 2011.05.22 - -
Fortinet - 4.2.257.0 - 2011.05.22 - -
GData - 22 - 2011.05.22 - -
Ikarus - T3.1.1.104.0 - 2011.05.22 - -
Jiangmin - 13.0.900 - 2011.05.22 - -
K7AntiVirus - 9.103.4693 - 2011.05.20 - -
Kaspersky - 9.0.0.837 - 2011.05.22 - -
McAfee - 5.400.0.1158 - 2011.05.22 - -
McAfee-GW-Edition - 2010.1D - 2011.05.21 - -
Microsoft - 1.6903 - 2011.05.22 - -
NOD32 - 6142 - 2011.05.22 - -
Norman - 6.07.07 - 2011.05.22 - -
nProtect - 2011-05-22.01 - 2011.05.22 - -
Panda - 10.0.3.5 - 2011.05.22 - -
PCTools - 7.0.3.5 - 2011.05.19 - -
Prevx - 3.0 - 2011.05.22 - -
Rising - 23.58.06.03 - 2011.05.22 - -
Sophos - 4.65.0 - 2011.05.22 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.05.22 - [color=red]Trojan.Agent/Gen-FakeAV [/color]
Symantec - 20111.1.0.186 - 2011.05.22 - -
TheHacker - 6.7.0.1.202 - 2011.05.20 - -
TrendMicro - 9.200.0.1012 - 2011.05.22 - -
TrendMicro-HouseCall - 9.200.0.1012 - 2011.05.22 - -
VBA32 - 3.12.16.0 - 2011.05.20 - -
VIPRE - 9355 - 2011.05.22 - [color=red]Trojan.Win32.Generic.pak!cobra [/color]
ViRobot - 2011.5.21.4472 - 2011.05.22 - -
VirusBuster - 13.6.367.0 - 2011.05.22 - -

[i]File info:[/i]
MD5: 0b316fb4ba1d367f629eacefc37a4fca
SHA1: 1d7154e00ae0d1fb71147cbf428d6e43c73a1700
SHA256: 88356f5066bc1e5a6d695de95e8aaee2bf35596bf85929abb5c569e56ea340ce
File size: 331776 bytes
02.06.2011, 15:55
Nexus

Очередной бесплатный подарок вконтакте...

File name:
VkGift.exe
Submission date:
2011-06-02 11:00:13 (UTC)
Current status:
finished
Result:
4 /42 (9.5%)

[quote][i]Antivirus results[/i]
AhnLab-V3 - 2011.06.02.01 - 2011.06.02 - -
AntiVir - 7.11.8.245 - 2011.06.02 - -
Antiy-AVL - 2.0.3.7 - 2011.06.02 - -
Avast - 4.8.1351.0 - 2011.06.02 - -
Avast5 - 5.0.677.0 - 2011.06.02 - -
AVG - 10.0.0.1190 - 2011.06.02 - -
BitDefender - 7.2 - 2011.06.02 - -
CAT-QuickHeal - 11.00 - 2011.06.02 - -
ClamAV - 0.97.0.0 - 2011.06.02 - -
Commtouch - 5.3.2.6 - 2011.06.02 - -
Comodo - 8917 - 2011.06.02 - -
DrWeb - 5.0.2.03300 - 2011.06.02 - -
eSafe - 7.0.17.0 - 2011.05.31 - -
eTrust-Vet - 36.1.8361 - 2011.06.01 - -
F-Prot - 4.6.2.117 - 2011.06.01 - -
F-Secure - 9.0.16440.0 - 2011.06.02 - -
Fortinet - 4.2.257.0 - 2011.06.02 - -
GData - 22 - 2011.06.02 - -
Ikarus - T3.1.1.104.0 - 2011.06.02 - -
Jiangmin - 13.0.900 - 2011.06.01 - [color=red]TrojanDownloader.Generic.cuk [/color]
K7AntiVirus - 9.104.4750 - 2011.06.01 - -
Kaspersky - 9.0.0.837 - 2011.06.02 - [color=red]Trojan.Win32.VkHost.fy [/color]
McAfee - 5.400.0.1158 - 2011.06.02 - -
McAfee-GW-Edition - 2010.1D - 2011.06.02 - [color=red]Heuristic.BehavesLike.Win32.ModifiedUPX.J!87 [/color]
Microsoft - 1.6903 - 2011.06.02 - -
NOD32 - 6173 - 2011.06.02 - -
Norman - 6.07.07 - 2011.06.02 - -
nProtect - 2011-06-02.01 - 2011.06.02 - -
Panda - 10.0.3.5 - 2011.06.01 - -
PCTools - 7.0.3.5 - 2011.06.01 - -
Prevx - 3.0 - 2011.06.02 - -
Rising - 23.60.03.03 - 2011.06.02 - [color=red]Suspicious [/color]
Sophos - 4.65.0 - 2011.06.02 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.06.02 - -
Symantec - 20111.1.0.186 - 2011.06.02 - -
TheHacker - 6.7.0.1.215 - 2011.06.02 - -
TrendMicro - 9.200.0.1012 - 2011.06.02 - -
TrendMicro-HouseCall - 9.200.0.1012 - 2011.06.02 - -
VBA32 - 3.12.16.0 - 2011.06.02 - -
VIPRE - 9461 - 2011.06.02 - -
ViRobot - 2011.6.2.4492 - 2011.06.02 - -
VirusBuster - 14.0.63.0 - 2011.06.02 - -[/quote]
[i]File info:[/i]
MD5: 319e97f2b1a0286f4f0eef9324bf55a9
SHA1: 8254f2e248fb63a176734c0f9b898e557e94514a
SHA256: 6ecaa64e0190c509c92c98a99c11669d9c3f1a85e42efb03d97447cc3b96593a
File size: 388096 bytes
Scan date: 2011-06-02 11:00:13 (UTC)

Показывать 40 сообщений этой темы на одной странице

Текущее время: 09:41. Часовой пояс GMT +3.

Page generated in 0.00870 seconds with 10 queries