Исследование антивирусов 6

Printable View

Показывать 40 сообщений этой темы на одной странице

26.10.2007, 11:34
Selmanuk

Файл realfoto.exe.5D5BEF92 получен 2007.10.26 09:14:32 (CET)Антивирус Версия Обновление Результат
[B]AntiVir 7.6.0.27 2007.10.26 HEUR/Crypted
BitDefender 7.2 2007.10.26 DeepScan:Generic.Malware.Bdld!!.E1FB9853
CAT-QuickHeal 9.00 2007.10.25 (Suspicious) - DNAScan
DrWeb 4.44.0.09170 2007.10.26 Trojan.DownLoader.35934
eSafe 7.0.15.0 2007.10.22 -503605165
F-Secure 6.70.13030.0 2007.10.26 Harnig.gen1
Kaspersky 7.0.0.125 2007.10.26 Heur.Trojan.Generic
Microsoft 1.2908 2007.10.26 TrojanDownloader:Win32/Agent.WX
NOD32v2 2618 2007.10.26 probably a variant of Win32/TrojanDownloader.Small.DRU
Norman 5.80.02 2007.10.25 Harnig.gen1
Panda 9.0.0.4 2007.10.26 Suspicious file
Sophos 4.22.0 2007.10.26 Mal/Packer
Sunbelt 2.2.907.0 2007.10.26 VIPRE.Suspicious
Symantec 10 2007.10.26 Downloader
VirusBuster 4.3.26:9 2007.10.25 Packed/FSG
Webwasher-Gateway 6.6.1 2007.10.26 Heuristic.Crypted
[/B]
Дополнительная информация
File size: 1861 bytes
MD5: 058a27b34937771c98f88a3d7675197f
SHA1: b2829f3bb9d0d56b9f1315a65ce384a8b343188b
packers: FSG
packers: FSG
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

[size="1"][color="#666686"][B][I]Добавлено через 7 минут[/I][/B][/color][/size]

Файл index_2_.htm.7FFFAE33 получен 2007.10.26 09:28:47 (CET)Антивирус Версия Обновление Результат
[B]AntiVir 7.6.0.27 2007.10.26 HTML/Shellcode.Gen
Authentium 4.93.8 2007.10.25 JS/IESlice.B@dl
Avast 4.7.1074.0 2007.10.25 JS:IESlice
AVG 7.5.0.503 2007.10.25 JS/Downloader.Agent
BitDefender 7.2 2007.10.26 Trojan.Exploit.Js.Vmlfill.D
DrWeb 4.44.0.09170 2007.10.26 Trojan.DownLoader.35207
eSafe 7.0.15.0 2007.10.22 JS.Downld.Troj
Ewido 4.0 2007.10.25 Downloader.Agent.hq
F-Prot 4.3.2.48 2007.10.25 JS/IESlice.B@dl
F-Secure 6.70.13030.0 2007.10.26 JS/IESlice.B@dl
McAfee 5149 2007.10.25 JS/Exploit-BO.gen
Microsoft 1.2908 2007.10.26 TrojanDownloader:Win32/Small.gen!Z
Rising 19.46.40.00 2007.10.26 Trojan.DL.JS.Agent.lfo
Sophos 4.22.0 2007.10.26 Mal/JSShell-B
Symantec 10 2007.10.26 Downloader
TheHacker 6.2.9.107 2007.10.25 JS/IE.Exploit
VirusBuster 4.3.26:9 2007.10.25 JS.Psyme.DF
Webwasher-Gateway 6.6.1 2007.10.26 Script.Shellcode.Gen[/B]

Дополнительная информация
File size: 7278 bytes
MD5: d402f0fa9fc74dda7b1516ad3ab3fa23
SHA1: a776ccd157021738474c929d7f641416bbb3a80b
26.10.2007, 14:52
drongo

[code]Файл file.data получен 2007.10.26 12:28:16 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.26.0 2007.10.26 -
[B]AntiVir 7.6.0.27 2007.10.26 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.10.25 -
Avast 4.7.1074.0 2007.10.25 -
AVG 7.5.0.503 2007.10.26 -
[B]BitDefender 7.2 2007.10.26 DeepScan:Generic.LdPinch1.94613D58
CAT-QuickHeal 9.00 2007.10.25 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.10.26 -
[B]DrWeb 4.44.0.09170 2007.10.26 Trojan.PWS.LDPinch.1941
eSafe 7.0.15.0 2007.10.22 Suspicious File[/B]
eTrust-Vet 31.2.5241 2007.10.25 -
Ewido 4.0 2007.10.25 -
FileAdvisor 1 2007.10.26 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.25 -
F-Secure 6.70.13030.0 2007.10.26 -
[B]Ikarus T3.1.1.12 2007.10.26 Backdoor.Win32.Prorat.19.i
Kaspersky 7.0.0.125 2007.10.26 Heur.Trojan.Generic
McAfee 5149 2007.10.25 PWS-LDPinch
Microsoft 1.2908 2007.10.26 PWS:Win32/Ldpinch.gen[/B]
NOD32v2 2619 2007.10.26 -
Norman 5.80.02 2007.10.26 -
[B]Panda 9.0.0.4 2007.10.26 Suspicious file
Prevx1 V2 2007.10.26 Heuristic: Suspicious Self Modifying EXE[/B]
Rising 19.46.41.00 2007.10.26 -
[B]Sophos 4.22.0 2007.10.26 Mal/Basine-C
Sunbelt 2.2.907.0 2007.10.26 VIPRE.Suspicious[/B]
Symantec 10 2007.10.26 -
TheHacker 6.2.9.107 2007.10.25 -
VBA32 3.12.2.4 2007.10.26 -
VirusBuster 4.3.26:9 2007.10.25 -
[B]Webwasher-Gateway 6.6.1 2007.10.26 Trojan.Crypt.XPACK.Gen[/B]
Дополнительная информация
File size: 20480 bytes
MD5: 690d77cca6d20246e87803eafeb06bed
SHA1: d4eb6d05641b93aeaee52c834b7ef1f557afb677
packers: PecBundle, PECompact
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=3252C4BF008177B550CA00CE98E8FC00ECFFB33E
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.[/code]
26.10.2007, 21:42
vaber

Файл nm_15_10_07_75_0.exe получен 2007.10.26 19:20:25 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.26.1 2007.10.26 -
AntiVir 7.6.0.30 2007.10.26 -
Authentium 4.93.8 2007.10.26 -
Avast 4.7.1074.0 2007.10.25 -
AVG 7.5.0.503 2007.10.26 -
[B]BitDefender 7.2 2007.10.26 BehavesLike:Win32.ExplorerHijack[/B]
CAT-QuickHeal 9.00 2007.10.26 -
ClamAV 0.91.2 2007.10.26 -
DrWeb 4.44.0.09170 2007.10.26 -
[B]eSafe 7.0.15.0 2007.10.22 suspicious Trojan/Worm[/B]
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.26 -
FileAdvisor 1 2007.10.26 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.25 -
F-Secure 6.70.13030.0 2007.10.26 -
Ikarus T3.1.1.12 2007.10.26 -
[B]Kaspersky 7.0.0.125 2007.10.26 Heur.Trojan.Generic[/B]
McAfee 5150 2007.10.26 -
Microsoft 1.2908 2007.10.26 -
NOD32v2 2619 2007.10.26 -
Norman 5.80.02 2007.10.26 -
Panda 9.0.0.4 2007.10.26 -
Prevx1 V2 2007.10.26 -
Rising 19.46.42.00 2007.10.26 -
[B]Sophos 4.22.0 2007.10.26 Mal/Behav-150[/B]
Sunbelt 2.2.907.0 2007.10.26 -
Symantec 10 2007.10.26 -
TheHacker 6.2.9.107 2007.10.25 -
VBA32 3.12.2.4 2007.10.26 -
VirusBuster 4.3.26:9 2007.10.26 -
Webwasher-Gateway 6.6.1 2007.10.26 -
Дополнительная информация
File size: 24064 bytes
MD5: c383ea5fb0ca6beb1d2a3f5bf13c5c79
SHA1: 7213a7a1ead53437e3eb1e69a755909889a9118d
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX

Файл rasta.exe получен 2007.10.26 20:30:18 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.26.1 2007.10.26 -
[B]AntiVir 7.6.0.30 2007.10.26 TR/Dropper.Gen[/B]
Authentium 4.93.8 2007.10.26 -
Avast 4.7.1074.0 2007.10.25 -
AVG 7.5.0.503 2007.10.26 -
BitDefender 7.2 2007.10.26 -
CAT-QuickHeal 9.00 2007.10.26 -
ClamAV 0.91.2 2007.10.26 -
DrWeb 4.44.0.09170 2007.10.26 -
eSafe 7.0.15.0 2007.10.22 -
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.26 -
FileAdvisor 1 2007.10.26 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.26 -
F-Secure 6.70.13030.0 2007.10.26 -
Ikarus T3.1.1.12 2007.10.26 -
Kaspersky 7.0.0.125 2007.10.26 -
McAfee 5150 2007.10.26 -
[B]Microsoft 1.2908 2007.10.26 TrojanDropper:Win32/Cutwail.A[/B]
NOD32v2 2619 2007.10.26 -
Norman 5.80.02 2007.10.26 -
Panda 9.0.0.4 2007.10.26 -
Prevx1 V2 2007.10.26 -
Rising 19.46.42.00 2007.10.26 -
[B]Sophos 4.22.0 2007.10.26 Troj/Pushdo-Gen[/B]
Sunbelt 2.2.907.0 2007.10.26 -
Symantec 10 2007.10.26 -
TheHacker 6.2.9.107 2007.10.25 -
VBA32 3.12.2.4 2007.10.26 -
VirusBuster 4.3.26:9 2007.10.26 -
[B]Webwasher-Gateway 6.6.1 2007.10.26 Trojan.Dropper.Gen[/B]
Дополнительная информация
File size: 20992 bytes
MD5: 090ab214e9505df6e49f50e3294178c2
SHA1: 2ef710e630b9c7a1d4ff43fa7e3b32ea321acaca

Файл iesetup.exe получен 2007.10.26 20:48:15 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.27.0 2007.10.26 -
Authentium 4.93.8 2007.10.26 -
Avast 4.7.1074.0 2007.10.25 -
[B]AVG 7.5.0.503 2007.10.26 Adware Generic2.TTC[/B]
BitDefender 7.2 2007.10.26 -
CAT-QuickHeal 9.00 2007.10.26 -
ClamAV 0.91.2 2007.10.26 -
DrWeb 4.44.0.09170 2007.10.26 -
eSafe 7.0.15.0 2007.10.22 -
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.26 -
FileAdvisor 1 2007.10.26 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.26 -
F-Secure 6.70.13030.0 2007.10.26 -
Ikarus T3.1.1.12 2007.10.26 -
Kaspersky 7.0.0.125 2007.10.26 -
McAfee 5150 2007.10.26 -
Microsoft 1.2908 2007.10.26 -
NOD32v2 2619 2007.10.26 -
Norman 5.80.02 2007.10.26 -
Panda 9.0.0.4 2007.10.26 -
Prevx1 V2 2007.10.26 -
Rising 19.46.42.00 2007.10.26 -
Sophos 4.22.0 2007.10.26 -
Sunbelt 2.2.907.0 2007.10.26 -
Symantec 10 2007.10.26 -
TheHacker 6.2.9.107 2007.10.25 -
VBA32 3.12.2.4 2007.10.26 -
VirusBuster 4.3.26:9 2007.10.26 -
[B]Webwasher-Gateway 6.6.1 2007.10.26 Trojan.Drop.Agent.888[/B]
Дополнительная информация
File size: 360502 bytes
MD5: 6a9e88cde02f6d97331249ce6427d4a9
SHA1: e23ae6e5553065afc09fe9d2fe0f195ff75dce37
27.10.2007, 09:25
NickGolovko

Файл avz00002.dta получен 2007.10.27 07:09:53 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.27.0 2007.10.26 -
[B]AntiVir 7.6.0.30 2007.10.26 TR/Crypt.XPACK.Gen [/B]
Authentium 4.93.8 2007.10.26 -
Avast 4.7.1074.0 2007.10.26 -
AVG 7.5.0.503 2007.10.26 -
BitDefender 7.2 2007.10.27 -
[B]CAT-QuickHeal 9.00 2007.10.26 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.10.27 -
[B]DrWeb 4.44.0.09170 2007.10.26 Trojan.Spambot.2444 [/B]
[B]eSafe 7.0.15.0 2007.10.22 Suspicious File[/B]
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.26 -
FileAdvisor 1 2007.10.27 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.26 -
F-Secure 6.70.13030.0 2007.10.26 -
Ikarus T3.1.1.12 2007.10.27 -
Kaspersky 7.0.0.125 2007.10.27 -
McAfee 5150 2007.10.26 -
Microsoft 1.2908 2007.10.27 -
NOD32v2 2620 2007.10.27 -
Norman 5.80.02 2007.10.26 -
[B]Panda 9.0.0.4 2007.10.27 Suspicious file [/B]
Prevx1 V2 2007.10.27 -
Rising 19.46.42.00 2007.10.26 -
[B]Sophos 4.22.0 2007.10.27 Mal/Basine-C [/B]
Sunbelt 2.2.907.0 2007.10.27 -
Symantec 10 2007.10.27 -
TheHacker 6.2.9.107 2007.10.25 -
[B]VBA32 3.12.2.4 2007.10.26 Trojan.Spambot.2444[/B]
VirusBuster 4.3.26:9 2007.10.26 -
[B]Webwasher-Gateway 6.6.1 2007.10.27 Trojan.Crypt.XPACK.Gen[/B]
Дополнительная информация
File size: 34774 bytes
MD5: eaa7fd91e46a9be981f4ea10904dedf5
SHA1: fac2d79fac98bd44cdb9d4403f9c65197ceae29e
29.10.2007, 00:09
TANUKI

Файл mails.exe получен 2007.10.28 21:17:42 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.27.0 2007.10.26 -
AntiVir 7.6.0.30 2007.10.26 -
Authentium 4.93.8 2007.10.28 -
Avast 4.7.1074.0 2007.10.28 -
AVG 7.5.0.503 2007.10.28 -
BitDefender 7.2 2007.10.28 -
CAT-QuickHeal 9.00 2007.10.26 -
ClamAV 0.91.2 2007.10.28 -
[B]DrWeb 4.44.0.09170 2007.10.28 Trojan.Packed.147[/B]
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.28 -
FileAdvisor 1 2007.10.28 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.26 -
F-Secure 6.70.13030.0 2007.10.28 -
Ikarus T3.1.1.12 2007.10.28 -
[B]Kaspersky 7.0.0.125 2007.10.28 Trojan-Dropper.Win32.Small.bbs[/B]
McAfee 5150 2007.10.26 -
[B]Microsoft 1.2908 2007.10.28 Virus:Win32/Grum.G[/B]
[B]NOD32v2 2621 2007.10.28 probably unknown NewHeur_PE virus[/B]
Norman 5.80.02 2007.10.26 -
Panda 9.0.0.4 2007.10.28 -
Prevx1 V2 2007.10.28 -
Rising 19.46.61.00 2007.10.28 -
Sophos 4.23.0 2007.10.28 -
Sunbelt 2.2.907.0 2007.10.27 -
Symantec 10 2007.10.28 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.28 -
VirusBuster 4.3.26:9 2007.10.28 -
Webwasher-Gateway 6.6.1 2007.10.28 -

Файл 603-a.exe получен 2007.10.28 21:17:34 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.27.0 2007.10.26 -
AntiVir 7.6.0.30 2007.10.26 -
Authentium 4.93.8 2007.10.28 -
Avast 4.7.1074.0 2007.10.28 -
AVG 7.5.0.503 2007.10.28 -
[B]BitDefender 7.2 2007.10.28 Trojan.Proxy.Agent.AZP[/B]
CAT-QuickHeal 9.00 2007.10.26 -
ClamAV 0.91.2 2007.10.28 -
DrWeb 4.44.0.09170 2007.10.28 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.28 -
FileAdvisor 1 2007.10.28 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.26 -
F-Secure 6.70.13030.0 2007.10.28 -
[B]Ikarus T3.1.1.12 2007.10.28 Trojan.Win32.Agent.asu
Kaspersky 7.0.0.125 2007.10.28 Trojan-Dropper.Win32.Agent.ckh[/B]
McAfee 5150 2007.10.26 -
Microsoft 1.2908 2007.10.28 -
NOD32v2 2621 2007.10.28 -
Norman 5.80.02 2007.10.26 -
Panda 9.0.0.4 2007.10.28 -
Prevx1 V2 2007.10.28 -
Rising 19.46.61.00 2007.10.28 -
Sophos 4.23.0 2007.10.28 -
Sunbelt 2.2.907.0 2007.10.27 -
Symantec 10 2007.10.28 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.28 -
VirusBuster 4.3.26:9 2007.10.28 -
Webwasher-Gateway 6.6.1 2007.10.28 -
29.10.2007, 01:02
vaber

Файл u12_frk_abc123.exe получен 2007.10.28 22:48:33 (CET)

Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.27.0 2007.10.26 -
AntiVir 7.6.0.30 2007.10.28 -
Authentium 4.93.8 2007.10.28 -
Avast 4.7.1074.0 2007.10.28 -
AVG 7.5.0.503 2007.10.28 -
BitDefender 7.2 2007.10.28 -
CAT-QuickHeal 9.00 2007.10.26 -
ClamAV 0.91.2 2007.10.28 -
DrWeb 4.44.0.09170 2007.10.28 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5244 2007.10.26 -
Ewido 4.0 2007.10.28 -
FileAdvisor 1 2007.10.28 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.26 -
F-Secure 6.70.13030.0 2007.10.28 -
[B]Ikarus T3.1.1.12 2007.10.28 Trojan-Downloader.Win32.Small.evh[/B]
Kaspersky 7.0.0.125 2007.10.28 -
McAfee 5150 2007.10.26 -
Microsoft 1.2908 2007.10.28 -
[B]NOD32v2 2622 2007.10.28 a variant of Win32/TrojanProxy.Xorpix.BS[/B]
Norman 5.80.02 2007.10.26 -
Panda 9.0.0.4 2007.10.28 -
Prevx1 V2 2007.10.28 -
Rising 19.46.61.00 2007.10.28 -
Sophos 4.23.0 2007.10.28 -
Sunbelt 2.2.907.0 2007.10.27 -
[B]Symantec 10 2007.10.28 Backdoor.Eterok.C[/B]
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.28 -
VirusBuster 4.3.26:9 2007.10.28 -
Webwasher-Gateway 6.6.1 2007.10.28 -
Дополнительная информация
File size: 23040 bytes
MD5: 2c0157d1701d48c30fc10db4bcf8c9e3
SHA1: dcf27144f0bcf6b535c110ecb00c4aa25e184f7f
30.10.2007, 09:35
Brutal

В винсоксе у юзера нашел.

File t0.dll received on 10.30.2007 07:01:57 (CET)

[B]Antivirus Version Last Update Result[/B]
AhnLab-V3 2007.10.30.0 2007.10.30 -
[B]AntiVir 7.6.0.30 2007.10.29 TR/Dldr.Agent.dda[/B]
Authentium 4.93.8 2007.10.29 -
[B]Avast 4.7.1074.0 2007.10.29 Win32:Agent-LOO
AVG 7.5.0.503 2007.10.29 Generic8.HES[/B]
[B]BitDefender 7.2 2007.10.30 Generic.Malware.Fdld.A516C50D[/B]
CAT-QuickHeal 9.00 2007.10.29 -
ClamAV 0.91.2 2007.10.30 -
[B]DrWeb 4.44.0.09170 2007.10.30 Trojan.DownLoader.35253[/B]
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5252 2007.10.30 -
Ewido 4.0 2007.10.29 -
FileAdvisor 1 2007.10.30 -
[B]Fortinet 3.11.0.0 2007.10.19 Heuri.E[/B]
F-Prot 4.3.2.48 2007.10.29 -
[B]F-Secure 6.70.13030.0 2007.10.30 Trojan.Win32.Agent.bvn
Ikarus T3.1.1.12 2007.10.30 Trojan-Downloader.Win32.Agent.but
Kaspersky 7.0.0.125 2007.10.30 Trojan.Win32.Agent.bvn[/B]
McAfee 5151 2007.10.29 -
[B]Microsoft 1.2908 2007.10.30 Trojan:Win32/Agent.ADA
NOD32v2 2626 2007.10.30 Win32/TrojanDownloader.Agent.NSB[/B]
Norman 5.80.02 2007.10.29 -
[B]Panda 9.0.0.4 2007.10.30 Suspicious file[/B]
Prevx1 V2 2007.10.30 -
[B]Rising 19.47.10.00 2007.10.30 Trojan.Win32.Agent.bvn
Sophos 4.23.0 2007.10.30 Mal/Heuri-E
Sunbelt 2.2.907.0 2007.10.29 Trojan.Win32/Agent.ADA[/B]
Symantec 10 2007.10.30 -
[B]TheHacker 6.2.9.110 2007.10.27 Trojan/Agent.bvn
VBA32 3.12.2.4 2007.10.28 Trojan.Win32.Agent.bvn[/B]
VirusBuster 4.3.26:9 2007.10.29 -
[B]Webwasher-Gateway 6.6.1 2007.10.29 Trojan.Dldr.Agent.dda[/B]

Additional information
File size: 30208 bytes
MD5: 0866b8b38b4b3b35cc4175161ca39f8f
SHA1: 3dfd5c6f2d232bc89a97feeb9ab2ab16cc1bb863
packers: UPX
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX

[size="1"][color="#666686"][B][I]Добавлено через 3 минуты[/I][/B][/color][/size]

Мне кто-нибудь ответит, что у вас означает пункт "Pack/Crypt" вот в этой диаграмме?:
[url]http://virusinfo.info/attachment.php?attachmentid=19218&d=1191562708[/url]
30.10.2007, 10:11
ISO

File patch.exe received on 10.30.2007 07:52:49 (CET)
Current status: finished
Result: 19/31 (61.3%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.10.30.0 2007.10.30 -
[B]AntiVir 7.6.0.30 2007.10.29 TR/PSW.OnlineGames.aci.113[/B]
Authentium 4.93.8 2007.10.29 -
Avast 4.7.1074.0 2007.10.29 -
AVG 7.5.0.503 2007.10.29 -
[B]BitDefender 7.2 2007.10.30 Trojan.Pws.Onlinegames.ACI
CAT-QuickHeal 9.00 2007.10.29 TrojanPSW.OnLineGames.es
ClamAV 0.91.2 2007.10.30 PUA.Packed.UPack-2[/B]
DrWeb 4.44.0.09170 2007.10.30 -
[B]eSafe 7.0.15.0 2007.10.28 Win32.OnLineGames.ac[/B]
eTrust-Vet 31.2.5253 2007.10.30 -
Ewido 4.0 2007.10.29 -
[B]FileAdvisor 1 2007.10.30 High threat detected[/B]
[B]Fortinet 3.11.0.0 2007.10.19 Patch.F!tr[/B]
F-Prot 4.3.2.48 2007.10.29 -
[B]F-Secure 6.70.13030.0 2007.10.30 Trojan-PSW.Win32.OnLineGames.aci[/B]
[B]Ikarus T3.1.1.12 2007.10.30 Trojan-Downloader.Win32.Zlob.and
Kaspersky 7.0.0.125 2007.10.30 Trojan-PSW.Win32.OnLineGames.aci
McAfee 5151 2007.10.29 New Malware.aj
Microsoft 1.2908 2007.10.30 HackTool:Win32/Patch.A[/B]
NOD32v2 2626 2007.10.30 -
[B]Norman 5.80.02 2007.10.29 W32/Suspicious_U.gen
Panda 9.0.0.4 2007.10.30 Trj/Lineage.BZE[/B]
Prevx1 V2 2007.10.30 -
Rising 19.47.10.00 2007.10.30 -
[B]Sophos 4.23.0 2007.10.30 Troj/Patch-F
Sunbelt 2.2.907.0 2007.10.29 VIPRE.Suspicious[/B]
Symantec 10 2007.10.30 -
[B]TheHacker 6.2.9.110 2007.10.27 Trojan/PSW.OnLineGames.aci
VBA32 3.12.2.4 2007.10.28 Trojan-PSW.Win32.OnLineGames.aci
VirusBuster 4.3.26:9 2007.10.29 Packed/Upack[/B]
Additional information
File size: 8120 bytes
MD5: 2d5b60d000d7792ec504127c6ee238ff
SHA1: 593335fa2eddcbd5d69a981dd17d896a289a4455
Bit9 info: [url]http://fileadvisor.bit9.com/services/extinfo.aspx?md5=2d5b60d000d7792ec504127c6ee238ff[/url]
packers: UPack
packers: PE_Patch
31.10.2007, 05:07
ZhIV

Файл setuprs1.rar получен 2007.10.31 02:42:40 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.31.0 2007.10.30 -
[B]AntiVir 7.6.0.30 2007.10.30 BDS/Hupigon.Gen[/B]
Authentium 4.93.8 2007.10.30 -
Avast 4.7.1074.0 2007.10.30 -
AVG 7.5.0.503 2007.10.30 -
BitDefender 7.2 2007.10.31 -
[B]CAT-QuickHeal 9.00 2007.10.30 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.10.30 -
DrWeb 4.44.0.09170 2007.10.30 -
[B]eSafe 7.0.15.0 2007.10.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.2.5253 2007.10.30 -
Ewido 4.0 2007.10.30 -
FileAdvisor 1 2007.10.31 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.30 -
[B]F-Secure 6.70.13030.0 2007.10.31 W32/Delf.AECZ
Ikarus T3.1.1.12 2007.10.31 Backdoor.Win32.Hupigon.MY[/B]
Kaspersky 7.0.0.125 2007.10.31 -
[B]McAfee 5152 2007.10.30 Generic BackDoor[/B]
Microsoft 1.2908 2007.10.31 -
NOD32v2 2627 2007.10.30 -
Norman 5.80.02 2007.10.30 -
Panda 9.0.0.4 2007.10.30 -
Prevx1 V2 2007.10.31 -
Rising 19.47.12.00 2007.10.30 -
[B]Sophos 4.23.0 2007.10.30 Mal/Packer[/B]
Sunbelt 2.2.907.0 2007.10.31 -
Symantec 10 2007.10.31 -
[B]TheHacker 6.2.9.110 2007.10.27 W32/Behav-Heuristic-067[/B]
VBA32 3.12.2.4 2007.10.28 -
[B]VirusBuster 4.3.26:9 2007.10.30 Packed/NSPack
Webwasher-Gateway 6.6.1 2007.10.31 Trojan.Hupigon.Gen[/B]
Дополнительная информация
File size: 127648 bytes
MD5: ab66a9f07cfa012fb79e1543369a148e
SHA1: e4620b4eaf0af3d254b1ea5d96fde2d3a2b15adb
packers: NSPack, PE_Patch
packers: NSPack, NSPack

[size="1"][color="#666686"][B][I]Добавлено через 9 минут[/I][/B][/color][/size]

Файл mshost.exe получен 2007.10.31 02:58:57 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.31.0 2007.10.30 -
AntiVir 7.6.0.30 2007.10.30 -
Authentium 4.93.8 2007.10.30 -
Avast 4.7.1074.0 2007.10.30 -
AVG 7.5.0.503 2007.10.30 -
BitDefender 7.2 2007.10.31 -
CAT-QuickHeal 9.00 2007.10.30 -
ClamAV 0.91.2 2007.10.30 -
[B]DrWeb 4.44.0.09170 2007.10.30 Win32.HLLW.Autoruner.784
eSafe 7.0.15.0 2007.10.28 suspicious Trojan/Worm[/B]
eTrust-Vet 31.2.5253 2007.10.30 -
Ewido 4.0 2007.10.30 -
FileAdvisor 1 2007.10.31 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.30 -
[B]F-Secure 6.70.13030.0 2007.10.31 Virus.Win32.AutoRun.yy
Ikarus T3.1.1.12 2007.10.31 Virus.Win32.AutoRun.yy
Kaspersky 7.0.0.125 2007.10.31 Virus.Win32.AutoRun.yy[/B]
McAfee 5152 2007.10.30 -
Microsoft 1.2908 2007.10.31 -
NOD32v2 2627 2007.10.30 -
Norman 5.80.02 2007.10.30 -
[B]Panda 9.0.0.4 2007.10.30 Suspicious file
Prevx1 V2 2007.10.31 Heuristic: Suspicious File With Covert Attributes[/B]
Rising 19.47.12.00 2007.10.30 -
Sophos 4.23.0 2007.10.30 -
Sunbelt 2.2.907.0 2007.10.31 -
Symantec 10 2007.10.31 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.28 -
VirusBuster 4.3.26:9 2007.10.30 -
Webwasher-Gateway 6.6.1 2007.10.31 -
Дополнительная информация
File size: 192512 bytes
MD5: 4cc7c9d5bef15e7c62849cbceba6fe34
SHA1: f6e465264ef4e56aaafdb421e8a61e6522a1ad94
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=8739257F00048F9DF068025631F92A00B1C6F298[/url]
31.10.2007, 19:52
drongo

BitAccelerator- меняет md5, но не суть.
можно посмотреть какие из лабораторий не торопятся следить за изменениями.
[code]
Файл BitAccelerator.dta получен 2007.10.31 17:37:43 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2007.10.31.1 2007.10.31 -
AntiVir 7.6.0.30 2007.10.31 -
Authentium 4.93.8 2007.10.30 -
Avast 4.7.1074.0 2007.10.31 -
AVG 7.5.0.503 2007.10.31 -
[b]BitDefender 7.2 2007.10.31 Adware.BHO.WPW[/b]
CAT-QuickHeal 9.00 2007.10.31 -
[b]ClamAV 0.91.2 2007.10.31 Adware.BHO-50[/b]
DrWeb 4.44.0.09170 2007.10.31 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5256 2007.10.31 -
Ewido 4.0 2007.10.31 -
FileAdvisor 1 2007.10.31 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.3.2.48 2007.10.30 -
F-Secure 6.70.13030.0 2007.10.31 -
[b]Ikarus T3.1.1.12 2007.10.31 Virus.Win32.AdWare
Kaspersky 7.0.0.125 2007.10.31 not-a-virus:AdWare.Win32.BHO.ic[/b]
McAfee 5152 2007.10.30 -
Microsoft 1.2908 2007.10.31 -
NOD32v2 2630 2007.10.31 -
Norman 5.80.02 2007.10.31 -
Panda 9.0.0.4 2007.10.31 -
Prevx1 V2 2007.10.31 -
Rising 19.47.21.00 2007.10.31 -
Sophos 4.23.0 2007.10.31 -
Sunbelt 2.2.907.0 2007.10.31 -
Symantec 10 2007.10.31 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.28 -
VirusBuster 4.3.26:9 2007.10.31 -
Webwasher-Gateway 6.0.1 2007.10.31 -
Дополнительная информация
File size: 394124 bytes
MD5: 97209ee33ade0ba71326964ef8210364
SHA1: e93c7ccf12bf8b091be0084c689772abc494a84b[/code]
31.10.2007, 21:03
Kuzz

AhnLab-V3 2007.11.1.0 2007.10.31 -
[B]AntiVir 7.6.0.30 2007.10.31 TR/PSW.LdPinch.dkt[/B]
Authentium 4.93.8 2007.10.31 -
Avast 4.7.1074.0 2007.10.31 -
[B]AVG 7.5.0.503 2007.10.31 Dropper.Delf.KM
BitDefender 7.2 2007.10.31 Trojan.Agent.AFLF
CAT-QuickHeal 9.00 2007.10.31 TrojanPSW.LdPinch.dkt
ClamAV 0.91.2 2007.10.31 Trojan.LdPinch-1029
[COLOR="Red"]DrWeb 4.44.0.09170 2007.10.31 Trojan.MulDrop.9120[/COLOR]
eSafe 7.0.15.0 2007.10.28 Win32.LdPinch.dkt[/B]
eTrust-Vet 31.2.5256 2007.10.31 -
Ewido 4.0 2007.10.31 -
FileAdvisor 1 2007.10.31 -
[B]Fortinet 3.11.0.0 2007.10.19 W32/LdPinch.DKT!tr.pws[/B]
F-Prot 4.3.2.48 2007.10.31 -
[B]F-Secure 6.70.13030.0 2007.10.31 Trojan-PSW.Win32.LdPinch.dkt
[COLOR="Red"]Ikarus T3.1.1.12 2007.10.31 Trojan.MulDrop.9120[/COLOR]
Kaspersky 7.0.0.125 2007.10.31 Trojan-PSW.Win32.LdPinch.dkt[/B]
McAfee 5152 2007.10.30 -
Microsoft 1.2908 2007.10.31 -
NOD32v2 2630 2007.10.31 -
Norman 5.80.02 2007.10.31 -
[B]Panda 9.0.0.4 2007.10.31 Trj/Ldpinch.WE[/B]
Prevx1 V2 2007.10.31 -
[B]Rising 19.47.21.00 2007.10.31 Trojan.PSW.Win32.LdPinch.dkt[/B]
Sophos 4.23.0 2007.10.31 -
Sunbelt 2.2.907.0 2007.10.31 -
Symantec 10 2007.10.31 -
[B]TheHacker 6.2.9.110 2007.10.27 Trojan/PSW.LdPinch.dkt[/B]
[B][COLOR="Red"]VBA32 3.12.2.4 2007.10.28 Trojan.MulDrop.9120
[/COLOR][/B]VirusBuster 4.3.26:9 2007.10.31 -
01.11.2007, 00:39
XL

Очередная реинкарнация:

[QUOTE]Файл halloween.exe получен 2007.10.31 22:28:29 (CET)

AhnLab-V3 2007.11.1.0 2007.10.31 -
[B]AntiVir 7.6.0.30 2007.10.31 WORM/Zhelatin.Gen
Authentium 4.93.8 2007.10.31 W32/StormWorm.G[/B]
Avast 4.7.1074.0 2007.10.31 -
[B]AVG 7.5.0.503 2007.10.31 Downloader.Tibs
BitDefender 7.2 2007.10.31 Trojan.Peed.INN
CAT-QuickHeal 9.00 2007.10.31 (Suspicious) - DNAScan
ClamAV 0.91.2 2007.10.31 Trojan.Peed-44
DrWeb 4.44.0.09170 2007.10.31 Trojan.Packed.162
eSafe 7.0.15.0 2007.10.28 Suspicious File
eTrust-Vet 31.2.5256 2007.10.31 Win32/Sintun.AK[/B]
Ewido 4.0 2007.10.31 -
FileAdvisor 1 2007.10.31 -
Fortinet 3.11.0.0 2007.10.19 -
[B]F-Prot 4.3.2.48 2007.10.31 W32/StormWorm.G[/B]
F-Secure 6.70.13030.0 2007.10.31 -
Ikarus T3.1.1.12 2007.10.31 -
Kaspersky 7.0.0.125 2007.10.31 -
McAfee 5153 2007.10.31 -
[B]Microsoft 1.2908 2007.10.31 TrojanDropper:Win32/Nuwar.gen!avkill
NOD32v2 2630 2007.10.31 probably unknown NewHeur_PE virus
Norman 5.80.02 2007.10.31 Tibs.gen177[/B]
Panda 9.0.0.4 2007.10.31 -
Prevx1 V2 2007.10.31 -
Rising 19.47.21.00 2007.10.31 -
[B]Sophos 4.23.0 2007.10.31 Mal/Behav-146[/B]
Sunbelt 2.2.907.0 2007.10.31 -
[B]Symantec 10 2007.10.31 Trojan.Peacomm.B[/B]
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.10.31 -
VirusBuster 4.3.26:9 2007.10.31 -
[B]Webwasher-Gateway 6.6.1 2007.10.31 Worm.Zhelatin.Gen[/B]
Дополнительная информация
File size: 112346 bytes
MD5: 791d713d7795d7cb051774be76203207
SHA1: d7cdfbee6de020b68a7a2b7f68d1c4d7208b03fb[/QUOTE]
01.11.2007, 10:06
Shu_b

Вложений: 1

Итого за месяц.
02.11.2007, 16:08
Shu_b

о как... тема 13760[CODE]File mssrv32.exe received on 11.02.2007 13:54:37 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.2.1 2007.11.02 -
[B]AntiVir 7.6.0.30 2007.11.02 TR/Dldr.Agent.ZAA[/B]
Authentium 4.93.8 2007.11.01 -
Avast 4.7.1074.0 2007.11.02 -
AVG 7.5.0.503 2007.11.02 -
[B]BitDefender 7.2 2007.11.02 Trojan.PWS.LDPinch.TDD[/B]
CAT-QuickHeal 9.00 2007.11.02 -
ClamAV 0.91.2 2007.11.02 -
[B]DrWeb 4.44.0.09170 2007.11.02 Trojan.Packed.194[/B]
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5262 2007.11.02 -
Ewido 4.0 2007.11.02 -
FileAdvisor 1 2007.11.02 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.02 -
F-Secure 6.70.13030.0 2007.11.02 -
[B]Ikarus T3.1.1.12 2007.11.02 Virus.Win32.Zapchast.DA[/B]
Kaspersky 7.0.0.125 2007.11.02 -
McAfee 5154 2007.11.01 -
Microsoft 1.2908 2007.11.02 -
[B]NOD32v2 2633 2007.11.02 Win32/PSW.LdPinch.NFO[/B]
Norman 5.80.02 2007.11.02 -
Panda 9.0.0.4 2007.11.02 -
[B]Prevx1 V2 2007.11.02 Malware.Gen[/B]
Rising 20.16.42.00 2007.11.02 -
[B]Sophos 4.23.0 2007.11.02 Mal/Dropper-T
Sunbelt 2.2.907.0 2007.10.31 Trojan.PWS.LDPinch.TDD[/B]
Symantec 10 2007.11.02 -
TheHacker 6.2.9.110 2007.10.27 -
[B]VBA32 3.12.2.4 2007.11.02 Trojan.Win32.PSW.LdPinch.NFO[/B]
VirusBuster 4.3.26:9 2007.11.01 -
Additional information
File size: 32768 bytes[/CODE]
02.11.2007, 21:19
Макcим

Файл 2007-11-02.rar получен 2007.11.02 19:09:29 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 TR/Dldr.Stration.Gen
Avast 4.7.1074.0 2007.11.02 Win32:Warezov-CRS
AVG 7.5.0.503 2007.11.02 I-Worm/Stration.DJG
BitDefender 7.2 2007.11.02 Win32.Stration.Gen@mm
CAT-QuickHeal 9.00 2007.11.02 I-Worm.Warezov.ny
DrWeb 4.44.0.09170 2007.11.02 Win32.HLLM.Limar
eSafe 7.0.15.0 2007.10.28 Win32.Stration.DB
Ewido 4.0 2007.11.02 Worm.Warezov.zm
Fortinet 3.11.0.0 2007.10.19 PossibleThreat
F-Prot 4.4.2.54 2007.11.02 W32/Warezov.ABW
Ikarus T3.1.1.12 2007.11.02 Win32.Stration
McAfee 5155 2007.11.02 W32/Stration@MM
Microsoft 1.2908 2007.11.02 Trojan:Win32/Stration.gen!C
NOD32v2 2634 2007.11.02 Win32/Stration.ZM
Panda 9.0.0.4 2007.11.02 Generic Worm
Rising 20.16.42.00 2007.11.02 Worm.Mail.Win32.Warezov.no
Sophos 4.23.0 2007.11.02 W32/Strati-Gen
Sunbelt 2.2.907.0 2007.11.02 W32.Stration.DB@mm
Symantec 10 2007.11.02 W32.Stration.DB@mm
VBA32 3.12.2.4 2007.11.02 MalwareScope.Worm.Warezov.1[/B][/QUOTE]Дополнительная информация
File size: 381171 bytes
MD5: 2026564c39ddf422b71349f8b884c2e7
SHA1: b74dd2b0ffa6e2386bbf04356c5cd07370dba9d8
Sunbelt info: W32.Stration.DB@mm is a mass mailing worm that carries an infected attachment and spreads by sending a copy of itself to every email address in the victim's computer.

Файл _install.exe.7FFFFFC3 получен 2007.11.02 20:37:42 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 WORM/Zhelatin.Gen
Authentium 4.93.8 2007.11.02 W32/StormWorm.G
Avast 4.7.1074.0 2007.11.02 Win32:Tibs-BLT
AVG 7.5.0.503 2007.11.02 Downloader.Tibs.8.F
BitDefender 7.2 2007.11.02 Trojan.Peed.INN
CAT-QuickHeal 9.00 2007.11.02 (Suspicious) - DNAScan
ClamAV 0.91.2 2007.11.02 Trojan.Peed-44
DrWeb 4.44.0.09170 2007.11.02 Trojan.Packed.162
eSafe 7.0.15.0 2007.10.28 Suspicious File
eTrust-Vet 31.2.5262 2007.11.02 Win32/Sintun.AK
F-Prot 4.4.2.54 2007.11.02 W32/StormWorm.G
F-Secure 6.70.13030.0 2007.11.02 Packed.Win32.Tibs.dg
Ikarus T3.1.1.12 2007.11.02 Packed.Win32.Tibs.dg
Kaspersky 7.0.0.125 2007.11.02 Packed.Win32.Tibs.dg
McAfee 5155 2007.11.02 Tibs-Packed
Microsoft 1.2908 2007.11.02 Trojan:Win32/Tibs.EV
NOD32v2 2634 2007.11.02 Win32/Nuwar.Gen
Norman 5.80.02 2007.11.02 Tibs.gen177
Sophos 4.23.0 2007.11.02 Mal/Dorf-F
Symantec 10 2007.11.02 Trojan.Peacomm.B
Webwasher-Gateway 6.6.1 2007.11.02 Worm.Zhelatin.Gen[/B][/QUOTE]Дополнительная информация
File size: 113370 bytes
MD5: 14b25ba8a3e700f90eec3c0ab5a3ab49
SHA1: 57581352befdd5cc149b1744cca70bcf2eb5afc2

Файл 2007-11-02.rar получен 2007.11.02 20:49:46 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 ADSPY/NetAdware.AC.1
Avast 4.7.1074.0 2007.11.02 Win32:Zlob-AFG
AVG 7.5.0.503 2007.11.02 Downloader.Zlob.QSD
BitDefender 7.2 2007.11.02 Adware.NetAdware.AA
CAT-QuickHeal 9.00 2007.11.02 AdWare.Vapsup.kg (Not a Virus)
eSafe 7.0.15.0 2007.10.28 suspicious Trojan/Worm
Ikarus T3.1.1.12 2007.11.02 AdWare.NetAdware.E
NOD32v2 2634 2007.11.02 Win32/Adware.Agent.NHS
Panda 9.0.0.4 2007.11.02 Suspicious file
Prevx1 V2 2007.11.02 Heuristic: Suspicious File With Covert Attributes
Webwasher-Gateway 6.6.1 2007.11.02 Ad-Spyware.NetAdware.AC.1[/B][/QUOTE]Дополнительная информация
File size: 3510625 bytes
MD5: 4eb64cd05568968115dc795ee7541686
SHA1: 07e1fe2188fddb50fb5c90fe0af6c2fded282ab5
packers: UPX_LZMA
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=75896255007C45163C5B45DDD1D658000E174DB6[/url]
03.11.2007, 17:26
Макcим

Файл IcqControl.dll получен 2007.11.03 11:20:52 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 HEUR/Crypted
AVG 7.5.0.503 2007.11.02 BackDoor.Hupigon2.KNN
eSafe 7.0.15.0 2007.10.28 Suspicious File
FileAdvisor 1 2007.11.03 High threat detected
Norman 5.80.02 2007.11.02 W32/Suspicious_N.gen
Sophos 4.23.0 2007.11.03 Mal/Packer
TheHacker 6.2.9.110 2007.10.27 W32/Behav-Heuristic-067
Webwasher-Gateway 6.6.1 2007.11.02 Heuristic.Crypted[/B][/QUOTE]Дополнительная информация
File size: 208384 bytes
MD5: f04f5b0359404bd3ac349a82465494e2
SHA1: a8916be5fd43f1d5e69df2cac38c0fcc7f628bf4
Bit9 info: [url]http://fileadvisor.bit9.com/services/extinfo.aspx?md5=f04f5b0359404bd3ac349a82465494e2[/url]
packers: NSPack, PE_Patch
packers: NSPack

[size="1"][color="#666686"][B][I]Добавлено через 13 минут[/I][/B][/color][/size]

Файл install_cr.exe получен 2007.11.03 11:28:51 (CET)
[QUOTE][B]Avast 4.7.1074.0 2007.11.03 Win32:Zlob-AFG
AVG 7.5.0.503 2007.11.02 Downloader.Zlob
BitDefender 7.2 2007.11.03 Adware.NetAdware.AE[/B][/QUOTE]Дополнительная информация
File size: 200131 bytes
MD5: 06ab52f74863c917f8402a06a2b51332
SHA1: 6278e5eb0aa4dc8543297ec4e5bb398e2e76ee95

[size="1"][color="#666686"][B][I]Добавлено через 46 минут[/I][/B][/color][/size]

Файл load.exe получен 2007.11.03 12:27:12 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 TR/Crypt.XPACK.Gen
AVG 7.5.0.503 2007.11.02 SHeur.XIC
CAT-QuickHeal 9.00 2007.11.02 (Suspicious) - DNAScan
ClamAV 0.91.2 2007.11.03 PUA.Packed.UPack-2
eSafe 7.0.15.0 2007.10.28 Suspicious File
F-Prot 4.4.2.54 2007.11.02 W32/Heuristic-162!Eldorado
F-Secure 6.70.13030.0 2007.11.02 Trojan-Dropper.Win32.Agent.clo
Ikarus T3.1.1.12 2007.11.03 Trojan-Downloader.Win32.Zlob.and
Kaspersky 7.0.0.125 2007.11.03 Trojan-Dropper.Win32.Agent.clo
McAfee 5155 2007.11.02 New Malware.aj
Norman 5.80.02 2007.11.02 W32/Zlob.ARTB
Panda 9.0.0.4 2007.11.03 Suspicious file
Sophos 4.23.0 2007.11.03 Mal/Packer
Sunbelt 2.2.907.0 2007.11.02 VIPRE.Suspicious
TheHacker 6.2.9.110 2007.10.27 W32/Behav-Heuristic-060
VirusBuster 4.3.26:9 2007.11.02 Packed/Upack
Webwasher-Gateway 6.6.1 2007.11.02 Trojan.Crypt.XPACK.Gen[/B][/QUOTE]Дополнительная информация
File size: 46088 bytes
MD5: 59f41d310b88d924d2a113b939697499
SHA1: a4bd83f6707df4e58aade38ea8717a6cae3854d8
packers: UPack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

[size="1"][color="#666686"][B][I]Добавлено через 2 часа 48 минут[/I][/B][/color][/size]

Файл gping_205.exe получен 2007.11.03 15:18:31 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 DR/MicroJoiner.Gen
AVG 7.5.0.503 2007.11.03 Win32/PolyCrypt
CAT-QuickHeal 9.00 2007.11.03 TrojanPSW.LdPinch.eap
F-Secure 6.70.13030.0 2007.11.02 Trojan-PSW.Win32.LdPinch.eap
Ikarus T3.1.1.12 2007.11.03 Trojan-PWS.Win32.LdPinch.eap
Kaspersky 7.0.0.125 2007.11.03 Trojan-PSW.Win32.LdPinch.eap
Panda 9.0.0.4 2007.11.03 Suspicious file
Webwasher-Gateway 6.6.1 2007.11.02 Trojan.MicroJoiner.Gen[/B][/QUOTE]Дополнительная информация
File size: 1274368 bytes
MD5: 335ca696a5aa477cd8c87157cf40145c
SHA1: ed044a0c4a3a0b35b3068340eee930781dcf2aa8
04.11.2007, 09:40
456

[INDENT][INDENT][LEFT] Файл bin1.exe получен 2007.11.04 06:49:29 (CET)
Его firewall заблокировал .

AhnLab-V32007.11.3.02007.11.02-
[B]AntiVir7.6.0.302007.11.02 TR/Crypt.XPACK.Gen[/B]
Authentium4.93.82007.11.03-
Avast4.7.1074.02007.11.03-
[B]AVG7.5.0.5032007.11.03Win32/PolyCryp[/B]
tBitDefender7.22007.11.04-
[B]CAT-QuickHeal9.002007.11.03 TrojanPSW.LdPinch.eap[/B]
ClamAV0.91.22007.11.04-
DrWeb4.44.0.091702007.11.03-
[B]eSafe7.0.15.02007.10.28 SuspiciousFile[/B]
eTrust-Vet31.2.52642007.11.02-
Ewido4.02007.11.03-
FileAdvisor12007.11.04-
Fortinet3.11.0.02007.10.19-
F-Prot4.4.2.542007.11.03-
[B]F-Secure6.70.13030.02007.11.04 Trojan-PSW.Win32.LdPinch.eap
IkarusT3.1.1.122007.11.04 Trojan-PWS.Win32.LdPinch.eap
Kaspersky7.0.0.1252007.11.03 Trojan-PSW.Win32.LdPinch.eap[/B]
McAfee51552007.11.02-
Microsoft1.29082007.11.03-
NOD32v2 2336 2007.11.03-
Norman5.80.022007.11.02-
[B]Panda9.0.0.42007.11.03 Suspiciousfile[/B]
[B]Prevx1V22007.11.04 Malware.Gen[/B]
Rising20.16.60.002007.11.04-
[B]Sophos4.23.02007.11.04 Mal/Basine-C[/B]
[B]Sunbelt2.2.907.02007.11.02 VIPRE.Suspicious[/B]
Symantec102007.11.04-
TheHacker6.2.9.1102007.10.27-
VBA323.12.2.42007.11.03-
VirusBuster4.3.26:92007.11.03-
[B]Webwasher-Gateway6.6.12007.11.02 Trojan.Crypt.XPACK.Gen

[/B]Дополнительная информация File size: 55296 bytesMD5: 4958b414a1a16cd519c804ff2f5ca01cSHA1: c02bf69b3b7c7c463b87c47f445b749e55fc5f46[/LEFT][/INDENT][/INDENT]
04.11.2007, 14:46
Макcим

Это [B]не[/B] ложное срабатывание, файл на самом деле является malware, которое заподозрил только один антивирус.

Файл 1.htm получен 2007.11.04 08:41:37 (CET)
[QUOTE][B]Webwasher-Gateway 6.6.1 2007.11.02 JavaScript.CodeUnfolding.gen!High (suspicious)[/B][/QUOTE]Дополнительная информация
File size: 2359 bytes
MD5: 3f438825635986942b14e5760bdaec3e
SHA1: d98b7554c75fb7bf43e394d32eab60e889486303

[size="1"][color="#666686"][B][I]Добавлено через 3 часа 36 минут[/I][/B][/color][/size]

Файл avz00008.dta получен 2007.11.04 12:35:35 (CET)
[QUOTE][B]AntiVir 7.6.0.30 2007.11.02 HEUR/Malware
Authentium 4.93.8 2007.11.03 Possibly a new variant of W32/new-malware!Maximus
eSafe 7.0.15.0 2007.10.28 suspicious Trojan/Worm
F-Prot 4.4.2.54 2007.11.03 W32/new-malware!Maximus
Ikarus T3.1.1.12 2007.11.04 Trojan-Spy.Win32.Agent.rb
Panda 9.0.0.4 2007.11.04 Suspicious file
Prevx1 V2 2007.11.04 Heuristic: Suspicious Browser Help Object
Sophos 4.23.0 2007.11.04 Troj/Dowdec-Gen
Sunbelt 2.2.907.0 2007.11.02 VIPRE.Suspicious
VBA32 3.12.2.4 2007.11.03 suspected of Downloader.Small.33
Webwasher-Gateway 6.6.1 2007.11.02 Heuristic.Malware[/B][/QUOTE]Дополнительная информация
File size: 12288 bytes
MD5: 89c1b7f8c76bc14d5ca6a6ba070372c2
SHA1: 3076d6e030a351194602c3cc7ad6dfe43644019a
packers: UPX
packers: UPX
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=C1B31436002A502F30C0000AAA5AD100B7568A70[/url]
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
06.11.2007, 00:51
drongo

Касперский добавит в следуещее обновление под именем : Backdoor.Win32.Kbot.ab

[code]Файл avz00002.dta получен 2007.11.05 22:43:59 (CET)
Антивирус Версия Обновление Результат
AhnLab-V3 2007.11.6.0 2007.11.05 -
[B]AntiVir 7.6.0.30 2007.11.05 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.11.05 -
[B]Avast 4.7.1074.0 2007.11.05 Win32:Small-HZL
AVG 7.5.0.503 2007.11.05 Downloader.Obfuskated
BitDefender 7.2 2007.11.05 Trojan.AVKiller.AW
CAT-QuickHeal 9.00 2007.11.05 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.11.05 -
[B]DrWeb 4.44.0.09170 2007.11.05 Trojan.MulDrop.8347
eSafe 7.0.15.0 2007.10.28 Suspicious File[/B]
eTrust-Vet 31.2.5264 2007.11.02 -
Ewido 4.0 2007.11.05 -
FileAdvisor 1 2007.11.05 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.05 -
F-Secure 6.70.13030.0 2007.11.05 -
Ikarus T3.1.1.12 2007.11.05 -
Kaspersky 7.0.0.125 2007.11.05 -
[B]McAfee 5156 2007.11.05 Tcad-Crypted
Microsoft 1.2908 2007.11.05 TrojanDownloader:Win32/Small.gen!AAM[/B]
NOD32v2 2639 2007.11.05 -
Norman 5.80.02 2007.11.05 -
[B]Panda 9.0.0.4 2007.11.05 Suspicious file[/B]
Prevx1 V2 2007.11.05 -
[B]Rising 20.17.01.00 2007.11.05 Trojan.DL.Win32.Small.fyn
Sophos 4.23.0 2007.11.05 Mal/Basine-C[/B]
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.05 -
TheHacker 6.2.9.116 2007.11.05 -
VBA32 3.12.2.4 2007.11.05 -
[B]VirusBuster 4.3.26:9 2007.11.05 Trojan.DR.Dirat.Gen
Webwasher-Gateway 6.0.1 2007.11.05 Trojan.Crypt.XPACK.Gen[/B]
Дополнительная информация
File size: 12788 bytes
MD5: 85f7cd6ffd231dce0d052884f6682d40
SHA1: 07fe747914cc7dfc0c9206055d33c65970c05295[/code]
06.11.2007, 16:09
Shu_b

t=13890
[CODE]File csrss.exe received on 11.06.2007 08:14:44 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.1 2007.11.06 -
[B]AntiVir 7.6.0.30 2007.11.05 HEUR/Crypted[/B]
Authentium 4.93.8 2007.11.05 -
Avast 4.7.1074.0 2007.11.05 -
AVG 7.5.0.503 2007.11.05 -
[B]BitDefender 7.2 2007.11.06 Trojan.PWS.LDPinch.TDD[/B]
CAT-QuickHeal 9.00 2007.11.05 -
ClamAV 0.91.2 2007.11.06 -
DrWeb 4.44.0.09170 2007.11.05 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5270 2007.11.05 -
Ewido 4.0 2007.11.05 -
FileAdvisor 1 2007.11.06 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.06 -
F-Secure 6.70.13030.0 2007.11.05 -
[B]Ikarus T3.1.1.12 2007.11.06 Virus.Win32.Zapchast.DA[/B]
Kaspersky 7.0.0.125 2007.11.06 -
McAfee 5156 2007.11.05 -
Microsoft 1.2908 2007.11.05 -
NOD32v2 2639 2007.11.06 -
Norman 5.80.02 2007.11.05 -
Panda 9.0.0.4 2007.11.06 -
Prevx1 V2 2007.11.06 -
Rising 20.17.02.00 2007.11.06 -
Sophos 4.23.0 2007.11.06 -
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.06 -
TheHacker 6.2.9.117 2007.11.06 -
VBA32 3.12.2.4 2007.11.06 -
VirusBuster 4.3.26:9 2007.11.05 -
[B]Webwasher-Gateway 6.0.1 2007.11.05 Heuristic.Crypted[/B]
Additional information
File size: 20992 bytes
MD5: 62d7900b0e5f56a06b818a7443b7edbb
SHA1: eb9cc8432d26e57d9b53ba1a9d623194040df0a9[/CODE]

[size="1"][color="#666686"][B][I]Добавлено через 5 часов 6 минут[/I][/B][/color][/size]

t=13896[QUOTE]File
syswin.exe ; msrpc.exe ; lsassv.exe ; AdobeGammaLoader.scr ; calc2.exe
received on 11.06.2007 13:16:58 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.1 2007.11.06 -
AntiVir 7.6.0.30 2007.11.05 -
Authentium 4.93.8 2007.11.05 -
Avast 4.7.1074.0 2007.11.05 -
AVG 7.5.0.503 2007.11.06 -
BitDefender 7.2 2007.11.06 -
CAT-QuickHeal 9.00 2007.11.05 -
ClamAV 0.91.2 2007.11.06 -
[B]DrWeb 4.44.0.09170 2007.11.06 Trojan.LydraSpy.origin[/B]
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5270 2007.11.05 -
Ewido 4.0 2007.11.06 -
FileAdvisor 1 2007.11.06 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.06 -
F-Secure 6.70.13030.0 2007.11.06 -
Ikarus T3.1.1.12 2007.11.06 -
[B]Kaspersky 7.0.0.125 2007.11.06 Heur.Trojan.Generic[/B]
McAfee 5156 2007.11.05 -
[B]Microsoft 1.3007 2007.11.06 TrojanSpy:Win32/Lydra.gen!B[/B]
NOD32v2 2640 2007.11.06 -
Norman 5.80.02 2007.11.06 -
[B]Panda 9.0.0.4 2007.11.06 Suspicious file[/B]
Prevx1 V2 2007.11.06 -
Rising 20.17.12.00 2007.11.06 -
Sophos 4.23.0 2007.11.06 -
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.06 -
TheHacker 6.2.9.117 2007.11.06 -
VBA32 3.12.2.4 2007.11.06 -
VirusBuster 4.3.26:9 2007.11.05 -
Webwasher-Gateway 6.0.1 2007.11.05 -
Additional information
File size: 468207 bytes
MD5: de9730919f23225ae5c49d2e56258264
SHA1: 92f0b3403063647e685c0de5777465665946412d[/QUOTE]

[size="1"][color="#666686"][B][I]Добавлено через 38 минут[/I][/B][/color][/size]

t=13895
[QUOTE]File bindmod.dll received on 11.06.2007 13:43:50 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.1 2007.11.06 -
[B]AntiVir 7.6.0.30 2007.11.05 TR/Zlob.Dll[/B]
Authentium 4.93.8 2007.11.05 -
[B]Avast 4.7.1074.0 2007.11.05 Win32:Agent-LTS
AVG 7.5.0.503 2007.11.06 Downloader.Zlob.QRV[/B]
BitDefender 7.2 2007.11.06 -
CAT-QuickHeal 9.00 2007.11.05 -
ClamAV 0.91.2 2007.11.06 -
DrWeb 4.44.0.09170 2007.11.06 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5270 2007.11.05 -
Ewido 4.0 2007.11.06 -
FileAdvisor 1 2007.11.06 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.06 -
F-Secure 6.70.13030.0 2007.11.06 -
[B]Ikarus T3.1.1.12 2007.11.06 not-a-virus:AdWare.Win32.Agent.bn[/B]
Kaspersky 7.0.0.125 2007.11.06 -
McAfee 5156 2007.11.05 -
Microsoft 1.3007 2007.11.06 -
NOD32v2 2640 2007.11.06 -
[B]Norman 5.80.02 2007.11.06 Agent.CUUF[/B]
Panda 9.0.0.4 2007.11.06 -
Prevx1 V2 2007.11.06 -
Rising 20.17.12.00 2007.11.06 -
Sophos 4.23.0 2007.11.06 -
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.06 -
TheHacker 6.2.9.117 2007.11.06 -
VBA32 3.12.2.4 2007.11.06 -
VirusBuster 4.3.26:9 2007.11.05 -
[B]Webwasher-Gateway 6.0.1 2007.11.05 Trojan.Zlob.Dll[/B]
Additional information
File size: 281088 bytes[/QUOTE]
[QUOTE]File advrepgpd.dll received on 11.06.2007 13:44:01 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.1 2007.11.06 -
[B]AntiVir 7.6.0.30 2007.11.05 TR/BHO.Agent.258048[/B]
Authentium 4.93.8 2007.11.05 -
Avast 4.7.1074.0 2007.11.05 -
[B]AVG 7.5.0.503 2007.11.06 Downloader.Zlob.QRY
BitDefender 7.2 2007.11.06 Adware.NetAdware.AB[/B]
CAT-QuickHeal 9.00 2007.11.05 -
ClamAV 0.91.2 2007.11.06 -
DrWeb 4.44.0.09170 2007.11.06 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5270 2007.11.05 -
Ewido 4.0 2007.11.06 -
FileAdvisor 1 2007.11.06 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.06 -
F-Secure 6.70.13030.0 2007.11.06 -
[B]Ikarus T3.1.1.12 2007.11.06 Generic.NetAdware[/B]
Kaspersky 7.0.0.125 2007.11.06 -
McAfee 5156 2007.11.05 -
Microsoft 1.3007 2007.11.06 -
[B]NOD32v2 2640 2007.11.06 a variant of Win32/Adware.Agent.NHO
Norman 5.80.02 2007.11.06 W32/Vapsup.AV[/B]
Panda 9.0.0.4 2007.11.06 -
Prevx1 V2 2007.11.06 -
Rising 20.17.12.00 2007.11.06 -
Sophos 4.23.0 2007.11.06 -
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.06 -
TheHacker 6.2.9.117 2007.11.06 -
VBA32 3.12.2.4 2007.11.06 -
VirusBuster 4.3.26:9 2007.11.05 -
[B]Webwasher-Gateway 6.0.1 2007.11.05 Trojan.BHO.Agent.258048[/B]
Additional information
File size: 258048 bytes[/QUOTE]
[QUOTE]File hupsrv.dll received on 11.06.2007 13:43:38 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.1 2007.11.06 -
[B]AntiVir 7.6.0.30 2007.11.05 ADSPY/VideoPlug.A.1[/B]
Authentium 4.93.8 2007.11.05 -
Avast 4.7.1074.0 2007.11.05 -
[B]AVG 7.5.0.503 2007.11.06 Downloader.Zlob.QRZ[/B]
BitDefender 7.2 2007.11.06 -
CAT-QuickHeal 9.00 2007.11.05 -
ClamAV 0.91.2 2007.11.06 -
DrWeb 4.44.0.09170 2007.11.06 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5270 2007.11.05 -
Ewido 4.0 2007.11.06 -
FileAdvisor 1 2007.11.06 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.06 -
F-Secure 6.70.13030.0 2007.11.06 -
[B]Ikarus T3.1.1.12 2007.11.06 not-a-virus:AdWare.Win32.Agent.bn[/B]
Kaspersky 7.0.0.125 2007.11.06 -
McAfee 5156 2007.11.05 -
Microsoft 1.3007 2007.11.06 -
NOD32v2 2640 2007.11.06 -
[B]Norman 5.80.02 2007.11.06 Agent.CUUF[/B]
Panda 9.0.0.4 2007.11.06 -
Prevx1 V2 2007.11.06 -
Rising 20.17.12.00 2007.11.06 -
Sophos 4.23.0 2007.11.06 -
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.06 -
TheHacker 6.2.9.117 2007.11.06 -
VBA32 3.12.2.4 2007.11.06 -
VirusBuster 4.3.26:9 2007.11.05 -
[B]Webwasher-Gateway 6.0.1 2007.11.05 Ad-Spyware.VideoPlug.A.1[/B]
Additional information
File size: 269312 bytes[/QUOTE]
какой интересный денёк...

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

t=13894 [[color=#CC0000]незачёт - Этот файл повреждён[/color].]
[QUOTE]File SYSDRV1.EXE received on 11.06.2007 13:54:09 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.1 2007.11.06 -
AntiVir 7.6.0.30 2007.11.05 -
Authentium 4.93.8 2007.11.05 -
[B]Avast 4.7.1074.0 2007.11.05 Win32:LdPinch-IG[/B]
AVG 7.5.0.503 2007.11.06 -
[B]BitDefender 7.2 2007.11.06 Trojan.Pws.Ldpinch.AJA
CAT-QuickHeal 9.00 2007.11.06 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.11.06 -
DrWeb 4.44.0.09170 2007.11.06 -
[B]eSafe 7.0.15.0 2007.10.28 Suspicious File[/B]
eTrust-Vet 31.2.5270 2007.11.05 -
Ewido 4.0 2007.11.06 -
FileAdvisor 1 2007.11.06 -
[B]Fortinet 3.11.0.0 2007.10.19 Spy/Basine[/B]
F-Prot 4.4.2.54 2007.11.06 -
[B]F-Secure 6.70.13030.0 2007.11.06 LdPinch.JVR
Ikarus T3.1.1.12 2007.11.06 Trojan-PWS.Win32.LdPinch.bph[/B]
Kaspersky 7.0.0.125 2007.11.06 -
[B]McAfee 5156 2007.11.05 PWS-LDPinch[/B]
Microsoft 1.3007 2007.11.06 -
[B]NOD32v2 2640 2007.11.06 Win32/PSW.LdPinch.NEL
Norman 5.80.02 2007.11.06 LdPinch.JVR
Panda 9.0.0.4 2007.11.06 Trj/LdPinch.AJF[/B]
Prevx1 V2 2007.11.06 -
[B]Rising 20.17.12.00 2007.11.06 Trojan.PSW.Win32.LdPinch.buj
Sophos 4.23.0 2007.11.06 Mal/Basine-C
Sunbelt 2.2.907.0 2007.11.02 Trojan-PSW.Win32.Hooker.24.c
Symantec 10 2007.11.06 Infostealer[/B]
TheHacker 6.2.9.117 2007.11.06 -
[B]VBA32 3.12.2.4 2007.11.06 Trojan.Win32.PSW.LdPinch.NEL
VirusBuster 4.3.26:9 2007.11.05 Packed/FSG
Webwasher-Gateway 6.0.1 2007.11.05 Win32.Malware.gen#FSG (suspicious)[/B]
Additional information
File size: 24231 bytes
MD5: 4acb6bf2e065d7ed9ed048d134980f5b
SHA1: c37522ec0f9b29bee95bc3062a507d9dc6b4558a
packers: PE_Patch, FSG[/QUOTE]
06.11.2007, 20:45
Макcим

Файл index.php получен 2007.11.06 17:49:28 (CET)
[QUOTE][B]AVG 7.5.0.503 2007.11.06 JS/Downloader.Agent
Sophos 4.23.0 2007.11.06 Mal/ObfJS-M
Webwasher-Gateway 6.0.1 2007.11.06 JavaScript.CodeUnfolding.gen!High (suspicious)[/B][/QUOTE]Дополнительная информация
File size: 9369 bytes
MD5: ad197989915846adf2ece6ef4469a138
SHA1: 336fdd129e6228ce8eb15f4b737c3ee9e503262e
07.11.2007, 16:38
Макcим

Файл syswqer.exe получен 2007.11.07 14:35:01 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.07 DR/Delphi.Gen
AVG 7.5.0.503 2007.11.07 Obfustat.SYJ
BitDefender 7.2 2007.11.07 Trojan.PWS.LDPinch.TDF
DrWeb 4.44.0.09170 2007.11.07 Trojan.Packed.194
eSafe 7.0.15.0 2007.11.06 Suspicious File
FileAdvisor 1 2007.11.07 High threat detected
Ikarus T3.1.1.12 2007.11.07 Trojan-PWS.LDPinch.TDF
Panda 9.0.0.4 2007.11.06 Generic Trojan
Sophos 4.23.0 2007.11.07 Mal/Dropper-T
VBA32 3.12.2.4 2007.11.06 suspected of Trojan-PSW.Pinch.90 (paranoid heuristics)
Webwasher-Gateway 6.0.1 2007.11.07 Trojan.Delphi.Gen[/B][/QUOTE]Дополнительная информация
File size: 58368 bytes
MD5: 2b3af9294ff4f88fc5b48c609c6a1fda
SHA1: 68d74a2b8d4cc9409ceaf42ad53361d7da48ad20
Bit9 info: [url]http://fileadvisor.bit9.com/services/extinfo.aspx?md5=2b3af9294ff4f88fc5b48c609c6a1fda[/url]
08.11.2007, 16:46
XL

Файл dancer.exe получен 2007.11.08 14:37:06
[QUOTE]AhnLab-V3 2007.11.9.0 2007.11.08 -
[B]AntiVir 7.6.0.34 2007.11.08 WORM/Zhelatin.Gen[/B]
Authentium 4.93.8 2007.11.01 -
Avast 4.7.1074.0 2007.11.08 -
AVG 7.5.0.503 2007.11.08 -
[B]BitDefender 7.2 2007.11.08 Trojan.Peed.INS
CAT-QuickHeal 9.00 2007.11.08 (Suspicious) - DNAScan[/B]
ClamAV 0.91.2 2007.11.07 -
[B]DrWeb 4.44.0.09170 2007.11.08 Trojan.Packed.209[/B]
[B]eSafe 7.0.15.0 2007.10.28 Suspicious File[/B]
eTrust-Vet 31.2.5276 2007.11.07 -
Ewido 4.0 2007.11.08 -
FileAdvisor 1 2007.11.08 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.07 -
F-Secure 6.70.13030.0 2007.11.08 -
Ikarus T3.1.1.12 2007.11.08 -
Kaspersky 7.0.0.125 2007.11.08 -
[B]McAfee 5157 2007.11.06 New Malware.cn
Microsoft 1.3007 2007.11.08 TrojanDropper:Win32/Nuwar.gen!avkill
NOD32v2 2646 2007.11.08 probably unknown NewHeur_PE virus[/B]
Norman 5.80.02 2007.11.06 -
Panda 9.0.0.4 2007.11.06 -
Prevx1 V2 2007.11.08 -
Rising 20.17.32.00 2007.11.08 -
[B]Sophos 4.23.0 2007.11.08 Mal/Dorf-F[/B]
Sunbelt 2.2.907.0 2007.10.31 -
[B]Symantec 10 2007.11.08 Trojan.Peacomm.D[/B]
TheHacker 6.2.9.118 2007.11.06 -
VBA32 3.12.2.4 2007.11.06 -
VirusBuster 4.3.26:9 2007.11.06 -
[B]Webwasher-Gateway 6.0.1 2007.07.05 Win32.Malware.gen (suspicious)[/B]
Дополнительная информация
File size: 123746 bytes
MD5: 93712eabfb4eb95973c4a279acaac069
SHA1: 15535312189baefedbb57ca41c8c9d072e61a907[/QUOTE]

свежак. рулят generic сигнатуры и эвристика....
09.11.2007, 06:20
TANUKI

Файл 6143_1_.js получен 2007.11.09 02:56:01 (CET)

[B]AntiVir 7.6.0.34 2007.11.08 TR/Dldr.Agent.abi.1
F-Secure 6.70.13030.0 2007.11.09 Trojan-Downloader.JS.Agent.abi
Ikarus T3.1.1.12 2007.11.09 Trojan-Downloader.JS.Agent.abi
Kaspersky 7.0.0.125 2007.11.09 Trojan-Downloader.JS.Agent.abi
Sunbelt 2.2.907.0 2007.11.08 Trojan-Downloader.Agent.abi.1
Symantec 10 2007.11.09 Downloader
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Dldr.Agent.abi.1[/B]

File size: 2190 bytes
MD5: 58de1a946e120811eb7806847ba9fe85
SHA1: 435a47e933508564dc760049a16d6be7f2739983

[size="1"][color="#666686"][B][I]Добавлено через 24 минуты[/I][/B][/color][/size]

Файл lib_1_.exe получен 2007.11.09 02:56:54 (CET)

[B]AntiVir 7.6.0.34 2007.11.08 HEUR/Malware
AVG 7.5.0.503 2007.11.08 BackDoor.Generic8.AAAQ
CAT-QuickHeal 9.00 2007.11.08 (Suspicious) - DNAScan
ClamAV 0.91.2 2007.11.09 PUA.Packed.UPack-2
eSafe 7.0.15.0 2007.11.08 Suspicious File
F-Prot 4.4.2.54 2007.11.07 W32/Heuristic-162!Eldorado
Ikarus T3.1.1.12 2007.11.09 Trojan-Downloader.Win32.Zlob.and
McAfee 5159 2007.11.08 New Malware.aj
NOD32v2 2647 2007.11.09 Win32/TrojanDropper.Agent.NGP
Norman 5.80.02 2007.11.08 W32/Zlob.ASKO
Panda 9.0.0.4 2007.11.09 Suspicious file
Sophos 4.23.0 2007.11.09 Mal/Packer
Sunbelt 2.2.907.0 2007.11.08 VIPRE.Suspicious
TheHacker 6.2.9.120 2007.11.08 W32/Behav-Heuristic-060
VBA32 3.12.2.4 2007.11.08 suspected of Trojan-PSW.Game.30 (paranoid heuristics)
VirusBuster 4.3.26:9 2007.11.08 Packed/Upack
Webwasher-Gateway 6.0.1 2007.11.09 Heuristic.Malware
[/B]

Дополнительная информация
File size: 137904 bytes
MD5: 2016d135efbc5b7800b5bc1ad5462df9
SHA1: 5271bb6daca4a9914de5a3defeb148b6d8065a2a

[size="1"][color="#666686"][B][I]Добавлено через 43 минуты[/I][/B][/color][/size]

Файл userinit.exe получен 2007.11.09 03:45:05 (CET)

Антивирус Версия Обновление Результат
[B]AhnLab-V3 2007.11.9.0 2007.11.09 Win-Trojan/Agent.23552.DM
AntiVir 7.6.0.34 2007.11.08 TR/Dldr.Agent.blm.16
AVG 7.5.0.503 2007.11.08 Downloader.Agent.TIA
BitDefender 7.2 2007.11.09 Trojan.Downloader.Agent.YMX
DrWeb 4.44.0.09170 2007.11.08 Trojan.DownLoader.33566
Ewido 4.0 2007.11.08 Downloader.Agent.blm
F-Secure 6.70.13030.0 2007.11.09 Trojan-Downloader.Win32.Agent.blm
Ikarus T3.1.1.12 2007.11.09 Trojan-Downloader.Win32.Agent.blm
Kaspersky 7.0.0.125 2007.11.09 Trojan-Downloader.Win32.Agent.blm
NOD32v2 2647 2007.11.09 Win32/TrojanDownloader.Agent.NRU
Norman 5.80.02 2007.11.08 W32/Agent.DAHY
Panda 9.0.0.4 2007.11.09 Suspicious file
Rising 20.17.32.00 2007.11.08 Trojan.DL.Win32.Agent.ydm
TheHacker 6.2.9.120 2007.11.08 Trojan/Downloader.Agent.blm
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Dldr.Agent.blm.16[/B]

File size: 25088 bytes
MD5: de4ad604ac304d540354ae064cd4e692
SHA1: 1c3fce3275a279191d9bc8d66e6baa4bf06fd6d4
09.11.2007, 17:00
Макcим

Тема [url]http://virusinfo.info/showthread.php?t=14005[/url]

Файл avz00006.dta получен 2007.11.09 08:13:10 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.08 TR/Crypt.XPACK.Gen
AVG 7.5.0.503 2007.11.08 Downloader.Obfuskated
CAT-QuickHeal 9.00 2007.11.08 TrojanProxy.Agent.qq
DrWeb 4.44.0.09170 2007.11.08 Trojan.Packed.147
eSafe 7.0.15.0 2007.11.08 Win32.Agent.qq
F-Secure 6.70.13030.0 2007.11.09 Trojan-Proxy.Win32.Agent.qq
Ikarus T3.1.1.12 2007.11.09 Trojan-Proxy.Win32.Agent.qq
Kaspersky 7.0.0.125 2007.11.09 Trojan-Proxy.Win32.Agent.qq
Microsoft 1.3007 2007.11.09 Virus:Win32/Grum.E
NOD32v2 2647 2007.11.09 Win32/TrojanProxy.Small.NBA
Prevx1 V2 2007.11.09 Heuristic: Suspicious File With Code Injection Technology
Sophos 4.23.0 2007.11.09 Mal/Generic-A
VBA32 3.12.2.4 2007.11.08 Trojan-Proxy.Win32.Agent.qq
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Crypt.XPACK.Gen[/B][/QUOTE]File size: 32768 bytes
MD5: e23df3f7c0a8fb86087346d80ba14b88
SHA1: 9ea8e2936787211f1042b960a112585b7a256054
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=26FBCD2B00E8E39D80B40090A63D9400D4A87AED[/url]

Файл avz00003.dta получен 2007.11.09 08:12:34 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.08 TR/Crypt.XPACK.Gen
AVG 7.5.0.503 2007.11.08 Dropper.Agent.9.J
BitDefender 7.2 2007.11.09 Trojan.Proxy.Agent.AZP
DrWeb 4.44.0.09170 2007.11.08 Trojan.Packed.147
Ikarus T3.1.1.12 2007.11.09 Trojan.Win32.Agent.asu
NOD32v2 2647 2007.11.09 probably unknown NewHeur_PE virus
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Crypt.XPACK.Gen[/B][/QUOTE]Дополнительная информация
File size: 33280 bytes
MD5: 0b97adc7b6d7a850608ac1102c9bb180
SHA1: 77b06d0e8ed54318a1a6ba80b8fecab8b62912bb

Файл avz00002.dta получен 2007.11.09 08:12:18 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.08 TR/Crypt.XPACK.Gen
AVG 7.5.0.503 2007.11.08 Dropper.Agent.9.J
BitDefender 7.2 2007.11.09 Trojan.Proxy.Agent.AZP
CAT-QuickHeal 9.00 2007.11.08 TrojanDropper.Agent.cjq
ClamAV 0.91.2 2007.11.09 Trojan.Dropper-2814
DrWeb 4.44.0.09170 2007.11.08 Trojan.Packed.147
FileAdvisor 1 2007.11.09 High threat detected
F-Secure 6.70.13030.0 2007.11.09 Trojan-Dropper.Win32.Agent.cjq
Ikarus T3.1.1.12 2007.11.09 Trojan.Win32.Agent.asu
Kaspersky 7.0.0.125 2007.11.09 Trojan-Dropper.Win32.Agent.cjq
Microsoft 1.3007 2007.11.09 Virus:Win32/Grum.G
NOD32v2 2647 2007.11.09 probably unknown NewHeur_PE virus
Panda 9.0.0.4 2007.11.09 Trj/Downloader.MDW
Sophos 4.23.0 2007.11.09 Mal/Generic-A
VBA32 3.12.2.4 2007.11.06 Trojan-Dropper.Win32.Agent.cjq
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Crypt.XPACK.Gen[/B][/QUOTE]Дополнительная информация
File size: 33280 bytes
MD5: 91687869e1f5fdf5fbff020db8541e67
SHA1: ecbf8797171027270fd8ceeb0e410dc84ede12d6
Bit9 info: [url]http://fileadvisor.bit9.com/services/extinfo.aspx?md5=91687869e1f5fdf5fbff020db8541e67[/url]

Файл avz00001.dta получен 2007.11.09 08:11:59 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.08 TR/Crypt.XPACK.Gen
AVG 7.5.0.503 2007.11.08 Dropper.Agent.9.J
BitDefender 7.2 2007.11.09 Trojan.Proxy.Agent.AZP
DrWeb 4.44.0.09170 2007.11.08 Trojan.Packed.147
Ikarus T3.1.1.12 2007.11.09 Trojan.Win32.Agent.asu
NOD32v2 2647 2007.11.09 probably unknown NewHeur_PE virus
Prevx1 V2 2007.11.09 Trojan.Nudos
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Crypt.XPACK.Gen[/B][/QUOTE]Дополнительная информация
File size: 33280 bytes
MD5: f0fe48b79151c39217e3c01030e63fe7
SHA1: 41ac5e903ce68636918400d21f07ad8ebe2a2bdf
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=DBBB0A840036374C82AB00F64ECBC600D466C95E[/url]

[size="1"][color="#666686"][B][I]Добавлено через 6 часов 38 минут[/I][/B][/color][/size]

Файл Elektrichka.exe получен 2007.11.09 14:28:51 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.09 TR/PSW.LdPinch.bsj.113
BitDefender 7.2 2007.11.09 MemScan:Trojan.PWS.LdPinch.BSJ
CAT-QuickHeal 9.00 2007.11.09 (Suspicious) - DNAScan
eTrust-Vet 31.2.5282 2007.11.09 Win32/Unknown
F-Prot 4.4.2.54 2007.11.09 W32/Heuristic-162!Eldorado
F-Secure 6.70.13030.0 2007.11.09 Trojan.Win32.Pakes.bos
Ikarus T3.1.1.12 2007.11.09 MemScanTrojan.Pws.LdPinch.BSJ
Kaspersky 7.0.0.125 2007.11.09 Trojan.Win32.Pakes.bos
Panda 9.0.0.4 2007.11.09 Suspicious file
Prevx1 V2 2007.11.09 Malware.Gen
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.PSW.LdPinch.bsj.113[/B][/QUOTE]Дополнительная информация
File size: 371712 bytes
MD5: 78abcfe77598501faaa3afb1b1d216a1
SHA1: 2328496d8a229146bae5e717eb744a38e5068bf3
packers: ASProtect
packers: PE_Patch, Aspack
packers: PE_Patch
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=5D4028450048A7D4AC9205EC35AC1800CDEB05A5[/url]

Файл avz00001.dta получен 2007.11.09 14:45:46 (CET)
[QUOTE][B]AntiVir 7.6.0.34 2007.11.09 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2007.11.09 Possibly a new variant of W32/Threat-HLLVL-based!Maximus
AVG 7.5.0.503 2007.11.09 SHeur.YKL
BitDefender 7.2 2007.11.09 MemScan:Trojan.Spy.Bancos.AAM
CAT-QuickHeal 9.00 2007.11.09 TrojanSpy.Zbot.bu
DrWeb 4.44.0.09170 2007.11.09 Trojan.Proxy.1824
F-Prot 4.4.2.54 2007.11.09 W32/Threat-HLLVL-based!Maximus
F-Secure 6.70.13030.0 2007.11.09 Trojan-Spy.Win32.Zbot.bu
Ikarus T3.1.1.12 2007.11.09 MemScanTrojan.Spy.Bancos.AAM
Kaspersky 7.0.0.125 2007.11.09 Trojan-Spy.Win32.Zbot.bu
Panda 9.0.0.4 2007.11.09 Suspicious file
Sophos 4.23.0 2007.11.09 Mal/Behav-023
Sunbelt 2.2.907.0 2007.11.09 VIPRE.Suspicious
Symantec 10 2007.11.09 Infostealer.Notos!gen
Webwasher-Gateway 6.0.1 2007.11.09 Trojan.Crypt.XPACK.Gen
[/B][/QUOTE]Дополнительная информация
File size: 239104 bytes
MD5: c081802b12c75c529a32e78d51bae9d7
SHA1: 42ee7db3e52e8b8b82f230e05ba1edc2d8551c3d
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

Из темы [url]http://forum.kaspersky.com/index.php?showtopic=52204[/url]

Файл avz00001.dta получен 2007.11.09 14:50:51 (CET)
[QUOTE][B]DrWeb 4.44.0.09170 2007.11.09 Trojan.Ftpspy
Panda 9.0.0.4 2007.11.09 Trj/FtpSpy.A[/B][/QUOTE]Дополнительная информация
File size: 5632 bytes
MD5: ff570702b4b27e5ab974fc7bbb094abc
SHA1: d83c07509420f37040ae41fd2a0febfd83ddbf0c
10.11.2007, 06:11
ISO

File BitAccelerator.exe received on 11.10.2007 03:50:58 (CET)
Current status: finished
Result: 6/32 (18.75%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.11.10.0 2007.11.09 -
AntiVir 7.6.0.34 2007.11.09 -
Authentium 4.93.8 2007.11.09 -
Avast 4.7.1074.0 2007.11.09 -
AVG 7.5.0.503 2007.11.09 -
[B]BitDefender 7.2 2007.11.10 Adware.BHO.WPW[/B]
CAT-QuickHeal 9.00 2007.11.09 -
[B]ClamAV 0.91.2 2007.11.10 Adware.BHO-50[/B]
DrWeb 4.44.0.09170 2007.11.09 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.09 -
FileAdvisor 1 2007.11.10 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.09 -
F-Secure 6.70.13030.0 2007.11.09 -
[B]Ikarus T3.1.1.12 2007.11.10 Virus.Win32.AdWare
Kaspersky 7.0.0.125 2007.11.10 not-a-virus:AdWare.Win32.BHO.ic[/B]
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.10 -
NOD32v2 2650 2007.11.09 -
Norman 5.80.02 2007.11.09 -
[B]Panda 9.0.0.4 2007.11.10 Adware/BHO.L[/B]
Prevx1 V2 2007.11.10 -
Rising 20.17.42.00 2007.11.10 -
[B]Sophos 4.23.0 2007.11.09 BitAccelerator[/B]
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.10 -
TheHacker 6.2.9.122 2007.11.09 -
VBA32 3.12.2.4 2007.11.08 -
VirusBuster 4.3.26:9 2007.11.09 -
Webwasher-Gateway 6.0.1 2007.11.10 -
Additional information
File size: 394128 bytes
MD5: 1697c99f32c75e42230094b9eec619ce
SHA1: e9f2a20f5c4a45e58076c29c99b38f68fa7ce3d1
10.11.2007, 12:07
Макcим

В будущем будет детектиться КАВом как [B]not-a-virus:AdWare.Win32.BHO.kj[/B]

Файл avz00001.dta получен 2007.11.10 09:58:22 (CET)
[QUOTE][B]Panda 9.0.0.4 2007.11.10 Suspicious file[/B][/QUOTE]Дополнительная информация
File size: 399872 bytes
MD5: c0236e7c0a6f98545f9c5ac76b6c5962
SHA1: 1adef52d8190e7eef344c54d903e33ec6676f7b7
11.11.2007, 19:28
Макcим

Файл alaunch.cab получен 2007.11.11 09:46:22 (CET)
[QUOTE][B]Avast 4.7.1074.0 2007.11.10 Win32:Adan-055
AVG 7.5.0.503 2007.11.10 Adware Generic.CZP
BitDefender 7.2 2007.11.11 Adware.Gamespy.B
CAT-QuickHeal 9.00 2007.11.10 RiskWare.Downloader.SpyGame (Not a Virus)
Ewido 4.0 2007.11.10 Not-A-Virus.Downloader.Win32.SpyGame
Fortinet 3.11.0.0 2007.10.19 Download/Spygame
F-Prot 4.4.2.54 2007.11.10 W32/Adware.PPN
F-Secure 6.70.13030.0 2007.11.10 W32/DLoader.AKWR
Ikarus T3.1.1.12 2007.11.11 not-a-virus:Downloader.Win32.SpyGame
Kaspersky 7.0.0.125 2007.11.11 not-a-virus:Downloader.Win32.SpyGame
McAfee 5160 2007.11.09 potentially unwanted program Adware-GameSpy
NOD32v2 2652 2007.11.11 Win32/TrojanDownloader.SpyGame.A
Norman 5.80.02 2007.11.09 W32/DLoader.AKWR
Panda 9.0.0.4 2007.11.10 Generic Trojan
Rising 20.17.60.00 2007.11.11 Trojan.DL.Agent.xtx
VBA32 3.12.2.4 2007.11.08 RiskWare.Downloader.SpyGame
Webwasher-Gateway 6.0.1 2007.11.11 Riskware.Dldr.SpyGame[/B][/QUOTE]Дополнительная информация
File size: 65941 bytes
MD5: 3c48574cf159b50ad5b9f1d101b7ba1a
SHA1: fc6f13263be0e163364c8c33480911c447202999

[size="1"][color="#666686"][B][I]Добавлено через 7 часов 28 минут[/I][/B][/color][/size]

Будет детектиться КАВом в следущем обновлении как [B]not-a-virus:FraudTool.Win32.SmartAntiSpyware.b[/B]

Файл setup.exe получен 2007.11.11 16:59:44 (CET)
[QUOTE][B]AhnLab-V3 2007.11.10.0 2007.11.09 -
AntiVir 7.6.0.34 2007.11.09 -
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.10 -
AVG 7.5.0.503 2007.11.11 -
BitDefender 7.2 2007.11.11 -
CAT-QuickHeal 9.00 2007.11.10 -
ClamAV 0.91.2 2007.11.11 -
DrWeb 4.44.0.09170 2007.11.11 -
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5284 2007.11.09 -
Ewido 4.0 2007.11.11 -
FileAdvisor 1 2007.11.11 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
F-Secure 6.70.13030.0 2007.11.10 -
Ikarus T3.1.1.12 2007.11.11 -
Kaspersky 7.0.0.125 2007.11.11 -
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.11 -
NOD32v2 2652 2007.11.11 -
Norman 5.80.02 2007.11.09 -
Panda 9.0.0.4 2007.11.10 -
Prevx1 V2 2007.11.11 -
Rising 20.17.62.00 2007.11.11 -
Sophos 4.23.0 2007.11.11 -
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.11 -
TheHacker 6.2.9.123 2007.11.10 -
VBA32 3.12.2.4 2007.11.11 -
VirusBuster 4.3.26:9 2007.11.11 -
Webwasher-Gateway 6.0.1 2007.11.11 -[/B][/QUOTE]Дополнительная информация
File size: 391187 bytes
MD5: 6c126e36a73970b4fd841ff7dc45f372
SHA1: 66dc9501d808aeaa1c1ef7052c55c164afb77005
packers: RAR, Unicode
12.11.2007, 12:43
NickGolovko_

Забэкдоренная машина, поэтому не логинюсь.

Файл avz00001.dta получен 2007.11.12 10:35:07 (CET)
Антивирус Версия Обновление Результат
[b]AhnLab-V3 2007.11.12.0 2007.11.12 Win-Trojan/Xema.variant
AntiVir 7.6.0.34 2007.11.12 TR/Spy.Gen[/b]
Authentium 4.93.8 2007.11.10 -
[b]Avast 4.7.1074.0 2007.11.11 Win32:Delf-EBR
AVG 7.5.0.503 2007.11.11 BackDoor.Generic8.ZJB
BitDefender 7.2 2007.11.12 Generic.Malware.FPYdPk.92F90C9A
CAT-QuickHeal 9.00 2007.11.10 Backdoor.Delf.aws
ClamAV 0.91.2 2007.11.12 Worm.Delf-63
DrWeb 4.44.0.09170 2007.11.12 BackDoor.Kais
eSafe 7.0.15.0 2007.11.08 Win32.Delf.aws
eTrust-Vet 31.2.5289 2007.11.12 Win32/Liphew.G
Ewido 4.0 2007.11.11 Backdoor.Delf.aws[/b]
FileAdvisor 1 2007.11.12 -
[b]Fortinet 3.11.0.0 2007.10.19 W32/BackDoor.AWS!tr.bdr
F-Prot 4.4.2.54 2007.11.10 W32/Agent.GWT
F-Secure 6.70.13030.0 2007.11.12 Backdoor.Win32.Delf.aws
Ikarus T3.1.1.12 2007.11.12 Backdoor.Win32.Hupigon.MY
Kaspersky 7.0.0.125 2007.11.12 Backdoor.Win32.Delf.aws
McAfee 5160 2007.11.09 Generic BackDoor
Microsoft 1.3007 2007.11.12 Backdoor:Win32/Delf.XD
NOD32v2 2652 2007.11.11 Win32/Delf.NFP
Norman 5.80.02 2007.11.09 W32/Suspicious_N.gen
Panda 9.0.0.4 2007.11.11 Trj/Banker.GWB[/b]
Prevx1 V2 2007.11.12 -
[b]Rising 20.18.00.00 2007.11.12 Backdoor.RWX.2005.hx
Sophos 4.23.0 2007.11.12 Mal/EncPk-E[/b]
Sunbelt 2.2.907.0 2007.11.09 -
[b]Symantec 10 2007.11.12 Backdoor.Graybird
TheHacker 6.2.9.124 2007.11.12 Backdoor/Delf.aws
VBA32 3.12.2.4 2007.11.11 Backdoor.Win32.Delf.aws
VirusBuster 4.3.26:9 2007.11.11 Packed/NSPack
Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Spy.Gen[/b]
Дополнительная информация
File size: 280626 bytes
MD5: ef5a3159b65df5085a7ea865cbbf3dbe
SHA1: 11801ab92e9aeaa07f203f7642017d1adf4a8759
packers: NsPack, NsPack
packers: NSPack, NSPack
12.11.2007, 17:40
ISO

Провайдер сказал, что с данного компа идёт бешеный трафик, пришёл и увидел ужас сколько зверья, многое из них на вирустотале знают уже все, а вот некоторое ещё много кому не знакомо.

File xpdx.sys received on 11.12.2007 14:45:27 (CET)
Current status: finished
Result: 19/32 (59.38%)
Compact
Print results Antivirus Version Last Update Result
[B]AhnLab-V3 2007.11.12.0 2007.11.12 Win-Trojan/Pakes.54218
AntiVir 7.6.0.34 2007.11.12 TR/Pakes.EL[/B]
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
[B]AVG 7.5.0.503 2007.11.11 Obfustat.SUM[/B]
BitDefender 7.2 2007.11.12 -
[B]CAT-QuickHeal 9.00 2007.11.12 Trojan.Pakes.el[/B]
ClamAV 0.91.2 2007.11.12 -
[B]DrWeb 4.44.0.09170 2007.11.12 Trojan.Spambot.2478[/B]
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5289 2007.11.12 -
Ewido 4.0 2007.11.12 -
FileAdvisor 1 2007.11.12 -
[B]Fortinet 3.11.0.0 2007.10.19 W32/RKRustok.A!tr
F-Prot 4.4.2.54 2007.11.10 W32/Trojan2.DGT
F-Secure 6.70.13030.0 2007.11.12 Trojan.Win32.Pakes.el
Ikarus T3.1.1.12 2007.11.12 Trojan.Win32.Pakes.el
Kaspersky 7.0.0.125 2007.11.12 Trojan.Win32.Pakes.el
McAfee 5160 2007.11.09 Generic.dx
Microsoft 1.3007 2007.11.12 Backdoor:Win32/Rustock.gen!B
NOD32v2 2653 2007.11.12 Win32/Rustock.NCT[/B]
Norman 5.80.02 2007.11.09 -
[B]Panda 9.0.0.4 2007.11.11 Rootkit/Spammer.ZX[/B]
Prevx1 V2 2007.11.12 -
Rising 20.18.02.00 2007.11.12 -
[B]Sophos 4.23.0 2007.11.12 Mal/RKRustok-A
Sunbelt 2.2.907.0 2007.11.09 Backdoor.Rustock[/B]
Symantec 10 2007.11.12 -
[B]TheHacker 6.2.9.124 2007.11.12 Trojan/Pakes.el
VBA32 3.12.2.4 2007.11.11 Trojan.Win32.Pakes.el[/B]
VirusBuster 4.3.26:9 2007.11.11 -
[B]Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Pakes.EL[/B]
Additional information
File size: 54218 bytes
MD5: 366008a494dc2ab87c9d404e859f359d
SHA1: ba37b12c6a10df3a35f7d3808cf9c0f4f39c16b1
Sunbelt info: Backdoor.Rustock is a threat that acts as a hidden proxy and enables an attacker to send spam from the machine.

[size="1"][color="#666686"][B][I]Добавлено через 15 минут[/I][/B][/color][/size]

File bitw.exe received on 11.12.2007 14:56:09 (CET)
Current status: finished
Result: 17/32 (53.13%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.11.12.0 2007.11.12 -
[B]AntiVir 7.6.0.34 2007.11.12 TR/Crypt.XPACK.Gen[/B]
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
[B]AVG 7.5.0.503 2007.11.11 Generic8.NEC[/B]
BitDefender 7.2 2007.11.12 -
[B]CAT-QuickHeal 9.00 2007.11.12 Trojan.Agent.ccj
ClamAV 0.91.2 2007.11.12 Trojan.Agent-9002
DrWeb 4.44.0.09170 2007.11.12 Trojan.Packed.195
eSafe 7.0.15.0 2007.11.08 Win32.Agent.ccj[/B]
eTrust-Vet 31.2.5289 2007.11.12 -
Ewido 4.0 2007.11.12 -
FileAdvisor 1 2007.11.12 -
[B]Fortinet 3.11.0.0 2007.10.19 Basine.C[/B]
F-Prot 4.4.2.54 2007.11.10 -
[B]F-Secure 6.70.13030.0 2007.11.12 Trojan.Win32.Agent.ccj
Ikarus T3.1.1.12 2007.11.12 Trojan.Win32.Agent.ccj
Kaspersky 7.0.0.125 2007.11.12 Trojan.Win32.Agent.ccj[/B]
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
[B]NOD32v2 2653 2007.11.12 Win32/PSW.Agent.NGT
Norman 5.80.02 2007.11.09 W32/Agent.CUWR
Panda 9.0.0.4 2007.11.11 Trj/Downloader.MDW[/B]
Prevx1 V2 2007.11.12 -
Rising 20.18.02.00 2007.11.12 -
[B]Sophos 4.23.0 2007.11.12 Mal/Basine-C[/B]
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
[B]TheHacker 6.2.9.124 2007.11.12 Trojan/Agent.ccj
VBA32 3.12.2.4 2007.11.11 Trojan.Win32.Agent.ccj[/B]
VirusBuster 4.3.26:9 2007.11.11 -
[B]Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Crypt.XPACK.Gen[/B]
Additional information
File size: 34996 bytes
MD5: 44756a3999721a52824dfa08bac23667
SHA1: 7552fdf49871c8196869d74a5d8876d1b3107ce5

[size="1"][color="#666686"][B][I]Добавлено через 23 минуты[/I][/B][/color][/size]

File svshost.dll received on 11.12.2007 15:09:35 (CET)
Current status: finished
Result: 22/32 (68.75%)
Compact
Print results Antivirus Version Last Update Result
[B]AhnLab-V3 2007.11.12.0 2007.11.12 Win-Trojan Downloader.2560.DC[/B]
[B]AntiVir 7.6.0.34 2007.11.12 BDS/Small.ckm.2[/B]
Authentium 4.93.8 2007.11.10 -
[B]Avast 4.7.1074.0 2007.11.11 Win32:Small-CHC
AVG 7.5.0.503 2007.11.11 BackDoor.Generic8.TVW[/B]
BitDefender 7.2 2007.11.12 -
[B]CAT-QuickHeal 9.00 2007.11.12 Backdoor.Small.ckm[/B]
ClamAV 0.91.2 2007.11.12 -
[B]DrWeb 4.44.0.09170 2007.11.12 Trojan.DownLoader.34918[/B]
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5289 2007.11.12 -
[B]Ewido 4.0 2007.11.12 Backdoor.Small.ckm
FileAdvisor 1 2007.11.12 High threat detected
Fortinet 3.11.0.0 2007.10.19 W32/Small.CKM!tr.bdr
F-Prot 4.4.2.54 2007.11.10 W32/Backdoor.CAAF
F-Secure 6.70.13030.0 2007.11.12 Backdoor.Win32.Small.ckm
Ikarus T3.1.1.12 2007.11.12 Backdoor.Win32.Small.ckm
Kaspersky 7.0.0.125 2007.11.12 Backdoor.Win32.Small.ckm
McAfee 5160 2007.11.09 PWS-LDPinch[/B]
Microsoft 1.3007 2007.11.12 -
[B]NOD32v2 2653 2007.11.12 Win32/Small.CLQ[/B]
Norman 5.80.02 2007.11.09 -
[B]Panda 9.0.0.4 2007.11.11 Bck/Agent.GWZ[/B]
Prevx1 V2 2007.11.12 -
[B]Rising 20.18.02.00 2007.11.12 Backdoor.Win32.Small.ckm
Sophos 4.23.0 2007.11.12 Mal/Generic-A
Sunbelt 2.2.907.0 2007.11.09 Backdoor.Win32.Small.ckm[/B]
Symantec 10 2007.11.12 -
[B]TheHacker 6.2.9.124 2007.11.12 Backdoor/Small.ckm
VBA32 3.12.2.4 2007.11.11 Backdoor.Win32.Small.ckm[/B]
VirusBuster 4.3.26:9 2007.11.11 -
[B]Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Small.ckm.2[/B]
Additional information
File size: 2560 bytes
MD5: fe494cf81dafa9cde8dfe85231566aeb
SHA1: 372d71ff2f9a77b34ab0414b6ecbe4c8b650ca34
Bit9 info: [url]http://fileadvisor.bit9.com/services/extinfo.aspx?md5=fe494cf81dafa9cde8dfe85231566aeb[/url]

[size="1"][color="#666686"][B][I]Добавлено через 2 минуты[/I][/B][/color][/size]

File t0.dll received on 11.12.2007 15:09:26 (CET)
Current status: finished
Result: 20/32 (62.5%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.11.12.0 2007.11.12 -
[B]AntiVir 7.6.0.34 2007.11.12 TR/Dldr.Agent.dda[/B]
Authentium 4.93.8 2007.11.10 -
[B]Avast 4.7.1074.0 2007.11.11 Win32:Agent-LOO
AVG 7.5.0.503 2007.11.11 Generic8.HES
BitDefender 7.2 2007.11.12 Generic.Malware.Fdld.A516C50D[/B]
CAT-QuickHeal 9.00 2007.11.12 -
[B]ClamAV 0.91.2 2007.11.12 Trojan.Agent-8747
DrWeb 4.44.0.09170 2007.11.12 Trojan.DownLoader.35253[/B]
eSafe 7.0.15.0 2007.11.08 -
[B]eTrust-Vet 31.2.5289 2007.11.12 Win32/Ralpsa.A[/B]
Ewido 4.0 2007.11.12 -
FileAdvisor 1 2007.11.12 -
[B]Fortinet 3.11.0.0 2007.10.19 Heuri.E[/B]
F-Prot 4.4.2.54 2007.11.10 -
[B]F-Secure 6.70.13030.0 2007.11.12 Trojan.Win32.Agent.bvn
Ikarus T3.1.1.12 2007.11.12 Trojan-Downloader.Win32.Agent.but
Kaspersky 7.0.0.125 2007.11.12 Trojan.Win32.Agent.bvn[/B]
McAfee 5160 2007.11.09 -
[B]Microsoft 1.3007 2007.11.12 Trojan:Win32/Agent.ADA
NOD32v2 2653 2007.11.12 Win32/TrojanDownloader.Agent.NSB[/B]
Norman 5.80.02 2007.11.09 -
[B]Panda 9.0.0.4 2007.11.11 Suspicious file[/B]
Prevx1 V2 2007.11.12 -
[B]Rising 20.18.02.00 2007.11.12 Trojan.Win32.Agent.bvn
Sophos 4.23.0 2007.11.12 Mal/Heuri-E
Sunbelt 2.2.907.0 2007.11.09 Trojan.Win32/Agent.ADA[/B]
Symantec 10 2007.11.12 -
[B]TheHacker 6.2.9.124 2007.11.12 Trojan/Agent.bvn
VBA32 3.12.2.4 2007.11.11 Trojan.Win32.Agent.bvn[/B]
VirusBuster 4.3.26:9 2007.11.11 -
[B]Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Dldr.Agent.dda[/B]
Additional information
File size: 30208 bytes
MD5: 0866b8b38b4b3b35cc4175161ca39f8f
SHA1: 3dfd5c6f2d232bc89a97feeb9ab2ab16cc1bb863
packers: UPX
packers: UPX
packers: UPX
packers: PE_Patch.UPX, UPX

[size="1"][color="#666686"][B][I]Добавлено через 5 минут[/I][/B][/color][/size]

File wininet.exe received on 11.12.2007 15:35:16 (CET)
Current status: finished
Result: 12/32 (37.5%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.11.12.0 2007.11.12 -
[B]AntiVir 7.6.0.34 2007.11.12 DR/Delphi.Gen[/B]
Authentium 4.93.8 2007.11.10 -
Avast 4.7.1074.0 2007.11.11 -
[B]AVG 7.5.0.503 2007.11.11 SHeur.TKA
BitDefender 7.2 2007.11.12 Trojan.PWS.LDPinch.TDF
CAT-QuickHeal 9.00 2007.11.12 Backdoor.Small.clh[/B]
ClamAV 0.91.2 2007.11.12 -
[B]DrWeb 4.44.0.09170 2007.11.12 Trojan.Packed.194[/B]
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5289 2007.11.12 -
Ewido 4.0 2007.11.12 -
FileAdvisor 1 2007.11.12 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.10 -
[B]F-Secure 6.70.13030.0 2007.11.12 Backdoor.Win32.Small.clh
Ikarus T3.1.1.12 2007.11.12 Trojan-PWS.LDPinch.TDF
Kaspersky 7.0.0.125 2007.11.12 Backdoor.Win32.Small.clh[/B]
McAfee 5160 2007.11.09 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2653 2007.11.12 -
Norman 5.80.02 2007.11.09 -
[B]Panda 9.0.0.4 2007.11.11 Trj/Downloader.MDW[/B]
Prevx1 V2 2007.11.12 -
Rising 20.18.02.00 2007.11.12 -
[B]Sophos 4.23.0 2007.11.12 Mal/Dropper-T[/B]
Sunbelt 2.2.907.0 2007.11.09 -
Symantec 10 2007.11.12 -
TheHacker 6.2.9.124 2007.11.12 -
[B]VBA32 3.12.2.4 2007.11.11 Backdoor.Win32.Small.clh[/B]
VirusBuster 4.3.26:9 2007.11.12 -
[B]Webwasher-Gateway 6.0.1 2007.11.12 Trojan.Delphi.Gen[/B]
Additional information
File size: 23040 bytes
MD5: 71c7320afc1221ead1c548702e9975e9
SHA1: f3394fe1c2cc18f4c4d149c7deb478a085fcbc93
13.11.2007, 06:27
TANUKI

Файл DbEditor.exe получен 2007.11.13 03:48:00 (CET)

[B]Avast 4.7.1074.0 2007.11.12 Win32:Weed
AVG 7.5.0.503 2007.11.12 Win32/Tvido
BitDefender 7.2 2007.11.13 Win32.Tvido.A
ClamAV 0.91.2 2007.11.12 W32.Dwee-1
DrWeb 4.44.0.09170 2007.11.12 Win32.Dwee.3029
F-Secure 6.70.13030.0 2007.11.13 Virus.Win32.Tvido.a
Ikarus T3.1.1.12 2007.11.13 Virus.Win32.Tvido.a
Kaspersky 7.0.0.125 2007.11.13 Virus.Win32.Tvido.a
Norman 5.80.02 2007.11.12 W32/NetworkWorm.BWC
Prevx1 V2 2007.11.13 GENERIC.MALWARE
Sunbelt 2.2.907.0 2007.11.13 VIPRE.Suspicious
VBA32 3.12.2.4 2007.11.11 Virus.Win32.Olm[/B]

File size: 733696 bytes
MD5: b3b5eb8c143ed29238b30771709ad27b
SHA1: f9d5c911f3aa840695a101371e090bb393ebf9bb

П.С. Утверждается, что это белорусский вирус :)
13.11.2007, 07:14
ISO

Прыгает на флешку вместе с файликом autorun.inf с заражённого системника, в системе в system32 есть ещё его близнецы под другими именами svshost.exe и tskmgr.exe.
File NTDETECT.EXE received on 11.13.2007 04:58:16 (CET)
Current status: finished
Result: 17/32 (53.13%)
Compact
Print results Antivirus Version Last Update Result
AhnLab-V3 2007.11.13.0 2007.11.13 -
[B]AntiVir 7.6.0.34 2007.11.13 TR/PSW.Webmoner.T
Authentium 4.93.8 2007.11.13 Possibly a new variant of W32/Threat-SysVenFak-based!Maximus
Avast 4.7.1074.0 2007.11.12 Win32:Trojan-gen {Other}
AVG 7.5.0.503 2007.11.12 PSW.Generic5.MUQ
BitDefender 7.2 2007.11.13 BehavesLike:Win32.Malware[/B]
CAT-QuickHeal 9.00 2007.11.12 -
ClamAV 0.91.2 2007.11.12 -
[B]DrWeb 4.44.0.09170 2007.11.12 Win32.HLLW.Money.4[/B]
eSafe 7.0.15.0 2007.11.08 -
eTrust-Vet 31.2.5290 2007.11.12 -
[B]Ewido 4.0 2007.11.12 Trojan.WebMoner.t[/B]
FileAdvisor 1 2007.11.13 -
[B]Fortinet 3.11.0.0 2007.10.19 W32/WebMoner.T!tr.pws
F-Prot 4.4.2.54 2007.11.13 W32/Threat-SysVenFak-based!Maximus
F-Secure 6.70.13030.0 2007.11.13 Trojan-PSW.Win32.WebMoner.t
Ikarus T3.1.1.12 2007.11.13 Trojan-PWS.Win32.WebMoner.t
Kaspersky 7.0.0.125 2007.11.13 Trojan-PSW.Win32.WebMoner.t[/B]
McAfee 5161 2007.11.12 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2653 2007.11.12 -
[B]Norman 5.80.02 2007.11.12 W32/Malware.ATTE
Panda 9.0.0.4 2007.11.13 Trj/WebMoner.AH[/B]
Prevx1 V2 2007.11.13 -
[B]Rising 20.18.02.00 2007.11.12 Trojan.PSW.Win32.WebMoner.t[/B]
Sophos 4.23.0 2007.11.13 -
Sunbelt 2.2.907.0 2007.11.13 -
Symantec 10 2007.11.13 -
TheHacker 6.2.9.124 2007.11.13 -
[B]VBA32 3.12.2.4 2007.11.11 Trojan-PSW.Win32.WebMoner.t[/B]
VirusBuster 4.3.26:9 2007.11.12 -
[B]Webwasher-Gateway 6.0.1 2007.11.13 Trojan.PSW.Webmoner.T[/B]
Additional information
File size: 555520 bytes
MD5: 4de4cb50b8f3e41e9a123aafcdece965
SHA1: 40f1ee09b497b5429bd9a63618bf66175d08b684
15.11.2007, 21:51
mayas

File setup.exe received on 11.15.2007 19:37:48 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.16.0 2007.11.15 -
[B]AntiVir 7.6.0.34 2007.11.15 Worm/Feebs.LQ[/B]
Authentium 4.93.8 2007.11.15 -
Avast 4.7.1074.0 2007.11.14 -
[I][B]AVG 7.5.0.503 2007.11.15 Dropper.Generic.RVO[/B][/I]
BitDefender 7.2 2007.11.15 -
[B]CAT-QuickHeal 9.00 2007.11.15 Worm.Feebs.lq[/B]
ClamAV 0.91.2 2007.11.15 -
DrWeb 4.44.0.09170 2007.11.15 -
[I]eSafe 7.0.15.0 2007.11.14 Suspicious File[/I]
[B]eTrust-Vet 31.2.5297 2007.11.15 Win32/Feeb.CK[/B]
Ewido 4.0 2007.11.15 -
FileAdvisor 1 2007.11.15 -
Fortinet 3.11.0.0 2007.10.19 -
[B]F-Prot 4.4.2.54 2007.11.14 W32/Heuristic-162!Eldorado[/B]
[B]F-Secure 6.70.13030.0 2007.11.15 Worm.Win32.Feebs.lq
Ikarus T3.1.1.12 2007.11.15 Worm.Win32.Feebs.lq
Kaspersky 7.0.0.125 2007.11.15 Worm.Win32.Feebs.lq[/B]
McAfee 5164 2007.11.15 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2660 2007.11.15 -
[I][B][I]Norman 5.80.02 2007.11.15 W32/Suspicious_U.gen[/I][/B][/I]
Panda 9.0.0.4 2007.11.15 -
Prevx1 V2 2007.11.15 -
Rising 20.18.31.00 2007.11.15 -
[I][B]Sophos 4.23.0 2007.11.15 Mal/Generic-A[/B][/I]
Sunbelt 2.2.907.0 2007.11.15 -
[B]Symantec 10 2007.11.15 Downloader[/B]
[B]TheHacker 6.2.9.129 2007.11.15 W32/Feebs.lq[/B]
[B]VBA32 3.12.2.5 2007.11.15 suspected of MalwareScope.Worm.Feebs.1 (paranoid heuristics)[/B]
VirusBuster 4.3.26:9 2007.11.15 -
[B]Webwasher-Gateway 6.0.1 2007.11.15 Worm.Feebs.LQ[/B]
Additional information
File size: 104448 bytes
MD5: a35a450fd2cb571706bcb88588ec297a
SHA1: 905845fdbfcec5158a209e052e9ef245f1b42704
packers: embedded, UPack
17.11.2007, 11:57
Макcим

Файл setup.exe получен 2007.11.17 09:46:11 (CET)[QUOTE][B]AVG 7.5.0.503 2007.11.17 Downloader.Zlob.LI
BitDefender 7.2 2007.11.17 Trojan.Zlob.3.Gen
ClamAV 0.91.2 2007.11.17 Trojan.Dropper-2529
DrWeb 4.44.0.09170 2007.11.17 Trojan.Popuper.5033
Kaspersky 7.0.0.125 2007.11.17 Trojan-Downloader.Win32.Zlob.ejb
Microsoft 1.3007 2007.11.17 Trojan:Win32/Zlob.ZWC
Prevx1 V2 2007.11.17 Generic.Dropper.xCodec[/B][/QUOTE]Дополнительная информация
File size: 80637 bytes
MD5: 08787184519921376ae697f2be02c4d0
SHA1: 8a54d890603dd38d73be3a40d6fc131b6ad3ecb9
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=EF31DB76FDB74D223A3001340E34E700EA581B4E[/url]

Файл vip.exe получен 2007.11.17 07:49:03 (CET)[QUOTE][B]AntiVir 7.6.0.34 2007.11.16 HEUR/Malware
BitDefender 7.2 2007.11.17 Generic.Malware.P!Yd!dldPk!.876CD84A
CAT-QuickHeal 9.00 2007.11.16 (Suspicious) - DNAScan
DrWeb 4.44.0.09170 2007.11.16 Trojan.DownLoader.origin
eSafe 7.0.15.0 2007.11.14 suspicious Trojan/Worm
Ikarus T3.1.1.12 2007.11.17 Packed.Win32.Klone.af
McAfee 5165 2007.11.16 New Malware.u
NOD32v2 2665 2007.11.17 probably unknown NewHeur_PE virus
Norman 5.80.02 2007.11.16 W32/Suspicious_N.gen
Panda 9.0.0.4 2007.11.17 Suspicious file
Sophos 4.23.0 2007.11.17 Mal/Packer
TheHacker 6.2.9.132 2007.11.16 W32/Behav-Heuristic-067
VirusBuster 4.3.26:9 2007.11.16 Packed/NSPack
Webwasher-Gateway 6.0.1 2007.11.16 Heuristic.Malware[/B][/QUOTE]Дополнительная информация
File size: 21752 bytes
MD5: c59d448179d6c93cff1156930fe785f4
SHA1: 9f4314678df4e508df468c031325e32b5f2fce39
packers: NSPack, PE_Patch
packers: NSPack

Файл Downloader.exe получен 2007.11.17 07:48:58 (CET)[QUOTE][B]NOD32v2 2665 2007.11.17 a variant of Win32/BHO.NAT
Prevx1 V2 2007.11.17 SPYWARE.BANKER.CPV
Sophos 4.23.0 2007.11.17 Mal/Behav-112[/B][/QUOTE]Дополнительная информация
File size: 28672 bytes
MD5: 8456eabd2c67871b50baecb6c442f1e6
SHA1: 85013163fbfe7003f47c55eb5f7e981d3670f8a6
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=77A9513500E0218870C500E968E88F00D35F0C43[/url]

Файл load.exe получен 2007.11.17 07:33:58 (CET)[QUOTE][B]AntiVir 7.6.0.34 2007.11.16 TR/Spy.Bancos.aam.43
AVG 7.5.0.503 2007.11.17 SHeur.ZRY
BitDefender 7.2 2007.11.17 MemScan:Trojan.Spy.Bancos.AAM
CAT-QuickHeal 9.00 2007.11.16 Backdoor.Hupigon.wgk
eSafe 7.0.15.0 2007.11.14 Suspicious File
F-Secure 6.70.13030.0 2007.11.16 Backdoor.Win32.Hupigon.wgk
Ikarus T3.1.1.12 2007.11.17 Trojan-Spy.Win32.Bancos.aam
Kaspersky 7.0.0.125 2007.11.17 Backdoor.Win32.Hupigon.wgk
Norman 5.80.02 2007.11.16 W32/Agent.DGQE
Prevx1 V2 2007.11.17 SPYWARE.BANCOS.AAM
Rising 20.18.40.00 2007.11.16 Backdoor.Win32.Gpigeon.wgk
Sophos 4.23.0 2007.11.17 Mal/Behav-164
Sunbelt 2.2.907.0 2007.11.17 Trojan-Spy.Bancos.AAM
Symantec 10 2007.11.17 Infostealer.Notos!gen
TheHacker 6.2.9.132 2007.11.16 Backdoor/Agent.cpw
Webwasher-Gateway 6.0.1 2007.11.16 Trojan.Spy.Bancos.aam.43[/B][/QUOTE]Дополнительная информация
File size: 42496 bytes
MD5: d2f651be01c553c5e49547749f9ab7d1
SHA1: 490b2edd810ccfb864e1243f15560fbf5dba5416
Prevx info: [url]http://fileinfo.prevx.com/fileinfo.asp?PX5=7CF6B2470024E050A6990012CA13400029304EC5[/url]
18.11.2007, 10:48
rubin

Все файлы получены 17.11.2007 в 20:15.
ssqqoon.dll - [b]not-a-virus:AdWare.Win32.Virtumonde.aqr[/b]

[b]AntiVir 7.6.0.34 2007.11.16 ADSPY/Virtumond.afb
AVG 7.5.0.503 2007.11.17 BHO.CNT
eSafe 7.0.15.0 2007.11.14 Suspicious File
F-Secure 6.70.13030.0 2007.11.17 Vundo.gen42
NOD32v2 2665 2007.11.17 Win32/Adware.Virtumonde
Norman 5.80.02 2007.11.16 Vundo.gen42
Prevx1 V2 2007.11.17 SpywareQuake
Sunbelt 2.2.907.0 2007.11.17 Virtumonde
VirusBuster 4.3.26:9 2007.11.17 Adware.Vundo.V.Gen
Webwasher-Gateway 6.0.1 2007.11.16 Ad-Spyware.Virtumond.afb[/b]

rspakidr.dll - [b]Trojan.Win32.BHO.xp[/b]
[b]
AVG 7.5.0.503 2007.11.17 Lop
eSafe 7.0.15.0 2007.11.14 Suspicious File
McAfee 5165 2007.11.16 Vundo
Panda 9.0.0.4 2007.11.17 Suspicious file
VirusBuster 4.3.26:9 2007.11.17 Adware.Vundo.V.Gen
Webwasher-Gateway 6.0.1 2007.11.16 Win32.Malware.gen (suspicious)[/b]

rjxhdalz.dll - [b]not-a-virus:AdWare.Win32.SecToolBar.o[/b]
[b]
AntiVir 7.6.0.34 2007.11.16 TR/BHO.Agent.AW
AVG 7.5.0.503 2007.11.17 Obfustat.YUY
BitDefender 7.2 2007.11.17 Adware.Virtumonde.GHK
eSafe 7.0.15.0 2007.11.14 Suspicious File
NOD32v2 2665 2007.11.17 Win32/Adware.SecToolbar
Norman 5.80.02 2007.11.16 Vundo.gen50
Panda 9.0.0.4 2007.11.17 Adware/BestSellerAV
Prevx1 V2 2007.11.17 Trojan.Vundo[/b]

ddaya.dll - [b]not-a-virus:AdWare.Win32.Virtumonde.aqq[/b]
[b]
AntiVir 7.6.0.34 2007.11.16 ADSPY/Virtumond.afa
AVG 7.5.0.503 2007.11.17 BHO.CNF
F-Secure 6.70.13030.0 2007.11.17 Vundo.gen49
NOD32v2 2665 2007.11.17 Win32/Adware.Virtumonde
Norman 5.80.02 2007.11.16 Vundo.gen49
Panda 9.0.0.4 2007.11.17 Spyware/Virtumonde
Prevx1 V2 2007.11.17 Rogue.Winfixer
VirusBuster 4.3.26:9 2007.11.17 Adware.Vundo.V.Gen
Webwasher-Gateway 6.0.1 2007.11.16 Ad-Spyware.Virtumond.afa
Symantec 10 2007.11.17 Trojan.Metajuan
VirusBuster 4.3.26:9 2007.11.17 Adware.Vundo.V.Gen
Webwasher-Gateway 6.0.1 2007.11.16 Trojan.BHO.Agent.AW[/b]
19.11.2007, 18:55
rubin

C:\WINDOWS\TEMP\winlogon.exe

File avz00001.dta received on 11.19.2007 16:42:55 (CET)
Current status: finished
Result: 4/32 (12.5%)

AhnLab-V3 2007.11.19.0 2007.11.19 -
AntiVir 7.6.0.34 2007.11.19 -
Authentium 4.93.8 2007.11.19 -
Avast 4.7.1074.0 2007.11.19 -
[b]AVG 7.5.0.503 2007.11.19 Obfustat.ZYG[/b]
BitDefender 7.2 2007.11.19 -
CAT-QuickHeal 9.00 2007.11.19 -
ClamAV 0.91.2 2007.11.19 -
[b]DrWeb 4.44.0.09170 2007.11.19 Trojan.Packed.194[/b]
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5308 2007.11.19 -
Ewido 4.0 2007.11.19 -
FileAdvisor 1 2007.11.19 -
Fortinet 3.11.0.0 2007.11.19 -
F-Prot 4.4.2.54 2007.11.18 -
F-Secure 6.70.13030.0 2007.11.19 -
[b]Ikarus T3.1.1.12 2007.11.19 Virus.Win32.Zapchast.DA[/b]
Kaspersky 7.0.0.125 2007.11.19 -
McAfee 5165 2007.11.16 -
Microsoft 1.3007 2007.11.19 -
NOD32v2 2668 2007.11.19 -
Norman 5.80.02 2007.11.19 -
Panda 9.0.0.4 2007.11.18 -
Prevx1 V2 2007.11.19 -
Rising 20.19.00.00 2007.11.19 -
[b]Sophos 4.23.0 2007.11.19 Mal/Dropper-T[/b]
Sunbelt 2.2.907.0 2007.11.17 -
Symantec 10 2007.11.19 -
TheHacker 6.2.9.133 2007.11.17 -
VBA32 3.12.2.5 2007.11.19 -
VirusBuster 4.3.26:9 2007.11.18 -
Webwasher-Gateway 6.0.1 2007.11.19 -
Additional information
File size: 43520 bytes
MD5: 6a44352812e6032ab81be334ddb8b5d7
SHA1: 1b8db08d55cb2dd5396204eeeae9c452c4235855
20.11.2007, 15:03
Shu_b

[B]Maxim, TANUKI, rubin[/B]

Большая просьба не резать, и публиковать полный лог.
(очень трудно обрабатывать)
21.11.2007, 01:15
urbanangel

File Firefox_Setup_3.0_Beta_1.rar received on 11.20.2007 22:51:50 (CET)
Current status: finished
Result: 3/32 (9.38%)

Antivirus Version Last Update Result
AhnLab-V3 2007.11.21.0 2007.11.20 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.20 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.20 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.20 -
[B]DrWeb 4.44.0.09170 2007.11.20 Trojan.MulDrop.9120[/B]
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5312 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.20 -
Fortinet 3.11.0.0 2007.11.20 -
F-Prot 4.4.2.54 2007.11.19 -
F-Secure 6.70.13030.0 2007.11.20 -
Ikarus T3.1.1.12 2007.11.20 -
Kaspersky 7.0.0.125 2007.11.20 -
McAfee 5167 2007.11.20 -
Microsoft 1.3007 2007.11.20 -
NOD32v2 2673 2007.11.20 -
Norman 5.80.02 2007.11.20 -
[B]Panda 9.0.0.4 2007.11.20 Suspicious file[/B]
Prevx1 V2 2007.11.20 -
Rising 20.19.10.00 2007.11.20 -
Sophos 4.23.0 2007.11.20 -
Sunbelt 2.2.907.0 2007.11.20 -
Symantec 10 2007.11.20 -
TheHacker 6.2.9.135 2007.11.20 -
[B]VBA32 3.12.2.5 2007.11.20 Trojan.MulDrop.9120[/B]
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.20 -
Additional information
File size: 6721731 bytes
MD5: d31848f71c6318613182766c46ff4de4
SHA1: b4826b751423dbd9a5ee0ed13210f3b1f1b9ae08
packers: PE_Patch, MewBundle, MEW

А вот, представляющая интерес выдержка из лога ESET Smart Security 3.0.563.0 на запуск этого инсталлятора

21.11.2007 0:46:25 Real-time file system protection file C:\DOCUME~1\Maxim\LOCALS~1\Temp\Setup.exe [B]probably a variant of Win32/TrojanDropper.Agent.NGU trojan[/B] cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Downloads\Firefox_Setup_3.0_Beta_1\Firefox Setup 3.0 Beta 1.exe.
21.11.2007, 09:13
Shu_b

t=14256
[CODE]File CProCtrl.sys received on 11.21.2007 06:19:13 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.21.0 2007.11.21 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.21 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.21 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.21 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5312 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.21 -
Fortinet 3.14.0.0 2007.11.21 -
[B]F-Prot 4.4.2.54 2007.11.21 W32/Cinmus.E.gen!Eldorado[/B]
F-Secure 6.70.13030.0 2007.11.21 -
Ikarus T3.1.1.12 2007.11.21 -
[B]Kaspersky 7.0.0.125 2007.11.21 Rootkit.Win32.Agent.oy[/B]
McAfee 5167 2007.11.20 -
Microsoft 1.3007 2007.11.21 -
NOD32v2 2674 2007.11.21 -
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.21 -
Prevx1 V2 2007.11.21 -
Rising 20.19.12.00 2007.11.21 -
Sophos 4.23.0 2007.11.21 -
Sunbelt 2.2.907.0 2007.11.21 -
Symantec 10 2007.11.21 -
TheHacker 6.2.9.135 2007.11.20 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.21 -
Additional information
File size: 46080 bytes
MD5: 24a2d8c156acfadc224a71b900a3c6e0
SHA1: 375e69af3cb6b79d454c44ee9ab5989431553eef[/CODE]
t=14392
[CODE]File ntos.exe received on 11.21.2007 06:14:17 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2007.11.21.0 2007.11.21 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.21 -
Avast 4.7.1074.0 2007.11.20 -
[B]AVG 7.5.0.503 2007.11.20 SHeur.ACHW[/B]
BitDefender 7.2 2007.11.21 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.21 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5312 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.21 -
Fortinet 3.14.0.0 2007.11.21 -
F-Prot 4.4.2.54 2007.11.21 -
F-Secure 6.70.13030.0 2007.11.21 -
Ikarus T3.1.1.12 2007.11.21 -
[B]Kaspersky 7.0.0.125 2007.11.21 Trojan-Spy.Win32.Zbot.cz[/B]
McAfee 5167 2007.11.20 -
Microsoft 1.3007 2007.11.21 -
NOD32v2 2674 2007.11.21 -
Norman 5.80.02 2007.11.20 -
[B]Panda 9.0.0.4 2007.11.21 Suspicious file[/B]
Prevx1 V2 2007.11.21 -
Rising 20.19.12.00 2007.11.21 -
Sophos 4.23.0 2007.11.21 -
Sunbelt 2.2.907.0 2007.11.21 -
Symantec 10 2007.11.21 -
TheHacker 6.2.9.135 2007.11.20 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
[B]Webwasher-Gateway 6.0.1 2007.11.21 Win32.Malware.gen (suspicious)[/B]
Additional information
File size: 442880 bytes
MD5: 6bd9797f295b737b683dac169ff73169
SHA1: e3e10814e1a4784eb6e186db0b06259f3c415cec[/CODE]
21.11.2007, 14:54
rubin

t=14405
[code]File avz00007.dta received on 11.21.2007 12:33:17 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.11.21.1 2007.11.21 -
[b]AntiVir 7.6.0.34 2007.11.21 TR/Crypt.XPACK.Gen[/b]
Authentium 4.93.8 2007.11.21 -
Avast 4.7.1074.0 2007.11.20 -
[b]AVG 7.5.0.503 2007.11.21 Crypt.F
BitDefender 7.2 2007.11.21 Trojan.AVKiller.AW
CAT-QuickHeal 9.00 2007.11.20 (Suspicious) - DNAScan[/b]
ClamAV 0.91.2 2007.11.21 -
[b]DrWeb 4.44.0.09170 2007.11.21 Trojan.MulDrop.8347
eSafe 7.0.15.0 2007.11.14 Suspicious File[/b]
eTrust-Vet 31.3.5313 2007.11.21 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.21 -
Fortinet 3.14.0.0 2007.11.21 -
F-Prot 4.4.2.54 2007.11.21 -
F-Secure 6.70.13030.0 2007.11.21 -
Ikarus T3.1.1.12 2007.11.21 -
Kaspersky 7.0.0.125 2007.11.21 -
[b]McAfee 5167 2007.11.20 Tcad-Crypted
Microsoft 1.3007 2007.11.21 TrojanDownloader:Win32/Small.gen!AAM[/b]
NOD32v2 2674 2007.11.21 -
Norman 5.80.02 2007.11.20 -
[b]Panda 9.0.0.4 2007.11.21 Suspicious file[/b]
Prevx1 V2 2007.11.21 -
[b]Rising 20.19.20.00 2007.11.21 Trojan.DL.Win32.Small.evl
Sophos 4.23.0 2007.11.21 Mal/Basine-C[/b]
Sunbelt 2.2.907.0 2007.11.21 -
Symantec 10 2007.11.21 -
TheHacker 6.2.9.135 2007.11.20 -
VBA32 3.12.2.5 2007.11.20 -
[b]VirusBuster 4.3.26:9 2007.11.21 Trojan.DR.Dirat.Gen
Webwasher-Gateway 6.0.1 2007.11.21 Trojan.Crypt.XPACK.Gen[/b]

Additional information
File size: 12395 bytes
MD5: af63e4eb1ddba00377bf939fec099b6b
SHA1: d3efd43be9e2b0b8e32f4112099cac37ebd5f7c0[/code]

[code]File avz00002.dta received on 11.21.2007 12:34:07 (CET)Antivirus Version Last Update Result
AhnLab-V3 2007.11.21.1 2007.11.21 -
AntiVir 7.6.0.34 2007.11.21 -
Authentium 4.93.8 2007.11.21 -
Avast 4.7.1074.0 2007.11.20 -
[b]AVG 7.5.0.503 2007.11.21 SHeur.ACTR[/b]
BitDefender 7.2 2007.11.21 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.21 -
DrWeb 4.44.0.09170 2007.11.21 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5313 2007.11.21 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.21 -
Fortinet 3.14.0.0 2007.11.21 -
F-Prot 4.4.2.54 2007.11.21 -
F-Secure 6.70.13030.0 2007.11.21 -
Ikarus T3.1.1.12 2007.11.21 -
Kaspersky 7.0.0.125 2007.11.21 -
McAfee 5167 2007.11.20 -
[b]Microsoft 1.3007 2007.11.21 Spammer:Win32/Tedroo.B
NOD32v2 2674 2007.11.21 Win32/TrojanProxy.Small.NBD[/b]
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.21 -
Prevx1 V2 2007.11.21 -
Rising 20.19.20.00 2007.11.21 -
Sophos 4.23.0 2007.11.21 -
Sunbelt 2.2.907.0 2007.11.21 -
Symantec 10 2007.11.21 -
TheHacker 6.2.9.135 2007.11.20 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.21 -
Webwasher-Gateway 6.0.1 2007.11.21 -

Additional information
File size: 32768 bytes
MD5: 8c10f9134e5a7d16aa5697de32c9d1d9
SHA1: abe50820c9b8353a6d71d180877a7f1075839f13[/code]

Показывать 40 сообщений этой темы на одной странице

Текущее время: 13:24. Часовой пояс GMT +3.

Page generated in 0.00959 seconds with 10 queries