Исследование антивирусов 7

File Inst_156.exe received on 2009.10.31 21:23:49 (UTC)
Result: 4/41 (9.76%)

[QUOTE]a-squared 4.5.0.41 2009.10.31 -
AhnLab-V3 5.0.0.2 2009.10.30 -
AntiVir 7.9.1.53 2009.10.30 -
Antiy-AVL 2.0.3.7 2009.10.30 -
Authentium 5.1.2.4 2009.10.31 -
Avast 4.8.1351.0 2009.10.30 -
AVG 8.5.0.423 2009.10.31 -
BitDefender 7.2 2009.10.31 -
[B]CAT-QuickHeal 10.00 2009.10.31 Win32.Packed.Krap.ae.8[/B]
ClamAV 0.94.1 2009.10.31 -
Comodo 2796 2009.10.31 -
[B]DrWeb 5.0.0.12182 2009.10.31 Trojan.Fakealert.6348[/B]
eSafe 7.0.17.0 2009.10.29 -
eTrust-Vet 35.1.7094 2009.10.30 -
F-Prot 4.5.1.85 2009.10.31 -
F-Secure 9.0.15370.0 2009.10.30 -
Fortinet 3.120.0.0 2009.10.31 -
GData 19 2009.10.31 -
Ikarus T3.1.1.72.0 2009.10.31 -
Jiangmin 11.0.800 2009.10.31 -
K7AntiVirus 7.10.885 2009.10.31 -
[B]Kaspersky 7.0.0.125 2009.10.31 Trojan-Downloader.Win32.FraudLoad.fxn[/B]
McAfee 5788 2009.10.31 -
[B]McAfee+Artemis 5788 2009.10.31 Artemis!6E49D1557DFC[/B]
McAfee-GW-Edition 6.8.5 2009.10.31 -
Microsoft 1.5202 2009.10.31 -
NOD32 4561 2009.10.31 -
Norman 6.03.02 2009.10.31 -
nProtect 2009.1.8.0 2009.10.31 -
Panda 10.0.2.2 2009.10.31 -
PCTools 7.0.3.5 2009.10.30 -
Prevx 3.0 2009.10.31 -
Rising 21.53.52.00 2009.10.31 -
Sophos 4.47.0 2009.10.31 -
Sunbelt 3.2.1858.2 2009.10.31 -
Symantec 1.4.4.12 2009.10.31 -
TheHacker 6.5.0.2.058 2009.10.31 -
TrendMicro 8.950.0.1094 2009.10.31 -
VBA32 3.12.10.11 2009.10.30 -
ViRobot 2009.10.31.2015 2009.10.31 -
VirusBuster 4.6.5.0 2009.10.31 -[/QUOTE]

[url]http://www.virustotal.com/analisis/76badeff36d63a57190ece1464800d53567902d7790d3b057cb0532606be5ff6-1257024229[/url]

File install.exe received on 2009.11.01 18:28:19 (UTC)
Result: 15/41 (36.59%)

[QUOTE][B]a-squared 4.5.0.41 2009.11.01 Trojan.Win32.VkHost!IK[/B]
AhnLab-V3 5.0.0.2 2009.10.30 -
AntiVir 7.9.1.53 2009.10.30 -
[B]Antiy-AVL 2.0.3.7 2009.10.30 Trojan/Win32.Qhost.gen[/B]
[B]Authentium 5.1.2.4 2009.11.01 W32/Blocker-based!Maximus[/B]
Avast 4.8.1351.0 2009.11.01 -
AVG 8.5.0.423 2009.11.01 -
BitDefender 7.2 2009.11.01 -
[B]CAT-QuickHeal 10.00 2009.10.31 Trojan.Qhost.maq[/B]
ClamAV 0.94.1 2009.11.01 -
[B]Comodo 2806 2009.11.01 Heur.Packed.Unknown[/B]
DrWeb 5.0.0.12182 2009.11.01 -
eSafe 7.0.17.0 2009.11.01 -
eTrust-Vet 35.1.7094 2009.10.30 -
[B]F-Prot 4.5.1.85 2009.11.01 W32/Blocker-based!Maximus[/B]
F-Secure 9.0.15370.0 2009.10.30 -
Fortinet 3.120.0.0 2009.11.01 -
GData 19 2009.11.01 -
[B]Ikarus T3.1.1.72.0 2009.11.01 Trojan.Win32.VkHost[/B]
[B]Jiangmin 11.0.800 2009.11.01 Trojan/Qhost.ayq[/B]
K7AntiVirus 7.10.885 2009.10.31 -
Kaspersky 7.0.0.125 2009.11.01 -
McAfee 5789 2009.11.01 -
[B]McAfee+Artemis 5789 2009.11.01 Artemis!E38F877DDF9F[/B]
[B]McAfee-GW-Edition 6.8.5 2009.11.01 Heuristic.LooksLike.Win32.Agent.H[/B]
Microsoft 1.5202 2009.11.01 -
NOD32 4563 2009.11.01 -
Norman 6.03.02 2009.11.01 -
[B]nProtect 2009.1.8.0 2009.11.01 Trojan/W32.Qhost.90112.D[/B]
[B]Panda 10.0.2.2 2009.11.01 Trj/Downloader.MDW[/B]
PCTools 7.0.3.5 2009.10.30 -
Prevx 3.0 2009.11.01 -
[B]Rising 21.53.62.00 2009.11.01 Trojan.Win32.QHost.avg[/B]
Sophos 4.47.0 2009.11.01 -
[B]Sunbelt 3.2.1858.2 2009.11.01 BehavesLike.Win32.Malware (v)[/B]
Symantec 1.4.4.12 2009.11.01 -
TheHacker 6.5.0.2.058 2009.10.31 -
TrendMicro 8.950.0.1094 2009.11.01 -
[B]VBA32 3.12.10.11 2009.10.30 Trojan.Win32.Agent.sxjn[/B]
ViRobot 2009.10.31.2015 2009.10.31 -
VirusBuster 4.6.5.0 2009.10.31 -[/QUOTE]

[url]http://www.virustotal.com/analisis/b0ad8221464c0123f9f36c605d955bedda1cb1adc18e3713e25664f1b641c41b-1257100099[/url]

File vk.exe received on 2009.11.03 08:00:58 (UTC)
Current status: finished
Result: 8/41 (19.52%)
[QUOTE][B]a-squared 4.5.0.41 2009.11.03 Trojan.Win32.Sasfis!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.03 -
AntiVir 7.9.1.53 2009.11.02 -
Antiy-AVL 2.0.3.7 2009.11.03 -
Authentium 5.1.2.4 2009.11.03 -
Avast 4.8.1351.0 2009.11.02 -
AVG 8.5.0.423 2009.11.02 -
BitDefender 7.2 2009.11.03 -
CAT-QuickHeal 10.00 2009.11.03 -
ClamAV 0.94.1 2009.11.03 -
Comodo 2824 2009.11.03 -
DrWeb 5.0.0.12182 2009.11.03 -
[B]eSafe 7.0.17.0 2009.11.02 Suspicious File[/B]
eTrust-Vet 35.1.7099 2009.11.03 -
F-Prot 4.5.1.85 2009.11.02 -
F-Secure 9.0.15370.0 2009.10.30 -
Fortinet 3.120.0.0 2009.11.03 -
GData 19 2009.11.03 -
[B]Ikarus T3.1.1.72.0 2009.11.03 Trojan.Win32.Sasfis[/B]
Jiangmin 11.0.800 2009.11.03 -
K7AntiVirus 7.10.886 2009.11.02 -
[B]Kaspersky 7.0.0.125 2009.11.03 Trojan.Win32.Sasfis.tqi[/B]
McAfee 5790 2009.11.02 -
[B]McAfee+Artemis 5790 2009.11.02 Artemis!9AA436CD507B[/B]
McAfee-GW-Edition 6.8.5 2009.11.02 -
[B]Microsoft 1.5202 2009.11.03 Trojan:Win32/Oficla.E[/B]
NOD32 4567 2009.11.03 -
Norman 6.03.02 2009.11.02 -
nProtect 2009.1.8.0 2009.11.03 -
[B]Panda 10.0.2.2 2009.11.02 Suspicious file[/B]
PCTools 7.0.3.5 2009.11.03 -
[B]Prevx 3.0 2009.11.03 Medium Risk Malware[/B]
Rising 21.54.11.00 2009.11.03 -
Sophos 4.47.0 2009.11.03 -
Sunbelt 3.2.1858.2 2009.11.02 -
Symantec 1.4.4.12 2009.11.03 -
TheHacker 6.5.0.2.059 2009.11.03 -
TrendMicro 8.950.0.1094 2009.11.03 -
VBA32 3.12.10.11 2009.11.02 -
ViRobot 2009.11.3.2018 2009.11.03 -
VirusBuster 4.6.5.0 2009.11.02 -[/QUOTE]
Additional information
File size: 19456 bytes
MD5...: 9aa436cd507b043dd9ac90b710fabeb0
SHA1..: bf65a829b6ae3ee03b31fa4c9168b6a7dc4eb9eb
SHA256: dbe88069e0a4a42f05a04f3f8f200d25fd40b06b7e7049bfc06a9944822eacf2
ssdeep: 384:p3/odyIHGikuRMctgsSDJpUqh0U21Xi8/ONY15:p3gdyBikuRNtgRaq2UM/T
15
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x4aed92aa (Sun Nov 01 13:52:42 2009)
machinetype.......: 0x14c (I386)
[url]http://info.prevx.com/aboutprogramtext.asp?PX5=768153DB0099E0B84CC10057F82CEC0053653E38[/url]

Файл vkontakte_manager2010.exe получен 2009.11.03 13:48:55 (UTC)
Текущий статус: закончено
Результат: 22/41 (53.66%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.41 2009.11.03 Trojan.Win32.VkHost!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.03 -
[B]AntiVir 7.9.1.53 2009.11.03 TR/VKHost.DB[/B]
Antiy-AVL 2.0.3.7 2009.11.03 -
[B]Authentium 5.1.2.4 2009.11.03 W32/Trojan2.JFCL
Avast 4.8.1351.0 2009.11.03 Win32:Malware-gen
AVG 8.5.0.423 2009.11.03 Generic14.CDJT
BitDefender 7.2 2009.11.03 Trojan.Generic.2547041
CAT-QuickHeal 10.00 2009.11.03 Trojan.VkHost.db[/B]
ClamAV 0.94.1 2009.11.03 -
Comodo 2827 2009.11.03 -
[B]DrWeb 5.0.0.12182 2009.11.03 Trojan.Hoster.306[/B]
eSafe 7.0.17.0 2009.11.03 -
eTrust-Vet 35.1.7099 2009.11.03 -
[B]F-Prot 4.5.1.85 2009.11.02 W32/Trojan2.JFCL
F-Secure 9.0.15370.0 2009.10.30 Trojan.Generic.2547041
Fortinet 3.120.0.0 2009.11.03 W32/VkHost.DB!tr
GData 19 2009.11.03 Trojan.Generic.2547041
Ikarus T3.1.1.72.0 2009.11.03 Trojan.Win32.VkHost
Jiangmin 11.0.800 2009.11.03 Trojan/VkHost.ad
K7AntiVirus 7.10.886 2009.11.02 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.11.03 Trojan.Win32.VkHost.db[/B]
McAfee 5790 2009.11.02 -
McAfee+Artemis 5790 2009.11.02 -
[B]McAfee-GW-Edition 6.8.5 2009.11.03 Heuristic.BehavesLike.Win32.Downloader.J[/B]
Microsoft 1.5202 2009.11.03 -
[B]NOD32 4568 2009.11.03 Win32/Qhost.NOM[/B]
Norman 6.03.02 2009.11.03 -
nProtect 2009.1.8.0 2009.11.03 -
[B]Panda 10.0.2.2 2009.11.02 Trj/CI.A[/B]
PCTools 7.0.3.5 2009.11.03 -
Prevx 3.0 2009.11.03 -
Rising 21.54.14.00 2009.11.03 -
[B]Sophos 4.47.0 2009.11.03 Mal/Generic-A[/B]
Sunbelt 3.2.1858.2 2009.11.02 -
Symantec 1.4.4.12 2009.11.03 -
TheHacker 6.5.0.2.059 2009.11.03 -
TrendMicro 8.950.0.1094 2009.11.03 -
[B]VBA32 3.12.10.11 2009.11.02 Trojan.Win32.VkHost.du[/B]
ViRobot 2009.11.3.2019 2009.11.03 -
[B]VirusBuster 4.6.5.0 2009.11.02 Trojan.VkHost.BD[/B][/QUOTE]
Дополнительная информация
File size: 530432 bytes
MD5...: 55c58aaf178500f8a527342970f0ae22
SHA1..: 84f6fa879f990c2899596dd7d2b9518dae6f9e4e
SHA256: 9b11b03b1deb8896b05891c6f95fcdac170210f49000f11eea26b4a6a733e80e
ssdeep: 12288:XpFRzKzd8mk85o+Ldlft4JV2IML1+ISlfnK0BNzql:XLxpPp+LhOTMBTKi
o0
PEiD..: -
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/9b11b03b1deb8896b05891c6f95fcdac170210f49000f11eea26b4a6a733e80e-1257256135[/url]

Файл mob17234-.jar получен 2009.11.05 10:14:52 (UTC)
Текущий статус: закончено
Результат: 8/40 (20%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.05 -
AhnLab-V3 5.0.0.2 2009.11.05 -
AntiVir 7.9.1.53 2009.11.05 -
[B]Antiy-AVL 2.0.3.7 2009.11.05 Trojan/J2ME.Small[/B]
Authentium 5.2.0.5 2009.11.05 -
Avast 4.8.1351.0 2009.11.04 -
AVG 8.5.0.423 2009.11.05 -
BitDefender 7.2 2009.11.05 -
CAT-QuickHeal 10.00 2009.11.05 -
ClamAV 0.94.1 2009.11.05 -
[B]Comodo 2846 2009.11.05 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.11.05 Java.SMSSend.90[/B]
eTrust-Vet 35.1.7103 2009.11.04 -
F-Prot 4.5.1.85 2009.11.04 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.05 -
GData 19 2009.11.05 -
Ikarus T3.1.1.74.0 2009.11.05 Trojan-SMS
Jiangmin 11.0.800 2009.11.05 -
K7AntiVirus 7.10.888 2009.11.04 -
Kaspersky 7.0.0.125 2009.11.05 Trojan-SMS.J2ME.Small.e
McAfee 5792 2009.11.04 -
McAfee+Artemis 5792 2009.11.04 -
McAfee-GW-Edition 6.8.5 2009.11.05 -
Microsoft 1.5202 2009.11.05 -
[B]NOD32 4575 2009.11.05 J2ME/TrojanSMS.Small.E[/B]
Norman 6.03.02 2009.11.05 -
nProtect 2009.1.8.0 2009.11.05 -
Panda 10.0.2.2 2009.11.04 -
[B]PCTools 7.0.3.5 2009.11.05 Trojan.Generic[/B]
Prevx 3.0 2009.11.05 -
Rising 21.54.32.00 2009.11.05 -
Sophos 4.47.0 2009.11.05 -
Sunbelt 3.2.1858.2 2009.11.05 -
[B]Symantec 1.4.4.12 2009.11.05 Trojan Horse[/B]
TheHacker 6.5.0.2.061 2009.11.05 -
TrendMicro 9.0.0.1003 2009.11.05 -
VBA32 3.12.10.11 2009.11.04 -
ViRobot 2009.11.5.2023 2009.11.05 -
VirusBuster 4.6.5.0 2009.11.04 -[/QUOTE]
Дополнительная информация
File size: 62961 bytes
MD5...: 7c2d4071f468e32087865e36258e18e6
SHA1..: 5257e5d767109387d94986695932251f889a2124
SHA256: 7050e34f00cf5221de2cce9033c9c9c43624f54724c949c6f63729c6d6a87ace
ssdeep: 1536:/HUn/jroCXi/Wzo9QsY3rHVQ25Dx8ateXfTtse5Rx5En/:/HUn/jEpW0mrr
/l8at0fTts8E/
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/7050e34f00cf5221de2cce9033c9c9c43624f54724c949c6f63729c6d6a87ace-1257416092[/url]

Файл js.js получен 2009.11.06 19:33:14 (UTC)
Текущий статус: закончено
Результат: 2/39 (5.13%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
[B]Avast 4.8.1351.0 2009.11.06 JS:Downloader-FP[/B]
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2862 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7107 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 JS:Downloader-FP [/B]
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.062 2009.11.05 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 111998 bytes
MD5 : d6e69b215dab07e1abaa802d17f5ceb7
SHA1 : 8510482698fb69ecf71da9f4c19f167be67d9169
SHA256: 78b460592517c4848072e5543a928cfebea1c887c7243a93c73a7926ae345d90
TrID : File type identification
Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
ssdeep: 48:QTlNRguMhABbulVAk+7XqyTjywB9JWPalF6ZaTAW:QTHRguMhABbulVAk+L37rJWPUcW
PEiD : -
packers (F-Prot): Unicode
RDS : NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/78b460592517c4848072e5543a928cfebea1c887c7243a93c73a7926ae345d90-1257535994[/url]

***

Файл js1.js получен 2009.11.06 19:43:40 (UTC)
Текущий статус: закончено
Результат: 2/41 (4.88%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2862 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eSafe 7.0.17.0 2009.11.05 -
eTrust-Vet 35.1.7107 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.06 JS/FakeAV.H.gen[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
[B]Microsoft 1.5202 2009.11.06 Trojan:JS/FakeXPA[/B]
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.062 2009.11.05 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 10324 bytes
MD5...: cab54e26892be619844ae29fab641dad
SHA1..: 43e64dcf96b01463b37dd60cd6cf08b7327f81d8
SHA256: 2b6018e0f058f2aebfc16e0076f617b2912677d838648200d5f6876ffaaa3142
ssdeep: 192:pTroHDaekg7wAb+Vf1kI5v6t6mn7RRTOkXOz6cvo:qHmq+Vf1kIgaiKpo
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
packers (F-Prot): Unicode

[url]http://www.virustotal.com/ru/analisis/2b6018e0f058f2aebfc16e0076f617b2912677d838648200d5f6876ffaaa3142-1257536620[/url]

***

Файл js2.js получен 2009.11.06 19:58:43 (UTC)
Текущий статус: закончено
Результат: 2/40 (5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
[B]Authentium 5.2.0.5 2009.11.06 HTML/IFrame.A[/B]
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2862 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7107 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.06 HTML/IFrame.A[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.062 2009.11.05 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 1528 bytes
MD5...: 1775dd417386e576ec3c0013acfa907b
SHA1..: 51855bd322f7b7b6abcfdf5b96a4b94f78365f4b
SHA256: 92027e9673aca92e6a60e8308bdd191a0687bea711375f87aea0a6e0af2f8997
ssdeep: 24:Q+6eNcNaxTjY+71+6BGb8e+6BS8eNaxThis+63de+6ce+6EeBe:GCcNaxQa1z
I9zw9Nax1isz3EzdzFBe
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
packers (Authentium): Unicode
packers (F-Prot): Unicode

[url]http://www.virustotal.com/ru/analisis/92027e9673aca92e6a60e8308bdd191a0687bea711375f87aea0a6e0af2f8997-1257537523[/url]

***

Файл js3.js получен 2009.11.06 20:06:29 (UTC)
Текущий статус: закончено
Результат: 3/40 (7.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2862 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7107 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.06 JS/Crypted.Q.gen[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
[B]McAfee 5794 2009.11.06 JS/Wonka[/B]
[B]McAfee+Artemis 5794 2009.11.06 JS/Wonka[/B]
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.062 2009.11.05 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 3490 bytes
MD5...: ddb045102d847adf5ef8bce8595d9156
SHA1..: a5b19db29f546870b16eb3702e4680a93e7ca7fa
SHA256: 63a2295aabbdeaca2143e5547b08282dfbfb9efcb5f140cab4fd3d8399b2f104
ssdeep: 48:m++F/rGFgtWu3Z1LytWggtFu3gylXAiHTHdIlK5hG:Q/rGFgtWu3Z1LytTgtF
u3g2XbrdIlIG
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
packers (F-Prot): Unicode, doc_write
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[url]http://www.virustotal.com/ru/analisis/63a2295aabbdeaca2143e5547b08282dfbfb9efcb5f140cab4fd3d8399b2f104-1257537989[/url]

***

Файл js4.js получен 2009.11.06 20:11:39 (UTC)
Текущий статус: закончено
Результат: 18/40 (45%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.41 2009.11.06 Virus.JS.Redirector!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.06 JS/Redirector.A[/B]
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
[B]Avast 4.8.1351.0 2009.11.06 JS:Redirector-B[/B]
[B]AVG 8.5.0.423 2009.11.06 Exploit[/B]
[B]BitDefender 7.2 2009.11.06 Trojan.Exploit.Phpbb.J[/B]
CAT-QuickHeal 10.00 2009.11.06 -
[B]ClamAV 0.94.1 2009.11.06 Trojan.JS-1[/B]
Comodo 2862 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
[B]eTrust-Vet 35.1.7108 2009.11.06 JS/Redir.A[/B]
F-Prot 4.5.1.85 2009.11.06 -
[B]F-Secure 9.0.15370.0 2009.11.04 Trojan.Exploit.Phpbb.J[/B]
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 Trojan.Exploit.Phpbb.J[/B]
[B]Ikarus T3.1.1.74.0 2009.11.06 Virus.JS.Redirector[/B]
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Trojan.JS.Iframe.eu[/B]
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
[B]McAfee-GW-Edition 6.8.5 2009.11.06 Script.Redirector.A[/B]
[B]Microsoft 1.5202 2009.11.06 Trojan:JS/Adclicker[/B]
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
[B]Panda 10.0.2.2 2009.11.06 JS/Redirector.C[/B]
[B]PCTools 7.0.3.5 2009.11.06 Trojan.Malscript[/B]
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
[B]Sophos 4.47.0 2009.11.06 Troj/JSRedir-A[/B]
Sunbelt 3.2.1858.2 2009.11.06 -
[B]Symantec 1.4.4.12 2009.11.06 Trojan.Malscript!html[/B]
TheHacker 6.5.0.2.062 2009.11.05 -
[B]TrendMicro 9.0.0.1003 2009.11.06 JS_REDIRECT.G[/B]
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 2352 bytes
MD5...: 1b647e9da6c557574bcea6ca0a97c2e0
SHA1..: 66698b6ec22da69d37ac04c1617c820f8d5e766d
SHA256: 6b4d8b4a6a6c6d62919bf00295da2fcee0ac62d2d55dda271cdaed8faedf4e6d
ssdeep: 24:S1HSSvmDWFoPEQq9M/HOFzM/HOFVM/mFCHwJcdt41ftgdWmkWN+dbcI:SISvS
Si/HOq/HOI/mD+Q0S7YI
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: HyperText Markup Language (100.0%)

[url]http://www.virustotal.com/ru/analisis/6b4d8b4a6a6c6d62919bf00295da2fcee0ac62d2d55dda271cdaed8faedf4e6d-1257538299[/url]

***

Файл js5.js получен 2009.11.06 20:24:56 (UTC)
Текущий статус: закончено
Результат: 1/40 (2.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2862 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Trojan.JS.Agent.aqe[/B]
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 2772 bytes
MD5...: e4ed3193a9d923fca3962c9050dbaf36
SHA1..: c93df65b0dc5dc6148cf3a49ebf63029da7096e5
SHA256: c3978ea09ca81c971a40126587ee6db0020aef60e07cf9dd9968fff49a206b07
ssdeep: 48:RWeWocjJ7BiAMsroehSXB5Bv7VpKFk1O86gZnD0rDKeeWY9ylIt6knIIjS5yV
DSb:RWocN7Bib2oehSR5Xpou/6gZmDKHWY9A
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Unicode

[url]http://www.virustotal.com/ru/analisis/c3978ea09ca81c971a40126587ee6db0020aef60e07cf9dd9968fff49a206b07-1257539096[/url]

Norton 2010 удалял все сонаром

Файл 1257414362.exe получен 2009.11.06 21:43:47 (UTC)
Текущий статус: закончено
Результат: 14/40 (35%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.41 2009.11.06 Trojan.Win32.Cosmu!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.06 TR/Vundo.Gen[/B]
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
[B]Avast 4.8.1351.0 2009.11.06 Win32:Alureon-DT[/B]
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
[B]DrWeb 5.0.0.12182 2009.11.06 BackDoor.Tdss.based.2
eTrust-Vet 35.1.7108 2009.11.06 Win32/TDSS!packed[/B]
F-Prot 4.5.1.85 2009.11.06 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 Win32:Alureon-DT
Ikarus T3.1.1.74.0 2009.11.06 Trojan.Win32.Cosmu[/B]
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Trojan.Win32.Cosmu.cyf[/B]
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
[B]McAfee-GW-Edition 6.8.5 2009.11.06 Trojan.Vundo.Gen[/B]
Microsoft 1.5202 2009.11.06 -
[B]NOD32 4580 2009.11.06 a variant of Win32/Kryptik.BAW[/B]
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
[B]Prevx 3.0 2009.11.06 Medium Risk Malware[/B]
Rising 21.54.44.00 2009.11.06 -
[B]Sophos 4.47.0 2009.11.06 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.11.06 Packed.Win32.Tdss.Gen (v)
Symantec 1.4.4.12 2009.11.06 Trojan Horse[/B]
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 83968 bytes
MD5...: 6509243793f2b130741c7f85e45e74a1
SHA1..: 0dccca47ec90e8a7ee9c30ac169590324d158b57
SHA256: b2de013c196e89d1e99be4b2c13836c20743cd19fcb3dd4db14ce307611874d9
ssdeep: 1536:utJCYdTq9suoqTds9Zy5QV9hT9aEAHtAgGHPur6yB++fKD6iRG3lU3:K07T
dBCV9+nAPSBBzJi
PEiD..: -
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/b2de013c196e89d1e99be4b2c13836c20743cd19fcb3dd4db14ce307611874d9-1257543827[/url]




Файл b0bah.exe получен 2009.11.06 21:44:34 (UTC)
Текущий статус: закончено
Результат: 13/41 (31.71%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.41 2009.11.06 Trojan.Win32.Bredolab!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
[B]AVG 8.5.0.423 2009.11.06 Packed.Revolt
BitDefender 7.2 2009.11.06 Trojan.Packed.Hiloti.Gen.3
CAT-QuickHeal 10.00 2009.11.06 Win32.Packed.Krap.w.4[/B]
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eSafe 7.0.17.0 2009.11.05 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 Trojan.Packed.Hiloti.Gen.3
Ikarus T3.1.1.74.0 2009.11.06 Trojan.Win32.Bredolab[/B]
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Packed.Win32.Krap.w[/B]
McAfee 5794 2009.11.06 -
[B]McAfee+Artemis 5794 2009.11.06 Artemis!F544AF61354E[/B]
McAfee-GW-Edition 6.8.5 2009.11.06 -
[B]Microsoft 1.5202 2009.11.06 TrojanDownloader:Win32/Waledac.C
NOD32 4580 2009.11.06 a variant of Win32/Kryptik.BAV[/B]
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
[B]Panda 10.0.2.2 2009.11.06 Trj/CI.A[/B]
PCTools 7.0.3.5 2009.11.06 -
[B]Prevx 3.0 2009.11.06 Medium Risk Malware[/B]
Rising 21.54.44.00 2009.11.06 -
[B]Sophos 4.47.0 2009.11.06 Sus/Krap-C[/B]
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 21504 bytes
MD5...: f544af61354e9f8ac75231887209e4a5
SHA1..: 6e9f4b765e9d1abbda59b28eb77bb94cf15bd097
SHA256: 1ccd694cbb46fb54b4f2396dcc79a389ae6aeb1398ab9d22133ae15447af6984
ssdeep: 384:abVmL4EqtBghHytlRxWptW7mSHckOIvdGzKIAuz4oA:aRU4BeZOnx+tpSHcl
Ivdqxo
PEiD..: -
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/1ccd694cbb46fb54b4f2396dcc79a389ae6aeb1398ab9d22133ae15447af6984-1257543874[/url]




Файл IAInstall.exe получен 2009.11.06 21:46:53 (UTC)
Текущий статус: закончено
Результат: 7/41 (17.08%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
[B]Comodo 2864 2009.11.06 Heur.Packed.Unknown[/B]
DrWeb 5.0.0.12182 2009.11.06 -
[B]eSafe 7.0.17.0 2009.11.05 Suspicious File[/B]
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
[B]F-Secure 9.0.15370.0 2009.11.04 Suspicious:W32/Malware!Online[/B]
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Trojan.Win32.FraudPack.zpf[/B]
McAfee 5794 2009.11.06 -
[B]McAfee+Artemis 5794 2009.11.06 Artemis!0111B0A6E33F[/B]
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
[B]Panda 10.0.2.2 2009.11.06 Suspicious file[/B]
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
[B]Sophos 4.47.0 2009.11.06 Mal/FakeAV-BP[/B]
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 32768 bytes
MD5...: 0111b0a6e33ff8ab21a8830688caf279
SHA1..: c8f362074741f4025fa1c6c17b98a73a66e1500d
SHA256: bce69cbf9d9aedb71a511581ec836dd0fa8707390698c9fe34420a4c5b5ba388
ssdeep: 768:E9gFS5+RelDPiHFvidZlOPoi0GTtzfJ3PQK9Lno+kn:mgF4+RODPsFqdEo1e
zfpHLno+
PEiD..: -
PEInfo: PE Structure information

[url]http://www.virustotal.com/ru/analisis/bce69cbf9d9aedb71a511581ec836dd0fa8707390698c9fe34420a4c5b5ba388-1257544013[/url]

Файл js.js получен 2009.11.06 22:37:12 (UTC)
Текущий статус: закончено
Результат: 1/40 (2.50%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Trojan-Downloader.JS.Agent.esb[/B]
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.06 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 1398 bytes
MD5 : 4b1c3747aa5f0a53bdeaa47318252879
SHA1 : 0cef56c665c292110e7717744572669ec6034cb8
SHA256: 2b2ebb94c0520328c6be249875ebfb4b436c727dc0e6aee1e05a7ecb17d12d6c
TrID : File type identification
Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
ssdeep: 24:QEcvccLOPs8cycSP96cicSPZ6cicSPZ6cicSPZ6cicSPlTNFoXfLzaYLRnFpPtVW:gUcD3S9vnSZvnSZvnSZvnSlTgv6YLDxO
PEiD : -
packers (F-Prot): Unicode
RDS : NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/2b2ebb94c0520328c6be249875ebfb4b436c727dc0e6aee1e05a7ecb17d12d6c-1257547032[/url]

***

Файл js1.js получен 2009.11.06 23:10:42 (UTC)
Текущий статус: закончено
Результат: 1/40 (2.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7108 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.06 JS/Strcrypt.T.gen[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
GData 19 2009.11.06 -
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.07 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 12724 bytes
MD5...: dbfa54d0b8edf8b22b8b434638327075
SHA1..: 2207770f3736d1827b64c540780765b06804a247
SHA256: 94f8a6bea882a34cb0b9fec579fa7e2de33600f8f732773cd2d5f6ce4bec1c61
ssdeep: 384:1rwd1Xnlz1hKY9qFh7ptPMb+DThGNNblbru/CpwHP:qXnlz1hKY9qFtptPMb
+DoNNblbru/Cpo
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Unicode

[url]http://www.virustotal.com/ru/analisis/94f8a6bea882a34cb0b9fec579fa7e2de33600f8f732773cd2d5f6ce4bec1c61-1257549042[/url]

***

Файл js2.js получен 2009.11.06 22:59:36 (UTC)
Текущий статус: закончено
Результат: 2/40 (5.00%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
[B]Avast 4.8.1351.0 2009.11.06 JS:Downloader-EG[/B]
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 JS:Downloader-EG [/B]
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.07 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 2332 bytes
MD5 : 20eafb355c3853563c02876222232175
SHA1 : f76cb88c3fa74b02c92be35990123885fd37d93a
SHA256: 46bbf58bf828d01f8ea8ed93c61ecaa94c6c9e1e1347434c788b4ec75dba9500
TrID : File type identification
Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
ssdeep: 48:m+HM070oa090em0vj5o7yGxHHjQuKFCgsxI/DyN:5M070P090em0vj5oPj9oCgsx4DyN
PEiD : -
packers (F-Prot): Unicode
RDS : NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/46bbf58bf828d01f8ea8ed93c61ecaa94c6c9e1e1347434c788b4ec75dba9500-1257548376[/url]

***

Файл js444.js получен 2009.11.06 23:04:19 (UTC)
Текущий статус: закончено
Результат: 6/40 (15%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.06 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
[B]Avast 4.8.1351.0 2009.11.06 JS:Downloader-EL[/B]
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7108 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.06 JS/Obf.I.gen[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 JS:Downloader-EL [/B]
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
Kaspersky 7.0.0.125 2009.11.06 -
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
[B]McAfee-GW-Edition 6.8.5 2009.11.06 Heuristic.Script.Crypted[/B]
[B]Microsoft 1.5202 2009.11.06 Virus:JS/Xilos[/B]
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.07 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 30384 bytes
MD5...: a82ce59a4608fe261f67795dea92e84a
SHA1..: a6b824979a86e5534a5b3c6aa6d20ecd0ca234e5
SHA256: 4074714338634dfee095c1d4dac4f627e731b58a9a857c97c7620a7a3d50863a
ssdeep: 384:JQXzFoxpEuZiFdhAS8sacLyhh6a1OTa1O4+a1DRSDUEdeaNoEZOeuvNeafGc
+g6N:fpntbAtBZoHlO
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Unicode

[url]http://www.virustotal.com/ru/analisis/4074714338634dfee095c1d4dac4f627e731b58a9a857c97c7620a7a3d50863a-1257548659[/url]

***

Файл js666.js получен 2009.11.06 23:29:41 (UTC)
Текущий статус: закончено
Результат: 5/40 (12.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.06 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.06 -
[B]Avast 4.8.1351.0 2009.11.06 JS:Obfuscated-CV[/B]
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2864 2009.11.06 -
DrWeb 5.0.0.12182 2009.11.06 -
eTrust-Vet 35.1.7108 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.06 JS/Obf.I.gen[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.06 -
[B]GData 19 2009.11.06 JS:Obfuscated-CV [/B]
Ikarus T3.1.1.74.0 2009.11.06 -
Jiangmin 11.0.800 2009.11.06 -
K7AntiVirus 7.10.890 2009.11.06 -
[B]Kaspersky 7.0.0.125 2009.11.06 Trojan-Downloader.JS.Major.c[/B]
McAfee 5794 2009.11.06 -
McAfee+Artemis 5794 2009.11.06 -
McAfee-GW-Edition 6.8.5 2009.11.06 -
[B]Microsoft 1.5202 2009.11.06 Virus:JS/Xilos[/B]
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.06 -
Panda 10.0.2.2 2009.11.06 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.07 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.06 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.06 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]
Дополнительная информация
File size: 39216 bytes
MD5...: cfb7b8ec44af54215e8f78d5c1ea795c
SHA1..: 1c90cd1fcdea14ffa146d5c8cd634739f7afcfb8
SHA256: 1ab3b8c06aa48d81c07a04536780409f3c792b393baaf27ee6ed57bf43a89013
ssdeep: 384:ZTZUIK/OmOyOEO1OwOTosA4xd5X9JGTZUIK/loZLjHmopTFV:0JAcFVloZ3H
mopTFV
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
packers (F-Prot): Unicode
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[url]http://www.virustotal.com/ru/analisis/1ab3b8c06aa48d81c07a04536780409f3c792b393baaf27ee6ed57bf43a89013-1257550181[/url]

File _______________.exe received on 2009.11.07 00:48:38 (UTC)
Result: 11/39 (28.21%)

[QUOTE][B]a-squared 4.5.0.41 2009.11.06 Trojan-PWS.Win32.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.06 TR/PSW.Agent.Obj.1[/B]
[B]Antiy-AVL 2.0.3.7 2009.11.05 Trojan/Win32.Agent[/B]
Authentium 5.2.0.5 2009.11.06 -
Avast 4.8.1351.0 2009.11.06 -
AVG 8.5.0.423 2009.11.06 -
BitDefender 7.2 2009.11.06 -
CAT-QuickHeal 10.00 2009.11.06 -
ClamAV 0.94.1 2009.11.06 -
Comodo 2866 2009.11.07 -
DrWeb 5.0.0.12182 2009.11.07 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.06 -
[B]Fortinet 3.120.0.0 2009.11.06 W32/Agent.OBJ!tr.pws[/B]
GData 19 2009.11.07 -
[B]Ikarus T3.1.1.74.0 2009.11.06 Trojan-PWS.Win32.Agent[/B]
Jiangmin 11.0.800 2009.11.06 -
[B]K7AntiVirus 7.10.890 2009.11.06 Trojan-PSW.Win32.Agent.obj[/B]
[B]Kaspersky 7.0.0.125 2009.11.07 Trojan-PSW.Win32.Agent.obj[/B]
McAfee 5794 2009.11.06 -
[B]McAfee+Artemis 5794 2009.11.06 Artemis!A2D5EB1D0D38[/B]
[B]McAfee-GW-Edition 6.8.5 2009.11.06 Trojan.PSW.Agent.Obj.1[/B]
Microsoft 1.5202 2009.11.06 -
NOD32 4580 2009.11.06 -
Norman 6.03.02 2009.11.06 -
[B]nProtect 2009.1.8.0 2009.11.06 Trojan-PWS/W32.Agent.417280.B[/B]
[B]Panda 10.0.2.2 2009.11.06 Suspicious file[/B]
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.07 -
Rising 21.54.44.00 2009.11.06 -
Sophos 4.47.0 2009.11.07 -
Sunbelt 3.2.1858.2 2009.11.06 -
Symantec 1.4.4.12 2009.11.07 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.06 -
VBA32 3.12.10.11 2009.11.06 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.06 -[/QUOTE]

[url]http://www.virustotal.com/analisis/51932d03a9c7305fe1e39d1b7f4fdf3b55858e6eb1588a3fb46b9163a342f6bc-1257554918[/url]

File Russificator_.exe received on 2009.11.08 11:54:35 (UTC)
Result: 6/40 (15%)
[CODE]Antivirus Version Last Update Result
[B]a-squared 4.5.0.41 2009.11.08 Riskware.Win32.Adload!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.06 ADSPY/AdSpy.Gen[/B]
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.08 -
Avast 4.8.1351.0 2009.11.08 -
AVG 8.5.0.423 2009.11.08 -
BitDefender 7.2 2009.11.08 -
CAT-QuickHeal 10.00 2009.11.07 -
[B]ClamAV 0.94.1 2009.11.08 PUA.Packed.ASPack212[/B]
Comodo 2882 2009.11.08 -
[B]DrWeb 5.0.0.12182 2009.11.08 Adware.FieryAds.22[/B]
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.07 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.08 -
GData 19 2009.11.08 -
[B]Ikarus T3.1.1.74.0 2009.11.08 not-a-virus:Win32.Adload[/B]
Jiangmin 11.0.800 2009.11.08 -
K7AntiVirus 7.10.891 2009.11.07 -
Kaspersky 7.0.0.125 2009.11.08 -
McAfee 5795 2009.11.07 -
McAfee+Artemis 5795 2009.11.07 -
[B]McAfee-GW-Edition 6.8.5 2009.11.08 Ad-Spyware.AdSpy.Gen[/B]
Microsoft 1.5202 2009.11.08 -
NOD32 4583 2009.11.08 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.08 -
Panda 10.0.2.2 2009.11.07 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.08 -
Rising 21.54.62.00 2009.11.08 -
Sophos 4.47.0 2009.11.08 -
Sunbelt 3.2.1858.2 2009.11.08 -
Symantec 1.4.4.12 2009.11.08 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.08 -
VBA32 3.12.10.11 2009.11.07 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.07 -[/CODE]
Additional information
File size: 2819603 bytes
MD5...: 1afa622601b36afca6d24a7c91e2e557
SHA1..: 4559d4786a6d23e857ebd3227091542d5e802b93
SHA256: 2a539bfd1a1e4016a30c8e10245aab227917b121b378b819db40e22fda668459
ssdeep: 49152:sIf7Tyw1RlwPMxasaf7/yN3zh/GfxYO635R8YCS07mZqL3ePCdHPqCIkgI
ysnMYW:sIf7Onea3jEdOu5Rlp6mZqDHHPfIxVs6
PEiD..: -
PEInfo: PE Structure information


File FieryAdsUninstall.exe received on 2009.11.08 13:24:03 (UTC)

Result: 10/40 (25%)

[CODE]Antivirus Version Last Update Result
[B]a-squared 4.5.0.41 2009.11.08 Riskware.AdWare.Win32.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
Antiy-AVL 2.0.3.7 2009.11.05 -
[B]Authentium 5.2.0.5 2009.11.08 W32/FierAds.A.gen!Eldorado[/B]
Avast 4.8.1351.0 2009.11.08 -
AVG 8.5.0.423 2009.11.08 -
[B]BitDefender 7.2 2009.11.08 Gen:Adware.Heur.KS0aQCcRTiFk
CAT-QuickHeal 10.00 2009.11.07 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.11.08 PUA.Packed.ASPack212[/B]
Comodo 2884 2009.11.08 -
DrWeb 5.0.0.12182 2009.11.08 -
eTrust-Vet 35.1.7108 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.07 W32/FierAds.A.gen!Eldorado
F-Secure 9.0.15370.0 2009.11.04 Gen:Adware.Heur.KS0aQCcRTiFk[/B]
Fortinet 3.120.0.0 2009.11.08 -
[B]GData 19 2009.11.08 Gen:Adware.Heur.KS0aQCcRTiFk
Ikarus T3.1.1.74.0 2009.11.08 not-a-virus:AdWare.Win32.Agent
Jiangmin 11.0.800 2009.11.08 Backdoor/Huigezi.2007.awwq[/B]
K7AntiVirus 7.10.891 2009.11.07 -
Kaspersky 7.0.0.125 2009.11.08 -
McAfee 5795 2009.11.07 -
McAfee+Artemis 5795 2009.11.07 -
McAfee-GW-Edition 6.8.5 2009.11.08 -
Microsoft 1.5202 2009.11.08 -
NOD32 4583 2009.11.08 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.08 -
Panda 10.0.2.2 2009.11.08 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.08 -
Rising 21.54.62.00 2009.11.08 -
Sophos 4.47.0 2009.11.08 -
Sunbelt 3.2.1858.2 2009.11.08 -
Symantec 1.4.4.12 2009.11.08 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.08 -
VBA32 3.12.10.11 2009.11.07 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.07 -[/CODE]
Additional information
File size: 590848 bytes
MD5...: a03df13fee80401a48d7164a8e2000cc
SHA1..: 6e7be761b392009b7be2d1a27ad90f63caeebcb9
SHA256: 85702ccd66086caed49c2e35f486487e8d9e1fab9d7d8594113a76c4de0f276a
ssdeep: 12288:X/g+thQ+XIHjwdIu11Tgg9Zq6xGJOpqZ1WYrt:XzXBXjdp1T40GkpFYrt
PEiD..: -
PEInfo: PE Structure information

File setup.exe received on 2009.11.08 14:55:51 (UTC)

Result: 17/40 (42.5%)


[QUOTE][B]a-squared 4.5.0.41 2009.11.08 Trojan.Win32.VkHost!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.06 -
[B]Antiy-AVL 2.0.3.7 2009.11.05 Trojan/Win32.Qhost.gen[/B]
[B]Authentium 5.2.0.5 2009.11.08 W32/Blocker-based!Maximus[/B]
Avast 4.8.1351.0 2009.11.08 -
AVG 8.5.0.423 2009.11.08 -
BitDefender 7.2 2009.11.08 -
[B]CAT-QuickHeal 10.00 2009.11.07 Trojan.Qhost.maq[/B]
ClamAV 0.94.1 2009.11.08 -
[B]Comodo 2884 2009.11.08 Heur.Packed.Unknown[/B]
DrWeb 5.0.0.12182 2009.11.08 -
eTrust-Vet 35.1.7108 2009.11.06 -
[B]F-Prot 4.5.1.85 2009.11.07 W32/Blocker-based!Maximus[/B]
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.08 -
GData 19 2009.11.08 -
[B]Ikarus T3.1.1.74.0 2009.11.08 Trojan.Win32.VkHost[/B]
[B]Jiangmin 11.0.800 2009.11.08 Trojan/Qhost.ayq[/B]
K7AntiVirus 7.10.891 2009.11.07 -
Kaspersky 7.0.0.125 2009.11.08 -
McAfee 5795 2009.11.07 -
[B]McAfee+Artemis 5795 2009.11.07 Artemis!57B454D02FA9[/B]
[B]McAfee-GW-Edition 6.8.5 2009.11.08 Heuristic.LooksLike.Win32.Agent.H[/B]
Microsoft 1.5202 2009.11.08 -
NOD32 4584 2009.11.08 -
[B]Norman 6.03.02 2009.11.06 W32/Qhost.GXM[/B]
[B]nProtect 2009.1.8.0 2009.11.08 Trojan/W32.Qhost.90112.F[/B]
[B]Panda 10.0.2.2 2009.11.08 Trj/Downloader.MDW[/B]
PCTools 7.0.3.5 2009.11.06 -
[B]Prevx 3.0 2009.11.08 Medium Risk Malware[/B]
[B]Rising 21.54.62.00 2009.11.08 Trojan.Win32.QHost.avg[/B]
Sophos 4.47.0 2009.11.08 -
[B]Sunbelt 3.2.1858.2 2009.11.08 BehavesLike.Win32.Malware (v)[/B]
Symantec 1.4.4.12 2009.11.08 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.08 -
[B]VBA32 3.12.10.11 2009.11.07 Trojan.Win32.Agent.sxjn[/B]
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.07 -[/QUOTE]

[url]http://www.virustotal.com/ru/analisis/3208e8dadb20aeda832570bd0e135ceed3bcf35aee01527ce793bae56f8b4246-1257707934[/url]

[QUOTE]a-squared 4.5.0.41 2009.11.08 [B]Trojan-Spy.Win32.Vwealer!IK [/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.08 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.08 -
Avast 4.8.1351.0 2009.11.08 -
AVG 8.5.0.423 2009.11.08 [B]SHeur2.BQIX[/B]
BitDefender 7.2 2009.11.08 -
CAT-QuickHeal 10.00 2009.11.07 -
ClamAV 0.94.1 2009.11.08 -
Comodo 2886 2009.11.08 -
DrWeb 5.0.0.12182 2009.11.08 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.08 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.08 -
GData 19 2009.11.08 -
Ikarus T3.1.1.74.0 2009.11.08 [B]Trojan-Spy.Win32.Vwealer[/B]
Jiangmin 11.0.800 2009.11.08 -
K7AntiVirus 7.10.891 2009.11.07 -
Kaspersky 7.0.0.125 2009.11.08 [B]Trojan-Ransom.Win32.SMSer.rw[/B]
McAfee 5796 2009.11.08 -
McAfee+Artemis 5796 2009.11.08 -
McAfee-GW-Edition 6.8.5 2009.11.08 -
Microsoft 1.5202 2009.11.08 -
NOD32 4585 2009.11.08 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.08 -
Panda 10.0.2.2 2009.11.08 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.08 -
Rising 21.54.62.00 2009.11.08 -
Sophos 4.47.0 2009.11.08 -
Sunbelt 3.2.1858.2 2009.11.08 -
Symantec 1.4.4.12 2009.11.08 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.08 [B]PAK_Generic.001[/B]
VBA32 3.12.10.11 2009.11.07 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.08 - [/QUOTE]

Файл Opera.jar получен 2009.11.08 20:37:37 (UTC)
Текущий статус: закончено
Результат: 5/40 (12.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.08 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.08 -
[B]Antiy-AVL 2.0.3.7 2009.11.05 Trojan/J2ME.Small[/B]
Authentium 5.2.0.5 2009.11.08 -
Avast 4.8.1351.0 2009.11.08 -
AVG 8.5.0.423 2009.11.08 -
BitDefender 7.2 2009.11.08 -
CAT-QuickHeal 10.00 2009.11.07 -
ClamAV 0.94.1 2009.11.08 -
[B]Comodo 2888 2009.11.08 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.11.08 Java.SMSSend.90[/B]
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.08 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.08 -
GData 19 2009.11.08 -
[B]Ikarus T3.1.1.74.0 2009.11.08 Trojan-SMS[/B]
Jiangmin 11.0.800 2009.11.08 -
K7AntiVirus 7.10.891 2009.11.07 -
[B]Kaspersky 7.0.0.125 2009.11.08 Trojan-SMS.J2ME.Small.h[/B]
McAfee 5796 2009.11.08 -
McAfee+Artemis 5796 2009.11.08 -
McAfee-GW-Edition 6.8.5 2009.11.08 -
Microsoft 1.5202 2009.11.08 -
NOD32 4585 2009.11.08 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.08 -
Panda 10.0.2.2 2009.11.08 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.08 -
Rising 21.54.62.00 2009.11.08 -
Sophos 4.47.0 2009.11.08 -
Sunbelt 3.2.1858.2 2009.11.08 -
Symantec 1.4.4.12 2009.11.08 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.08 -
VBA32 3.12.10.11 2009.11.07 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.08 -[/QUOTE]
Дополнительная информация
File size: 178617 bytes
MD5...: 94b145de58cacc2c79163479d6855d5e
SHA1..: 2935c1453e17448122863db495f2f53bd98b8e6e
SHA256: 1facb716b63338d57cdeb9d497bdc03431b2969c45e75645919a701fd44986b7
ssdeep: 3072:/HIrn/jEpW0mrr/l8at0fTts8Ern/jEpW0mrr/l8at0fTts8EKn/jEpW0mr
r/l8u:vuQIrvtop2LQIrvtop2WQIrvtop2/
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set

[url]http://www.virustotal.com/ru/analisis/1facb716b63338d57cdeb9d497bdc03431b2969c45e75645919a701fd44986b7-1257712657[/url]

File install.exe received on 2009.10.27 23:27:50 (UTC)
[CODE]Antivirus Version Last Update Result
a-squared 4.5.0.41 2009.10.27 -
AhnLab-V3 5.0.0.2 2009.10.27 -
AntiVir 7.9.1.44 2009.10.27 -
Antiy-AVL 2.0.3.7 2009.10.27 -
Authentium 5.1.2.4 2009.10.27 W32/Downldr3.GJ
Avast 4.8.1351.0 2009.10.27 -
AVG 8.5.0.423 2009.10.27 -
BitDefender 7.2 2009.10.28 -
CAT-QuickHeal 10.00 2009.10.27 -
ClamAV 0.94.1 2009.10.27 -
Comodo 2751 2009.10.27 -
DrWeb 5.0.0.12182 2009.10.27 Trojan.DownLoad.51375
eTrust-Vet 35.1.7086 2009.10.27 -
F-Prot 4.5.1.85 2009.10.27 W32/Downldr3.GJ
F-Secure 9.0.15370.0 2009.10.27 -
Fortinet 3.120.0.0 2009.10.27 -
GData 19 2009.10.28 -
Ikarus T3.1.1.72.0 2009.10.27 -
Jiangmin 11.0.800 2009.10.26 -
K7AntiVirus 7.10.881 2009.10.27 Trojan.Win32.Malware.4
Kaspersky 7.0.0.125 2009.10.28 -
McAfee 5784 2009.10.27 Generic Downloader.du
McAfee+Artemis 5784 2009.10.27 Generic Downloader.du
McAfee-GW-Edition 6.8.5 2009.10.27 Heuristic.LooksLike.Win32.NewMalware.J
Microsoft 1.5202 2009.10.27 -
NOD32 4549 2009.10.27 Win32/TrojanDownloader.Delf.PAN
Norman 6.03.02 2009.10.27 -
nProtect 2009.1.8.0 2009.10.27 -
Panda 10.0.2.2 2009.10.27 Trj/Downloader.WEX
PCTools 4.4.2.0 2009.10.19 -
Prevx 3.0 2009.10.28 Medium Risk Malware
Rising 21.53.13.00 2009.10.27 -
Sophos 4.46.0 2009.10.27 -
Sunbelt 3.2.1858.2 2009.10.27 -
Symantec 1.4.4.12 2009.10.27 -
TheHacker 6.5.0.2.055 2009.10.27 Trojan/Delf.pan
TrendMicro 8.950.0.1094 2009.10.27 -
VBA32 3.12.10.11 2009.10.27 -
ViRobot 2009.10.27.2007 2009.10.27 -
VirusBuster 4.6.5.0 2009.10.26 -[/CODE]

P.S. Файл скачался с одной из файлопомоек под видом установщика Штирлица 4. Интересно, что в ЛК он улетел ещё 4 ноября - всё не решаются.

[url]http://www.virustotal.com/ru/analisis/e14d4b4e4659c44bccfcecba3879679eafa4e8956c3dbd344625d6d101b5768e-1257795859[/url]

[QUOTE][B]a-squared 4.5.0.41 2009.11.09 Backdoor.Bredavi!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.09 -
Antiy-AVL 2.0.3.7 2009.11.09 -
Authentium 5.2.0.5 2009.11.09 -
Avast 4.8.1351.0 2009.11.09 -
AVG 8.5.0.423 2009.11.09 -
BitDefender 7.2 2009.11.09 -
CAT-QuickHeal 10.00 2009.11.09 -
ClamAV 0.94.1 2009.11.09 -
Comodo 2898 2009.11.09 -
DrWeb 5.0.0.12182 2009.11.09 -
eTrust-Vet 35.1.7111 2009.11.09 -
F-Prot 4.5.1.85 2009.11.09 -
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.09 -
GData 19 2009.11.09 -
[B]Ikarus T3.1.1.74.0 2009.11.09 Backdoor.Bredavi[/B]
Jiangmin 11.0.800 2009.11.09 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.09 -
McAfee 5797 2009.11.09 -
[B]McAfee+Artemis 5797 2009.11.09 Artemis!88AB014A832D [/B]
McAfee-GW-Edition 6.8.5 2009.11.09 -
[B]Microsoft 1.5202 2009.11.09 Trojan:Win32/Oficla.E [/B]
NOD32 4588 2009.11.09 -
Norman 6.03.02 2009.11.09 -
nProtect 2009.1.8.0 2009.11.09 -
[B]Panda 10.0.2.2 2009.11.09 Suspicious file[/B]
PCTools 7.0.3.5 2009.11.09 -
[B]Prevx 3.0 2009.11.09 Medium Risk Malware[/B]
Rising 22.21.00.08 2009.11.09 -
Sophos 4.47.0 2009.11.09 -
Sunbelt 3.2.1858.2 2009.11.08 -
Symantec 1.4.4.12 2009.11.09 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.09 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.9.2027 2009.11.09 -
VirusBuster 4.6.5.0 2009.11.09 - [/QUOTE]

t-59841
[CODE]File avz00003._ta received on 2009.11.10 13:55:46 (UTC)
Antivirus Version Last Update Result
a-squared 4.5.0.41 2009.11.10 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.10 -
Authentium 5.2.0.5 2009.11.10 -
Avast 4.8.1351.0 2009.11.10 -
AVG 8.5.0.423 2009.11.10 -
BitDefender 7.2 2009.11.10 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2905 2009.11.10 -
[B]DrWeb 5.0.0.12182 2009.11.10 Trojan.Winlock.341[/B]
eSafe 7.0.17.0 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
F-Prot 4.5.1.85 2009.11.10 -
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
GData 19 2009.11.10 -
Ikarus T3.1.1.74.0 2009.11.10 -
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.10 -
McAfee 5797 2009.11.09 -
McAfee+Artemis 5797 2009.11.09 -
McAfee-GW-Edition 6.8.5 2009.11.10 -
Microsoft 1.5202 2009.11.10 -
[B]NOD32 4591 2009.11.10 Win32/LockScreen.CZ[/B]
Norman 6.03.02 2009.11.09 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.09 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.10 -
Rising 22.21.01.09 2009.11.10 -
Sophos 4.47.0 2009.11.10 -
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
VirusBuster 4.6.5.0 2009.11.09 -[/CODE]
Additional information
File size: 114688 bytes
MD5...: c06063a7028d3b68df9b295fc56cdfc8

File ubiquity.html received on 2009.11.10 13:26:21 (UTC)
Result: 2/40 (5%)

[QUOTE]a-squared 4.5.0.41 2009.11.10 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.10 -
Authentium 5.2.0.5 2009.11.10 -
Avast 4.8.1351.0 2009.11.10 -
AVG 8.5.0.423 2009.11.10 -
BitDefender 7.2 2009.11.10 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2905 2009.11.10 -
DrWeb 5.0.0.12182 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
[B]F-Prot 4.5.1.85 2009.11.10 JS/Obf.I.gen[/B]
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
GData 19 2009.11.10 -
Ikarus T3.1.1.74.0 2009.11.10 -
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.10 -
McAfee 5797 2009.11.09 -
McAfee+Artemis 5797 2009.11.09 -
[B]McAfee-GW-Edition 6.8.5 2009.11.10 Heuristic.LooksLike.JS.Suspicious.A[/B]
Microsoft 1.5202 2009.11.10 -
NOD32 4591 2009.11.10 -
Norman 6.03.02 2009.11.09 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.09 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.10 -
Rising 22.21.01.09 2009.11.10 -
Sophos 4.47.0 2009.11.10 -
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
VirusBuster 4.6.5.0 2009.11.09 - [/QUOTE]

[url]http://www.virustotal.com/analisis/0828ba62ca4096bca0f452f4ece1ed0b811ac7ff9ace4f7e3d1de0dfed4c8232-1257859581[/url]

Файл js1.js получен 2009.11.10 16:28:22 (UTC)
Текущий статус: закончено
Результат: 3/41 (7.32%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.10 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.10 -
Authentium 5.2.0.5 2009.11.10 -
[B]Avast 4.8.1351.0 2009.11.10 JS:Downloader-GA[/B]
AVG 8.5.0.423 2009.11.10 -
BitDefender 7.2 2009.11.10 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2905 2009.11.10 -
DrWeb 5.0.0.12182 2009.11.10 -
eSafe 7.0.17.0 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
F-Prot 4.5.1.85 2009.11.10 -
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
[B]GData 19 2009.11.10 JS:Downloader-GA [/B]
Ikarus T3.1.1.74.0 2009.11.10 -
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
[B]Kaspersky 7.0.0.125 2009.11.10 Trojan-Downloader.JS.Agent.erx[/B]
McAfee 5797 2009.11.09 -
McAfee+Artemis 5797 2009.11.09 -
McAfee-GW-Edition 6.8.5 2009.11.10 -
Microsoft 1.5202 2009.11.10 -
NOD32 4592 2009.11.10 -
Norman 6.03.02 2009.11.09 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.09 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.10 -
Rising 22.21.01.09 2009.11.10 -
Sophos 4.47.0 2009.11.10 -
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
VirusBuster 4.6.5.0 2009.11.09 -[/QUOTE]
Дополнительная информация
File size: 69660 bytes
MD5...: 20aed7a2762581ae62020ced22637084
SHA1..: c916636997009751cbc7144e50c61d6f39eac423
SHA256: e759be2694669b60de904976d57f05917cc85dba3d560a2f4853a7db02aada90
ssdeep: 1536:UKBFJHL4SCch1feKPWkAh6VKDTe3nwedUw8/XrHpVFjZ9ESl+Er/jFkZggC
p6Sye:UKBFJHL4SCch1feKPWkAh6VKDTe3nweG
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
packers (F-Prot): Unicode
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[url]http://www.virustotal.com/ru/analisis/e759be2694669b60de904976d57f05917cc85dba3d560a2f4853a7db02aada90-1257870502[/url]

***

Файл js2.js получен 2009.11.10 16:23:12 (UTC)
Текущий статус: закончено
Результат: 11/40 (27.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.10 -
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.10 HTML/Rce.Gen[/B]
Antiy-AVL 2.0.3.7 2009.11.10 -
Authentium 5.2.0.5 2009.11.10 -
[B]Avast 4.8.1351.0 2009.11.10 VBS:SnapshotView-S[/B]
AVG 8.5.0.423 2009.11.10 -
BitDefender 7.2 2009.11.10 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2905 2009.11.10 -
DrWeb 5.0.0.12182 2009.11.10 -
eSafe 7.0.17.0 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
[B]F-Prot 4.5.1.85 2009.11.10 JS/Heaspr.C.gen[/B]
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
[B]GData 19 2009.11.10 VBS:SnapshotView-S [/B]
Ikarus T3.1.1.74.0 2009.11.10 -
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.10 -
McAfee 5797 2009.11.09 -
[B]McAfee-GW-Edition 6.8.5 2009.11.10 Heuristic.LooksLike.JS.Suspicious.E[/B]
[B]Microsoft 1.5202 2009.11.10 Exploit:JS/ShellCode.gen[/B]
NOD32 4592 2009.11.10 -
[B]Norman 6.03.02 2009.11.10 JS/ShellCode.B[/B]
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.10 -
[B]PCTools 7.0.3.5 2009.11.10 HTML.Psyme.Gen[/B]
Prevx 3.0 2009.11.10 -
[B]Rising 22.21.01.09 2009.11.10 Trojan.DL.VBS.Agent.coj[/B]
Sophos 4.47.0 2009.11.10 -
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
[B]TrendMicro 9.0.0.1003 2009.11.10 Expl_ShellCodeSM[/B]
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
[B]VirusBuster 4.6.5.0 2009.11.10 HTML.Psyme.Gen[/B][/QUOTE]
Дополнительная информация
File size: 17861 bytes
MD5...: 59e2a9bada969b178479b68393baaac7
SHA1..: 73fbf2ccbdf3d27cbf0ae5e47e9f153565cd6d3e
SHA256: 2bfa8ad5673496e37b59ff111bb8d96d1e1c843bdb9222f5faca959839a75c20
ssdeep: 384:qqbBA8DkXvzWpUVxSVGMZ9UBWFD33E1+6Jd7FyA7FT8KrqZQJltPApj7/6LL
2Fz:N+HXvzWpUzeGMMOD33VU8gltPAt/YL2J
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[url]http://www.virustotal.com/ru/analisis/2bfa8ad5673496e37b59ff111bb8d96d1e1c843bdb9222f5faca959839a75c20-1257870192[/url]

***

Файл js3.js получен 2009.11.10 16:32:24 (UTC)
Текущий статус: закончено
Результат: 2/34 (5.89%)

[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.10 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Authentium 5.2.0.5 2009.11.10 -
[B]Avast 4.8.1351.0 2009.11.10 JS:Downloader-GD[/B]
AVG 8.5.0.423 2009.11.10 -
BitDefender 7.2 2009.11.10 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2905 2009.11.10 -
DrWeb 5.0.0.12182 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
F-Prot 4.5.1.85 2009.11.10 -
Fortinet 3.120.0.0 2009.11.10 -
[B]GData 19 2009.11.10 JS:Downloader-GD [/B]
Ikarus T3.1.1.74.0 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.10 -
McAfee 5797 2009.11.09 -
McAfee-GW-Edition 6.8.5 2009.11.10 -
NOD32 4592 2009.11.10 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.10 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.10 -
Rising 22.21.01.09 2009.11.10 -
Sophos 4.47.0 2009.11.10 -
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
VirusBuster 4.6.5.0 2009.11.10 -[/QUOTE]
Дополнительная информация
File size: 111894 bytes
MD5...: 4fa418e79613dc9c29165140e541ce32
SHA1..: e13fa6b6af792b75b40875e8539223e9fe3f00ec
SHA256: 28acf26fe14b6133135d9b8d879fe6b43c92313a2a6fe960b77634fe45f75424
ssdeep: 384:ZnFsxoRsBdBRsL9BRsB9BRsN9BRsN9BRsXynyvWyd0x7pcto/obhyhhJKzE6
L:X
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Unicode, eval, unescape
pdfid.: -

[url]http://www.virustotal.com/ru/analisis/28acf26fe14b6133135d9b8d879fe6b43c92313a2a6fe960b77634fe45f75424-1257870744[/url]

***

Файл js4.js получен 2009.11.10 16:42:33 (UTC)
Текущий статус: закончено
Результат: 1/40 (2.5%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.10 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.10 -
Authentium 5.2.0.5 2009.11.10 -
Avast 4.8.1351.0 2009.11.10 -
AVG 8.5.0.423 2009.11.10 -
BitDefender 7.2 2009.11.10 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2905 2009.11.10 -
DrWeb 5.0.0.12182 2009.11.10 -
eSafe 7.0.17.0 2009.11.10 -
eTrust-Vet 35.1.7113 2009.11.10 -
[B]F-Prot 4.5.1.85 2009.11.10 JS/FakeAV.H.gen[/B]
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
GData 19 2009.11.10 -
Ikarus T3.1.1.74.0 2009.11.10 -
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.10 -
McAfee 5797 2009.11.09 -
McAfee-GW-Edition 6.8.5 2009.11.10 -
Microsoft 1.5202 2009.11.10 -
NOD32 4592 2009.11.10 -
Norman 6.03.02 2009.11.10 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.10 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.10 -
Rising 22.21.01.09 2009.11.10 -
Sophos 4.47.0 2009.11.10 -
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
VirusBuster 4.6.5.0 2009.11.10 -[/QUOTE]
Дополнительная информация
File size: 102270 bytes
MD5...: dd16df234e6c739c434a049b3b280b0b
SHA1..: 0d2c68608fa79ad99e4437d7e6f8f997802d2543
SHA256: ea21604c0f149f26d1dd9da5462efe3e3efcb43c696d35d16f92211cfbca6ec8
ssdeep: 3072:B8L2MNljLY2UWIvzrZcLmrefWFZxwTD8bv+xciIR/FtjaszT5RkD80JFHD6
gjc2u:f
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): Unicode

[url]http://www.virustotal.com/ru/analisis/ea21604c0f149f26d1dd9da5462efe3e3efcb43c696d35d16f92211cfbca6ec8-1257871353[/url]

Достаточно свежий, прислали ссылку по почте

Файл document.scr получен 2009.11.11 05:32:31 (UTC)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.41 2009.11.11 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.10 -
Antiy-AVL 2.0.3.7 2009.11.11 -
[B]Authentium 5.2.0.5 2009.11.11 W32/Sasfis.I[/B]
[B]Avast 4.8.1351.0 2009.11.10 Win32:Malware-gen[/B]
AVG 8.5.0.423 2009.11.11 -
BitDefender 7.2 2009.11.11 -
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
Comodo 2913 2009.11.11 -
DrWeb 5.0.0.12182 2009.11.10 -
[B]eSafe 7.0.17.0 2009.11.10 Suspicious File[/B]
eTrust-Vet 35.1.7113 2009.11.10 -
F-Prot 4.5.1.85 2009.11.10 -
F-Secure 9.0.15370.0 2009.11.09 -
Fortinet 3.120.0.0 2009.11.10 -
[B]GData 19 2009.11.11 Win32:Malware-gen[/B]
Ikarus T3.1.1.74.0 2009.11.11 -
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.893 2009.11.10 -
[B]Kaspersky 7.0.0.125 2009.11.11 Trojan.Win32.Sasfis.ubl[/B]
McAfee 5798 2009.11.10 -
McAfee+Artemis 5798 2009.11.10 -
[B]McAfee-GW-Edition 6.8.5 2009.11.11 Heuristic.LooksLike.Trojan.Sasfis.B
Microsoft 1.5202 2009.11.10 Trojan:Win32/Oficla.E
NOD32 4594 2009.11.11 a variant of Win32/Oficla.BI[/B]
Norman 6.03.02 2009.11.10 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.10 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.11 -
Rising 22.21.02.01 2009.11.11 -
Sophos 4.47.0 2009.11.11 -
Sunbelt 3.2.1858.2 2009.11.11 -
Symantec 1.4.4.12 2009.11.11 -
TheHacker 6.5.0.2.065 2009.11.11 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.10 -
ViRobot 2009.11.11.2030 2009.11.11 -
VirusBuster 4.6.5.0 2009.11.10 -[/QUOTE]
Дополнительная информация
File size: 19456 bytes
MD5   : fab42f51084482c14c10dc62fb5c76c3
SHA1  : c2a6fb5a2e9296a6411a366849c0d349cbc9cb96
SHA256: b90aa150e25e38ff6d14f729e8f3257cd67a3825d073ace505108c6177a13e5f
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x10C0<br> timedatestamp.....: 0x4AF4AB3E (Sat Nov 7 00:03:26 2009)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 4 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x2798 0x2800 7.54 853b412f90425225863ac0e3b9b742f8<br>.data 0x4000 0x1D00 0x1E00 7.87 ea10ea9408f3399ef3d6ad0925cce952<br>.bss 0x6000 0x40 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.idata 0x7000 0x14 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br> <br> ( 0 imports )<br> <br> <br> ( 0 exports )<br>
TrID&nbsp;&nbsp;: File type identification<br>Win16/32 Executable Delphi generic (33.9%)<br>Generic Win/DOS Executable (32.7%)<br>DOS Executable Generic (32.7%)<br>VXD Driver (0.5%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
ssdeep: 384:0PLXTfbnjvr3Rq2GyR++b3p8WTC9mLWzD5zc7BfN1EZMU:GDB+YqKC9mLmG/1
PEiD&nbsp;&nbsp;: -
RDS&nbsp;&nbsp;&nbsp;: NSRL Reference Data Set<br>-

После того, как ребенок скачал кейген для регистрации игр Alawar и запустил его, в WINDOWS 7 появился файл c:\Windows\System32\drivers\etc\ntfs...\csrss.exe

[CODE]File smona125796782882842122153 received on 2009.11.11 19:32:46 (UTC)
Antivirus Version Last Update Result
[B]a-squared 4.5.0.41 2009.11.10 Virus.Win32.Rbot!IK[/B]
AhnLab-V3 5.0.0.2 2009.11.06 -
[B]AntiVir 7.9.1.61 2009.11.10 PCK/Obsidium[/B]
Antiy-AVL 2.0.3.7 2009.11.10 -
[B]Authentium 5.2.0.5 2009.11.10 W32/Prorat.BY@bd[/B]
Avast 4.8.1351.0 2009.11.10 -
AVG 8.5.0.423 2009.11.10 -
[B]BitDefender 7.2 2009.11.10 Generic.Lineage.2A83EE54[/B]
CAT-QuickHeal 10.00 2009.11.10 -
ClamAV 0.94.1 2009.11.10 -
[B]Comodo 2905 2009.11.10 Heur.Pck.Obsidium[/B]
DrWeb 5.0.0.12182 2009.11.10 -
[B]eSafe 7.0.17.0 2009.11.10 Suspicious File[/B]
eTrust-Vet 35.1.7113 2009.11.10 -
[B]F-Prot 4.5.1.85 2009.11.10 W32/Prorat.BY@bd
F-Secure 9.0.15370.0 2009.11.09 Generic.Lineage.2A83EE54[/B]
Fortinet 3.120.0.0 2009.11.10 -
[B]GData 19 2009.11.10 Generic.Lineage.2A83EE54
Ikarus T3.1.1.74.0 2009.11.10 Virus.Win32.Rbot[/B]
Jiangmin 11.0.800 2009.11.10 -
K7AntiVirus 7.10.892 2009.11.09 -
Kaspersky 7.0.0.125 2009.11.10 -
[B]McAfee 5797 2009.11.09 Packed-01!920F4D23D04A
McAfee+Artemis 5797 2009.11.09 Packed-01!920F4D23D04A
McAfee-GW-Edition 6.8.5 2009.11.10 Packer.Obsidium[/B]
Microsoft 1.5202 2009.11.10 -
NOD32 4592 2009.11.10 -
Norman 6.03.02 2009.11.09 -
nProtect 2009.1.8.0 2009.11.10 -
Panda 10.0.2.2 2009.11.09 -
PCTools 7.0.3.5 2009.11.10 -
Prevx 3.0 2009.11.11 -
Rising 22.21.01.09 2009.11.10 -
[B]Sophos 4.47.0 2009.11.10 Sus/ComPack-C[/B]
Sunbelt 3.2.1858.2 2009.11.10 -
Symantec 1.4.4.12 2009.11.10 -
TheHacker 6.5.0.2.064 2009.11.09 -
TrendMicro 9.0.0.1003 2009.11.10 -
VBA32 3.12.10.11 2009.11.09 -
ViRobot 2009.11.10.2029 2009.11.10 -
VirusBuster 4.6.5.0 2009.11.09 -[/CODE]
Additional information
File&nbsp;size: 2168320 bytes
MD5&nbsp;&nbsp;&nbsp;: 920f4d23d04a7cccac2fa662f5d7e378
SHA1&nbsp;&nbsp;: f0bf57385000598f984e8b8b9760a28dd90da512
SHA256: efe1446525bc63e0d5d2b80810ddd4c81442ba98c74a24943da70d04b314f71c
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0xB000<br> timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 5 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> 0x1000 0x1000 0x200 1.13 394b9f49ebd3d1ccb29e1adfdcace756<br>.rsrc 0x2000 0x7000 0x2CC7 6.95 fea078288bf5dd5570242212045185e5<br> 0x9000 0x1000 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br> 0xA000 0x1000 0x18 1.44 74f6e97d38267683097a1a529152afbc<br> 0xB000 0xC000 0xC000 7.98 d0e0cd79d583da2f75ef73b2ae29587a<br> <br> ( 2 imports )<br> <br>&gt; kernel32.dll: ExitProcess<br>&gt; user32.dll: MessageBoxA<br> <br> ( 0 exports )<br>
TrID&nbsp;&nbsp;: File type identification<br>Win32 Executable Generic (58.3%)<br>Win16/32 Executable Delphi generic (14.1%)<br>Generic Win/DOS Executable (13.7%)<br>DOS Executable Generic (13.6%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 49152:7nPbAVsVYAuXcXPeqDsUImz0OkgfJOxe26uY42AWpL4m4rz:7nPbAmYA/Gc9Imzygsxh6uY42AWpLb4r
PEiD&nbsp;&nbsp;: -
packers&nbsp;(Kaspersky): Obsidium
RDS&nbsp;&nbsp;&nbsp;: NSRL Reference Data Set<br>-